forked from sigstore/root-signing
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
build(deps): Bump the actions group across 1 directory with 11 updates #112
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps the actions group with 11 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.7` | `4.2.1` | | [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `6.1.0` | `6.1.1` | | [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.54.0` | `1.57.0` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.6.0` | `3.7.0` | | [theupdateframework/tuf-on-ci](https://github.com/theupdateframework/tuf-on-ci) | `0.12.0` | `0.13.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.6` | `4.4.2` | | [actions/setup-node](https://github.com/actions/setup-node) | `4.0.3` | `4.0.4` | | [actions/setup-java](https://github.com/actions/setup-java) | `4.2.2` | `4.4.0` | | [google-github-actions/auth](https://github.com/google-github-actions/auth) | `2.1.4` | `2.1.6` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.17.1` | `0.17.2` | | [actions/cache](https://github.com/actions/cache) | `4.0.2` | `4.1.1` | Updates `actions/checkout` from 4.1.7 to 4.2.1 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@692973e...eef6144) Updates `golangci/golangci-lint-action` from 6.1.0 to 6.1.1 - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@aaa42aa...971e284) Updates `reviewdog/action-actionlint` from 1.54.0 to 1.57.0 - [Release notes](https://github.com/reviewdog/action-actionlint/releases) - [Commits](reviewdog/action-actionlint@4f8f996...7eeec1d) Updates `sigstore/cosign-installer` from 3.6.0 to 3.7.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@4959ce0...dc72c7d) Updates `theupdateframework/tuf-on-ci` from 0.12.0 to 0.13.0 - [Release notes](https://github.com/theupdateframework/tuf-on-ci/releases) - [Changelog](https://github.com/theupdateframework/tuf-on-ci/blob/main/docs/CHANGELOG.md) - [Commits](theupdateframework/tuf-on-ci@89d2dad...27c49c0) Updates `actions/upload-artifact` from 4.3.6 to 4.4.2 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@834a144...8448086) Updates `actions/setup-node` from 4.0.3 to 4.0.4 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@1e60f62...0a44ba7) Updates `actions/setup-java` from 4.2.2 to 4.4.0 - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](actions/setup-java@6a0805f...b36c23c) Updates `google-github-actions/auth` from 2.1.4 to 2.1.6 - [Release notes](https://github.com/google-github-actions/auth/releases) - [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md) - [Commits](google-github-actions/auth@f112390...8254fb7) Updates `anchore/sbom-action` from 0.17.1 to 0.17.2 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](anchore/sbom-action@ab9d16d...61119d4) Updates `actions/cache` from 4.0.2 to 4.1.1 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@0c45773...3624ceb) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: reviewdog/action-actionlint dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: theupdateframework/tuf-on-ci dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: google-github-actions/auth dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
Pull requests that update a dependency file
github_actions
Pull requests that update GitHub Actions code
labels
Oct 9, 2024
Superseded by #113. |
dependabot
bot
deleted the
dependabot/github_actions/actions-dfe878b2dd
branch
October 10, 2024 09:08
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
dependencies
Pull requests that update a dependency file
github_actions
Pull requests that update GitHub Actions code
0 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the actions group with 11 updates in the / directory:
4.1.7
4.2.1
6.1.0
6.1.1
1.54.0
1.57.0
3.6.0
3.7.0
0.12.0
0.13.0
4.3.6
4.4.2
4.0.3
4.0.4
4.2.2
4.4.0
2.1.4
2.1.6
0.17.1
0.17.2
4.0.2
4.1.1
Updates
actions/checkout
from 4.1.7 to 4.2.1Release notes
Sourced from actions/checkout's releases.
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
eef6144
Prepare 4.2.1 release (#1925)6b42224
Add workflow file for publishing releases to immutable action package (#1919)de5a000
Check out other refs/* by commit if provided, fall back to ref (#1924)d632683
Prepare 4.2.0 release (#1878)6d193bf
Bump braces from 3.0.2 to 3.0.3 (#1777)db0cee9
Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1872)b684943
Add Ref and Commit outputs (#1180)2d7d9f7
Provide explanation for where user email came from (#1869)9a9194f
Bump docker/build-push-action from 5.3.0 to 6.5.0 (#1832)dd960bd
Bump docker/login-action in the minor-actions-dependencies group (#1831)Updates
golangci/golangci-lint-action
from 6.1.0 to 6.1.1Release notes
Sourced from golangci/golangci-lint-action's releases.
Commits
971e284
build(deps-dev): bump the dev-dependencies group with 3 updates (#1108)bbe7eb5
build(deps): bump@types/node
from 22.5.5 to 22.7.4 in the dependencies group...ebae5ce
build(deps-dev): bump the dev-dependencies group with 3 updates (#1105)06c3f3a
build(deps): bump@types/node
from 22.5.4 to 22.5.5 in the dependencies group...56689d8
build(deps-dev): bump the dev-dependencies group with 3 updates (#1103)c7bab6f
fix: clean go install output (#1102)33f56cc
build(deps-dev): bump the dev-dependencies group with 3 updates (#1099)e954224
build(deps): bump@types/node
from 22.5.2 to 22.5.4 in the dependencies group...68de804
build(deps): bump@types/node
from 22.5.1 to 22.5.2 in the dependencies group...22a3756
build(deps-dev): bump the dev-dependencies group with 2 updates (#1097)Updates
reviewdog/action-actionlint
from 1.54.0 to 1.57.0Release notes
Sourced from reviewdog/action-actionlint's releases.
Commits
7eeec1d
bump v1.57.05382349
Merge branch 'main' into releases/v1053981c
Merge pull request #144 from reviewdog/depup/actionlintc9fe0dc
chore(deps): update actionlint to 1.7.315a7a47
bump v1.56.0a46f3c8
Merge branch 'main' into releases/v10d91f4e
Merge pull request #141 from reviewdog/depup/actionlintfa360de
chore(deps): update actionlint to 1.7.205c9d7b
bump v1.55.0c698e45
Merge branch 'main' into releases/v1Updates
sigstore/cosign-installer
from 3.6.0 to 3.7.0Release notes
Sourced from sigstore/cosign-installer's releases.
Commits
dc72c7d
bump for latest cosign v2.4.1 release (#173)08bb361
Bump actions/checkout from 4.1.7 to 4.2.0 (#172)Updates
theupdateframework/tuf-on-ci
from 0.12.0 to 0.13.0Release notes
Sourced from theupdateframework/tuf-on-ci's releases.
Changelog
Sourced from theupdateframework/tuf-on-ci's changelog.
... (truncated)
Commits
27c49c0
Release v0.13 (#425)1d84d25
repo: Add workaround for sigstore KMS keyid (#423)317efea
signer: Accept username without @ in config file (#416)91b0eec
build(deps): bump google-github-actions/auth (#412)a100754
repo: Update pinned requirements (#410)f7b5e73
repo: Update pinned requirements (#403)15a5f4b
build(deps): bump tox in /build in the build-dependencies group (#406)Updates
actions/upload-artifact
from 4.3.6 to 4.4.2Release notes
Sourced from actions/upload-artifact's releases.
Commits
8448086
Merge pull request #627 from actions/robherley/v4.4.2b1d4642
add explicit relative and absolute symlinks to workflowd50e660
bump versionaabe6f8
build with@actions/artifact
v2.1.11604373d
Merge pull request #625 from actions/robherley/artifact-2.1.100150148
paste right core versiona009b25
update licenses9f6f6f4
update@actions/core
and@actions/artifact
to latest versions3eadd8b
Merge pull request #621 from actions/Jcambass-patch-1aeba9f7
Add workflow file for publishing releases to immutable action packageUpdates
actions/setup-node
from 4.0.3 to 4.0.4Release notes
Sourced from actions/setup-node's releases.
Commits
0a44ba7
Correct version string (#1124)97ca147
Merge pull request #1125 from actions/add-is-release-workflowaa363de
Create publish-immutable-action.yml1c7b2db
Fix: windows arm64 setup (#1126)26961cf
Documentation update in the README file (#1106)Updates
actions/setup-java
from 4.2.2 to 4.4.0Release notes
Sourced from actions/setup-java's releases.
... (truncated)
Commits
b36c23c
check-dist-failure-fix (#687)40b9536
fix: add arch to cache key (#664)0a40ce6
Add support for Oracle GraalVM (#501)bcfbca5
Merge pull request #684 from actions/Jcambass-patch-178eae79
Add workflow file for publishing releases to immutable action package2dfa201
basic validation failure fix (#682)7467385
feat: add support for SapMachine JDK/JRE (#614)8e04ddf
Update Error Messages and Fix Architecture Detection for IBM Semeru (#677)67fbd72
Fix typos on Corretto (#665) (#666)Updates
google-github-actions/auth
from 2.1.4 to 2.1.6Release notes
Sourced from google-github-actions/auth's releases.
Commits
8254fb7
Release: v2.1.6 (#449)d1b27fe
Add missing log line (#448)c8788cc
Recommendgcloud storage
overgsutil
(#438)62cf5bd
Release: v2.1.5 (#437)0a94a84
Update deps (#436)699582e
fix !project_id error message typo (#435)6384b34
Document ID Token lifetimes (#433)Updates
anchore/sbom-action
from 0.17.1 to 0.17.2Release notes
Sourced from anchore/sbom-action's releases.
Commits
61119d4
chore(deps): update Syft to v1.11.1 (#485)Updates
actions/cache
from 4.0.2 to 4.1.1Release notes
Sourced from actions/cache's releases.
Changelog
Sourced from actions/cache's changelog.
... (truncated)
Commits
3624ceb
Restore original behavior ofcache-hit
output (#1467)2cdf405
Prepare4.1.0
release (#1464)a11fb02
restore action's README now references v4 instead of v3 (#1445)cf7a75e
Fix typo: depening -> depending (#1462)c74ca40
Deprecatesave-always
input (#1452)f8a7ab4
Merge pull request #1463 from actions/Jcambass-patch-145b7be0
Add workflow file for publishing releases to immutable action package81382a7
Merge pull request #1311 from todgru/todgru/v4-documentation-updatec4ee99a
Merge branch 'main' into todgru/v4-documentation-update57b8e40
Clarify that therestore-keys
input is a string in the docs (#1434)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditions