forked from sigstore/root-signing
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
build(deps): Bump the actions group across 1 directory with 13 updates #122
Open
dependabot
wants to merge
1
commit into
main
Choose a base branch
from
dependabot/github_actions/actions-1a03e8dfd9
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps the actions group with 13 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.7` | `4.2.2` | | [actions/setup-go](https://github.com/actions/setup-go) | `5.0.2` | `5.1.0` | | [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `6.1.0` | `6.1.1` | | [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.54.0` | `1.57.0` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.6.0` | `3.7.0` | | [theupdateframework/tuf-on-ci](https://github.com/theupdateframework/tuf-on-ci) | `0.12.0` | `0.13.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.6` | `4.4.3` | | [actions/setup-node](https://github.com/actions/setup-node) | `4.0.3` | `4.1.0` | | [actions/setup-java](https://github.com/actions/setup-java) | `4.2.2` | `4.5.0` | | [google-github-actions/auth](https://github.com/google-github-actions/auth) | `2.1.4` | `2.1.7` | | [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) | `2.1.1` | `2.1.2` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.17.1` | `0.17.6` | | [actions/cache](https://github.com/actions/cache) | `4.0.2` | `4.1.2` | Updates `actions/checkout` from 4.1.7 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@692973e...11bd719) Updates `actions/setup-go` from 5.0.2 to 5.1.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@0a12ed9...41dfa10) Updates `golangci/golangci-lint-action` from 6.1.0 to 6.1.1 - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@aaa42aa...971e284) Updates `reviewdog/action-actionlint` from 1.54.0 to 1.57.0 - [Release notes](https://github.com/reviewdog/action-actionlint/releases) - [Commits](reviewdog/action-actionlint@4f8f996...7eeec1d) Updates `sigstore/cosign-installer` from 3.6.0 to 3.7.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@4959ce0...dc72c7d) Updates `theupdateframework/tuf-on-ci` from 0.12.0 to 0.13.0 - [Release notes](https://github.com/theupdateframework/tuf-on-ci/releases) - [Changelog](https://github.com/theupdateframework/tuf-on-ci/blob/main/docs/CHANGELOG.md) - [Commits](theupdateframework/tuf-on-ci@89d2dad...27c49c0) Updates `actions/upload-artifact` from 4.3.6 to 4.4.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@834a144...b4b15b8) Updates `actions/setup-node` from 4.0.3 to 4.1.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@1e60f62...39370e3) Updates `actions/setup-java` from 4.2.2 to 4.5.0 - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](actions/setup-java@6a0805f...8df1039) Updates `google-github-actions/auth` from 2.1.4 to 2.1.7 - [Release notes](https://github.com/google-github-actions/auth/releases) - [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md) - [Commits](google-github-actions/auth@f112390...6fc4af4) Updates `google-github-actions/setup-gcloud` from 2.1.1 to 2.1.2 - [Release notes](https://github.com/google-github-actions/setup-gcloud/releases) - [Changelog](https://github.com/google-github-actions/setup-gcloud/blob/main/CHANGELOG.md) - [Commits](google-github-actions/setup-gcloud@f099058...6189d56) Updates `anchore/sbom-action` from 0.17.1 to 0.17.6 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](anchore/sbom-action@ab9d16d...251a468) Updates `actions/cache` from 4.0.2 to 4.1.2 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@0c45773...6849a64) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: reviewdog/action-actionlint dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: theupdateframework/tuf-on-ci dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: google-github-actions/auth dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: google-github-actions/setup-gcloud dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
Pull requests that update a dependency file
github_actions
Pull requests that update GitHub Actions code
labels
Oct 31, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
dependencies
Pull requests that update a dependency file
github_actions
Pull requests that update GitHub Actions code
0 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the actions group with 13 updates in the / directory:
4.1.7
4.2.2
5.0.2
5.1.0
6.1.0
6.1.1
1.54.0
1.57.0
3.6.0
3.7.0
0.12.0
0.13.0
4.3.6
4.4.3
4.0.3
4.1.0
4.2.2
4.5.0
2.1.4
2.1.7
2.1.1
2.1.2
0.17.1
0.17.6
4.0.2
4.1.2
Updates
actions/checkout
from 4.1.7 to 4.2.2Release notes
Sourced from actions/checkout's releases.
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
11bd719
Prepare 4.2.2 Release (#1953)e3d2460
Expand unit test coverage (#1946)163217d
url-helper.ts
now leverages well-known environment variables. (#1941)eef6144
Prepare 4.2.1 release (#1925)6b42224
Add workflow file for publishing releases to immutable action package (#1919)de5a000
Check out other refs/* by commit if provided, fall back to ref (#1924)d632683
Prepare 4.2.0 release (#1878)6d193bf
Bump braces from 3.0.2 to 3.0.3 (#1777)db0cee9
Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1872)b684943
Add Ref and Commit outputs (#1180)Updates
actions/setup-go
from 5.0.2 to 5.1.0Release notes
Sourced from actions/setup-go's releases.
Commits
41dfa10
Enhance workflows and Upgrade micromatch Dependency (#510)9419772
ReviseisGhes
logic (#511)d60b41a
Merge pull request #502 from actions/Jcambass-patch-1e09f57f
Upgrade IA Publishdf1a117
Merge pull request #500 from actions/Jcambass-patch-149582f6
Add workflow file for publishing releases to immutable action packageb26d402
fix: add arch to cache key (#493)Updates
golangci/golangci-lint-action
from 6.1.0 to 6.1.1Release notes
Sourced from golangci/golangci-lint-action's releases.
Commits
971e284
build(deps-dev): bump the dev-dependencies group with 3 updates (#1108)bbe7eb5
build(deps): bump@types/node
from 22.5.5 to 22.7.4 in the dependencies group...ebae5ce
build(deps-dev): bump the dev-dependencies group with 3 updates (#1105)06c3f3a
build(deps): bump@types/node
from 22.5.4 to 22.5.5 in the dependencies group...56689d8
build(deps-dev): bump the dev-dependencies group with 3 updates (#1103)c7bab6f
fix: clean go install output (#1102)33f56cc
build(deps-dev): bump the dev-dependencies group with 3 updates (#1099)e954224
build(deps): bump@types/node
from 22.5.2 to 22.5.4 in the dependencies group...68de804
build(deps): bump@types/node
from 22.5.1 to 22.5.2 in the dependencies group...22a3756
build(deps-dev): bump the dev-dependencies group with 2 updates (#1097)Updates
reviewdog/action-actionlint
from 1.54.0 to 1.57.0Release notes
Sourced from reviewdog/action-actionlint's releases.
Commits
7eeec1d
bump v1.57.05382349
Merge branch 'main' into releases/v1053981c
Merge pull request #144 from reviewdog/depup/actionlintc9fe0dc
chore(deps): update actionlint to 1.7.315a7a47
bump v1.56.0a46f3c8
Merge branch 'main' into releases/v10d91f4e
Merge pull request #141 from reviewdog/depup/actionlintfa360de
chore(deps): update actionlint to 1.7.205c9d7b
bump v1.55.0c698e45
Merge branch 'main' into releases/v1Updates
sigstore/cosign-installer
from 3.6.0 to 3.7.0Release notes
Sourced from sigstore/cosign-installer's releases.
Commits
dc72c7d
bump for latest cosign v2.4.1 release (#173)08bb361
Bump actions/checkout from 4.1.7 to 4.2.0 (#172)Updates
theupdateframework/tuf-on-ci
from 0.12.0 to 0.13.0Release notes
Sourced from theupdateframework/tuf-on-ci's releases.
Changelog
Sourced from theupdateframework/tuf-on-ci's changelog.
... (truncated)
Commits
27c49c0
Release v0.13 (#425)1d84d25
repo: Add workaround for sigstore KMS keyid (#423)317efea
signer: Accept username without @ in config file (#416)91b0eec
build(deps): bump google-github-actions/auth (#412)a100754
repo: Update pinned requirements (#410)f7b5e73
repo: Update pinned requirements (#403)15a5f4b
build(deps): bump tox in /build in the build-dependencies group (#406)Updates
actions/upload-artifact
from 4.3.6 to 4.4.3Release notes
Sourced from actions/upload-artifact's releases.
Commits
b4b15b8
Merge pull request #632 from actions/joshmgross/undo-dependency-changes92b01eb
Undo indirect dependency updates from #6278448086
Merge pull request #627 from actions/robherley/v4.4.2b1d4642
add explicit relative and absolute symlinks to workflowd50e660
bump versionaabe6f8
build with@actions/artifact
v2.1.11604373d
Merge pull request #625 from actions/robherley/artifact-2.1.100150148
paste right core versiona009b25
update licenses9f6f6f4
update@actions/core
and@actions/artifact
to latest versionsUpdates
actions/setup-node
from 4.0.3 to 4.1.0Release notes
Sourced from actions/setup-node's releases.
Commits
39370e3
fix: add arch to cached path (#843)abb238b
ReviseisGhes
logic (#1148)aca7b64
Merge pull request #1134 from actions/Jcambass-patch-188de2a3
Resolve High Security Alerts by upgrading Dependencies (#1132)0a44ba7
Correct version string (#1124)d6ebc7b
Upgrade IA Publish97ca147
Merge pull request #1125 from actions/add-is-release-workflowaa363de
Create publish-immutable-action.yml1c7b2db
Fix: windows arm64 setup (#1126)26961cf
Documentation update in the README file (#1106)Updates
actions/setup-java
from 4.2.2 to 4.5.0Release notes
Sourced from actions/setup-java's releases.
... (truncated)
Commits
8df1039
RefineisGhes
logic (#697)870c199
Update workflows for GraalVM and Version Enhancements (#699)83a06ff
Fix Windows archives extraction issue (#689)292cc14
Merge pull request #686 from actions/Jcambass-patch-1b36c23c
check-dist-failure-fix (#687)40b9536
fix: add arch to cache key (#664)0a40ce6
Add support for Oracle GraalVM (#501)68b1d5a
Upgrade IA Publishbcfbca5
Merge pull request #684 from actions/Jcambass-patch-178eae79
Add workflow file for publishing releases to immutable action packageUpdates
google-github-actions/auth
from 2.1.4 to 2.1.7Release notes
Sourced from google-github-actions/auth's releases.
Commits
6fc4af4
Release: v2.1.7 (#453)212f83a
fix: update relase workflows (#452)8254fb7
Release: v2.1.6 (#449)d1b27fe
Add missing log line (#448)c8788cc
Recommendgcloud storage
overgsutil
(#438)62cf5bd
Release: v2.1.5 (#437)0a94a84
Update deps (#436)699582e
fix !project_id error message typo (#435)6384b34
Document ID Token lifetimes (#433)Updates
google-github-actions/setup-gcloud
from 2.1.1 to 2.1.2Release notes
Sourced from google-github-actions/setup-gcloud's releases.
Commits
6189d56
Release: v2.1.2 (#699)413dc08
fix: update release workflows (#698)Updates
anchore/sbom-action
from 0.17.1 to 0.17.6Release notes
Sourced from anchore/sbom-action's releases.