-
-
Notifications
You must be signed in to change notification settings - Fork 46
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump the github-actions-repo-wide group with 14 updates #873
Closed
dependabot
wants to merge
1
commit into
main
from
dependabot/github_actions/github-actions-repo-wide-72775ca379
Closed
Bump the github-actions-repo-wide group with 14 updates #873
dependabot
wants to merge
1
commit into
main
from
dependabot/github_actions/github-actions-repo-wide-72775ca379
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps the github-actions-repo-wide group with 14 updates: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.6.0` | `2.7.1` | | [actions/checkout](https://github.com/actions/checkout) | `4.1.1` | `4.1.4` | | [github/codeql-action](https://github.com/github/codeql-action) | `2.22.4` | `3.25.3` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `3.1.0` | `4.3.2` | | [docker/login-action](https://github.com/docker/login-action) | `3.0.0` | `3.1.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `5.0.0` | `5.3.0` | | [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) | `5.25.0` | `6.0.0` | | [oxsecurity/megalinter](https://github.com/oxsecurity/megalinter) | `7.4.0` | `7.11.1` | | [actions/setup-node](https://github.com/actions/setup-node) | `3.8.1` | `4.0.2` | | [actions/setup-python](https://github.com/actions/setup-python) | `4.7.1` | `5.1.0` | | [azure/login](https://github.com/azure/login) | `1.4.7` | `2.1.0` | | [azure/container-apps-deploy-action](https://github.com/azure/container-apps-deploy-action) | `900fbf4c695af15656553e442a65192e797b9dd2` | `02d045129c058b13312276b50a552834cf74e2af` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.3.0` | `2.3.1` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `3.1.3` | `4.3.3` | Updates `step-security/harden-runner` from 2.6.0 to 2.7.1 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@1b05615...a4aa98b) Updates `actions/checkout` from 4.1.1 to 4.1.4 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@b4ffde6...0ad4b8f) Updates `github/codeql-action` from 2.22.4 to 3.25.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@49abf0b...d39d31e) Updates `actions/dependency-review-action` from 3.1.0 to 4.3.2 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@6c5ccda...0c155c5) Updates `docker/login-action` from 3.0.0 to 3.1.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@343f7c4...e92390c) Updates `docker/build-push-action` from 5.0.0 to 5.3.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@0565240...2cdde99) Updates `release-drafter/release-drafter` from 5.25.0 to 6.0.0 - [Release notes](https://github.com/release-drafter/release-drafter/releases) - [Commits](release-drafter/release-drafter@09c613e...3f0f870) Updates `oxsecurity/megalinter` from 7.4.0 to 7.11.1 - [Release notes](https://github.com/oxsecurity/megalinter/releases) - [Changelog](https://github.com/oxsecurity/megalinter/blob/main/CHANGELOG.md) - [Commits](oxsecurity/megalinter@a87b287...03986e6) Updates `actions/setup-node` from 3.8.1 to 4.0.2 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@5e21ff4...60edb5d) Updates `actions/setup-python` from 4.7.1 to 5.1.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@65d7f2d...82c7e63) Updates `azure/login` from 1.4.7 to 2.1.0 - [Release notes](https://github.com/azure/login/releases) - [Commits](Azure/login@92a5484...6b24568) Updates `azure/container-apps-deploy-action` from 900fbf4c695af15656553e442a65192e797b9dd2 to 02d045129c058b13312276b50a552834cf74e2af - [Release notes](https://github.com/azure/container-apps-deploy-action/releases) - [Commits](Azure/container-apps-deploy-action@900fbf4...02d0451) Updates `ossf/scorecard-action` from 2.3.0 to 2.3.1 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@483ef80...0864cf1) Updates `actions/upload-artifact` from 3.1.3 to 4.3.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@a8a3f3a...6546280) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-repo-wide - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-repo-wide - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-repo-wide - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-repo-wide - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-repo-wide - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-repo-wide - dependency-name: release-drafter/release-drafter dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-repo-wide - dependency-name: oxsecurity/megalinter dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-repo-wide - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-repo-wide - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-repo-wide - dependency-name: azure/login dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-repo-wide - dependency-name: azure/container-apps-deploy-action dependency-type: direct:production dependency-group: github-actions-repo-wide - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-repo-wide - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-repo-wide ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
Pull requests that update a dependency file
github_actions
Pull requests that update GitHub Actions code
labels
May 1, 2024
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
dependabot
bot
deleted the
dependabot/github_actions/github-actions-repo-wide-72775ca379
branch
May 25, 2024 02:27
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
dependencies
Pull requests that update a dependency file
github_actions
Pull requests that update GitHub Actions code
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the github-actions-repo-wide group with 14 updates:
2.6.0
2.7.1
4.1.1
4.1.4
2.22.4
3.25.3
3.1.0
4.3.2
3.0.0
3.1.0
5.0.0
5.3.0
5.25.0
6.0.0
7.4.0
7.11.1
3.8.1
4.0.2
4.7.1
5.1.0
1.4.7
2.1.0
900fbf4c695af15656553e442a65192e797b9dd2
02d045129c058b13312276b50a552834cf74e2af
2.3.0
2.3.1
3.1.3
4.3.3
Updates
step-security/harden-runner
from 2.6.0 to 2.7.1Release notes
Sourced from step-security/harden-runner's releases.
Commits
a4aa98b
Release v2.7.1 (#397)6c3b1c9
Merge pull request #379 from step-security/dependabot/github_actions/step-sec...3498091
Bump step-security/harden-runner from 2.6.1 to 2.7.063a88e2
Merge pull request #378 from step-security/update-readme307e5965
Update README63c24ba
Merge pull request #376 from step-security/rc-795691d3
Update dist6339621
Update to node204a63cda
Add tls-inspection capability (#368)dece111
Merge pull request #372 from step-security/readme-updateUpdates
actions/checkout
from 4.1.1 to 4.1.4Release notes
Sourced from actions/checkout's releases.
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
0ad4b8f
Prep Release v4.1.4 (#1704)43045ae
Disableextensions.worktreeConfig
when disablingsparse-checkout
(#1692)37b0821
Bump the minor-actions-dependencies group with 2 updates (#1693)9839dc1
Add dependabot config (#1688)9b4c13b
Bump word-wrap from 1.2.3 to 1.2.5 (#1643)1d96c77
Add SSH user parameter (#1685)cd7d8d6
Check git version before attempting to disablesparse-checkout
(#1656)8410ad0
Updateactions/checkout
version inupdate-main-version.yml
(#1650)9bb5618
Prep for release of v4.1.2 (#1649)8eb1f6a
Bump@babel/traverse
from 7.20.5 to 7.24.0 (#1642)Updates
github/codeql-action
from 2.22.4 to 3.25.3Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
d39d31e
Merge pull request #2262 from github/update-v3.25.3-ac2f82a1fa727825
Move changenote to most recent section1efa859
Update changelog for v3.25.3ac2f82a
Log warning if SIP is disabled and CLI version is < 2.15.1 (#2261)0ad7791
Merge pull request #2247 from github/update-bundle/codeql-bundle-v2.17.179d9ee7
Merge branch 'main' into update-bundle/codeql-bundle-v2.17.1dbf2b17
Merge pull request #2255 from github/mergeback/v3.25.2-to-main-8f596b4aff6a3c4
Update checked-in dependencies619dc0c
Update changelog and version after v3.25.28f596b4
Merge pull request #2254 from github/update-v3.25.2-4909c1ffbUpdates
actions/dependency-review-action
from 3.1.0 to 4.3.2Release notes
Sourced from actions/dependency-review-action's releases.
... (truncated)
Commits
0c155c5
Merge pull request #762 from actions/juxtin/prepare-4.3.2f3dac32
Merge pull request #761 from actions/juxtin/fix-allow-dependencies-licensesd0d5cc3
Update version number to 4.3.249fbbe0
Fix package-url parsing for allow-dependencies-licensese58c696
Merge pull request #758 from actions/juxtin/prepare-4.3.19b7c72d
Change version to 4.3.17dcfabf
Merge pull request #753 from actions/juxtin/debug-purl5f0808f
Validate that deny-packages purls are completefcc66c2
Refine purl parsing and tests1dd418b
Basic tests for PURL validation in configUpdates
docker/login-action
from 3.0.0 to 3.1.0Release notes
Sourced from docker/login-action's releases.
Commits
e92390c
Merge pull request #685 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...1e752e2
chore: update generated content51c6097
build(deps): bump the aws-sdk-dependencies group with 2 updates8f079fb
Merge pull request #676 from docker/dependabot/npm_and_yarn/proxy-agent-depen...16fa768
chore: update generated content46d1619
build(deps): bump the proxy-agent-dependencies group with 2 updates8c291c5
Merge pull request #682 from docker/dependabot/npm_and_yarn/docker/actions-to...ec726f4
build(deps): bump@docker/actions-toolkit
from 0.14.0 to 0.18.05139682
Merge pull request #677 from docker/dependabot/npm_and_yarn/undici-5.28.36d4e2ba
chore: update generated contentUpdates
docker/build-push-action
from 5.0.0 to 5.3.0Release notes
Sourced from docker/build-push-action's releases.
Commits
2cdde99
Merge pull request #1080 from docker/dependabot/npm_and_yarn/docker/actions-t...008747a
chore: update generated content1580753
chore(deps): Bump@docker/actions-toolkit
from 0.18.0 to 0.19.02a7db1d
Merge pull request #1075 from crazy-max/ci-multi-output35e7dd5
ci: test multi outputaf5a7ed
Merge pull request #1074 from crazy-max/build-cmd-debug2a85189
chore: update generated content6c20794
disable quotes detection for "outputs" inputafdf0c0
chore: debug build cmd and args00ae31a
Merge pull request #1070 from docker/dependabot/npm_and_yarn/docker/actions-t...Updates
release-drafter/release-drafter
from 5.25.0 to 6.0.0Release notes
Sourced from release-drafter/release-drafter's releases.
Commits
3f0f870
v6.0.080296b4
Update Node.js to 20 (#1379)Updates
oxsecurity/megalinter
from 7.4.0 to 7.11.1Release notes
Sourced from oxsecurity/megalinter's releases.
... (truncated)
Changelog
Sourced from oxsecurity/megalinter's changelog.
... (truncated)
Commits
03986e6
Release MegaLinter v7.11.14199f64
[automation] Auto-update linters version, help and documentation (#3504)eac233f
Implement fallback in case git diff does not work with merge-base (#3503)57b35ba
Release MegaLinter v7.11.041567e1
[automation] Auto-update linters version, help and documentation (#3498)cee23e5
[automation] Auto-update linters version, help and documentation (#3492)578b801
ci: add consistent python3/python handling at build.sh (#3475)c80e12a
Add copy to clipboard button in code block (documentation) (#3491)fc8c26a
Allow merge lists with extends (#3469)5cec3c2
[automation] Auto-update linters version, help and documentation (#3488)Updates
actions/setup-node
from 3.8.1 to 4.0.2Release notes
Sourced from actions/setup-node's releases.
... (truncated)
Commits
60edb5d
Add support for arm64 Windows (#927)d86ebcd
Add support forvolta.extends
(#921)b39b52d
Fix node-version-file interprets entire package.json as a version (#865)7247617
Addpackage.json
tonode-version-file
list of examples. (#879)f3ec4ca
Fix README.md (#898)ec97f37
Add fix for cache (#917)5ef044f
Update reusable workflows to use Node.js v20 (#889)c45882a
update to setup-node@v4 in docs (#884)