Bump the all-actions group with 12 updates #16

dependabot · 2024-11-07T19:46:47Z

Bumps the all-actions group with 12 updates:

Package	From	To
actions/add-to-project	`1.0.1`	`1.0.2`
actions/checkout	`4.1.3`	`4.2.2`
ruby/setup-ruby	`1.176.0`	`1.201.0`
actions/setup-go	`5.0.1`	`5.1.0`
github/codeql-action	`3.24.11`	`3.27.0`
codespell-project/actions-codespell	`2.0`	`2.1`
actions/dependency-review-action	`4.3.2`	`4.4.0`
actions/create-github-app-token	`1.10.0`	`1.11.0`
sigstore/cosign-installer	`3.5.0`	`3.7.0`
ossf/scorecard-action	`2.3.3`	`2.4.0`
actions/cache	`4.0.2`	`4.1.2`
actions/upload-artifact	`4.3.3`	`4.4.3`

Updates actions/add-to-project from 1.0.1 to 1.0.2

Release notes

Sourced from actions/add-to-project's releases.

v1.0.2

What's Changed

build(deps-dev): bump braces from 3.0.2 to 3.0.3 by @dependabot in actions/add-to-project#583

build(deps-dev): bump @types/node from 16.18.96 to 16.18.101 by @dependabot in actions/add-to-project#588

build(deps-dev): bump ts-jest from 29.1.2 to 29.1.5 by @dependabot in actions/add-to-project#582

build(deps-dev): bump @typescript-eslint/parser from 7.6.0 to 7.14.1 by @dependabot in actions/add-to-project#589

build(deps-dev): bump @typescript-eslint/eslint-plugin from 7.6.0 to 7.14.1 by @dependabot in actions/add-to-project#590

build(deps-dev): bump eslint-plugin-jest from 27.9.0 to 28.6.0 by @dependabot in actions/add-to-project#578

Dependabot/npm and yarn/eslint plugin jest 28.6.0 fixes by @talune in actions/add-to-project#591

Full Changelog: actions/add-to-project@v1.0.1...v1.0.2

Commits

244f685 Merge pull request #591 from actions/dependabot/npm_and_yarn/eslint-plugin-je...
2a5ef71 Build and package
8c11461 Update license for json-schema.dep.yml
66f6cff Merge pull request #578 from actions/dependabot/npm_and_yarn/eslint-plugin-je...
ddf5099 Merge pull request #590 from actions/dependabot/npm_and_yarn/typescript-eslin...
da1ae5b build(deps-dev): bump @typescript-eslint/eslint-plugin
ced87c7 Merge pull request #589 from actions/dependabot/npm_and_yarn/typescript-eslin...
c78e6a1 Merge pull request #582 from actions/dependabot/npm_and_yarn/ts-jest-29.1.5
267a19f build(deps-dev): bump @typescript-eslint/parser from 7.6.0 to 7.14.1
e005a86 Merge pull request #588 from actions/dependabot/npm_and_yarn/types/node-16.18...
Additional commits viewable in compare view

Updates actions/checkout from 4.1.3 to 4.2.2

Release notes

Sourced from actions/checkout's releases.

v4.2.2

What's Changed

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

New Contributors

@Jcambass made their first contribution in actions/checkout#1919

Full Changelog: actions/checkout@v4.2.0...v4.2.1

v4.2.0

What's Changed

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependabot updates in actions/checkout#1777 & actions/checkout#1872

New Contributors

@yasonk made their first contribution in actions/checkout#1869

@lucacome made their first contribution in actions/checkout#1180

Full Changelog: actions/checkout@v4.1.7...v4.2.0

v4.1.7

What's Changed

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

New Contributors

@orhantoy made their first contribution in actions/checkout#1774

Full Changelog: actions/checkout@v4.1.6...v4.1.7

v4.1.6

What's Changed

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

Update for 4.1.6 release by @cory-miller in actions/checkout#1733

Full Changelog: actions/checkout@v4.1.5...v4.1.6

v4.1.5

What's Changed

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.2.2

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

v4.2.1

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

v4.2.0

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependency updates by @dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

v4.1.5

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

v4.1.4

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

v4.1.3

Check git version before attempting to disable sparse-checkout by @jww3 in actions/checkout#1656

Add SSH user parameter by @cory-miller in actions/checkout#1685

Update actions/checkout version in update-main-version.yml by @jww3 in actions/checkout#1650

v4.1.2

Fix: Disable sparse checkout whenever sparse-checkout option is not present @dscho in actions/checkout#1598

v4.1.1

Correct link to GitHub Docs by @peterbe in actions/checkout#1511

Link to release page from what's new section by @cory-miller in actions/checkout#1514

v4.1.0

Add support for partial checkout filters

... (truncated)

Commits

11bd719 Prepare 4.2.2 Release (#1953)
e3d2460 Expand unit test coverage (#1946)
163217d url-helper.ts now leverages well-known environment variables. (#1941)
eef6144 Prepare 4.2.1 release (#1925)
6b42224 Add workflow file for publishing releases to immutable action package (#1919)
de5a000 Check out other refs/* by commit if provided, fall back to ref (#1924)
d632683 Prepare 4.2.0 release (#1878)
6d193bf Bump braces from 3.0.2 to 3.0.3 (#1777)
db0cee9 Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1872)
b684943 Add Ref and Commit outputs (#1180)
Additional commits viewable in compare view

Updates ruby/setup-ruby from 1.176.0 to 1.201.0

Release notes

Sourced from ruby/setup-ruby's releases.

v1.201.0

What's Changed

Update CRuby releases on Windows by @ruby-builder-bot in ruby/setup-ruby#667

Full Changelog: ruby/setup-ruby@v1.200.0...v1.201.0

v1.200.0

What's Changed

Add jruby-9.4.9.0 by @ruby-builder-bot in ruby/setup-ruby#665

Add ruby-3.3.6 by @ruby-builder-bot in ruby/setup-ruby#666

Full Changelog: ruby/setup-ruby@v1.199.0...v1.200.0

v1.199.0

What's Changed

Update CRuby releases on Windows by @ruby-builder-bot in ruby/setup-ruby#664

Full Changelog: ruby/setup-ruby@v1.198.0...v1.199.0

v1.198.0

What's Changed

Add ruby-3.2.6 by @ruby-builder-bot in ruby/setup-ruby#663

Full Changelog: ruby/setup-ruby@v1.197.0...v1.198.0

v1.197.0

What's Changed

Add some details about using asan build. by @ioquatix in ruby/setup-ruby#654

Add truffleruby-24.1.1,truffleruby+graalvm-24.1.1 by @ruby-builder-bot in ruby/setup-ruby#657

Full Changelog: ruby/setup-ruby@v1.196.0...v1.197.0

v1.196.0

What's Changed

Add ruby-3.4.0-preview2 by @ruby-builder-bot in ruby/setup-ruby#655

Test the last 3.4 preview in CI by @eregon in ruby/setup-ruby#656

Full Changelog: ruby/setup-ruby@v1.195.0...v1.196.0

v1.195.0

What's Changed

README.md: Mention link to supported Ruby versions for GitHub-hosted runners by @stdedos in ruby/setup-ruby#651

Add ASAN CRuby build by @ioquatix in ruby/setup-ruby#653

... (truncated)

Commits

46ca53b Update CRuby releases on Windows
217c988 Skip which bundle test on mingw, mswin and ucrt
c6d4d2a Add ruby-3.3.6
8c27ea3 Add jruby-9.4.9.0
7d3497f Update CRuby releases on Windows
98aefb3 Add ruby-3.2.6
7bae1d0 Add truffleruby-24.1.1,truffleruby+graalvm-24.1.1
4d521ea Fix exclusion
1d9686e Mention the new ruby-asan under Supported Versions
bea2fb9 Add some details about using asan build.
Additional commits viewable in compare view

Updates actions/setup-go from 5.0.1 to 5.1.0

Release notes

Sourced from actions/setup-go's releases.

v5.1.0

What's Changed

Add workflow file for publishing releases to immutable action package by @Jcambass in actions/setup-go#500

Upgrade IA Publish by @Jcambass in actions/setup-go#502

Add architecture to cache key by @Zxilly in actions/setup-go#493 This addresses issues with caching by adding the architecture (arch) to the cache key, ensuring that cache keys are accurate to prevent conflicts. Note: This change may break previous cache keys as they will no longer be compatible with the new format.

Enhance workflows and Upgrade micromatch Dependency by @priyagupta108 in actions/setup-go#510

Bug Fixes

Revise isGhes logic by @jww3 in actions/setup-go#511

New Contributors

@Zxilly made their first contribution in actions/setup-go#493

@Jcambass made their first contribution in actions/setup-go#500

@jww3 made their first contribution in actions/setup-go#511

@priyagupta108 made their first contribution in actions/setup-go#510

Full Changelog: actions/setup-go@v5...v5.1.0

v5.0.2

What's Changed

Bug fixes:

Fix versions check failure by @HarithaVattikuti in actions/setup-go#479

Dependency updates:

Bump braces from 3.0.2 to 3.0.3 and undici from 5.28.3 to 5.28.4 by @dependabot in actions/setup-go#487

New Contributors

@HarithaVattikuti made their first contribution in actions/setup-go#479

Full Changelog: actions/setup-go@v5...v5.0.2

Commits

41dfa10 Enhance workflows and Upgrade micromatch Dependency (#510)
9419772 Revise isGhes logic (#511)
d60b41a Merge pull request #502 from actions/Jcambass-patch-1
e09f57f Upgrade IA Publish
df1a117 Merge pull request #500 from actions/Jcambass-patch-1
49582f6 Add workflow file for publishing releases to immutable action package
b26d402 fix: add arch to cache key (#493)
0a12ed9 Bump braces from 3.0.2 to 3.0.3 (#487)
4ab57d7 Fix versions check failure (#479)
See full diff in compare view

Updates github/codeql-action from 3.24.11 to 3.27.0

Release notes

Sourced from github/codeql-action's releases.

v3.27.0

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.0 - 22 Oct 2024

Bump the minimum CodeQL bundle version to 2.14.6. #2549

Fix an issue where the upload-sarif Action would fail with "upload-sarif post-action step failed: Input required and not supplied: token" when called in a composite Action that had a different set of inputs to the ones expected by the upload-sarif Action. #2557

Update default CodeQL bundle version to 2.19.2. #2552

See the full CHANGELOG.md for more information.

v3.26.13

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.26.13 - 14 Oct 2024

No user facing changes.

See the full CHANGELOG.md for more information.

v3.26.12

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.26.12 - 07 Oct 2024

Upcoming breaking change: Add a deprecation warning for customers using CodeQL version 2.14.5 and earlier. These versions of CodeQL were discontinued on 24 September 2024 alongside GitHub Enterprise Server 3.10, and will be unsupported by CodeQL Action versions 3.27.0 and later and versions 2.27.0 and later. #2520

If you are using one of these versions, please update to CodeQL CLI version 2.14.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.

Alternatively, if you want to continue using a version of the CodeQL CLI between 2.13.5 and 2.14.5, you can replace github/codeql-action/*@v3 by github/codeql-action/*@v3.26.11 and github/codeql-action/*@v2 by github/codeql-action/*@v2.26.11 in your code scanning workflow to ensure you continue using this version of the CodeQL Action.

See the full CHANGELOG.md for more information.

v3.26.11

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

[UNRELEASED]

The CodeQL Action now downloads bundles compressed using Zstandard on GitHub Enterprise Server when using Linux or macOS runners. This speeds up the installation of the CodeQL tools. This feature is already available to GitHub.com users. #2573

Update default CodeQL bundle version to 2.19.3. #2576

3.27.0 - 22 Oct 2024

Bump the minimum CodeQL bundle version to 2.14.6. #2549

Fix an issue where the upload-sarif Action would fail with "upload-sarif post-action step failed: Input required and not supplied: token" when called in a composite Action that had a different set of inputs to the ones expected by the upload-sarif Action. #2557

Update default CodeQL bundle version to 2.19.2. #2552

3.26.13 - 14 Oct 2024

No user facing changes.

3.26.12 - 07 Oct 2024

Upcoming breaking change: Add a deprecation warning for customers using CodeQL version 2.14.5 and earlier. These versions of CodeQL were discontinued on 24 September 2024 alongside GitHub Enterprise Server 3.10, and will be unsupported by CodeQL Action versions 3.27.0 and later and versions 2.27.0 and later. #2520

If you are using one of these versions, please update to CodeQL CLI version 2.14.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.

Alternatively, if you want to continue using a version of the CodeQL CLI between 2.13.5 and 2.14.5, you can replace github/codeql-action/*@v3 by github/codeql-action/*@v3.26.11 and github/codeql-action/*@v2 by github/codeql-action/*@v2.26.11 in your code scanning workflow to ensure you continue using this version of the CodeQL Action.

3.26.11 - 03 Oct 2024

Upcoming breaking change: Add support for using actions/download-artifact@v4 to programmatically consume CodeQL Action debug artifacts.

Starting November 30, 2024, GitHub.com customers will no longer be able to use actions/download-artifact@v3. Therefore, to avoid breakage, customers who programmatically download the CodeQL Action debug artifacts should set the CODEQL_ACTION_ARTIFACT_V4_UPGRADE environment variable to true and bump actions/download-artifact@v3 to actions/download-artifact@v4 in their workflows. The CodeQL Action will enable this behavior by default in early November and workflows that have not yet bumped to actions/download-artifact@v3 to actions/download-artifact@v4 will begin failing then.

This change is currently unavailable for GitHub Enterprise Server customers, as actions/upload-artifact@v4 and actions/download-artifact@v4 are not yet compatible with GHES.

Update default CodeQL bundle version to 2.19.1. #2519

3.26.10 - 30 Sep 2024

We are rolling out a feature in September/October 2024 that sets up CodeQL using a bundle compressed with Zstandard. Our aim is to improve the performance of setting up CodeQL. #2502

3.26.9 - 24 Sep 2024

No user facing changes.

3.26.8 - 19 Sep 2024

Update default CodeQL bundle version to 2.19.0. #2483

... (truncated)

Commits

6624720 Merge pull request #2561 from github/update-v3.27.0-b35b023d9
ce7c2b5 Update changelog for v3.27.0
b35b023 Merge pull request #2552 from github/update-bundle/codeql-bundle-v2.19.2
dafc762 Merge pull request #2560 from github/aeisenberg/fix-required-checks
0d1eb88 Remove ESLint from required checks
0a30541 Merge pull request #2558 from github/dependabot/npm_and_yarn/npm-6515e6e328
2a6a6ad Update checked-in dependencies
26c18c2 Bump the npm group with 3 updates
7080a68 Merge branch 'main' into update-bundle/codeql-bundle-v2.19.2
63eb7bb Merge pull request #2551 from github/cklin/diff-informed-queries-feature
Additional commits viewable in compare view

Updates codespell-project/actions-codespell from 2.0 to 2.1

Release notes

Sourced from codespell-project/actions-codespell's releases.

v2.1

What's Changed

Use v2 in README by @okuramasafumi in codespell-project/actions-codespell#69

Bump actions/checkout from 3 to 4 by @dependabot in codespell-project/actions-codespell#72

Bump actions/setup-python from 4 to 5 by @dependabot in codespell-project/actions-codespell#74

feat: bump to use node20 runtime by @kbdharun in codespell-project/actions-codespell#71

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in codespell-project/actions-codespell#76

New Contributors

@okuramasafumi made their first contribution in codespell-project/actions-codespell#69

@dependabot made their first contribution in codespell-project/actions-codespell#72

@kbdharun made their first contribution in codespell-project/actions-codespell#71

@pre-commit-ci made their first contribution in codespell-project/actions-codespell#76

Full Changelog: codespell-project/actions-codespell@v2...v2.1

Commits

406322e [pre-commit.ci] pre-commit autoupdate (#76)
3174815 feat: bump to use node20 runtime (#71)
8edd9f2 Bump actions/setup-python from 4 to 5 (#74)
8dc8168 Bump actions/checkout from 3 to 4 (#72)
41170f1 Use v2 in README (#69)
See full diff in compare view

Updates actions/dependency-review-action from 4.3.2 to 4.4.0

Release notes

Sourced from actions/dependency-review-action's releases.

v4.4.0

What's Changed

Fix for merge_group event bug by @Ahmed3lmallah in actions/dependency-review-action#846

Full Changelog: actions/dependency-review-action@v4.3.5...v4.4.0

v4.3.5

What's Changed

fix: getRefs function to handle merge_group events by @louis-bompart in actions/dependency-review-action#766

Create pull_request_template.md by @jonjanego in actions/dependency-review-action#794

Update CONTRIBUTING.md by @jonjanego in actions/dependency-review-action#793

Bump @types/node from 20.11.28 to 20.16.0 by @dependabot in actions/dependency-review-action#815

Upgrade transitive micromatch library by @elireisman in actions/dependency-review-action#829

Do not list changed dependencies in summary by @hmaurer in actions/dependency-review-action#828

Update stale.yaml by @jonjanego in actions/dependency-review-action#832

Bump got from 14.4.1 to 14.4.2 by @dependabot in actions/dependency-review-action#822

Bump eslint-plugin-jest and ts-jest by @Ahmed3lmallah in actions/dependency-review-action#840

New Contributors

@louis-bompart made their first contribution in actions/dependency-review-action#766

@Ahmed3lmallah made their first contribution in actions/dependency-review-action#840

Full Changelog: actions/dependency-review-action@v4.3.4...v4.3.5

v4.3.4

What's Changed

Include all added dependencies in scorecard entries by @elireisman in actions/dependency-review-action#783

Update SPDX Expression Parsing by @febuiles in actions/dependency-review-action#719

This PR is a significant refactor of SPDX expression parsing that may fix some bugs, but unfortunately there are several related known issues that remain unresolved as of this version.

Full Changelog: actions/dependency-review-action@v4.3.3...v4.3.4

Notes for v4.3.3

What's Changed

Allow slashes in purl package names by @juxtin in actions/dependency-review-action#765

use the v3 version of the deps.dev API by @josieang in actions/dependency-review-action#741

PR with suggestions - [Improvement]: Help streamline / simplify dependency review action README by @am-stead in actions/dependency-review-action#773

fix show-openssf-scorecard-levels input by @ramann in actions/dependency-review-action#776

Updates to the contribution guidelines by @jonjanego in actions/dependency-review-action#778

Create issue templates by @jonjanego in actions/dependency-review-action#777

Fix the max comment length issue by @jhutchings1 and @elireisman in actions/dependency-review-action#767

Bump project version to 4.3.3 in prep for a release by @elireisman in actions/dependency-review-action#781

New Contributors

@josieang made their first contribution in actions/dependency-review-action#741

@am-stead made their first contribution in actions/dependency-review-action#773

@ramann made their first contribution in actions/dependency-review-action#776

Full Changelog: actions/dependency-review-action@v4.3.2...v4.3.3

Commits

4081bf9 Merge pull request #846 from actions/merge-group-bug-fix
03e585e fixing minor typo
08b4117 updating dist code
9c3441f updating dist code
304a544 updating tests
e99353b fixing merge_group schema bug
a6993e2 Merge pull request #840 from actions/dependabot-updates
d92f08b Bump eslint-plugin-jest and ts-jest
3e334b7 Merge pull request #822 from actions/dependabot/npm_and_yarn/got-14.4.2
32b7d88 Merge pull request #832 from actions/jonjanego-patch-3
Additional commits viewable in compare view

Updates actions/create-github-app-token from 1.10.0 to 1.11.0

Release notes

Sourced from actions/create-github-app-token's releases.

v1.11.0

What's Changed

Features

Allow repositories input to be comma or newline-separated by @peter-evans in actions/create-github-app-token#169

New Contributors

@peter-evans made their first contribution in actions/create-github-app-token#169

Full Changelog: actions/create-github-app-token@v1.10.4...v1.11.0

v1.10.4

What's Changed

build(deps-dev): bump the development-dependencies group with 4 updates by @dependabot in actions/create-github-app-token#150

docs(README): fix the git committer string and Configure git CLI examples by @maboloshi in actions/create-github-app-token#151

docs(readme): document how a Base64 private key could be decoded by @vleon1a in actions/create-github-app-token#155

test: fix test file extensions and inputs for repositories by @parkerbxyz in actions/create-github-app-token#161

build(deps-dev): bump the development-dependencies group across 1 directory with 4 updates by @dependabot in actions/create-github-app-token#167

Bug Fixes

bump the production-dependencies group across 1 directory with 3 updates by @dependabot in actions/create-github-app-token#166

New Contributors

@vleon1a made their first contribution in actions/create-github-app-token#155

Full Changelog: actions/create-github-app-token@v1.10.3...v1.10.4

v1.10.3

What's Changed

docs(README): fix committer string example and add git config example by @anuraaga in actions/create-github-app-token#145

Bug Fixes

fix(deps): bump undici from 6.18.2 to 6.19.2 in the production-dependencies group by @dependabot in actions/create-github-app-token#149

New Contributors

@anuraaga made their first contribution in actions/create-github-app-token#145

Full Changelog: actions/create-github-app-token@v1.10.2...v1.10.3

v1.10.2

1.10.2 (2024-06-26)

... (truncated)

Commits

5d869da build(release): 1.11.0 [skip ci]
796b88d feat: allow repositories input to be comma or newline-separated (#169)
3378cda build(release): 1.10.4 [skip ci]
e177c20 fix(deps): bump the production-dependencies group across 1 directory with 3 u...
961c228 build(deps-dev): bump the development-dependencies group across 1 directory w...
15db037 test: fix test file extensions and inputs for repositories (#161)

Bumps the all-actions group with 12 updates: | Package | From | To | | --- | --- | --- | | [actions/add-to-project](https://github.com/actions/add-to-project) | `1.0.1` | `1.0.2` | | [actions/checkout](https://github.com/actions/checkout) | `4.1.3` | `4.2.2` | | [ruby/setup-ruby](https://github.com/ruby/setup-ruby) | `1.176.0` | `1.201.0` | | [actions/setup-go](https://github.com/actions/setup-go) | `5.0.1` | `5.1.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.24.11` | `3.27.0` | | [codespell-project/actions-codespell](https://github.com/codespell-project/actions-codespell) | `2.0` | `2.1` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.3.2` | `4.4.0` | | [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `1.10.0` | `1.11.0` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.5.0` | `3.7.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.3.3` | `2.4.0` | | [actions/cache](https://github.com/actions/cache) | `4.0.2` | `4.1.2` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.3` | `4.4.3` | Updates `actions/add-to-project` from 1.0.1 to 1.0.2 - [Release notes](https://github.com/actions/add-to-project/releases) - [Commits](actions/add-to-project@9bfe908...244f685) Updates `actions/checkout` from 4.1.3 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4.1.3...11bd719) Updates `ruby/setup-ruby` from 1.176.0 to 1.201.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](ruby/setup-ruby@cacc9f1...46ca53b) Updates `actions/setup-go` from 5.0.1 to 5.1.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@cdcb360...41dfa10) Updates `github/codeql-action` from 3.24.11 to 3.27.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3.24.11...6624720) Updates `codespell-project/actions-codespell` from 2.0 to 2.1 - [Release notes](https://github.com/codespell-project/actions-codespell/releases) - [Commits](codespell-project/actions-codespell@94259cd...406322e) Updates `actions/dependency-review-action` from 4.3.2 to 4.4.0 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@0c155c5...4081bf9) Updates `actions/create-github-app-token` from 1.10.0 to 1.11.0 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](actions/create-github-app-token@a0de6af...5d869da) Updates `sigstore/cosign-installer` from 3.5.0 to 3.7.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@59acb62...dc72c7d) Updates `ossf/scorecard-action` from 2.3.3 to 2.4.0 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@dc50aa9...62b2cac) Updates `actions/cache` from 4.0.2 to 4.1.2 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@0c45773...6849a64) Updates `actions/upload-artifact` from 4.3.3 to 4.4.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@6546280...b4b15b8) --- updated-dependencies: - dependency-name: actions/add-to-project dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-actions - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: codespell-project/actions-codespell dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: actions/create-github-app-token dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-11-10T16:18:27Z

Superseded by #21.

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Nov 7, 2024

dependabot bot closed this Nov 10, 2024

dependabot bot deleted the dependabot/github_actions/all-actions-569b411bca branch November 10, 2024 16:18

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the all-actions group with 12 updates #16

Bump the all-actions group with 12 updates #16

dependabot bot commented on behalf of github Nov 7, 2024 •

edited

Loading

dependabot bot commented on behalf of github Nov 10, 2024

Bump the all-actions group with 12 updates #16

Bump the all-actions group with 12 updates #16

Conversation

dependabot bot commented on behalf of github Nov 7, 2024 • edited Loading

v1.0.2

What's Changed

v4.2.2

What's Changed

v4.2.1

What's Changed

New Contributors

v4.2.0

What's Changed

New Contributors

v4.1.7

What's Changed

New Contributors

v4.1.6

What's Changed

v4.1.5

What's Changed

Changelog

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v1.201.0

What's Changed

v1.200.0

What's Changed

v1.199.0

What's Changed

v1.198.0

What's Changed

v1.197.0

What's Changed

v1.196.0

What's Changed

v1.195.0

What's Changed

v5.1.0

What's Changed

New Contributors

v5.0.2

What's Changed

Bug fixes:

Dependency updates:

New Contributors

v3.27.0

CodeQL Action Changelog

3.27.0 - 22 Oct 2024

v3.26.13

CodeQL Action Changelog

3.26.13 - 14 Oct 2024

v3.26.12

CodeQL Action Changelog

3.26.12 - 07 Oct 2024

v3.26.11

CodeQL Action Changelog

CodeQL Action Changelog

[UNRELEASED]

3.27.0 - 22 Oct 2024

3.26.13 - 14 Oct 2024

3.26.12 - 07 Oct 2024

3.26.11 - 03 Oct 2024

3.26.10 - 30 Sep 2024

3.26.9 - 24 Sep 2024

3.26.8 - 19 Sep 2024

v2.1

What's Changed

New Contributors

v4.4.0

What's Changed

dependabot bot commented on behalf of github Nov 7, 2024 •

edited

Loading