-
-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump actions/upload-artifact from 4.3.1 to 4.3.3 #150
Bump actions/upload-artifact from 4.3.1 to 4.3.3 #150
Conversation
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.1 to 4.3.3. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@5d5d22a...6546280) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/code pr
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
/code pr |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🤖
The change in .github/workflows/scorecard.yml
updates the version of actions/upload-artifact
from 4.3.1 to 4.3.3. The modification is correctly implemented by updating the commit hash from 5d5d22a31266ced268874388b861e4b58bb5c2f3
to 65462800fd760344b1a7b4382951275a0abb4808
. This is a straightforward version bump with no apparent issues in the modified line. Ensure that the new version of the action does not introduce any breaking changes or require additional configurations.
> gpt-4-turbo [pr | 1]
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
🤖
The PR updates the GitHub Actions workflow file .github/workflows/scorecard.yml
by bumping the version of actions/upload-artifact
from 4.3.1 to 4.3.3. The change is correctly reflected in the file, updating the commit hash from 5d5d22a31266ced268874388b861e4b58bb5c2f3
to 65462800fd760344b1a7b4382951275a0abb4808
.
Suggestion:
Ensure that the new version of the action does not introduce any breaking changes or require additional configurations that are not addressed in this PR. It would be beneficial to verify this by checking the release notes linked in the PR description.
File:
.github/workflows/scorecard.yml
: The change is concise and limited to the version update of the action. No further issues are apparent in the modified lines.
> gpt-4-turbo [pr | 2]
Bumps actions/upload-artifact from 4.3.1 to 4.3.3.
Release notes
Sourced from actions/upload-artifact's releases.
Commits
6546280
updating package versionc004fb4
Merge branch 'main' into eggyhead/use-artifact-v2.1.690aba49
updating toolkit artifact dependency to 2.1.6b06cde3
Merge pull request #563 from actions/eggyhead/release-4.3.21746f4a
Revert "updating to release 4.3.2"31685d0
updating to release 4.3.218bf333
Merge pull request #562 from actions/eggyhead/update-artifact-v215dac413b
update package lock versionbb3b4a3
updating package version3e3da83
updating artifact and core dependenciesDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore this major version
will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version
will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency
will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)