Bump the github-actions group with 4 updates #1167

dependabot · 2024-04-03T04:18:11Z

Bumps the github-actions group with 4 updates: actions/checkout, actions/setup-node, docker/setup-qemu-action and stefanzweifel/git-auto-commit-action.

Updates actions/checkout from 3 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

Update default runtime to node20 by @takost in actions/checkout#1436

Support fetching without the --progress option by @simonbaird in actions/checkout#1067

Release 4.0.0 by @takost in actions/checkout#1447

New Contributors

@takost made their first contribution in actions/checkout#1436

@simonbaird made their first contribution in actions/checkout#1067

Full Changelog: actions/checkout@v3...v4.0.0

v3.6.0

What's Changed

Mark test scripts with Bash'isms to be run via Bash by @dscho in actions/checkout#1377

Add option to fetch tags even if fetch-depth > 0 by @RobertWieczoreck in actions/checkout#579

Release 3.6.0 by @luketomlinson in actions/checkout#1437

New Contributors

@RobertWieczoreck made their first contribution in actions/checkout#579

@luketomlinson made their first contribution in actions/checkout#1437

Full Changelog: actions/checkout@v3.5.3...v3.6.0

v3.5.3

What's Changed

Fix: Checkout Issue in self hosted runner due to faulty submodule check-ins by @megamanics in actions/checkout#1196

Fix typos found by codespell by @DimitriPapadopoulos in actions/checkout#1287

Add support for sparse checkouts by @dscho and @dfdez in actions/checkout#1369

Release v3.5.3 by @TingluoHuang in actions/checkout#1376

New Contributors

@megamanics made their first contribution in actions/checkout#1196

@DimitriPapadopoulos made their first contribution in actions/checkout#1287

@dfdez made their first contribution in actions/checkout#1369

Full Changelog: actions/checkout@v3...v3.5.3

v3.5.2

What's Changed

Fix: Use correct API url / endpoint in GHES by @fhammerl in actions/checkout#1289 based on #1286 by @1newsr

Full Changelog: actions/checkout@v3.5.1...v3.5.2

v3.5.1

What's Changed

Improve checkout performance on Windows runners by upgrading @actions/github dependency by @BrettDong in actions/checkout#1246

New Contributors

@BrettDong made their first contribution in actions/checkout#1246

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.2

Fix: Disable sparse checkout whenever sparse-checkout option is not present @dscho in actions/checkout#1598

v4.1.1

Correct link to GitHub Docs by @peterbe in actions/checkout#1511

Link to release page from what's new section by @cory-miller in actions/checkout#1514

v4.1.0

Add support for partial checkout filters

v4.0.0

Support fetching without the --progress option

Update to node20

v3.6.0

Fix: Mark test scripts with Bash'isms to be run via Bash

Add option to fetch tags even if fetch-depth > 0

v3.5.3

Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in

Fix typos found by codespell

Add support for sparse checkouts

v3.5.2

Fix api endpoint for GHES

v3.5.1

Fix slow checkout on Windows

v3.5.0

Add new public key for known_hosts

v3.4.0

Upgrade codeql actions to v2

Upgrade dependencies

Upgrade @actions/io

v3.3.0

Implement branch list using callbacks from exec function

Add in explicit reference to private checkout options

[Fix comment typos (that got added in #770)](actions/checkout#1057)

v3.2.0

Add GitHub Action to perform release

Fix status badge

Replace datadog/squid with ubuntu/squid Docker image

Wrap pipeline commands for submoduleForeach in quotes

Update @actions/io to 1.1.2

... (truncated)

Commits

b4ffde6 Link to release page from what's new section (#1514)
8530928 Correct link to GitHub Docs (#1511)
7cdaf2f Update CODEOWNERS to Launch team (#1510)
8ade135 Prepare 4.1.0 release (#1496)
c533a0a Add support for partial checkout filters (#1396)
72f2cec Update README.md for V4 (#1452)
3df4ab1 Release 4.0.0 (#1447)
8b5e8b7 Support fetching without the --progress option (#1067)
97a652b Update default runtime to node20 (#1436)
See full diff in compare view

Updates actions/setup-node from 3 to 4

Release notes

Sourced from actions/setup-node's releases.

v4.0.0

What's Changed

In scope of this release we changed version of node runtime for action from node16 to node20 and updated dependencies in actions/setup-node#866

Besides, release contains such changes as:

Upgrade actions/checkout to v4 by @gmembre-zenika in actions/setup-node#868

Update actions/checkout for documentation and yaml by @dmitry-shibanov in actions/setup-node#876

New Contributors

@gmembre-zenika made their first contribution in actions/setup-node#868

Full Changelog: actions/setup-node@v3...v4.0.0

v3.8.2

What's Changed

Update semver by @dmitry-shibanov in actions/setup-node#861

Update temp directory creation by @nikolai-laevskii in actions/setup-node#859

Bump @babel/traverse from 7.15.4 to 7.23.2 by @dependabot in actions/setup-node#870

Add notice about binaries not being updated yet by @nikolai-laevskii in actions/setup-node#872

Update toolkit cache and core by @dmitry-shibanov and @seongwon-privatenote in actions/setup-node#875

Full Changelog: actions/setup-node@v3...v3.8.2

v3.8.1

What's Changed

In scope of this release, the filter was removed within the cache-save step by @dmitry-shibanov in actions/setup-node#831. It is filtered and checked in the toolkit/cache library.

Full Changelog: actions/setup-node@v3...v3.8.1

v3.8.0

What's Changed

Bug fixes:

Add check for existing paths by @dmitry-shibanov in actions/setup-node#803

Resolve SymbolicLink by @dmitry-shibanov in actions/setup-node#809

Change passing logic for cache input by @dmitry-shibanov in actions/setup-node#816

Fix armv7 cache issue by @louislam in actions/setup-node#794

Update check-dist workflow name by @sinchang in actions/setup-node#710

Feature implementations:

feat: handling the case where "node" is used for tool-versions file. by @xytis in actions/setup-node#812

Documentation changes:

Refer to semver package name in README.md by @olleolleolle in actions/setup-node#808

Update dependencies:

Update toolkit cache to fix zstd by @dmitry-shibanov in actions/setup-node#804

Bump tough-cookie and @azure/ms-rest-js by @dependabot in actions/setup-node#802

Bump semver from 6.1.2 to 6.3.1 by @dependabot in actions/setup-node#807

... (truncated)

Commits

60edb5d Add support for arm64 Windows (#927)
d86ebcd Add support for volta.extends (#921)
b39b52d Fix node-version-file interprets entire package.json as a version (#865)
7247617 Add package.json to node-version-file list of examples. (#879)
f3ec4ca Fix README.md (#898)
ec97f37 Add fix for cache (#917)
5ef044f Update reusable workflows to use Node.js v20 (#889)
c45882a update to setup-node@v4 in docs (#884)
ee36e8b Ignore engines check in Yarn 1 e2e-cache tests (#882)
8f152de Update actions/checkout for documentation and yaml (#876)
Additional commits viewable in compare view

Updates docker/setup-qemu-action from 1 to 3

Release notes

Sourced from docker/setup-qemu-action's releases.

v3.0.0

Node 20 as default runtime (requires Actions Runner v2.308.0 or later) by @crazy-max in docker/setup-qemu-action#102

Bump @actions/core from 1.10.0 to 1.10.1 in docker/setup-qemu-action#103

Bump semver from 6.3.0 to 6.3.1 in docker/setup-qemu-action#89

Full Changelog: docker/setup-qemu-action@v2.2.0...v3.0.0

v2.2.0

Trim off spaces in platforms input by @Chocobo1 in docker/setup-qemu-action#64

Switch to actions-toolkit implementation by @crazy-max in docker/setup-qemu-action#70 docker/setup-qemu-action#80 docker/setup-qemu-action#83

Full Changelog: docker/setup-qemu-action@v2.1.0...v2.2.0

v2.1.0

Use context for inputs by @crazy-max (#62)

Use built-in getExecOutput by @crazy-max (#61)

Remove workaround for setOutput by @crazy-max (#63)

Bump @actions/core from 1.6.0 to 1.10.0 (#54 #58 #59)

Full Changelog: docker/setup-qemu-action@v2.0.0...v2.1.0

v2.0.0

Node 16 as default runtime by @crazy-max (#48)

This requires a minimum Actions Runner version of v2.285.0, which is by default available in GHES 3.4 or later.

chore: update dev dependencies and workflow by @crazy-max (#43 #47)

Bump @actions/core from 1.3.0 to 1.6.0 (#37 #39 #41)

Bump @actions/exec from 1.0.4 to 1.1.1 (#38 #46)

Full Changelog: docker/setup-qemu-action@v1.2.0...v2.0.0

v1.2.0

Display image information (#36)

Bump @actions/core from 1.2.7 to 1.3.0 (#35)

v1.1.0

Remove os limitation (#30)

Bump @actions/core from 1.2.6 to 1.2.7 (#29)

v1.0.2

Enhance workflow (#26)

Container based developer flow (#19 #20)

v1.0.1

Fix CVE-2020-15228

Commits

6882732 Merge pull request #103 from docker/dependabot/npm_and_yarn/actions/core-1.10.1
183f4af chore: update generated content
f174935 build(deps): bump @actions/core from 1.10.0 to 1.10.1
2e423eb Merge pull request #89 from docker/dependabot/npm_and_yarn/semver-6.3.1
ecc406a Bump semver from 6.3.0 to 6.3.1
12dec5e Merge pull request #102 from crazy-max/update-node20
c29b312 chore: node 20 as default runtime
34ae628 chore: update generated content
1f3d2e1 chore: fix author in package.json
277dbe8 vendor: bump @docker/actions-toolkit from 0.3.0 to 0.12.0
Additional commits viewable in compare view

Updates stefanzweifel/git-auto-commit-action from 4 to 5

Release notes

Sourced from stefanzweifel/git-auto-commit-action's releases.

v5.0.0

New major release that bumps the default runtime to Node 20. There are no other breaking changes.

Changed

Update node version to node20 (#300) @ryudaitakai

Add _log and _set_github_output functions (#273) @stefanzweifel

Fixed

Seems like there is an extra space (#288) @pedroamador

Fix git-auto-commit.yml (#277) @zcong1993

Dependency Updates

Bump actions/checkout from 3 to 4 (#302) @dependabot

Bump bats from 1.9.0 to 1.10.0 (#293) @dependabot

Bump github/super-linter from 4 to 5 (#289) @dependabot

Bump bats from 1.8.2 to 1.9.0 (#282) @dependabot

v4.16.0

Changed

Don't commit files when only LF/CRLF changes (#265) @ZeroRin

Update default email address of github-actions[bot] (#264) @Teko012

Fixed

Fix link and text for workflow limitation (#263) @Teko012

v4.15.4

Fixed

Let Action fail if git binary can't be located (#261) @stefanzweifel

Dependency Updates

Bump github/super-linter from 3 to 4 (#258) @dependabot

Bump bats from 1.7.0 to 1.8.2 (#259) @dependabot

Bump actions/checkout from 2 to 3 (#257) @dependabot

v4.15.3

Changed

Use deprecated set-output syntax if GITHUB_OUTPUT environment is not available (#255) @stefanzweifel

v4.15.2

Changed

Replace set-output usage with GITHUB_OUTPUT (#252) @amonshiz

... (truncated)

Changelog

Sourced from stefanzweifel/git-auto-commit-action's changelog.

v4.15.4 - 2022-11-05

Fixed

Let Action fail if git binary can't be located (#261) @stefanzweifel

Dependency Updates

Bump github/super-linter from 3 to 4 (#258) @dependabot

Bump bats from 1.7.0 to 1.8.2 (#259) @dependabot

Bump actions/checkout from 2 to 3 (#257) @dependabot

v4.15.3 - 2022-10-26

Changed

Use deprecated set-output syntax if GITHUB_OUTPUT environment is not available (#255) @stefanzweifel

v4.15.2 - 2022-10-22

Changed

Replace set-output usage with GITHUB_OUTPUT (#252) @amonshiz

v4.15.1 - 2022-10-10

Fixed

Run Action on Node16 (#247) @stefanzweifel

Commits

8756aa0 Update node version to node20 (#300)
17a44b0 Merge branch 'master' of github.com:stefanzweifel/git-auto-commit-action
43818d5 Fix Typo
1094465 Use actions/checkout v4 in examples
3d1b5e0 Bump actions/checkout from 3 to 4 (#302)
47a8ad5 Bump bats from 1.9.0 to 1.10.0 (#293)
77a7b3f Bump github/super-linter from 4 to 5 (#289)
9cc0a1f Seems like there is an extra space (#288)
0b5f8a5 Update Test
3a446b7 Merge branch 'master' of github.com:stefanzweifel/git-auto-commit-action
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the github-actions group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [actions/setup-node](https://github.com/actions/setup-node), [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) and [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action). Updates `actions/checkout` from 3 to 4 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...v4) Updates `actions/setup-node` from 3 to 4 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@v3...v4) Updates `docker/setup-qemu-action` from 1 to 3 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@v1...v3) Updates `stefanzweifel/git-auto-commit-action` from 4 to 5 - [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases) - [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md) - [Commits](stefanzweifel/git-auto-commit-action@v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: stefanzweifel/git-auto-commit-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot requested review from JoshuaWise and a team as code owners April 3, 2024 04:18

dependabot bot added the dependencies Pull requests that update a dependency file label Apr 3, 2024

JoshuaWise merged commit 0374765 into master Apr 3, 2024
14 checks passed

JoshuaWise deleted the dependabot/github_actions/github-actions-446bf660e2 branch April 3, 2024 04:58

cclauss mentioned this pull request Apr 3, 2024

Keep GitHub Actions up to date with GitHub's Dependabot #1165

Merged

Bad3r mentioned this pull request May 17, 2024

[Snyk] Upgrade better-sqlite3 from 9.3.0 to 9.6.0 Bad3r/Logseq#661

Open

BiraruYT mentioned this pull request May 17, 2024

[Snyk] Upgrade better-sqlite3 from 9.2.2 to 9.6.0 BiraruYT/LadiesAttireAPI#15

Open

Bad3r mentioned this pull request May 22, 2024

[Snyk] Upgrade better-sqlite3 from 9.3.0 to 9.6.0 Bad3r/Logseq#666

Open

BiraruYT mentioned this pull request May 24, 2024

[Snyk] Upgrade better-sqlite3 from 9.2.2 to 9.6.0 BiraruYT/LadiesAttireAPI#18

Open

Bad3r mentioned this pull request Jun 12, 2024

[Snyk] Upgrade better-sqlite3 from 9.3.0 to 9.6.0 Bad3r/Logseq#693

Open

hedera-eng-infrastructure mentioned this pull request Sep 4, 2024

[Snyk] Upgrade better-sqlite3 from 9.4.3 to 9.6.0 hashgraph/hedera-transaction-tool#876

Closed

Bad3r mentioned this pull request Sep 8, 2024

[Snyk] Upgrade: , , better-sqlite3, dugite, electron-dl, electron-log, electron-squirrel-startup, https-proxy-agent, node-fetch, open, posthog-js, semver, socks-proxy-agent Bad3r/Logseq#802

Open

BiraruYT mentioned this pull request Sep 8, 2024

[Snyk] Upgrade: argon2, better-sqlite3, clamscan, dompurify, express, express-rate-limit, express-session, image-size, jsdom BiraruYT/LadiesAttireAPI#27

Open

jeffmartson mentioned this pull request Sep 9, 2024

[Snyk] Upgrade better-sqlite3 from 9.0.0 to 9.6.0 jeffmartson/ormGPT#1

Open

Bad3r mentioned this pull request Sep 11, 2024

[Snyk] Upgrade: , , better-sqlite3, dugite, electron-dl, electron-log, electron-squirrel-startup, https-proxy-agent, node-fetch, open, posthog-js, semver, socks-proxy-agent Bad3r/Logseq#806

Open

BiraruYT mentioned this pull request Sep 22, 2024

[Snyk] Upgrade: argon2, better-sqlite3, clamscan, dompurify, express, express-rate-limit, express-session, image-size, jsdom BiraruYT/LadiesAttireAPI#30

Open

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the github-actions group with 4 updates #1167

Bump the github-actions group with 4 updates #1167

dependabot bot commented on behalf of github Apr 3, 2024

Bump the github-actions group with 4 updates #1167

Bump the github-actions group with 4 updates #1167

Conversation

dependabot bot commented on behalf of github Apr 3, 2024

v4.0.0

What's Changed

New Contributors

v3.6.0

What's Changed

New Contributors

v3.5.3

What's Changed

New Contributors

v3.5.2

What's Changed

v3.5.1

What's Changed

New Contributors

Changelog

v4.1.2

v4.1.1

v4.1.0

v4.0.0

v3.6.0

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.0

v3.3.0

v3.2.0

v4.0.0

What's Changed

New Contributors

v3.8.2

What's Changed

v3.8.1

What's Changed

v3.8.0

What's Changed

Bug fixes:

Feature implementations:

Documentation changes:

Update dependencies:

v3.0.0

v2.2.0

v2.1.0

v2.0.0

v1.2.0

v1.1.0

v1.0.2

v1.0.1

v5.0.0

Changed

Fixed

Dependency Updates

v4.16.0

Changed

Fixed

v4.15.4

Fixed

Dependency Updates

v4.15.3

Changed

v4.15.2

Changed

v4.15.4 - 2022-11-05

Fixed

Dependency Updates

v4.15.3 - 2022-10-26

Changed

v4.15.2 - 2022-10-22

Changed

v4.15.1 - 2022-10-10

Fixed