Bump the gha-deps group across 1 directory with 7 updates #274

dependabot · 2024-11-01T00:11:22Z

Bumps the gha-deps group with 7 updates in the / directory:

Package	From	To
actions/checkout	`4.1.7`	`4.2.2`
ruby/setup-ruby	`1.190.0`	`1.199.0`
actions/setup-python	`5.2.0`	`5.3.0`
crazy-max/ghaction-import-gpg	`6.1.0`	`6.2.0`
actions/setup-node	`4.0.3`	`4.1.0`
actions/upload-artifact	`4.4.0`	`4.4.3`
crazy-max/ghaction-github-labeler	`5.0.0`	`5.1.0`

Updates actions/checkout from 4.1.7 to 4.2.2

Release notes

Sourced from actions/checkout's releases.

v4.2.2

What's Changed

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

New Contributors

@Jcambass made their first contribution in actions/checkout#1919

Full Changelog: actions/checkout@v4.2.0...v4.2.1

v4.2.0

What's Changed

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependabot updates in actions/checkout#1777 & actions/checkout#1872

New Contributors

@yasonk made their first contribution in actions/checkout#1869

@lucacome made their first contribution in actions/checkout#1180

Full Changelog: actions/checkout@v4.1.7...v4.2.0

Changelog

Sourced from actions/checkout's changelog.

v4.2.2

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

v4.2.1

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

v4.2.0

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependency updates by @dependabot- actions/checkout#1777, actions/checkout#1872

Commits

11bd719 Prepare 4.2.2 Release (#1953)
e3d2460 Expand unit test coverage (#1946)
163217d url-helper.ts now leverages well-known environment variables. (#1941)
eef6144 Prepare 4.2.1 release (#1925)
6b42224 Add workflow file for publishing releases to immutable action package (#1919)
de5a000 Check out other refs/* by commit if provided, fall back to ref (#1924)
d632683 Prepare 4.2.0 release (#1878)
6d193bf Bump braces from 3.0.2 to 3.0.3 (#1777)
db0cee9 Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1872)
b684943 Add Ref and Commit outputs (#1180)
Additional commits viewable in compare view

Updates ruby/setup-ruby from 1.190.0 to 1.199.0

Release notes

Sourced from ruby/setup-ruby's releases.

v1.199.0

What's Changed

Update CRuby releases on Windows by @ruby-builder-bot in ruby/setup-ruby#664

Full Changelog: ruby/setup-ruby@v1.198.0...v1.199.0

v1.198.0

What's Changed

Add ruby-3.2.6 by @ruby-builder-bot in ruby/setup-ruby#663

Full Changelog: ruby/setup-ruby@v1.197.0...v1.198.0

v1.197.0

What's Changed

Add some details about using asan build. by @ioquatix in ruby/setup-ruby#654

Add truffleruby-24.1.1,truffleruby+graalvm-24.1.1 by @ruby-builder-bot in ruby/setup-ruby#657

Full Changelog: ruby/setup-ruby@v1.196.0...v1.197.0

v1.196.0

What's Changed

Add ruby-3.4.0-preview2 by @ruby-builder-bot in ruby/setup-ruby#655

Test the last 3.4 preview in CI by @eregon in ruby/setup-ruby#656

Full Changelog: ruby/setup-ruby@v1.195.0...v1.196.0

v1.195.0

What's Changed

README.md: Mention link to supported Ruby versions for GitHub-hosted runners by @stdedos in ruby/setup-ruby#651

Add ASAN CRuby build by @ioquatix in ruby/setup-ruby#653

New Contributors

@stdedos made their first contribution in ruby/setup-ruby#651

Full Changelog: ruby/setup-ruby@v1.194.0...v1.195.0

v1.194.0

Full Changelog: ruby/setup-ruby@v1.193.0...v1.194.0

v1.193.0

What's Changed

README.md - Windows - clarify installed packages, 2022 vs 2019 by @MSP-Greg in ruby/setup-ruby#642

Add truffleruby-24.1.0,truffleruby+graalvm-24.1.0 by @ruby-builder-bot in ruby/setup-ruby#643

Full Changelog: ruby/setup-ruby@v1.192.0...v1.193.0

... (truncated)

Commits

7d3497f Update CRuby releases on Windows
98aefb3 Add ruby-3.2.6
7bae1d0 Add truffleruby-24.1.1,truffleruby+graalvm-24.1.1
4d521ea Fix exclusion
1d9686e Mention the new ruby-asan under Supported Versions
bea2fb9 Add some details about using asan build.
f269373 Test the last 3.4 preview in CI
784fcda Add ruby-3.4.0-preview2
f6e0571 Update README.md
207a399 Move the link to the list together with other text about builds
Additional commits viewable in compare view

Updates actions/setup-python from 5.2.0 to 5.3.0

Release notes

Sourced from actions/setup-python's releases.

v5.3.0

What's Changed

Add workflow file for publishing releases to immutable action package by @Jcambass in actions/setup-python#941

Upgrade IA publish by @Jcambass in actions/setup-python#943

Bug Fixes:

Normalise Line Endings to Ensure Cross-Platform Consistency by @priya-kinthali in actions/setup-python#938

Revise isGhes logic by @jww3 in actions/setup-python#963

Bump pillow from 7.2 to 10.2.0 by @aparnajyothi-y in actions/setup-python#956

Enhancements:

Enhance workflows and documentation updates by @priya-kinthali in actions/setup-python#965

Bump default versions to latest by @jeffwidman in actions/setup-python#905

New Contributors

@Jcambass made their first contribution in actions/setup-python#941

@jww3 made their first contribution in actions/setup-python#963

Full Changelog: actions/setup-python@v5...v5.3.0

Commits

0b93645 Enhance workflows: Add macOS 13 support, upgrade publish-action, and update d...
9c76e71 Bump pillow from 7.2 to 10.2.0 in /tests/data (#956)
f4c5a11 Revise isGhes logic (#963)
19dfb7b Bump default versions to latest (#905)
e9675cc Merge pull request #943 from actions/Jcambass-patch-1
3226af6 Upgrade IA publish
70dcb22 Merge pull request #941 from actions/Jcambass-patch-1
65b48c7 Create publish-immutable-actions.yml
29a37be initial commit (#938)
See full diff in compare view

Updates crazy-max/ghaction-import-gpg from 6.1.0 to 6.2.0

Release notes

Sourced from crazy-max/ghaction-import-gpg's releases.

v6.2.0

Bump @actions/core from 1.10.1 to 1.11.1 in crazy-max/ghaction-import-gpg#209

Bump braces from 3.0.2 to 3.0.3 in crazy-max/ghaction-import-gpg#203

Bump ip from 2.0.0 to 2.0.1 in crazy-max/ghaction-import-gpg#196

Bump micromatch from 4.0.4 to 4.0.8 in crazy-max/ghaction-import-gpg#207

Bump openpgp from 5.11.0 to 5.11.2 in crazy-max/ghaction-import-gpg#205

Bump tar from 6.1.14 to 6.2.1 in crazy-max/ghaction-import-gpg#198

Full Changelog: crazy-max/ghaction-import-gpg@v6.1.0...v6.2.0

Commits

cb9bde2 Merge pull request #205 from crazy-max/dependabot/npm_and_yarn/openpgp-5.11.2
652ac61 chore: update generated content
0404dfd build(deps): bump openpgp from 5.11.0 to 5.11.2
63a9470 Merge pull request #209 from crazy-max/dependabot/npm_and_yarn/actions/core-1...
e3a6456 chore: update generated content
f0d6155 Merge pull request #207 from crazy-max/dependabot/npm_and_yarn/micromatch-4.0.8
8812250 build(deps): bump @actions/core from 1.10.1 to 1.11.1
35465df build(deps): bump micromatch from 4.0.4 to 4.0.8
ea88154 Merge pull request #204 from crazy-max/dependabot/github_actions/docker/bake-...
871d8a5 build(deps): bump docker/bake-action from 4 to 5
Additional commits viewable in compare view

Updates actions/setup-node from 4.0.3 to 4.1.0

Release notes

Sourced from actions/setup-node's releases.

v4.1.0

What's Changed

Resolve High Security Alerts by upgrading Dependencies by @aparnajyothi-y in actions/setup-node#1132

Upgrade IA Publish by @Jcambass in actions/setup-node#1134

Revise isGhes logic by @jww3 in actions/setup-node#1148

Add architecture to cache key by @pengx17 in actions/setup-node#843 This addresses issues with caching by adding the architecture (arch) to the cache key, ensuring that cache keys are accurate to prevent conflicts. Note: This change may break previous cache keys as they will no longer be compatible with the new format.

New Contributors

@jww3 made their first contribution in actions/setup-node#1148

@pengx17 made their first contribution in actions/setup-node#843

Full Changelog: actions/setup-node@v4...v4.1.0

v4.0.4

What's Changed

Add workflow file for publishing releases to immutable action package by @Jcambass in actions/setup-node#1125

Enhance Windows ARM64 Setup and Update micromatch Dependency by @priyagupta108 in actions/setup-node#1126

Documentation changes:

Documentation update in the README file by @suyashgaonkar in actions/setup-node#1106

Correct invalid 'lts' version string reference by @fulldecent in actions/setup-node#1124

New Contributors

@suyashgaonkar made their first contribution in actions/setup-node#1106

@priyagupta108 made their first contribution in actions/setup-node#1126

@Jcambass made their first contribution in actions/setup-node#1125

@fulldecent made their first contribution in actions/setup-node#1124

Full Changelog: actions/setup-node@v4...v4.0.4

Commits

39370e3 fix: add arch to cached path (#843)
abb238b Revise isGhes logic (#1148)
aca7b64 Merge pull request #1134 from actions/Jcambass-patch-1
88de2a3 Resolve High Security Alerts by upgrading Dependencies (#1132)
0a44ba7 Correct version string (#1124)
d6ebc7b Upgrade IA Publish
97ca147 Merge pull request #1125 from actions/add-is-release-workflow
aa363de Create publish-immutable-action.yml
1c7b2db Fix: windows arm64 setup (#1126)
26961cf Documentation update in the README file (#1106)
See full diff in compare view

Updates actions/upload-artifact from 4.4.0 to 4.4.3

Release notes

Sourced from actions/upload-artifact's releases.

v4.4.3

What's Changed

Undo indirect dependency updates from #627 by @joshmgross in actions/upload-artifact#632

Full Changelog: actions/upload-artifact@v4.4.2...v4.4.3

v4.4.2

What's Changed

Bump @actions/artifact to 2.1.11 by @robherley in actions/upload-artifact#627

Includes fix for relative symlinks not resolving properly

Full Changelog: actions/upload-artifact@v4.4.1...v4.4.2

v4.4.1

What's Changed

Add a section about hidden files by @joshmgross in actions/upload-artifact#607

Add workflow file for publishing releases to immutable action package by @Jcambass in actions/upload-artifact#621

Update @actions/artifact to latest version, includes symlink and timeout fixes by @robherley in actions/upload-artifact#625

New Contributors

@Jcambass made their first contribution in actions/upload-artifact#621

Full Changelog: actions/upload-artifact@v4.4.0...v4.4.1

Commits

b4b15b8 Merge pull request #632 from actions/joshmgross/undo-dependency-changes
92b01eb Undo indirect dependency updates from #627
8448086 Merge pull request #627 from actions/robherley/v4.4.2
b1d4642 add explicit relative and absolute symlinks to workflow
d50e660 bump version
aabe6f8 build with @actions/artifact v2.1.11
604373d Merge pull request #625 from actions/robherley/artifact-2.1.10
0150148 paste right core version
a009b25 update licenses
9f6f6f4 update @actions/core and @actions/artifact to latest versions
Additional commits viewable in compare view

Updates crazy-max/ghaction-github-labeler from 5.0.0 to 5.1.0

Release notes

Sourced from crazy-max/ghaction-github-labeler's releases.

v5.1.0

Sanitize the color field to allow using hex codes by @pjpires in crazy-max/ghaction-github-labeler#207

Fix intermediate values by @crazy-max in crazy-max/ghaction-github-labeler#218

Bump micromatch from 4.0.5 to 4.0.8 in crazy-max/ghaction-github-labeler#215

Bump @actions/core from 1.10.0 to 1.11.1 in crazy-max/ghaction-github-labeler#217

Bump @actions/github from 5.1.1 to 6.0.0 in crazy-max/ghaction-github-labeler#205

Bump @babel/traverse from 7.17.9 to 7.23.2 in crazy-max/ghaction-github-labeler#206

Bump braces from 3.0.2 to 3.0.3 in crazy-max/ghaction-github-labeler#212

Bump ip from 2.0.0 to 2.0.1 in crazy-max/ghaction-github-labeler#208

Bump debug from 4.1.1 to 4.3.4 in crazy-max/ghaction-github-labeler#204

Bump tar from 6.1.11 to 6.2.1 in crazy-max/ghaction-github-labeler#210

Full Changelog: crazy-max/ghaction-github-labeler@v5...v5.1.0

Commits

b54af0c Merge pull request #205 from crazy-max/dependabot/npm_and_yarn/actions/github...
b0fa869 chore: update generated content
6aa30ec Bump @actions/github from 5.1.1 to 6.0.0
ea3997f Merge pull request #217 from crazy-max/dependabot/npm_and_yarn/actions/core-1...
29171d6 chore: update generated content
b2f62da build(deps): bump @actions/core from 1.10.0 to 1.11.1
9d4405d Merge pull request #218 from crazy-max/fix-non-iterable
a69137f chore: update generated content
b3ff7bd fix intermediate values
77c39e1 fix missing js-yaml types
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the gha-deps group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.7` | `4.2.2` | | [ruby/setup-ruby](https://github.com/ruby/setup-ruby) | `1.190.0` | `1.199.0` | | [actions/setup-python](https://github.com/actions/setup-python) | `5.2.0` | `5.3.0` | | [crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg) | `6.1.0` | `6.2.0` | | [actions/setup-node](https://github.com/actions/setup-node) | `4.0.3` | `4.1.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.0` | `4.4.3` | | [crazy-max/ghaction-github-labeler](https://github.com/crazy-max/ghaction-github-labeler) | `5.0.0` | `5.1.0` | Updates `actions/checkout` from 4.1.7 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4.1.7...v4.2.2) Updates `ruby/setup-ruby` from 1.190.0 to 1.199.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](ruby/setup-ruby@a6e6f86...7d3497f) Updates `actions/setup-python` from 5.2.0 to 5.3.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v5.2.0...v5.3.0) Updates `crazy-max/ghaction-import-gpg` from 6.1.0 to 6.2.0 - [Release notes](https://github.com/crazy-max/ghaction-import-gpg/releases) - [Commits](crazy-max/ghaction-import-gpg@01dd5d3...cb9bde2) Updates `actions/setup-node` from 4.0.3 to 4.1.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@v4.0.3...v4.1.0) Updates `actions/upload-artifact` from 4.4.0 to 4.4.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4.4.0...v4.4.3) Updates `crazy-max/ghaction-github-labeler` from 5.0.0 to 5.1.0 - [Release notes](https://github.com/crazy-max/ghaction-github-labeler/releases) - [Commits](crazy-max/ghaction-github-labeler@de749cf...b54af0c) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha-deps - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha-deps - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha-deps - dependency-name: crazy-max/ghaction-import-gpg dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha-deps - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha-deps - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gha-deps - dependency-name: crazy-max/ghaction-github-labeler dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha-deps ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the A-deps Area: Source and library dependencies. label Nov 1, 2024

dependabot bot assigned lopopolo Nov 1, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the gha-deps group across 1 directory with 7 updates #274

Bump the gha-deps group across 1 directory with 7 updates #274

dependabot bot commented on behalf of github Nov 1, 2024

Bump the gha-deps group across 1 directory with 7 updates #274

Are you sure you want to change the base?

Bump the gha-deps group across 1 directory with 7 updates #274

Conversation

dependabot bot commented on behalf of github Nov 1, 2024

v4.2.2

What's Changed

v4.2.1

What's Changed

New Contributors

v4.2.0

What's Changed

New Contributors

v4.2.2

v4.2.1

v4.2.0

v1.199.0

What's Changed

v1.198.0

What's Changed

v1.197.0

What's Changed

v1.196.0

What's Changed

v1.195.0

What's Changed

New Contributors

v1.194.0

v1.193.0

What's Changed

v5.3.0

What's Changed

Bug Fixes:

Enhancements:

New Contributors

v6.2.0

v4.1.0

What's Changed

New Contributors

v4.0.4

What's Changed

Documentation changes:

New Contributors

v4.4.3

What's Changed

v4.4.2

What's Changed

v4.4.1

What's Changed

New Contributors

v5.1.0