Build: Bump DoozyX/clang-format-lint-action from 0.12 to 0.14 #2797
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
dependabot
bot
added
the
dependencies
Bumps [DoozyX/clang-format-lint-action](https://github.com/DoozyX/clang-format-lint-action) from 0.12 to 0.14. - [Release notes](https://github.com/DoozyX/clang-format-lint-action/releases) - [Commits](DoozyX/clang-format-lint-action@2a28e3a...2ec1a72) --- updated-dependencies: - dependency-name: DoozyX/clang-format-lint-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/github_actions/DoozyX/clang-format-lint-action-0.14
branch
from
57f2eee to
f44ee78
Compare
|
sha256: 2ef28bf5cc182013c507d16663d3a9198704b3364cf603bbe7def83a2f98fcb9 clang-format11.0.0 193523f36f38a28d00509fa62782ae5cb54f4cff6059279ef9874f0d9dd6ab88 clang-format11.1.0 1944fee695bbad32f2a8807b2334209f0fa762ca9c5f015fe50b63d251b9939d clang-format12.0.0 78ef2a4362079abf19712cd6875661cc38b1d036ce0a45174e147eee6859914f clang-format12.0.1 591e640090bd5a9ec8ff9f36c5bc3f6328b1d279dc32b9d6b62771d5d895637f clang-format13.0.0 9019f7d4903d790e6da6ebf3dcf633dc45b6588fcd81f843afc67fda5c018391 clang-format14.0.0 |
|
Ok. The hashes DO NOT match with the official downloads from https://github.com/llvm/llvm-project/releases/tag/llvmorg-13.0.0 for both 64bit Ubuntu builds. They might be from somewhere else or self compiled. |
|
Ok. Some seem to be from https://github.com/muttleyxd/clang-tools-static-binaries The question is: How critical is this? |
There was a problem hiding this comment.
The question is: How critical is this [binaries from third-party repo]?
As the Github action runs with minimal permissions (repository read access, similar to what an anonymous user can do) and is not exposed to secrets, the only risk would be binaries which do not work as expected (i.e. which would let badly formatted code pass). Therefore, I don't think it is critical.
dependabot
bot
deleted the
dependabot/github_actions/DoozyX/clang-format-lint-action-0.14
branch
hoffie
changed the title
Bumps DoozyX/clang-format-lint-action from 0.12 to 0.14.
Release notes
Sourced from DoozyX/clang-format-lint-action's releases.
Commits
2ec1a72Merge pull request #38 from JohannesLorenz/fix-README-ignore-file39915eeMerge pull request #41 from bernhardmgruber/format141164c7dadd clang-format-14764c4afREADME: Fix example of ignore files9ea7263Update version51cea91Add clang 11.1 and 13 versionsc9af5a6Ignore .idea283cc8bMerge pull request #36 from bernhardmgruber/format12.0.13c25510support clang-format 12.0.1Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)