Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update paambaati/codeclimate-action action to v8 - autoclosed #409

Closed
wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jun 17, 2024

Mend Renovate

This PR contains the following updates:

Package Type Update Change OpenSSF
paambaati/codeclimate-action action major v6.0.0 -> v8.0.0 OpenSSF Scorecard

Release Notes

paambaati/codeclimate-action (paambaati/codeclimate-action)

v8.0.0

Compare Source

⚠ BREAKING CHANGES
  • declare new environment verification option in action.yml
  • new environment verification flag
  • new environment verification flag
  • migrate everything to ESM-only
  • upgrade module to ESM
  • ci: this doesn't change the functionality of the core action, but it does change how releases are made in the future.
  • Trying to make semantic-release push a new release
  • this should ideally get published as v5
  • this should ideally get published as v5
  • core: Support Windows, now that CodeClimate has released a Windows binary of the reporter – see codeclimate.com/changelog/7dd79ee1cf1af7141b2bd18b
  • core: Support Windows, now that CodeClimate has released a Windows binary of the reporter
  • ci: semantic-release and its process is fundamentally broken when the repo moved from master to main for its main branch. This is an attempt to try to unfuck the git log/ref notes
core
Features
  • ci: replace semantic-release with Google's release-please. (854ea46)
  • core/internal: migrate to Japa as test runner. (c909795)
  • core: cleanup downloaded artifacts (f331896), closes #​639
  • core: migrate everything to ESM-only (6e2b10b)
  • core: support fork PRs. (70a75ac), closes #​627
  • core: Support Windows (f0efca8)
  • core: Support Windows (9787ba6)
  • migrate everything to ESM-only (fed36ec)
  • new environment verification flag (fa81470)
  • new environment verification flag (6007e34)
  • run action using Node.js 20.x (859e71d)
  • run action using Node.js 20.x (096c232)
  • run action using Node.js 20.x (7642145)
  • run action using Node.js 20.x (f01d194)
  • run action using Node.js 20.x (a5d0e4f)
  • run action using Node.js 20.x (052f893)
  • upgrade module to ESM (797e381)
  • utils: refactor coverage config line parser into own util (e03d453)
Bug Fixes
  • ci: better version tagging (e7ede07)
  • ci: checkout EVERYTHING so semantic-release has all the data it could need (a16dca5)
  • ci: debug outputs (11ed927)
  • ci: do not cancel all matrix builds for one (1471593)
  • ci: fix invalid YAML (8f95f43)
  • ci: fix the tag detection logic for new releases (f787a56)
  • ci: rebuild and republish to use new branch and workflows (0c99fb3)
  • ci: release broken release process (746f1d2)
  • ci: republish so latest changes get applied (8f00eaa)
  • ci: republish so latest changes get applied (fa71c1f)
  • ci: set up correct (?) condition to trigger publish (3e9c9ce)
  • ci: set up correct regex that replaces the 'v' prefixes for tags (b3bcc0e)
  • ci: try once again to publish new version (bcd27f6)
  • ci: use Node 22.x so the import loader will work as expected (d56acf0)
  • ci: use the un-broken latest version of the workflow (0fe0643)
  • ci: validate empty new release version (2b9684a)
  • core: handle globs correctly in windows (54ac87c)
  • core: parse coverage path correctly on all platforms (923001d)
  • core: support ARM 64-bit environments (ea13673)
  • core: support ARM 64-bit environments (ea13673)
  • core: support ARM 64-bit environments (99e22b3)
  • create hash from windows (077e614)
  • declare new environment verification option in action.yml (3d46dc1)
  • deps: add missing dev-only dep to unblock typescript build (9e22dcb)
  • fix up last of the TS errors from tap API change (d99b041)
  • go back to tap because japa doesn't seem active (19034a0)
  • incorrect references to __dirname (cb821ab)
  • keep windows-style line endings for .bat files (67549ff)
  • make sure the action can actually run as ESM (fd0ae9c)
  • revert 47793be (e512c4b)
  • set up gitattributes to stop the line ending fuckery (4246a36)
  • set up gitattributes to stop the line ending fuckery (9181fd8)
  • tests: add back missing import (9eb6690)
  • tests: additional windows-style test fixes (def6f6d)
  • tests: fix tests for Windows (18e310b)
  • tests: fix the Windows path (6e02942)
  • tests: make sure the special variable in script are quoted to make string comparison work (c796f65)
  • tests: mock checksum verification too (2befa84)
  • tests: more windows-specific test fixes (de37362)
  • tests: more windows-specific test fixes (e44e0a3)
  • tests: more windows-specific test fixes (0b2f6f8)
  • tests: more windows-specific test fixes (9a9184a)
  • tests: more windows-specific test fixes (1c1a7eb)
  • tests: more windows-specific test fixes (8d2edab)
  • tests: more windows-specific test fixes (e05d58f)
  • tests: more windows-specific tests (e9e87cc)
  • tests: more windows-specific tests (13ff2e3)
  • tests: more windows-specific tests (80aa61e)
  • tests: more windows-specific tests (498dee1)
  • tests: more windows-specific tests (f4dff2a)
  • tests: more windows-specific tests (4b48851)
  • tests: OS-agnostic line separators for all strings (2fc4cc3)
  • tests: remove windows-only test and start writing os-independent logic (29cbd91)
  • tests: run checksum verification pre-checks only for fixtures on their own target platforms (4dc408b)
  • tests: set up correct file mode on Windows (4edff7e)
  • tests: set up Windows fixtures (c29289f)
  • tests: skip integration tests on unsupported platforms (00e5b40)
  • tests: try correcting extra spaces in checksum files generated on Windows (edc5e97)
  • test: try fixing tests on Windows (maybe) (47793be)
  • test: use the @​tapjs/tsx import loader to fix TS issues (295386a)
  • try LF-only line endings for all files (e2c94ee)
  • upgrade tap to fix the plugin issues (f97429e)
  • util: follow redirects in fetch (a258bd9)
Miscellaneous Chores

v7.0.0

Compare Source

⚠ BREAKING CHANGES
  • new environment verification flag
  • new environment verification flag
  • migrate everything to ESM-only
  • upgrade module to ESM
  • ci: this doesn't change the functionality of the core action, but it does change how releases are made in the future.
  • Trying to make semantic-release push a new release
  • this should ideally get published as v5
  • this should ideally get published as v5
  • core: Support Windows, now that CodeClimate has released a Windows binary of the reporter – see codeclimate.com/changelog/7dd79ee1cf1af7141b2bd18b
  • core: Support Windows, now that CodeClimate has released a Windows binary of the reporter
  • ci: semantic-release and its process is fundamentally broken when the repo moved from master to main for its main branch. This is an attempt to try to unfuck the git log/ref notes
core
Features
  • ci: replace semantic-release with Google's release-please. (854ea46)
  • core/internal: migrate to Japa as test runner. (c909795)
  • core: cleanup downloaded artifacts (f331896), closes #​639
  • core: migrate everything to ESM-only (6e2b10b)
  • core: support fork PRs. (70a75ac), closes #​627
  • core: Support Windows (f0efca8)
  • core: Support Windows (9787ba6)
  • migrate everything to ESM-only (fed36ec)
  • new environment verification flag (fa81470)
  • new environment verification flag (6007e34)
  • run action using Node.js 20.x (859e71d)
  • run action using Node.js 20.x (096c232)
  • run action using Node.js 20.x (7642145)
  • run action using Node.js 20.x (f01d194)
  • run action using Node.js 20.x (a5d0e4f)
  • run action using Node.js 20.x (052f893)
  • upgrade module to ESM (797e381)
  • utils: refactor coverage config line parser into own util (e03d453)
Bug Fixes
  • ci: better version tagging (e7ede07)
  • ci: checkout EVERYTHING so semantic-release has all the data it could need (a16dca5)
  • ci: debug outputs (11ed927)
  • ci: do not cancel all matrix builds for one (1471593)
  • ci: fix invalid YAML (8f95f43)
  • ci: fix the tag detection logic for new releases (f787a56)
  • ci: rebuild and republish to use new branch and workflows (0c99fb3)
  • ci: release broken release process (746f1d2)
  • ci: republish so latest changes get applied (8f00eaa)
  • ci: republish so latest changes get applied (fa71c1f)
  • ci: set up correct (?) condition to trigger publish (3e9c9ce)
  • ci: set up correct regex that replaces the 'v' prefixes for tags (b3bcc0e)
  • ci: try once again to publish new version (bcd27f6)
  • ci: use Node 22.x so the import loader will work as expected (d56acf0)
  • ci: use the un-broken latest version of the workflow (0fe0643)
  • ci: validate empty new release version (2b9684a)
  • core: handle globs correctly in windows (54ac87c)
  • core: parse coverage path correctly on all platforms (923001d)
  • core: support ARM 64-bit environments (ea13673)
  • core: support ARM 64-bit environments (ea13673)
  • core: support ARM 64-bit environments (99e22b3)
  • create hash from windows (077e614)
  • deps: add missing dev-only dep to unblock typescript build (9e22dcb)
  • fix up last of the TS errors from tap API change (d99b041)
  • go back to tap because japa doesn't seem active (19034a0)
  • incorrect references to __dirname (cb821ab)
  • keep windows-style line endings for .bat files (67549ff)
  • revert 47793be (e512c4b)
  • set up gitattributes to stop the line ending fuckery (4246a36)
  • set up gitattributes to stop the line ending fuckery (9181fd8)
  • tests: add back missing import (9eb6690)
  • tests: additional windows-style test fixes (def6f6d)
  • tests: fix tests for Windows (18e310b)
  • tests: fix the Windows path (6e02942)
  • tests: make sure the special variable in script are quoted to make string comparison work (c796f65)
  • tests: mock checksum verification too (2befa84)
  • tests: more windows-specific test fixes (de37362)
  • tests: more windows-specific test fixes (e44e0a3)
  • tests: more windows-specific test fixes (0b2f6f8)
  • tests: more windows-specific test fixes (9a9184a)
  • tests: more windows-specific test fixes (1c1a7eb)
  • tests: more windows-specific test fixes (8d2edab)
  • tests: more windows-specific test fixes (e05d58f)
  • tests: more windows-specific tests (e9e87cc)
  • tests: more windows-specific tests (13ff2e3)
  • tests: more windows-specific tests (80aa61e)
  • tests: more windows-specific tests (498dee1)
  • tests: more windows-specific tests (f4dff2a)
  • tests: more windows-specific tests (4b48851)
  • tests: OS-agnostic line separators for all strings (2fc4cc3)
  • tests: remove windows-only test and start writing os-independent logic (29cbd91)
  • tests: run checksum verification pre-checks only for fixtures on their own target platforms (4dc408b)
  • tests: set up correct file mode on Windows (4edff7e)
  • tests: set up Windows fixtures (c29289f)
  • tests: skip integration tests on unsupported platforms (00e5b40)
  • tests: try correcting extra spaces in checksum files generated on Windows (edc5e97)
  • test: try fixing tests on Windows (maybe) (47793be)
  • test: use the @​tapjs/tsx import loader to fix TS issues (295386a)
  • try LF-only line endings for all files (e2c94ee)
  • upgrade tap to fix the plugin issues (f97429e)
  • util: follow redirects in fetch (a258bd9)
Miscellaneous Chores

Configuration

📅 Schedule: Branch creation - "before 4am on Monday" in timezone Europe/Berlin, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Jun 17, 2024
@renovate renovate bot requested a review from mimmi20 as a code owner June 17, 2024 00:04
Copy link

github-actions bot commented Jun 17, 2024

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
actions/paambaati/codeclimate-action 8.0.0 🟢 4.4
Details
CheckScoreReason
Code-Review⚠️ 0Found 0/8 approved changesets -- score normalized to 0
Maintained🟢 1030 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Signed-Releases⚠️ -1no releases found
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 100 existing vulnerabilities detected
actions/paambaati/codeclimate-action 6.0.0 🟢 4.4
Details
CheckScoreReason
Code-Review⚠️ 0Found 0/8 approved changesets -- score normalized to 0
Maintained🟢 1030 commit(s) and 4 issue activity found in the last 90 days -- score normalized to 10
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Binary-Artifacts🟢 10no binaries found in the repo
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Branch-Protection⚠️ 0branch protection not enabled on development/release branches
Signed-Releases⚠️ -1no releases found
Fuzzing⚠️ 0project is not fuzzed
Security-Policy⚠️ 0security policy file not detected
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
Vulnerabilities🟢 100 existing vulnerabilities detected

Scanned Manifest Files

.github/workflows/continuous-integration.yml
  • paambaati/codeclimate-action@8.0.0
  • paambaati/codeclimate-action@6.0.0

@coveralls
Copy link

coveralls commented Jun 17, 2024

Pull Request Test Coverage Report for Build 9539841863

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 100.0%

Totals Coverage Status
Change from base Build 9460767054: 0.0%
Covered Lines: 25
Relevant Lines: 25

💛 - Coveralls

| datasource  | package                      | from   | to     |
| ----------- | ---------------------------- | ------ | ------ |
| github-tags | paambaati/codeclimate-action | v6.0.0 | v8.0.0 |


Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
@renovate renovate bot force-pushed the renovate/paambaati-codeclimate-action-8.x branch from c989f92 to cf073f3 Compare June 17, 2024 19:31
Copy link

codeclimate bot commented Jun 17, 2024

Code Climate has analyzed commit cf073f3 and detected 0 issues on this pull request.

The test coverage on the diff in this pull request is 100.0% (50% is the threshold).

This pull request will bring the total coverage in the repository to 100.0% (0.0% change).

View more on Code Climate.

@coveralls
Copy link

coveralls commented Jun 17, 2024

Pull Request Test Coverage Report for Build 9553623741

Details

  • 0 of 0 changed or added relevant lines in 0 files are covered.
  • No unchanged relevant lines lost coverage.
  • Overall coverage remained the same at 100.0%

Totals Coverage Status
Change from base Build 9553612777: 0.0%
Covered Lines: 25
Relevant Lines: 25

💛 - Coveralls

@renovate renovate bot changed the title Update paambaati/codeclimate-action action to v8 Update paambaati/codeclimate-action action to v8 - autoclosed Jun 17, 2024
@renovate renovate bot closed this Jun 17, 2024
@renovate renovate bot deleted the renovate/paambaati-codeclimate-action-8.x branch June 17, 2024 19:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants