Bump the ci-deps group with 5 updates #133

dependabot · 2024-09-09T14:24:59Z

Bumps the ci-deps group with 5 updates:

Package	From	To
peter-evans/create-pull-request	`5`	`7`
actions/cache	`3`	`4`
mathieudutour/github-tag-action	`6.1`	`6.2`
softprops/action-gh-release	`1`	`2`
microsoft/setup-msbuild	`1`	`2`

Updates peter-evans/create-pull-request from 5 to 7

Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v7.0.0

✨ Now supports commit signing with bot-generated tokens! See "What's new" below. ✍️🤖

Behaviour changes

Action input git-token has been renamed branch-token, to be more clear about its purpose. The branch-token is the token that the action will use to create and update the branch.

The action now handles requests that have been rate-limited by GitHub. Requests hitting a primary rate limit will retry twice, for a total of three attempts. Requests hitting a secondary rate limit will not be retried.

The pull-request-operation output now returns none when no operation was executed.

Removed deprecated output environment variable PULL_REQUEST_NUMBER. Please use the pull-request-number action output instead.

What's new

The action can now sign commits as github-actions[bot] when using GITHUB_TOKEN, or your own bot when using GitHub App tokens. See commit signing for details.

Action input draft now accepts a new value always-true. This will set the pull request to draft status when the pull request is updated, as well as on creation.

A new action input maintainer-can-modify indicates whether maintainers can modify the pull request. The default is true, which retains the existing behaviour of the action.

A new output pull-request-commits-verified returns true or false, indicating whether GitHub considers the signature of the branch's commits to be verified.

What's Changed

build(deps-dev): bump @types/node from 18.19.36 to 18.19.39 by @dependabot in peter-evans/create-pull-request#3000

build(deps-dev): bump ts-jest from 29.1.5 to 29.2.0 by @dependabot in peter-evans/create-pull-request#3008

build(deps-dev): bump prettier from 3.3.2 to 3.3.3 by @dependabot in peter-evans/create-pull-request#3018

build(deps-dev): bump ts-jest from 29.2.0 to 29.2.2 by @dependabot in peter-evans/create-pull-request#3019

build(deps-dev): bump eslint-plugin-prettier from 5.1.3 to 5.2.1 by @dependabot in peter-evans/create-pull-request#3035

build(deps-dev): bump @types/node from 18.19.39 to 18.19.41 by @dependabot in peter-evans/create-pull-request#3037

build(deps): bump undici from 6.19.2 to 6.19.4 by @dependabot in peter-evans/create-pull-request#3036

build(deps-dev): bump ts-jest from 29.2.2 to 29.2.3 by @dependabot in peter-evans/create-pull-request#3038

build(deps-dev): bump @types/node from 18.19.41 to 18.19.42 by @dependabot in peter-evans/create-pull-request#3070

build(deps): bump undici from 6.19.4 to 6.19.5 by @dependabot in peter-evans/create-pull-request#3086

build(deps-dev): bump @types/node from 18.19.42 to 18.19.43 by @dependabot in peter-evans/create-pull-request#3087

build(deps-dev): bump ts-jest from 29.2.3 to 29.2.4 by @dependabot in peter-evans/create-pull-request#3088

build(deps): bump undici from 6.19.5 to 6.19.7 by @dependabot in peter-evans/create-pull-request#3145

build(deps-dev): bump @types/node from 18.19.43 to 18.19.44 by @dependabot in peter-evans/create-pull-request#3144

Update distribution by @actions-bot in peter-evans/create-pull-request#3154

build(deps): bump undici from 6.19.7 to 6.19.8 by @dependabot in peter-evans/create-pull-request#3213

build(deps-dev): bump @types/node from 18.19.44 to 18.19.45 by @dependabot in peter-evans/create-pull-request#3214

Update distribution by @actions-bot in peter-evans/create-pull-request#3221

build(deps-dev): bump eslint-import-resolver-typescript from 3.6.1 to 3.6.3 by @dependabot in peter-evans/create-pull-request#3255

build(deps-dev): bump @types/node from 18.19.45 to 18.19.46 by @dependabot in peter-evans/create-pull-request#3254

build(deps-dev): bump ts-jest from 29.2.4 to 29.2.5 by @dependabot in peter-evans/create-pull-request#3256

v7 - signed commits by @peter-evans in peter-evans/create-pull-request#3057

New Contributors

@rustycl0ck made their first contribution in peter-evans/create-pull-request#3057

Full Changelog: peter-evans/create-pull-request@v6.1.0...v7.0.0

Create Pull Request v6.1.0

✨ Adds pull-request-branch as an action output.

What's Changed

... (truncated)

Commits

8867c4a fix: handle ambiguous argument failure on diff stat (#3312)
6073f54 build(deps-dev): bump @typescript-eslint/eslint-plugin (#3291)
6d01b56 build(deps-dev): bump eslint-plugin-import from 2.29.1 to 2.30.0 (#3290)
25cf845 build(deps-dev): bump @typescript-eslint/parser from 7.17.0 to 7.18.0 (#3289)
d87b980 build(deps-dev): bump @types/node from 18.19.46 to 18.19.48 (#3288)
119d131 build(deps): bump peter-evans/create-pull-request from 6 to 7 (#3283)
73e6230 docs: update readme
c0348e8 ci: add v7 to workflow
4320041 feat: signed commits (v7) (#3057)
0c2a66f build(deps-dev): bump ts-jest from 29.2.4 to 29.2.5 (#3256)
Additional commits viewable in compare view

Updates actions/cache from 3 to 4

Release notes

Sourced from actions/cache's releases.

v4.0.0

What's Changed

Update action to node20 by @takost in actions/cache#1284

feat: save-always flag by @to-s in actions/cache#1242

New Contributors

@takost made their first contribution in actions/cache#1284

@to-s made their first contribution in actions/cache#1242

Full Changelog: actions/cache@v3...v4.0.0

v3.3.3

What's Changed

Cache v3.3.3 by @robherley in actions/cache#1302

New Contributors

@robherley made their first contribution in actions/cache#1302

Full Changelog: actions/cache@v3...v3.3.3

v3.3.2

What's Changed

Fixed readme with new segment timeout values by @kotewar in actions/cache#1133

Readme fixes by @kotewar in actions/cache#1134

Updated description of the lookup-only input for main action by @kotewar in actions/cache#1130

Change two new actions mention as quoted text by @bishal-pdMSFT in actions/cache#1131

Update Cross-OS Caching tips by @pdotl in actions/cache#1122

Bazel example (Take #2️⃣) by @vorburger in actions/cache#1132

Remove actions to add new PRs and issues to a project board by @jorendorff in actions/cache#1187

Consume latest toolkit and fix dangling promise bug by @chkimes in actions/cache#1217

Bump action version to 3.3.2 by @bethanyj28 in actions/cache#1236

New Contributors

@vorburger made their first contribution in actions/cache#1132

@jorendorff made their first contribution in actions/cache#1187

@chkimes made their first contribution in actions/cache#1217

@bethanyj28 made their first contribution in actions/cache#1236

Full Changelog: actions/cache@v3...v3.3.2

v3.3.1

What's Changed

Reduced download segment size to 128 MB and timeout to 10 minutes by @kotewar in actions/cache#1129

Full Changelog: actions/cache@v3...v3.3.1

v3.3.0

What's Changed

Bug: Permission is missing in cache delete example by @kotokaze in actions/cache#1123

... (truncated)

Changelog

Sourced from actions/cache's changelog.

Releases

4.0.2

Fixed restore fail-on-cache-miss not working.

4.0.1

Updated isGhes check

4.0.0

Updated minimum runner version support from node 12 -> node 20

3.3.3

Updates @actions/cache to v3.2.3 to fix accidental mutated path arguments to getCacheVersion actions/toolkit#1378

Additional audit fixes of npm package(s)

3.3.2

Fixes bug with Azure SDK causing blob downloads to get stuck.

3.3.1

Reduced segment size to 128MB and segment timeout to 10 minutes to fail fast in case the cache download is stuck.

3.3.0

Added option to lookup cache without downloading it.

3.2.6

Fix zstd not being used after zstd version upgrade to 1.5.4 on hosted runners.

3.2.5

Added fix to prevent from setting MYSYS environment variable globally.

3.2.4

Added option to fail job on cache miss.

3.2.3

Support cross os caching on Windows as an opt-in feature.

Fix issue with symlink restoration on Windows for cross-os caches.

3.2.2

... (truncated)

Commits

0c45773 Merge pull request #1327 from cdce8p/fix-fail-on-cache-miss
8a55f83 Add test case for process exit
3884cac Bump version
e29dad3 Fix fail-on-cache-miss not working
ab5e6d0 Merge pull request #1341 from bethanyj28/main
89c7d86 licensed cache
d2c84da update @actions/cache
37e7d4e Merge pull request #1340 from actions/bethanyj28/update-publish-flow
a18323f add release action
a2ed59d Merge pull request #1305 from actions/yacaovsnc/update_examples
Additional commits viewable in compare view

Updates mathieudutour/github-tag-action from 6.1 to 6.2

Commits

a22cf08 check in prod dependencies
f36074f version 6.2
f40d7ee match latest tag regex (#171)
1bf7977 fix: add previous_version to action.yml (#183)
5a16d14 Bump tough-cookie from 4.0.0 to 4.1.3 (#184)
71c3689 Update README.md (#205)
a079ba4 Update Node version to 20 (#202)
86301c8 Revert "Use ${{github.token}} as default" (#167)
5bd9038 Bump minimatch from 3.0.4 to 3.1.2 (#162)
ac8cb38 getValidTags() should exclude tags that do not match the prefixRegex (#158)
Additional commits viewable in compare view

Updates softprops/action-gh-release from 1 to 2

Release notes

Sourced from softprops/action-gh-release's releases.

v2.0.0

update actions.yml declaration to node20 to address warnings

Changelog

Sourced from softprops/action-gh-release's changelog.

0.1.12

fix bug leading to empty strings subsituted for inputs users don't provide breaking api calls #144

Commits

c062e08 release 2.0.8
380635c chore(deps): bump @actions/github from 5.1.1 to 6.0.0 (#470)
20adb42 refactor: write jest config in ts (#485)
f808f15 chore(deps): bump glob from 10.4.2 to 11.0.0 (#477)
6145241 chore(deps): bump @octokit/plugin-throttling from 9.3.0 to 9.3.1 (#484)
4ac522d chore(deps): bump @types/node from 20.14.9 to 20.14.11 (#483)
25849b1 chore(deps): bump prettier from 2.8.0 to 3.3.3 (#480)
6206056 chore: update dependabot commit msg
39aadf1 chore: run frizbee actions .github/workflows/
6f3ab65 chore: update dist file
Additional commits viewable in compare view

Updates microsoft/setup-msbuild from 1 to 2

Release notes

Sourced from microsoft/setup-msbuild's releases.

v2

This is a major version bump with no functionality changes. The major version change is due to moving to node20 for the node version per the deprecation announcement for GitHub Actions (https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/). This change from node16 to node20 could cause breaking changes to other workflow actions steps (see #125) running and needing/leveraging expected functionality in node16 and thus as a safe boundary, changing the version here.

Full Changelog: microsoft/setup-msbuild@v1.3...v2

v1.3.3

This is a patch update that reverts the node16->node20 change which introduced unintended breaking changes for users of this action. The v1, v1.3 tags have been updated to this release as well.

Full Changelog: microsoft/setup-msbuild@v1.3.2...v1.3.3

v1.3.2

What's Changed

Update test.yml by @mosfet80 in microsoft/setup-msbuild#122

Update to node20 by @kawon7317 in microsoft/setup-msbuild#124

New Contributors

@mosfet80 made their first contribution in microsoft/setup-msbuild#122

@kawon7317 made their first contribution in microsoft/setup-msbuild#124

Full Changelog: microsoft/setup-msbuild@v1.3.1...v1.3.2

v1.3.1

What's Changed

Implement #109 adding action types file by @Vampire in microsoft/setup-msbuild#110

New Contributors

@Vampire made their first contribution in microsoft/setup-msbuild#110

Full Changelog: microsoft/setup-msbuild@v1.2...v1.3.1

v1.1.3 - Updating toolkit for output variables

Updates the GitHub Actions @actions/core toolkit to latest version to accommodate deprecated set-output calls.

v1.1.2 - Update to node16

This updates to using node16 per deprecation notice for GitHub Actions

v1.1.1

Adding msbuild-architecture to select specific architecture for host agents when running with Visual Studio 2022 (VS 17.0)

v1.0.3

This release adds the ability for another input to look for pre-release versions of Visual Studio by specifying vs-prerelease: true as an input.

v1.0.2 Release

Updates Actions core toolkit to fix vulnerability on environment/path variable setting.

v1.0.1 Release

Fixes some input parameters and resolving dependency updates.

Thanks @heaths for the contribution of fixes!

Commits

6fb0222 Address issue #125 releasing the node20 action as major version change
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the ci-deps group with 5 updates: | Package | From | To | | --- | --- | --- | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `5` | `7` | | [actions/cache](https://github.com/actions/cache) | `3` | `4` | | [mathieudutour/github-tag-action](https://github.com/mathieudutour/github-tag-action) | `6.1` | `6.2` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `1` | `2` | | [microsoft/setup-msbuild](https://github.com/microsoft/setup-msbuild) | `1` | `2` | Updates `peter-evans/create-pull-request` from 5 to 7 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@v5...v7) Updates `actions/cache` from 3 to 4 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@v3...v4) Updates `mathieudutour/github-tag-action` from 6.1 to 6.2 - [Release notes](https://github.com/mathieudutour/github-tag-action/releases) - [Commits](mathieudutour/github-tag-action@v6.1...v6.2) Updates `softprops/action-gh-release` from 1 to 2 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](softprops/action-gh-release@v1...v2) Updates `microsoft/setup-msbuild` from 1 to 2 - [Release notes](https://github.com/microsoft/setup-msbuild/releases) - [Changelog](https://github.com/microsoft/setup-msbuild/blob/main/building-release.md) - [Commits](microsoft/setup-msbuild@v1...v2) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci-deps - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci-deps - dependency-name: mathieudutour/github-tag-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-deps - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci-deps - dependency-name: microsoft/setup-msbuild dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci-deps ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the dependencies Pull requests that update a dependency file label Sep 9, 2024

dependabot bot mentioned this pull request Sep 9, 2024

Bump the ci-deps group with 5 updates #132

Closed

github-actions bot added the Build | Project System label Sep 9, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the ci-deps group with 5 updates #133

Bump the ci-deps group with 5 updates #133

dependabot bot commented on behalf of github Sep 9, 2024 •

edited

Loading

Bump the ci-deps group with 5 updates #133

Are you sure you want to change the base?

Bump the ci-deps group with 5 updates #133

Conversation

dependabot bot commented on behalf of github Sep 9, 2024 • edited Loading

Create Pull Request v7.0.0

Behaviour changes

What's new

What's Changed

New Contributors

Create Pull Request v6.1.0

What's Changed

v4.0.0

What's Changed

New Contributors

v3.3.3

What's Changed

New Contributors

v3.3.2

What's Changed

New Contributors

v3.3.1

What's Changed

v3.3.0

What's Changed

Releases

4.0.2

4.0.1

4.0.0

3.3.3

3.3.2

3.3.1

3.3.0

3.2.6

3.2.5

3.2.4

3.2.3

3.2.2

v2.0.0

0.1.12

v2

v1.3.3

v1.3.2

What's Changed

New Contributors

v1.3.1

What's Changed

New Contributors

v1.1.3 - Updating toolkit for output variables

v1.1.2 - Update to node16

v1.1.1

v1.0.3

v1.0.2 Release

v1.0.1 Release

dependabot bot commented on behalf of github Sep 9, 2024 •

edited

Loading