Bump the dependencies group with 7 updates #207

dependabot · 2024-04-08T10:38:49Z

Bumps the dependencies group with 7 updates:

Package	From	To
actions/checkout	`4.1.1`	`4.1.2`
actions/setup-python	`5.0.0`	`5.1.0`
docker/setup-buildx-action	`3.0.0`	`3.3.0`
docker/build-push-action	`5.1.0`	`5.3.0`
actions/add-to-project	`0.5.0`	`1.0.0`
actions/download-artifact	`4.1.2`	`4.1.4`
softprops/action-gh-release	`0.1.15`	`2.0.4`

Updates actions/checkout from 4.1.1 to 4.1.2

Release notes

Sourced from actions/checkout's releases.

v4.1.2

We are investigating the following issue with this release and have rolled-back the v4 tag to point to v4.1.1

sparse-checkout is not available on git versions prior to 2.27.0 (see actions/checkout#1651)

What's Changed

Fix: Disable sparse checkout whenever sparse-checkout option is not present @dscho in actions/checkout#1598

Bump tough-cookie from 4.0.0 to 4.1.3 by @dependabot in actions/checkout#1406

Bump @babel/traverse from 7.20.5 to 7.24.0 by @dependabot in actions/checkout#1642

New Contributors

@jww3 made their first contribution in actions/checkout#1616

Full Changelog: actions/checkout@v4.1.1...v4.1.2

Changelog

Sourced from actions/checkout's changelog.

v4.1.2

Fix: Disable sparse checkout whenever sparse-checkout option is not present @dscho in actions/checkout#1598

Commits

9bb5618 Prep for release of v4.1.2 (#1649)
8eb1f6a Bump @babel/traverse from 7.20.5 to 7.24.0 (#1642)
556e4c3 Bump tough-cookie from 4.0.0 to 4.1.3 (#1406)
b32f140 Warn on attempts to publish test-ubuntu-git from non-main branch. (#1623)
2650dbd Give test-ubuntu-git its own README (#1620)
aadec89 Explicitly disable sparse checkout unless asked for (#1598)
df0bcdd Refine workflow for generating test-ubuntu-git (#1617)
473055b Create test-ubuntu-git Docker Container for Proxy Tests (#1616)
See full diff in compare view

Updates actions/setup-python from 5.0.0 to 5.1.0

Release notes

Sourced from actions/setup-python's releases.

v5.1.0

What's Changed

Leveraging the raw API to retrieve the version-manifest, as it does not impose a rate limit and hence facilitates unrestricted consumption without the need for a token for Github Enterprise Servers by @Shegox in actions/setup-python#766.

Dependency updates by @dependabot and @HarithaVattikuti in actions/setup-python#817

Documentation changes for version in README by @basnijholt in actions/setup-python#776

Documentation changes for link in README by @ukd1 in actions/setup-python#793

Documentation changes for link in Advanced Usage by @Jamim in actions/setup-python#782

Documentation changes for avoiding rate limit issues on GHES by @priya-kinthali in actions/setup-python#835

New Contributors

@basnijholt made their first contribution in actions/setup-python#776

@ukd1 made their first contribution in actions/setup-python#793

@Jamim made their first contribution in actions/setup-python#782

@Shegox made their first contribution in actions/setup-python#766

@priya-kinthali made their first contribution in actions/setup-python#835

Full Changelog: actions/setup-python@v5.0.0...v5.1.0

Commits

82c7e63 Documentation changes for avoiding rate limit issues on GHES (#835)
10aa35a feat: fallback to raw endpoint for manifest when rate limit is reached (#766)
9a7ac94 Bump undici from 5.27.2 to 5.28.3 (#817)
871daa9 Fix the "Specifying multiple Python/PyPy versions" link (#782)
2f07895 Fix broken README.md link (#793)
e9d6f99 Replace setup-python@v4 by setup-python@v5 in README (#776)
See full diff in compare view

Updates docker/setup-buildx-action from 3.0.0 to 3.3.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v3.3.0

Bump @docker/actions-toolkit from 0.19.0 to 0.20.0 by @crazy-max in docker/setup-buildx-action#307

Full Changelog: docker/setup-buildx-action@v3.2.0...v3.3.0

v3.2.0

Rename and align config inputs by @crazy-max in docker/setup-buildx-action#303

config to buildkitd-config

config-inline to buildkitd-config-inline

Bump @docker/actions-toolkit from 0.17.0 to 0.19.0 in docker/setup-buildx-action#302 docker/setup-buildx-action#306

[!NOTE] config and config-inline input names are deprecated and will be removed in next major release.

Full Changelog: docker/setup-buildx-action@v3.1.0...v3.2.0

v3.1.0

cache-binary input to enable/disable caching binary to GHA cache backend by @crazy-max in docker/setup-buildx-action#300

build(deps): bump @babel/traverse from 7.17.3 to 7.23.2 in docker/setup-buildx-action#282

build(deps): bump @docker/actions-toolkit from 0.12.0 to 0.17.0 in docker/setup-buildx-action#281 docker/setup-buildx-action#284 docker/setup-buildx-action#299

build(deps): bump uuid from 9.0.0 to 9.0.1 in docker/setup-buildx-action#271

build(deps): bump undici from 5.26.3 to 5.28.3 in docker/setup-buildx-action#297

Full Changelog: docker/setup-buildx-action@v3.0.0...v3.1.0

Commits

d70bba7 Merge pull request #307 from crazy-max/bump-toolkit
7638634 chore: update generated content
c68420f bump @docker/actions-toolkit from 0.19.0 to 0.20.0
2b51285 Merge pull request #306 from docker/dependabot/npm_and_yarn/docker/actions-to...
0f00370 chore: update generated content
11c9683 build(deps): bump @docker/actions-toolkit from 0.18.0 to 0.19.0
56a16b8 Merge pull request #303 from crazy-max/fix-inputs
c23f46e chore: update generated content
f876da6 rename and align config inputs
b7cf918 Merge pull request #304 from crazy-max/rm-docs-dir
Additional commits viewable in compare view

Updates docker/build-push-action from 5.1.0 to 5.3.0

Release notes

Sourced from docker/build-push-action's releases.

v5.3.0

Bump @docker/actions-toolkit from 0.18.0 to 0.19.0 in docker/build-push-action#1080

Full Changelog: docker/build-push-action@v5.2.0...v5.3.0

v5.2.0

Disable quotes detection for outputs input by @crazy-max in docker/build-push-action#1074

Warn about ignored inputs by @favonia in docker/build-push-action#1019

Bump @docker/actions-toolkit from 0.14.0 to 0.18.0 in docker/build-push-action#1070

Bump undici from 5.26.3 to 5.28.3 in docker/build-push-action#1057

Full Changelog: docker/build-push-action@v5.1.0...v5.2.0

Commits

2cdde99 Merge pull request #1080 from docker/dependabot/npm_and_yarn/docker/actions-t...
008747a chore: update generated content
1580753 chore(deps): Bump @docker/actions-toolkit from 0.18.0 to 0.19.0
2a7db1d Merge pull request #1075 from crazy-max/ci-multi-output
35e7dd5 ci: test multi output
af5a7ed Merge pull request #1074 from crazy-max/build-cmd-debug
2a85189 chore: update generated content
6c20794 disable quotes detection for "outputs" input
afdf0c0 chore: debug build cmd and args
00ae31a Merge pull request #1070 from docker/dependabot/npm_and_yarn/docker/actions-t...
Additional commits viewable in compare view

Updates actions/add-to-project from 0.5.0 to 1.0.0

Release notes

Sourced from actions/add-to-project's releases.

v1.0.0

Summary

This release promotes actions/add-to-projects to a major version 1 and marks the public API stable.

What's Changed

build(deps-dev): bump eslint-plugin-github from 4.10.0 to 4.10.2 by @dependabot in actions/add-to-project#532

build(deps-dev): bump prettier from 3.0.3 to 3.2.5 by @dependabot in actions/add-to-project#531

build(deps-dev): bump @vercel/ncc from 0.38.0 to 0.38.1 by @dependabot in actions/add-to-project#530

build(deps-dev): bump ts-jest from 29.1.1 to 29.1.2 by @dependabot in actions/add-to-project#528

build(deps-dev): bump typescript from 5.4.2 to 5.4.3 by @dependabot in actions/add-to-project#533

build(deps-dev): bump @types/jest from 29.5.7 to 29.5.12 by @dependabot in actions/add-to-project#534

build(deps-dev): bump @typescript-eslint/parser from 6.9.1 to 7.3.1 by @dependabot in actions/add-to-project#529

build(deps-dev): bump @typescript-eslint/eslint-plugin from 7.0.1 to 7.4.0 by @dependabot in actions/add-to-project#536

build(deps-dev): bump @typescript-eslint/parser from 7.3.1 to 7.4.0 by @dependabot in actions/add-to-project#535

Full Changelog: actions/add-to-project@v0.6.1...v1.0.0

v0.6.1

What's Changed

build(deps-dev): bump eslint-plugin-prettier from 5.0.0 to 5.1.3 by @dependabot in actions/add-to-project#514

build(deps-dev): bump concurrently from 8.2.1 to 8.2.2 by @dependabot in actions/add-to-project#498

build(deps-dev): bump eslint from 8.49.0 to 8.57.0 by @dependabot in actions/add-to-project#520

build(deps): bump github/codeql-action from 2 to 3 by @dependabot in actions/add-to-project#507

build(deps): bump actions/upload-artifact from 3 to 4 by @dependabot in actions/add-to-project#508

Improve output of check-dist workflow by @camchenry in actions/add-to-project#521

build(deps): bump @actions/core from 1.10.0 to 1.10.1 by @dependabot in actions/add-to-project#470

build(deps): bump @actions/github from 5.1.1 to 6.0.0 by @dependabot in actions/add-to-project#500

build(deps): bump actions/setup-node from 3 to 4 by @dependabot in actions/add-to-project#493

Update readme and prepare release by @talune in actions/add-to-project#523

build(deps-dev): bump @types/node from 16.18.60 to 16.18.91 by @dependabot in actions/add-to-project#527

build(deps-dev): bump eslint-plugin-jest from 27.6.0 to 27.9.0 by @dependabot in actions/add-to-project#525

build(deps-dev): bump @typescript-eslint/eslint-plugin from 6.7.0 to 7.0.0 by @dependabot in actions/add-to-project#524

build(deps-dev): bump typescript from 5.2.2 to 5.4.2 by @dependabot in actions/add-to-project#526

New Contributors

@camchenry made their first contribution in actions/add-to-project#521

@talune made their first contribution in actions/add-to-project#523

Full Changelog: actions/add-to-project@v0.6.0...v0.6.1

v0.6.0

What's Changed

build(deps-dev): bump @typescript-eslint/parser from 5.57.0 to 5.57.1 by @dependabot in actions/add-to-project#357

build(deps-dev): bump eslint from 8.37.0 to 8.38.0 by @dependabot in actions/add-to-project#359

build(deps-dev): bump @typescript-eslint/parser from 5.57.1 to 5.58.0 by @dependabot in actions/add-to-project#360

build(deps-dev): bump @typescript-eslint/parser from 5.58.0 to 5.59.0 by @dependabot in actions/add-to-project#362

build(deps-dev): bump @types/node from 16.18.23 to 16.18.24 by @dependabot in actions/add-to-project#363

build(deps-dev): bump eslint from 8.38.0 to 8.39.0 by @dependabot in actions/add-to-project#365

... (truncated)

Commits

2e5cc85 Merge pull request #535 from actions/dependabot/npm_and_yarn/typescript-eslin...
3dab52e build(deps-dev): bump @typescript-eslint/parser from 7.3.1 to 7.4.0
bc7f197 Merge pull request #536 from actions/dependabot/npm_and_yarn/typescript-eslin...
8b0d068 build(deps-dev): bump @typescript-eslint/eslint-plugin
fd6d5b1 Merge pull request #529 from actions/dependabot/npm_and_yarn/typescript-eslin...
5fac5b5 Bump peer dependency: @typescript-eslint/eslint-plugin
2273688 build(deps-dev): bump @typescript-eslint/parser from 6.9.1 to 7.3.1
e5062c6 Merge pull request #534 from actions/dependabot/npm_and_yarn/types/jest-29.5.12
72eee96 build(deps-dev): bump @types/jest from 29.5.7 to 29.5.12
b4dd92f Merge pull request #533 from actions/dependabot/npm_and_yarn/typescript-5.4.3
Additional commits viewable in compare view

Updates actions/download-artifact from 4.1.2 to 4.1.4

Release notes

Sourced from actions/download-artifact's releases.

v4.1.4

What's Changed

Update @actions/artifact by @bethanyj28 in actions/download-artifact#307

Full Changelog: actions/download-artifact@v4...v4.1.4

v4.1.3

What's Changed

Update release-new-action-version.yml by @konradpabjan in actions/download-artifact#292

Update toolkit dependency with updated unzip logic by @bethanyj28 in actions/download-artifact#299

Update @actions/artifact by @bethanyj28 in actions/download-artifact#303

New Contributors

@bethanyj28 made their first contribution in actions/download-artifact#299

Full Changelog: actions/download-artifact@v4...v4.1.3

Commits

c850b93 Merge pull request #307 from bethanyj28/main
6fd111f update @actions/artifact
87c5514 Merge pull request #303 from bethanyj28/main
47f9ce6 update @actions/artifact
127824d Merge pull request #299 from bethanyj28/main
6dd49bf licensed only artifact
f71c0e3 Revert "licensed"
7c63dfd licensed
67d37cd Update toolkit
3487549 Update release-new-action-version.yml (#292)
See full diff in compare view

Updates softprops/action-gh-release from 0.1.15 to 2.0.4

Release notes

Sourced from softprops/action-gh-release's releases.

v2.0.4

Minor follow up to #417. #425

v2.0.2

Revisit approach to #384 making unresolved pattern failures opt-in #417

v2.0.1

Add support for make_latest property softprops/action-gh-release#304 via @samueljseay

Fail run if files setting contains invalid patterns softprops/action-gh-release#384 via @rpdelaney

Add support for proxy env variables (don't use node-fetch) softprops/action-gh-release#386 via @timor-raiman

Suppress confusing warning when input_files is empty softprops/action-gh-release#389 via @Drowze

v2.0.0

update actions.yml declaration to node20 to address warnings

Changelog

Sourced from softprops/action-gh-release's changelog.

2.0.4

Minor follow up to #417. #425

2.0.3

Declare make_latest as an input field in action.yml #419

2.0.2

Revisit approach to #384 making unresolved pattern failures opt-in #417

2.0.1

Add support for make_latest property #304 via @samueljseay

Fail run if files setting contains invalid patterns #384 via @rpdelaney

Add support for proxy env variables (don't use node-fetch) #386 via @timor-raiman

Suppress confusing warning when input_files is empty #389 via @Drowze

2.0.0

2.0.0!? this release corrects a disjunction between git tag versions used in the marketplace and versions list this file. Previous versions should have really been 1.*. Going forward this should be better aligned.

Upgrade action.yml declaration to node20 to address deprecations

Commits

9d7c94c build
6ffed59 followup to #417 (#425)
1ce812a package script for updating git tag
3198ee1 prep release
7ee8e06 declare an update docs for make_latest input (#419)
d99959e prep release
0e39c67 make pattern error opt in (#417)
20e085c kick off 2.0.1 release
9f5c4d3 update changelog
0bea76b Add support for make_latest property (#304)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group with 7 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.1` | `4.1.2` | | [actions/setup-python](https://github.com/actions/setup-python) | `5.0.0` | `5.1.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.0.0` | `3.3.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `5.1.0` | `5.3.0` | | [actions/add-to-project](https://github.com/actions/add-to-project) | `0.5.0` | `1.0.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4.1.2` | `4.1.4` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `0.1.15` | `2.0.4` | Updates `actions/checkout` from 4.1.1 to 4.1.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4.1.1...v4.1.2) Updates `actions/setup-python` from 5.0.0 to 5.1.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v5.0.0...v5.1.0) Updates `docker/setup-buildx-action` from 3.0.0 to 3.3.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v3.0.0...v3.3.0) Updates `docker/build-push-action` from 5.1.0 to 5.3.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@v5.1.0...v5.3.0) Updates `actions/add-to-project` from 0.5.0 to 1.0.0 - [Release notes](https://github.com/actions/add-to-project/releases) - [Commits](actions/add-to-project@v0.5.0...v1.0.0) Updates `actions/download-artifact` from 4.1.2 to 4.1.4 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v4.1.2...v4.1.4) Updates `softprops/action-gh-release` from 0.1.15 to 2.0.4 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](softprops/action-gh-release@v0.1.15...v2.0.4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: actions/add-to-project dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2024-04-15T10:41:54Z

Superseded by #210.

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 8, 2024

dependabot bot mentioned this pull request Apr 8, 2024

Bump the dependencies group with 7 updates #205

Closed

dependabot bot temporarily deployed to integration-tests April 8, 2024 10:38 Inactive

dependabot bot had a problem deploying to integration-tests April 8, 2024 10:39 Failure

dependabot bot closed this Apr 15, 2024

dependabot bot deleted the dependabot/github_actions/dependencies-1316000771 branch April 15, 2024 10:41

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the dependencies group with 7 updates #207

Bump the dependencies group with 7 updates #207

dependabot bot commented on behalf of github Apr 8, 2024 •

edited

Loading

dependabot bot commented on behalf of github Apr 15, 2024

Bump the dependencies group with 7 updates #207

Bump the dependencies group with 7 updates #207

Conversation

dependabot bot commented on behalf of github Apr 8, 2024 • edited Loading

v4.1.2

What's Changed

New Contributors

v4.1.2

v5.1.0

What's Changed

New Contributors

v3.3.0

v3.2.0

v3.1.0

v5.3.0

v5.2.0

v1.0.0

Summary

What's Changed

v0.6.1

What's Changed

New Contributors

v0.6.0

What's Changed

v4.1.4

What's Changed

v4.1.3

What's Changed

New Contributors

v2.0.4

v2.0.2

v2.0.1

v2.0.0

2.0.4

2.0.3

2.0.2

2.0.1

2.0.0

dependabot bot commented on behalf of github Apr 15, 2024

dependabot bot commented on behalf of github Apr 8, 2024 •

edited

Loading