Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.2.1 to 3.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/setup-go/releases">actions/setup-go's releases</a>.</em></p>
<blockquote>
<h2>Support architecture input and fix Expand-Archive issue</h2>
<p>This release introduces support for architecture input for <code>setup-go</code> action <a href="https://github-redirect.dependabot.com/actions/setup-go/issues/253">#253</a>. It also adds support for arm32 architecture for self-hosted runners. If architecture is not provided action will use default runner architecture.
Example of usage:</p>
<pre lang="yaml"><code>steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: '1.16'
architecture: arm
</code></pre>
<p>This release also provides fix for issue <a href="https://github-redirect.dependabot.com/actions/setup-go/issues/241">#241</a>. <a href="https://github-redirect.dependabot.com/actions/setup-go/issues/250">#250</a> adds support for using explicit filename for Windows which is necessary to satisfy Expand-Archive's requirement on .zip extension.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="268d8c0ca0"><code>268d8c0</code></a> Add support for arm32 go arch (<a href="https://github-redirect.dependabot.com/actions/setup-go/issues/253">#253</a>)</li>
<li><a href="f279813975"><code>f279813</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/setup-go/issues/250">#250</a> from jromero/feature/windows-download-filename</li>
<li><a href="1022489cb7"><code>1022489</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/setup-go/issues/249">#249</a> from e-korolevskii/main</li>
<li><a href="e0dce94eb0"><code>e0dce94</code></a> Use explicit filename when downloading Windows go package</li>
<li><a href="dab57c7c68"><code>dab57c7</code></a> update docs</li>
<li><a href="f2e56d8191"><code>f2e56d8</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/setup-go/issues/246">#246</a> from e-korolevskii/Update-contributors-guide</li>
<li><a href="edd0aca6b1"><code>edd0aca</code></a> update tests path</li>
<li><a href="f3e3b7c2f2"><code>f3e3b7c</code></a> Update docs/contributors.md</li>
<li><a href="4a0c081511"><code>4a0c081</code></a> Update docs/contributors.md</li>
<li><a href="185e7f2f01"><code>185e7f2</code></a> Update docs/contributors.md</li>
<li>Additional commits viewable in <a href="84cbf80943...268d8c0ca0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps actions/cache from 3.0.7 to 3.0.8.
Release notes
Sourced from actions/cache's releases.
v3.0.8
What's Changed
Fix zstd not working for windows on gnu tar in issues.
Allow users to provide a custom timeout as input for aborting cache segment download using the environment variable SEGMENT_DOWNLOAD_TIMEOUT_MIN. Default is 60 minutes.
Changelog
Sourced from actions/cache's changelog.
Releases
3.0.0
Updated minimum runner version support from node 12 -> node 16
3.0.1
Added support for caching from GHES 3.5.
Fixed download issue for files > 2GB during restore.
3.0.2
Added support for dynamic cache size cap on GHES.
3.0.3
Fixed avoiding empty cache save when no files are available for caching. (issue)
3.0.4
Fixed tar creation error while trying to create tar with path as ~/ home folder on ubuntu-latest. (issue)
3.0.5
Removed error handling by consuming actions/cache 3.0 toolkit, Now cache server error handling will be done by toolkit. (PR)
3.0.6
Fixed#809 - zstd -d: no such file or directory error
Fixed#833 - cache doesn't work with github workspace directory
3.0.7
Fixed#810 - download stuck issue. A new timeout is introduced in the download process to abort the download if it gets stuck and doesn't finish within an hour.
3.0.8
Fix zstd not working for windows on gnu tar in issues #888 and #891.
Allowing users to provide a custom timeout as input for aborting download of a cache segment using an environment variable SEGMENT_DOWNLOAD_TIMEOUT_MIN. Default is 60 minutes.
Commits
fd5de65 Merge pull request #899 from actions/kotewar/download-and-compression-fix
d49b6bb Updated actions/cache toolkit dep to v3.0.4
See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps anchore/sbom-action from 0.11.0 to 0.12.0.
Release notes
Sourced from anchore/sbom-action's releases.
v0.12.0
Changes in v0.12.0
Update dependencies (#317) kzantow
Update Syft to v0.53.4 (#266) anchore-actions-token-generator
Expose upload-artifact and upload-release-assets inputs (#277) joshowen
Document the dependency-snapshot property (#297) kzantow
Commits
b5042e9 Update dependencies (#317)
ac5a533 Update Syft to v0.53.4 (#266)
0f0f981 Expose upload-artifact and upload-release-assets inputs (#277)
6fb484a Document the dependency-snapshot property (#297)
See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps actions/checkout from 3 to 3.0.2.
Release notes
Sourced from actions/checkout's releases.
v3.0.2
What's Changed
Add set-safe-directory input to allow customers to take control. by @TingluoHuang in actions/checkout#770
Prepare changelog for v3.0.2. by @TingluoHuang in actions/checkout#777
Full Changelog: actions/checkout@v3...v3.0.2
v3.0.1
Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory
Bumped various npm package versions
Changelog
Sourced from actions/checkout's changelog.
Changelog
v3.0.2
Add input set-safe-directory
v3.0.1
Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory
Bumped various npm package versions
v3.0.0
Update to node 16
v2.3.1
Fix default branch resolution for .wiki and when using SSH
v2.3.0
Fallback to the default branch
v2.2.0
Fetch all history for all tags and branches when fetch-depth=0
v2.1.1
Changes to support GHES (here and here)
v2.1.0
Group output
Changes to support GHES alpha release
Persist core.sshCommand for submodules
Add support ssh
Convert submodule SSH URL to HTTPS, when not using SSH
Add submodule support
Follow proxy settings
Fix ref for pr closed event when a pr is merged
Fix issue checking detached when git less than 2.22
v2.0.0
Do not pass cred on command line
Add input persist-credentials
Fallback to REST API to download repo
v2 (beta)
Improved fetch performance
... (truncated)
Commits
See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Bumps actions/cache from 661fd3eb7f2f20d8c7c84bc2b0509efd7a826628 to 3.0.7. This release includes the previously tagged commit.
Release notes
Sourced from actions/cache's releases.
v3.0.7
What's Changed
Fix for the download stuck problem has been added in actions/cache for users who were intermittently facing the issue. As part of this fix, new timeout has been introduced in the download step to stop the download if it doesn't complete within an hour and run the rest of the workflow without erroring out.
Changelog
Sourced from actions/cache's changelog.
Releases
3.0.0
Updated minimum runner version support from node 12 -> node 16
3.0.1
Added support for caching from GHES 3.5.
Fixed download issue for files > 2GB during restore.
3.0.2
Added support for dynamic cache size cap on GHES.
3.0.3
Fixed avoiding empty cache save when no files are available for caching. (issue)
3.0.4
Fixed tar creation error while trying to create tar with path as ~/ home folder on ubuntu-latest. (issue)
3.0.5
Removed error handling by consuming actions/cache 3.0 toolkit, Now cache server error handling will be done by toolkit. (PR)
3.0.6
Fixed#809 - zstd -d: no such file or directory error
Fixed#833 - cache doesn't work with github workspace directory
3.0.7
Fixed#810 - download stuck issue. A new timeout is introduced in the download process to abort the download if it gets stuck and doesn't finish within an hour.
Commits
a7c34ad Merge pull request #894 from actions/kotewar/update-toolkit-version
83394c9 Updated cache version in license file
e839c25 Updated actions/cache version to 3.0.3
33a923d Added release information
a404368 Updated actions/cache version to 3.0.2
f427802 Merge pull request #887 from actions/pdotl-version-patch
9916fe1 Update cache version in licences
318935e Update README and RELEASES
85efbb5 Update cache npm module to latest
4387dbc Merge pull request #835 from shivamarora1/clojure-lein-example
Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
* feat(ci): compile with go 1.19
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* test: fixing template test
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* test: improve check
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* fix: more test and docs fixes
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* test: fix
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* test: fix
* test: fix
* fix: lint
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* test: docker templates
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* fix: godoc for RequireTemplateError
* chore(ci): improve tparse output
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* chore(ci): improve tparse output
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* chore(ci): tparse
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* fix: always set json
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* fix: nocolor
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* fix: do not need tparse locally
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* fix: build
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* fix(ci): use setup-krew action instead of go install
also switch back to main krew as my PR was recently released.
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* fix: use go install
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* fix: use go install
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* feat: keyless signing
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* fix: perms
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* fix: rm old pubkey
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* docs: missing experimental flag
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* docs: true keyless
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* docs: improve install
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* fix: simplifying
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* docs: improvements
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* docs: improvements
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* docs: trying to improve docs
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* fix: config
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* fix: package write
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
