171 Commits

Author	SHA1	Message	Date
dependabot[bot]	234e1d8ce5	chore(deps): bump codecov/codecov-action from 3.1.3 to 3.1.4 (#4014) ... Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.3 to 3.1.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>3.1.4</h2> <h2>What's Changed</h2> <ul> <li>build(deps-dev): bump <code>@​types/node</code> from 18.15.12 to 18.16.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/970">codecov/codecov-action#970</a></li> <li>Fix typo in README.md by <a href="https://github.com/hisaac"><code>@​hisaac</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/967">codecov/codecov-action#967</a></li> <li>fix: add back in working dir by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/971">codecov/codecov-action#971</a></li> <li>fix: CLI option names for uploader by <a href="https://github.com/kleisauke"><code>@​kleisauke</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/969">codecov/codecov-action#969</a></li> <li>build(deps-dev): bump <code>@​types/node</code> from 18.16.3 to 20.1.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/975">codecov/codecov-action#975</a></li> <li>build(deps-dev): bump <code>@​types/node</code> from 20.1.0 to 20.1.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/979">codecov/codecov-action#979</a></li> <li>build(deps-dev): bump <code>@​types/node</code> from 20.1.2 to 20.1.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/981">codecov/codecov-action#981</a></li> <li>release: 3.1.4 by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/983">codecov/codecov-action#983</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/hisaac"><code>@​hisaac</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/967">codecov/codecov-action#967</a></li> <li><a href="https://github.com/kleisauke"><code>@​kleisauke</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/969">codecov/codecov-action#969</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v3.1.3...v3.1.4">https://github.com/codecov/codecov-action/compare/v3.1.3...v3.1.4</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md">codecov/codecov-action's changelog</a>.</em></p> <blockquote> <h2>3.1.4</h2> <h3>Fixes</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/967">#967</a> Fix typo in README.md</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/971">#971</a> fix: add back in working dir</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/969">#969</a> fix: CLI option names for uploader</li> </ul> <h3>Dependencies</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/970">#970</a> build(deps-dev): bump <code>@​types/node</code> from 18.15.12 to 18.16.3</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/979">#979</a> build(deps-dev): bump <code>@​types/node</code> from 20.1.0 to 20.1.2</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/981">#981</a> build(deps-dev): bump <code>@​types/node</code> from 20.1.2 to 20.1.4</li> </ul> <h2>3.1.3</h2> <h3>Fixes</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/960">#960</a> fix: allow for aarch64 build</li> </ul> <h3>Dependencies</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/957">#957</a> build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/958">#958</a> build(deps): bump openpgp from 5.7.0 to 5.8.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/959">#959</a> build(deps-dev): bump <code>@​types/node</code> from 18.15.10 to 18.15.12</li> </ul> <h2>3.1.2</h2> <h3>Fixes</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/718">#718</a> Update README.md</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/851">#851</a> Remove unsupported path_to_write_report argument</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/898">#898</a> codeql-analysis.yml</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/901">#901</a> Update README to contain correct information - inputs and negate feature</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/955">#955</a> fix: add in all the extra arguments for uploader</li> </ul> <h3>Dependencies</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/819">#819</a> build(deps): bump openpgp from 5.4.0 to 5.5.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/835">#835</a> build(deps): bump node-fetch from 3.2.4 to 3.2.10</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/840">#840</a> build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/841">#841</a> build(deps): bump <code>@​actions/core</code> from 1.9.1 to 1.10.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/843">#843</a> build(deps): bump <code>@​actions/github</code> from 5.0.3 to 5.1.1</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/869">#869</a> build(deps): bump node-fetch from 3.2.10 to 3.3.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/872">#872</a> build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/879">#879</a> build(deps): bump decode-uri-component from 0.2.0 to 0.2.2</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/889">#889</a> build(deps): bump ossf/scorecard-action from 1.1.1 to 2.1.2</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/895">#895</a> build(deps): bump json5 from 2.2.1 to 2.2.3</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/896">#896</a> build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/900">#900</a> build(deps-dev): bump <code>@​vercel/ncc</code> from 0.34.0 to 0.36.1</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/905">#905</a> build(deps-dev): bump typescript from 4.7.4 to 4.9.5</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/911">#911</a> build(deps-dev): bump <code>@​types/node</code> from 16.11.40 to 18.13.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/922">#922</a> build(deps-dev): bump <code>@​types/node</code> from 18.13.0 to 18.14.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/924">#924</a> build(deps): bump openpgp from 5.5.0 to 5.7.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/927">#927</a> build(deps-dev): bump <code>@​types/node</code> from 18.14.0 to 18.14.2</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/933">#933</a> build(deps-dev): bump <code>@​types/node</code> from 18.14.2 to 18.14.6</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/937">#937</a> build(deps-dev): bump <code>@​types/node</code> from 18.14.6 to 18.15.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/938">#938</a> build(deps): bump node-fetch from 3.3.0 to 3.3.1</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/945">#945</a> build(deps-dev): bump <code>@​types/node</code> from 18.15.0 to 18.15.5</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="eaaf4bedf3"><code>eaaf4be</code></a> release: 3.1.4 (<a href="https://redirect.github.com/codecov/codecov-action/issues/983">#983</a>)</li> <li><a href="c2ab9ab2e1"><code>c2ab9ab</code></a> build(deps-dev): bump <code>@​types/node</code> from 20.1.2 to 20.1.4 (<a href="https://redirect.github.com/codecov/codecov-action/issues/981">#981</a>)</li> <li><a href="49c20db375"><code>49c20db</code></a> build(deps-dev): bump <code>@​types/node</code> from 20.1.0 to 20.1.2 (<a href="https://redirect.github.com/codecov/codecov-action/issues/979">#979</a>)</li> <li><a href="cf8e3e4262"><code>cf8e3e4</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.16.3 to 20.1.0 (<a href="https://redirect.github.com/codecov/codecov-action/issues/975">#975</a>)</li> <li><a href="1c34415a06"><code>1c34415</code></a> fix: CLI option names for uploader (<a href="https://redirect.github.com/codecov/codecov-action/issues/969">#969</a>)</li> <li><a href="b4dfea724f"><code>b4dfea7</code></a> fix: add back in working dir (<a href="https://redirect.github.com/codecov/codecov-action/issues/971">#971</a>)</li> <li><a href="5bf250470e"><code>5bf2504</code></a> Fix typo in README.md (<a href="https://redirect.github.com/codecov/codecov-action/issues/967">#967</a>)</li> <li><a href="1dd0ce34be"><code>1dd0ce3</code></a> build(deps-dev): bump <code>@​types/node</code> from 18.15.12 to 18.16.3 (<a href="https://redirect.github.com/codecov/codecov-action/issues/970">#970</a>)</li> <li>See full diff in <a href="894ff025c7...eaaf4bedf3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-16 09:22:03 -03:00
dependabot[bot]	8005088588	chore(deps): bump actions/setup-go from 4.0.0 to 4.0.1 (#4015) ... Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.0.0 to 4.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-go/releases">actions/setup-go's releases</a>.</em></p> <blockquote> <h2>v4.0.1</h2> <h2>What's Changed</h2> <ul> <li>Update documentation for <code>v4</code> by <a href="https://github.com/dsame"><code>@​dsame</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/354">actions/setup-go#354</a></li> <li>Fix glob bug in the package.json scripts section by <a href="https://github.com/IvanZosimov"><code>@​IvanZosimov</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/359">actions/setup-go#359</a></li> <li>Bump <code>xml2js</code> dependency by <a href="https://github.com/dmitry-shibanov"><code>@​dmitry-shibanov</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/370">actions/setup-go#370</a></li> <li>Bump <code>@actions/cache</code> dependency to v3.2.1 by <a href="https://github.com/nikolai-laevskii"><code>@​nikolai-laevskii</code></a> in <a href="https://redirect.github.com/actions/setup-go/pull/374">actions/setup-go#374</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/nikolai-laevskii"><code>@​nikolai-laevskii</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-go/pull/374">actions/setup-go#374</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-go/compare/v4...v4.0.1">https://github.com/actions/setup-go/compare/v4...v4.0.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="fac708d667"><code>fac708d</code></a> Bump <code>@​actions/cache</code> dependency to v3.2.1 (<a href="https://redirect.github.com/actions/setup-go/issues/374">#374</a>)</li> <li><a href="dd84a9531a"><code>dd84a95</code></a> Update xml2js (<a href="https://redirect.github.com/actions/setup-go/issues/370">#370</a>)</li> <li><a href="41c2024c46"><code>41c2024</code></a> Fix glob bug in package.json scripts section (<a href="https://redirect.github.com/actions/setup-go/issues/359">#359</a>)</li> <li><a href="8dbf352f06"><code>8dbf352</code></a> update README fo v4 (<a href="https://redirect.github.com/actions/setup-go/issues/354">#354</a>)</li> <li>See full diff in <a href="4d34df0c23...fac708d667">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-16 09:21:45 -03:00
dependabot[bot]	64d6424215	chore(deps): bump anchore/sbom-action from 0.14.1 to 0.14.2 (#3994) ... Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.14.1 to 0.14.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's releases</a>.</em></p> <blockquote> <h2>v0.14.2</h2> <h2>Changes in v0.14.2</h2> <ul> <li>Update Syft to v0.80.0 (<a href="https://redirect.github.com/anchore/sbom-action/issues/415">#415</a>)</li> <li>Make sure all invalid artifact name characters are replaced <a href="https://redirect.github.com/anchore/sbom-action/issues/396">#396</a> (<a href="https://redirect.github.com/anchore/sbom-action/issues/417">#417</a>) [<a href="https://github.com/lts-po">lts-po</a>]</li> <li>Ensure SBOM is copied to <code>output-file</code> (<a href="https://redirect.github.com/anchore/sbom-action/issues/411">#411</a>) [<a href="https://github.com/gszr">gszr</a>]</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="4d571ad103"><code>4d571ad</code></a> chore(deps): update Syft to v0.80.0 (<a href="https://redirect.github.com/anchore/sbom-action/issues/415">#415</a>)</li> <li><a href="a59054d328"><code>a59054d</code></a> fix: Make sure all invalid chars are replaced for artifact names -- fixes <a href="https://redirect.github.com/anchore/sbom-action/issues/39">#39</a>...</li> <li><a href="ea7104d799"><code>ea7104d</code></a> chore: update snapshot workflow (<a href="https://redirect.github.com/anchore/sbom-action/issues/413">#413</a>)</li> <li><a href="50dec67b80"><code>50dec67</code></a> chore(deps): update Syft to v0.77.0 (<a href="https://redirect.github.com/anchore/sbom-action/issues/409">#409</a>)</li> <li><a href="8e2e93770c"><code>8e2e937</code></a> fix: ensure sbom is copied to output-file (<a href="https://redirect.github.com/anchore/sbom-action/issues/411">#411</a>)</li> <li><a href="800a56fe08"><code>800a56f</code></a> chore: update snapshot workflow (<a href="https://redirect.github.com/anchore/sbom-action/issues/412">#412</a>)</li> <li><a href="9cf3dcd573"><code>9cf3dcd</code></a> chore: update snapshot workflow (<a href="https://redirect.github.com/anchore/sbom-action/issues/410">#410</a>)</li> <li><a href="642f63cefc"><code>642f63c</code></a> chore: update syft update check (<a href="https://redirect.github.com/anchore/sbom-action/issues/408">#408</a>)</li> <li><a href="a7622b6841"><code>a7622b6</code></a> chore: update deprecated set-output (<a href="https://redirect.github.com/anchore/sbom-action/issues/407">#407</a>)</li> <li><a href="c82ee2675f"><code>c82ee26</code></a> chore: add workflow to update snapshots from PR comment (<a href="https://redirect.github.com/anchore/sbom-action/issues/406">#406</a>)</li> <li>Additional commits viewable in <a href="https://github.com/anchore/sbom-action/compare/v0.14.1...v0.14.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-08 08:49:41 -03:00
Carlos Alexandro Becker	803ef6566e	build: use ghaction-upx ... thanks @crazy-max! Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>	2023-05-03 17:06:46 +00:00
Carlos Alexandro Becker	d4fc62780c	chore(deps): bump many actions	2023-05-02 12:24:53 +00:00
Carlos Alexandro Becker	43ae761179	feat: native upx support (#3965) ... this adds a new root-level `upx` config, so users can pack their binaries with upx :) --------- Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>	2023-05-01 21:22:05 -03:00
Carlos A Becker	b4b6496ea6	build: setup-go update	2023-03-17 16:04:47 -03:00
dependabot[bot]	b623247fb7	chore(deps): bump actions/setup-go from 3.5.0 to 4.0.0 (#3871) ... Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.5.0 to 4.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-go/releases">actions/setup-go's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <p>In scope of release we enable cache by default. The action won’t throw an error if the cache can’t be restored or saved. The action will throw a warning message but it won’t stop a build process. The cache can be disabled by specifying <code>cache: false</code>.</p> <pre lang="yaml"><code>steps: - uses: actions/checkout@v3 - uses: actions/setup-go@v4 with: go-version: ‘1.19’ - run: go run hello.go </code></pre> <p>Besides, we introduce such changes as</p> <ul> <li><a href="https://redirect.github.com/actions/setup-go/pull/305">Allow to use only GOCACHE for cache</a></li> <li><a href="https://redirect.github.com/actions/setup-go/pull/315">Bump json5 from 2.2.1 to 2.2.3</a></li> <li><a href="https://redirect.github.com/actions/setup-go/pull/323">Use proper version for primary key in cache</a></li> <li><a href="https://redirect.github.com/actions/setup-go/pull/351">Always add Go bin to the PATH</a></li> <li><a href="https://redirect.github.com/actions/setup-go/pull/350">Add step warning if go-version input is empty</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="4d34df0c23"><code>4d34df0</code></a> Update configuration files (<a href="https://redirect.github.com/actions/setup-go/issues/348">#348</a>)</li> <li><a href="fdc0d672a1"><code>fdc0d67</code></a> Add Go bin if go-version input is empty (<a href="https://redirect.github.com/actions/setup-go/issues/351">#351</a>)</li> <li><a href="ebfdf6ac95"><code>ebfdf6a</code></a> add warning if go-version is empty (<a href="https://redirect.github.com/actions/setup-go/issues/350">#350</a>)</li> <li><a href="b27d76912e"><code>b27d769</code></a> fix lockfileVersion (<a href="https://redirect.github.com/actions/setup-go/issues/349">#349</a>)</li> <li><a href="c51a720768"><code>c51a720</code></a> Enable caching by default with default input (<a href="https://redirect.github.com/actions/setup-go/issues/332">#332</a>)</li> <li><a href="6b848af622"><code>6b848af</code></a> Merge pull request <a href="https://redirect.github.com/actions/setup-go/issues/343">#343</a> from akv-platform/reusable-workflow</li> <li><a href="12741cc209"><code>12741cc</code></a> Format update-config-files.yml</li> <li><a href="7a77a6aab6"><code>7a77a6a</code></a> Merge branch 'main' into reusable-workflow</li> <li><a href="42a0cc8e14"><code>42a0cc8</code></a> Add update-config-files.yml</li> <li><a href="7406d654ad"><code>7406d65</code></a> Add and configure ESLint and update configuration for Prettier (<a href="https://redirect.github.com/actions/setup-go/issues/341">#341</a>)</li> <li>Additional commits viewable in <a href="6edd4406fa...4d34df0c23">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>	2023-03-17 00:40:25 -03:00
dependabot[bot]	5773f1a246	chore(deps): bump actions/checkout from 3.3.0 to 3.4.0 (#3872) ... Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0 to 3.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v3.4.0</h2> <h2>What's Changed</h2> <ul> <li>Upgrade codeql actions to v2 by <a href="https://github.com/Link"><code>@​Link</code></a>- in <a href="https://redirect.github.com/actions/checkout/pull/1209">actions/checkout#1209</a></li> <li>Upgrade dependencies by <a href="https://github.com/Link"><code>@​Link</code></a>- in <a href="https://redirect.github.com/actions/checkout/pull/1210">actions/checkout#1210</a></li> <li>Backfill changelog and bump actions/io by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1225">actions/checkout#1225</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Link"><code>@​Link</code></a>- made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1209">actions/checkout#1209</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v3.3.0...v3.4.0">https://github.com/actions/checkout/compare/v3.3.0...v3.4.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v3.4.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade codeql actions to v2</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade dependencies</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade <code>@​actions/io</code></a></li> </ul> <h2>v3.3.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1045">Implement branch list using callbacks from exec function</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1050">Add in explicit reference to private checkout options</a></li> <li>[Fix comment typos (that got added in <a href="https://redirect.github.com/actions/checkout/issues/770">#770</a>)](<a href="https://redirect.github.com/actions/checkout/pull/1057">actions/checkout#1057</a>)</li> </ul> <h2>v3.2.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/942">Add GitHub Action to perform release</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/967">Fix status badge</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1002">Replace datadog/squid with ubuntu/squid Docker image</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/964">Wrap pipeline commands for submoduleForeach in quotes</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1029">Update <code>@​actions/io</code> to 1.1.2</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1039">Upgrading version to 3.2.0</a></li> </ul> <h2>v3.1.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/939">Use <code>@​actions/core</code> <code>saveState</code> and <code>getState</code></a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/922">Add <code>github-server-url</code> input</a></li> </ul> <h2>v3.0.2</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/770">Add input <code>set-safe-directory</code></a></li> </ul> <h2>v3.0.1</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/762">Fixed an issue where checkout failed to run in container jobs due to the new git setting <code>safe.directory</code></a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/744">Bumped various npm package versions</a></li> </ul> <h2>v3.0.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/689">Update to node 16</a></li> </ul> <h2>v2.3.1</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/284">Fix default branch resolution for .wiki and when using SSH</a></li> </ul> <h2>v2.3.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/278">Fallback to the default branch</a></li> </ul> <h2>v2.2.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/258">Fetch all history for all tags and branches when fetch-depth=0</a></li> </ul> <h2>v2.1.1</h2> <ul> <li>Changes to support GHES (<a href="https://redirect.github.com/actions/checkout/pull/236">here</a> and <a href="https://redirect.github.com/actions/checkout/pull/248">here</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="24cb908017"><code>24cb908</code></a> Bump <code>@​actions/io</code> to v1.1.3 (<a href="https://redirect.github.com/actions/checkout/issues/1225">#1225</a>)</li> <li><a href="27135e314d"><code>27135e3</code></a> Upgrade dependencies (<a href="https://redirect.github.com/actions/checkout/issues/1210">#1210</a>)</li> <li><a href="7b187184d1"><code>7b18718</code></a> Upgrade codeql actions to v2 (<a href="https://redirect.github.com/actions/checkout/issues/1209">#1209</a>)</li> <li>See full diff in <a href="ac59398561...24cb908017">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-17 00:11:19 -03:00
dependabot[bot]	6341c3d0dc	chore(deps): bump docker/setup-buildx-action from 2.4.1 to 2.5.0 (#3865) ... Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.4.1 to 2.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v2.5.0</h2> <ul> <li><code>cleanup</code> input to remove builder and temp files by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/213">docker/setup-buildx-action#213</a></li> <li>do not remove builder using the <code>docker</code> driver by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/218">docker/setup-buildx-action#218</a></li> <li>fix current context as builder name for <code>docker</code> driver by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/209">docker/setup-buildx-action#209</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v2.4.1...v2.5.0">https://github.com/docker/setup-buildx-action/compare/v2.4.1...v2.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="4b4e9c3e2d"><code>4b4e9c3</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/216">#216</a> from awendland/patch-1</li> <li><a href="eb27bcbef3"><code>eb27bcb</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/218">#218</a> from crazy-max/fix-builder-removal</li> <li><a href="b7471d4240"><code>b7471d4</code></a> update generated content</li> <li><a href="e2df91e851"><code>e2df91e</code></a> check builder exists before removal</li> <li><a href="85ce96bcbc"><code>85ce96b</code></a> do not remove builder using the docker driver</li> <li><a href="f549413411"><code>f549413</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/217">#217</a> from docker/dependabot/npm_and_yarn/docker/actions-to...</li> <li><a href="99988698a5"><code>9998869</code></a> update generated content</li> <li><a href="e30725c029"><code>e30725c</code></a> Bump <code>@​docker/actions-toolkit</code> from 0.1.0-beta.16 to 0.1.0-beta.18</li> <li><a href="f1dc97ee10"><code>f1dc97e</code></a> Merge pull request <a href="https://redirect.github.com/docker/setup-buildx-action/issues/213">#213</a> from crazy-max/cleanup-input</li> <li><a href="51ecd0a47f"><code>51ecd0a</code></a> nit typo in README.md, csv is comma-delimited</li> <li>Additional commits viewable in <a href="f03ac48505...4b4e9c3e2d">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-13 09:25:22 -03:00
Carlos Alexandro Becker	dd1315b0a7	fix(GO-2023-1621): update from go 1.20.1 to 1.20.2 (#3854)	2023-03-09 08:24:20 -03:00
dependabot[bot]	008d43d72b	chore(deps): bump sigstore/cosign-installer from 2.8.1 to 3.0.1 (#3818) ... Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.8.1 to 3.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v3.0.1</h2> <h2>What's Changed</h2> <ul> <li>make cosign v2.0.0 default version by <a href="https://github.com/developer-guy"><code>@​developer-guy</code></a> in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/109">sigstore/cosign-installer#109</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v3.0.0...v3.0.1">https://github.com/sigstore/cosign-installer/compare/v3.0.0...v3.0.1</a></p> <h2>v3.0.0</h2> <h1>Breaking change</h1> <p>Cosign v2 has some breaking changes. Please check those: <a href="https://blog.sigstore.dev/cosign-2-0-released/">https://blog.sigstore.dev/cosign-2-0-released/</a></p> <h2>What's Changed</h2> <ul> <li>test: add logs when downloading the public keys by <a href="https://github.com/hectorj2f"><code>@​hectorj2f</code></a> in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/106">sigstore/cosign-installer#106</a></li> <li>Add support to install v2 and any other cosign release candidate by <a href="https://github.com/hectorj2f"><code>@​hectorj2f</code></a> in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/105">sigstore/cosign-installer#105</a></li> <li>v2.0.0 release by <a href="https://github.com/sabre1041"><code>@​sabre1041</code></a> in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/108">sigstore/cosign-installer#108</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/hectorj2f"><code>@​hectorj2f</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/106">sigstore/cosign-installer#106</a></li> <li><a href="https://github.com/sabre1041"><code>@​sabre1041</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/108">sigstore/cosign-installer#108</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v2...v3.0.0">https://github.com/sigstore/cosign-installer/compare/v2...v3.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="c3667d9942"><code>c3667d9</code></a> make cosign v2.0.0 default version (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/109">#109</a>)</li> <li><a href="77560e399f"><code>77560e3</code></a> v2.0.0 release (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/108">#108</a>)</li> <li><a href="4079ad3567"><code>4079ad3</code></a> Bump actions/checkout from 3.2.0 to 3.3.0 (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/107">#107</a>)</li> <li><a href="55fd288876"><code>55fd288</code></a> Add support to install v2 and any other cosign release candidate (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/105">#105</a>)</li> <li><a href="651c379c48"><code>651c379</code></a> test: add logs when downloading the public keys (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/106">#106</a>)</li> <li><a href="df6c89e679"><code>df6c89e</code></a> Bump actions/checkout from 3.1.0 to 3.2.0 (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/102">#102</a>)</li> <li><a href="31f26445bf"><code>31f2644</code></a> Bump actions/setup-go from 3.4.0 to 3.5.0 (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/103">#103</a>)</li> <li><a href="b6757d8360"><code>b6757d8</code></a> Bump actions/setup-go from 3.3.1 to 3.4.0 (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/101">#101</a>)</li> <li><a href="7bca8b4116"><code>7bca8b4</code></a> Bump actions/setup-go from 3.3.0 to 3.3.1 (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/99">#99</a>)</li> <li>See full diff in <a href="https://github.com/sigstore/cosign-installer/compare/v2.8.1...v3.0.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-02 09:36:26 -03:00
Carlos A Becker	6d3eb57c7a	fix: update to go 1.20.1	2023-02-17 10:44:02 -03:00
dependabot[bot]	9da9f78537	chore(deps): bump docker/setup-buildx-action from 2.4.0 to 2.4.1 (#3762)	2023-02-07 14:07:51 +00:00
Carlos A Becker	b0783c7401	build: run test on any workflow change ... Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>	2023-02-07 09:48:26 -03:00
Carlos A Becker	addd7c4ceb	build: fix workflow syntax ... Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>	2023-02-07 09:44:33 -03:00
Carlos Alexandro Becker	81914757da	build: use go1.20 (#3757) ... update everything to go 1.20 --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-05 13:39:39 -03:00
dependabot[bot]	599f9b4c6a	chore(deps): bump arduino/setup-task from 1.0.2 to 1.0.3 (#3736) ... Bumps [arduino/setup-task](https://github.com/arduino/setup-task) from 1.0.2 to 1.0.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/arduino/setup-task/releases">arduino/setup-task's releases</a>.</em></p> <blockquote> <h2>1.0.3</h2> <h2>Changelog</h2> <h4>Enhancement</h4> <ul> <li>Add support for all Task build architectures (43e1bb8c37ce39c24e88b4622c2f66b6d7d9ebbd)</li> </ul> <h2>Full Changeset</h2> <p><a href="https://github.com/arduino/setup-task/compare/1.0.2...1.0.3">https://github.com/arduino/setup-task/compare/1.0.2...1.0.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="e26d897557"><code>e26d897</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/arduino/setup-task/issues/636">#636</a> from per1234/arm-arch</li> <li><a href="43e1bb8c37"><code>43e1bb8</code></a> Add support for all Task build architectures</li> <li><a href="bf9d22fbca"><code>bf9d22f</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/arduino/setup-task/issues/637">#637</a> from arduino/dependabot/npm_and_yarn/eslint-8.33.0</li> <li><a href="f307193035"><code>f307193</code></a> build(deps-dev): bump eslint from 8.32.0 to 8.33.0</li> <li><a href="9a385911a6"><code>9a38591</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/arduino/setup-task/issues/635">#635</a> from arduino/dependabot/npm_and_yarn/jest-circus-29.4.1</li> <li><a href="446dc59e7a"><code>446dc59</code></a> build(deps-dev): bump jest-circus from 29.4.0 to 29.4.1</li> <li><a href="fe65533e09"><code>fe65533</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/arduino/setup-task/issues/634">#634</a> from arduino/dependabot/npm_and_yarn/vercel/ncc-0.36.1</li> <li><a href="af97840bda"><code>af97840</code></a> build(deps-dev): bump <code>@​vercel/ncc</code> from 0.36.0 to 0.36.1</li> <li><a href="88a5c5cdc0"><code>88a5c5c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/arduino/setup-task/issues/632">#632</a> from arduino/dependabot/npm_and_yarn/jest-circus-29.4.0</li> <li><a href="4d2bca9f30"><code>4d2bca9</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/arduino/setup-task/issues/631">#631</a> from arduino/dependabot/npm_and_yarn/typescript-eslin...</li> <li>Additional commits viewable in <a href="d665c6beeb...e26d897557">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-01 09:19:19 -03:00
dependabot[bot]	ce5826ff36	chore(deps): bump docker/setup-buildx-action from 2.3.0 to 2.4.0 (#3737) ... Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.3.0 to 2.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v2.4.0</h2> <h2>What's Changed</h2> <ul> <li>Don't depend on the GitHub API to check release by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/196">#196</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v2.3.0...v2.4.0">https://github.com/docker/setup-buildx-action/compare/v2.3.0...v2.4.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="15c905b16b"><code>15c905b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/196">#196</a> from crazy-max/dl-no-token</li> <li><a href="a25d6a0130"><code>a25d6a0</code></a> update generated content</li> <li><a href="39322d9057"><code>39322d9</code></a> don't depend on the GitHub API to check release</li> <li><a href="0648fd6fd6"><code>0648fd6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/195">#195</a> from crazy-max/fix-readme</li> <li><a href="30d8a59ee0"><code>30d8a59</code></a> fix action version in README</li> <li><a href="71320d2e17"><code>71320d2</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/193">#193</a> from fevrin/update-gh-doc-url</li> <li><a href="272f8b84cf"><code>272f8b8</code></a> update GH doc URL</li> <li>See full diff in <a href="5e716dcfd6...15c905b16b">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-02-01 09:15:36 -03:00
dependabot[bot]	5c1fd3582b	chore(deps): bump docker/setup-buildx-action from 2.2.1 to 2.3.0 (#3729) ... Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.2.1 to 2.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v2.3.0</h2> <h2>What's Changed</h2> <ul> <li>Use Octokit to check Buildx release on GitHub by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/191">#191</a> <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/192">#192</a>)</li> <li>Add version pinning information to the README by <a href="https://github.com/jedevc"><code>@​jedevc</code></a> (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/189">#189</a>)</li> <li>Bump minimatch from 3.0.4 to 3.1.2 (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/182">#182</a>)</li> <li>Bump csv-parse from 5.3.1 to 5.3.3 (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/181">#181</a>)</li> <li>Bump json5 from 2.2.0 to 2.2.3 (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/184">#184</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v2.2.1...v2.3.0">https://github.com/docker/setup-buildx-action/compare/v2.2.1...v2.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="5e716dcfd6"><code>5e716dc</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/192">#192</a> from crazy-max/support-ghes</li> <li><a href="a83788eef0"><code>a83788e</code></a> update generated content</li> <li><a href="d0d9a72195"><code>d0d9a72</code></a> pass the token input through on GHES</li> <li><a href="a8165e7b70"><code>a8165e7</code></a> enforce baseUrl to api.github.com if action used on GHES</li> <li><a href="a024221c60"><code>a024221</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/191">#191</a> from crazy-max/fix-dl-release</li> <li><a href="4c3fce4ab2"><code>4c3fce4</code></a> update generated content</li> <li><a href="7c965aebec"><code>7c965ae</code></a> use Octokit client to download buildx</li> <li><a href="7932f6210d"><code>7932f62</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/189">#189</a> from docker/version-pinning-docs</li> <li><a href="70deadb37a"><code>70deadb</code></a> docs: add version pinning information to the README</li> <li><a href="165fe681b8"><code>165fe68</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/184">#184</a> from docker/dependabot/npm_and_yarn/json5-2.2.3</li> <li>Additional commits viewable in <a href="8c0edbc76e...5e716dcfd6">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-01-30 09:50:59 -03:00
dependabot[bot]	71bc3f9ba1	chore(deps): bump anchore/sbom-action from 0.13.2 to 0.13.3 (#3724) ... Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.13.2 to 0.13.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's releases</a>.</em></p> <blockquote> <h2>v0.13.3</h2> <h2>Changes in v0.13.3</h2> <ul> <li>Update Syft to v0.68.1 (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/391">#391</a>) [<a href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="07978da4bd"><code>07978da</code></a> Update Syft to v0.68.1 (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/391">#391</a>)</li> <li>See full diff in <a href="https://github.com/anchore/sbom-action/compare/v0.13.2...v0.13.3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-01-27 08:55:18 -03:00
dependabot[bot]	d120e4dd36	chore(deps): bump anchore/sbom-action from 0.13.1 to 0.13.2 (#3720) ... Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.13.1 to 0.13.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's releases</a>.</em></p> <blockquote> <h2>v0.13.2</h2> <h2>Changes in v0.13.2</h2> <ul> <li>Update Syft to v0.68.0 (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/387">#387</a>) [<a href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="54e36e45f3"><code>54e36e4</code></a> feat: update Syft to v0.68.0 (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/387">#387</a>)</li> <li>See full diff in <a href="https://github.com/anchore/sbom-action/compare/v0.13.1...v0.13.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-01-26 09:48:38 -03:00
Carlos A Becker	17cd672149	build: use go 1.19.5 ... Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>	2023-01-11 09:18:25 -03:00
dependabot[bot]	d80b937827	chore(deps): bump actions/checkout from 3.2.0 to 3.3.0 (#3683) ... Bumps [actions/checkout](https://github.com/actions/checkout) from 3.2.0 to 3.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v3.3.0</h2> <h2>What's Changed</h2> <ul> <li>Implement branch list using callbacks from exec function by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/1045">actions/checkout#1045</a></li> <li>Add in explicit reference to private checkout options by <a href="https://github.com/vanZeben"><code>@​vanZeben</code></a> in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/1050">actions/checkout#1050</a></li> <li>Fix comment typos (that got added in <a href="https://github-redirect.dependabot.com/actions/checkout/issues/770">#770</a>) by <a href="https://github.com/lurch"><code>@​lurch</code></a> in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/1057">actions/checkout#1057</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/vanZeben"><code>@​vanZeben</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/1050">actions/checkout#1050</a></li> <li><a href="https://github.com/lurch"><code>@​lurch</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/1057">actions/checkout#1057</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v3.2.0...v3.3.0">https://github.com/actions/checkout/compare/v3.2.0...v3.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="ac59398561"><code>ac59398</code></a> Fix comment typos (that got added in <a href="https://github-redirect.dependabot.com/actions/checkout/issues/770">#770</a>) (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/1057">#1057</a>)</li> <li><a href="3ba5ee6fac"><code>3ba5ee6</code></a> Add in explicit reference to private checkout options (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/1050">#1050</a>)</li> <li><a href="8856415920"><code>8856415</code></a> Implement branch list using callbacks from exec function (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/1045">#1045</a>)</li> <li>See full diff in <a href="755da8c3cf...ac59398561">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-01-06 09:20:17 -03:00
Carlos Alexandro Becker	cac3f17562	feat(deps): build with go 1.19.4 (#3644) ... latest and greatest Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>	2022-12-14 15:23:40 -03:00
dependabot[bot]	f05b211b61	chore(deps): bump actions/setup-go from 3.4.0 to 3.5.0 (#3643) ... Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.4.0 to 3.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-go/releases">actions/setup-go's releases</a>.</em></p> <blockquote> <h2>Add support for stable and oldstable aliases</h2> <p>In scope of this release we introduce aliases for the <code>go-version</code> input. The <code>stable</code> alias instals the latest stable version of Go. The <code>oldstable</code> alias installs previous latest minor release (the stable is 1.19.x -&gt; the oldstable is 1.18.x).</p> <h3>Stable</h3> <pre lang="yaml"><code>steps: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: go-version: 'stable' - run: go run hello.go </code></pre> <h3>OldStable</h3> <pre lang="yaml"><code>steps: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: go-version: 'oldstable' - run: go run hello.go </code></pre> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="6edd4406fa"><code>6edd440</code></a> fix log for stable aliases (<a href="https://github-redirect.dependabot.com/actions/setup-go/issues/303">#303</a>)</li> <li><a href="38dbe75f81"><code>38dbe75</code></a> Add stable and oldstable aliases (<a href="https://github-redirect.dependabot.com/actions/setup-go/issues/300">#300</a>)</li> <li><a href="30c39bfe0c"><code>30c39bf</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/setup-go/issues/301">#301</a> from jongwooo/chore/use-cache-in-check-dist</li> <li><a href="8377b69a56"><code>8377b69</code></a> Use cache in check-dist.yml</li> <li>See full diff in <a href="d0a58c1c4d...6edd4406fa">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-12-14 12:09:30 -03:00
dependabot[bot]	43e2b3bf69	chore(deps): bump actions/checkout from 3.1.0 to 3.2.0 (#3636) ... Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0 to 3.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v3.2.0</h2> <h2>What's Changed</h2> <ul> <li>Add GitHub Action to perform release by <a href="https://github.com/rentziass"><code>@​rentziass</code></a> in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/942">actions/checkout#942</a></li> <li>Fix status badge by <a href="https://github.com/ScottBrenner"><code>@​ScottBrenner</code></a> in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/967">actions/checkout#967</a></li> <li>Replace datadog/squid with ubuntu/squid Docker image by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/1002">actions/checkout#1002</a></li> <li>Wrap pipeline commands for submoduleForeach in quotes by <a href="https://github.com/jokreliable"><code>@​jokreliable</code></a> in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/964">actions/checkout#964</a></li> <li>Update <code>@​actions/io</code> to 1.1.2 by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/1029">actions/checkout#1029</a></li> <li>Upgrading version to 3.2.0 by <a href="https://github.com/vmjoseph"><code>@​vmjoseph</code></a> in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/1039">actions/checkout#1039</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/ScottBrenner"><code>@​ScottBrenner</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/967">actions/checkout#967</a></li> <li><a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/1002">actions/checkout#1002</a></li> <li><a href="https://github.com/jokreliable"><code>@​jokreliable</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/964">actions/checkout#964</a></li> <li><a href="https://github.com/vmjoseph"><code>@​vmjoseph</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/1039">actions/checkout#1039</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v3...v3.2.0">https://github.com/actions/checkout/compare/v3...v3.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="755da8c3cf"><code>755da8c</code></a> 3.2.0 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/1039">#1039</a>)</li> <li><a href="26d48e8ea1"><code>26d48e8</code></a> Update <code>@​actions/io</code> to 1.1.2 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/1029">#1029</a>)</li> <li><a href="bf085276ce"><code>bf08527</code></a> wrap pipeline commands for submoduleForeach in quotes (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/964">#964</a>)</li> <li><a href="5c3ccc22eb"><code>5c3ccc2</code></a> Replace datadog/squid with ubuntu/squid Docker image (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/1002">#1002</a>)</li> <li><a href="1f9a0c22da"><code>1f9a0c2</code></a> README - fix status badge (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/967">#967</a>)</li> <li><a href="8230315d06"><code>8230315</code></a> Add workflow to update a main version (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/942">#942</a>)</li> <li>See full diff in <a href="93ea575cb5...755da8c3cf">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-12-13 09:44:45 -03:00
dependabot[bot]	2228edc406	chore(deps): bump actions/setup-go from 3.3.1 to 3.4.0 (#3616) ... [//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.3.1 to 3.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-go/releases">actions/setup-go's releases</a>.</em></p> <blockquote> <h2>Add support for go.work and pass the token input through on GHES</h2> <p>In scope of this release we added <a href="https://github-redirect.dependabot.com/actions/setup-go/pull/283">support for go.work file to pass it in go-version-file input</a>.</p> <pre lang="yaml"><code>steps: - uses: actions/checkout@v3 - uses: actions/setup-go@v3 with: go-version-file: go.work - run: go run hello.go </code></pre> <p>Besides, we added support to <a href="https://github-redirect.dependabot.com/actions/setup-go/pull/277">pass the token input through on GHES</a>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="d0a58c1c4d"><code>d0a58c1</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/setup-go/issues/294">#294</a> from JamesMGreene/patch-1</li> <li><a href="3dcd9d6eb3"><code>3dcd9d6</code></a> Update to latest <code>actions/publish-action</code></li> <li><a href="e983b65a44"><code>e983b65</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/setup-go/issues/283">#283</a> from koba1t/add_support_gowork_for_go-version-file</li> <li><a href="27b43e1b0d"><code>27b43e1</code></a> Pass the token input through on GHES (<a href="https://github-redirect.dependabot.com/actions/setup-go/issues/277">#277</a>)</li> <li><a href="7678c83214"><code>7678c83</code></a> add support gowork for go-version-file</li> <li>See full diff in <a href="c4a742cab1...d0a58c1c4d">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-12-02 09:09:52 -03:00
dependabot[bot]	bd4d497c99	chore(deps): bump anchore/sbom-action from 0.13.0 to 0.13.1 (#3533) ... Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.13.0 to 0.13.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's releases</a>.</em></p> <blockquote> <h2>v0.13.1</h2> <h2>Changes in v0.13.1</h2> <ul> <li>File input not being passed properly to Syft invocation (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/385">#385</a>) [<a href="https://github.com/kzantow">kzantow</a>]</li> <li>Update Syft to v0.60.3 (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/386">#386</a>) [<a href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="06e109483e"><code>06e1094</code></a> fix: file input not being passed properly to syft invocation (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/385">#385</a>)</li> <li><a href="f4e264e189"><code>f4e264e</code></a> Update Syft to v0.60.3 (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/386">#386</a>)</li> <li><a href="faa694c549"><code>faa694c</code></a> chore: update dependencies (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/384">#384</a>)</li> <li>See full diff in <a href="https://github.com/anchore/sbom-action/compare/v0.13.0...v0.13.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-11-07 09:11:22 -03:00
Carlos Alexandro Becker	7544f7ab96	feat: update to go 1.19.3 (#3523) ... Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>	2022-11-02 14:19:01 -03:00
dependabot[bot]	f3aea7663f	chore(deps): bump anchore/sbom-action from 0.12.0 to 0.13.0 (#3512) ... Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.12.0 to 0.13.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's releases</a>.</em></p> <blockquote> <h2>v0.13.0</h2> <h2>Changes in v0.13.0</h2> <ul> <li>Allow type &quot;file:...&quot; to enable creation of SBOMs from tar and other package formats (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/357">#357</a>) [<a href="https://github.com/malt3">malt3</a>]</li> <li>Update Syft to v0.59.0 (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/371">#371</a>) [<a href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li> <li>Update dependencies and node version (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/372">#372</a>) [<a href="https://github.com/kzantow">kzantow</a>]</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="b7e8507c6a"><code>b7e8507</code></a> chore: remove dependabot (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/381">#381</a>)</li> <li><a href="2424de21c4"><code>2424de2</code></a> Bump <code>@​types/node</code> from 18.11.2 to 18.11.3 (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/373">#373</a>)</li> <li><a href="12a03b588c"><code>12a03b5</code></a> Update Syft to v0.59.0 (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/371">#371</a>)</li> <li><a href="563238bdcc"><code>563238b</code></a> chore: Update dependencies and action node version (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/372">#372</a>)</li> <li><a href="eda59434a8"><code>eda5943</code></a> Update Syft to v0.58.0 (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/354">#354</a>)</li> <li><a href="614fe8a3b7"><code>614fe8a</code></a> feat: Allow type &quot;file:...&quot; (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/357">#357</a>)</li> <li><a href="6218d4fbd4"><code>6218d4f</code></a> Update Syft to v0.57.0 (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/344">#344</a>)</li> <li><a href="a173e5341b"><code>a173e53</code></a> Update Syft to v0.56.0 (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/329">#329</a>)</li> <li><a href="2cd5755dcc"><code>2cd5755</code></a> Add update-deps script (<a href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/322">#322</a>)</li> <li>See full diff in <a href="https://github.com/anchore/sbom-action/compare/v0.12.0...v0.13.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-10-31 11:13:56 -03:00
dependabot[bot]	097baac606	chore(deps): bump actions/setup-go from 3.3.0 to 3.3.1 (#3477) ... Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.3.0 to 3.3.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-go/releases">actions/setup-go's releases</a>.</em></p> <blockquote> <h2>Fix cache issues and update dependencies</h2> <p>In scope of this release we fixed the issue with the correct generation of the cache key when the <code>go-version-file</code> input is set (<a href="https://github-redirect.dependabot.com/actions/setup-go/pull/267">actions/setup-go#267</a>). Moreover, we fixed an issue when <a href="https://github-redirect.dependabot.com/actions/setup-go/pull/264">the cache folder was not found</a>. Besides, we updated <code>actions/core</code> to 1.10.0 version (<a href="https://github-redirect.dependabot.com/actions/setup-go/pull/273">actions/setup-go#273</a>).</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="c4a742cab1"><code>c4a742c</code></a> fix(): cache resolve version input (<a href="https://github-redirect.dependabot.com/actions/setup-go/issues/267">#267</a>)</li> <li><a href="f556e5b7e0"><code>f556e5b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/setup-go/issues/273">#273</a> from rentziass/rentziass/update-actions-core</li> <li><a href="514ae57904"><code>514ae57</code></a> Update <code>@​actions/core</code> to 1.10.0</li> <li><a href="30b9ddff11"><code>30b9ddf</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/setup-go/issues/264">#264</a> from e-korolevskii/258-not-throw-err-no-cache-folders</li> <li><a href="c4e169859f"><code>c4e1698</code></a> prettier format</li> <li><a href="db58e98a43"><code>db58e98</code></a> format</li> <li><a href="2905db4069"><code>2905db4</code></a> update build</li> <li><a href="57452eb902"><code>57452eb</code></a> fix debug lines in test</li> <li><a href="5547b9ed8d"><code>5547b9e</code></a> fix(cache): Not throw err if no cache folders</li> <li><a href="be45b2722d"><code>be45b27</code></a> build</li> <li>Additional commits viewable in <a href="268d8c0ca0...c4a742cab1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-10-19 09:54:46 -03:00
dependabot[bot]	a94d809a63	chore(deps): bump sigstore/cosign-installer from 2.8.0 to 2.8.1 (#3478) ... Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.8.0 to 2.8.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v2.8.1</h2> <h2>What's Changed</h2> <ul> <li>bump cosign install to use release v1.13.1 by <a href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/98">sigstore/cosign-installer#98</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v2...v2.8.1">https://github.com/sigstore/cosign-installer/compare/v2...v2.8.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="9becc61764"><code>9becc61</code></a> bump cosign install to use release v1.13.1 (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/98">#98</a>)</li> <li><a href="c6d50c2e98"><code>c6d50c2</code></a> Bump actions/checkout from 3.0.2 to 3.1.0 (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/96">#96</a>)</li> <li>See full diff in <a href="https://github.com/sigstore/cosign-installer/compare/v2.8.0...v2.8.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-10-19 09:54:06 -03:00
dependabot[bot]	97e9bc40f9	chore(deps): bump docker/setup-buildx-action from 2.2.0 to 2.2.1 (#3480) ... Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.2.0 to 2.2.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v2.2.1</h2> <h2>What's Changed</h2> <ul> <li>Preserve quotes surrounding fields in input list by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/174">#174</a>)</li> <li>Escape surrounding quotes for <code>platforms</code> input by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/175">#175</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v2.2.0...v2.2.1">https://github.com/docker/setup-buildx-action/compare/v2.2.0...v2.2.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="8c0edbc76e"><code>8c0edbc</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/175">#175</a> from crazy-max/input-list-quotes</li> <li><a href="1fb9cbdb32"><code>1fb9cbd</code></a> escape surrounding quotes for platforms input</li> <li><a href="693fdd6ca6"><code>693fdd6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/174">#174</a> from crazy-max/input-quote</li> <li><a href="fe4c1ac86d"><code>fe4c1ac</code></a> preserve quotes surrounding fields in input list</li> <li>See full diff in <a href="c74574e6c8...8c0edbc76e">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-10-19 09:53:41 -03:00
dependabot[bot]	903713ea0a	chore(deps): bump docker/setup-buildx-action from 2.1.0 to 2.2.0 (#3474) ... Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.1.0 to 2.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v2.2.0</h2> <h2>What's Changed</h2> <ul> <li>Append nodes to builder support by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/165">#165</a>)</li> <li>Bump csv-parse from 5.3.0 to 5.3.1 (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/172">#172</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v2.1.0...v2.2.0">https://github.com/docker/setup-buildx-action/compare/v2.1.0...v2.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="c74574e6c8"><code>c74574e</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/172">#172</a> from docker/dependabot/npm_and_yarn/csv-parse-5.3.1</li> <li><a href="2d0cf98781"><code>2d0cf98</code></a> update generated content</li> <li><a href="5f1d4ea81f"><code>5f1d4ea</code></a> Bump csv-parse from 5.3.0 to 5.3.1</li> <li><a href="59b5ed6124"><code>59b5ed6</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/165">#165</a> from crazy-max/append</li> <li><a href="bd61d52837"><code>bd61d52</code></a> update generated content</li> <li><a href="f6efb5fcbb"><code>f6efb5f</code></a> platforms input</li> <li><a href="2dfca373f3"><code>2dfca37</code></a> append nodes to builder support</li> <li>See full diff in <a href="95cb08cb26...c74574e6c8">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-10-18 09:19:42 -03:00
dependabot[bot]	6a5a3d9f1d	chore(deps): bump docker/setup-qemu-action from 2.0.0 to 2.1.0 (#3458) ... Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2.0.0 to 2.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-qemu-action/releases">docker/setup-qemu-action's releases</a>.</em></p> <blockquote> <h2>v2.1.0</h2> <h2>What's Changed</h2> <ul> <li>Use context for inputs by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a href="https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/62">#62</a>)</li> <li>Use built-in <code>getExecOutput</code> by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a href="https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/61">#61</a>)</li> <li>Remove workaround for <code>setOutput</code> by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a href="https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/63">#63</a>)</li> <li>Bump <code>@​actions/core</code> from 1.6.0 to 1.10.0 (<a href="https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/54">#54</a> <a href="https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/58">#58</a> <a href="https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/59">#59</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-qemu-action/compare/v2.0.0...v2.1.0">https://github.com/docker/setup-qemu-action/compare/v2.0.0...v2.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="e81a89b173"><code>e81a89b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/63">#63</a> from crazy-max/setOutput</li> <li><a href="2d3efc7878"><code>2d3efc7</code></a> Remove workaround for setOutput</li> <li><a href="bfc44eaf57"><code>bfc44ea</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/62">#62</a> from crazy-max/context</li> <li><a href="25725d8d2e"><code>25725d8</code></a> Use context for inputs</li> <li><a href="8c1e35a8c6"><code>8c1e35a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/61">#61</a> from crazy-max/exec-output</li> <li><a href="f3c51a3313"><code>f3c51a3</code></a> update README</li> <li><a href="c47ad32952"><code>c47ad32</code></a> Use built-in getExecOutput</li> <li><a href="aa087459ac"><code>aa08745</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/59">#59</a> from docker/dependabot/npm_and_yarn/actions/core-1.10.0</li> <li><a href="9443994984"><code>9443994</code></a> Update generated content</li> <li><a href="81a47e15eb"><code>81a47e1</code></a> Bump <code>@​actions/core</code> from 1.9.1 to 1.10.0</li> <li>Additional commits viewable in <a href="8b122486ce...e81a89b173">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>	2022-10-13 10:52:43 -03:00
dependabot[bot]	9ce619ad09	chore(deps): bump docker/setup-buildx-action from 2.0.0 to 2.1.0 (#3459) ... Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.0.0 to 2.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v2.1.0</h2> <h2>What's Changed</h2> <ul> <li>Auth support for tls endpoint by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/164">#164</a>)</li> <li>Nodes metadata JSON ouput by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/162">#162</a>) <ul> <li><code>endpoint</code>, <code>status</code> and <code>flags</code> outputs are deprecated. Use <code>nodes</code> output instead.</li> </ul> </li> <li>Skip setting buildkitd flags and config for remote driver by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/161">#161</a>)</li> <li>Move args logic to context module and add tests by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/169">#169</a>)</li> <li>Remove workaround for <code>setOutput</code> by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/170">#170</a>)</li> <li>Fix deprecated <code>fs.rmdir</code> by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/171">#171</a>)</li> <li>Docs: clarify install option by <a href="https://github.com/rodrigc"><code>@​rodrigc</code></a> in (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/152">#152</a>)</li> <li>Bump <code>@​actions/core</code> from 1.6.0 to 1.10.0 (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/151">#151</a> <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/157">#157</a> <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/167">#167</a>)</li> <li>Bump <code>@​actions/tool-cache</code> from 1.7.2 to 2.0.1 (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/150">#150</a>)</li> <li>Bump <code>@​actions/http-client</code> from 1.0.11 to 2.0.1 (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/149">#149</a>)</li> <li>Bump uuid from 8.3.2 to 9.0.0 (<a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/159">#159</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v2.0.0...v2.1.0">https://github.com/docker/setup-buildx-action/compare/v2.0.0...v2.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="95cb08cb26"><code>95cb08c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/171">#171</a> from crazy-max/rmsync</li> <li><a href="eb5c2a6eea"><code>eb5c2a6</code></a> Fix deprecated fs.rmdir</li> <li><a href="83612bea36"><code>83612be</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/170">#170</a> from crazy-max/setOutput</li> <li><a href="40fefd8a58"><code>40fefd8</code></a> Remove workaround for setOutput</li> <li><a href="90a1e4619e"><code>90a1e46</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/169">#169</a> from crazy-max/context-module</li> <li><a href="5a9fc40575"><code>5a9fc40</code></a> move args logic to context module and add tests</li> <li><a href="6c48dad5f0"><code>6c48dad</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/159">#159</a> from docker/dependabot/npm_and_yarn/uuid-9.0.0</li> <li><a href="16c2ddbfa7"><code>16c2ddb</code></a> update generated content</li> <li><a href="0fe8589bf4"><code>0fe8589</code></a> Bump uuid from 8.3.2 to 9.0.0</li> <li><a href="f3692cbe43"><code>f3692cb</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/167">#167</a> from docker/dependabot/npm_and_yarn/actions/core-1.10.0</li> <li>Additional commits viewable in <a href="dc7b9719a9...95cb08cb26">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>	2022-10-13 10:51:29 -03:00
dependabot[bot]	38c8436863	chore(deps): bump arduino/setup-task from 1.0.1 to 1.0.2 (#3452) ... [//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [arduino/setup-task](https://github.com/arduino/setup-task) from 1.0.1 to 1.0.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/arduino/setup-task/releases">arduino/setup-task's releases</a>.</em></p> <blockquote> <h2>1.0.2</h2> <h2>Release Notes</h2> <h3>Changelog</h3> <h4>Enhancement</h4> <ul> <li>Run action with Node.js 16 (<a href="https://github-redirect.dependabot.com/arduino/setup-task/pull/552">arduino/setup-task#552</a>)</li> <li>Various dependency updates</li> </ul> <h3>Contributors</h3> <ul> <li><a href="https://github.com/kasperg"><code>@​kasperg</code></a></li> </ul> <hr /> <p><strong>Full Changeset</strong>: <a href="https://github.com/arduino/setup-task/compare/1.0.1...1.0.2">https://github.com/arduino/setup-task/compare/1.0.1...1.0.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="d665c6beeb"><code>d665c6b</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/arduino/setup-task/issues/554">#554</a> from arduino/dependabot/npm_and_yarn/types/node-16.11.65</li> <li><a href="f911dc0bbc"><code>f911dc0</code></a> build(deps-dev): bump <code>@​types/node</code> from 16.11.64 to 16.11.65</li> <li><a href="2cdd1760c6"><code>2cdd176</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/arduino/setup-task/issues/555">#555</a> from arduino/dependabot/npm_and_yarn/typescript-eslin...</li> <li><a href="0238d42112"><code>0238d42</code></a> build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code></li> <li><a href="b592b746bd"><code>b592b74</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/arduino/setup-task/issues/553">#553</a> from arduino/dependabot/npm_and_yarn/typescript-eslin...</li> <li><a href="1b72357a23"><code>1b72357</code></a> build(deps-dev): bump <code>@​typescript-eslint/parser</code> from 5.38.1 to 5.40.0</li> <li><a href="eea6bc2215"><code>eea6bc2</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/arduino/setup-task/issues/551">#551</a> from arduino/dependabot/npm_and_yarn/eslint-8.25.0</li> <li><a href="c36e056867"><code>c36e056</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/arduino/setup-task/issues/552">#552</a> from kasperg/patch-1</li> <li><a href="ba0113b2fc"><code>ba0113b</code></a> Bump Node version from 12 to 16</li> <li><a href="1bdabdfc86"><code>1bdabdf</code></a> build(deps-dev): bump eslint from 8.24.0 to 8.25.0</li> <li>Additional commits viewable in <a href="ca745e1891...d665c6beeb">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-10-12 19:04:36 -03:00
dependabot[bot]	1317be8a7d	chore(deps): bump sigstore/cosign-installer from 2.7.0 to 2.8.0 (#3448) ... Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.7.0 to 2.8.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v2.8.0</h2> <h2>What's Changed</h2> <ul> <li>bump cosign to v1.13.0 by <a href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/95">sigstore/cosign-installer#95</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v2.7.0...v2.8.0">https://github.com/sigstore/cosign-installer/compare/v2.7.0...v2.8.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="7cc35d7fdb"><code>7cc35d7</code></a> bump cosign to v1.13.0 (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/95">#95</a>)</li> <li>See full diff in <a href="https://github.com/sigstore/cosign-installer/compare/v2.7.0...v2.8.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-10-10 14:50:18 -03:00
Carlos Alexandro Becker	b4159f6377	feat(deps): go 1.19.2 (#3443) ... latest security fixes Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>	2022-10-05 21:24:45 -03:00
Carlos A Becker	04162b50fe	chore: always build on main	2022-10-05 10:50:29 -03:00
dependabot[bot]	f8da439130	chore(deps): bump actions/checkout from 3.0.2 to 3.1.0 (#3441) ... Bumps [actions/checkout](https://github.com/actions/checkout) from 3.0.2 to 3.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v3.1.0</h2> <h2>What's Changed</h2> <ul> <li>Inject GitHub host to be able to clone from another GitHub instance by <a href="https://github.com/peter-murray"><code>@​peter-murray</code></a> in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/922">actions/checkout#922</a></li> <li>Bump <code>@​actions/core</code> to 1.10.0 by <a href="https://github.com/rentziass"><code>@​rentziass</code></a> in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/939">actions/checkout#939</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/peter-murray"><code>@​peter-murray</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/922">actions/checkout#922</a></li> <li><a href="https://github.com/rentziass"><code>@​rentziass</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/actions/checkout/pull/939">actions/checkout#939</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v3.0.2...v3.1.0">https://github.com/actions/checkout/compare/v3.0.2...v3.1.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v3.1.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/939">Use <code>@​actions/core</code> <code>saveState</code> and <code>getState</code></a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/922">Add <code>github-server-url</code> input</a></li> </ul> <h2>v3.0.2</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/770">Add input <code>set-safe-directory</code></a></li> </ul> <h2>v3.0.1</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/762">Fixed an issue where checkout failed to run in container jobs due to the new git setting <code>safe.directory</code></a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/744">Bumped various npm package versions</a></li> </ul> <h2>v3.0.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/689">Update to node 16</a></li> </ul> <h2>v2.3.1</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/284">Fix default branch resolution for .wiki and when using SSH</a></li> </ul> <h2>v2.3.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/278">Fallback to the default branch</a></li> </ul> <h2>v2.2.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/258">Fetch all history for all tags and branches when fetch-depth=0</a></li> </ul> <h2>v2.1.1</h2> <ul> <li>Changes to support GHES (<a href="https://github-redirect.dependabot.com/actions/checkout/pull/236">here</a> and <a href="https://github-redirect.dependabot.com/actions/checkout/pull/248">here</a>)</li> </ul> <h2>v2.1.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/191">Group output</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/199">Changes to support GHES alpha release</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/184">Persist core.sshCommand for submodules</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/163">Add support ssh</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/179">Convert submodule SSH URL to HTTPS, when not using SSH</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/157">Add submodule support</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/144">Follow proxy settings</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/141">Fix ref for pr closed event when a pr is merged</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/128">Fix issue checking detached when git less than 2.22</a></li> </ul> <h2>v2.0.0</h2> <ul> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/108">Do not pass cred on command line</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/107">Add input persist-credentials</a></li> <li><a href="https://github-redirect.dependabot.com/actions/checkout/pull/104">Fallback to REST API to download repo</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="93ea575cb5"><code>93ea575</code></a> Prepare release v3.1.0 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/940">#940</a>)</li> <li><a href="6a84743051"><code>6a84743</code></a> Bump <code>@​actions/core</code> to 1.10.0 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/939">#939</a>)</li> <li><a href="e6d535c99c"><code>e6d535c</code></a> Inject GitHub host to be able to clone from another GitHub instance (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/922">#922</a>)</li> <li>See full diff in <a href="2541b1294d...93ea575cb5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-10-05 09:38:34 -03:00
dependabot[bot]	fd8cc43ef3	chore(deps): bump sigstore/cosign-installer from 2.6.0 to 2.7.0 (#3404) ... Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.6.0 to 2.7.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v2.7.0</h2> <h2>What's Changed</h2> <ul> <li>bump cosign to v1.12.1 by <a href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/94">sigstore/cosign-installer#94</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v2...v2.7.0">https://github.com/sigstore/cosign-installer/compare/v2...v2.7.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="ced07f21fb"><code>ced07f2</code></a> bump cosign to v1.12.1 (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/94">#94</a>)</li> <li>See full diff in <a href="https://github.com/sigstore/cosign-installer/compare/v2.6.0...v2.7.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-09-26 10:24:30 -03:00
Carlos A Becker	6aa3f5a724	chore: minor workflows improvements	2022-09-22 16:00:05 -03:00
dependabot[bot]	326b588ece	chore(deps): bump codecov/codecov-action from 3.1.0 to 3.1.1 (#3390) ... Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.0 to 3.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>3.1.1</h2> <h2>What's Changed</h2> <ul> <li>Update deprecation warning by <a href="https://github.com/slifty"><code>@​slifty</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/661">codecov/codecov-action#661</a></li> <li>Create codeql-analysis.yml by <a href="https://github.com/mitchell-codecov"><code>@​mitchell-codecov</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/593">codecov/codecov-action#593</a></li> <li>build(deps): bump node-fetch from 3.2.3 to 3.2.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/714">codecov/codecov-action#714</a></li> <li>build(deps-dev): bump typescript from 4.6.3 to 4.6.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/713">codecov/codecov-action#713</a></li> <li>README: fix typo by <a href="https://github.com/Evalir"><code>@​Evalir</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/712">codecov/codecov-action#712</a></li> <li>build(deps): bump github/codeql-action from 1 to 2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/724">codecov/codecov-action#724</a></li> <li>build(deps-dev): bump <code>@​types/jest</code> from 27.4.1 to 27.5.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/717">codecov/codecov-action#717</a></li> <li>fix: Remove a blank row by <a href="https://github.com/johnmanjiro13"><code>@​johnmanjiro13</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/725">codecov/codecov-action#725</a></li> <li>Update README.md with correct badge version by <a href="https://github.com/gsheni"><code>@​gsheni</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/726">codecov/codecov-action#726</a></li> <li>build(deps-dev): bump <code>@​types/node</code> from 17.0.25 to 17.0.33 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/729">codecov/codecov-action#729</a></li> <li>build(deps-dev): downgrade <code>@​types/node</code> to 16.11.35 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/734">codecov/codecov-action#734</a></li> <li>build(deps): bump actions/checkout from 2 to 3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/723">codecov/codecov-action#723</a></li> <li>build(deps): bump <code>@​actions/github</code> from 5.0.1 to 5.0.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/733">codecov/codecov-action#733</a></li> <li>build(deps): bump <code>@​actions/core</code> from 1.6.0 to 1.8.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/732">codecov/codecov-action#732</a></li> <li>build(deps-dev): bump <code>@​types/node</code> from 16.11.35 to 16.11.36 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/737">codecov/codecov-action#737</a></li> <li>Create scorecards-analysis.yml by <a href="https://github.com/mitchell-codecov"><code>@​mitchell-codecov</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/633">codecov/codecov-action#633</a></li> <li>build(deps): bump ossf/scorecard-action from 1.0.1 to 1.1.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/749">codecov/codecov-action#749</a></li> <li>fix: add more verbosity to validation by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/747">codecov/codecov-action#747</a></li> <li>build(deps-dev): bump typescript from 4.6.4 to 4.7.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/755">codecov/codecov-action#755</a></li> <li>Regenerate scorecards-analysis.yml by <a href="https://github.com/mitchell-codecov"><code>@​mitchell-codecov</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/750">codecov/codecov-action#750</a></li> <li>build(deps-dev): bump <code>@​types/node</code> from 16.11.36 to 16.11.39 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/759">codecov/codecov-action#759</a></li> <li>build(deps-dev): bump <code>@​types/node</code> from 16.11.39 to 16.11.40 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/762">codecov/codecov-action#762</a></li> <li>build(deps-dev): bump <code>@​vercel/ncc</code> from 0.33.4 to 0.34.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/746">codecov/codecov-action#746</a></li> <li>build(deps): bump ossf/scorecard-action from 1.1.0 to 1.1.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/757">codecov/codecov-action#757</a></li> <li>build(deps): bump openpgp from 5.2.1 to 5.3.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/760">codecov/codecov-action#760</a></li> <li>build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/748">codecov/codecov-action#748</a></li> <li>build(deps-dev): bump typescript from 4.7.3 to 4.7.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/766">codecov/codecov-action#766</a></li> <li>Switch to v3 by <a href="https://github.com/thomasrockhu"><code>@​thomasrockhu</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/774">codecov/codecov-action#774</a></li> <li>Fix <code>network</code> entry in table by <a href="https://github.com/kevmoo"><code>@​kevmoo</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/783">codecov/codecov-action#783</a></li> <li>Trim arguments after splitting them by <a href="https://github.com/mitchell-codecov"><code>@​mitchell-codecov</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/791">codecov/codecov-action#791</a></li> <li>build(deps): bump openpgp from 5.3.0 to 5.4.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/799">codecov/codecov-action#799</a></li> <li>build(deps): bump <code>@​actions/core</code> from 1.8.2 to 1.9.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/798">codecov/codecov-action#798</a></li> <li>Plumb failCi into verification function. by <a href="https://github.com/RobbieMcKinstry"><code>@​RobbieMcKinstry</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/769">codecov/codecov-action#769</a></li> <li>release: update changelog and version to 3.1.1 by <a href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a> in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/828">codecov/codecov-action#828</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/slifty"><code>@​slifty</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/661">codecov/codecov-action#661</a></li> <li><a href="https://github.com/Evalir"><code>@​Evalir</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/712">codecov/codecov-action#712</a></li> <li><a href="https://github.com/johnmanjiro13"><code>@​johnmanjiro13</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/725">codecov/codecov-action#725</a></li> <li><a href="https://github.com/gsheni"><code>@​gsheni</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/726">codecov/codecov-action#726</a></li> <li><a href="https://github.com/kevmoo"><code>@​kevmoo</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/783">codecov/codecov-action#783</a></li> <li><a href="https://github.com/RobbieMcKinstry"><code>@​RobbieMcKinstry</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/codecov/codecov-action/pull/769">codecov/codecov-action#769</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v3.1.0...v3.1.1">https://github.com/codecov/codecov-action/compare/v3.1.0...v3.1.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md">codecov/codecov-action's changelog</a>.</em></p> <blockquote> <h2>3.1.1</h2> <h3>Fixes</h3> <ul> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/661">#661</a> Update deprecation warning</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/593">#593</a> Create codeql-analysis.yml</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/712">#712</a> README: fix typo</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/725">#725</a> fix: Remove a blank row</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/726">#726</a> Update README.md with correct badge version</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/633">#633</a> Create scorecards-analysis.yml</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/747">#747</a> fix: add more verbosity to validation</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/750">#750</a> Regenerate scorecards-analysis.yml</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/774">#774</a> Switch to v3</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/783">#783</a> Fix network entry in table</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/791">#791</a> Trim arguments after splitting them</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/769">#769</a> Plumb failCi into verification function.</li> </ul> <h3>Dependencies</h3> <ul> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/713">#713</a> build(deps-dev): bump typescript from 4.6.3 to 4.6.4</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/714">#714</a> build(deps): bump node-fetch from 3.2.3 to 3.2.4</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/724">#724</a> build(deps): bump github/codeql-action from 1 to 2</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/717">#717</a> build(deps-dev): bump <code>@​types/jest</code> from 27.4.1 to 27.5.0</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/729">#729</a> build(deps-dev): bump <code>@​types/node</code> from 17.0.25 to 17.0.33</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/734">#734</a> build(deps-dev): downgrade <code>@​types/node</code> to 16.11.35</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/723">#723</a> build(deps): bump actions/checkout from 2 to 3</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/733">#733</a> build(deps): bump <code>@​actions/github</code> from 5.0.1 to 5.0.3</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/732">#732</a> build(deps): bump <code>@​actions/core</code> from 1.6.0 to 1.8.2</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/737">#737</a> build(deps-dev): bump <code>@​types/node</code> from 16.11.35 to 16.11.36</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/749">#749</a> build(deps): bump ossf/scorecard-action from 1.0.1 to 1.1.0</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/755">#755</a> build(deps-dev): bump typescript from 4.6.4 to 4.7.3</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/759">#759</a> build(deps-dev): bump <code>@​types/node</code> from 16.11.36 to 16.11.39</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/762">#762</a> build(deps-dev): bump <code>@​types/node</code> from 16.11.39 to 16.11.40</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/746">#746</a> build(deps-dev): bump <code>@​vercel/ncc</code> from 0.33.4 to 0.34.0</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/757">#757</a> build(deps): bump ossf/scorecard-action from 1.1.0 to 1.1.1</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/760">#760</a> build(deps): bump openpgp from 5.2.1 to 5.3.0</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/748">#748</a> build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.0</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/766">#766</a> build(deps-dev): bump typescript from 4.7.3 to 4.7.4</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/799">#799</a> build(deps): bump openpgp from 5.3.0 to 5.4.0</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/798">#798</a> build(deps): bump <code>@​actions/core</code> from 1.8.2 to 1.9.1</li> </ul> <h2>3.1.0</h2> <h3>Features</h3> <ul> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/699">#699</a> Incorporate <code>xcode</code> arguments for the Codecov uploader</li> </ul> <h3>Dependencies</h3> <ul> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/694">#694</a> build(deps-dev): bump <code>@​vercel/ncc</code> from 0.33.3 to 0.33.4</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/696">#696</a> build(deps-dev): bump <code>@​types/node</code> from 17.0.23 to 17.0.25</li> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/698">#698</a> build(deps-dev): bump jest-junit from 13.0.0 to 13.2.0</li> </ul> <h2>3.0.0</h2> <h3>Breaking Changes</h3> <ul> <li><a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/689">#689</a> Bump to node16 and small fixes</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="d9f34f8cd5"><code>d9f34f8</code></a> release: update changelog and version to 3.1.1 (<a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/828">#828</a>)</li> <li><a href="0e9e7b4e8a"><code>0e9e7b4</code></a> Plumb failCi into verification function. (<a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/769">#769</a>)</li> <li><a href="7f20bd4c41"><code>7f20bd4</code></a> build(deps): bump <code>@​actions/core</code> from 1.8.2 to 1.9.1 (<a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/798">#798</a>)</li> <li><a href="13bc2536ab"><code>13bc253</code></a> build(deps): bump openpgp from 5.3.0 to 5.4.0 (<a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/799">#799</a>)</li> <li><a href="5c0da1b28f"><code>5c0da1b</code></a> Trim arguments after splitting them (<a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/791">#791</a>)</li> <li><a href="68d5f6d0be"><code>68d5f6d</code></a> Fix <code>network</code> entry in table (<a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/783">#783</a>)</li> <li><a href="2a829b95de"><code>2a829b9</code></a> Switch to v3 (<a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/774">#774</a>)</li> <li><a href="8e09eaf1b4"><code>8e09eaf</code></a> build(deps-dev): bump typescript from 4.7.3 to 4.7.4 (<a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/766">#766</a>)</li> <li><a href="39e222921f"><code>39e2229</code></a> build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.0 (<a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/748">#748</a>)</li> <li><a href="b2b7703473"><code>b2b7703</code></a> build(deps): bump openpgp from 5.2.1 to 5.3.0 (<a href="https://github-redirect.dependabot.com/codecov/codecov-action/issues/760">#760</a>)</li> <li>Additional commits viewable in <a href="81cd2dc814...d9f34f8cd5">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-09-20 10:15:30 -03:00
Carlos Alexandro Becker	445f2e730d	chore: avoid running actions when not needed/possible (#3389) ... - only run the build action when actual go files changed - only run some actions on the main fork to avoid errors	2022-09-19 23:48:20 -03:00
Carlos Alexandro Becker	d19ff6eb1e	chore: splitting workflows (#3386) ... split build & release workflows Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>	2022-09-18 21:31:33 -03:00
dependabot[bot]	f7efe9ca2b	chore(deps): bump sigstore/cosign-installer from 2.5.1 to 2.6.0 (#3368) ... Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.5.1 to 2.6.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v2.6.0</h2> <h2>What's Changed</h2> <ul> <li>update action to default cosign to v1.11.0 release by <a href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/89">sigstore/cosign-installer#89</a></li> <li>cleanup dependabot by <a href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/90">sigstore/cosign-installer#90</a></li> <li>default cosign to v1.11.1 by <a href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/91">sigstore/cosign-installer#91</a></li> <li>Bump actions/setup-go from 3.2.1 to 3.3.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/92">sigstore/cosign-installer#92</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v2.5.1...v2.6.0">https://github.com/sigstore/cosign-installer/compare/v2.5.1...v2.6.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="f3c664df7a"><code>f3c664d</code></a> Bump actions/setup-go from 3.2.1 to 3.3.0 (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/92">#92</a>)</li> <li><a href="14d43345ff"><code>14d4334</code></a> default cosign to v1.11.1 (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/91">#91</a>)</li> <li><a href="8d0fee40fd"><code>8d0fee4</code></a> cleanup dependabot (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/90">#90</a>)</li> <li><a href="716fc02719"><code>716fc02</code></a> update action to default cosign to v1.11.0 release (<a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/89">#89</a>)</li> <li>See full diff in <a href="https://github.com/sigstore/cosign-installer/compare/v2.5.1...v2.6.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-09-12 09:36:39 -03:00
Carlos Alexandro Becker	8cb4eb1654	fix: ruleguard and semgrep scans and fixes (#3364) ... run semgrep-go ruleguard and semgrep scans https://github.com/dgryski/semgrep-go Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>	2022-09-11 15:32:23 -03:00
Carlos Alexandro Becker	5185b5b6ed	chore(ci): govulncheck (#3362) ... check for vulnerabilities Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>	2022-09-09 11:36:15 -03:00