Bumps [github.com/caarlos0/env/v6](https://github.com/caarlos0/env) from 6.9.3 to 6.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/caarlos0/env/releases">github.com/caarlos0/env/v6's releases</a>.</em></p>
<blockquote>
<h2>v6.10.0</h2>
<h2>Changelog</h2>
<h3>New Features</h3>
<ul>
<li>69c7b5a1dc8b2c4e78a7211aef3fd102333e4e4f: feat: aggregate validation errors (<a href="https://github-redirect.dependabot.com/caarlos0/env/issues/233">#233</a>) (<a href="https://github.com/akutuev"><code>@akutuev</code></a>)</li>
</ul>
<h3>Bug fixes</h3>
<ul>
<li>439dbad60f367bc1995f066cf9127743d468a572: fix: RequiredIfNoDef with nested structs (<a href="https://github-redirect.dependabot.com/caarlos0/env/issues/229">#229</a>) (<a href="https://github.com/HarmlessEvil"><code>@HarmlessEvil</code></a>)</li>
</ul>
<h3>Documentation updates</h3>
<ul>
<li>60b5226da3e5e4ca3dcb795b8416f30c5cb2c5a9: docs: broken link (<a href="https://github.com/caarlos0"><code>@caarlos0</code></a>)</li>
<li>4c93d81012635da80954a1b3ec2e30566aa1b9d9: docs: remove duplicate <code>string</code> (<a href="https://github-redirect.dependabot.com/caarlos0/env/issues/232">#232</a>) (<a href="https://github.com/dacapoday"><code>@dacapoday</code></a>)</li>
</ul>
<hr />
<p><em>Released with <a href="https://goreleaser.com/pro">GoReleaser Pro</a>!</em></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="69c7b5a1dc"><code>69c7b5a</code></a> feat: aggregate validation errors (<a href="https://github-redirect.dependabot.com/caarlos0/env/issues/233">#233</a>)</li>
<li><a href="4c93d81012"><code>4c93d81</code></a> docs: remove duplicate <code>string</code> (<a href="https://github-redirect.dependabot.com/caarlos0/env/issues/232">#232</a>)</li>
<li><a href="60b5226da3"><code>60b5226</code></a> docs: broken link</li>
<li><a href="1917ee3bb3"><code>1917ee3</code></a> chore(build): makefile</li>
<li><a href="439dbad60f"><code>439dbad</code></a> fix: RequiredIfNoDef with nested structs (<a href="https://github-redirect.dependabot.com/caarlos0/env/issues/229">#229</a>)</li>
<li>See full diff in <a href="https://github.com/caarlos0/env/compare/v6.9.3...v6.10.0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos A Becker <caarlos0@users.noreply.github.com>
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.2.1 to 3.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/setup-go/releases">actions/setup-go's releases</a>.</em></p>
<blockquote>
<h2>Support architecture input and fix Expand-Archive issue</h2>
<p>This release introduces support for architecture input for <code>setup-go</code> action <a href="https://github-redirect.dependabot.com/actions/setup-go/issues/253">#253</a>. It also adds support for arm32 architecture for self-hosted runners. If architecture is not provided action will use default runner architecture.
Example of usage:</p>
<pre lang="yaml"><code>steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: '1.16'
architecture: arm
</code></pre>
<p>This release also provides fix for issue <a href="https://github-redirect.dependabot.com/actions/setup-go/issues/241">#241</a>. <a href="https://github-redirect.dependabot.com/actions/setup-go/issues/250">#250</a> adds support for using explicit filename for Windows which is necessary to satisfy Expand-Archive's requirement on .zip extension.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="268d8c0ca0"><code>268d8c0</code></a> Add support for arm32 go arch (<a href="https://github-redirect.dependabot.com/actions/setup-go/issues/253">#253</a>)</li>
<li><a href="f279813975"><code>f279813</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/setup-go/issues/250">#250</a> from jromero/feature/windows-download-filename</li>
<li><a href="1022489cb7"><code>1022489</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/setup-go/issues/249">#249</a> from e-korolevskii/main</li>
<li><a href="e0dce94eb0"><code>e0dce94</code></a> Use explicit filename when downloading Windows go package</li>
<li><a href="dab57c7c68"><code>dab57c7</code></a> update docs</li>
<li><a href="f2e56d8191"><code>f2e56d8</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/actions/setup-go/issues/246">#246</a> from e-korolevskii/Update-contributors-guide</li>
<li><a href="edd0aca6b1"><code>edd0aca</code></a> update tests path</li>
<li><a href="f3e3b7c2f2"><code>f3e3b7c</code></a> Update docs/contributors.md</li>
<li><a href="4a0c081511"><code>4a0c081</code></a> Update docs/contributors.md</li>
<li><a href="185e7f2f01"><code>185e7f2</code></a> Update docs/contributors.md</li>
<li>Additional commits viewable in <a href="84cbf80943...268d8c0ca0">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some time.
Note: if you make any changes to this PR yourself, they will take precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.73.0 to 0.73.1.
<details>
<summary>Commits</summary>
<ul>
<li><a href="e3c6ee4750"><code>e3c6ee4</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/xanzy/go-gitlab/issues/1531">#1531</a> from timofurrer/fix-group-saml</li>
<li><a href="c6383e6edc"><code>c6383e6</code></a> Fix SAML Group Links Access Level type</li>
<li>See full diff in <a href="https://github.com/xanzy/go-gitlab/compare/v0.73.0...v0.73.1">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github.com/disgoorg/disgo](https://github.com/disgoorg/disgo) from 0.13.16 to 0.13.17.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/disgoorg/disgo/releases">github.com/disgoorg/disgo's releases</a>.</em></p>
<blockquote>
<h2>v0.13.17 - Slash Command Mentions</h2>
<h2>What's Changed</h2>
<ul>
<li>add support for slash command mentions by <a href="https://github.com/caneleex"><code>@caneleex</code></a> in <a href="https://github-redirect.dependabot.com/disgoorg/disgo/pull/194">disgoorg/disgo#194</a></li>
<li>add <code>CreatedAt()</code> to most entities and improve type consistency of stored timestaps by <a href="https://github.com/caneleex"><code>@caneleex</code></a> in <a href="https://github-redirect.dependabot.com/disgoorg/disgo/pull/185">disgoorg/disgo#185</a></li>
<li>remove <code>AutoModerationTriggerTypeHarmfulLink</code> by <a href="https://github.com/caneleex"><code>@caneleex</code></a> in <a href="https://github-redirect.dependabot.com/disgoorg/disgo/pull/188">disgoorg/disgo#188</a></li>
<li>add <code>AutoModerationTriggerTypeMentionSpam</code> by <a href="https://github.com/caneleex"><code>@caneleex</code></a> in <a href="cedb59b631</a></li>
<li>add <code>Position</code> to <code>Message</code> by <a href="https://github.com/caneleex"><code>@caneleex</code></a> in <a href="aebcd69359</a></li>
</ul>
<h2>Breaking Changes</h2>
<ul>
<li><code>Activity</code> and <code>ActivityTimestamps</code> now use <code>time.Time</code> instead of <code>int64</code></li>
<li><code>AutoModerationTriggerTypeHarmfulLink</code> was removed as the filter is now used globally</li>
<li><code>Entries</code> field in <code>AuditLog</code> was renamed to <code>AuditLogEntries</code> to match the API name</li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/disgoorg/disgo/compare/v0.13.16...v0.13.17">https://github.com/disgoorg/disgo/compare/v0.13.16...v0.13.17</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="72321bc8fd"><code>72321bc</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/disgoorg/disgo/issues/194">#194</a> from disgoorg/patch/command-mentions</li>
<li><a href="1cbb8506d3"><code>1cbb850</code></a> rename CommandMention to SlashCommandMention</li>
<li><a href="389446f954"><code>389446f</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/disgoorg/disgo/issues/188">#188</a> from disgoorg/patch/remove-harmful-link-trigger</li>
<li><a href="e91ec49fea"><code>e91ec49</code></a> Merge branch 'development' into patch/command-mentions</li>
<li><a href="060a735f35"><code>060a735</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/disgoorg/disgo/issues/185">#185</a> from disgoorg/patch/entity-creation</li>
<li><a href="7295dbe0d0"><code>7295dbe</code></a> added some missing CreatedAt() time.Time methods</li>
<li><a href="29b7e568fc"><code>29b7e56</code></a> fix wrong iterator in AuditLog unmarshal</li>
<li><a href="a2aca7ab43"><code>a2aca7a</code></a> fix "whether" typos</li>
<li><a href="1ae0e72f29"><code>1ae0e72</code></a> add a comment to CommandMention</li>
<li><a href="4f441f3a13"><code>4f441f3</code></a> add MentionTypeCommand</li>
<li>Additional commits viewable in <a href="https://github.com/disgoorg/disgo/compare/v0.13.16...v0.13.17">compare view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
We should not imply the target_commitish, as some users might want to
have the code in one repo and the releases in another (e.g. private
code, public releases), so the commit might not be there.
We should instead allow the user to set the `target_commitish` (or not),
and pass it down to the github api.
refs 95bba02211
refs #3044
refs #3330
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
Bumps github/codeql-action from 2.1.19 to 2.1.20.
Commits
7fee4ca Merge pull request #1199 from github/update-v2.1.20-f0a1a35a
5259c5e Update changelog for v2.1.20
f0a1a35 Merge pull request #1197 from github/henrymercer/fix-release-when-package-con...
a074542 Tweak whitespace in checklist for consistency
53a7a27 Merge pull request #1193 from github/dependabot/npm_and_yarn/actions/core-1.9.1
2927215 Apply suggestions from code review
c145823 Make "Update release branch" workflow fail if npm version fails
66bb63a Merge pull request #1194 from github/mergeback/v2.1.19-to-main-f5d217be
0ce8ba5 Update checked-in dependencies
5354fac Update changelog and version after v2.1.19
Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
termux support, built from #3258 :
minor code changes
support for 386 as well
docs
tests
closes#3118closes#3258
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
Co-authored-by: rsteube <rsteube@users.noreply.github.com>
Bumps github.com/xanzy/go-gitlab from 0.72.0 to 0.73.0.
Commits
88c4146 Tweak PR just a little...
301e201 Merge pull request #1527 from vmg-ventures/feature/add-saml-group-links
e3c59f9 Make variable names consistent
c5ea6cc Merge pull request #1530 from timofurrer/get-issue-link
b35c17a Merge pull request #1529 from timofurrer/group-hooks-pagination
e2a9395 Implement API to get single issue link
142fdec Support pagination for listing group hooks
54f06ed Update to match API in master (15.3)
d9e4486 Fix compile and test errors
7759ad9 Add Group SAML Links
Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps actions/cache from 3.0.7 to 3.0.8.
Release notes
Sourced from actions/cache's releases.
v3.0.8
What's Changed
Fix zstd not working for windows on gnu tar in issues.
Allow users to provide a custom timeout as input for aborting cache segment download using the environment variable SEGMENT_DOWNLOAD_TIMEOUT_MIN. Default is 60 minutes.
Changelog
Sourced from actions/cache's changelog.
Releases
3.0.0
Updated minimum runner version support from node 12 -> node 16
3.0.1
Added support for caching from GHES 3.5.
Fixed download issue for files > 2GB during restore.
3.0.2
Added support for dynamic cache size cap on GHES.
3.0.3
Fixed avoiding empty cache save when no files are available for caching. (issue)
3.0.4
Fixed tar creation error while trying to create tar with path as ~/ home folder on ubuntu-latest. (issue)
3.0.5
Removed error handling by consuming actions/cache 3.0 toolkit, Now cache server error handling will be done by toolkit. (PR)
3.0.6
Fixed#809 - zstd -d: no such file or directory error
Fixed#833 - cache doesn't work with github workspace directory
3.0.7
Fixed#810 - download stuck issue. A new timeout is introduced in the download process to abort the download if it gets stuck and doesn't finish within an hour.
3.0.8
Fix zstd not working for windows on gnu tar in issues #888 and #891.
Allowing users to provide a custom timeout as input for aborting download of a cache segment using an environment variable SEGMENT_DOWNLOAD_TIMEOUT_MIN. Default is 60 minutes.
Commits
fd5de65 Merge pull request #899 from actions/kotewar/download-and-compression-fix
d49b6bb Updated actions/cache toolkit dep to v3.0.4
See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
closes#3044
What happens is that, if the tag is created only locally, it'll create the tag in the remote upon creating the release. The tag still needs to be created locally though!
@bep let me know if that works for you.
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
⚠️ Dependabot is rebasing this PR ⚠️
Rebasing might not happen immediately, so don't worry if this takes some time.
Note: if you make any changes to this PR yourself, they will take precedence over the rebase.
Bumps github/codeql-action from 2.1.18 to 2.1.19.
Changelog
Sourced from github/codeql-action's changelog.
CodeQL Action Changelog
[UNRELEASED]
No user facing changes.
2.1.19 - 17 Aug 2022
Add the ability to filter queries from a code scanning run by using the query-filters option in the code scanning configuration file. #1098
In debug mode, debug artifacts are now uploaded even if a step in the Actions workflow fails. #1159
Update default CodeQL bundle version to 2.10.3. #1178
The combination of python2 and Pipenv is no longer supported. #1181
2.1.18 - 03 Aug 2022
Update default CodeQL bundle version to 2.10.2. #1156
2.1.17 - 28 Jul 2022
Update default CodeQL bundle version to 2.10.1. #1143
2.1.16 - 13 Jul 2022
You can now quickly debug a job that uses the CodeQL Action by re-running the job from the GitHub UI and selecting the "Enable debug logging" option. #1132
You can now see diagnostic messages produced by the analysis in the logs of the analyze Action by enabling debug mode. To enable debug mode, pass debug: true to the init Action, or enable step debug logging. This feature is available for CodeQL CLI version 2.10.0 and later. #1133
2.1.15 - 28 Jun 2022
CodeQL query packs listed in the packs configuration field will be skipped if their target language is not being analyzed in the current Actions job. Previously, this would throw an error. #1116
The combination of python2 and poetry is no longer supported. See actions/setup-python#374 for more details. #1124
Update default CodeQL bundle version to 2.10.0. #1123
2.1.14 - 22 Jun 2022
No user facing changes.
2.1.13 - 21 Jun 2022
Update default CodeQL bundle version to 2.9.4. #1100
2.1.12 - 01 Jun 2022
Update default CodeQL bundle version to 2.9.3. #1084
2.1.11 - 17 May 2022
Update default CodeQL bundle version to 2.9.2. #1074
2.1.10 - 10 May 2022
... (truncated)
Commits
f5d217b Merge pull request #1192 from github/update-v2.1.19-5502fefd
7c3d74c Move changelog note to right release
04ea3b1 Update changelog for v2.1.19
5502fef Merge pull request #1191 from github/edoardo/fix-upload-times
0349bb0 Fix TRAP cache upload timing
3154c4f Merge pull request #1190 from github/henrymercer/fix-debug-artifact-tests-on-...
b21cab9 Mock expect-error input to avoid errors in Action integration tests
219a937 Require test mode to be set to use expect-error input
ff9d53b Dump GitHub event in debug artifacts failure workflow
5f4cfb0 Merge pull request #1188 from github/edoardo/round-fields
Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps anchore/sbom-action from 0.11.0 to 0.12.0.
Release notes
Sourced from anchore/sbom-action's releases.
v0.12.0
Changes in v0.12.0
Update dependencies (#317) kzantow
Update Syft to v0.53.4 (#266) anchore-actions-token-generator
Expose upload-artifact and upload-release-assets inputs (#277) joshowen
Document the dependency-snapshot property (#297) kzantow
Commits
b5042e9 Update dependencies (#317)
ac5a533 Update Syft to v0.53.4 (#266)
0f0f981 Expose upload-artifact and upload-release-assets inputs (#277)
6fb484a Document the dependency-snapshot property (#297)
See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps actions/checkout from 3 to 3.0.2.
Release notes
Sourced from actions/checkout's releases.
v3.0.2
What's Changed
Add set-safe-directory input to allow customers to take control. by @TingluoHuang in actions/checkout#770
Prepare changelog for v3.0.2. by @TingluoHuang in actions/checkout#777
Full Changelog: actions/checkout@v3...v3.0.2
v3.0.1
Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory
Bumped various npm package versions
Changelog
Sourced from actions/checkout's changelog.
Changelog
v3.0.2
Add input set-safe-directory
v3.0.1
Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory
Bumped various npm package versions
v3.0.0
Update to node 16
v2.3.1
Fix default branch resolution for .wiki and when using SSH
v2.3.0
Fallback to the default branch
v2.2.0
Fetch all history for all tags and branches when fetch-depth=0
v2.1.1
Changes to support GHES (here and here)
v2.1.0
Group output
Changes to support GHES alpha release
Persist core.sshCommand for submodules
Add support ssh
Convert submodule SSH URL to HTTPS, when not using SSH
Add submodule support
Follow proxy settings
Fix ref for pr closed event when a pr is merged
Fix issue checking detached when git less than 2.22
v2.0.0
Do not pass cred on command line
Add input persist-credentials
Fallback to REST API to download repo
v2 (beta)
Improved fetch performance
... (truncated)
Commits
See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Bumps actions/cache from 661fd3eb7f2f20d8c7c84bc2b0509efd7a826628 to 3.0.7. This release includes the previously tagged commit.
Release notes
Sourced from actions/cache's releases.
v3.0.7
What's Changed
Fix for the download stuck problem has been added in actions/cache for users who were intermittently facing the issue. As part of this fix, new timeout has been introduced in the download step to stop the download if it doesn't complete within an hour and run the rest of the workflow without erroring out.
Changelog
Sourced from actions/cache's changelog.
Releases
3.0.0
Updated minimum runner version support from node 12 -> node 16
3.0.1
Added support for caching from GHES 3.5.
Fixed download issue for files > 2GB during restore.
3.0.2
Added support for dynamic cache size cap on GHES.
3.0.3
Fixed avoiding empty cache save when no files are available for caching. (issue)
3.0.4
Fixed tar creation error while trying to create tar with path as ~/ home folder on ubuntu-latest. (issue)
3.0.5
Removed error handling by consuming actions/cache 3.0 toolkit, Now cache server error handling will be done by toolkit. (PR)
3.0.6
Fixed#809 - zstd -d: no such file or directory error
Fixed#833 - cache doesn't work with github workspace directory
3.0.7
Fixed#810 - download stuck issue. A new timeout is introduced in the download process to abort the download if it gets stuck and doesn't finish within an hour.
Commits
a7c34ad Merge pull request #894 from actions/kotewar/update-toolkit-version
83394c9 Updated cache version in license file
e839c25 Updated actions/cache version to 3.0.3
33a923d Added release information
a404368 Updated actions/cache version to 3.0.2
f427802 Merge pull request #887 from actions/pdotl-version-patch
9916fe1 Update cache version in licences
318935e Update README and RELEASES
85efbb5 Update cache npm module to latest
4387dbc Merge pull request #835 from shivamarora1/clojure-lein-example
Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Bumps actions/github-script from 7f4e771d2b3022fa3b8bac499d4a547619f3ab10 to 6.1.1. This release includes the previously tagged commit.
Release notes
Sourced from actions/github-script's releases.
v6.1.1
What's Changed
Bump shell-quote from 1.7.2 to 1.7.3 by @dependabot in actions/github-script#270
Bump @actions/core to 1.9.1 by @cory-miller in actions/github-script#280
Non-code changes
Create codeql-analysis.yml by @joshmgross in actions/github-script#267
Improve grammar by @kevgo in actions/github-script#269
New Contributors
@kevgo made their first contribution in actions/github-script#269
@cory-miller made their first contribution in actions/github-script#280
Full Changelog: actions/github-script@v6.1.0...v6.1.1
Commits
d50f485 Merge pull request #280 from cory-miller/main
1bdf7b2 Bump @actions/core to 1.9.1
46a476b Merge pull request #269 from kevgo/patch-1
b682e42 Merge pull request #270 from actions/dependabot/npm_and_yarn/shell-quote-1.7.3
0cc15d0 Bump shell-quote from 1.7.2 to 1.7.3
ebee604 Improve grammar
377d38f Merge pull request #267 from actions/joshmgross/add-codeql
174e812 Create codeql-analysis.yml
7a5c598 Merge pull request #263 from smaeda-ks/update-actions-core
cb1c1eb Classify http-client licenses
Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* feat: add version for homebrew dependencies
* resolve conflicts
* resolve conflicts
* feat: allow to specify version of brew deps
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* docs: brew
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
Co-authored-by: Purushotham <purushotham@hasura.io>
* fix: eventual race condition in artifacts
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* fix: locks
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* fix: tests
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* feat: remove gofish
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* fix: remove more unused code
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
* fix: remove more references
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
