Bumps [actions/cache](https://github.com/actions/cache) from 4.0.1 to
4.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix <code>fail-on-cache-miss</code> not working by <a
href="https://github.com/cdce8p"><code>@cdce8p</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1327">actions/cache#1327</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.0.1...v4.0.2">https://github.com/actions/cache/compare/v4.0.1...v4.0.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.0.2</h3>
<ul>
<li>Fixed restore <code>fail-on-cache-miss</code> not working.</li>
</ul>
<h3>4.0.1</h3>
<ul>
<li>Updated <code>isGhes</code> check</li>
</ul>
<h3>4.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -> node
20</li>
</ul>
<h3>3.3.3</h3>
<ul>
<li>Updates <code>@actions/cache</code> to v3.2.3 to fix accidental
mutated path arguments to <code>getCacheVersion</code> <a
href="https://redirect.github.com/actions/toolkit/pull/1378">actions/toolkit#1378</a></li>
<li>Additional audit fixes of npm package(s)</li>
</ul>
<h3>3.3.2</h3>
<ul>
<li>Fixes bug with Azure SDK causing blob downloads to get stuck.</li>
</ul>
<h3>3.3.1</h3>
<ul>
<li>Reduced segment size to 128MB and segment timeout to 10 minutes to
fail fast in case the cache download is stuck.</li>
</ul>
<h3>3.3.0</h3>
<ul>
<li>Added option to lookup cache without downloading it.</li>
</ul>
<h3>3.2.6</h3>
<ul>
<li>Fix zstd not being used after zstd version upgrade to 1.5.4 on
hosted runners.</li>
</ul>
<h3>3.2.5</h3>
<ul>
<li>Added fix to prevent from setting MYSYS environment variable
globally.</li>
</ul>
<h3>3.2.4</h3>
<ul>
<li>Added option to fail job on cache miss.</li>
</ul>
<h3>3.2.3</h3>
<ul>
<li>Support cross os caching on Windows as an opt-in feature.</li>
<li>Fix issue with symlink restoration on Windows for cross-os
caches.</li>
</ul>
<h3>3.2.2</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0c45773b62"><code>0c45773</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1327">#1327</a>
from cdce8p/fix-fail-on-cache-miss</li>
<li><a
href="8a55f839aa"><code>8a55f83</code></a>
Add test case for process exit</li>
<li><a
href="3884cace14"><code>3884cac</code></a>
Bump version</li>
<li><a
href="e29dad3e36"><code>e29dad3</code></a>
Fix fail-on-cache-miss not working</li>
<li>See full diff in <a
href="ab5e6d0c87...0c45773b62">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 3.1.0 to 3.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.2.0</h2>
<ul>
<li>Rename and align config inputs by <a
href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/303">docker/setup-buildx-action#303</a>
<ul>
<li><code>config</code> to <code>buildkitd-config</code></li>
<li><code>config-inline</code> to
<code>buildkitd-config-inline</code></li>
</ul>
</li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.17.0 to 0.19.0 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/302">docker/setup-buildx-action#302</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/306">docker/setup-buildx-action#306</a></li>
</ul>
<blockquote>
<p>[!NOTE]
<code>config</code> and <code>config-inline</code> input names are
deprecated and will be removed in next major release.</p>
</blockquote>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.1.0...v3.2.0">https://github.com/docker/setup-buildx-action/compare/v3.1.0...v3.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2b51285047"><code>2b51285</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/306">#306</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="0f00370563"><code>0f00370</code></a>
chore: update generated content</li>
<li><a
href="11c9683db9"><code>11c9683</code></a>
build(deps): bump <code>@docker/actions-toolkit</code> from 0.18.0 to
0.19.0</li>
<li><a
href="56a16b8f2a"><code>56a16b8</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/303">#303</a>
from crazy-max/fix-inputs</li>
<li><a
href="c23f46eb91"><code>c23f46e</code></a>
chore: update generated content</li>
<li><a
href="f876da6242"><code>f876da6</code></a>
rename and align config inputs</li>
<li><a
href="b7cf918227"><code>b7cf918</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/304">#304</a>
from crazy-max/rm-docs-dir</li>
<li><a
href="0150f0ed7a"><code>0150f0e</code></a>
chore: remove docs dir</li>
<li><a
href="d89f1f9116"><code>d89f1f9</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/302">#302</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="12d65f6595"><code>12d65f6</code></a>
chore: update generated content</li>
<li>Additional commits viewable in <a
href="0d103c3126...2b51285047">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.8 to 0.15.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.9</h2>
<h2>Changes in v0.15.9</h2>
<ul>
<li>reduce syft debug level (<a
href="https://redirect.github.com/anchore/sbom-action/issues/446">#446</a>)
[<a href="https://github.com/kzantow">kzantow</a>]</li>
<li>update Syft to v0.105.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/442">#442</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9fece9e200"><code>9fece9e</code></a>
fix: reduce syft debug level (<a
href="https://redirect.github.com/anchore/sbom-action/issues/446">#446</a>)</li>
<li><a
href="f3355df2cc"><code>f3355df</code></a>
chore(deps): update Syft to v0.105.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/442">#442</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.8...v0.15.9">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[cachix/install-nix-action](https://github.com/cachix/install-nix-action)
from 25 to 26.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cachix/install-nix-action/releases">cachix/install-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>v26</h2>
<p>Bump to Nix 2.20.5 to address CVE-2024-27297 /
GHSA-2ffj-w4mj-pg37.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8887e596b4"><code>8887e59</code></a>
Nix: 2.20.5</li>
<li><a
href="39a075cc21"><code>39a075c</code></a>
bump</li>
<li>See full diff in <a
href="https://github.com/cachix/install-nix-action/compare/v25...v26">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/cache](https://github.com/actions/cache) from 4.0.0 to
4.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README.md by <a
href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1304">actions/cache#1304</a></li>
<li>Update examples by <a
href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1305">actions/cache#1305</a></li>
<li>Update actions/cache publish flow by <a
href="https://github.com/bethanyj28"><code>@bethanyj28</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1340">actions/cache#1340</a></li>
<li>Update <code>@actions/cache</code> by <a
href="https://github.com/bethanyj28"><code>@bethanyj28</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1341">actions/cache#1341</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1304">actions/cache#1304</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4...v4.0.1">https://github.com/actions/cache/compare/v4...v4.0.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.0.1</h3>
<ul>
<li>Updated <code>isGhes</code> check</li>
</ul>
<h3>4.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -> node
20</li>
</ul>
<h3>3.3.3</h3>
<ul>
<li>Updates <code>@actions/cache</code> to v3.2.3 to fix accidental
mutated path arguments to <code>getCacheVersion</code> <a
href="https://redirect.github.com/actions/toolkit/pull/1378">actions/toolkit#1378</a></li>
<li>Additional audit fixes of npm package(s)</li>
</ul>
<h3>3.3.2</h3>
<ul>
<li>Fixes bug with Azure SDK causing blob downloads to get stuck.</li>
</ul>
<h3>3.3.1</h3>
<ul>
<li>Reduced segment size to 128MB and segment timeout to 10 minutes to
fail fast in case the cache download is stuck.</li>
</ul>
<h3>3.3.0</h3>
<ul>
<li>Added option to lookup cache without downloading it.</li>
</ul>
<h3>3.2.6</h3>
<ul>
<li>Fix zstd not being used after zstd version upgrade to 1.5.4 on
hosted runners.</li>
</ul>
<h3>3.2.5</h3>
<ul>
<li>Added fix to prevent from setting MYSYS environment variable
globally.</li>
</ul>
<h3>3.2.4</h3>
<ul>
<li>Added option to fail job on cache miss.</li>
</ul>
<h3>3.2.3</h3>
<ul>
<li>Support cross os caching on Windows as an opt-in feature.</li>
<li>Fix issue with symlink restoration on Windows for cross-os
caches.</li>
</ul>
<h3>3.2.2</h3>
<ul>
<li>Reverted the changes made in 3.2.1 to use gnu tar and zstd by
default on windows.</li>
</ul>
<h3>3.2.1</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ab5e6d0c87"><code>ab5e6d0</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1341">#1341</a>
from bethanyj28/main</li>
<li><a
href="89c7d86c71"><code>89c7d86</code></a>
licensed cache</li>
<li><a
href="d2c84da363"><code>d2c84da</code></a>
update <code>@actions/cache</code></li>
<li><a
href="37e7d4eb16"><code>37e7d4e</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1340">#1340</a>
from actions/bethanyj28/update-publish-flow</li>
<li><a
href="a18323f504"><code>a18323f</code></a>
add release action</li>
<li><a
href="a2ed59d39b"><code>a2ed59d</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1305">#1305</a>
from actions/yacaovsnc/update_examples</li>
<li><a
href="dc88ab52d7"><code>dc88ab5</code></a>
Update examples</li>
<li><a
href="1d78355196"><code>1d78355</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1304">#1304</a>
from actions/yacaovsnc/update_readme</li>
<li><a
href="c36458f13b"><code>c36458f</code></a>
Update README.md</li>
<li>See full diff in <a
href="13aacd865c...ab5e6d0c87">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [arduino/setup-task](https://github.com/arduino/setup-task) from
1.0.3 to 2.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/arduino/setup-task/releases">arduino/setup-task's
releases</a>.</em></p>
<blockquote>
<h2>2.0.0</h2>
<h2>Migration Guide</h2>
<p>The version of the <a
href="https://nodejs.org/en/about"><strong>Node.js</strong></a> runtime
used to execute the action has been updated from 16 to 20. This could be
a breaking change for certain GitHub Actions workflows.</p>
<p>If a workflow with dependency on the
<strong>arduino/setup-task</strong> action uses only <a
href="https://docs.github.com/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners">GitHub-hosted
GitHub Actions runners</a>, no changes are required.</p>
<p>If the workflow uses a <a
href="https://docs.github.com/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners">self-hosted
runner</a>, the workflow run might fail after updating
<strong>arduino/setup-task</strong>:</p>
<pre lang="text"><code>Error: System.ArgumentOutOfRangeException:
Specified argument was out of the range of valid values. (Parameter
''using: node20' is not supported, use 'docker', 'node12' or 'node16'
instead.')
at
GitHub.Runner.Worker.ActionManifestManager.ConvertRuns(IExecutionContext
executionContext, TemplateContext templateContext, TemplateToken
inputsToken, String fileRelativePath, MappingToken outputs)
at GitHub.Runner.Worker.ActionManifestManager.Load(IExecutionContext
executionContext, String manifestFile)
Error: Fail to load arduino/setup-task/v2/action.yml
</code></pre>
<p>This means an older runner version that does not provide Node.js 20.x
is installed on the runner machine and you must update the runner
version.</p>
<h2>Changelog</h2>
<h4>Breaking</h4>
<ul>
<li>Update Node.js runtime for action from 16 to 20 (<a
href="https://redirect.github.com/arduino/setup-task/issues/919">#919</a>)</li>
</ul>
<h4>Enhancement</h4>
<ul>
<li><a
href="https://github.com/arduino/compile-sketches/pulls?q=merged%3A2023-01-31..2024-02-05+author%3Aapp%2Fdependabot">Various
dependency updates</a></li>
</ul>
<h2>Full Changeset</h2>
<p><a
href="https://github.com/arduino/setup-task/compare/1.0.3...2.0.0">https://github.com/arduino/setup-task/compare/1.0.3...2.0.0</a></p>
<h2>Contributors</h2>
<ul>
<li><a href="https://github.com/gdraynz"><code>@gdraynz</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b91d5d2c96"><code>b91d5d2</code></a>
update readme (<a
href="https://redirect.github.com/arduino/setup-task/issues/929">#929</a>)</li>
<li><a
href="f2514b0e1c"><code>f2514b0</code></a>
Bump node from 16 to 20 (<a
href="https://redirect.github.com/arduino/setup-task/issues/919">#919</a>)</li>
<li><a
href="2007903d11"><code>2007903</code></a>
Merge pull request <a
href="https://redirect.github.com/arduino/setup-task/issues/928">#928</a>
from arduino/dependabot/npm_and_yarn/prettier-3.2.5</li>
<li><a
href="3f2ef95f2f"><code>3f2ef95</code></a>
build(deps-dev): bump prettier from 3.2.2 to 3.2.5</li>
<li><a
href="88d658bbef"><code>88d658b</code></a>
Merge pull request <a
href="https://redirect.github.com/arduino/setup-task/issues/927">#927</a>
from arduino/dependabot/npm_and_yarn/types/node-16.18.79</li>
<li><a
href="b79a1c3f82"><code>b79a1c3</code></a>
build(deps-dev): bump <code>@types/node</code> from 16.18.78 to
16.18.79</li>
<li><a
href="5abddba872"><code>5abddba</code></a>
Merge pull request <a
href="https://redirect.github.com/arduino/setup-task/issues/926">#926</a>
from arduino/dependabot/npm_and_yarn/types/node-16.18.78</li>
<li><a
href="b3e99c0fa2"><code>b3e99c0</code></a>
build(deps-dev): bump <code>@types/node</code> from 16.18.76 to
16.18.78</li>
<li><a
href="4145542cd7"><code>4145542</code></a>
Merge pull request <a
href="https://redirect.github.com/arduino/setup-task/issues/924">#924</a>
from arduino/dependabot/npm_and_yarn/typescript-eslin...</li>
<li><a
href="10406e6d87"><code>10406e6</code></a>
build(deps-dev): bump <code>@typescript-eslint/parser</code> from
6.19.1 to 6.20.0</li>
<li>Additional commits viewable in <a
href="e26d897557...b91d5d2c96">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.6 to 0.15.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.7</h2>
<h2>Changes in v0.15.7</h2>
<ul>
<li>chore: migrate action to use node v20.11.0 (Iron) FROM node v16.x.x
(<a
href="https://redirect.github.com/anchore/sbom-action/issues/440">#440</a>)
[<a href="https://github.com/spiffcs">spiffcs</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="767b08fd88"><code>767b08f</code></a>
chore: migrate action from 16 -> 20 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/440">#440</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.6...v0.15.7">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.5 to 0.15.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.6</h2>
<h2>Changes in v0.15.6</h2>
<ul>
<li>chore(deps): update Syft to v0.102.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/438">#438</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c6aed38a43"><code>c6aed38</code></a>
chore(deps): update Syft to v0.102.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/438">#438</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.5...v0.15.6">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.4 to 0.15.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.5</h2>
<h2>Changes in v0.15.5</h2>
<ul>
<li>chore(deps): update Syft to v0.101.1 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/437">#437</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="24b0d52385"><code>24b0d52</code></a>
chore(deps): update Syft to v0.101.1 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/437">#437</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.4...v0.15.5">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/cache](https://github.com/actions/cache) from 3.3.3 to
4.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update action to node20 by <a
href="https://github.com/takost"><code>@takost</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1284">actions/cache#1284</a></li>
<li>feat: save-always flag by <a
href="https://github.com/to-s"><code>@to-s</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1242">actions/cache#1242</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/takost"><code>@takost</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1284">actions/cache#1284</a></li>
<li><a href="https://github.com/to-s"><code>@to-s</code></a> made their
first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1242">actions/cache#1242</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v4.0.0">https://github.com/actions/cache/compare/v3...v4.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>3.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -> node
16</li>
</ul>
<h3>3.0.1</h3>
<ul>
<li>Added support for caching from GHES 3.5.</li>
<li>Fixed download issue for files > 2GB during restore.</li>
</ul>
<h3>3.0.2</h3>
<ul>
<li>Added support for dynamic cache size cap on GHES.</li>
</ul>
<h3>3.0.3</h3>
<ul>
<li>Fixed avoiding empty cache save when no files are available for
caching. (<a
href="https://redirect.github.com/actions/cache/issues/624">issue</a>)</li>
</ul>
<h3>3.0.4</h3>
<ul>
<li>Fixed tar creation error while trying to create tar with path as
<code>~/</code> home folder on <code>ubuntu-latest</code>. (<a
href="https://redirect.github.com/actions/cache/issues/689">issue</a>)</li>
</ul>
<h3>3.0.5</h3>
<ul>
<li>Removed error handling by consuming actions/cache 3.0 toolkit, Now
cache server error handling will be done by toolkit. (<a
href="https://redirect.github.com/actions/cache/pull/834">PR</a>)</li>
</ul>
<h3>3.0.6</h3>
<ul>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/809">#809</a> -
zstd -d: no such file or directory error</li>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/833">#833</a> -
cache doesn't work with github workspace directory</li>
</ul>
<h3>3.0.7</h3>
<ul>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/810">#810</a> -
download stuck issue. A new timeout is introduced in the download
process to abort the download if it gets stuck and doesn't finish within
an hour.</li>
</ul>
<h3>3.0.8</h3>
<ul>
<li>Fix zstd not working for windows on gnu tar in issues <a
href="https://redirect.github.com/actions/cache/issues/888">#888</a> and
<a
href="https://redirect.github.com/actions/cache/issues/891">#891</a>.</li>
<li>Allowing users to provide a custom timeout as input for aborting
download of a cache segment using an environment variable
<code>SEGMENT_DOWNLOAD_TIMEOUT_MINS</code>. Default is 60 minutes.</li>
</ul>
<h3>3.0.9</h3>
<ul>
<li>Enhanced the warning message for cache unavailablity in case of
GHES.</li>
</ul>
<h3>3.0.10</h3>
<ul>
<li>Fix a bug with sorting inputs.</li>
<li>Update definition for restore-keys in README.md</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="13aacd865c"><code>13aacd8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1242">#1242</a>
from to-s/main</li>
<li><a
href="53b35c5439"><code>53b35c5</code></a>
Merge branch 'main' into main</li>
<li><a
href="65b8989fab"><code>65b8989</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1284">#1284</a>
from takost/update-to-node-20</li>
<li><a
href="d0be34d544"><code>d0be34d</code></a>
Fix dist</li>
<li><a
href="66cf064d47"><code>66cf064</code></a>
Merge branch 'main' into update-to-node-20</li>
<li><a
href="1326563738"><code>1326563</code></a>
Merge branch 'main' into main</li>
<li><a
href="e71876755e"><code>e718767</code></a>
Fix format</li>
<li><a
href="01229828ff"><code>0122982</code></a>
Apply workaround for earlyExit</li>
<li><a
href="3185ecfd61"><code>3185ecf</code></a>
Update "only-" actions to node20</li>
<li><a
href="25618a0a67"><code>25618a0</code></a>
Bump version</li>
<li>Additional commits viewable in <a
href="e12d46a63a...13aacd865c">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.2 to 0.15.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.3</h2>
<h2>Changes in v0.15.3</h2>
<ul>
<li>chore(deps): update Syft to v0.100.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/435">#435</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c7f031d924"><code>c7f031d</code></a>
chore(deps): update Syft to v0.100.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/435">#435</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.2...v0.15.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.1 to 0.15.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.2</h2>
<h2>Changes in v0.15.2</h2>
<ul>
<li>chore(deps): update Syft to v0.99.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/432">#432</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
<li>chore: fix github-script invocation in update-snapshots workflow (<a
href="https://redirect.github.com/anchore/sbom-action/issues/433">#433</a>)
[<a href="https://github.com/willmurphyscode">willmurphyscode</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="719133684c"><code>7191336</code></a>
chore(deps): update Syft to v0.99.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/432">#432</a>)</li>
<li><a
href="b05b28be1a"><code>b05b28b</code></a>
chore: fix github-script invocation (<a
href="https://redirect.github.com/anchore/sbom-action/issues/433">#433</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.1...v0.15.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[cachix/install-nix-action](https://github.com/cachix/install-nix-action)
from 23 to 24.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cachix/install-nix-action/releases">cachix/install-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>install-nix-action-v24</h2>
<ul>
<li>Nix 2.19.1</li>
<li>enables KVM on linux</li>
<li>set <code>TMPDIR</code> to avoid potential disk space issues</li>
<li>don't use the default GitHub token for Enterprise</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7ac1ec2549"><code>7ac1ec2</code></a>
Nix 2.19.1</li>
<li><a
href="dc33a216cb"><code>dc33a21</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/200">#200</a>
from cachix/fix/196</li>
<li><a
href="2b90cd3130"><code>2b90cd3</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/202">#202</a>
from cachix/feature/kvm</li>
<li><a
href="fe19c91c6b"><code>fe19c91</code></a>
feat: enable KVM on Linux if available</li>
<li><a
href="a56e3a8089"><code>a56e3a8</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/199">#199</a>
from jalaziz/tempdir</li>
<li><a
href="81eb746179"><code>81eb746</code></a>
Update install-nix.sh</li>
<li><a
href="97a1be3c09"><code>97a1be3</code></a>
fix: don't use the default GitHub token for Enterprise</li>
<li><a
href="2cce1fd76b"><code>2cce1fd</code></a>
fix: Set TMPDIR to avoid disk space issues</li>
<li><a
href="300721fe01"><code>300721f</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/193">#193</a>
from cachix/dependabot/github_actions/actions/checkout-4</li>
<li><a
href="fe6788c5de"><code>fe6788c</code></a>
chore(deps): bump actions/checkout from 3 to 4</li>
<li>See full diff in <a
href="https://github.com/cachix/install-nix-action/compare/v23...v24">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[docker/setup-qemu-action](https://github.com/docker/setup-qemu-action)
from 2.2.0 to 3.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-qemu-action/releases">docker/setup-qemu-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<ul>
<li>Node 20 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions
Runner v2.308.0</a> or later) by <a
href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/102">docker/setup-qemu-action#102</a></li>
<li>Bump <code>@actions/core</code> from 1.10.0 to 1.10.1 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/103">docker/setup-qemu-action#103</a></li>
<li>Bump semver from 6.3.0 to 6.3.1 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/89">docker/setup-qemu-action#89</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-qemu-action/compare/v2.2.0...v3.0.0">https://github.com/docker/setup-qemu-action/compare/v2.2.0...v3.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="68827325e0"><code>6882732</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/103">#103</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.1</li>
<li><a
href="183f4af504"><code>183f4af</code></a>
chore: update generated content</li>
<li><a
href="f17493529e"><code>f174935</code></a>
build(deps): bump <code>@actions/core</code> from 1.10.0 to 1.10.1</li>
<li><a
href="2e423eb500"><code>2e423eb</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/89">#89</a>
from docker/dependabot/npm_and_yarn/semver-6.3.1</li>
<li><a
href="ecc406afa7"><code>ecc406a</code></a>
Bump semver from 6.3.0 to 6.3.1</li>
<li><a
href="12dec5e201"><code>12dec5e</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/102">#102</a>
from crazy-max/update-node20</li>
<li><a
href="c29b312130"><code>c29b312</code></a>
chore: node 20 as default runtime</li>
<li><a
href="34ae628c8f"><code>34ae628</code></a>
chore: update generated content</li>
<li><a
href="1f3d2e1ac0"><code>1f3d2e1</code></a>
chore: fix author in package.json</li>
<li><a
href="277dbe8c9c"><code>277dbe8</code></a>
vendor: bump <code>@docker/actions-toolkit</code> from 0.3.0 to
0.12.0</li>
<li>Additional commits viewable in <a
href="2b82ce82d5...68827325e0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 2.10.0 to 3.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<ul>
<li>Node 20 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions
Runner v2.308.0</a> or later) by <a
href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/264">docker/setup-buildx-action#264</a></li>
<li>Bump <code>@actions/core</code> from 1.10.0 to 1.10.1 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/267">docker/setup-buildx-action#267</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.10.0...v3.0.0">https://github.com/docker/setup-buildx-action/compare/v2.10.0...v3.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f95db51fdd"><code>f95db51</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/267">#267</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.1</li>
<li><a
href="998a87c2c1"><code>998a87c</code></a>
chore: update generated content</li>
<li><a
href="28bae59336"><code>28bae59</code></a>
build(deps): bump <code>@actions/core</code> from 1.10.0 to 1.10.1</li>
<li><a
href="c215341715"><code>c215341</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/264">#264</a>
from crazy-max/update-node20</li>
<li><a
href="02e9319239"><code>02e9319</code></a>
chore: node 20 as default runtime</li>
<li><a
href="5c9160effc"><code>5c9160e</code></a>
chore: update generated content</li>
<li><a
href="1283140f57"><code>1283140</code></a>
chore: fix author in package.json</li>
<li><a
href="c6afe06e4a"><code>c6afe06</code></a>
vendor: bump <code>@docker/actions-toolkit</code> from 0.10.0 to
0.12.0</li>
<li><a
href="f35e0d5a04"><code>f35e0d5</code></a>
chore: update dev dependencies</li>
<li><a
href="baeb468fb2"><code>baeb468</code></a>
dev: remove unneeded binaries</li>
<li>Additional commits viewable in <a
href="885d1462b8...f95db51fdd">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [docker/login-action](https://github.com/docker/login-action) from
2.2.0 to 3.0.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="343f7c4344"><code>343f7c4</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/599">#599</a>
from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li>
<li><a
href="aad0f974f2"><code>aad0f97</code></a>
chore: update generated content</li>
<li><a
href="2e0cd39144"><code>2e0cd39</code></a>
build(deps): bump the aws-sdk-dependencies group with 2 updates</li>
<li><a
href="203bc9c4ef"><code>203bc9c</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/588">#588</a>
from docker/dependabot/npm_and_yarn/proxy-agent-depen...</li>
<li><a
href="2199648fc8"><code>2199648</code></a>
chore: update generated content</li>
<li><a
href="b489376173"><code>b489376</code></a>
build(deps): bump the proxy-agent-dependencies group with 1 update</li>
<li><a
href="7c309e74e6"><code>7c309e7</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/598">#598</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.1</li>
<li><a
href="0ccf222961"><code>0ccf222</code></a>
chore: update generated content</li>
<li><a
href="56d703e106"><code>56d703e</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/597">#597</a>
from docker/dependabot/github_actions/aws-actions/con...</li>
<li><a
href="24d3b3519e"><code>24d3b35</code></a>
build(deps): bump <code>@actions/core</code> from 1.10.0 to 1.10.1</li>
<li>Additional commits viewable in <a
href="465a07811f...343f7c4344">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[cachix/install-nix-action](https://github.com/cachix/install-nix-action)
from 22 to 23.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cachix/install-nix-action/releases">cachix/install-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>install-nix-action-v23</h2>
<ul>
<li>always show Nix trace</li>
<li>Nix 2.17</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6a9a9e84a1"><code>6a9a9e8</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/192">#192</a>
from grahamc/patch-1</li>
<li><a
href="4509d84f10"><code>4509d84</code></a>
Update to Nix 2.17.0</li>
<li><a
href="5cfd5166ea"><code>5cfd516</code></a>
bump</li>
<li><a
href="e02ea8c42e"><code>e02ea8c</code></a>
Fix links to nix.dev</li>
<li><a
href="fffc90f426"><code>fffc90f</code></a>
always show trace</li>
<li>See full diff in <a
href="https://github.com/cachix/install-nix-action/compare/v22...v23">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 2.9.1 to 2.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.10.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump <code>@docker/actions-toolkit</code> from 0.7.1 to 0.10.0 by
<a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/258">docker/setup-buildx-action#258</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/253">docker/setup-buildx-action#253</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.9.1...v2.10.0">https://github.com/docker/setup-buildx-action/compare/v2.9.1...v2.10.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="885d1462b8"><code>885d146</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/258">#258</a>
from crazy-max/update-toolkit</li>
<li><a
href="e5fad018d0"><code>e5fad01</code></a>
ci: check lab releases</li>
<li><a
href="45161fd92a"><code>45161fd</code></a>
update generated content</li>
<li><a
href="a4d51f53dd"><code>a4d51f5</code></a>
bump <code>@docker/actions-toolkit</code> from 0.7.1 to 0.10.0</li>
<li><a
href="93b8ecaa2c"><code>93b8eca</code></a>
ci: docker-ce packages are now installed on GitHub Runners</li>
<li><a
href="7703e82fbc"><code>7703e82</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/253">#253</a>
from docker/dependabot/npm_and_yarn/word-wrap-1.2.5</li>
<li><a
href="0005881963"><code>0005881</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/254">#254</a>
from crazy-max/rm-codeowners</li>
<li><a
href="b699069f49"><code>b699069</code></a>
chore: remove CODEOWNERS</li>
<li><a
href="9bfc5497b8"><code>9bfc549</code></a>
Bump word-wrap from 1.2.3 to 1.2.5</li>
<li><a
href="b92d4d8769"><code>b92d4d8</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/252">#252</a>
from crazy-max/dependabot-update</li>
<li>Additional commits viewable in <a
href="4c0219f9ac...885d1462b8">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 2.7.0 to 2.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.8.0</h2>
<ul>
<li>Only set specific flags for drivers supporting them by <a
href="https://github.com/nicks"><code>@nicks</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/241">docker/setup-buildx-action#241</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.5.0 to 0.6.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/242">docker/setup-buildx-action#242</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.7.0...v2.8.0">https://github.com/docker/setup-buildx-action/compare/v2.7.0...v2.8.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="16c0bc4a6e"><code>16c0bc4</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/242">#242</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="ebcacb9c21"><code>ebcacb9</code></a>
update generated content</li>
<li><a
href="496a823b8b"><code>496a823</code></a>
Bump <code>@docker/actions-toolkit</code> from 0.5.0 to 0.6.0</li>
<li><a
href="a56031a493"><code>a56031a</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/241">#241</a>
from nicks/nicks/driver</li>
<li><a
href="922550f064"><code>922550f</code></a>
context: only append flags if we know the driver supports them</li>
<li>See full diff in <a
href="ecf95283f0...16c0bc4a6e">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.1.0 to 3.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.1</h2>
<h2>What's Changed</h2>
<ul>
<li>default cosign to v2.1.1 by <a
href="https://github.com/cpanato"><code>@cpanato</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/137">sigstore/cosign-installer#137</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1">https://github.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6e04d228eb"><code>6e04d22</code></a>
default cosign to v2.1.1 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/137">#137</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[cachix/install-nix-action](https://github.com/cachix/install-nix-action)
from 21 to 22.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cachix/install-nix-action/releases">cachix/install-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>install-nix-action-v22</h2>
<ul>
<li>Nix 2.16.1</li>
<li>Fix issues with System Integrity Protection when using macos-12</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6ed004b9cc"><code>6ed004b</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/184">#184</a>
from cachix/macos-bump</li>
<li><a
href="e27879448e"><code>e278794</code></a>
Nix: 2.15.1 -> 2.16.1</li>
<li><a
href="8ab3881720"><code>8ab3881</code></a>
use system certs</li>
<li><a
href="16b951426e"><code>16b9514</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/182">#182</a>
from l0b0/feat/configure-editors</li>
<li><a
href="2c203fd87b"><code>2c203fd</code></a>
feat: Configure editors</li>
<li>See full diff in <a
href="https://github.com/cachix/install-nix-action/compare/v21...v22">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 2.6.0 to 2.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.7.0</h2>
<ul>
<li>Bump <code>@docker/actions-toolkit</code> from 0.3.0 to 0.5.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/237">docker/setup-buildx-action#237</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/238">docker/setup-buildx-action#238</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.6.0...v2.7.0">https://github.com/docker/setup-buildx-action/compare/v2.6.0...v2.7.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ecf95283f0"><code>ecf9528</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/238">#238</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="b2a38ee0c6"><code>b2a38ee</code></a>
update generated content</li>
<li><a
href="7f79690cac"><code>7f79690</code></a>
Bump <code>@docker/actions-toolkit</code> from 0.4.0 to 0.5.0</li>
<li><a
href="bdd549bec0"><code>bdd549b</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/237">#237</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="be4a3855af"><code>be4a385</code></a>
update generated content</li>
<li><a
href="6c4dbb29f6"><code>6c4dbb2</code></a>
Bump <code>@docker/actions-toolkit</code> from 0.3.0 to 0.4.0</li>
<li>See full diff in <a
href="6a58db7e0d...ecf95283f0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot]
Carlos Alexandro Becker