dependabot[bot]
980bccd1fe
chore(deps): bump actions/checkout from 3.4.0 to 3.5.3 ( #4088 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.4.0
to 3.5.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases ">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v3.5.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix: Checkout Issue in self hosted runner due to faulty submodule
check-ins by <a
href="https://github.com/megamanics "><code>@megamanics</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1196 ">actions/checkout#1196</a></li>
<li>Fix typos found by codespell by <a
href="https://github.com/DimitriPapadopoulos "><code>@DimitriPapadopoulos</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1287 ">actions/checkout#1287</a></li>
<li>Add support for sparse checkouts by <a
href="https://github.com/dscho "><code>@dscho</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1369 ">actions/checkout#1369</a></li>
<li>Release v3.5.3 by <a
href="https://github.com/TingluoHuang "><code>@TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1376 ">actions/checkout#1376</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/megamanics "><code>@megamanics</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1196 ">actions/checkout#1196</a></li>
<li><a
href="https://github.com/DimitriPapadopoulos "><code>@DimitriPapadopoulos</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1287 ">actions/checkout#1287</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v3...v3.5.3 ">https://github.com/actions/checkout/compare/v3...v3.5.3 </a></p>
<h2>v3.5.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix: Use correct API url / endpoint in GHES by <a
href="https://github.com/fhammerl "><code>@fhammerl</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1289 ">actions/checkout#1289</a>
based on <a
href="https://redirect.github.com/actions/checkout/issues/1286 ">#1286</a>
by <a href="https://github.com/1newsr "><code>@1newsr</code></a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v3.5.1...v3.5.2 ">https://github.com/actions/checkout/compare/v3.5.1...v3.5.2 </a></p>
<h2>v3.5.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Improve checkout performance on Windows runners by upgrading
<code>@actions/github</code> dependency by <a
href="https://github.com/BrettDong "><code>@BrettDong</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1246 ">actions/checkout#1246</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/BrettDong "><code>@BrettDong</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1246 ">actions/checkout#1246</a></li>
<li><a href="https://github.com/fhammerl "><code>@fhammerl</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1284 ">actions/checkout#1284</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v3.5.0...v3.5.1 ">https://github.com/actions/checkout/compare/v3.5.0...v3.5.1 </a></p>
<h2>v3.5.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add new public key for known_hosts by <a
href="https://github.com/cdb "><code>@cdb</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1237 ">actions/checkout#1237</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/cdb "><code>@cdb</code></a> made their
first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1237 ">actions/checkout#1237</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v3.4.0...v3.5.0 ">https://github.com/actions/checkout/compare/v3.4.0...v3.5.0 </a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md ">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v3.5.3</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1196 ">Fix:
Checkout fail in self-hosted runners when faulty submodule are
checked-in</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1287 ">Fix
typos found by codespell</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1369 ">Add
support for sparse checkouts</a></li>
</ul>
<h2>v3.5.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1289 ">Fix
api endpoint for GHES</a></li>
</ul>
<h2>v3.5.1</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1246 ">Fix
slow checkout on Windows</a></li>
</ul>
<h2>v3.5.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1237 ">Add
new public key for known_hosts</a></li>
</ul>
<h2>v3.4.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1209 ">Upgrade
codeql actions to v2</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1210 ">Upgrade
dependencies</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1225 ">Upgrade
<code>@actions/io</code></a></li>
</ul>
<h2>v3.3.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1045 ">Implement
branch list using callbacks from exec function</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1050 ">Add
in explicit reference to private checkout options</a></li>
<li>[Fix comment typos (that got added in <a
href="https://redirect.github.com/actions/checkout/issues/770 ">#770</a>)](<a
href="https://redirect.github.com/actions/checkout/pull/1057 ">actions/checkout#1057</a>)</li>
</ul>
<h2>v3.2.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/942 ">Add
GitHub Action to perform release</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/967 ">Fix
status badge</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1002 ">Replace
datadog/squid with ubuntu/squid Docker image</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/964 ">Wrap
pipeline commands for submoduleForeach in quotes</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1029 ">Update
<code>@actions/io</code> to 1.1.2</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1039 ">Upgrading
version to 3.2.0</a></li>
</ul>
<h2>v3.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/939 ">Use
<code>@actions/core</code> <code>saveState</code> and
<code>getState</code></a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/922 ">Add
<code>github-server-url</code> input</a></li>
</ul>
<h2>v3.0.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/770 ">Add
input <code>set-safe-directory</code></a></li>
</ul>
<h2>v3.0.1</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/762 ">Fixed an
issue where checkout failed to run in container jobs due to the new git
setting <code>safe.directory</code></a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/744 ">Bumped
various npm package versions</a></li>
</ul>
<h2>v3.0.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/689 ">Update to
node 16</a></li>
</ul>
<h2>v2.3.1</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c85c95e3d7https://redirect.github.com/actions/checkout/issues/1376 ">#1376</a>)</li>
<li><a
href="d106d4669bhttps://redirect.github.com/actions/checkout/issues/1369 ">#1369</a>)</li>
<li><a
href="f095bcc56bhttps://redirect.github.com/actions/checkout/issues/1287 ">#1287</a>)</li>
<li><a
href="47fbe2df0a8e5e7e5ab8https://redirect.github.com/actions/checkout/issues/1291 ">#1291</a>)</li>
<li><a
href="eb35239ec2https://redirect.github.com/actions/checkout/issues/1289 ">#1289</a>)</li>
<li><a
href="83b7061638https://redirect.github.com/actions/checkout/issues/1284 ">#1284</a>)</li>
<li><a
href="40a16ebeed8f4b7f8486https://redirect.github.com/actions/checkout/issues/1237 ">#1237</a>)</li>
<li><a
href="cd6a9fd493https://github.com/actions/checkout/compare/v3.4.0...c85c95e3d7251135ab7dc9ce3241c5835cc595a9 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-12 08:57:05 -03:00
dependabot[bot]
6f0cb99477
chore(deps): bump docker/setup-buildx-action from 2.5.0 to 2.6.0 ( #4083 )
...
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action )
from 2.5.0 to 2.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases ">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.6.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Set node name for k8s driver when appending nodes by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/219 ">docker/setup-buildx-action#219</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.1.0-beta.18 to
0.3.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/220 ">docker/setup-buildx-action#220</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/229 ">docker/setup-buildx-action#229</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/231 ">docker/setup-buildx-action#231</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/236 ">docker/setup-buildx-action#236</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.5.0...v2.6.0 ">https://github.com/docker/setup-buildx-action/compare/v2.5.0...v2.6.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6a58db7e0dhttps://redirect.github.com/docker/setup-buildx-action/issues/236 ">#236</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="d56292e348790eb2db472a81c53912https://redirect.github.com/docker/setup-buildx-action/issues/231 ">#231</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="00b2400aad484614d7a1d95759405fhttps://redirect.github.com/docker/setup-buildx-action/issues/219 ">#219</a>
from crazy-max/ci-k3s-append</li>
<li><a
href="5bb6d36be0a99c5e53effc1a41d2e54b4e9c3e2d...6a58db7e0dhttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=2.5.0&new-version=2.6.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-08 09:41:17 -03:00
dependabot[bot]
8498279c5b
chore(deps): bump docker/setup-qemu-action from 2.1.0 to 2.2.0 ( #4084 )
2023-06-08 09:10:29 -03:00
dependabot[bot]
967bd7b06c
chore(deps): bump cachix/install-nix-action from 20 to 21 ( #4040 )
...
Bumps
[cachix/install-nix-action](https://github.com/cachix/install-nix-action )
from 20 to 21.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cachix/install-nix-action/releases ">cachix/install-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>install-nix-action-v21</h2>
<ul>
<li>pin Nix to 2.15.1 (recent releases broke too many things)</li>
<li>fix the action to work on custom containers</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4b933aa7eb35806937f1https://redirect.github.com/cachix/install-nix-action/issues/179 ">#179</a>
from joergdw/fix-action-path</li>
<li><a
href="3eb7a24508https://redirect.github.com/cachix/install-nix-action/issues/178 ">#178</a>
from cachix/docs/149</li>
<li><a
href="840ed7ce9ab2f4229533e304541747https://redirect.github.com/cachix/install-nix-action/issues/170 ">#170</a></li>
<li><a
href="3988b729f9763a38057167e9fd765dbe4cef7b77https://redirect.github.com/cachix/install-nix-action/issues/166 ">#166</a>
from l0b0/refactor/linting</li>
<li>Additional commits viewable in <a
href="https://github.com/cachix/install-nix-action/compare/v20...v21 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-26 10:00:14 -03:00
Carlos Alexandro Becker
99afc8d62e
feat: nix support ( #4012 )
...
very, very, very WIP implementation of nixpkgs for GoReleaser.
**Decisions made for this first version:**
- only linux and darwin, arm64, 386 and amd64
- only support pkgs from goreleaser-generated archives
- no support to push into default nixpkgs repository
- no support to automatically add the _maybe_ new pkg to the root
`default.nix`
- the generated nixpkg will be rather verbose, which shouldn't be too
much of an issue as it is autogenerated anyway
**TODOs**:
- [x] macos universal binary support
- [x] custom pkg path (e.g. pkgs/misc/foo/bar/default.nix)
- [x] handle archives with a folder in them
- [x] add more options: postInstall, ??
**Will be handled in future versions**:
- [ ] archives.format=binary support
- [ ] compile from source
- [ ] PR-ing into nixpkgs
- [ ] armv6l-linux & armv7l-linux support
closes #3537
---------
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2023-05-25 23:07:10 -03:00
dependabot[bot]
4227c194f8
chore(deps): bump sigstore/cosign-installer from 3.0.4 to 3.0.5 ( #4020 )
2023-05-18 09:34:13 -03:00
dependabot[bot]
670238c3ea
chore(deps): bump sigstore/cosign-installer from 3.0.3 to 3.0.4 ( #4018 )
2023-05-17 09:02:19 -03:00
dependabot[bot]
234e1d8ce5
chore(deps): bump codecov/codecov-action from 3.1.3 to 3.1.4 ( #4014 )
...
Bumps
[codecov/codecov-action](https://github.com/codecov/codecov-action ) from
3.1.3 to 3.1.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/releases ">codecov/codecov-action's
releases</a>.</em></p>
<blockquote>
<h2>3.1.4</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump <code>@types/node</code> from 18.15.12 to
18.16.3 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/970 ">codecov/codecov-action#970</a></li>
<li>Fix typo in README.md by <a
href="https://github.com/hisaac "><code>@hisaac</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/967 ">codecov/codecov-action#967</a></li>
<li>fix: add back in working dir by <a
href="https://github.com/thomasrockhu-codecov "><code>@thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/971 ">codecov/codecov-action#971</a></li>
<li>fix: CLI option names for uploader by <a
href="https://github.com/kleisauke "><code>@kleisauke</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/969 ">codecov/codecov-action#969</a></li>
<li>build(deps-dev): bump <code>@types/node</code> from 18.16.3 to
20.1.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/975 ">codecov/codecov-action#975</a></li>
<li>build(deps-dev): bump <code>@types/node</code> from 20.1.0 to
20.1.2 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/979 ">codecov/codecov-action#979</a></li>
<li>build(deps-dev): bump <code>@types/node</code> from 20.1.2 to
20.1.4 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/981 ">codecov/codecov-action#981</a></li>
<li>release: 3.1.4 by <a
href="https://github.com/thomasrockhu-codecov "><code>@thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/983 ">codecov/codecov-action#983</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/hisaac "><code>@hisaac</code></a> made
their first contribution in <a
href="https://redirect.github.com/codecov/codecov-action/pull/967 ">codecov/codecov-action#967</a></li>
<li><a href="https://github.com/kleisauke "><code>@kleisauke</code></a>
made their first contribution in <a
href="https://redirect.github.com/codecov/codecov-action/pull/969 ">codecov/codecov-action#969</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v3.1.3...v3.1.4 ">https://github.com/codecov/codecov-action/compare/v3.1.3...v3.1.4 </a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md ">codecov/codecov-action's
changelog</a>.</em></p>
<blockquote>
<h2>3.1.4</h2>
<h3>Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/967 ">#967</a>
Fix typo in README.md</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/971 ">#971</a>
fix: add back in working dir</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/969 ">#969</a>
fix: CLI option names for uploader</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/970 ">#970</a>
build(deps-dev): bump <code>@types/node</code> from 18.15.12 to
18.16.3</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/979 ">#979</a>
build(deps-dev): bump <code>@types/node</code> from 20.1.0 to
20.1.2</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/981 ">#981</a>
build(deps-dev): bump <code>@types/node</code> from 20.1.2 to
20.1.4</li>
</ul>
<h2>3.1.3</h2>
<h3>Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/960 ">#960</a>
fix: allow for aarch64 build</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/957 ">#957</a>
build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/958 ">#958</a>
build(deps): bump openpgp from 5.7.0 to 5.8.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/959 ">#959</a>
build(deps-dev): bump <code>@types/node</code> from 18.15.10 to
18.15.12</li>
</ul>
<h2>3.1.2</h2>
<h3>Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/718 ">#718</a>
Update README.md</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/851 ">#851</a>
Remove unsupported path_to_write_report argument</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/898 ">#898</a>
codeql-analysis.yml</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/901 ">#901</a>
Update README to contain correct information - inputs and negate
feature</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/955 ">#955</a>
fix: add in all the extra arguments for uploader</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/819 ">#819</a>
build(deps): bump openpgp from 5.4.0 to 5.5.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/835 ">#835</a>
build(deps): bump node-fetch from 3.2.4 to 3.2.10</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/840 ">#840</a>
build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/841 ">#841</a>
build(deps): bump <code>@actions/core</code> from 1.9.1 to 1.10.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/843 ">#843</a>
build(deps): bump <code>@actions/github</code> from 5.0.3 to 5.1.1</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/869 ">#869</a>
build(deps): bump node-fetch from 3.2.10 to 3.3.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/872 ">#872</a>
build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/879 ">#879</a>
build(deps): bump decode-uri-component from 0.2.0 to 0.2.2</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/889 ">#889</a>
build(deps): bump ossf/scorecard-action from 1.1.1 to 2.1.2</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/895 ">#895</a>
build(deps): bump json5 from 2.2.1 to 2.2.3</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/896 ">#896</a>
build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/900 ">#900</a>
build(deps-dev): bump <code>@vercel/ncc</code> from 0.34.0 to
0.36.1</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/905 ">#905</a>
build(deps-dev): bump typescript from 4.7.4 to 4.9.5</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/911 ">#911</a>
build(deps-dev): bump <code>@types/node</code> from 16.11.40 to
18.13.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/922 ">#922</a>
build(deps-dev): bump <code>@types/node</code> from 18.13.0 to
18.14.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/924 ">#924</a>
build(deps): bump openpgp from 5.5.0 to 5.7.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/927 ">#927</a>
build(deps-dev): bump <code>@types/node</code> from 18.14.0 to
18.14.2</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/933 ">#933</a>
build(deps-dev): bump <code>@types/node</code> from 18.14.2 to
18.14.6</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/937 ">#937</a>
build(deps-dev): bump <code>@types/node</code> from 18.14.6 to
18.15.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/938 ">#938</a>
build(deps): bump node-fetch from 3.3.0 to 3.3.1</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/945 ">#945</a>
build(deps-dev): bump <code>@types/node</code> from 18.15.0 to
18.15.5</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="eaaf4bedf3https://redirect.github.com/codecov/codecov-action/issues/983 ">#983</a>)</li>
<li><a
href="c2ab9ab2e1https://redirect.github.com/codecov/codecov-action/issues/981 ">#981</a>)</li>
<li><a
href="49c20db375https://redirect.github.com/codecov/codecov-action/issues/979 ">#979</a>)</li>
<li><a
href="cf8e3e4262https://redirect.github.com/codecov/codecov-action/issues/975 ">#975</a>)</li>
<li><a
href="1c34415a06https://redirect.github.com/codecov/codecov-action/issues/969 ">#969</a>)</li>
<li><a
href="b4dfea724fhttps://redirect.github.com/codecov/codecov-action/issues/971 ">#971</a>)</li>
<li><a
href="5bf250470ehttps://redirect.github.com/codecov/codecov-action/issues/967 ">#967</a>)</li>
<li><a
href="1dd0ce34behttps://redirect.github.com/codecov/codecov-action/issues/970 ">#970</a>)</li>
<li>See full diff in <a
href="894ff025c7...eaaf4bedf3https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=3.1.3&new-version=3.1.4 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-16 09:22:03 -03:00
dependabot[bot]
8005088588
chore(deps): bump actions/setup-go from 4.0.0 to 4.0.1 ( #4015 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 4.0.0
to 4.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases ">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update documentation for <code>v4</code> by <a
href="https://github.com/dsame "><code>@dsame</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/354 ">actions/setup-go#354</a></li>
<li>Fix glob bug in the package.json scripts section by <a
href="https://github.com/IvanZosimov "><code>@IvanZosimov</code></a> in
<a
href="https://redirect.github.com/actions/setup-go/pull/359 ">actions/setup-go#359</a></li>
<li>Bump <code>xml2js</code> dependency by <a
href="https://github.com/dmitry-shibanov "><code>@dmitry-shibanov</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/370 ">actions/setup-go#370</a></li>
<li>Bump <code>@actions/cache</code> dependency to v3.2.1 by <a
href="https://github.com/nikolai-laevskii "><code>@nikolai-laevskii</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/374 ">actions/setup-go#374</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/nikolai-laevskii "><code>@nikolai-laevskii</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/374 ">actions/setup-go#374</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-go/compare/v4...v4.0.1 ">https://github.com/actions/setup-go/compare/v4...v4.0.1 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fac708d667https://redirect.github.com/actions/setup-go/issues/374 ">#374</a>)</li>
<li><a
href="dd84a9531ahttps://redirect.github.com/actions/setup-go/issues/370 ">#370</a>)</li>
<li><a
href="41c2024c46https://redirect.github.com/actions/setup-go/issues/359 ">#359</a>)</li>
<li><a
href="8dbf352f06https://redirect.github.com/actions/setup-go/issues/354 ">#354</a>)</li>
<li>See full diff in <a
href="4d34df0c23...fac708d667https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-go&package-manager=github_actions&previous-version=4.0.0&new-version=4.0.1 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-16 09:21:45 -03:00
dependabot[bot]
64d6424215
chore(deps): bump anchore/sbom-action from 0.14.1 to 0.14.2 ( #3994 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from
0.14.1 to 0.14.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases ">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.14.2</h2>
<h2>Changes in v0.14.2</h2>
<ul>
<li>Update Syft to v0.80.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/415 ">#415</a>)</li>
<li>Make sure all invalid artifact name characters are replaced <a
href="https://redirect.github.com/anchore/sbom-action/issues/396 ">#396</a>
(<a
href="https://redirect.github.com/anchore/sbom-action/issues/417 ">#417</a>)
[<a href="https://github.com/lts-po ">lts-po</a>]</li>
<li>Ensure SBOM is copied to <code>output-file</code> (<a
href="https://redirect.github.com/anchore/sbom-action/issues/411 ">#411</a>)
[<a href="https://github.com/gszr ">gszr</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4d571ad103https://redirect.github.com/anchore/sbom-action/issues/415 ">#415</a>)</li>
<li><a
href="a59054d328https://redirect.github.com/anchore/sbom-action/issues/39 ">#39</a>...</li>
<li><a
href="ea7104d799https://redirect.github.com/anchore/sbom-action/issues/413 ">#413</a>)</li>
<li><a
href="50dec67b80https://redirect.github.com/anchore/sbom-action/issues/409 ">#409</a>)</li>
<li><a
href="8e2e93770chttps://redirect.github.com/anchore/sbom-action/issues/411 ">#411</a>)</li>
<li><a
href="800a56fe08https://redirect.github.com/anchore/sbom-action/issues/412 ">#412</a>)</li>
<li><a
href="9cf3dcd573https://redirect.github.com/anchore/sbom-action/issues/410 ">#410</a>)</li>
<li><a
href="642f63cefchttps://redirect.github.com/anchore/sbom-action/issues/408 ">#408</a>)</li>
<li><a
href="a7622b6841https://redirect.github.com/anchore/sbom-action/issues/407 ">#407</a>)</li>
<li><a
href="c82ee2675fhttps://redirect.github.com/anchore/sbom-action/issues/406 ">#406</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/anchore/sbom-action/compare/v0.14.1...v0.14.2 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-05-08 08:49:41 -03:00
Carlos Alexandro Becker
803ef6566e
build: use ghaction-upx
...
thanks @crazy-max!
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2023-05-03 17:06:46 +00:00
Carlos Alexandro Becker
d4fc62780c
chore(deps): bump many actions
2023-05-02 12:24:53 +00:00
Carlos Alexandro Becker
43ae761179
feat: native upx support ( #3965 )
...
this adds a new root-level `upx` config, so users can pack their
binaries with upx :)
---------
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2023-05-01 21:22:05 -03:00
Carlos A Becker
b4b6496ea6
build: setup-go update
2023-03-17 16:04:47 -03:00
dependabot[bot]
b623247fb7
chore(deps): bump actions/setup-go from 3.5.0 to 4.0.0 ( #3871 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.5.0
to 4.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases ">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<p>In scope of release we enable cache by default. The action won’t
throw an error if the cache can’t be restored or saved. The action will
throw a warning message but it won’t stop a build process. The cache can
be disabled by specifying <code>cache: false</code>.</p>
<pre lang="yaml"><code>steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v4
with:
go-version: ‘1.19’
- run: go run hello.go
</code></pre>
<p>Besides, we introduce such changes as</p>
<ul>
<li><a
href="https://redirect.github.com/actions/setup-go/pull/305 ">Allow to
use only GOCACHE for cache</a></li>
<li><a href="https://redirect.github.com/actions/setup-go/pull/315 ">Bump
json5 from 2.2.1 to 2.2.3</a></li>
<li><a href="https://redirect.github.com/actions/setup-go/pull/323 ">Use
proper version for primary key in cache</a></li>
<li><a
href="https://redirect.github.com/actions/setup-go/pull/351 ">Always add
Go bin to the PATH</a></li>
<li><a href="https://redirect.github.com/actions/setup-go/pull/350 ">Add
step warning if go-version input is empty</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4d34df0c23https://redirect.github.com/actions/setup-go/issues/348 ">#348</a>)</li>
<li><a
href="fdc0d672a1https://redirect.github.com/actions/setup-go/issues/351 ">#351</a>)</li>
<li><a
href="ebfdf6ac95https://redirect.github.com/actions/setup-go/issues/350 ">#350</a>)</li>
<li><a
href="b27d76912ehttps://redirect.github.com/actions/setup-go/issues/349 ">#349</a>)</li>
<li><a
href="c51a720768https://redirect.github.com/actions/setup-go/issues/332 ">#332</a>)</li>
<li><a
href="6b848af622https://redirect.github.com/actions/setup-go/issues/343 ">#343</a>
from akv-platform/reusable-workflow</li>
<li><a
href="12741cc2097a77a6aab642a0cc8e147406d654adhttps://redirect.github.com/actions/setup-go/issues/341 ">#341</a>)</li>
<li>Additional commits viewable in <a
href="6edd4406fa...4d34df0c23https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-go&package-manager=github_actions&previous-version=3.5.0&new-version=4.0.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2023-03-17 00:40:25 -03:00
dependabot[bot]
5773f1a246
chore(deps): bump actions/checkout from 3.3.0 to 3.4.0 ( #3872 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.3.0
to 3.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases ">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgrade codeql actions to v2 by <a
href="https://github.com/Link "><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/checkout/pull/1209 ">actions/checkout#1209</a></li>
<li>Upgrade dependencies by <a
href="https://github.com/Link "><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/checkout/pull/1210 ">actions/checkout#1210</a></li>
<li>Backfill changelog and bump actions/io by <a
href="https://github.com/cory-miller "><code>@cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1225 ">actions/checkout#1225</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Link "><code>@Link</code></a>- made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1209 ">actions/checkout#1209</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v3.3.0...v3.4.0 ">https://github.com/actions/checkout/compare/v3.3.0...v3.4.0 </a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md ">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v3.4.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1209 ">Upgrade
codeql actions to v2</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1210 ">Upgrade
dependencies</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1225 ">Upgrade
<code>@actions/io</code></a></li>
</ul>
<h2>v3.3.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1045 ">Implement
branch list using callbacks from exec function</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1050 ">Add
in explicit reference to private checkout options</a></li>
<li>[Fix comment typos (that got added in <a
href="https://redirect.github.com/actions/checkout/issues/770 ">#770</a>)](<a
href="https://redirect.github.com/actions/checkout/pull/1057 ">actions/checkout#1057</a>)</li>
</ul>
<h2>v3.2.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/942 ">Add
GitHub Action to perform release</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/967 ">Fix
status badge</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1002 ">Replace
datadog/squid with ubuntu/squid Docker image</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/964 ">Wrap
pipeline commands for submoduleForeach in quotes</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1029 ">Update
<code>@actions/io</code> to 1.1.2</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1039 ">Upgrading
version to 3.2.0</a></li>
</ul>
<h2>v3.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/939 ">Use
<code>@actions/core</code> <code>saveState</code> and
<code>getState</code></a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/922 ">Add
<code>github-server-url</code> input</a></li>
</ul>
<h2>v3.0.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/770 ">Add
input <code>set-safe-directory</code></a></li>
</ul>
<h2>v3.0.1</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/762 ">Fixed an
issue where checkout failed to run in container jobs due to the new git
setting <code>safe.directory</code></a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/744 ">Bumped
various npm package versions</a></li>
</ul>
<h2>v3.0.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/689 ">Update to
node 16</a></li>
</ul>
<h2>v2.3.1</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/284 ">Fix
default branch resolution for .wiki and when using SSH</a></li>
</ul>
<h2>v2.3.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/278 ">Fallback to
the default branch</a></li>
</ul>
<h2>v2.2.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/258 ">Fetch all
history for all tags and branches when fetch-depth=0</a></li>
</ul>
<h2>v2.1.1</h2>
<ul>
<li>Changes to support GHES (<a
href="https://redirect.github.com/actions/checkout/pull/236 ">here</a>
and <a
href="https://redirect.github.com/actions/checkout/pull/248 ">here</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="24cb908017https://redirect.github.com/actions/checkout/issues/1225 ">#1225</a>)</li>
<li><a
href="27135e314dhttps://redirect.github.com/actions/checkout/issues/1210 ">#1210</a>)</li>
<li><a
href="7b187184d1https://redirect.github.com/actions/checkout/issues/1209 ">#1209</a>)</li>
<li>See full diff in <a
href="ac59398561...24cb908017https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=3.3.0&new-version=3.4.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-17 00:11:19 -03:00
dependabot[bot]
6341c3d0dc
chore(deps): bump docker/setup-buildx-action from 2.4.1 to 2.5.0 ( #3865 )
...
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action )
from 2.4.1 to 2.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases ">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.5.0</h2>
<ul>
<li><code>cleanup</code> input to remove builder and temp files by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/213 ">docker/setup-buildx-action#213</a></li>
<li>do not remove builder using the <code>docker</code> driver by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/218 ">docker/setup-buildx-action#218</a></li>
<li>fix current context as builder name for <code>docker</code> driver
by <a href="https://github.com/crazy-max "><code>@crazy-max</code></a>
in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/209 ">docker/setup-buildx-action#209</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.4.1...v2.5.0 ">https://github.com/docker/setup-buildx-action/compare/v2.4.1...v2.5.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4b4e9c3e2dhttps://redirect.github.com/docker/setup-buildx-action/issues/216 ">#216</a>
from awendland/patch-1</li>
<li><a
href="eb27bcbef3https://redirect.github.com/docker/setup-buildx-action/issues/218 ">#218</a>
from crazy-max/fix-builder-removal</li>
<li><a
href="b7471d4240e2df91e85185ce96bcbcf549413411https://redirect.github.com/docker/setup-buildx-action/issues/217 ">#217</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="99988698a5e30725c029f1dc97ee10https://redirect.github.com/docker/setup-buildx-action/issues/213 ">#213</a>
from crazy-max/cleanup-input</li>
<li><a
href="51ecd0a47ff03ac48505...4b4e9c3e2dhttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=2.4.1&new-version=2.5.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-13 09:25:22 -03:00
Carlos Alexandro Becker
dd1315b0a7
fix(GO-2023-1621): update from go 1.20.1 to 1.20.2 ( #3854 )
2023-03-09 08:24:20 -03:00
dependabot[bot]
008d43d72b
chore(deps): bump sigstore/cosign-installer from 2.8.1 to 3.0.1 ( #3818 )
...
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer )
from 2.8.1 to 3.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases ">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>make cosign v2.0.0 default version by <a
href="https://github.com/developer-guy "><code>@developer-guy</code></a>
in <a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/109 ">sigstore/cosign-installer#109</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3.0.0...v3.0.1 ">https://github.com/sigstore/cosign-installer/compare/v3.0.0...v3.0.1 </a></p>
<h2>v3.0.0</h2>
<h1>Breaking change</h1>
<p>Cosign v2 has some breaking changes. Please check those: <a
href="https://blog.sigstore.dev/cosign-2-0-released/ ">https://blog.sigstore.dev/cosign-2-0-released/ </a></p>
<h2>What's Changed</h2>
<ul>
<li>test: add logs when downloading the public keys by <a
href="https://github.com/hectorj2f "><code>@hectorj2f</code></a> in <a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/106 ">sigstore/cosign-installer#106</a></li>
<li>Add support to install v2 and any other cosign release candidate by
<a href="https://github.com/hectorj2f "><code>@hectorj2f</code></a> in
<a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/105 ">sigstore/cosign-installer#105</a></li>
<li>v2.0.0 release by <a
href="https://github.com/sabre1041 "><code>@sabre1041</code></a> in <a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/108 ">sigstore/cosign-installer#108</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/hectorj2f "><code>@hectorj2f</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/106 ">sigstore/cosign-installer#106</a></li>
<li><a href="https://github.com/sabre1041 "><code>@sabre1041</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/108 ">sigstore/cosign-installer#108</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v2...v3.0.0 ">https://github.com/sigstore/cosign-installer/compare/v2...v3.0.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c3667d9942https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/109 ">#109</a>)</li>
<li><a
href="77560e399fhttps://github-redirect.dependabot.com/sigstore/cosign-installer/issues/108 ">#108</a>)</li>
<li><a
href="4079ad3567https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/107 ">#107</a>)</li>
<li><a
href="55fd288876https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/105 ">#105</a>)</li>
<li><a
href="651c379c48https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/106 ">#106</a>)</li>
<li><a
href="df6c89e679https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/102 ">#102</a>)</li>
<li><a
href="31f26445bfhttps://github-redirect.dependabot.com/sigstore/cosign-installer/issues/103 ">#103</a>)</li>
<li><a
href="b6757d8360https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/101 ">#101</a>)</li>
<li><a
href="7bca8b4116https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/99 ">#99</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/v2.8.1...v3.0.1 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-02 09:36:26 -03:00
Carlos A Becker
6d3eb57c7a
fix: update to go 1.20.1
2023-02-17 10:44:02 -03:00
dependabot[bot]
9da9f78537
chore(deps): bump docker/setup-buildx-action from 2.4.0 to 2.4.1 ( #3762 )
2023-02-07 14:07:51 +00:00
Carlos A Becker
b0783c7401
build: run test on any workflow change
...
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
2023-02-07 09:48:26 -03:00
Carlos A Becker
addd7c4ceb
build: fix workflow syntax
...
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
2023-02-07 09:44:33 -03:00
Carlos Alexandro Becker
81914757da
build: use go1.20 ( #3757 )
...
update everything to go 1.20
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-05 13:39:39 -03:00
dependabot[bot]
599f9b4c6a
chore(deps): bump arduino/setup-task from 1.0.2 to 1.0.3 ( #3736 )
...
Bumps [arduino/setup-task](https://github.com/arduino/setup-task ) from
1.0.2 to 1.0.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/arduino/setup-task/releases ">arduino/setup-task's
releases</a>.</em></p>
<blockquote>
<h2>1.0.3</h2>
<h2>Changelog</h2>
<h4>Enhancement</h4>
<ul>
<li>Add support for all Task build architectures
(43e1bb8c37ce39c24e88b4622c2f66b6d7d9ebbd)</li>
</ul>
<h2>Full Changeset</h2>
<p><a
href="https://github.com/arduino/setup-task/compare/1.0.2...1.0.3 ">https://github.com/arduino/setup-task/compare/1.0.2...1.0.3 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e26d897557https://github-redirect.dependabot.com/arduino/setup-task/issues/636 ">#636</a>
from per1234/arm-arch</li>
<li><a
href="43e1bb8c37bf9d22fbcahttps://github-redirect.dependabot.com/arduino/setup-task/issues/637 ">#637</a>
from arduino/dependabot/npm_and_yarn/eslint-8.33.0</li>
<li><a
href="f3071930359a385911a6https://github-redirect.dependabot.com/arduino/setup-task/issues/635 ">#635</a>
from arduino/dependabot/npm_and_yarn/jest-circus-29.4.1</li>
<li><a
href="446dc59e7afe65533e09https://github-redirect.dependabot.com/arduino/setup-task/issues/634 ">#634</a>
from arduino/dependabot/npm_and_yarn/vercel/ncc-0.36.1</li>
<li><a
href="af97840bda88a5c5cdc0https://github-redirect.dependabot.com/arduino/setup-task/issues/632 ">#632</a>
from arduino/dependabot/npm_and_yarn/jest-circus-29.4.0</li>
<li><a
href="4d2bca9f30https://github-redirect.dependabot.com/arduino/setup-task/issues/631 ">#631</a>
from arduino/dependabot/npm_and_yarn/typescript-eslin...</li>
<li>Additional commits viewable in <a
href="d665c6beeb...e26d897557https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=arduino/setup-task&package-manager=github_actions&previous-version=1.0.2&new-version=1.0.3 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 09:19:19 -03:00
dependabot[bot]
ce5826ff36
chore(deps): bump docker/setup-buildx-action from 2.3.0 to 2.4.0 ( #3737 )
...
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action )
from 2.3.0 to 2.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases ">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.4.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Don't depend on the GitHub API to check release by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/196 ">#196</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.3.0...v2.4.0 ">https://github.com/docker/setup-buildx-action/compare/v2.3.0...v2.4.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="15c905b16bhttps://github-redirect.dependabot.com/docker/setup-buildx-action/issues/196 ">#196</a>
from crazy-max/dl-no-token</li>
<li><a
href="a25d6a013039322d90570648fd6fd6https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/195 ">#195</a>
from crazy-max/fix-readme</li>
<li><a
href="30d8a59ee071320d2e17https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/193 ">#193</a>
from fevrin/update-gh-doc-url</li>
<li><a
href="272f8b84cf5e716dcfd6...15c905b16bhttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=2.3.0&new-version=2.4.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-01 09:15:36 -03:00
dependabot[bot]
5c1fd3582b
chore(deps): bump docker/setup-buildx-action from 2.2.1 to 2.3.0 ( #3729 )
...
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action )
from 2.2.1 to 2.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases ">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Use Octokit to check Buildx release on GitHub by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/191 ">#191</a>
<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/192 ">#192</a>)</li>
<li>Add version pinning information to the README by <a
href="https://github.com/jedevc "><code>@jedevc</code></a> (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/189 ">#189</a>)</li>
<li>Bump minimatch from 3.0.4 to 3.1.2 (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/182 ">#182</a>)</li>
<li>Bump csv-parse from 5.3.1 to 5.3.3 (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/181 ">#181</a>)</li>
<li>Bump json5 from 2.2.0 to 2.2.3 (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/184 ">#184</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.2.1...v2.3.0 ">https://github.com/docker/setup-buildx-action/compare/v2.2.1...v2.3.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5e716dcfd6https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/192 ">#192</a>
from crazy-max/support-ghes</li>
<li><a
href="a83788eef0d0d9a72195a8165e7b70a024221c60https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/191 ">#191</a>
from crazy-max/fix-dl-release</li>
<li><a
href="4c3fce4ab27c965aebec7932f6210dhttps://github-redirect.dependabot.com/docker/setup-buildx-action/issues/189 ">#189</a>
from docker/version-pinning-docs</li>
<li><a
href="70deadb37a165fe681b8https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/184 ">#184</a>
from docker/dependabot/npm_and_yarn/json5-2.2.3</li>
<li>Additional commits viewable in <a
href="8c0edbc76e...5e716dcfd6https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=2.2.1&new-version=2.3.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-30 09:50:59 -03:00
dependabot[bot]
71bc3f9ba1
chore(deps): bump anchore/sbom-action from 0.13.2 to 0.13.3 ( #3724 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from
0.13.2 to 0.13.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases ">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.13.3</h2>
<h2>Changes in v0.13.3</h2>
<ul>
<li>Update Syft to v0.68.1 (<a
href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/391 ">#391</a>)
[<a
href="https://github.com/anchore-actions-token-generator ">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="07978da4bdhttps://github-redirect.dependabot.com/anchore/sbom-action/issues/391 ">#391</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.13.2...v0.13.3 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-27 08:55:18 -03:00
dependabot[bot]
d120e4dd36
chore(deps): bump anchore/sbom-action from 0.13.1 to 0.13.2 ( #3720 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from
0.13.1 to 0.13.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases ">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.13.2</h2>
<h2>Changes in v0.13.2</h2>
<ul>
<li>Update Syft to v0.68.0 (<a
href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/387 ">#387</a>)
[<a
href="https://github.com/anchore-actions-token-generator ">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="54e36e45f3https://github-redirect.dependabot.com/anchore/sbom-action/issues/387 ">#387</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.13.1...v0.13.2 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-26 09:48:38 -03:00
Carlos A Becker
17cd672149
build: use go 1.19.5
...
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
2023-01-11 09:18:25 -03:00
dependabot[bot]
d80b937827
chore(deps): bump actions/checkout from 3.2.0 to 3.3.0 ( #3683 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.2.0
to 3.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases ">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v3.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Implement branch list using callbacks from exec function by <a
href="https://github.com/cory-miller "><code>@cory-miller</code></a> in
<a
href="https://github-redirect.dependabot.com/actions/checkout/pull/1045 ">actions/checkout#1045</a></li>
<li>Add in explicit reference to private checkout options by <a
href="https://github.com/vanZeben "><code>@vanZeben</code></a> in <a
href="https://github-redirect.dependabot.com/actions/checkout/pull/1050 ">actions/checkout#1050</a></li>
<li>Fix comment typos (that got added in <a
href="https://github-redirect.dependabot.com/actions/checkout/issues/770 ">#770</a>)
by <a href="https://github.com/lurch "><code>@lurch</code></a> in <a
href="https://github-redirect.dependabot.com/actions/checkout/pull/1057 ">actions/checkout#1057</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/vanZeben "><code>@vanZeben</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/actions/checkout/pull/1050 ">actions/checkout#1050</a></li>
<li><a href="https://github.com/lurch "><code>@lurch</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/actions/checkout/pull/1057 ">actions/checkout#1057</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v3.2.0...v3.3.0 ">https://github.com/actions/checkout/compare/v3.2.0...v3.3.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ac59398561https://github-redirect.dependabot.com/actions/checkout/issues/770 ">#770</a>)
(<a
href="https://github-redirect.dependabot.com/actions/checkout/issues/1057 ">#1057</a>)</li>
<li><a
href="3ba5ee6fachttps://github-redirect.dependabot.com/actions/checkout/issues/1050 ">#1050</a>)</li>
<li><a
href="8856415920https://github-redirect.dependabot.com/actions/checkout/issues/1045 ">#1045</a>)</li>
<li>See full diff in <a
href="755da8c3cf...ac59398561https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=3.2.0&new-version=3.3.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-06 09:20:17 -03:00
Carlos Alexandro Becker
cac3f17562
feat(deps): build with go 1.19.4 ( #3644 )
...
latest and greatest
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
2022-12-14 15:23:40 -03:00
dependabot[bot]
f05b211b61
chore(deps): bump actions/setup-go from 3.4.0 to 3.5.0 ( #3643 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.4.0
to 3.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases ">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>Add support for stable and oldstable aliases</h2>
<p>In scope of this release we introduce aliases for the
<code>go-version</code> input. The <code>stable</code> alias instals the
latest stable version of Go. The <code>oldstable</code> alias installs
previous latest minor release (the stable is 1.19.x -> the oldstable
is 1.18.x).</p>
<h3>Stable</h3>
<pre lang="yaml"><code>steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: 'stable'
- run: go run hello.go
</code></pre>
<h3>OldStable</h3>
<pre lang="yaml"><code>steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version: 'oldstable'
- run: go run hello.go
</code></pre>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6edd4406fahttps://github-redirect.dependabot.com/actions/setup-go/issues/303 ">#303</a>)</li>
<li><a
href="38dbe75f81https://github-redirect.dependabot.com/actions/setup-go/issues/300 ">#300</a>)</li>
<li><a
href="30c39bfe0chttps://github-redirect.dependabot.com/actions/setup-go/issues/301 ">#301</a>
from jongwooo/chore/use-cache-in-check-dist</li>
<li><a
href="8377b69a56d0a58c1c4d...6edd4406fahttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-go&package-manager=github_actions&previous-version=3.4.0&new-version=3.5.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-14 12:09:30 -03:00
dependabot[bot]
43e2b3bf69
chore(deps): bump actions/checkout from 3.1.0 to 3.2.0 ( #3636 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.1.0
to 3.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases ">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v3.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add GitHub Action to perform release by <a
href="https://github.com/rentziass "><code>@rentziass</code></a> in <a
href="https://github-redirect.dependabot.com/actions/checkout/pull/942 ">actions/checkout#942</a></li>
<li>Fix status badge by <a
href="https://github.com/ScottBrenner "><code>@ScottBrenner</code></a>
in <a
href="https://github-redirect.dependabot.com/actions/checkout/pull/967 ">actions/checkout#967</a></li>
<li>Replace datadog/squid with ubuntu/squid Docker image by <a
href="https://github.com/cory-miller "><code>@cory-miller</code></a> in
<a
href="https://github-redirect.dependabot.com/actions/checkout/pull/1002 ">actions/checkout#1002</a></li>
<li>Wrap pipeline commands for submoduleForeach in quotes by <a
href="https://github.com/jokreliable "><code>@jokreliable</code></a> in
<a
href="https://github-redirect.dependabot.com/actions/checkout/pull/964 ">actions/checkout#964</a></li>
<li>Update <code>@actions/io</code> to 1.1.2 by <a
href="https://github.com/cory-miller "><code>@cory-miller</code></a> in
<a
href="https://github-redirect.dependabot.com/actions/checkout/pull/1029 ">actions/checkout#1029</a></li>
<li>Upgrading version to 3.2.0 by <a
href="https://github.com/vmjoseph "><code>@vmjoseph</code></a> in <a
href="https://github-redirect.dependabot.com/actions/checkout/pull/1039 ">actions/checkout#1039</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/ScottBrenner "><code>@ScottBrenner</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/actions/checkout/pull/967 ">actions/checkout#967</a></li>
<li><a
href="https://github.com/cory-miller "><code>@cory-miller</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/actions/checkout/pull/1002 ">actions/checkout#1002</a></li>
<li><a
href="https://github.com/jokreliable "><code>@jokreliable</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/actions/checkout/pull/964 ">actions/checkout#964</a></li>
<li><a href="https://github.com/vmjoseph "><code>@vmjoseph</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/actions/checkout/pull/1039 ">actions/checkout#1039</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v3...v3.2.0 ">https://github.com/actions/checkout/compare/v3...v3.2.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="755da8c3cfhttps://github-redirect.dependabot.com/actions/checkout/issues/1039 ">#1039</a>)</li>
<li><a
href="26d48e8ea1https://github-redirect.dependabot.com/actions/checkout/issues/1029 ">#1029</a>)</li>
<li><a
href="bf085276cehttps://github-redirect.dependabot.com/actions/checkout/issues/964 ">#964</a>)</li>
<li><a
href="5c3ccc22ebhttps://github-redirect.dependabot.com/actions/checkout/issues/1002 ">#1002</a>)</li>
<li><a
href="1f9a0c22dahttps://github-redirect.dependabot.com/actions/checkout/issues/967 ">#967</a>)</li>
<li><a
href="8230315d06https://github-redirect.dependabot.com/actions/checkout/issues/942 ">#942</a>)</li>
<li>See full diff in <a
href="93ea575cb5...755da8c3cfhttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=3.1.0&new-version=3.2.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-13 09:44:45 -03:00
dependabot[bot]
2228edc406
chore(deps): bump actions/setup-go from 3.3.1 to 3.4.0 ( #3616 )
...
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.3.1
to 3.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases ">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>Add support for go.work and pass the token input through on
GHES</h2>
<p>In scope of this release we added <a
href="https://github-redirect.dependabot.com/actions/setup-go/pull/283 ">support
for go.work file to pass it in go-version-file input</a>.</p>
<pre lang="yaml"><code>steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v3
with:
go-version-file: go.work
- run: go run hello.go
</code></pre>
<p>Besides, we added support to <a
href="https://github-redirect.dependabot.com/actions/setup-go/pull/277 ">pass
the token input through on GHES</a>.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d0a58c1c4dhttps://github-redirect.dependabot.com/actions/setup-go/issues/294 ">#294</a>
from JamesMGreene/patch-1</li>
<li><a
href="3dcd9d6eb3e983b65a44https://github-redirect.dependabot.com/actions/setup-go/issues/283 ">#283</a>
from koba1t/add_support_gowork_for_go-version-file</li>
<li><a
href="27b43e1b0dhttps://github-redirect.dependabot.com/actions/setup-go/issues/277 ">#277</a>)</li>
<li><a
href="7678c83214c4a742cab1...d0a58c1c4dhttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-go&package-manager=github_actions&previous-version=3.3.1&new-version=3.4.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-02 09:09:52 -03:00
dependabot[bot]
bd4d497c99
chore(deps): bump anchore/sbom-action from 0.13.0 to 0.13.1 ( #3533 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from
0.13.0 to 0.13.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases ">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.13.1</h2>
<h2>Changes in v0.13.1</h2>
<ul>
<li>File input not being passed properly to Syft invocation (<a
href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/385 ">#385</a>)
[<a href="https://github.com/kzantow ">kzantow</a>]</li>
<li>Update Syft to v0.60.3 (<a
href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/386 ">#386</a>)
[<a
href="https://github.com/anchore-actions-token-generator ">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="06e109483ehttps://github-redirect.dependabot.com/anchore/sbom-action/issues/385 ">#385</a>)</li>
<li><a
href="f4e264e189https://github-redirect.dependabot.com/anchore/sbom-action/issues/386 ">#386</a>)</li>
<li><a
href="faa694c549https://github-redirect.dependabot.com/anchore/sbom-action/issues/384 ">#384</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.13.0...v0.13.1 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-07 09:11:22 -03:00
Carlos Alexandro Becker
7544f7ab96
feat: update to go 1.19.3 ( #3523 )
...
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
2022-11-02 14:19:01 -03:00
dependabot[bot]
f3aea7663f
chore(deps): bump anchore/sbom-action from 0.12.0 to 0.13.0 ( #3512 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from
0.12.0 to 0.13.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases ">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.13.0</h2>
<h2>Changes in v0.13.0</h2>
<ul>
<li>Allow type "file:..." to enable creation of SBOMs from tar
and other package formats (<a
href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/357 ">#357</a>)
[<a href="https://github.com/malt3 ">malt3</a>]</li>
<li>Update Syft to v0.59.0 (<a
href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/371 ">#371</a>)
[<a
href="https://github.com/anchore-actions-token-generator ">anchore-actions-token-generator</a>]</li>
<li>Update dependencies and node version (<a
href="https://github-redirect.dependabot.com/anchore/sbom-action/issues/372 ">#372</a>)
[<a href="https://github.com/kzantow ">kzantow</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b7e8507c6ahttps://github-redirect.dependabot.com/anchore/sbom-action/issues/381 ">#381</a>)</li>
<li><a
href="2424de21c4https://github-redirect.dependabot.com/anchore/sbom-action/issues/373 ">#373</a>)</li>
<li><a
href="12a03b588chttps://github-redirect.dependabot.com/anchore/sbom-action/issues/371 ">#371</a>)</li>
<li><a
href="563238bdcchttps://github-redirect.dependabot.com/anchore/sbom-action/issues/372 ">#372</a>)</li>
<li><a
href="eda59434a8https://github-redirect.dependabot.com/anchore/sbom-action/issues/354 ">#354</a>)</li>
<li><a
href="614fe8a3b7https://github-redirect.dependabot.com/anchore/sbom-action/issues/357 ">#357</a>)</li>
<li><a
href="6218d4fbd4https://github-redirect.dependabot.com/anchore/sbom-action/issues/344 ">#344</a>)</li>
<li><a
href="a173e5341bhttps://github-redirect.dependabot.com/anchore/sbom-action/issues/329 ">#329</a>)</li>
<li><a
href="2cd5755dcchttps://github-redirect.dependabot.com/anchore/sbom-action/issues/322 ">#322</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.12.0...v0.13.0 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-31 11:13:56 -03:00
dependabot[bot]
097baac606
chore(deps): bump actions/setup-go from 3.3.0 to 3.3.1 ( #3477 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.3.0
to 3.3.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases ">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>Fix cache issues and update dependencies</h2>
<p>In scope of this release we fixed the issue with the correct
generation of the cache key when the <code>go-version-file</code> input
is set (<a
href="https://github-redirect.dependabot.com/actions/setup-go/pull/267 ">actions/setup-go#267</a>).
Moreover, we fixed an issue when <a
href="https://github-redirect.dependabot.com/actions/setup-go/pull/264 ">the
cache folder was not found</a>. Besides, we updated
<code>actions/core</code> to 1.10.0 version (<a
href="https://github-redirect.dependabot.com/actions/setup-go/pull/273 ">actions/setup-go#273</a>).</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c4a742cab1https://github-redirect.dependabot.com/actions/setup-go/issues/267 ">#267</a>)</li>
<li><a
href="f556e5b7e0https://github-redirect.dependabot.com/actions/setup-go/issues/273 ">#273</a>
from rentziass/rentziass/update-actions-core</li>
<li><a
href="514ae5790430b9ddff11https://github-redirect.dependabot.com/actions/setup-go/issues/264 ">#264</a>
from e-korolevskii/258-not-throw-err-no-cache-folders</li>
<li><a
href="c4e169859fdb58e98a432905db406957452eb9025547b9ed8dbe45b2722d268d8c0ca0...c4a742cab1https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-go&package-manager=github_actions&previous-version=3.3.0&new-version=3.3.1 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-19 09:54:46 -03:00
dependabot[bot]
a94d809a63
chore(deps): bump sigstore/cosign-installer from 2.8.0 to 2.8.1 ( #3478 )
...
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer )
from 2.8.0 to 2.8.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases ">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v2.8.1</h2>
<h2>What's Changed</h2>
<ul>
<li>bump cosign install to use release v1.13.1 by <a
href="https://github.com/cpanato "><code>@cpanato</code></a> in <a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/98 ">sigstore/cosign-installer#98</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v2...v2.8.1 ">https://github.com/sigstore/cosign-installer/compare/v2...v2.8.1 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9becc61764https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/98 ">#98</a>)</li>
<li><a
href="c6d50c2e98https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/96 ">#96</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/v2.8.0...v2.8.1 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-19 09:54:06 -03:00
dependabot[bot]
97e9bc40f9
chore(deps): bump docker/setup-buildx-action from 2.2.0 to 2.2.1 ( #3480 )
...
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action )
from 2.2.0 to 2.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases ">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.2.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Preserve quotes surrounding fields in input list by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/174 ">#174</a>)</li>
<li>Escape surrounding quotes for <code>platforms</code> input by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/175 ">#175</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.2.0...v2.2.1 ">https://github.com/docker/setup-buildx-action/compare/v2.2.0...v2.2.1 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8c0edbc76ehttps://github-redirect.dependabot.com/docker/setup-buildx-action/issues/175 ">#175</a>
from crazy-max/input-list-quotes</li>
<li><a
href="1fb9cbdb32693fdd6ca6https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/174 ">#174</a>
from crazy-max/input-quote</li>
<li><a
href="fe4c1ac86dc74574e6c8...8c0edbc76ehttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=2.2.0&new-version=2.2.1 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-19 09:53:41 -03:00
dependabot[bot]
903713ea0a
chore(deps): bump docker/setup-buildx-action from 2.1.0 to 2.2.0 ( #3474 )
...
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action )
from 2.1.0 to 2.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases ">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Append nodes to builder support by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/165 ">#165</a>)</li>
<li>Bump csv-parse from 5.3.0 to 5.3.1 (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/172 ">#172</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.1.0...v2.2.0 ">https://github.com/docker/setup-buildx-action/compare/v2.1.0...v2.2.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c74574e6c8https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/172 ">#172</a>
from docker/dependabot/npm_and_yarn/csv-parse-5.3.1</li>
<li><a
href="2d0cf987815f1d4ea81f59b5ed6124https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/165 ">#165</a>
from crazy-max/append</li>
<li><a
href="bd61d52837f6efb5fcbb2dfca373f395cb08cb26...c74574e6c8https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=2.1.0&new-version=2.2.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-18 09:19:42 -03:00
dependabot[bot]
6a5a3d9f1d
chore(deps): bump docker/setup-qemu-action from 2.0.0 to 2.1.0 ( #3458 )
...
Bumps
[docker/setup-qemu-action](https://github.com/docker/setup-qemu-action )
from 2.0.0 to 2.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-qemu-action/releases ">docker/setup-qemu-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Use context for inputs by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/62 ">#62</a>)</li>
<li>Use built-in <code>getExecOutput</code> by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/61 ">#61</a>)</li>
<li>Remove workaround for <code>setOutput</code> by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/63 ">#63</a>)</li>
<li>Bump <code>@actions/core</code> from 1.6.0 to 1.10.0 (<a
href="https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/54 ">#54</a>
<a
href="https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/58 ">#58</a>
<a
href="https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/59 ">#59</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-qemu-action/compare/v2.0.0...v2.1.0 ">https://github.com/docker/setup-qemu-action/compare/v2.0.0...v2.1.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e81a89b173https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/63 ">#63</a>
from crazy-max/setOutput</li>
<li><a
href="2d3efc7878bfc44eaf57https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/62 ">#62</a>
from crazy-max/context</li>
<li><a
href="25725d8d2e8c1e35a8c6https://github-redirect.dependabot.com/docker/setup-qemu-action/issues/61 ">#61</a>
from crazy-max/exec-output</li>
<li><a
href="f3c51a3313c47ad32952aa087459achttps://github-redirect.dependabot.com/docker/setup-qemu-action/issues/59 ">#59</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.0</li>
<li><a
href="944399498481a47e15eb8b122486ce...e81a89b173https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-qemu-action&package-manager=github_actions&previous-version=2.0.0&new-version=2.1.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2022-10-13 10:52:43 -03:00
dependabot[bot]
9ce619ad09
chore(deps): bump docker/setup-buildx-action from 2.0.0 to 2.1.0 ( #3459 )
...
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action )
from 2.0.0 to 2.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases ">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Auth support for tls endpoint by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/164 ">#164</a>)</li>
<li>Nodes metadata JSON ouput by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/162 ">#162</a>)
<ul>
<li><code>endpoint</code>, <code>status</code> and <code>flags</code>
outputs are deprecated. Use <code>nodes</code> output instead.</li>
</ul>
</li>
<li>Skip setting buildkitd flags and config for remote driver by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/161 ">#161</a>)</li>
<li>Move args logic to context module and add tests by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/169 ">#169</a>)</li>
<li>Remove workaround for <code>setOutput</code> by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/170 ">#170</a>)</li>
<li>Fix deprecated <code>fs.rmdir</code> by <a
href="https://github.com/crazy-max "><code>@crazy-max</code></a> (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/171 ">#171</a>)</li>
<li>Docs: clarify install option by <a
href="https://github.com/rodrigc "><code>@rodrigc</code></a> in (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/152 ">#152</a>)</li>
<li>Bump <code>@actions/core</code> from 1.6.0 to 1.10.0 (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/151 ">#151</a>
<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/157 ">#157</a>
<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/167 ">#167</a>)</li>
<li>Bump <code>@actions/tool-cache</code> from 1.7.2 to 2.0.1 (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/150 ">#150</a>)</li>
<li>Bump <code>@actions/http-client</code> from 1.0.11 to 2.0.1 (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/149 ">#149</a>)</li>
<li>Bump uuid from 8.3.2 to 9.0.0 (<a
href="https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/159 ">#159</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.0.0...v2.1.0 ">https://github.com/docker/setup-buildx-action/compare/v2.0.0...v2.1.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="95cb08cb26https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/171 ">#171</a>
from crazy-max/rmsync</li>
<li><a
href="eb5c2a6eea83612bea36https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/170 ">#170</a>
from crazy-max/setOutput</li>
<li><a
href="40fefd8a5890a1e4619ehttps://github-redirect.dependabot.com/docker/setup-buildx-action/issues/169 ">#169</a>
from crazy-max/context-module</li>
<li><a
href="5a9fc405756c48dad5f0https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/159 ">#159</a>
from docker/dependabot/npm_and_yarn/uuid-9.0.0</li>
<li><a
href="16c2ddbfa70fe8589bf4f3692cbe43https://github-redirect.dependabot.com/docker/setup-buildx-action/issues/167 ">#167</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.0</li>
<li>Additional commits viewable in <a
href="dc7b9719a9...95cb08cb26https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=2.0.0&new-version=2.1.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2022-10-13 10:51:29 -03:00
dependabot[bot]
38c8436863
chore(deps): bump arduino/setup-task from 1.0.1 to 1.0.2 ( #3452 )
...
[//]: # (dependabot-start)
⚠️ **Dependabot is rebasing this PR** ⚠️
Rebasing might not happen immediately, so don't worry if this takes some
time.
Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.
---
[//]: # (dependabot-end)
Bumps [arduino/setup-task](https://github.com/arduino/setup-task ) from
1.0.1 to 1.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/arduino/setup-task/releases ">arduino/setup-task's
releases</a>.</em></p>
<blockquote>
<h2>1.0.2</h2>
<h2>Release Notes</h2>
<h3>Changelog</h3>
<h4>Enhancement</h4>
<ul>
<li>Run action with Node.js 16 (<a
href="https://github-redirect.dependabot.com/arduino/setup-task/pull/552 ">arduino/setup-task#552</a>)</li>
<li>Various dependency updates</li>
</ul>
<h3>Contributors</h3>
<ul>
<li><a href="https://github.com/kasperg "><code>@kasperg</code></a></li>
</ul>
<hr />
<p><strong>Full Changeset</strong>: <a
href="https://github.com/arduino/setup-task/compare/1.0.1...1.0.2 ">https://github.com/arduino/setup-task/compare/1.0.1...1.0.2 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d665c6beebhttps://github-redirect.dependabot.com/arduino/setup-task/issues/554 ">#554</a>
from arduino/dependabot/npm_and_yarn/types/node-16.11.65</li>
<li><a
href="f911dc0bbc2cdd1760c6https://github-redirect.dependabot.com/arduino/setup-task/issues/555 ">#555</a>
from arduino/dependabot/npm_and_yarn/typescript-eslin...</li>
<li><a
href="0238d42112b592b746bdhttps://github-redirect.dependabot.com/arduino/setup-task/issues/553 ">#553</a>
from arduino/dependabot/npm_and_yarn/typescript-eslin...</li>
<li><a
href="1b72357a23eea6bc2215https://github-redirect.dependabot.com/arduino/setup-task/issues/551 ">#551</a>
from arduino/dependabot/npm_and_yarn/eslint-8.25.0</li>
<li><a
href="c36e056867https://github-redirect.dependabot.com/arduino/setup-task/issues/552 ">#552</a>
from kasperg/patch-1</li>
<li><a
href="ba0113b2fc1bdabdfc86ca745e1891...d665c6beebhttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=arduino/setup-task&package-manager=github_actions&previous-version=1.0.1&new-version=1.0.2 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-12 19:04:36 -03:00
dependabot[bot]
1317be8a7d
chore(deps): bump sigstore/cosign-installer from 2.7.0 to 2.8.0 ( #3448 )
...
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer )
from 2.7.0 to 2.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases ">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v2.8.0</h2>
<h2>What's Changed</h2>
<ul>
<li>bump cosign to v1.13.0 by <a
href="https://github.com/cpanato "><code>@cpanato</code></a> in <a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/95 ">sigstore/cosign-installer#95</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v2.7.0...v2.8.0 ">https://github.com/sigstore/cosign-installer/compare/v2.7.0...v2.8.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7cc35d7fdbhttps://github-redirect.dependabot.com/sigstore/cosign-installer/issues/95 ">#95</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/v2.7.0...v2.8.0 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-10 14:50:18 -03:00
Carlos Alexandro Becker
b4159f6377
feat(deps): go 1.19.2 ( #3443 )
...
latest security fixes
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
2022-10-05 21:24:45 -03:00
Carlos A Becker
04162b50fe
chore: always build on main
2022-10-05 10:50:29 -03:00
dependabot[bot]
f8da439130
chore(deps): bump actions/checkout from 3.0.2 to 3.1.0 ( #3441 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.0.2
to 3.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases ">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Inject GitHub host to be able to clone from another GitHub instance
by <a
href="https://github.com/peter-murray "><code>@peter-murray</code></a>
in <a
href="https://github-redirect.dependabot.com/actions/checkout/pull/922 ">actions/checkout#922</a></li>
<li>Bump <code>@actions/core</code> to 1.10.0 by <a
href="https://github.com/rentziass "><code>@rentziass</code></a> in <a
href="https://github-redirect.dependabot.com/actions/checkout/pull/939 ">actions/checkout#939</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/peter-murray "><code>@peter-murray</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/actions/checkout/pull/922 ">actions/checkout#922</a></li>
<li><a href="https://github.com/rentziass "><code>@rentziass</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/actions/checkout/pull/939 ">actions/checkout#939</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v3.0.2...v3.1.0 ">https://github.com/actions/checkout/compare/v3.0.2...v3.1.0 </a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md ">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v3.1.0</h2>
<ul>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/939 ">Use
<code>@actions/core</code> <code>saveState</code> and
<code>getState</code></a></li>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/922 ">Add
<code>github-server-url</code> input</a></li>
</ul>
<h2>v3.0.2</h2>
<ul>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/770 ">Add
input <code>set-safe-directory</code></a></li>
</ul>
<h2>v3.0.1</h2>
<ul>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/762 ">Fixed
an issue where checkout failed to run in container jobs due to the new
git setting <code>safe.directory</code></a></li>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/744 ">Bumped
various npm package versions</a></li>
</ul>
<h2>v3.0.0</h2>
<ul>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/689 ">Update
to node 16</a></li>
</ul>
<h2>v2.3.1</h2>
<ul>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/284 ">Fix
default branch resolution for .wiki and when using SSH</a></li>
</ul>
<h2>v2.3.0</h2>
<ul>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/278 ">Fallback
to the default branch</a></li>
</ul>
<h2>v2.2.0</h2>
<ul>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/258 ">Fetch
all history for all tags and branches when fetch-depth=0</a></li>
</ul>
<h2>v2.1.1</h2>
<ul>
<li>Changes to support GHES (<a
href="https://github-redirect.dependabot.com/actions/checkout/pull/236 ">here</a>
and <a
href="https://github-redirect.dependabot.com/actions/checkout/pull/248 ">here</a>)</li>
</ul>
<h2>v2.1.0</h2>
<ul>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/191 ">Group
output</a></li>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/199 ">Changes
to support GHES alpha release</a></li>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/184 ">Persist
core.sshCommand for submodules</a></li>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/163 ">Add
support ssh</a></li>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/179 ">Convert
submodule SSH URL to HTTPS, when not using SSH</a></li>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/157 ">Add
submodule support</a></li>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/144 ">Follow
proxy settings</a></li>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/141 ">Fix
ref for pr closed event when a pr is merged</a></li>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/128 ">Fix
issue checking detached when git less than 2.22</a></li>
</ul>
<h2>v2.0.0</h2>
<ul>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/108 ">Do
not pass cred on command line</a></li>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/107 ">Add
input persist-credentials</a></li>
<li><a
href="https://github-redirect.dependabot.com/actions/checkout/pull/104 ">Fallback
to REST API to download repo</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="93ea575cb5https://github-redirect.dependabot.com/actions/checkout/issues/940 ">#940</a>)</li>
<li><a
href="6a84743051https://github-redirect.dependabot.com/actions/checkout/issues/939 ">#939</a>)</li>
<li><a
href="e6d535c99chttps://github-redirect.dependabot.com/actions/checkout/issues/922 ">#922</a>)</li>
<li>See full diff in <a
href="2541b1294d...93ea575cb5https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=3.0.2&new-version=3.1.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-05 09:38:34 -03:00
dependabot[bot]
fd8cc43ef3
chore(deps): bump sigstore/cosign-installer from 2.6.0 to 2.7.0 ( #3404 )
...
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer )
from 2.6.0 to 2.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases ">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v2.7.0</h2>
<h2>What's Changed</h2>
<ul>
<li>bump cosign to v1.12.1 by <a
href="https://github.com/cpanato "><code>@cpanato</code></a> in <a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/94 ">sigstore/cosign-installer#94</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v2...v2.7.0 ">https://github.com/sigstore/cosign-installer/compare/v2...v2.7.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ced07f21fbhttps://github-redirect.dependabot.com/sigstore/cosign-installer/issues/94 ">#94</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/v2.6.0...v2.7.0 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-26 10:24:30 -03:00
dependabot[bot]
Carlos Alexandro Becker