go/goreleaser
go/goreleaser
1
0
Fork 0
mirror of https://github.com/goreleaser/goreleaser.git synced 2025-01-10 03:47:03 +02:00
Code Issues Releases Activity
5,242 Commits 8 Branches 558 Tags 41 MiB
9ce21d3b95
Commit Graph

204 Commits

Author SHA1 Message Date
dependabot[bot]
3f54b5eb2f
chore(deps): bump sigstore/cosign-installer from 3.2.0 to 3.3.0 (#4472) 
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.2.0 to 3.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump actions/setup-go from 4.1.0 to 5.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/152">sigstore/cosign-installer#152</a></li>
<li>update action to use latest cosign v2.2.2 by <a
href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/153">sigstore/cosign-installer#153</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0">https://github.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9614fae9e5"><code>9614fae</code></a>
update action to use latest cosign v2.2.2 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/153">#153</a>)</li>
<li><a
href="c81cf0609e"><code>c81cf06</code></a>
Bump actions/setup-go from 4.1.0 to 5.0.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/152">#152</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.2.0&new-version=3.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-12 08:23:41 -03:00
dependabot[bot]
d27c755505
chore(deps): bump actions/setup-go from 4.1.0 to 5.0.0 (#4464) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.1.0
to 5.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<h2>What's Changed</h2>
<p>In scope of this release, we change Nodejs runtime from node16 to
node20 (<a
href="https://redirect.github.com/actions/setup-go/pull/421">actions/setup-go#421</a>).
Moreover, we update some dependencies to the latest versions (<a
href="https://redirect.github.com/actions/setup-go/pull/445">actions/setup-go#445</a>).</p>
<p>Besides, this release contains such changes as:</p>
<ul>
<li>Fix hosted tool cache usage on windows by <a
href="https://github.com/galargh"><code>@​galargh</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/411">actions/setup-go#411</a></li>
<li>Improve documentation regarding dependencies caching by <a
href="https://github.com/artemgavrilov"><code>@​artemgavrilov</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/417">actions/setup-go#417</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/galargh"><code>@​galargh</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/411">actions/setup-go#411</a></li>
<li><a
href="https://github.com/artemgavrilov"><code>@​artemgavrilov</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/417">actions/setup-go#417</a></li>
<li><a
href="https://github.com/chenrui333"><code>@​chenrui333</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/421">actions/setup-go#421</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-go/compare/v4...v5.0.0">https://github.com/actions/setup-go/compare/v4...v5.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0c52d547c9"><code>0c52d54</code></a>
Update dependencies for node20 (<a
href="https://redirect.github.com/actions/setup-go/issues/445">#445</a>)</li>
<li><a
href="bfd2fb341f"><code>bfd2fb3</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-go/issues/421">#421</a>
from chenrui333/node20-runtime</li>
<li><a
href="3d65fa57fc"><code>3d65fa5</code></a>
feat: bump to use actions/checkout@v4</li>
<li><a
href="8a505c9cf2"><code>8a505c9</code></a>
feat: bump to use node20 runtime</li>
<li><a
href="883490dfd0"><code>883490d</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-go/issues/417">#417</a>
from artemgavrilov/main</li>
<li><a
href="d45ebba0ce"><code>d45ebba</code></a>
Rephrase sentence</li>
<li><a
href="317c6617fa"><code>317c661</code></a>
Replace <code>wildcards</code> term with <code>globs</code>.</li>
<li><a
href="f90673ad64"><code>f90673a</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-go/issues/1">#1</a> from
artemgavrilov/caching-docs-improvement</li>
<li><a
href="8018234347"><code>8018234</code></a>
Improve documentation regarding dependencies cachin</li>
<li><a
href="d085b4fe57"><code>d085b4f</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-go/issues/411">#411</a>
from galargh/fix/windows-hostedtoolcache</li>
<li>Additional commits viewable in <a
href="93397bea11...0c52d547c9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-go&package-manager=github_actions&previous-version=4.1.0&new-version=5.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-07 09:06:14 -03:00
dependabot[bot]
8fac823f81
chore(deps): bump anchore/sbom-action from 0.15.0 to 0.15.1 (#4458) 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.0 to 0.15.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.1</h2>
<h2>Changes in v0.15.1</h2>
<ul>
<li>chore(deps): update Syft to v0.98.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/431">#431</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
<li>Add config input (<a
href="https://redirect.github.com/anchore/sbom-action/issues/430">#430</a>)
[<a href="https://github.com/eyakubovich">eyakubovich</a>]</li>
<li>chore: pin and upgrade gh actions (<a
href="https://redirect.github.com/anchore/sbom-action/issues/429">#429</a>)
[<a href="https://github.com/willmurphyscode">willmurphyscode</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5ecf649a41"><code>5ecf649</code></a>
chore(deps): update Syft to v0.98.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/431">#431</a>)</li>
<li><a
href="a4126e6810"><code>a4126e6</code></a>
Add config input (<a
href="https://redirect.github.com/anchore/sbom-action/issues/430">#430</a>)</li>
<li><a
href="9d0277c4f7"><code>9d0277c</code></a>
chore: pin and upgrade gh actions (<a
href="https://redirect.github.com/anchore/sbom-action/issues/429">#429</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.0...v0.15.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anchore/sbom-action&package-manager=github_actions&previous-version=0.15.0&new-version=0.15.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-05 09:20:12 -03:00
dependabot[bot]
8eccb57161
chore(deps): bump cachix/install-nix-action from 23 to 24 (#4448) 
Bumps
[cachix/install-nix-action](https://github.com/cachix/install-nix-action)
from 23 to 24.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cachix/install-nix-action/releases">cachix/install-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>install-nix-action-v24</h2>
<ul>
<li>Nix 2.19.1</li>
<li>enables KVM on linux</li>
<li>set <code>TMPDIR</code> to avoid potential disk space issues</li>
<li>don't use the default GitHub token for Enterprise</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7ac1ec2549"><code>7ac1ec2</code></a>
Nix 2.19.1</li>
<li><a
href="dc33a216cb"><code>dc33a21</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/200">#200</a>
from cachix/fix/196</li>
<li><a
href="2b90cd3130"><code>2b90cd3</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/202">#202</a>
from cachix/feature/kvm</li>
<li><a
href="fe19c91c6b"><code>fe19c91</code></a>
feat: enable KVM on Linux if available</li>
<li><a
href="a56e3a8089"><code>a56e3a8</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/199">#199</a>
from jalaziz/tempdir</li>
<li><a
href="81eb746179"><code>81eb746</code></a>
Update install-nix.sh</li>
<li><a
href="97a1be3c09"><code>97a1be3</code></a>
fix: don't use the default GitHub token for Enterprise</li>
<li><a
href="2cce1fd76b"><code>2cce1fd</code></a>
fix: Set TMPDIR to avoid disk space issues</li>
<li><a
href="300721fe01"><code>300721f</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/193">#193</a>
from cachix/dependabot/github_actions/actions/checkout-4</li>
<li><a
href="fe6788c5de"><code>fe6788c</code></a>
chore(deps): bump actions/checkout from 3 to 4</li>
<li>See full diff in <a
href="https://github.com/cachix/install-nix-action/compare/v23...v24">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cachix/install-nix-action&package-manager=github_actions&previous-version=23&new-version=24)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-29 09:35:49 -03:00
dependabot[bot]
48b49ea2ae
chore(deps): bump anchore/sbom-action from 0.14.3 to 0.15.0 (#4436) 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.14.3 to 0.15.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.0</h2>
<h2>Changes in v0.14.4</h2>
<h3>Breaking Changes</h3>
<ul>
<li>Previously, running on Windows required WSL. Now, running on Windows
expects to be run on native windows (<a
href="https://redirect.github.com/anchore/sbom-action/issues/426">#426</a>)
[<a href="https://github.com/willmurphyscode">willmurphyscode</a>].</li>
</ul>
<h3>Other Changes</h3>
<ul>
<li>pin and upgrade actions/checkout (<a
href="https://redirect.github.com/anchore/sbom-action/issues/428">#428</a>)
[<a href="https://github.com/willmurphyscode">willmurphyscode</a>]</li>
<li>chore(deps): update Syft to v0.97.1 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/427">#427</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
<li>add oss community board auto-add workflow (<a
href="https://redirect.github.com/anchore/sbom-action/issues/421">#421</a>)
[<a href="https://github.com/wagoodman">wagoodman</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fd74a6fb98"><code>fd74a6f</code></a>
pin and upgrade actions/checkout (<a
href="https://redirect.github.com/anchore/sbom-action/issues/428">#428</a>)</li>
<li><a
href="c9fb15d7bc"><code>c9fb15d</code></a>
chore(deps): update Syft to v0.97.1 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/427">#427</a>)</li>
<li><a
href="74207bd644"><code>74207bd</code></a>
chore: test natively on Windows (<a
href="https://redirect.github.com/anchore/sbom-action/issues/426">#426</a>)</li>
<li><a
href="ace0b9722a"><code>ace0b97</code></a>
add oss community board auto-add workflow (<a
href="https://redirect.github.com/anchore/sbom-action/issues/421">#421</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.14.3...v0.15.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anchore/sbom-action&package-manager=github_actions&previous-version=0.14.3&new-version=0.15.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-23 17:37:39 -03:00
dependabot[bot]
926760eac1
chore(deps): bump sigstore/cosign-installer from 3.1.2 to 3.2.0 (#4413) 
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.1.2 to 3.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.2.0</h2>
<p><strong>Note: This release comes with a fix for CVE-2023-46737
described in this <a
href="https://github.com/sigstore/cosign/security/advisories/GHSA-vfp6-jrw2-99g9">Github
Security Advisory</a>. Please upgrade to this release ASAP</strong></p>
<p>see <a
href="https://github.com/sigstore/cosign/releases/tag/v2.2.1">https://github.com/sigstore/cosign/releases/tag/v2.2.1</a></p>
<h2>What's Changed</h2>
<ul>
<li>Support the runner context of gitea act by <a
href="https://github.com/josedev-union"><code>@​josedev-union</code></a>
in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/147">sigstore/cosign-installer#147</a></li>
<li>bump cosign to v2.2.1 by <a
href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/148">sigstore/cosign-installer#148</a></li>
<li>test with latest go version by <a
href="https://github.com/bobcallaway"><code>@​bobcallaway</code></a> in
<a
href="https://redirect.github.com/sigstore/cosign-installer/pull/150">sigstore/cosign-installer#150</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/josedev-union"><code>@​josedev-union</code></a>
made their first contribution in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/147">sigstore/cosign-installer#147</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3...v3.2.0">https://github.com/sigstore/cosign-installer/compare/v3...v3.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1fc5bd396d"><code>1fc5bd3</code></a>
test with latest go version (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/150">#150</a>)</li>
<li><a
href="9ce7d6069f"><code>9ce7d60</code></a>
bump cosign to v2.2.1 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/148">#148</a>)</li>
<li><a
href="4b014e3cf1"><code>4b014e3</code></a>
Support the runner context of gitea act (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/147">#147</a>)</li>
<li><a
href="38ab09d8bf"><code>38ab09d</code></a>
Bump actions/checkout from 4.1.0 to 4.1.1 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/145">#145</a>)</li>
<li><a
href="9c520b997e"><code>9c520b9</code></a>
Bump actions/checkout from 4.0.0 to 4.1.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/144">#144</a>)</li>
<li><a
href="ef6a6b364b"><code>ef6a6b3</code></a>
Bump actions/checkout from 3.6.0 to 4.0.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/143">#143</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/v3.1.2...v3.2.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.1.2&new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-08 08:55:59 -03:00
dependabot[bot]
9fb281bd7a
chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 (#4376) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.0
to 4.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update CODEOWNERS to Launch team by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1510">actions/checkout#1510</a></li>
<li>Correct link to GitHub Docs by <a
href="https://github.com/peterbe"><code>@​peterbe</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li>
<li>Link to release page from what's new section by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1510">actions/checkout#1510</a></li>
<li><a href="https://github.com/peterbe"><code>@​peterbe</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4...v4.1.1">https://github.com/actions/checkout/compare/v4...v4.1.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b4ffde65f4"><code>b4ffde6</code></a>
Link to release page from what's new section (<a
href="https://redirect.github.com/actions/checkout/issues/1514">#1514</a>)</li>
<li><a
href="8530928916"><code>8530928</code></a>
Correct link to GitHub Docs (<a
href="https://redirect.github.com/actions/checkout/issues/1511">#1511</a>)</li>
<li><a
href="7cdaf2fbc0"><code>7cdaf2f</code></a>
Update CODEOWNERS to Launch team (<a
href="https://redirect.github.com/actions/checkout/issues/1510">#1510</a>)</li>
<li>See full diff in <a
href="8ade135a41...b4ffde65f4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.0&new-version=4.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.

[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-03 21:42:31 -03:00
dependabot[bot]
ad501a9da2
chore(deps): bump actions/checkout from 4.0.0 to 4.1.0 (#4325) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.0.0
to 4.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README.md for V4 by <a
href="https://github.com/sivapalan"><code>@​sivapalan</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1452">actions/checkout#1452</a></li>
<li>Add support for partial checkout filters by <a
href="https://github.com/finleygn"><code>@​finleygn</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1396">actions/checkout#1396</a></li>
<li>Prepare 4.1.0 release by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1496">actions/checkout#1496</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/sivapalan"><code>@​sivapalan</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1452">actions/checkout#1452</a></li>
<li><a href="https://github.com/finleygn"><code>@​finleygn</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1396">actions/checkout#1396</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4.0.0...v4.1.0">https://github.com/actions/checkout/compare/v4.0.0...v4.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v4.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add
support for partial checkout filters</a></li>
</ul>
<h2>v4.0.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1067">Support
fetching without the --progress option</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1436">Update to
node20</a></li>
</ul>
<h2>v3.6.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark
test scripts with Bash'isms to be run via Bash</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/579">Add
option to fetch tags even if fetch-depth &gt; 0</a></li>
</ul>
<h2>v3.5.3</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1196">Fix:
Checkout fail in self-hosted runners when faulty submodule are
checked-in</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix
typos found by codespell</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add
support for sparse checkouts</a></li>
</ul>
<h2>v3.5.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix
api endpoint for GHES</a></li>
</ul>
<h2>v3.5.1</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1246">Fix
slow checkout on Windows</a></li>
</ul>
<h2>v3.5.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1237">Add
new public key for known_hosts</a></li>
</ul>
<h2>v3.4.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade
codeql actions to v2</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade
dependencies</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade
<code>@​actions/io</code></a></li>
</ul>
<h2>v3.3.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1045">Implement
branch list using callbacks from exec function</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1050">Add
in explicit reference to private checkout options</a></li>
<li>[Fix comment typos (that got added in <a
href="https://redirect.github.com/actions/checkout/issues/770">#770</a>)](<a
href="https://redirect.github.com/actions/checkout/pull/1057">actions/checkout#1057</a>)</li>
</ul>
<h2>v3.2.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/942">Add
GitHub Action to perform release</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/967">Fix
status badge</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1002">Replace
datadog/squid with ubuntu/squid Docker image</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/964">Wrap
pipeline commands for submoduleForeach in quotes</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1029">Update
<code>@​actions/io</code> to 1.1.2</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1039">Upgrading
version to 3.2.0</a></li>
</ul>
<h2>v3.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/939">Use
<code>@​actions/core</code> <code>saveState</code> and
<code>getState</code></a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/922">Add
<code>github-server-url</code> input</a></li>
</ul>
<h2>v3.0.2</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8ade135a41"><code>8ade135</code></a>
Prepare 4.1.0 release (<a
href="https://redirect.github.com/actions/checkout/issues/1496">#1496</a>)</li>
<li><a
href="c533a0a4cf"><code>c533a0a</code></a>
Add support for partial checkout filters (<a
href="https://redirect.github.com/actions/checkout/issues/1396">#1396</a>)</li>
<li><a
href="72f2cec99f"><code>72f2cec</code></a>
Update README.md for V4 (<a
href="https://redirect.github.com/actions/checkout/issues/1452">#1452</a>)</li>
<li>See full diff in <a
href="3df4ab11eb...8ade135a41">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.0.0&new-version=4.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-25 12:19:05 -03:00
dependabot[bot]
49d411cd36
chore(deps): bump docker/setup-qemu-action from 2.2.0 to 3.0.0 (#4288) 
Bumps
[docker/setup-qemu-action](https://github.com/docker/setup-qemu-action)
from 2.2.0 to 3.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-qemu-action/releases">docker/setup-qemu-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<ul>
<li>Node 20 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions
Runner v2.308.0</a> or later) by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/102">docker/setup-qemu-action#102</a></li>
<li>Bump <code>@​actions/core</code> from 1.10.0 to 1.10.1 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/103">docker/setup-qemu-action#103</a></li>
<li>Bump semver from 6.3.0 to 6.3.1 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/89">docker/setup-qemu-action#89</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-qemu-action/compare/v2.2.0...v3.0.0">https://github.com/docker/setup-qemu-action/compare/v2.2.0...v3.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="68827325e0"><code>6882732</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/103">#103</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.1</li>
<li><a
href="183f4af504"><code>183f4af</code></a>
chore: update generated content</li>
<li><a
href="f17493529e"><code>f174935</code></a>
build(deps): bump <code>@​actions/core</code> from 1.10.0 to 1.10.1</li>
<li><a
href="2e423eb500"><code>2e423eb</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/89">#89</a>
from docker/dependabot/npm_and_yarn/semver-6.3.1</li>
<li><a
href="ecc406afa7"><code>ecc406a</code></a>
Bump semver from 6.3.0 to 6.3.1</li>
<li><a
href="12dec5e201"><code>12dec5e</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/102">#102</a>
from crazy-max/update-node20</li>
<li><a
href="c29b312130"><code>c29b312</code></a>
chore: node 20 as default runtime</li>
<li><a
href="34ae628c8f"><code>34ae628</code></a>
chore: update generated content</li>
<li><a
href="1f3d2e1ac0"><code>1f3d2e1</code></a>
chore: fix author in package.json</li>
<li><a
href="277dbe8c9c"><code>277dbe8</code></a>
vendor: bump <code>@​docker/actions-toolkit</code> from 0.3.0 to
0.12.0</li>
<li>Additional commits viewable in <a
href="2b82ce82d5...68827325e0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-qemu-action&package-manager=github_actions&previous-version=2.2.0&new-version=3.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.

[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-12 09:57:30 -03:00
dependabot[bot]
85557589fc
chore(deps): bump docker/setup-buildx-action from 2.10.0 to 3.0.0 (#4287) 
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 2.10.0 to 3.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<ul>
<li>Node 20 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions
Runner v2.308.0</a> or later) by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/264">docker/setup-buildx-action#264</a></li>
<li>Bump <code>@​actions/core</code> from 1.10.0 to 1.10.1 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/267">docker/setup-buildx-action#267</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.10.0...v3.0.0">https://github.com/docker/setup-buildx-action/compare/v2.10.0...v3.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f95db51fdd"><code>f95db51</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/267">#267</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.1</li>
<li><a
href="998a87c2c1"><code>998a87c</code></a>
chore: update generated content</li>
<li><a
href="28bae59336"><code>28bae59</code></a>
build(deps): bump <code>@​actions/core</code> from 1.10.0 to 1.10.1</li>
<li><a
href="c215341715"><code>c215341</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/264">#264</a>
from crazy-max/update-node20</li>
<li><a
href="02e9319239"><code>02e9319</code></a>
chore: node 20 as default runtime</li>
<li><a
href="5c9160effc"><code>5c9160e</code></a>
chore: update generated content</li>
<li><a
href="1283140f57"><code>1283140</code></a>
chore: fix author in package.json</li>
<li><a
href="c6afe06e4a"><code>c6afe06</code></a>
vendor: bump <code>@​docker/actions-toolkit</code> from 0.10.0 to
0.12.0</li>
<li><a
href="f35e0d5a04"><code>f35e0d5</code></a>
chore: update dev dependencies</li>
<li><a
href="baeb468fb2"><code>baeb468</code></a>
dev: remove unneeded binaries</li>
<li>Additional commits viewable in <a
href="885d1462b8...f95db51fdd">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=2.10.0&new-version=3.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.

[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-12 09:55:13 -03:00
dependabot[bot]
8f2daf7f76
chore(deps): bump crazy-max/ghaction-upx from 2 to 3 (#4284) 
Bumps
[crazy-max/ghaction-upx](https://github.com/crazy-max/ghaction-upx) from
2 to 3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crazy-max/ghaction-upx/releases">crazy-max/ghaction-upx's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<ul>
<li>Node 20 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions
Runner v2.308.0</a> or later) by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/crazy-max/ghaction-upx/pull/215">crazy-max/ghaction-upx#215</a></li>
<li>Update yarn to 3.6.3 by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/crazy-max/ghaction-upx/pull/214">crazy-max/ghaction-upx#214</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/crazy-max/ghaction-upx/compare/v2.4.0...v3.0.0">https://github.com/crazy-max/ghaction-upx/compare/v2.4.0...v3.0.0</a></p>
<h2>v2.4.0</h2>
<ul>
<li>Bump <code>@​actions/http-client</code> from 2.1.0 to 2.1.1 in <a
href="https://redirect.github.com/crazy-max/ghaction-upx/pull/206">crazy-max/ghaction-upx#206</a></li>
<li>Bump semver from 5.7.1 to 5.7.2 in <a
href="https://redirect.github.com/crazy-max/ghaction-upx/pull/204">crazy-max/ghaction-upx#204</a></li>
<li>Bump tough-cookie from 4.0.0 to 4.1.3 in <a
href="https://redirect.github.com/crazy-max/ghaction-upx/pull/203">crazy-max/ghaction-upx#203</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 in <a
href="https://redirect.github.com/crazy-max/ghaction-upx/pull/209">crazy-max/ghaction-upx#209</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/crazy-max/ghaction-upx/compare/v2.3.0...v2.4.0">https://github.com/crazy-max/ghaction-upx/compare/v2.3.0...v2.4.0</a></p>
<h2>v2.3.0</h2>
<ul>
<li>Add <code>install-only</code> input (<a
href="https://redirect.github.com/crazy-max/ghaction-upx/issues/201">#201</a>)</li>
<li>Bump <code>@​actions/http-client</code> from 2.0.1 to 2.1.0 (<a
href="https://redirect.github.com/crazy-max/ghaction-upx/issues/195">#195</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/crazy-max/ghaction-upx/compare/v2.2.0...v2.3.0">https://github.com/crazy-max/ghaction-upx/compare/v2.2.0...v2.3.0</a></p>
<h2>v2.2.0</h2>
<ul>
<li>Check latest and tagged releases using releases-json (<a
href="https://redirect.github.com/crazy-max/ghaction-upx/issues/192">#192</a>)</li>
<li>ci: generate upx-releases.json (<a
href="https://redirect.github.com/crazy-max/ghaction-upx/issues/186">#186</a>)</li>
<li>Bump json5 from 2.1.3 to 2.2.3 (<a
href="https://redirect.github.com/crazy-max/ghaction-upx/issues/184">#184</a>)</li>
<li>Bump minimatch from 3.0.4 to 3.1.2 (<a
href="https://redirect.github.com/crazy-max/ghaction-upx/issues/185">#185</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/crazy-max/ghaction-upx/compare/v2.1.0...v2.2.0">https://github.com/crazy-max/ghaction-upx/compare/v2.1.0...v2.2.0</a></p>
<h2>v2.1.0</h2>
<ul>
<li>Bump <code>@​actions/core</code> from 1.6.0 to 1.10.0 (<a
href="https://redirect.github.com/crazy-max/ghaction-upx/issues/181">#181</a>
<a
href="https://redirect.github.com/crazy-max/ghaction-upx/issues/182">#182</a>)</li>
<li>Bump <code>@​actions/http-client</code> from 1.0.11 to 2.0.1 (<a
href="https://redirect.github.com/crazy-max/ghaction-upx/issues/179">#179</a>)</li>
<li>Bump <code>@​actions/tool-cache</code> from 1.7.2 to 2.0.1 (<a
href="https://redirect.github.com/crazy-max/ghaction-upx/issues/178">#178</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/crazy-max/ghaction-upx/compare/v2.0.0...v2.1.0">https://github.com/crazy-max/ghaction-upx/compare/v2.0.0...v2.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0fc45e9126"><code>0fc45e9</code></a>
Merge pull request <a
href="https://redirect.github.com/crazy-max/ghaction-upx/issues/213">#213</a>
from crazy-max/dependabot/github_actions/actions/chec...</li>
<li><a
href="9465f624dd"><code>9465f62</code></a>
Merge pull request <a
href="https://redirect.github.com/crazy-max/ghaction-upx/issues/215">#215</a>
from crazy-max/update-node20</li>
<li><a
href="9eba60dcc9"><code>9eba60d</code></a>
ci: split test and validate workflow</li>
<li><a
href="4fd68cb082"><code>4fd68cb</code></a>
chore: node 20 as default runtime</li>
<li><a
href="81a846ee13"><code>81a846e</code></a>
chore: update generated content</li>
<li><a
href="6abbb7ec37"><code>6abbb7e</code></a>
test: fix after jest update</li>
<li><a
href="54c2561f69"><code>54c2561</code></a>
chore: update dev dependencies</li>
<li><a
href="d280f9562f"><code>d280f95</code></a>
chore: update to node 20</li>
<li><a
href="4d946a7137"><code>4d946a7</code></a>
Merge pull request <a
href="https://redirect.github.com/crazy-max/ghaction-upx/issues/214">#214</a>
from crazy-max/update-yarn</li>
<li><a
href="fbfc4f37fe"><code>fbfc4f3</code></a>
chore: update generated content</li>
<li>Additional commits viewable in <a
href="https://github.com/crazy-max/ghaction-upx/compare/v2...v3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=crazy-max/ghaction-upx&package-manager=github_actions&previous-version=2&new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-11 10:51:57 -03:00
dependabot[bot]
f5590f11a1
chore(deps): bump actions/checkout from 3.6.0 to 4.0.0 (#4276) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.6.0
to 4.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update default runtime to node20 by <a
href="https://github.com/takost"><code>@​takost</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1436">actions/checkout#1436</a></li>
<li>Support fetching without the --progress option by <a
href="https://github.com/simonbaird"><code>@​simonbaird</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1067">actions/checkout#1067</a></li>
<li>Release 4.0.0 by <a
href="https://github.com/takost"><code>@​takost</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1447">actions/checkout#1447</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/takost"><code>@​takost</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1436">actions/checkout#1436</a></li>
<li><a
href="https://github.com/simonbaird"><code>@​simonbaird</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1067">actions/checkout#1067</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v3...v4.0.0">https://github.com/actions/checkout/compare/v3...v4.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v4.0.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1067">Support
fetching without the --progress option</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1436">Update to
node20</a></li>
</ul>
<h2>v3.6.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark
test scripts with Bash'isms to be run via Bash</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/579">Add
option to fetch tags even if fetch-depth &gt; 0</a></li>
</ul>
<h2>v3.5.3</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1196">Fix:
Checkout fail in self-hosted runners when faulty submodule are
checked-in</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix
typos found by codespell</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add
support for sparse checkouts</a></li>
</ul>
<h2>v3.5.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix
api endpoint for GHES</a></li>
</ul>
<h2>v3.5.1</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1246">Fix
slow checkout on Windows</a></li>
</ul>
<h2>v3.5.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1237">Add
new public key for known_hosts</a></li>
</ul>
<h2>v3.4.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade
codeql actions to v2</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade
dependencies</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade
<code>@​actions/io</code></a></li>
</ul>
<h2>v3.3.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1045">Implement
branch list using callbacks from exec function</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1050">Add
in explicit reference to private checkout options</a></li>
<li>[Fix comment typos (that got added in <a
href="https://redirect.github.com/actions/checkout/issues/770">#770</a>)](<a
href="https://redirect.github.com/actions/checkout/pull/1057">actions/checkout#1057</a>)</li>
</ul>
<h2>v3.2.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/942">Add
GitHub Action to perform release</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/967">Fix
status badge</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1002">Replace
datadog/squid with ubuntu/squid Docker image</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/964">Wrap
pipeline commands for submoduleForeach in quotes</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1029">Update
<code>@​actions/io</code> to 1.1.2</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1039">Upgrading
version to 3.2.0</a></li>
</ul>
<h2>v3.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/939">Use
<code>@​actions/core</code> <code>saveState</code> and
<code>getState</code></a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/922">Add
<code>github-server-url</code> input</a></li>
</ul>
<h2>v3.0.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/770">Add
input <code>set-safe-directory</code></a></li>
</ul>
<h2>v3.0.1</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3df4ab11eb"><code>3df4ab1</code></a>
Release 4.0.0 (<a
href="https://redirect.github.com/actions/checkout/issues/1447">#1447</a>)</li>
<li><a
href="8b5e8b7687"><code>8b5e8b7</code></a>
Support fetching without the --progress option (<a
href="https://redirect.github.com/actions/checkout/issues/1067">#1067</a>)</li>
<li><a
href="97a652b800"><code>97a652b</code></a>
Update default runtime to node20 (<a
href="https://redirect.github.com/actions/checkout/issues/1436">#1436</a>)</li>
<li>See full diff in <a
href="f43a0e5ff2...3df4ab11eb">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=3.6.0&new-version=4.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.

[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-07 15:09:32 -03:00
dependabot[bot]
cf46d260df
chore(deps): bump cachix/install-nix-action from 22 to 23 (#4277) 
Bumps
[cachix/install-nix-action](https://github.com/cachix/install-nix-action)
from 22 to 23.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cachix/install-nix-action/releases">cachix/install-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>install-nix-action-v23</h2>
<ul>
<li>always show Nix trace</li>
<li>Nix 2.17</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6a9a9e84a1"><code>6a9a9e8</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/192">#192</a>
from grahamc/patch-1</li>
<li><a
href="4509d84f10"><code>4509d84</code></a>
Update to Nix 2.17.0</li>
<li><a
href="5cfd5166ea"><code>5cfd516</code></a>
bump</li>
<li><a
href="e02ea8c42e"><code>e02ea8c</code></a>
Fix links to nix.dev</li>
<li><a
href="fffc90f426"><code>fffc90f</code></a>
always show trace</li>
<li>See full diff in <a
href="https://github.com/cachix/install-nix-action/compare/v22...v23">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cachix/install-nix-action&package-manager=github_actions&previous-version=22&new-version=23)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.

[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-07 15:09:26 -03:00
dependabot[bot]
0e57170b61
chore(deps): bump sigstore/cosign-installer from 3.1.1 to 3.1.2 (#4270) 
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.1.1 to 3.1.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix build and push step Readme missing id by <a
href="https://github.com/hbenali"><code>@​hbenali</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/138">sigstore/cosign-installer#138</a></li>
<li>bump cosign to v2.2.0 by <a
href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/142">sigstore/cosign-installer#142</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/hbenali"><code>@​hbenali</code></a> made
their first contribution in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/138">sigstore/cosign-installer#138</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3...v3.1.2">https://github.com/sigstore/cosign-installer/compare/v3...v3.1.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="11086d2504"><code>11086d2</code></a>
bump cosign to v2.2.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/142">#142</a>)</li>
<li><a
href="4a861528be"><code>4a86152</code></a>
Bump actions/checkout from 3.5.3 to 3.6.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/141">#141</a>)</li>
<li><a
href="37f387123c"><code>37f3871</code></a>
Bump actions/setup-go from 4.0.1 to 4.1.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/139">#139</a>)</li>
<li><a
href="a5d81fb6bd"><code>a5d81fb</code></a>
Fix build and push step Readme missing id (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/138">#138</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/v3.1.1...v3.1.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.1.1&new-version=3.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.

[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-04 10:32:25 -03:00
dependabot[bot]
f13be62424
chore(deps): bump docker/setup-buildx-action from 2.9.1 to 2.10.0 (#4266) 
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 2.9.1 to 2.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.10.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.7.1 to 0.10.0 by
<a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/258">docker/setup-buildx-action#258</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/253">docker/setup-buildx-action#253</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.9.1...v2.10.0">https://github.com/docker/setup-buildx-action/compare/v2.9.1...v2.10.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="885d1462b8"><code>885d146</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/258">#258</a>
from crazy-max/update-toolkit</li>
<li><a
href="e5fad018d0"><code>e5fad01</code></a>
ci: check lab releases</li>
<li><a
href="45161fd92a"><code>45161fd</code></a>
update generated content</li>
<li><a
href="a4d51f53dd"><code>a4d51f5</code></a>
bump <code>@​docker/actions-toolkit</code> from 0.7.1 to 0.10.0</li>
<li><a
href="93b8ecaa2c"><code>93b8eca</code></a>
ci: docker-ce packages are now installed on GitHub Runners</li>
<li><a
href="7703e82fbc"><code>7703e82</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/253">#253</a>
from docker/dependabot/npm_and_yarn/word-wrap-1.2.5</li>
<li><a
href="0005881963"><code>0005881</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/254">#254</a>
from crazy-max/rm-codeowners</li>
<li><a
href="b699069f49"><code>b699069</code></a>
chore: remove CODEOWNERS</li>
<li><a
href="9bfc5497b8"><code>9bfc549</code></a>
Bump word-wrap from 1.2.3 to 1.2.5</li>
<li><a
href="b92d4d8769"><code>b92d4d8</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/252">#252</a>
from crazy-max/dependabot-update</li>
<li>Additional commits viewable in <a
href="4c0219f9ac...885d1462b8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=2.9.1&new-version=2.10.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-28 09:05:38 -03:00
dependabot[bot]
51c19d4d39
chore(deps): bump actions/checkout from 3.5.3 to 3.6.0 (#4262) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3
to 3.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v3.6.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Mark test scripts with Bash'isms to be run via Bash by <a
href="https://github.com/dscho"><code>@​dscho</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1377">actions/checkout#1377</a></li>
<li>Add option to fetch tags even if fetch-depth &gt; 0 by <a
href="https://github.com/RobertWieczoreck"><code>@​RobertWieczoreck</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/579">actions/checkout#579</a></li>
<li>Release 3.6.0 by <a
href="https://github.com/luketomlinson"><code>@​luketomlinson</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1437">actions/checkout#1437</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/RobertWieczoreck"><code>@​RobertWieczoreck</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/579">actions/checkout#579</a></li>
<li><a
href="https://github.com/luketomlinson"><code>@​luketomlinson</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1437">actions/checkout#1437</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v3.5.3...v3.6.0">https://github.com/actions/checkout/compare/v3.5.3...v3.6.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v3.6.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark
test scripts with Bash'isms to be run via Bash</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/579">Add
option to fetch tags even if fetch-depth &gt; 0</a></li>
</ul>
<h2>v3.5.3</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1196">Fix:
Checkout fail in self-hosted runners when faulty submodule are
checked-in</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix
typos found by codespell</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add
support for sparse checkouts</a></li>
</ul>
<h2>v3.5.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix
api endpoint for GHES</a></li>
</ul>
<h2>v3.5.1</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1246">Fix
slow checkout on Windows</a></li>
</ul>
<h2>v3.5.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1237">Add
new public key for known_hosts</a></li>
</ul>
<h2>v3.4.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade
codeql actions to v2</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade
dependencies</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade
<code>@​actions/io</code></a></li>
</ul>
<h2>v3.3.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1045">Implement
branch list using callbacks from exec function</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1050">Add
in explicit reference to private checkout options</a></li>
<li>[Fix comment typos (that got added in <a
href="https://redirect.github.com/actions/checkout/issues/770">#770</a>)](<a
href="https://redirect.github.com/actions/checkout/pull/1057">actions/checkout#1057</a>)</li>
</ul>
<h2>v3.2.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/942">Add
GitHub Action to perform release</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/967">Fix
status badge</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1002">Replace
datadog/squid with ubuntu/squid Docker image</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/964">Wrap
pipeline commands for submoduleForeach in quotes</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1029">Update
<code>@​actions/io</code> to 1.1.2</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1039">Upgrading
version to 3.2.0</a></li>
</ul>
<h2>v3.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/939">Use
<code>@​actions/core</code> <code>saveState</code> and
<code>getState</code></a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/922">Add
<code>github-server-url</code> input</a></li>
</ul>
<h2>v3.0.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/770">Add
input <code>set-safe-directory</code></a></li>
</ul>
<h2>v3.0.1</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/762">Fixed an
issue where checkout failed to run in container jobs due to the new git
setting <code>safe.directory</code></a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/744">Bumped
various npm package versions</a></li>
</ul>
<h2>v3.0.0</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f43a0e5ff2"><code>f43a0e5</code></a>
Release 3.6.0 (<a
href="https://redirect.github.com/actions/checkout/issues/1437">#1437</a>)</li>
<li><a
href="7739b9ba2e"><code>7739b9b</code></a>
Add option to fetch tags even if fetch-depth &gt; 0 (<a
href="https://redirect.github.com/actions/checkout/issues/579">#579</a>)</li>
<li><a
href="96f53100ba"><code>96f5310</code></a>
Mark test scripts with Bash'isms to be run via Bash (<a
href="https://redirect.github.com/actions/checkout/issues/1377">#1377</a>)</li>
<li>See full diff in <a
href="c85c95e3d7...f43a0e5ff2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=3.5.3&new-version=3.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-26 15:31:13 -03:00
dependabot[bot]
86568cb76c
chore(deps): bump actions/setup-go from 4.0.1 to 4.1.0 (#4241) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.0.1
to 4.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.0</h2>
<h2>What's Changed</h2>
<p>In scope of this release, slow installation on Windows was fixed by
<a href="https://github.com/dsame"><code>@​dsame</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/393">actions/setup-go#393</a>
and OS version was added to <code>primaryKey</code> for Ubuntu runners
to avoid conflicts (<a
href="https://redirect.github.com/actions/setup-go/pull/383">actions/setup-go#383</a>)</p>
<p>This release also includes the following changes:</p>
<ul>
<li>Remove implicit dependencies by <a
href="https://github.com/nikolai-laevskii"><code>@​nikolai-laevskii</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/378">actions/setup-go#378</a></li>
<li>Update action.yml by <a
href="https://github.com/mkelly"><code>@​mkelly</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/379">actions/setup-go#379</a></li>
<li>Added a description that go-version should be specified as a string
type by <a href="https://github.com/n3xem"><code>@​n3xem</code></a> in
<a
href="https://redirect.github.com/actions/setup-go/pull/367">actions/setup-go#367</a></li>
<li>Add note about YAML parsing versions by <a
href="https://github.com/dmitry-shibanov"><code>@​dmitry-shibanov</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/382">actions/setup-go#382</a></li>
<li>Automatic update of configuration files from 05/23/2023 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/377">actions/setup-go#377</a></li>
<li>Bump tough-cookie and <code>@​azure/ms-rest-js</code> by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/392">actions/setup-go#392</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/397">actions/setup-go#397</a></li>
<li>Bump semver from 6.3.0 to 6.3.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/396">actions/setup-go#396</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/mkelly"><code>@​mkelly</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/379">actions/setup-go#379</a></li>
<li><a href="https://github.com/n3xem"><code>@​n3xem</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/367">actions/setup-go#367</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-go/compare/v4...v4.1.0">https://github.com/actions/setup-go/compare/v4...v4.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="93397bea11"><code>93397be</code></a>
Fix Install on Windows is very slow (<a
href="https://redirect.github.com/actions/setup-go/issues/393">#393</a>)</li>
<li><a
href="27eec5b982"><code>27eec5b</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-go/issues/396">#396</a>
from actions/dependabot/npm_and_yarn/semver-6.3.1</li>
<li><a
href="ecfc77a56f"><code>ecfc77a</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-go/issues/397">#397</a>
from actions/dependabot/npm_and_yarn/word-wrap-1.2.4</li>
<li><a
href="1b80a11e05"><code>1b80a11</code></a>
Bump word-wrap from 1.2.3 to 1.2.4</li>
<li><a
href="b1c343484c"><code>b1c3434</code></a>
Fix licensing for Semver 6.3.1</li>
<li><a
href="0bb97b1c5c"><code>0bb97b1</code></a>
Rebuild after updating Semver</li>
<li><a
href="4220624b80"><code>4220624</code></a>
Bump semver from 6.3.0 to 6.3.1</li>
<li><a
href="db8764c1e2"><code>db8764c</code></a>
Bump tough-cookie and <code>@​azure/ms-rest-js</code> (<a
href="https://redirect.github.com/actions/setup-go/issues/392">#392</a>)</li>
<li><a
href="08b314a573"><code>08b314a</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-go/issues/383">#383</a>
from akv-platform/issue-368</li>
<li><a
href="4e0b6c77c6"><code>4e0b6c7</code></a>
Limit to Linux only</li>
<li>Additional commits viewable in <a
href="fac708d667...93397bea11">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-go&package-manager=github_actions&previous-version=4.0.1&new-version=4.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-08-09 10:14:03 -03:00
dependabot[bot]
77f97a6092
chore(deps): bump the github-actions group with 1 update (#4185) 2023-07-21 16:58:14 +00:00
dependabot[bot]
b95fd39486
chore(deps): bump the github-actions group with 1 update (#4168) 
Bumps the github-actions group with 1 update:
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action).

<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.9.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.6.0 to 0.7.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/246">docker/setup-buildx-action#246</a>
<ul>
<li>Adds support to cache Buildx binary to hosted tool cache and GHA
cache backend</li>
</ul>
</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.8.0...v2.9.0">https://github.com/docker/setup-buildx-action/compare/v2.8.0...v2.9.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2a1a44ac4a"><code>2a1a44a</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/246">#246</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="a6c26a99ef"><code>a6c26a9</code></a>
update ci workflow</li>
<li><a
href="a5a7f565d9"><code>a5a7f56</code></a>
update generated content</li>
<li><a
href="7d7611f95b"><code>7d7611f</code></a>
Bump <code>@​docker/actions-toolkit</code> from 0.6.0 to 0.7.0</li>
<li>See full diff in <a
href="16c0bc4a6e...2a1a44ac4a">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=2.8.0&new-version=2.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-07-07 10:32:08 -03:00
dependabot[bot]
c16ffc40a1
chore(deps): bump docker/setup-buildx-action from 2.7.0 to 2.8.0 (#4155) 
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 2.7.0 to 2.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.8.0</h2>
<ul>
<li>Only set specific flags for drivers supporting them by <a
href="https://github.com/nicks"><code>@​nicks</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/241">docker/setup-buildx-action#241</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.5.0 to 0.6.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/242">docker/setup-buildx-action#242</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.7.0...v2.8.0">https://github.com/docker/setup-buildx-action/compare/v2.7.0...v2.8.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="16c0bc4a6e"><code>16c0bc4</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/242">#242</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="ebcacb9c21"><code>ebcacb9</code></a>
update generated content</li>
<li><a
href="496a823b8b"><code>496a823</code></a>
Bump <code>@​docker/actions-toolkit</code> from 0.5.0 to 0.6.0</li>
<li><a
href="a56031a493"><code>a56031a</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/241">#241</a>
from nicks/nicks/driver</li>
<li><a
href="922550f064"><code>922550f</code></a>
context: only append flags if we know the driver supports them</li>
<li>See full diff in <a
href="ecf95283f0...16c0bc4a6e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=2.7.0&new-version=2.8.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-29 13:34:00 -03:00
dependabot[bot]
d827252bd3
chore(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 (#4147) 
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.1.0 to 3.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.1</h2>
<h2>What's Changed</h2>
<ul>
<li>default cosign to v2.1.1 by <a
href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/137">sigstore/cosign-installer#137</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1">https://github.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6e04d228eb"><code>6e04d22</code></a>
default cosign to v2.1.1 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/137">#137</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.1.0&new-version=3.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-28 09:46:15 -03:00
dependabot[bot]
e9eda52291
chore(deps): bump sigstore/cosign-installer from 3.0.5 to 3.1.0 (#4141) 2023-06-26 13:17:09 +00:00
Carlos Alexandro Becker
0b1a6bbfea
chore: fmt 
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
 2023-06-21 22:09:27 +00:00
dependabot[bot]
cb77f8d667
chore(deps): bump anchore/sbom-action from 0.14.2 to 0.14.3 (#4130) 2023-06-21 19:13:11 +00:00
dependabot[bot]
db6a1704ed
chore(deps): bump cachix/install-nix-action from 21 to 22 (#4125) 
Bumps
[cachix/install-nix-action](https://github.com/cachix/install-nix-action)
from 21 to 22.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cachix/install-nix-action/releases">cachix/install-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>install-nix-action-v22</h2>
<ul>
<li>Nix 2.16.1</li>
<li>Fix issues with System Integrity Protection when using macos-12</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6ed004b9cc"><code>6ed004b</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/184">#184</a>
from cachix/macos-bump</li>
<li><a
href="e27879448e"><code>e278794</code></a>
Nix: 2.15.1 -&gt; 2.16.1</li>
<li><a
href="8ab3881720"><code>8ab3881</code></a>
use system certs</li>
<li><a
href="16b951426e"><code>16b9514</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/182">#182</a>
from l0b0/feat/configure-editors</li>
<li><a
href="2c203fd87b"><code>2c203fd</code></a>
feat: Configure editors</li>
<li>See full diff in <a
href="https://github.com/cachix/install-nix-action/compare/v21...v22">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cachix/install-nix-action&package-manager=github_actions&previous-version=21&new-version=22)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-19 08:59:24 -03:00
dependabot[bot]
605467bfa4
chore(deps): bump docker/setup-buildx-action from 2.6.0 to 2.7.0 (#4100) 
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 2.6.0 to 2.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.7.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.3.0 to 0.5.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/237">docker/setup-buildx-action#237</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/238">docker/setup-buildx-action#238</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.6.0...v2.7.0">https://github.com/docker/setup-buildx-action/compare/v2.6.0...v2.7.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ecf95283f0"><code>ecf9528</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/238">#238</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="b2a38ee0c6"><code>b2a38ee</code></a>
update generated content</li>
<li><a
href="7f79690cac"><code>7f79690</code></a>
Bump <code>@​docker/actions-toolkit</code> from 0.4.0 to 0.5.0</li>
<li><a
href="bdd549bec0"><code>bdd549b</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/237">#237</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="be4a3855af"><code>be4a385</code></a>
update generated content</li>
<li><a
href="6c4dbb29f6"><code>6c4dbb2</code></a>
Bump <code>@​docker/actions-toolkit</code> from 0.3.0 to 0.4.0</li>
<li>See full diff in <a
href="6a58db7e0d...ecf95283f0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=2.6.0&new-version=2.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-14 09:35:59 -03:00
dependabot[bot]
980bccd1fe
chore(deps): bump actions/checkout from 3.4.0 to 3.5.3 (#4088) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.4.0
to 3.5.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v3.5.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix: Checkout Issue in self hosted runner due to faulty submodule
check-ins by <a
href="https://github.com/megamanics"><code>@​megamanics</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1196">actions/checkout#1196</a></li>
<li>Fix typos found by codespell by <a
href="https://github.com/DimitriPapadopoulos"><code>@​DimitriPapadopoulos</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1287">actions/checkout#1287</a></li>
<li>Add support for sparse checkouts by <a
href="https://github.com/dscho"><code>@​dscho</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1369">actions/checkout#1369</a></li>
<li>Release v3.5.3 by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1376">actions/checkout#1376</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/megamanics"><code>@​megamanics</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1196">actions/checkout#1196</a></li>
<li><a
href="https://github.com/DimitriPapadopoulos"><code>@​DimitriPapadopoulos</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1287">actions/checkout#1287</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v3...v3.5.3">https://github.com/actions/checkout/compare/v3...v3.5.3</a></p>
<h2>v3.5.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix: Use correct API url / endpoint in GHES by <a
href="https://github.com/fhammerl"><code>@​fhammerl</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1289">actions/checkout#1289</a>
based on <a
href="https://redirect.github.com/actions/checkout/issues/1286">#1286</a>
by <a href="https://github.com/1newsr"><code>@​1newsr</code></a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v3.5.1...v3.5.2">https://github.com/actions/checkout/compare/v3.5.1...v3.5.2</a></p>
<h2>v3.5.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Improve checkout performance on Windows runners by upgrading
<code>@​actions/github</code> dependency by <a
href="https://github.com/BrettDong"><code>@​BrettDong</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1246">actions/checkout#1246</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/BrettDong"><code>@​BrettDong</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1246">actions/checkout#1246</a></li>
<li><a href="https://github.com/fhammerl"><code>@​fhammerl</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1284">actions/checkout#1284</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v3.5.0...v3.5.1">https://github.com/actions/checkout/compare/v3.5.0...v3.5.1</a></p>
<h2>v3.5.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add new public key for known_hosts by <a
href="https://github.com/cdb"><code>@​cdb</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1237">actions/checkout#1237</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/cdb"><code>@​cdb</code></a> made their
first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1237">actions/checkout#1237</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v3.4.0...v3.5.0">https://github.com/actions/checkout/compare/v3.4.0...v3.5.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v3.5.3</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1196">Fix:
Checkout fail in self-hosted runners when faulty submodule are
checked-in</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix
typos found by codespell</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add
support for sparse checkouts</a></li>
</ul>
<h2>v3.5.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix
api endpoint for GHES</a></li>
</ul>
<h2>v3.5.1</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1246">Fix
slow checkout on Windows</a></li>
</ul>
<h2>v3.5.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1237">Add
new public key for known_hosts</a></li>
</ul>
<h2>v3.4.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade
codeql actions to v2</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade
dependencies</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade
<code>@​actions/io</code></a></li>
</ul>
<h2>v3.3.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1045">Implement
branch list using callbacks from exec function</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1050">Add
in explicit reference to private checkout options</a></li>
<li>[Fix comment typos (that got added in <a
href="https://redirect.github.com/actions/checkout/issues/770">#770</a>)](<a
href="https://redirect.github.com/actions/checkout/pull/1057">actions/checkout#1057</a>)</li>
</ul>
<h2>v3.2.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/942">Add
GitHub Action to perform release</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/967">Fix
status badge</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1002">Replace
datadog/squid with ubuntu/squid Docker image</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/964">Wrap
pipeline commands for submoduleForeach in quotes</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1029">Update
<code>@​actions/io</code> to 1.1.2</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1039">Upgrading
version to 3.2.0</a></li>
</ul>
<h2>v3.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/939">Use
<code>@​actions/core</code> <code>saveState</code> and
<code>getState</code></a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/922">Add
<code>github-server-url</code> input</a></li>
</ul>
<h2>v3.0.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/770">Add
input <code>set-safe-directory</code></a></li>
</ul>
<h2>v3.0.1</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/762">Fixed an
issue where checkout failed to run in container jobs due to the new git
setting <code>safe.directory</code></a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/744">Bumped
various npm package versions</a></li>
</ul>
<h2>v3.0.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/689">Update to
node 16</a></li>
</ul>
<h2>v2.3.1</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c85c95e3d7"><code>c85c95e</code></a>
Release v3.5.3 (<a
href="https://redirect.github.com/actions/checkout/issues/1376">#1376</a>)</li>
<li><a
href="d106d4669b"><code>d106d46</code></a>
Add support for sparse checkouts (<a
href="https://redirect.github.com/actions/checkout/issues/1369">#1369</a>)</li>
<li><a
href="f095bcc56b"><code>f095bcc</code></a>
Fix typos found by codespell (<a
href="https://redirect.github.com/actions/checkout/issues/1287">#1287</a>)</li>
<li><a
href="47fbe2df0a"><code>47fbe2d</code></a>
Fix: Checkout fail in self-hosted runners when faulty submodule are
checked-i...</li>
<li><a
href="8e5e7e5ab8"><code>8e5e7e5</code></a>
Release v3.5.2 (<a
href="https://redirect.github.com/actions/checkout/issues/1291">#1291</a>)</li>
<li><a
href="eb35239ec2"><code>eb35239</code></a>
Fix: convert baseUrl to serverApiUrl 'formatted' (<a
href="https://redirect.github.com/actions/checkout/issues/1289">#1289</a>)</li>
<li><a
href="83b7061638"><code>83b7061</code></a>
Release v3.5.1 (<a
href="https://redirect.github.com/actions/checkout/issues/1284">#1284</a>)</li>
<li><a
href="40a16ebeed"><code>40a16eb</code></a>
Improve checkout performance on Windows runners by upgrading
<code>@​actions/github</code> ...</li>
<li><a
href="8f4b7f8486"><code>8f4b7f8</code></a>
Add new public key for known_hosts (<a
href="https://redirect.github.com/actions/checkout/issues/1237">#1237</a>)</li>
<li><a
href="cd6a9fd493"><code>cd6a9fd</code></a>
Update update-main-version.yml</li>
<li>See full diff in <a
href="https://github.com/actions/checkout/compare/v3.4.0...c85c95e3d7251135ab7dc9ce3241c5835cc595a9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=3.4.0&new-version=3.5.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-12 08:57:05 -03:00
dependabot[bot]
6f0cb99477
chore(deps): bump docker/setup-buildx-action from 2.5.0 to 2.6.0 (#4083) 
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 2.5.0 to 2.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.6.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Set node name for k8s driver when appending nodes by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/219">docker/setup-buildx-action#219</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.1.0-beta.18 to
0.3.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/220">docker/setup-buildx-action#220</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/229">docker/setup-buildx-action#229</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/231">docker/setup-buildx-action#231</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/236">docker/setup-buildx-action#236</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.5.0...v2.6.0">https://github.com/docker/setup-buildx-action/compare/v2.5.0...v2.6.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6a58db7e0d"><code>6a58db7</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/236">#236</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="d56292e348"><code>d56292e</code></a>
update generated content</li>
<li><a
href="790eb2db47"><code>790eb2d</code></a>
Bump <code>@​docker/actions-toolkit</code> from 0.2.0 to 0.3.0</li>
<li><a
href="2a81c53912"><code>2a81c53</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/231">#231</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="00b2400aad"><code>00b2400</code></a>
update generated content</li>
<li><a
href="484614d7a1"><code>484614d</code></a>
Bump <code>@​docker/actions-toolkit</code> from 0.1.0 to 0.2.0</li>
<li><a
href="d95759405f"><code>d957594</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/219">#219</a>
from crazy-max/ci-k3s-append</li>
<li><a
href="5bb6d36be0"><code>5bb6d36</code></a>
ci: set up and build with k3s</li>
<li><a
href="a99c5e53ef"><code>a99c5e5</code></a>
update generated content</li>
<li><a
href="fc1a41d2e5"><code>fc1a41d</code></a>
set node name for k8s driver when appending nodes</li>
<li>Additional commits viewable in <a
href="4b4e9c3e2d...6a58db7e0d">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=2.5.0&new-version=2.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-08 09:41:17 -03:00
dependabot[bot]
8498279c5b
chore(deps): bump docker/setup-qemu-action from 2.1.0 to 2.2.0 (#4084) 2023-06-08 09:10:29 -03:00
dependabot[bot]
967bd7b06c
chore(deps): bump cachix/install-nix-action from 20 to 21 (#4040) 
Bumps
[cachix/install-nix-action](https://github.com/cachix/install-nix-action)
from 20 to 21.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cachix/install-nix-action/releases">cachix/install-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>install-nix-action-v21</h2>
<ul>
<li>pin Nix to 2.15.1 (recent releases broke too many things)</li>
<li>fix the action to work on custom containers</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4b933aa7eb"><code>4b933aa</code></a>
Nix: 2.15.1</li>
<li><a
href="35806937f1"><code>3580693</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/179">#179</a>
from joergdw/fix-action-path</li>
<li><a
href="3eb7a24508"><code>3eb7a24</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/178">#178</a>
from cachix/docs/149</li>
<li><a
href="840ed7ce9a"><code>840ed7c</code></a>
Document how to pass env vars to modern nix commands</li>
<li><a
href="b2f4229533"><code>b2f4229</code></a>
Fix action to make it work on custom containers;</li>
<li><a
href="e304541747"><code>e304541</code></a>
fix <a
href="https://redirect.github.com/cachix/install-nix-action/issues/170">#170</a></li>
<li><a
href="3988b729f9"><code>3988b72</code></a>
pin Nix to 2.15.0</li>
<li><a
href="763a380571"><code>763a380</code></a>
Bump revision in README</li>
<li><a
href="67e9fd765d"><code>67e9fd7</code></a>
bump revision in readme</li>
<li><a
href="be4cef7b77"><code>be4cef7</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/166">#166</a>
from l0b0/refactor/linting</li>
<li>Additional commits viewable in <a
href="https://github.com/cachix/install-nix-action/compare/v20...v21">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cachix/install-nix-action&package-manager=github_actions&previous-version=20&new-version=21)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-26 10:00:14 -03:00
Carlos Alexandro Becker
99afc8d62e
feat: nix support (#4012) 
very, very, very WIP implementation of nixpkgs for GoReleaser.

**Decisions made for this first version:**
- only linux and darwin, arm64, 386 and amd64
- only support pkgs from goreleaser-generated archives
- no support to push into default nixpkgs repository
- no support to automatically add the _maybe_ new pkg to the root
`default.nix`
- the generated nixpkg will be rather verbose, which shouldn't be too
much of an issue as it is autogenerated anyway

**TODOs**:
- [x] macos universal binary support
- [x] custom pkg path (e.g. pkgs/misc/foo/bar/default.nix)
- [x] handle archives with a folder in them
- [x] add more options: postInstall, ??

**Will be handled in future versions**:
- [ ] archives.format=binary support
- [ ] compile from source
- [ ] PR-ing into nixpkgs
- [ ] armv6l-linux & armv7l-linux support

closes #3537

---------

Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
 2023-05-25 23:07:10 -03:00
dependabot[bot]
4227c194f8
chore(deps): bump sigstore/cosign-installer from 3.0.4 to 3.0.5 (#4020) 2023-05-18 09:34:13 -03:00
dependabot[bot]
670238c3ea
chore(deps): bump sigstore/cosign-installer from 3.0.3 to 3.0.4 (#4018) 2023-05-17 09:02:19 -03:00
dependabot[bot]
234e1d8ce5
chore(deps): bump codecov/codecov-action from 3.1.3 to 3.1.4 (#4014) 
Bumps
[codecov/codecov-action](https://github.com/codecov/codecov-action) from
3.1.3 to 3.1.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's
releases</a>.</em></p>
<blockquote>
<h2>3.1.4</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.15.12 to
18.16.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/970">codecov/codecov-action#970</a></li>
<li>Fix typo in README.md by <a
href="https://github.com/hisaac"><code>@​hisaac</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/967">codecov/codecov-action#967</a></li>
<li>fix: add back in working dir by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/971">codecov/codecov-action#971</a></li>
<li>fix: CLI option names for uploader by <a
href="https://github.com/kleisauke"><code>@​kleisauke</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/969">codecov/codecov-action#969</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.16.3 to
20.1.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/975">codecov/codecov-action#975</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 20.1.0 to
20.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/979">codecov/codecov-action#979</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 20.1.2 to
20.1.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/981">codecov/codecov-action#981</a></li>
<li>release: 3.1.4 by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/983">codecov/codecov-action#983</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/hisaac"><code>@​hisaac</code></a> made
their first contribution in <a
href="https://redirect.github.com/codecov/codecov-action/pull/967">codecov/codecov-action#967</a></li>
<li><a href="https://github.com/kleisauke"><code>@​kleisauke</code></a>
made their first contribution in <a
href="https://redirect.github.com/codecov/codecov-action/pull/969">codecov/codecov-action#969</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v3.1.3...v3.1.4">https://github.com/codecov/codecov-action/compare/v3.1.3...v3.1.4</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md">codecov/codecov-action's
changelog</a>.</em></p>
<blockquote>
<h2>3.1.4</h2>
<h3>Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/967">#967</a>
Fix typo in README.md</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/971">#971</a>
fix: add back in working dir</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/969">#969</a>
fix: CLI option names for uploader</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/970">#970</a>
build(deps-dev): bump <code>@​types/node</code> from 18.15.12 to
18.16.3</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/979">#979</a>
build(deps-dev): bump <code>@​types/node</code> from 20.1.0 to
20.1.2</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/981">#981</a>
build(deps-dev): bump <code>@​types/node</code> from 20.1.2 to
20.1.4</li>
</ul>
<h2>3.1.3</h2>
<h3>Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/960">#960</a>
fix: allow for aarch64 build</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/957">#957</a>
build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/958">#958</a>
build(deps): bump openpgp from 5.7.0 to 5.8.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/959">#959</a>
build(deps-dev): bump <code>@​types/node</code> from 18.15.10 to
18.15.12</li>
</ul>
<h2>3.1.2</h2>
<h3>Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/718">#718</a>
Update README.md</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/851">#851</a>
Remove unsupported path_to_write_report argument</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/898">#898</a>
codeql-analysis.yml</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/901">#901</a>
Update README to contain correct information - inputs and negate
feature</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/955">#955</a>
fix: add in all the extra arguments for uploader</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/819">#819</a>
build(deps): bump openpgp from 5.4.0 to 5.5.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/835">#835</a>
build(deps): bump node-fetch from 3.2.4 to 3.2.10</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/840">#840</a>
build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/841">#841</a>
build(deps): bump <code>@​actions/core</code> from 1.9.1 to 1.10.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/843">#843</a>
build(deps): bump <code>@​actions/github</code> from 5.0.3 to 5.1.1</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/869">#869</a>
build(deps): bump node-fetch from 3.2.10 to 3.3.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/872">#872</a>
build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/879">#879</a>
build(deps): bump decode-uri-component from 0.2.0 to 0.2.2</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/889">#889</a>
build(deps): bump ossf/scorecard-action from 1.1.1 to 2.1.2</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/895">#895</a>
build(deps): bump json5 from 2.2.1 to 2.2.3</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/896">#896</a>
build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/900">#900</a>
build(deps-dev): bump <code>@​vercel/ncc</code> from 0.34.0 to
0.36.1</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/905">#905</a>
build(deps-dev): bump typescript from 4.7.4 to 4.9.5</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/911">#911</a>
build(deps-dev): bump <code>@​types/node</code> from 16.11.40 to
18.13.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/922">#922</a>
build(deps-dev): bump <code>@​types/node</code> from 18.13.0 to
18.14.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/924">#924</a>
build(deps): bump openpgp from 5.5.0 to 5.7.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/927">#927</a>
build(deps-dev): bump <code>@​types/node</code> from 18.14.0 to
18.14.2</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/933">#933</a>
build(deps-dev): bump <code>@​types/node</code> from 18.14.2 to
18.14.6</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/937">#937</a>
build(deps-dev): bump <code>@​types/node</code> from 18.14.6 to
18.15.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/938">#938</a>
build(deps): bump node-fetch from 3.3.0 to 3.3.1</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/945">#945</a>
build(deps-dev): bump <code>@​types/node</code> from 18.15.0 to
18.15.5</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="eaaf4bedf3"><code>eaaf4be</code></a>
release: 3.1.4 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/983">#983</a>)</li>
<li><a
href="c2ab9ab2e1"><code>c2ab9ab</code></a>
build(deps-dev): bump <code>@​types/node</code> from 20.1.2 to 20.1.4
(<a
href="https://redirect.github.com/codecov/codecov-action/issues/981">#981</a>)</li>
<li><a
href="49c20db375"><code>49c20db</code></a>
build(deps-dev): bump <code>@​types/node</code> from 20.1.0 to 20.1.2
(<a
href="https://redirect.github.com/codecov/codecov-action/issues/979">#979</a>)</li>
<li><a
href="cf8e3e4262"><code>cf8e3e4</code></a>
build(deps-dev): bump <code>@​types/node</code> from 18.16.3 to 20.1.0
(<a
href="https://redirect.github.com/codecov/codecov-action/issues/975">#975</a>)</li>
<li><a
href="1c34415a06"><code>1c34415</code></a>
fix: CLI option names for uploader (<a
href="https://redirect.github.com/codecov/codecov-action/issues/969">#969</a>)</li>
<li><a
href="b4dfea724f"><code>b4dfea7</code></a>
fix: add back in working dir (<a
href="https://redirect.github.com/codecov/codecov-action/issues/971">#971</a>)</li>
<li><a
href="5bf250470e"><code>5bf2504</code></a>
Fix typo in README.md (<a
href="https://redirect.github.com/codecov/codecov-action/issues/967">#967</a>)</li>
<li><a
href="1dd0ce34be"><code>1dd0ce3</code></a>
build(deps-dev): bump <code>@​types/node</code> from 18.15.12 to 18.16.3
(<a
href="https://redirect.github.com/codecov/codecov-action/issues/970">#970</a>)</li>
<li>See full diff in <a
href="894ff025c7...eaaf4bedf3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=3.1.3&new-version=3.1.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-16 09:22:03 -03:00
dependabot[bot]
8005088588
chore(deps): bump actions/setup-go from 4.0.0 to 4.0.1 (#4015) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.0.0
to 4.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update documentation for <code>v4</code> by <a
href="https://github.com/dsame"><code>@​dsame</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/354">actions/setup-go#354</a></li>
<li>Fix glob bug in the package.json scripts section by <a
href="https://github.com/IvanZosimov"><code>@​IvanZosimov</code></a> in
<a
href="https://redirect.github.com/actions/setup-go/pull/359">actions/setup-go#359</a></li>
<li>Bump <code>xml2js</code> dependency by <a
href="https://github.com/dmitry-shibanov"><code>@​dmitry-shibanov</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/370">actions/setup-go#370</a></li>
<li>Bump <code>@actions/cache</code> dependency to v3.2.1 by <a
href="https://github.com/nikolai-laevskii"><code>@​nikolai-laevskii</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/374">actions/setup-go#374</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/nikolai-laevskii"><code>@​nikolai-laevskii</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/374">actions/setup-go#374</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-go/compare/v4...v4.0.1">https://github.com/actions/setup-go/compare/v4...v4.0.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="fac708d667"><code>fac708d</code></a>
Bump <code>@​actions/cache</code> dependency to v3.2.1 (<a
href="https://redirect.github.com/actions/setup-go/issues/374">#374</a>)</li>
<li><a
href="dd84a9531a"><code>dd84a95</code></a>
Update xml2js (<a
href="https://redirect.github.com/actions/setup-go/issues/370">#370</a>)</li>
<li><a
href="41c2024c46"><code>41c2024</code></a>
Fix glob bug in package.json scripts section (<a
href="https://redirect.github.com/actions/setup-go/issues/359">#359</a>)</li>
<li><a
href="8dbf352f06"><code>8dbf352</code></a>
update README fo v4 (<a
href="https://redirect.github.com/actions/setup-go/issues/354">#354</a>)</li>
<li>See full diff in <a
href="4d34df0c23...fac708d667">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-go&package-manager=github_actions&previous-version=4.0.0&new-version=4.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-16 09:21:45 -03:00
dependabot[bot]
64d6424215
chore(deps): bump anchore/sbom-action from 0.14.1 to 0.14.2 (#3994) 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.14.1 to 0.14.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.14.2</h2>
<h2>Changes in v0.14.2</h2>
<ul>
<li>Update Syft to v0.80.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/415">#415</a>)</li>
<li>Make sure all invalid artifact name characters are replaced <a
href="https://redirect.github.com/anchore/sbom-action/issues/396">#396</a>
(<a
href="https://redirect.github.com/anchore/sbom-action/issues/417">#417</a>)
[<a href="https://github.com/lts-po">lts-po</a>]</li>
<li>Ensure SBOM is copied to <code>output-file</code> (<a
href="https://redirect.github.com/anchore/sbom-action/issues/411">#411</a>)
[<a href="https://github.com/gszr">gszr</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4d571ad103"><code>4d571ad</code></a>
chore(deps): update Syft to v0.80.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/415">#415</a>)</li>
<li><a
href="a59054d328"><code>a59054d</code></a>
fix: Make sure all invalid chars are replaced for artifact names --
fixes <a
href="https://redirect.github.com/anchore/sbom-action/issues/39">#39</a>...</li>
<li><a
href="ea7104d799"><code>ea7104d</code></a>
chore: update snapshot workflow (<a
href="https://redirect.github.com/anchore/sbom-action/issues/413">#413</a>)</li>
<li><a
href="50dec67b80"><code>50dec67</code></a>
chore(deps): update Syft to v0.77.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/409">#409</a>)</li>
<li><a
href="8e2e93770c"><code>8e2e937</code></a>
fix: ensure sbom is copied to output-file (<a
href="https://redirect.github.com/anchore/sbom-action/issues/411">#411</a>)</li>
<li><a
href="800a56fe08"><code>800a56f</code></a>
chore: update snapshot workflow (<a
href="https://redirect.github.com/anchore/sbom-action/issues/412">#412</a>)</li>
<li><a
href="9cf3dcd573"><code>9cf3dcd</code></a>
chore: update snapshot workflow (<a
href="https://redirect.github.com/anchore/sbom-action/issues/410">#410</a>)</li>
<li><a
href="642f63cefc"><code>642f63c</code></a>
chore: update syft update check (<a
href="https://redirect.github.com/anchore/sbom-action/issues/408">#408</a>)</li>
<li><a
href="a7622b6841"><code>a7622b6</code></a>
chore: update deprecated set-output (<a
href="https://redirect.github.com/anchore/sbom-action/issues/407">#407</a>)</li>
<li><a
href="c82ee2675f"><code>c82ee26</code></a>
chore: add workflow to update snapshots from PR comment (<a
href="https://redirect.github.com/anchore/sbom-action/issues/406">#406</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/anchore/sbom-action/compare/v0.14.1...v0.14.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anchore/sbom-action&package-manager=github_actions&previous-version=0.14.1&new-version=0.14.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-08 08:49:41 -03:00
Carlos Alexandro Becker
803ef6566e
build: use ghaction-upx 
thanks @crazy-max!

Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
 2023-05-03 17:06:46 +00:00
Carlos Alexandro Becker
d4fc62780c
chore(deps): bump many actions 2023-05-02 12:24:53 +00:00
Carlos Alexandro Becker
43ae761179
feat: native upx support (#3965) 
this adds a new root-level `upx` config, so users can pack their
binaries with upx :)

---------

Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
 2023-05-01 21:22:05 -03:00
Carlos A Becker
b4b6496ea6
build: setup-go update 2023-03-17 16:04:47 -03:00
dependabot[bot]
b623247fb7
chore(deps): bump actions/setup-go from 3.5.0 to 4.0.0 (#3871) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.5.0
to 4.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<p>In scope of release we enable cache by default. The action won’t
throw an error if the cache can’t be restored or saved. The action will
throw a warning message but it won’t stop a build process. The cache can
be disabled by specifying <code>cache: false</code>.</p>
<pre lang="yaml"><code>steps:
  - uses: actions/checkout@v3
  - uses: actions/setup-go@v4
    with:
      go-version: ‘1.19’
  - run: go run hello.go
</code></pre>
<p>Besides, we introduce such changes as</p>
<ul>
<li><a
href="https://redirect.github.com/actions/setup-go/pull/305">Allow to
use only GOCACHE for cache</a></li>
<li><a href="https://redirect.github.com/actions/setup-go/pull/315">Bump
json5 from 2.2.1 to 2.2.3</a></li>
<li><a href="https://redirect.github.com/actions/setup-go/pull/323">Use
proper version for primary key in cache</a></li>
<li><a
href="https://redirect.github.com/actions/setup-go/pull/351">Always add
Go bin to the PATH</a></li>
<li><a href="https://redirect.github.com/actions/setup-go/pull/350">Add
step warning if go-version input is empty</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4d34df0c23"><code>4d34df0</code></a>
Update configuration files (<a
href="https://redirect.github.com/actions/setup-go/issues/348">#348</a>)</li>
<li><a
href="fdc0d672a1"><code>fdc0d67</code></a>
Add Go bin if go-version input is empty (<a
href="https://redirect.github.com/actions/setup-go/issues/351">#351</a>)</li>
<li><a
href="ebfdf6ac95"><code>ebfdf6a</code></a>
add warning if go-version is empty (<a
href="https://redirect.github.com/actions/setup-go/issues/350">#350</a>)</li>
<li><a
href="b27d76912e"><code>b27d769</code></a>
fix lockfileVersion (<a
href="https://redirect.github.com/actions/setup-go/issues/349">#349</a>)</li>
<li><a
href="c51a720768"><code>c51a720</code></a>
Enable caching by default with default input (<a
href="https://redirect.github.com/actions/setup-go/issues/332">#332</a>)</li>
<li><a
href="6b848af622"><code>6b848af</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-go/issues/343">#343</a>
from akv-platform/reusable-workflow</li>
<li><a
href="12741cc209"><code>12741cc</code></a>
Format update-config-files.yml</li>
<li><a
href="7a77a6aab6"><code>7a77a6a</code></a>
Merge branch 'main' into reusable-workflow</li>
<li><a
href="42a0cc8e14"><code>42a0cc8</code></a>
Add update-config-files.yml</li>
<li><a
href="7406d654ad"><code>7406d65</code></a>
Add and configure ESLint and update configuration for Prettier (<a
href="https://redirect.github.com/actions/setup-go/issues/341">#341</a>)</li>
<li>Additional commits viewable in <a
href="6edd4406fa...4d34df0c23">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-go&package-manager=github_actions&previous-version=3.5.0&new-version=4.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
 2023-03-17 00:40:25 -03:00
dependabot[bot]
5773f1a246
chore(deps): bump actions/checkout from 3.3.0 to 3.4.0 (#3872) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0
to 3.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v3.4.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgrade codeql actions to v2 by <a
href="https://github.com/Link"><code>@​Link</code></a>- in <a
href="https://redirect.github.com/actions/checkout/pull/1209">actions/checkout#1209</a></li>
<li>Upgrade dependencies by <a
href="https://github.com/Link"><code>@​Link</code></a>- in <a
href="https://redirect.github.com/actions/checkout/pull/1210">actions/checkout#1210</a></li>
<li>Backfill changelog and bump actions/io by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1225">actions/checkout#1225</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Link"><code>@​Link</code></a>- made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1209">actions/checkout#1209</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v3.3.0...v3.4.0">https://github.com/actions/checkout/compare/v3.3.0...v3.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v3.4.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade
codeql actions to v2</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade
dependencies</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade
<code>@​actions/io</code></a></li>
</ul>
<h2>v3.3.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1045">Implement
branch list using callbacks from exec function</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1050">Add
in explicit reference to private checkout options</a></li>
<li>[Fix comment typos (that got added in <a
href="https://redirect.github.com/actions/checkout/issues/770">#770</a>)](<a
href="https://redirect.github.com/actions/checkout/pull/1057">actions/checkout#1057</a>)</li>
</ul>
<h2>v3.2.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/942">Add
GitHub Action to perform release</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/967">Fix
status badge</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1002">Replace
datadog/squid with ubuntu/squid Docker image</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/964">Wrap
pipeline commands for submoduleForeach in quotes</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1029">Update
<code>@​actions/io</code> to 1.1.2</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1039">Upgrading
version to 3.2.0</a></li>
</ul>
<h2>v3.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/939">Use
<code>@​actions/core</code> <code>saveState</code> and
<code>getState</code></a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/922">Add
<code>github-server-url</code> input</a></li>
</ul>
<h2>v3.0.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/770">Add
input <code>set-safe-directory</code></a></li>
</ul>
<h2>v3.0.1</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/762">Fixed an
issue where checkout failed to run in container jobs due to the new git
setting <code>safe.directory</code></a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/744">Bumped
various npm package versions</a></li>
</ul>
<h2>v3.0.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/689">Update to
node 16</a></li>
</ul>
<h2>v2.3.1</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/284">Fix
default branch resolution for .wiki and when using SSH</a></li>
</ul>
<h2>v2.3.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/278">Fallback to
the default branch</a></li>
</ul>
<h2>v2.2.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/258">Fetch all
history for all tags and branches when fetch-depth=0</a></li>
</ul>
<h2>v2.1.1</h2>
<ul>
<li>Changes to support GHES (<a
href="https://redirect.github.com/actions/checkout/pull/236">here</a>
and <a
href="https://redirect.github.com/actions/checkout/pull/248">here</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="24cb908017"><code>24cb908</code></a>
Bump <code>@​actions/io</code> to v1.1.3 (<a
href="https://redirect.github.com/actions/checkout/issues/1225">#1225</a>)</li>
<li><a
href="27135e314d"><code>27135e3</code></a>
Upgrade dependencies (<a
href="https://redirect.github.com/actions/checkout/issues/1210">#1210</a>)</li>
<li><a
href="7b187184d1"><code>7b18718</code></a>
Upgrade codeql actions to v2 (<a
href="https://redirect.github.com/actions/checkout/issues/1209">#1209</a>)</li>
<li>See full diff in <a
href="ac59398561...24cb908017">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=3.3.0&new-version=3.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-17 00:11:19 -03:00
dependabot[bot]
6341c3d0dc
chore(deps): bump docker/setup-buildx-action from 2.4.1 to 2.5.0 (#3865) 
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 2.4.1 to 2.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.5.0</h2>
<ul>
<li><code>cleanup</code> input to remove builder and temp files by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/213">docker/setup-buildx-action#213</a></li>
<li>do not remove builder using the <code>docker</code> driver by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/218">docker/setup-buildx-action#218</a></li>
<li>fix current context as builder name for <code>docker</code> driver
by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a>
in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/209">docker/setup-buildx-action#209</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.4.1...v2.5.0">https://github.com/docker/setup-buildx-action/compare/v2.4.1...v2.5.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4b4e9c3e2d"><code>4b4e9c3</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/216">#216</a>
from awendland/patch-1</li>
<li><a
href="eb27bcbef3"><code>eb27bcb</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/218">#218</a>
from crazy-max/fix-builder-removal</li>
<li><a
href="b7471d4240"><code>b7471d4</code></a>
update generated content</li>
<li><a
href="e2df91e851"><code>e2df91e</code></a>
check builder exists before removal</li>
<li><a
href="85ce96bcbc"><code>85ce96b</code></a>
do not remove builder using the docker driver</li>
<li><a
href="f549413411"><code>f549413</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/217">#217</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="99988698a5"><code>9998869</code></a>
update generated content</li>
<li><a
href="e30725c029"><code>e30725c</code></a>
Bump <code>@​docker/actions-toolkit</code> from 0.1.0-beta.16 to
0.1.0-beta.18</li>
<li><a
href="f1dc97ee10"><code>f1dc97e</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/213">#213</a>
from crazy-max/cleanup-input</li>
<li><a
href="51ecd0a47f"><code>51ecd0a</code></a>
nit typo in README.md, csv is comma-delimited</li>
<li>Additional commits viewable in <a
href="f03ac48505...4b4e9c3e2d">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=2.4.1&new-version=2.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-13 09:25:22 -03:00
Carlos Alexandro Becker
dd1315b0a7
fix(GO-2023-1621): update from go 1.20.1 to 1.20.2 (#3854) 2023-03-09 08:24:20 -03:00
dependabot[bot]
008d43d72b
chore(deps): bump sigstore/cosign-installer from 2.8.1 to 3.0.1 (#3818) 
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 2.8.1 to 3.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>make cosign v2.0.0 default version by <a
href="https://github.com/developer-guy"><code>@​developer-guy</code></a>
in <a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/109">sigstore/cosign-installer#109</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3.0.0...v3.0.1">https://github.com/sigstore/cosign-installer/compare/v3.0.0...v3.0.1</a></p>
<h2>v3.0.0</h2>
<h1>Breaking change</h1>
<p>Cosign v2 has some breaking changes. Please check those: <a
href="https://blog.sigstore.dev/cosign-2-0-released/">https://blog.sigstore.dev/cosign-2-0-released/</a></p>
<h2>What's Changed</h2>
<ul>
<li>test: add logs when downloading the public keys by <a
href="https://github.com/hectorj2f"><code>@​hectorj2f</code></a> in <a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/106">sigstore/cosign-installer#106</a></li>
<li>Add support to install v2 and any other cosign release candidate by
<a href="https://github.com/hectorj2f"><code>@​hectorj2f</code></a> in
<a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/105">sigstore/cosign-installer#105</a></li>
<li>v2.0.0 release by <a
href="https://github.com/sabre1041"><code>@​sabre1041</code></a> in <a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/108">sigstore/cosign-installer#108</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/hectorj2f"><code>@​hectorj2f</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/106">sigstore/cosign-installer#106</a></li>
<li><a href="https://github.com/sabre1041"><code>@​sabre1041</code></a>
made their first contribution in <a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/108">sigstore/cosign-installer#108</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v2...v3.0.0">https://github.com/sigstore/cosign-installer/compare/v2...v3.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c3667d9942"><code>c3667d9</code></a>
make cosign v2.0.0 default version (<a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/109">#109</a>)</li>
<li><a
href="77560e399f"><code>77560e3</code></a>
v2.0.0 release (<a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/108">#108</a>)</li>
<li><a
href="4079ad3567"><code>4079ad3</code></a>
Bump actions/checkout from 3.2.0 to 3.3.0 (<a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/107">#107</a>)</li>
<li><a
href="55fd288876"><code>55fd288</code></a>
Add support to install v2 and any other cosign release candidate (<a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/105">#105</a>)</li>
<li><a
href="651c379c48"><code>651c379</code></a>
test: add logs when downloading the public keys (<a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/106">#106</a>)</li>
<li><a
href="df6c89e679"><code>df6c89e</code></a>
Bump actions/checkout from 3.1.0 to 3.2.0 (<a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/102">#102</a>)</li>
<li><a
href="31f26445bf"><code>31f2644</code></a>
Bump actions/setup-go from 3.4.0 to 3.5.0 (<a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/103">#103</a>)</li>
<li><a
href="b6757d8360"><code>b6757d8</code></a>
Bump actions/setup-go from 3.3.1 to 3.4.0 (<a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/101">#101</a>)</li>
<li><a
href="7bca8b4116"><code>7bca8b4</code></a>
Bump actions/setup-go from 3.3.0 to 3.3.1 (<a
href="https://github-redirect.dependabot.com/sigstore/cosign-installer/issues/99">#99</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/v2.8.1...v3.0.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=2.8.1&new-version=3.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-02 09:36:26 -03:00
Carlos A Becker
6d3eb57c7a
fix: update to go 1.20.1 2023-02-17 10:44:02 -03:00
dependabot[bot]
9da9f78537
chore(deps): bump docker/setup-buildx-action from 2.4.0 to 2.4.1 (#3762) 2023-02-07 14:07:51 +00:00
Carlos A Becker
b0783c7401
build: run test on any workflow change 
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
 2023-02-07 09:48:26 -03:00
Carlos A Becker
addd7c4ceb
build: fix workflow syntax 
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
 2023-02-07 09:44:33 -03:00
Carlos Alexandro Becker
81914757da
build: use go1.20 (#3757) 
update everything to go 1.20

---------

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-02-05 13:39:39 -03:00