Bumps [arduino/setup-task](https://github.com/arduino/setup-task) from
1.0.3 to 2.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/arduino/setup-task/releases">arduino/setup-task's
releases</a>.</em></p>
<blockquote>
<h2>2.0.0</h2>
<h2>Migration Guide</h2>
<p>The version of the <a
href="https://nodejs.org/en/about"><strong>Node.js</strong></a> runtime
used to execute the action has been updated from 16 to 20. This could be
a breaking change for certain GitHub Actions workflows.</p>
<p>If a workflow with dependency on the
<strong>arduino/setup-task</strong> action uses only <a
href="https://docs.github.com/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners">GitHub-hosted
GitHub Actions runners</a>, no changes are required.</p>
<p>If the workflow uses a <a
href="https://docs.github.com/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners">self-hosted
runner</a>, the workflow run might fail after updating
<strong>arduino/setup-task</strong>:</p>
<pre lang="text"><code>Error: System.ArgumentOutOfRangeException:
Specified argument was out of the range of valid values. (Parameter
''using: node20' is not supported, use 'docker', 'node12' or 'node16'
instead.')
at
GitHub.Runner.Worker.ActionManifestManager.ConvertRuns(IExecutionContext
executionContext, TemplateContext templateContext, TemplateToken
inputsToken, String fileRelativePath, MappingToken outputs)
at GitHub.Runner.Worker.ActionManifestManager.Load(IExecutionContext
executionContext, String manifestFile)
Error: Fail to load arduino/setup-task/v2/action.yml
</code></pre>
<p>This means an older runner version that does not provide Node.js 20.x
is installed on the runner machine and you must update the runner
version.</p>
<h2>Changelog</h2>
<h4>Breaking</h4>
<ul>
<li>Update Node.js runtime for action from 16 to 20 (<a
href="https://redirect.github.com/arduino/setup-task/issues/919">#919</a>)</li>
</ul>
<h4>Enhancement</h4>
<ul>
<li><a
href="https://github.com/arduino/compile-sketches/pulls?q=merged%3A2023-01-31..2024-02-05+author%3Aapp%2Fdependabot">Various
dependency updates</a></li>
</ul>
<h2>Full Changeset</h2>
<p><a
href="https://github.com/arduino/setup-task/compare/1.0.3...2.0.0">https://github.com/arduino/setup-task/compare/1.0.3...2.0.0</a></p>
<h2>Contributors</h2>
<ul>
<li><a href="https://github.com/gdraynz"><code>@gdraynz</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b91d5d2c96"><code>b91d5d2</code></a>
update readme (<a
href="https://redirect.github.com/arduino/setup-task/issues/929">#929</a>)</li>
<li><a
href="f2514b0e1c"><code>f2514b0</code></a>
Bump node from 16 to 20 (<a
href="https://redirect.github.com/arduino/setup-task/issues/919">#919</a>)</li>
<li><a
href="2007903d11"><code>2007903</code></a>
Merge pull request <a
href="https://redirect.github.com/arduino/setup-task/issues/928">#928</a>
from arduino/dependabot/npm_and_yarn/prettier-3.2.5</li>
<li><a
href="3f2ef95f2f"><code>3f2ef95</code></a>
build(deps-dev): bump prettier from 3.2.2 to 3.2.5</li>
<li><a
href="88d658bbef"><code>88d658b</code></a>
Merge pull request <a
href="https://redirect.github.com/arduino/setup-task/issues/927">#927</a>
from arduino/dependabot/npm_and_yarn/types/node-16.18.79</li>
<li><a
href="b79a1c3f82"><code>b79a1c3</code></a>
build(deps-dev): bump <code>@types/node</code> from 16.18.78 to
16.18.79</li>
<li><a
href="5abddba872"><code>5abddba</code></a>
Merge pull request <a
href="https://redirect.github.com/arduino/setup-task/issues/926">#926</a>
from arduino/dependabot/npm_and_yarn/types/node-16.18.78</li>
<li><a
href="b3e99c0fa2"><code>b3e99c0</code></a>
build(deps-dev): bump <code>@types/node</code> from 16.18.76 to
16.18.78</li>
<li><a
href="4145542cd7"><code>4145542</code></a>
Merge pull request <a
href="https://redirect.github.com/arduino/setup-task/issues/924">#924</a>
from arduino/dependabot/npm_and_yarn/typescript-eslin...</li>
<li><a
href="10406e6d87"><code>10406e6</code></a>
build(deps-dev): bump <code>@typescript-eslint/parser</code> from
6.19.1 to 6.20.0</li>
<li>Additional commits viewable in <a
href="e26d897557...b91d5d2c96">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.6 to 0.15.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.7</h2>
<h2>Changes in v0.15.7</h2>
<ul>
<li>chore: migrate action to use node v20.11.0 (Iron) FROM node v16.x.x
(<a
href="https://redirect.github.com/anchore/sbom-action/issues/440">#440</a>)
[<a href="https://github.com/spiffcs">spiffcs</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="767b08fd88"><code>767b08f</code></a>
chore: migrate action from 16 -> 20 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/440">#440</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.6...v0.15.7">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.5 to 0.15.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.6</h2>
<h2>Changes in v0.15.6</h2>
<ul>
<li>chore(deps): update Syft to v0.102.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/438">#438</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c6aed38a43"><code>c6aed38</code></a>
chore(deps): update Syft to v0.102.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/438">#438</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.5...v0.15.6">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.4 to 0.15.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.5</h2>
<h2>Changes in v0.15.5</h2>
<ul>
<li>chore(deps): update Syft to v0.101.1 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/437">#437</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="24b0d52385"><code>24b0d52</code></a>
chore(deps): update Syft to v0.101.1 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/437">#437</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.4...v0.15.5">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/cache](https://github.com/actions/cache) from 3.3.3 to
4.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update action to node20 by <a
href="https://github.com/takost"><code>@takost</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1284">actions/cache#1284</a></li>
<li>feat: save-always flag by <a
href="https://github.com/to-s"><code>@to-s</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1242">actions/cache#1242</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/takost"><code>@takost</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1284">actions/cache#1284</a></li>
<li><a href="https://github.com/to-s"><code>@to-s</code></a> made their
first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1242">actions/cache#1242</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v4.0.0">https://github.com/actions/cache/compare/v3...v4.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>3.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -> node
16</li>
</ul>
<h3>3.0.1</h3>
<ul>
<li>Added support for caching from GHES 3.5.</li>
<li>Fixed download issue for files > 2GB during restore.</li>
</ul>
<h3>3.0.2</h3>
<ul>
<li>Added support for dynamic cache size cap on GHES.</li>
</ul>
<h3>3.0.3</h3>
<ul>
<li>Fixed avoiding empty cache save when no files are available for
caching. (<a
href="https://redirect.github.com/actions/cache/issues/624">issue</a>)</li>
</ul>
<h3>3.0.4</h3>
<ul>
<li>Fixed tar creation error while trying to create tar with path as
<code>~/</code> home folder on <code>ubuntu-latest</code>. (<a
href="https://redirect.github.com/actions/cache/issues/689">issue</a>)</li>
</ul>
<h3>3.0.5</h3>
<ul>
<li>Removed error handling by consuming actions/cache 3.0 toolkit, Now
cache server error handling will be done by toolkit. (<a
href="https://redirect.github.com/actions/cache/pull/834">PR</a>)</li>
</ul>
<h3>3.0.6</h3>
<ul>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/809">#809</a> -
zstd -d: no such file or directory error</li>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/833">#833</a> -
cache doesn't work with github workspace directory</li>
</ul>
<h3>3.0.7</h3>
<ul>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/810">#810</a> -
download stuck issue. A new timeout is introduced in the download
process to abort the download if it gets stuck and doesn't finish within
an hour.</li>
</ul>
<h3>3.0.8</h3>
<ul>
<li>Fix zstd not working for windows on gnu tar in issues <a
href="https://redirect.github.com/actions/cache/issues/888">#888</a> and
<a
href="https://redirect.github.com/actions/cache/issues/891">#891</a>.</li>
<li>Allowing users to provide a custom timeout as input for aborting
download of a cache segment using an environment variable
<code>SEGMENT_DOWNLOAD_TIMEOUT_MINS</code>. Default is 60 minutes.</li>
</ul>
<h3>3.0.9</h3>
<ul>
<li>Enhanced the warning message for cache unavailablity in case of
GHES.</li>
</ul>
<h3>3.0.10</h3>
<ul>
<li>Fix a bug with sorting inputs.</li>
<li>Update definition for restore-keys in README.md</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="13aacd865c"><code>13aacd8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1242">#1242</a>
from to-s/main</li>
<li><a
href="53b35c5439"><code>53b35c5</code></a>
Merge branch 'main' into main</li>
<li><a
href="65b8989fab"><code>65b8989</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1284">#1284</a>
from takost/update-to-node-20</li>
<li><a
href="d0be34d544"><code>d0be34d</code></a>
Fix dist</li>
<li><a
href="66cf064d47"><code>66cf064</code></a>
Merge branch 'main' into update-to-node-20</li>
<li><a
href="1326563738"><code>1326563</code></a>
Merge branch 'main' into main</li>
<li><a
href="e71876755e"><code>e718767</code></a>
Fix format</li>
<li><a
href="01229828ff"><code>0122982</code></a>
Apply workaround for earlyExit</li>
<li><a
href="3185ecfd61"><code>3185ecf</code></a>
Update "only-" actions to node20</li>
<li><a
href="25618a0a67"><code>25618a0</code></a>
Bump version</li>
<li>Additional commits viewable in <a
href="e12d46a63a...13aacd865c">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.2 to 0.15.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.3</h2>
<h2>Changes in v0.15.3</h2>
<ul>
<li>chore(deps): update Syft to v0.100.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/435">#435</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c7f031d924"><code>c7f031d</code></a>
chore(deps): update Syft to v0.100.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/435">#435</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.2...v0.15.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.1 to 0.15.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.2</h2>
<h2>Changes in v0.15.2</h2>
<ul>
<li>chore(deps): update Syft to v0.99.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/432">#432</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
<li>chore: fix github-script invocation in update-snapshots workflow (<a
href="https://redirect.github.com/anchore/sbom-action/issues/433">#433</a>)
[<a href="https://github.com/willmurphyscode">willmurphyscode</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="719133684c"><code>7191336</code></a>
chore(deps): update Syft to v0.99.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/432">#432</a>)</li>
<li><a
href="b05b28be1a"><code>b05b28b</code></a>
chore: fix github-script invocation (<a
href="https://redirect.github.com/anchore/sbom-action/issues/433">#433</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.1...v0.15.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[cachix/install-nix-action](https://github.com/cachix/install-nix-action)
from 23 to 24.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cachix/install-nix-action/releases">cachix/install-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>install-nix-action-v24</h2>
<ul>
<li>Nix 2.19.1</li>
<li>enables KVM on linux</li>
<li>set <code>TMPDIR</code> to avoid potential disk space issues</li>
<li>don't use the default GitHub token for Enterprise</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7ac1ec2549"><code>7ac1ec2</code></a>
Nix 2.19.1</li>
<li><a
href="dc33a216cb"><code>dc33a21</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/200">#200</a>
from cachix/fix/196</li>
<li><a
href="2b90cd3130"><code>2b90cd3</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/202">#202</a>
from cachix/feature/kvm</li>
<li><a
href="fe19c91c6b"><code>fe19c91</code></a>
feat: enable KVM on Linux if available</li>
<li><a
href="a56e3a8089"><code>a56e3a8</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/199">#199</a>
from jalaziz/tempdir</li>
<li><a
href="81eb746179"><code>81eb746</code></a>
Update install-nix.sh</li>
<li><a
href="97a1be3c09"><code>97a1be3</code></a>
fix: don't use the default GitHub token for Enterprise</li>
<li><a
href="2cce1fd76b"><code>2cce1fd</code></a>
fix: Set TMPDIR to avoid disk space issues</li>
<li><a
href="300721fe01"><code>300721f</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/193">#193</a>
from cachix/dependabot/github_actions/actions/checkout-4</li>
<li><a
href="fe6788c5de"><code>fe6788c</code></a>
chore(deps): bump actions/checkout from 3 to 4</li>
<li>See full diff in <a
href="https://github.com/cachix/install-nix-action/compare/v23...v24">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[docker/setup-qemu-action](https://github.com/docker/setup-qemu-action)
from 2.2.0 to 3.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-qemu-action/releases">docker/setup-qemu-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<ul>
<li>Node 20 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions
Runner v2.308.0</a> or later) by <a
href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/102">docker/setup-qemu-action#102</a></li>
<li>Bump <code>@actions/core</code> from 1.10.0 to 1.10.1 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/103">docker/setup-qemu-action#103</a></li>
<li>Bump semver from 6.3.0 to 6.3.1 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/89">docker/setup-qemu-action#89</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-qemu-action/compare/v2.2.0...v3.0.0">https://github.com/docker/setup-qemu-action/compare/v2.2.0...v3.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="68827325e0"><code>6882732</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/103">#103</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.1</li>
<li><a
href="183f4af504"><code>183f4af</code></a>
chore: update generated content</li>
<li><a
href="f17493529e"><code>f174935</code></a>
build(deps): bump <code>@actions/core</code> from 1.10.0 to 1.10.1</li>
<li><a
href="2e423eb500"><code>2e423eb</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/89">#89</a>
from docker/dependabot/npm_and_yarn/semver-6.3.1</li>
<li><a
href="ecc406afa7"><code>ecc406a</code></a>
Bump semver from 6.3.0 to 6.3.1</li>
<li><a
href="12dec5e201"><code>12dec5e</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/102">#102</a>
from crazy-max/update-node20</li>
<li><a
href="c29b312130"><code>c29b312</code></a>
chore: node 20 as default runtime</li>
<li><a
href="34ae628c8f"><code>34ae628</code></a>
chore: update generated content</li>
<li><a
href="1f3d2e1ac0"><code>1f3d2e1</code></a>
chore: fix author in package.json</li>
<li><a
href="277dbe8c9c"><code>277dbe8</code></a>
vendor: bump <code>@docker/actions-toolkit</code> from 0.3.0 to
0.12.0</li>
<li>Additional commits viewable in <a
href="2b82ce82d5...68827325e0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 2.10.0 to 3.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<ul>
<li>Node 20 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions
Runner v2.308.0</a> or later) by <a
href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/264">docker/setup-buildx-action#264</a></li>
<li>Bump <code>@actions/core</code> from 1.10.0 to 1.10.1 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/267">docker/setup-buildx-action#267</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.10.0...v3.0.0">https://github.com/docker/setup-buildx-action/compare/v2.10.0...v3.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f95db51fdd"><code>f95db51</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/267">#267</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.1</li>
<li><a
href="998a87c2c1"><code>998a87c</code></a>
chore: update generated content</li>
<li><a
href="28bae59336"><code>28bae59</code></a>
build(deps): bump <code>@actions/core</code> from 1.10.0 to 1.10.1</li>
<li><a
href="c215341715"><code>c215341</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/264">#264</a>
from crazy-max/update-node20</li>
<li><a
href="02e9319239"><code>02e9319</code></a>
chore: node 20 as default runtime</li>
<li><a
href="5c9160effc"><code>5c9160e</code></a>
chore: update generated content</li>
<li><a
href="1283140f57"><code>1283140</code></a>
chore: fix author in package.json</li>
<li><a
href="c6afe06e4a"><code>c6afe06</code></a>
vendor: bump <code>@docker/actions-toolkit</code> from 0.10.0 to
0.12.0</li>
<li><a
href="f35e0d5a04"><code>f35e0d5</code></a>
chore: update dev dependencies</li>
<li><a
href="baeb468fb2"><code>baeb468</code></a>
dev: remove unneeded binaries</li>
<li>Additional commits viewable in <a
href="885d1462b8...f95db51fdd">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [docker/login-action](https://github.com/docker/login-action) from
2.2.0 to 3.0.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="343f7c4344"><code>343f7c4</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/599">#599</a>
from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li>
<li><a
href="aad0f974f2"><code>aad0f97</code></a>
chore: update generated content</li>
<li><a
href="2e0cd39144"><code>2e0cd39</code></a>
build(deps): bump the aws-sdk-dependencies group with 2 updates</li>
<li><a
href="203bc9c4ef"><code>203bc9c</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/588">#588</a>
from docker/dependabot/npm_and_yarn/proxy-agent-depen...</li>
<li><a
href="2199648fc8"><code>2199648</code></a>
chore: update generated content</li>
<li><a
href="b489376173"><code>b489376</code></a>
build(deps): bump the proxy-agent-dependencies group with 1 update</li>
<li><a
href="7c309e74e6"><code>7c309e7</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/598">#598</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.1</li>
<li><a
href="0ccf222961"><code>0ccf222</code></a>
chore: update generated content</li>
<li><a
href="56d703e106"><code>56d703e</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/597">#597</a>
from docker/dependabot/github_actions/aws-actions/con...</li>
<li><a
href="24d3b3519e"><code>24d3b35</code></a>
build(deps): bump <code>@actions/core</code> from 1.10.0 to 1.10.1</li>
<li>Additional commits viewable in <a
href="465a07811f...343f7c4344">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[cachix/install-nix-action](https://github.com/cachix/install-nix-action)
from 22 to 23.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cachix/install-nix-action/releases">cachix/install-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>install-nix-action-v23</h2>
<ul>
<li>always show Nix trace</li>
<li>Nix 2.17</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6a9a9e84a1"><code>6a9a9e8</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/192">#192</a>
from grahamc/patch-1</li>
<li><a
href="4509d84f10"><code>4509d84</code></a>
Update to Nix 2.17.0</li>
<li><a
href="5cfd5166ea"><code>5cfd516</code></a>
bump</li>
<li><a
href="e02ea8c42e"><code>e02ea8c</code></a>
Fix links to nix.dev</li>
<li><a
href="fffc90f426"><code>fffc90f</code></a>
always show trace</li>
<li>See full diff in <a
href="https://github.com/cachix/install-nix-action/compare/v22...v23">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 2.9.1 to 2.10.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.10.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump <code>@docker/actions-toolkit</code> from 0.7.1 to 0.10.0 by
<a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/258">docker/setup-buildx-action#258</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/253">docker/setup-buildx-action#253</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.9.1...v2.10.0">https://github.com/docker/setup-buildx-action/compare/v2.9.1...v2.10.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="885d1462b8"><code>885d146</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/258">#258</a>
from crazy-max/update-toolkit</li>
<li><a
href="e5fad018d0"><code>e5fad01</code></a>
ci: check lab releases</li>
<li><a
href="45161fd92a"><code>45161fd</code></a>
update generated content</li>
<li><a
href="a4d51f53dd"><code>a4d51f5</code></a>
bump <code>@docker/actions-toolkit</code> from 0.7.1 to 0.10.0</li>
<li><a
href="93b8ecaa2c"><code>93b8eca</code></a>
ci: docker-ce packages are now installed on GitHub Runners</li>
<li><a
href="7703e82fbc"><code>7703e82</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/253">#253</a>
from docker/dependabot/npm_and_yarn/word-wrap-1.2.5</li>
<li><a
href="0005881963"><code>0005881</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/254">#254</a>
from crazy-max/rm-codeowners</li>
<li><a
href="b699069f49"><code>b699069</code></a>
chore: remove CODEOWNERS</li>
<li><a
href="9bfc5497b8"><code>9bfc549</code></a>
Bump word-wrap from 1.2.3 to 1.2.5</li>
<li><a
href="b92d4d8769"><code>b92d4d8</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/252">#252</a>
from crazy-max/dependabot-update</li>
<li>Additional commits viewable in <a
href="4c0219f9ac...885d1462b8">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 2.7.0 to 2.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.8.0</h2>
<ul>
<li>Only set specific flags for drivers supporting them by <a
href="https://github.com/nicks"><code>@nicks</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/241">docker/setup-buildx-action#241</a></li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.5.0 to 0.6.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/242">docker/setup-buildx-action#242</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.7.0...v2.8.0">https://github.com/docker/setup-buildx-action/compare/v2.7.0...v2.8.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="16c0bc4a6e"><code>16c0bc4</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/242">#242</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="ebcacb9c21"><code>ebcacb9</code></a>
update generated content</li>
<li><a
href="496a823b8b"><code>496a823</code></a>
Bump <code>@docker/actions-toolkit</code> from 0.5.0 to 0.6.0</li>
<li><a
href="a56031a493"><code>a56031a</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/241">#241</a>
from nicks/nicks/driver</li>
<li><a
href="922550f064"><code>922550f</code></a>
context: only append flags if we know the driver supports them</li>
<li>See full diff in <a
href="ecf95283f0...16c0bc4a6e">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.1.0 to 3.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.1</h2>
<h2>What's Changed</h2>
<ul>
<li>default cosign to v2.1.1 by <a
href="https://github.com/cpanato"><code>@cpanato</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/137">sigstore/cosign-installer#137</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1">https://github.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6e04d228eb"><code>6e04d22</code></a>
default cosign to v2.1.1 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/137">#137</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/v3.1.0...v3.1.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[cachix/install-nix-action](https://github.com/cachix/install-nix-action)
from 21 to 22.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cachix/install-nix-action/releases">cachix/install-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>install-nix-action-v22</h2>
<ul>
<li>Nix 2.16.1</li>
<li>Fix issues with System Integrity Protection when using macos-12</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6ed004b9cc"><code>6ed004b</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/184">#184</a>
from cachix/macos-bump</li>
<li><a
href="e27879448e"><code>e278794</code></a>
Nix: 2.15.1 -> 2.16.1</li>
<li><a
href="8ab3881720"><code>8ab3881</code></a>
use system certs</li>
<li><a
href="16b951426e"><code>16b9514</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/182">#182</a>
from l0b0/feat/configure-editors</li>
<li><a
href="2c203fd87b"><code>2c203fd</code></a>
feat: Configure editors</li>
<li>See full diff in <a
href="https://github.com/cachix/install-nix-action/compare/v21...v22">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 2.6.0 to 2.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v2.7.0</h2>
<ul>
<li>Bump <code>@docker/actions-toolkit</code> from 0.3.0 to 0.5.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/237">docker/setup-buildx-action#237</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/238">docker/setup-buildx-action#238</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.6.0...v2.7.0">https://github.com/docker/setup-buildx-action/compare/v2.6.0...v2.7.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ecf95283f0"><code>ecf9528</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/238">#238</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="b2a38ee0c6"><code>b2a38ee</code></a>
update generated content</li>
<li><a
href="7f79690cac"><code>7f79690</code></a>
Bump <code>@docker/actions-toolkit</code> from 0.4.0 to 0.5.0</li>
<li><a
href="bdd549bec0"><code>bdd549b</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/237">#237</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="be4a3855af"><code>be4a385</code></a>
update generated content</li>
<li><a
href="6c4dbb29f6"><code>6c4dbb2</code></a>
Bump <code>@docker/actions-toolkit</code> from 0.3.0 to 0.4.0</li>
<li>See full diff in <a
href="6a58db7e0d...ecf95283f0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[cachix/install-nix-action](https://github.com/cachix/install-nix-action)
from 20 to 21.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cachix/install-nix-action/releases">cachix/install-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>install-nix-action-v21</h2>
<ul>
<li>pin Nix to 2.15.1 (recent releases broke too many things)</li>
<li>fix the action to work on custom containers</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4b933aa7eb"><code>4b933aa</code></a>
Nix: 2.15.1</li>
<li><a
href="35806937f1"><code>3580693</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/179">#179</a>
from joergdw/fix-action-path</li>
<li><a
href="3eb7a24508"><code>3eb7a24</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/178">#178</a>
from cachix/docs/149</li>
<li><a
href="840ed7ce9a"><code>840ed7c</code></a>
Document how to pass env vars to modern nix commands</li>
<li><a
href="b2f4229533"><code>b2f4229</code></a>
Fix action to make it work on custom containers;</li>
<li><a
href="e304541747"><code>e304541</code></a>
fix <a
href="https://redirect.github.com/cachix/install-nix-action/issues/170">#170</a></li>
<li><a
href="3988b729f9"><code>3988b72</code></a>
pin Nix to 2.15.0</li>
<li><a
href="763a380571"><code>763a380</code></a>
Bump revision in README</li>
<li><a
href="67e9fd765d"><code>67e9fd7</code></a>
bump revision in readme</li>
<li><a
href="be4cef7b77"><code>be4cef7</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/166">#166</a>
from l0b0/refactor/linting</li>
<li>Additional commits viewable in <a
href="https://github.com/cachix/install-nix-action/compare/v20...v21">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
very, very, very WIP implementation of nixpkgs for GoReleaser.
**Decisions made for this first version:**
- only linux and darwin, arm64, 386 and amd64
- only support pkgs from goreleaser-generated archives
- no support to push into default nixpkgs repository
- no support to automatically add the _maybe_ new pkg to the root
`default.nix`
- the generated nixpkg will be rather verbose, which shouldn't be too
much of an issue as it is autogenerated anyway
**TODOs**:
- [x] macos universal binary support
- [x] custom pkg path (e.g. pkgs/misc/foo/bar/default.nix)
- [x] handle archives with a folder in them
- [x] add more options: postInstall, ??
**Will be handled in future versions**:
- [ ] archives.format=binary support
- [ ] compile from source
- [ ] PR-ing into nixpkgs
- [ ] armv6l-linux & armv7l-linux support
closes#3537
---------
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
dependabot[bot]
Carlos Alexandro Becker