go/goreleaser
go/goreleaser
1
0
Fork 0
mirror of https://github.com/goreleaser/goreleaser.git synced 2025-01-10 03:47:03 +02:00
Code Issues Releases Activity
5,516 Commits 8 Branches 558 Tags 41 MiB
cad01855d8
Commit Graph

484 Commits

Author SHA1 Message Date
dependabot[bot]
cad01855d8
chore(deps): bump docker/setup-buildx-action from 3.2.0 to 3.3.0 (#4770) 
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 3.2.0 to 3.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.3.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.19.0 to 0.20.0 by
<a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/307">docker/setup-buildx-action#307</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.2.0...v3.3.0">https://github.com/docker/setup-buildx-action/compare/v3.2.0...v3.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d70bba72b1"><code>d70bba7</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/307">#307</a>
from crazy-max/bump-toolkit</li>
<li><a
href="7638634cb7"><code>7638634</code></a>
chore: update generated content</li>
<li><a
href="c68420fe0b"><code>c68420f</code></a>
bump <code>@​docker/actions-toolkit</code> from 0.19.0 to 0.20.0</li>
<li>See full diff in <a
href="2b51285047...d70bba72b1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=3.2.0&new-version=3.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-08 10:12:02 -03:00
dependabot[bot]
74b7c1f387
chore(deps): bump codecov/codecov-action from 4.1.1 to 4.2.0 (#4752) 
Bumps
[codecov/codecov-action](https://github.com/codecov/codecov-action) from
4.1.1 to 4.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps): update deps by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1351">codecov/codecov-action#1351</a></li>
<li>feat: allow for authentication via OIDC token by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1330">codecov/codecov-action#1330</a></li>
<li>fix: use_oidc shoudl be required false by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1353">codecov/codecov-action#1353</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v4.1.1...v4.2.0">https://github.com/codecov/codecov-action/compare/v4.1.1...v4.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7afa10ed9b"><code>7afa10e</code></a>
fix: use_oidc shoudl be required false (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1353">#1353</a>)</li>
<li><a
href="d820d60619"><code>d820d60</code></a>
feat: allow for authentication via OIDC token (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1330">#1330</a>)</li>
<li><a
href="3a20752bdd"><code>3a20752</code></a>
chore(deps): update deps (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1351">#1351</a>)</li>
<li>See full diff in <a
href="c16abc29c9...7afa10ed9b">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.1.1&new-version=4.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-04 09:34:48 -03:00
Carlos Alexandro Becker
85cb59c1a0
build: simplify (#4748) 
simplify test scripts a bit

- remove tparse
- don't verbose test

Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
 2024-04-03 14:16:25 -03:00
Carlos Alexandro Becker
2eca3c2c8f
build: update generate workflow 2024-04-01 15:46:13 -03:00
dependabot[bot]
46b53353fc
chore(deps): bump codecov/codecov-action from 4.1.0 to 4.1.1 (#4726) 
Bumps
[codecov/codecov-action](https://github.com/codecov/codecov-action) from
4.1.0 to 4.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.1</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1315">codecov/codecov-action#1315</a></li>
<li>build(deps-dev): bump typescript from 5.3.3 to 5.4.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1319">codecov/codecov-action#1319</a></li>
<li>Removed mention of Mercurial by <a
href="https://github.com/drazisil-codecov"><code>@​drazisil-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1325">codecov/codecov-action#1325</a></li>
<li>build(deps): bump github/codeql-action from 3.24.6 to 3.24.7 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1332">codecov/codecov-action#1332</a></li>
<li>build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1331">codecov/codecov-action#1331</a></li>
<li>fix: force version by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1329">codecov/codecov-action#1329</a></li>
<li>build(deps-dev): bump typescript from 5.4.2 to 5.4.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1334">codecov/codecov-action#1334</a></li>
<li>build(deps): bump undici from 5.28.2 to 5.28.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1338">codecov/codecov-action#1338</a></li>
<li>build(deps): bump github/codeql-action from 3.24.7 to 3.24.9 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1341">codecov/codecov-action#1341</a></li>
<li>fix: typo in disable_safe_directory by <a
href="https://github.com/mkroening"><code>@​mkroening</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1343">codecov/codecov-action#1343</a></li>
<li>chore(release): 4.1.1 by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1344">codecov/codecov-action#1344</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/mkroening"><code>@​mkroening</code></a>
made their first contribution in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1343">codecov/codecov-action#1343</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v4.1.0...v4.1.1">https://github.com/codecov/codecov-action/compare/v4.1.0...v4.1.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md">codecov/codecov-action's
changelog</a>.</em></p>
<blockquote>
<h2>4.0.0-beta.2</h2>
<h3>Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/1085">#1085</a>
not adding -n if empty to do-upload command</li>
</ul>
<h2>4.0.0-beta.1</h2>
<p><code>v4</code> represents a move from the <a
href="https://github.com/codecov/uploader">universal uploader</a> to the
<a href="https://github.com/codecov/codecov-cli">Codecov CLI</a>.
Although this will unlock new features for our users, the CLI is not yet
at feature parity with the universal uploader.</p>
<h3>Breaking Changes</h3>
<ul>
<li>No current support for <code>aarch64</code> and <code>alpine</code>
architectures.</li>
<li>Tokenless uploading is unsuported</li>
<li>Various arguments to the Action have been removed</li>
</ul>
<h2>3.1.4</h2>
<h3>Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/967">#967</a>
Fix typo in README.md</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/971">#971</a>
fix: add back in working dir</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/969">#969</a>
fix: CLI option names for uploader</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/970">#970</a>
build(deps-dev): bump <code>@​types/node</code> from 18.15.12 to
18.16.3</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/979">#979</a>
build(deps-dev): bump <code>@​types/node</code> from 20.1.0 to
20.1.2</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/981">#981</a>
build(deps-dev): bump <code>@​types/node</code> from 20.1.2 to
20.1.4</li>
</ul>
<h2>3.1.3</h2>
<h3>Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/960">#960</a>
fix: allow for aarch64 build</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/957">#957</a>
build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/958">#958</a>
build(deps): bump openpgp from 5.7.0 to 5.8.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/959">#959</a>
build(deps-dev): bump <code>@​types/node</code> from 18.15.10 to
18.15.12</li>
</ul>
<h2>3.1.2</h2>
<h3>Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/718">#718</a>
Update README.md</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/851">#851</a>
Remove unsupported path_to_write_report argument</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/898">#898</a>
codeql-analysis.yml</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/901">#901</a>
Update README to contain correct information - inputs and negate
feature</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/955">#955</a>
fix: add in all the extra arguments for uploader</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/819">#819</a>
build(deps): bump openpgp from 5.4.0 to 5.5.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/835">#835</a>
build(deps): bump node-fetch from 3.2.4 to 3.2.10</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/840">#840</a>
build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/841">#841</a>
build(deps): bump <code>@​actions/core</code> from 1.9.1 to 1.10.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/843">#843</a>
build(deps): bump <code>@​actions/github</code> from 5.0.3 to 5.1.1</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/869">#869</a>
build(deps): bump node-fetch from 3.2.10 to 3.3.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/872">#872</a>
build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/879">#879</a>
build(deps): bump decode-uri-component from 0.2.0 to 0.2.2</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c16abc29c9"><code>c16abc2</code></a>
chore(release): 4.1.1 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1344">#1344</a>)</li>
<li><a
href="3e33441c19"><code>3e33441</code></a>
fix: typo in disable_safe_directory (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1343">#1343</a>)</li>
<li><a
href="85aacc9654"><code>85aacc9</code></a>
build(deps): bump github/codeql-action from 3.24.7 to 3.24.9 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1341">#1341</a>)</li>
<li><a
href="4ea9be0fa3"><code>4ea9be0</code></a>
build(deps): bump undici from 5.28.2 to 5.28.3 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1338">#1338</a>)</li>
<li><a
href="164fadeaa7"><code>164fade</code></a>
build(deps-dev): bump typescript from 5.4.2 to 5.4.3 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1334">#1334</a>)</li>
<li><a
href="4621ecce09"><code>4621ecc</code></a>
fix: force version (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1329">#1329</a>)</li>
<li><a
href="251ba34669"><code>251ba34</code></a>
build(deps): bump actions/checkout from 4.1.1 to 4.1.2 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1331">#1331</a>)</li>
<li><a
href="5a593a5341"><code>5a593a5</code></a>
build(deps): bump github/codeql-action from 3.24.6 to 3.24.7 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1332">#1332</a>)</li>
<li><a
href="a15c0e43ca"><code>a15c0e4</code></a>
Removed mention of Mercurial (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1325">#1325</a>)</li>
<li><a
href="8be6ba5782"><code>8be6ba5</code></a>
build(deps-dev): bump typescript from 5.3.3 to 5.4.2 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1319">#1319</a>)</li>
<li>Additional commits viewable in <a
href="54bcd8715e...c16abc29c9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.1.0&new-version=4.1.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-27 10:34:05 -03:00
dependabot[bot]
a022f43014
chore(deps): bump anchore/sbom-action from 0.15.9 to 0.15.10 (#4727) 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.9 to 0.15.10.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.10</h2>
<h2>Changes in v0.15.10</h2>
<ul>
<li>Update Syft to v1.1.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/454">#454</a>)</li>
<li>Bump Node to v20 on download-syft/publish-sbom actions (<a
href="https://redirect.github.com/anchore/sbom-action/issues/448">#448</a>)
[<a
href="https://github.com/ViacheslavKudinov">ViacheslavKudinov</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ab5d7b5f48"><code>ab5d7b5</code></a>
chore(deps): update Syft to v1.1.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/454">#454</a>)</li>
<li><a
href="6e7f9d716a"><code>6e7f9d7</code></a>
chore(deps): bump release-drafter/release-drafter from 5.25.0 to 6.0.0
(<a
href="https://redirect.github.com/anchore/sbom-action/issues/450">#450</a>)</li>
<li><a
href="2d906a3175"><code>2d906a3</code></a>
chore(deps): bump peter-evans/create-or-update-comment (<a
href="https://redirect.github.com/anchore/sbom-action/issues/452">#452</a>)</li>
<li><a
href="691c76237a"><code>691c762</code></a>
chore(deps): bump peter-evans/create-pull-request from 5.0.2 to 6.0.2
(<a
href="https://redirect.github.com/anchore/sbom-action/issues/453">#453</a>)</li>
<li><a
href="f0dafeffd3"><code>f0dafef</code></a>
chore(deps): bump actions/checkout from 4.1.1 to 4.1.2 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/451">#451</a>)</li>
<li><a
href="c6d7b2a66c"><code>c6d7b2a</code></a>
chore: add dependabot configuration for actions (<a
href="https://redirect.github.com/anchore/sbom-action/issues/449">#449</a>)</li>
<li><a
href="31e2bb2432"><code>31e2bb2</code></a>
chore(deps): update <code>@types/node</code> to Node 20 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/443">#443</a>)</li>
<li><a
href="670514f26a"><code>670514f</code></a>
chore: Bump Node to v20 on download-syft/publish-sbom actions (<a
href="https://redirect.github.com/anchore/sbom-action/issues/448">#448</a>)</li>
<li><a
href="a5afbb185c"><code>a5afbb1</code></a>
chore(deps): update Syft to v1.0.1 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/444">#444</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.9...v0.15.10">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anchore/sbom-action&package-manager=github_actions&previous-version=0.15.9&new-version=0.15.10)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-27 10:33:47 -03:00
dependabot[bot]
469e2ecac2
chore(deps): bump actions/cache from 4.0.1 to 4.0.2 (#4715) 
Bumps [actions/cache](https://github.com/actions/cache) from 4.0.1 to
4.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix <code>fail-on-cache-miss</code> not working by <a
href="https://github.com/cdce8p"><code>@​cdce8p</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1327">actions/cache#1327</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.0.1...v4.0.2">https://github.com/actions/cache/compare/v4.0.1...v4.0.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.0.2</h3>
<ul>
<li>Fixed restore <code>fail-on-cache-miss</code> not working.</li>
</ul>
<h3>4.0.1</h3>
<ul>
<li>Updated <code>isGhes</code> check</li>
</ul>
<h3>4.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -&gt; node
20</li>
</ul>
<h3>3.3.3</h3>
<ul>
<li>Updates <code>@​actions/cache</code> to v3.2.3 to fix accidental
mutated path arguments to <code>getCacheVersion</code> <a
href="https://redirect.github.com/actions/toolkit/pull/1378">actions/toolkit#1378</a></li>
<li>Additional audit fixes of npm package(s)</li>
</ul>
<h3>3.3.2</h3>
<ul>
<li>Fixes bug with Azure SDK causing blob downloads to get stuck.</li>
</ul>
<h3>3.3.1</h3>
<ul>
<li>Reduced segment size to 128MB and segment timeout to 10 minutes to
fail fast in case the cache download is stuck.</li>
</ul>
<h3>3.3.0</h3>
<ul>
<li>Added option to lookup cache without downloading it.</li>
</ul>
<h3>3.2.6</h3>
<ul>
<li>Fix zstd not being used after zstd version upgrade to 1.5.4 on
hosted runners.</li>
</ul>
<h3>3.2.5</h3>
<ul>
<li>Added fix to prevent from setting MYSYS environment variable
globally.</li>
</ul>
<h3>3.2.4</h3>
<ul>
<li>Added option to fail job on cache miss.</li>
</ul>
<h3>3.2.3</h3>
<ul>
<li>Support cross os caching on Windows as an opt-in feature.</li>
<li>Fix issue with symlink restoration on Windows for cross-os
caches.</li>
</ul>
<h3>3.2.2</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0c45773b62"><code>0c45773</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1327">#1327</a>
from cdce8p/fix-fail-on-cache-miss</li>
<li><a
href="8a55f839aa"><code>8a55f83</code></a>
Add test case for process exit</li>
<li><a
href="3884cace14"><code>3884cac</code></a>
Bump version</li>
<li><a
href="e29dad3e36"><code>e29dad3</code></a>
Fix fail-on-cache-miss not working</li>
<li>See full diff in <a
href="ab5e6d0c87...0c45773b62">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=4.0.1&new-version=4.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-20 10:49:49 -03:00
Carlos Alexandro Becker
03f6f85261
chore: update workflow-dispatch 2024-03-20 08:55:09 -03:00
dependabot[bot]
a3a8fd3ccf
chore(deps): bump docker/setup-buildx-action from 3.1.0 to 3.2.0 (#4700) 
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 3.1.0 to 3.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.2.0</h2>
<ul>
<li>Rename and align config inputs by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/303">docker/setup-buildx-action#303</a>
<ul>
<li><code>config</code> to <code>buildkitd-config</code></li>
<li><code>config-inline</code> to
<code>buildkitd-config-inline</code></li>
</ul>
</li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.17.0 to 0.19.0 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/302">docker/setup-buildx-action#302</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/306">docker/setup-buildx-action#306</a></li>
</ul>
<blockquote>
<p>[!NOTE]
<code>config</code> and <code>config-inline</code> input names are
deprecated and will be removed in next major release.</p>
</blockquote>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.1.0...v3.2.0">https://github.com/docker/setup-buildx-action/compare/v3.1.0...v3.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2b51285047"><code>2b51285</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/306">#306</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="0f00370563"><code>0f00370</code></a>
chore: update generated content</li>
<li><a
href="11c9683db9"><code>11c9683</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.18.0 to
0.19.0</li>
<li><a
href="56a16b8f2a"><code>56a16b8</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/303">#303</a>
from crazy-max/fix-inputs</li>
<li><a
href="c23f46eb91"><code>c23f46e</code></a>
chore: update generated content</li>
<li><a
href="f876da6242"><code>f876da6</code></a>
rename and align config inputs</li>
<li><a
href="b7cf918227"><code>b7cf918</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/304">#304</a>
from crazy-max/rm-docs-dir</li>
<li><a
href="0150f0ed7a"><code>0150f0e</code></a>
chore: remove docs dir</li>
<li><a
href="d89f1f9116"><code>d89f1f9</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/302">#302</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="12d65f6595"><code>12d65f6</code></a>
chore: update generated content</li>
<li>Additional commits viewable in <a
href="0d103c3126...2b51285047">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=3.1.0&new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-15 09:49:47 -03:00
dependabot[bot]
e1a33dc26d
chore(deps): bump docker/login-action from 3.0.0 to 3.1.0 (#4697) 
Bumps [docker/login-action](https://github.com/docker/login-action) from
3.0.0 to 3.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/login-action/releases">docker/login-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.0</h2>
<ul>
<li>build(deps): bump <code>@​babel/traverse</code> from 7.17.3 to
7.23.2 in <a
href="https://redirect.github.com/docker/login-action/pull/618">docker/login-action#618</a></li>
<li>build(deps): bump <code>@​docker/actions-toolkit</code> from 0.12.0
to 0.18.0 in <a
href="https://redirect.github.com/docker/login-action/pull/616">docker/login-action#616</a>
<a
href="https://redirect.github.com/docker/login-action/pull/636">docker/login-action#636</a>
<a
href="https://redirect.github.com/docker/login-action/pull/682">docker/login-action#682</a></li>
<li>build(deps): bump aws-sdk dependencies to 3.529.1 in <a
href="https://redirect.github.com/docker/login-action/pull/624">docker/login-action#624</a>
<a
href="https://redirect.github.com/docker/login-action/pull/685">docker/login-action#685</a></li>
<li>build(deps): bump http-proxy-agent to 7.0.2 in <a
href="https://redirect.github.com/docker/login-action/pull/676">docker/login-action#676</a></li>
<li>build(deps): bump https-proxy-agent to 7.0.4 in <a
href="https://redirect.github.com/docker/login-action/pull/676">docker/login-action#676</a></li>
<li>build(deps): bump undici from 5.26.5 to 5.28.3 in <a
href="https://redirect.github.com/docker/login-action/pull/677">docker/login-action#677</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v3.0.0...v3.1.0">https://github.com/docker/login-action/compare/v3.0.0...v3.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e92390c5fb"><code>e92390c</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/685">#685</a>
from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li>
<li><a
href="1e752e2293"><code>1e752e2</code></a>
chore: update generated content</li>
<li><a
href="51c60978b0"><code>51c6097</code></a>
build(deps): bump the aws-sdk-dependencies group with 2 updates</li>
<li><a
href="8f079fbb6c"><code>8f079fb</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/676">#676</a>
from docker/dependabot/npm_and_yarn/proxy-agent-depen...</li>
<li><a
href="16fa7681c3"><code>16fa768</code></a>
chore: update generated content</li>
<li><a
href="46d1619226"><code>46d1619</code></a>
build(deps): bump the proxy-agent-dependencies group with 2 updates</li>
<li><a
href="8c291c5677"><code>8c291c5</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/682">#682</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="ec726f409d"><code>ec726f4</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.14.0 to
0.18.0</li>
<li><a
href="5139682d94"><code>5139682</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/677">#677</a>
from docker/dependabot/npm_and_yarn/undici-5.28.3</li>
<li><a
href="6d4e2ba5df"><code>6d4e2ba</code></a>
chore: update generated content</li>
<li>Additional commits viewable in <a
href="343f7c4344...e92390c5fb">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/login-action&package-manager=github_actions&previous-version=3.0.0&new-version=3.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-14 09:37:40 -03:00
dependabot[bot]
298ae3c616
chore(deps): bump actions/checkout from 4.1.1 to 4.1.2 (#4689) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1
to 4.1.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.2</h2>
<p>We are investigating the following issue with this release and have
rolled-back the <code>v4</code> tag to point to <code>v4.1.1</code></p>
<ul>
<li><code>sparse-checkout</code> is not available on git versions prior
to 2.27.0 (see <a
href="https://redirect.github.com/actions/checkout/issues/1651">actions/checkout#1651</a>)</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code>
option is not present <a
href="https://github.com/dscho"><code>@​dscho</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li>
<li>Bump tough-cookie from 4.0.0 to 4.1.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1406">actions/checkout#1406</a></li>
<li>Bump <code>@​babel/traverse</code> from 7.20.5 to 7.24.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1642">actions/checkout#1642</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/jww3"><code>@​jww3</code></a> made their
first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1616">actions/checkout#1616</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4.1.1...v4.1.2">https://github.com/actions/checkout/compare/v4.1.1...v4.1.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v4.1.2</h2>
<ul>
<li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code>
option is not present <a
href="https://github.com/dscho"><code>@​dscho</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li>
</ul>
<h2>v4.1.1</h2>
<ul>
<li>Correct link to GitHub Docs by <a
href="https://github.com/peterbe"><code>@​peterbe</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li>
<li>Link to release page from what's new section by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li>
</ul>
<h2>v4.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add
support for partial checkout filters</a></li>
</ul>
<h2>v4.0.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1067">Support
fetching without the --progress option</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1436">Update to
node20</a></li>
</ul>
<h2>v3.6.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark
test scripts with Bash'isms to be run via Bash</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/579">Add
option to fetch tags even if fetch-depth &gt; 0</a></li>
</ul>
<h2>v3.5.3</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1196">Fix:
Checkout fail in self-hosted runners when faulty submodule are
checked-in</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix
typos found by codespell</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add
support for sparse checkouts</a></li>
</ul>
<h2>v3.5.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix
api endpoint for GHES</a></li>
</ul>
<h2>v3.5.1</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1246">Fix
slow checkout on Windows</a></li>
</ul>
<h2>v3.5.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1237">Add
new public key for known_hosts</a></li>
</ul>
<h2>v3.4.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade
codeql actions to v2</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade
dependencies</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade
<code>@​actions/io</code></a></li>
</ul>
<h2>v3.3.0</h2>
<ul>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1045">Implement
branch list using callbacks from exec function</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1050">Add
in explicit reference to private checkout options</a></li>
<li>[Fix comment typos (that got added in <a
href="https://redirect.github.com/actions/checkout/issues/770">#770</a>)](<a
href="https://redirect.github.com/actions/checkout/pull/1057">actions/checkout#1057</a>)</li>
</ul>
<h2>v3.2.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/942">Add
GitHub Action to perform release</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/967">Fix
status badge</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1002">Replace
datadog/squid with ubuntu/squid Docker image</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/964">Wrap
pipeline commands for submoduleForeach in quotes</a></li>
<li><a
href="https://redirect.github.com/actions/checkout/pull/1029">Update
<code>@​actions/io</code> to 1.1.2</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9bb56186c3"><code>9bb5618</code></a>
Prep for release of v4.1.2 (<a
href="https://redirect.github.com/actions/checkout/issues/1649">#1649</a>)</li>
<li><a
href="8eb1f6a495"><code>8eb1f6a</code></a>
Bump <code>@​babel/traverse</code> from 7.20.5 to 7.24.0 (<a
href="https://redirect.github.com/actions/checkout/issues/1642">#1642</a>)</li>
<li><a
href="556e4c3cb0"><code>556e4c3</code></a>
Bump tough-cookie from 4.0.0 to 4.1.3 (<a
href="https://redirect.github.com/actions/checkout/issues/1406">#1406</a>)</li>
<li><a
href="b32f140b0c"><code>b32f140</code></a>
Warn on attempts to publish <code>test-ubuntu-git</code> from non-main
branch. (<a
href="https://redirect.github.com/actions/checkout/issues/1623">#1623</a>)</li>
<li><a
href="2650dbd060"><code>2650dbd</code></a>
Give <code>test-ubuntu-git</code> its own <code>README</code> (<a
href="https://redirect.github.com/actions/checkout/issues/1620">#1620</a>)</li>
<li><a
href="aadec89964"><code>aadec89</code></a>
Explicitly disable sparse checkout unless asked for (<a
href="https://redirect.github.com/actions/checkout/issues/1598">#1598</a>)</li>
<li><a
href="df0bcddf6d"><code>df0bcdd</code></a>
Refine workflow for generating <code>test-ubuntu-git</code> (<a
href="https://redirect.github.com/actions/checkout/issues/1617">#1617</a>)</li>
<li><a
href="473055ba18"><code>473055b</code></a>
Create <code>test-ubuntu-git</code> Docker Container for Proxy Tests (<a
href="https://redirect.github.com/actions/checkout/issues/1616">#1616</a>)</li>
<li>See full diff in <a
href="b4ffde65f4...9bb56186c3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.1&new-version=4.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once it's up-to-date and CI passes on it,
as requested by @caarlos0.

[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-13 14:59:31 -03:00
Carlos Alexandro Becker
566e99ad73
feat: fig is being sunset, remove (#4694) 
see https://fig.io
 2024-03-13 08:50:40 -03:00
dependabot[bot]
e9048a807d
chore(deps): bump anchore/sbom-action from 0.15.8 to 0.15.9 (#4670) 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.8 to 0.15.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.9</h2>
<h2>Changes in v0.15.9</h2>
<ul>
<li>reduce syft debug level (<a
href="https://redirect.github.com/anchore/sbom-action/issues/446">#446</a>)
[<a href="https://github.com/kzantow">kzantow</a>]</li>
<li>update Syft to v0.105.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/442">#442</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9fece9e200"><code>9fece9e</code></a>
fix: reduce syft debug level (<a
href="https://redirect.github.com/anchore/sbom-action/issues/446">#446</a>)</li>
<li><a
href="f3355df2cc"><code>f3355df</code></a>
chore(deps): update Syft to v0.105.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/442">#442</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.8...v0.15.9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anchore/sbom-action&package-manager=github_actions&previous-version=0.15.8&new-version=0.15.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-08 13:40:10 -03:00
dependabot[bot]
b4f4fff0d7
chore(deps): bump withfig/push-to-fig-autocomplete-action from 1 to 2 (#4673) 
Bumps
[withfig/push-to-fig-autocomplete-action](https://github.com/withfig/push-to-fig-autocomplete-action)
from 1 to 2.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8cdbba836a"><code>8cdbba8</code></a>
Update dependencies and release 2.0.0 (<a
href="https://redirect.github.com/withfig/push-to-fig-autocomplete-action/issues/120">#120</a>)</li>
<li>See full diff in <a
href="https://github.com/withfig/push-to-fig-autocomplete-action/compare/v1...v2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=withfig/push-to-fig-autocomplete-action&package-manager=github_actions&previous-version=1&new-version=2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-08 13:27:12 -03:00
dependabot[bot]
eb36612c46
chore(deps): bump cachix/install-nix-action from 25 to 26 (#4676) 
Bumps
[cachix/install-nix-action](https://github.com/cachix/install-nix-action)
from 25 to 26.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cachix/install-nix-action/releases">cachix/install-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>v26</h2>
<p>Bump to Nix 2.20.5 to address CVE-2024-27297 /
GHSA-2ffj-w4mj-pg37.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8887e596b4"><code>8887e59</code></a>
Nix: 2.20.5</li>
<li><a
href="39a075cc21"><code>39a075c</code></a>
bump</li>
<li>See full diff in <a
href="https://github.com/cachix/install-nix-action/compare/v25...v26">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cachix/install-nix-action&package-manager=github_actions&previous-version=25&new-version=26)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-08 13:18:30 -03:00
dependabot[bot]
1325d43c32
chore(deps): bump actions/cache from 4.0.0 to 4.0.1 (#4662) 
Bumps [actions/cache](https://github.com/actions/cache) from 4.0.0 to
4.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README.md by <a
href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1304">actions/cache#1304</a></li>
<li>Update examples by <a
href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1305">actions/cache#1305</a></li>
<li>Update actions/cache publish flow by <a
href="https://github.com/bethanyj28"><code>@​bethanyj28</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1340">actions/cache#1340</a></li>
<li>Update <code>@​actions/cache</code> by <a
href="https://github.com/bethanyj28"><code>@​bethanyj28</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1341">actions/cache#1341</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1304">actions/cache#1304</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4...v4.0.1">https://github.com/actions/cache/compare/v4...v4.0.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.0.1</h3>
<ul>
<li>Updated <code>isGhes</code> check</li>
</ul>
<h3>4.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -&gt; node
20</li>
</ul>
<h3>3.3.3</h3>
<ul>
<li>Updates <code>@​actions/cache</code> to v3.2.3 to fix accidental
mutated path arguments to <code>getCacheVersion</code> <a
href="https://redirect.github.com/actions/toolkit/pull/1378">actions/toolkit#1378</a></li>
<li>Additional audit fixes of npm package(s)</li>
</ul>
<h3>3.3.2</h3>
<ul>
<li>Fixes bug with Azure SDK causing blob downloads to get stuck.</li>
</ul>
<h3>3.3.1</h3>
<ul>
<li>Reduced segment size to 128MB and segment timeout to 10 minutes to
fail fast in case the cache download is stuck.</li>
</ul>
<h3>3.3.0</h3>
<ul>
<li>Added option to lookup cache without downloading it.</li>
</ul>
<h3>3.2.6</h3>
<ul>
<li>Fix zstd not being used after zstd version upgrade to 1.5.4 on
hosted runners.</li>
</ul>
<h3>3.2.5</h3>
<ul>
<li>Added fix to prevent from setting MYSYS environment variable
globally.</li>
</ul>
<h3>3.2.4</h3>
<ul>
<li>Added option to fail job on cache miss.</li>
</ul>
<h3>3.2.3</h3>
<ul>
<li>Support cross os caching on Windows as an opt-in feature.</li>
<li>Fix issue with symlink restoration on Windows for cross-os
caches.</li>
</ul>
<h3>3.2.2</h3>
<ul>
<li>Reverted the changes made in 3.2.1 to use gnu tar and zstd by
default on windows.</li>
</ul>
<h3>3.2.1</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ab5e6d0c87"><code>ab5e6d0</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1341">#1341</a>
from bethanyj28/main</li>
<li><a
href="89c7d86c71"><code>89c7d86</code></a>
licensed cache</li>
<li><a
href="d2c84da363"><code>d2c84da</code></a>
update <code>@​actions/cache</code></li>
<li><a
href="37e7d4eb16"><code>37e7d4e</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1340">#1340</a>
from actions/bethanyj28/update-publish-flow</li>
<li><a
href="a18323f504"><code>a18323f</code></a>
add release action</li>
<li><a
href="a2ed59d39b"><code>a2ed59d</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1305">#1305</a>
from actions/yacaovsnc/update_examples</li>
<li><a
href="dc88ab52d7"><code>dc88ab5</code></a>
Update examples</li>
<li><a
href="1d78355196"><code>1d78355</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1304">#1304</a>
from actions/yacaovsnc/update_readme</li>
<li><a
href="c36458f13b"><code>c36458f</code></a>
Update README.md</li>
<li>See full diff in <a
href="13aacd865c...ab5e6d0c87">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=4.0.0&new-version=4.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-01 09:58:40 -03:00
dependabot[bot]
8c3bd81d5f
chore(deps): bump codecov/codecov-action from 4.0.1 to 4.1.0 (#4656) 
Bumps
[codecov/codecov-action](https://github.com/codecov/codecov-action) from
4.0.1 to 4.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: set safe directory by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1304">codecov/codecov-action#1304</a></li>
<li>build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1306">codecov/codecov-action#1306</a></li>
<li>build(deps-dev): bump eslint from 8.56.0 to 8.57.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1305">codecov/codecov-action#1305</a></li>
<li>chore(release): v4.1.0 by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1307">codecov/codecov-action#1307</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v4.0.2...v4.1.0">https://github.com/codecov/codecov-action/compare/v4.0.2...v4.1.0</a></p>
<h2>v4.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README.md by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1251">codecov/codecov-action#1251</a></li>
<li>build(deps-dev): bump <code>@​types/jest</code> from 29.5.11 to
29.5.12 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1257">codecov/codecov-action#1257</a></li>
<li>build(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1266">codecov/codecov-action#1266</a></li>
<li>Escape pipes in table of arguments by <a
href="https://github.com/jwodder"><code>@​jwodder</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1265">codecov/codecov-action#1265</a></li>
<li>Add link to docs on Dependabot secrets by <a
href="https://github.com/ianlewis"><code>@​ianlewis</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1260">codecov/codecov-action#1260</a></li>
<li>fix: working-directory input for all stages by <a
href="https://github.com/Bo98"><code>@​Bo98</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1272">codecov/codecov-action#1272</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/parser</code> from
6.20.0 to 6.21.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1271">codecov/codecov-action#1271</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code>
from 6.20.0 to 6.21.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1269">codecov/codecov-action#1269</a></li>
<li>build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1298">codecov/codecov-action#1298</a></li>
<li>Use updated syntax for GitHub Markdown notes by <a
href="https://github.com/jamacku"><code>@​jamacku</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1300">codecov/codecov-action#1300</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code>
from 6.21.0 to 7.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1290">codecov/codecov-action#1290</a></li>
<li>build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1286">codecov/codecov-action#1286</a></li>
<li>chore(release): bump to 4.0.2 by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1302">codecov/codecov-action#1302</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/jwodder"><code>@​jwodder</code></a> made
their first contribution in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1265">codecov/codecov-action#1265</a></li>
<li><a href="https://github.com/ianlewis"><code>@​ianlewis</code></a>
made their first contribution in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1260">codecov/codecov-action#1260</a></li>
<li><a href="https://github.com/Bo98"><code>@​Bo98</code></a> made their
first contribution in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1272">codecov/codecov-action#1272</a></li>
<li><a href="https://github.com/jamacku"><code>@​jamacku</code></a> made
their first contribution in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1300">codecov/codecov-action#1300</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v4.0.1...v4.0.2">https://github.com/codecov/codecov-action/compare/v4.0.1...v4.0.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="54bcd8715e"><code>54bcd87</code></a>
chore(release): v4.1.0 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1307">#1307</a>)</li>
<li><a
href="8ba77ef8d7"><code>8ba77ef</code></a>
build(deps-dev): bump eslint from 8.56.0 to 8.57.0 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1305">#1305</a>)</li>
<li><a
href="c60aa801e3"><code>c60aa80</code></a>
build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1306">#1306</a>)</li>
<li><a
href="2fc4847d3f"><code>2fc4847</code></a>
fix: set safe directory (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1304">#1304</a>)</li>
<li><a
href="0cfda1dd0a"><code>0cfda1d</code></a>
chore(release): bump to 4.0.2 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1302">#1302</a>)</li>
<li><a
href="7d3a55eb5e"><code>7d3a55e</code></a>
build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1286">#1286</a>)</li>
<li><a
href="fe84a0b3c0"><code>fe84a0b</code></a>
build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code>
from 6.21.0 to 7.0.0 (...</li>
<li><a
href="e12c9402c4"><code>e12c940</code></a>
Use updated syntax for GitHub Markdown notes (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1300">#1300</a>)</li>
<li><a
href="ef7f8a5d3c"><code>ef7f8a5</code></a>
build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1298">#1298</a>)</li>
<li><a
href="b8a1d6a424"><code>b8a1d6a</code></a>
build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code>
from 6.20.0 to 6.21.0 ...</li>
<li>Additional commits viewable in <a
href="e0b68c6749...54bcd8715e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.0.1&new-version=4.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-27 09:53:55 -03:00
dependabot[bot]
9ebed1d494
chore(deps): bump docker/setup-buildx-action from 3.0.0 to 3.1.0 (#4657) 
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 3.0.0 to 3.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.0</h2>
<ul>
<li><code>cache-binary</code> input to enable/disable caching binary to
GHA cache backend by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/300">docker/setup-buildx-action#300</a></li>
<li>build(deps): bump <code>@​babel/traverse</code> from 7.17.3 to
7.23.2 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/282">docker/setup-buildx-action#282</a></li>
<li>build(deps): bump <code>@​docker/actions-toolkit</code> from 0.12.0
to 0.17.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/281">docker/setup-buildx-action#281</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/284">docker/setup-buildx-action#284</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/299">docker/setup-buildx-action#299</a></li>
<li>build(deps): bump uuid from 9.0.0 to 9.0.1 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/271">docker/setup-buildx-action#271</a></li>
<li>build(deps): bump undici from 5.26.3 to 5.28.3 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/297">docker/setup-buildx-action#297</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.0.0...v3.1.0">https://github.com/docker/setup-buildx-action/compare/v3.0.0...v3.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0d103c3126"><code>0d103c3</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/300">#300</a>
from crazy-max/cache-binary</li>
<li><a
href="f19477aacd"><code>f19477a</code></a>
chore: update generated content</li>
<li><a
href="a4180f835d"><code>a4180f8</code></a>
cache-binary input to enable/disable caching binary to GHA cache
backend</li>
<li><a
href="524315340d"><code>5243153</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/299">#299</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="3679a54023"><code>3679a54</code></a>
chore: update generated content</li>
<li><a
href="37a22a2fb2"><code>37a22a2</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.14.0 to
0.17.0</li>
<li><a
href="65afe610a1"><code>65afe61</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/297">#297</a>
from docker/dependabot/npm_and_yarn/undici-5.28.3</li>
<li><a
href="fcb8f722fd"><code>fcb8f72</code></a>
chore: update generated content</li>
<li><a
href="f62b9a17c0"><code>f62b9a1</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/298">#298</a>
from crazy-max/bump-gha</li>
<li><a
href="74c5b717e5"><code>74c5b71</code></a>
bump codecov/codecov-action from 3 to 4</li>
<li>Additional commits viewable in <a
href="f95db51fdd...0d103c3126">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=3.0.0&new-version=3.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
 2024-02-27 09:52:51 -03:00
Oleksandr Redko
a9c76d7655
chore: fix all existing lint issues (#4637) 
The PR fixes lint issues, pins `golangci-lint` to `v1.56.2`, disables
`only-new-issues`, and enables `fail-on-issues` in the lint workflow.
After this, all new lint issues will fail CI.

The full log of fixed lint issues:
```sh
❯ golangci-lint run
cmd/docs.go:24:14: unused-parameter: parameter 'cmd' seems to be unused, consider removing or renaming it as _ (revive)
                RunE: func(cmd *cobra.Command, args []string) error {
                           ^
cmd/man.go:26:14: unused-parameter: parameter 'cmd' seems to be unused, consider removing or renaming it as _ (revive)
                RunE: func(cmd *cobra.Command, args []string) error {
                           ^
cmd/healthcheck.go:36:14: unused-parameter: parameter 'cmd' seems to be unused, consider removing or renaming it as _ (revive)
                RunE: func(cmd *cobra.Command, args []string) error {
                           ^
cmd/build.go:72:33: unused-parameter: parameter 'cmd' seems to be unused, consider removing or renaming it as _ (revive)
                RunE: timedRunE("build", func(cmd *cobra.Command, args []string) error {
                                              ^
cmd/schema.go:29:14: unused-parameter: parameter 'cmd' seems to be unused, consider removing or renaming it as _ (revive)
                RunE: func(cmd *cobra.Command, args []string) error {
                           ^
internal/pipe/nix/nix_test.go:547:5: error-is-as: second argument to require.ErrorAs should not be *error (testifylint)
                                require.ErrorAs(t, err, &tt.expectDefaultErrorIs)
                                ^
internal/pipe/nix/nix_test.go:556:5: error-is-as: second argument to require.ErrorAs should not be *error (testifylint)
                                require.ErrorAs(t, err, &tt.expectRunErrorIs)
                                ^
internal/pipe/nix/nix_test.go:567:5: error-is-as: second argument to require.ErrorAs should not be *error (testifylint)
                                require.ErrorAs(t, err, &tt.expectPublishErrorIs)
                                ^
internal/pipe/winget/winget_test.go:709:5: error-is-as: second argument to require.ErrorAs should not be *error (testifylint)
                                require.ErrorAs(t, err, &tt.expectPublishErrorIs)
                                ^
internal/pipe/winget/winget_test.go:728:5: error-is-as: second argument to require.ErrorAs should not be *error (testifylint)
                                require.ErrorAs(t, err, &tt.expectPublishErrorIs)
                                ^
internal/pipe/docker/docker_test.go:56:29: unused-parameter: parameter 'use' seems to be unused, consider removing or renaming it as _ (revive)
                return func(t *testing.T, use string) {
                                          ^
internal/gio/safe_test.go:23:4: go-require: require must only be used in the goroutine running the test function (testifylint)
                        require.Equal(t, 1, s)
                        ^
internal/gio/safe_test.go:24:4: go-require: require must only be used in the goroutine running the test function (testifylint)
                        require.NoError(t, err)
                        ^
internal/pipe/gomod/gomod_proxy_test.go:126:3: useless-assert: asserting of the same variable (testifylint)
                require.Equal(t, ctx.ModulePath, ctx.ModulePath)
                ^
internal/pipe/gomod/gomod_proxy_test.go:152:3: useless-assert: asserting of the same variable (testifylint)
                require.Equal(t, ctx.ModulePath, ctx.ModulePath)
                ^
internal/pipe/gomod/gomod_proxy_test.go:178:3: useless-assert: asserting of the same variable (testifylint)
                require.Equal(t, ctx.ModulePath, ctx.ModulePath)
                ^
internal/pipe/gomod/gomod_proxy_test.go:239:3: useless-assert: asserting of the same variable (testifylint)
                require.Equal(t, ctx.ModulePath, ctx.ModulePath)
                ^
internal/artifact/artifact_test.go:638:46: unused-parameter: parameter 'a' seems to be unused, consider removing or renaming it as _ (revive)
                require.EqualError(t, artifacts.Visit(func(a *Artifact) error {
                                                           ^
internal/pipe/milestone/milestone.go:79: File is not `gofumpt`-ed (gofumpt)

internal/http/http_test.go:217:19: unused-parameter: parameter 'k' seems to be unused, consider removing or renaming it as _ (revive)
        assetOpen = func(k string, a *artifact.Artifact) (*asset, error) {
                         ^
internal/middleware/logging/logging_test.go:12:37: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
        require.NoError(t, Log("foo", func(ctx *context.Context) error {
                                           ^
internal/middleware/logging/logging_test.go:16:40: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
        require.NoError(t, PadLog("foo", func(ctx *context.Context) error {
                                              ^
internal/pipe/chocolatey/chocolatey_test.go:277:15: unused-parameter: parameter 'cmd' seems to be unused, consider removing or renaming it as _ (revive)
                        exec: func(cmd string, args ...string) ([]byte, error) {
                                   ^
internal/client/gitlab.go:325: File is not `gofumpt`-ed (gofumpt)

internal/pipe/linkedin/client_test.go:58:77: unused-parameter: parameter 'req' seems to be unused, consider removing or renaming it as _ (revive)
        server := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
                                                                                   ^
internal/middleware/errhandler/error_test.go:15:34: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
                require.NoError(t, Handle(func(ctx *context.Context) error {
                                               ^
internal/middleware/errhandler/error_test.go:21:34: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
                require.NoError(t, Handle(func(ctx *context.Context) error {
                                               ^
internal/middleware/errhandler/error_test.go:27:32: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
                require.Error(t, Handle(func(ctx *context.Context) error {
                                             ^
internal/middleware/errhandler/error_test.go:36:37: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
                require.NoError(t, memo.Wrap(func(ctx *context.Context) error {
                                                  ^
internal/middleware/errhandler/error_test.go:42:37: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
                require.NoError(t, memo.Wrap(func(ctx *context.Context) error {
                                                  ^
internal/middleware/errhandler/error_test.go:48:37: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
                require.NoError(t, memo.Wrap(func(ctx *context.Context) error {
                                                  ^
internal/pipe/ko/ko.go:175:29: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
                build.WithBaseImages(func(ctx stdctx.Context, s string) (name.Reference, build.Result, error) {
                                          ^
```
 2024-02-19 08:49:39 -03:00
dependabot[bot]
4b57e61514
chore(deps): bump golangci/golangci-lint-action from 3.7.0 to 3.7.1 (#4619) 
Bumps
[golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action)
from 3.7.0 to 3.7.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3cfe3a4abb"><code>3cfe3a4</code></a>
build(deps): bump <code>@​actions/cache</code> from 3.2.3 to 3.2.4 (<a
href="https://redirect.github.com/golangci/golangci-lint-action/issues/963">#963</a>)</li>
<li><a
href="cbc59cf0d1"><code>cbc59cf</code></a>
build(deps-dev): bump prettier from 3.2.4 to 3.2.5 (<a
href="https://redirect.github.com/golangci/golangci-lint-action/issues/960">#960</a>)</li>
<li><a
href="459a04b021"><code>459a04b</code></a>
build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code>
from 6.19.1 to 6.20.0 ...</li>
<li><a
href="e2315b67db"><code>e2315b6</code></a>
build(deps-dev): bump <code>@​typescript-eslint/parser</code> from
6.19.1 to 6.20.0 (<a
href="https://redirect.github.com/golangci/golangci-lint-action/issues/961">#961</a>)</li>
<li><a
href="d6173a45d0"><code>d6173a4</code></a>
build(deps): bump <code>@​types/node</code> from 20.11.10 to 20.11.16
(<a
href="https://redirect.github.com/golangci/golangci-lint-action/issues/962">#962</a>)</li>
<li><a
href="0e8f5bf773"><code>0e8f5bf</code></a>
build(deps): bump <code>@​types/node</code> from 20.11.5 to 20.11.10 (<a
href="https://redirect.github.com/golangci/golangci-lint-action/issues/958">#958</a>)</li>
<li><a
href="349d20632d"><code>349d206</code></a>
build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code>
from 6.19.0 to 6.19.1 ...</li>
<li><a
href="2221aee284"><code>2221aee</code></a>
build(deps-dev): bump <code>@​typescript-eslint/parser</code> from
6.18.1 to 6.19.1 (<a
href="https://redirect.github.com/golangci/golangci-lint-action/issues/954">#954</a>)</li>
<li><a
href="3b44ae5b24"><code>3b44ae5</code></a>
build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code>
from 6.18.1 to 6.19.0 ...</li>
<li><a
href="323b871bbc"><code>323b871</code></a>
build(deps-dev): bump prettier from 3.2.2 to 3.2.4 (<a
href="https://redirect.github.com/golangci/golangci-lint-action/issues/950">#950</a>)</li>
<li>Additional commits viewable in <a
href="3a91952989...3cfe3a4abb">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golangci/golangci-lint-action&package-manager=github_actions&previous-version=3.7.0&new-version=3.7.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-09 09:56:34 -03:00
dependabot[bot]
842828a711
chore(deps): bump arduino/setup-task from 1.0.3 to 2.0.0 (#4607) 
Bumps [arduino/setup-task](https://github.com/arduino/setup-task) from
1.0.3 to 2.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/arduino/setup-task/releases">arduino/setup-task's
releases</a>.</em></p>
<blockquote>
<h2>2.0.0</h2>
<h2>Migration Guide</h2>
<p>The version of the <a
href="https://nodejs.org/en/about"><strong>Node.js</strong></a> runtime
used to execute the action has been updated from 16 to 20. This could be
a breaking change for certain GitHub Actions workflows.</p>
<p>If a workflow with dependency on the
<strong>arduino/setup-task</strong> action uses only <a
href="https://docs.github.com/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners">GitHub-hosted
GitHub Actions runners</a>, no changes are required.</p>
<p>If the workflow uses a <a
href="https://docs.github.com/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners">self-hosted
runner</a>, the workflow run might fail after updating
<strong>arduino/setup-task</strong>:</p>
<pre lang="text"><code>Error: System.ArgumentOutOfRangeException:
Specified argument was out of the range of valid values. (Parameter
''using: node20' is not supported, use 'docker', 'node12' or 'node16'
instead.')
at
GitHub.Runner.Worker.ActionManifestManager.ConvertRuns(IExecutionContext
executionContext, TemplateContext templateContext, TemplateToken
inputsToken, String fileRelativePath, MappingToken outputs)
at GitHub.Runner.Worker.ActionManifestManager.Load(IExecutionContext
executionContext, String manifestFile)
Error: Fail to load arduino/setup-task/v2/action.yml
</code></pre>
<p>This means an older runner version that does not provide Node.js 20.x
is installed on the runner machine and you must update the runner
version.</p>
<h2>Changelog</h2>
<h4>Breaking</h4>
<ul>
<li>Update Node.js runtime for action from 16 to 20 (<a
href="https://redirect.github.com/arduino/setup-task/issues/919">#919</a>)</li>
</ul>
<h4>Enhancement</h4>
<ul>
<li><a
href="https://github.com/arduino/compile-sketches/pulls?q=merged%3A2023-01-31..2024-02-05+author%3Aapp%2Fdependabot">Various
dependency updates</a></li>
</ul>
<h2>Full Changeset</h2>
<p><a
href="https://github.com/arduino/setup-task/compare/1.0.3...2.0.0">https://github.com/arduino/setup-task/compare/1.0.3...2.0.0</a></p>
<h2>Contributors</h2>
<ul>
<li><a href="https://github.com/gdraynz"><code>@​gdraynz</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b91d5d2c96"><code>b91d5d2</code></a>
update readme (<a
href="https://redirect.github.com/arduino/setup-task/issues/929">#929</a>)</li>
<li><a
href="f2514b0e1c"><code>f2514b0</code></a>
Bump node from 16 to 20 (<a
href="https://redirect.github.com/arduino/setup-task/issues/919">#919</a>)</li>
<li><a
href="2007903d11"><code>2007903</code></a>
Merge pull request <a
href="https://redirect.github.com/arduino/setup-task/issues/928">#928</a>
from arduino/dependabot/npm_and_yarn/prettier-3.2.5</li>
<li><a
href="3f2ef95f2f"><code>3f2ef95</code></a>
build(deps-dev): bump prettier from 3.2.2 to 3.2.5</li>
<li><a
href="88d658bbef"><code>88d658b</code></a>
Merge pull request <a
href="https://redirect.github.com/arduino/setup-task/issues/927">#927</a>
from arduino/dependabot/npm_and_yarn/types/node-16.18.79</li>
<li><a
href="b79a1c3f82"><code>b79a1c3</code></a>
build(deps-dev): bump <code>@​types/node</code> from 16.18.78 to
16.18.79</li>
<li><a
href="5abddba872"><code>5abddba</code></a>
Merge pull request <a
href="https://redirect.github.com/arduino/setup-task/issues/926">#926</a>
from arduino/dependabot/npm_and_yarn/types/node-16.18.78</li>
<li><a
href="b3e99c0fa2"><code>b3e99c0</code></a>
build(deps-dev): bump <code>@​types/node</code> from 16.18.76 to
16.18.78</li>
<li><a
href="4145542cd7"><code>4145542</code></a>
Merge pull request <a
href="https://redirect.github.com/arduino/setup-task/issues/924">#924</a>
from arduino/dependabot/npm_and_yarn/typescript-eslin...</li>
<li><a
href="10406e6d87"><code>10406e6</code></a>
build(deps-dev): bump <code>@​typescript-eslint/parser</code> from
6.19.1 to 6.20.0</li>
<li>Additional commits viewable in <a
href="e26d897557...b91d5d2c96">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=arduino/setup-task&package-manager=github_actions&previous-version=1.0.3&new-version=2.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-07 08:53:51 -03:00
dependabot[bot]
1c31f3b0b7
chore(deps): bump codecov/codecov-action from 4.0.0 to 4.0.1 (#4600) 
Bumps
[codecov/codecov-action](https://github.com/codecov/codecov-action) from
4.0.0 to 4.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README.md by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1243">codecov/codecov-action#1243</a></li>
<li>Add all args by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1245">codecov/codecov-action#1245</a></li>
<li>fix: show both token uses in readme by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1250">codecov/codecov-action#1250</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v4.0.0...v4.0.1">https://github.com/codecov/codecov-action/compare/v4.0.0...v4.0.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e0b68c6749"><code>e0b68c6</code></a>
fix: show both token uses in readme (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1250">#1250</a>)</li>
<li><a
href="1f9f5573d1"><code>1f9f557</code></a>
Add all args (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1245">#1245</a>)</li>
<li><a
href="09686fcfcb"><code>09686fc</code></a>
Update README.md (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1243">#1243</a>)</li>
<li>See full diff in <a
href="f30e4959ba...e0b68c6749">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4.0.0&new-version=4.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
 2024-02-02 07:24:34 -03:00
dependabot[bot]
cefe72700f
chore(deps): bump codecov/codecov-action from 3.1.6 to 4.0.0 (#4597) 2024-02-01 14:56:38 +00:00
dependabot[bot]
5099aef865
chore(deps): bump anchore/sbom-action from 0.15.7 to 0.15.8 (#4598) 2024-02-01 14:48:31 +00:00
dependabot[bot]
6b4248cb57
chore(deps): bump sigstore/cosign-installer from 3.3.0 to 3.4.0 (#4599) 2024-02-01 14:40:55 +00:00
dependabot[bot]
fd86f66de9
chore(deps): bump codecov/codecov-action from 3.1.5 to 3.1.6 (#4592) 
Bumps
[codecov/codecov-action](https://github.com/codecov/codecov-action) from
3.1.5 to 3.1.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.6</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v3.1.5...v3.1.6">https://github.com/codecov/codecov-action/compare/v3.1.5...v3.1.6</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ab904c41d6"><code>ab904c4</code></a>
chore(release): bump to 3.1.6</li>
<li><a
href="a8c374ae46"><code>a8c374a</code></a>
Revert &quot;action.yml: Update to Node.js 20 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1228">#1228</a>)&quot;</li>
<li>See full diff in <a
href="4fe8c5f003...ab904c41d6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=3.1.5&new-version=3.1.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-31 07:12:55 -03:00
dependabot[bot]
ffb1a7c0b6
chore(deps): bump anchore/sbom-action from 0.15.6 to 0.15.7 (#4593) 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.6 to 0.15.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.7</h2>
<h2>Changes in v0.15.7</h2>
<ul>
<li>chore: migrate action to use node v20.11.0 (Iron) FROM node v16.x.x
(<a
href="https://redirect.github.com/anchore/sbom-action/issues/440">#440</a>)
[<a href="https://github.com/spiffcs">spiffcs</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="767b08fd88"><code>767b08f</code></a>
chore: migrate action from 16 -&gt; 20 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/440">#440</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.6...v0.15.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anchore/sbom-action&package-manager=github_actions&previous-version=0.15.6&new-version=0.15.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-31 07:11:56 -03:00
dependabot[bot]
242aacae1b
chore(deps): bump anchore/sbom-action from 0.15.5 to 0.15.6 (#4588) 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.5 to 0.15.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.6</h2>
<h2>Changes in v0.15.6</h2>
<ul>
<li>chore(deps): update Syft to v0.102.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/438">#438</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c6aed38a43"><code>c6aed38</code></a>
chore(deps): update Syft to v0.102.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/438">#438</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.5...v0.15.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anchore/sbom-action&package-manager=github_actions&previous-version=0.15.5&new-version=0.15.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-30 07:51:46 -03:00
dependabot[bot]
ab123fa3a4
chore(deps): bump codecov/codecov-action from 3.1.4 to 3.1.5 (#4576) 
Bumps
[codecov/codecov-action](https://github.com/codecov/codecov-action) from
3.1.4 to 3.1.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.5</h2>
<h2>What's Changed</h2>
<ul>
<li>action.yml: Update to Node.js 20 by <a
href="https://github.com/hallabro"><code>@​hallabro</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1228">codecov/codecov-action#1228</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/hallabro"><code>@​hallabro</code></a>
made their first contribution in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1228">codecov/codecov-action#1228</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v3.1.4...v3.1.5">https://github.com/codecov/codecov-action/compare/v3.1.4...v3.1.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4fe8c5f003"><code>4fe8c5f</code></a>
chore(release): bump to 3.1.5</li>
<li><a
href="9140fdcf54"><code>9140fdc</code></a>
action.yml: Update to Node.js 20 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1228">#1228</a>)</li>
<li>See full diff in <a
href="eaaf4bedf3...4fe8c5f003">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=3.1.4&new-version=3.1.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-26 07:53:05 -03:00
dependabot[bot]
472b87127c
chore(deps): bump anchore/sbom-action from 0.15.4 to 0.15.5 (#4567) 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.4 to 0.15.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.5</h2>
<h2>Changes in v0.15.5</h2>
<ul>
<li>chore(deps): update Syft to v0.101.1 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/437">#437</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="24b0d52385"><code>24b0d52</code></a>
chore(deps): update Syft to v0.101.1 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/437">#437</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.4...v0.15.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anchore/sbom-action&package-manager=github_actions&previous-version=0.15.4&new-version=0.15.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-23 16:50:36 -03:00
dependabot[bot]
116a034c8a
chore(deps): bump actions/dependency-review-action from 3 to 4 (#4559) 
Bumps
[actions/dependency-review-action](https://github.com/actions/dependency-review-action)
from 3 to 4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/dependency-review-action/releases">actions/dependency-review-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<ul>
<li>Update action to Node 20 by <a
href="https://github.com/takost"><code>@​takost</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/639">actions/dependency-review-action#639</a></li>
<li>Dependabot updates, see the full changelog for more details.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/takost"><code>@​takost</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/639">actions/dependency-review-action#639</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/dependency-review-action/compare/v3.1.5...v4.0.0">https://github.com/actions/dependency-review-action/compare/v3.1.5...v4.0.0</a></p>
<h2>3.1.5</h2>
<h2>What's Changed</h2>
<ul>
<li>Smaller <code>per_page</code> when requesting diff by <a
href="https://github.com/hmaurer"><code>@​hmaurer</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/649">actions/dependency-review-action#649</a></li>
<li>Update dependencies:
<ul>
<li>Bump <code>@​typescript-eslint/parser</code> from 6.10.0 to 6.13.1
by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/630">actions/dependency-review-action#630</a></li>
<li>Bump prettier from 3.0.3 to 3.1.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/629">actions/dependency-review-action#629</a></li>
<li>Bump <code>@​types/jest</code> from 29.5.8 to 29.5.11 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/637">actions/dependency-review-action#637</a></li>
<li>Bump nodemon from 3.0.1 to 3.0.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/636">actions/dependency-review-action#636</a></li>
<li>Replace pip -&gt; pypi in PURL examples by <a
href="https://github.com/febuiles"><code>@​febuiles</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/638">actions/dependency-review-action#638</a></li>
<li>Bump <code>@​typescript-eslint/eslint-plugin</code> from 6.12.0 to
6.15.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/644">actions/dependency-review-action#644</a></li>
<li>Bump eslint from 8.53.0 to 8.56.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/640">actions/dependency-review-action#640</a></li>
<li>Bump <code>@​typescript-eslint/parser</code> from 6.13.1 to 6.16.0
by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/645">actions/dependency-review-action#645</a></li>
<li>Bump prettier from 3.1.0 to 3.1.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/646">actions/dependency-review-action#646</a></li>
</ul>
</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/dependency-review-action/compare/v3.1.4...v3.1.5">https://github.com/actions/dependency-review-action/compare/v3.1.4...v3.1.5</a></p>
<h2>3.1.4</h2>
<h2>What's Changed</h2>
<ul>
<li>
<p>Fixed a <a
href="https://redirect.github.com/actions/dependency-review-action/issues/618">bug</a>
with severity filtering when using the <code>allow_ghsas</code> option:
<a
href="https://redirect.github.com/actions/dependency-review-action/pull/623">actions/dependency-review-action#623</a>.</p>
</li>
<li>
<p>Updates dependencies:</p>
<ul>
<li>Bump <code>@​types/node</code> from 16.18.61 to 16.18.62 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/619">actions/dependency-review-action#619</a>
action/pull/620</li>
<li>Bump <code>@​typescript-eslint/eslint-plugin</code> from 6.11.0 to
6.12.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/625">actions/dependency-review-action#625</a></li>
<li>Bump typescript from 5.2.2 to 5.3.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/624">actions/dependency-review-action#624</a></li>
</ul>
</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/dependency-review-action/compare/v3...v3.1.4">https://github.com/actions/dependency-review-action/compare/v3...v3.1.4</a></p>
<h2>3.1.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Fixes purl &quot;version must be percent-encoded&quot; by <a
href="https://github.com/theztefan"><code>@​theztefan</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/617">actions/dependency-review-action#617</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/dependency-review-action/compare/v3...v3.1.3">https://github.com/actions/dependency-review-action/compare/v3...v3.1.3</a></p>
<h2>3.1.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix a regression for setups using self-hosted runners behind HTTP
proxies:<a
href="https://github.com/febuiles"><code>@​febuiles</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/611">actions/dependency-review-action#611</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4cd9eb2d23"><code>4cd9eb2</code></a>
Updating docs to point to v4.</li>
<li><a
href="4901385134"><code>4901385</code></a>
bump to 4.0.0</li>
<li><a
href="dbf82a4a5e"><code>dbf82a4</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/639">#639</a>
from takost/takost/update-to-node-20</li>
<li><a
href="78aeb2a948"><code>78aeb2a</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/663">#663</a>
from actions/dependabot/npm_and_yarn/typescript-eslin...</li>
<li><a
href="4e510006f5"><code>4e51000</code></a>
Bump <code>@​typescript-eslint/parser</code> from 6.18.0 to 6.18.1</li>
<li><a
href="9560737c5e"><code>9560737</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/661">#661</a>
from actions/dependabot/npm_and_yarn/typescript-eslin...</li>
<li><a
href="4125f47f7e"><code>4125f47</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/660">#660</a>
from actions/dependabot/npm_and_yarn/types/node-16.18.70</li>
<li><a
href="07cc93e0c8"><code>07cc93e</code></a>
Bump <code>@​typescript-eslint/eslint-plugin</code> from 6.18.0 to
6.18.1</li>
<li><a
href="e2c203b8b7"><code>e2c203b</code></a>
Bump <code>@​types/node</code> from 16.18.62 to 16.18.70</li>
<li><a
href="f0b304d0bc"><code>f0b304d</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/653">#653</a>
from actions/dependabot/npm_and_yarn/got-14.0.0</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/dependency-review-action/compare/v3...v4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/dependency-review-action&package-manager=github_actions&previous-version=3&new-version=4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once it's up-to-date and CI passes on it,
as requested by @caarlos0.

[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-19 10:03:35 -03:00
dependabot[bot]
39e5cad1c8
chore(deps): bump anchore/sbom-action from 0.15.3 to 0.15.4 (#4558) 2024-01-19 11:30:42 +00:00
dependabot[bot]
c22d52fb1e
chore(deps): bump actions/cache from 3.3.3 to 4.0.0 (#4546) 
Bumps [actions/cache](https://github.com/actions/cache) from 3.3.3 to
4.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update action to node20 by <a
href="https://github.com/takost"><code>@​takost</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1284">actions/cache#1284</a></li>
<li>feat: save-always flag by <a
href="https://github.com/to-s"><code>@​to-s</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1242">actions/cache#1242</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/takost"><code>@​takost</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1284">actions/cache#1284</a></li>
<li><a href="https://github.com/to-s"><code>@​to-s</code></a> made their
first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1242">actions/cache#1242</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v4.0.0">https://github.com/actions/cache/compare/v3...v4.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>3.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -&gt; node
16</li>
</ul>
<h3>3.0.1</h3>
<ul>
<li>Added support for caching from GHES 3.5.</li>
<li>Fixed download issue for files &gt; 2GB during restore.</li>
</ul>
<h3>3.0.2</h3>
<ul>
<li>Added support for dynamic cache size cap on GHES.</li>
</ul>
<h3>3.0.3</h3>
<ul>
<li>Fixed avoiding empty cache save when no files are available for
caching. (<a
href="https://redirect.github.com/actions/cache/issues/624">issue</a>)</li>
</ul>
<h3>3.0.4</h3>
<ul>
<li>Fixed tar creation error while trying to create tar with path as
<code>~/</code> home folder on <code>ubuntu-latest</code>. (<a
href="https://redirect.github.com/actions/cache/issues/689">issue</a>)</li>
</ul>
<h3>3.0.5</h3>
<ul>
<li>Removed error handling by consuming actions/cache 3.0 toolkit, Now
cache server error handling will be done by toolkit. (<a
href="https://redirect.github.com/actions/cache/pull/834">PR</a>)</li>
</ul>
<h3>3.0.6</h3>
<ul>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/809">#809</a> -
zstd -d: no such file or directory error</li>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/833">#833</a> -
cache doesn't work with github workspace directory</li>
</ul>
<h3>3.0.7</h3>
<ul>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/810">#810</a> -
download stuck issue. A new timeout is introduced in the download
process to abort the download if it gets stuck and doesn't finish within
an hour.</li>
</ul>
<h3>3.0.8</h3>
<ul>
<li>Fix zstd not working for windows on gnu tar in issues <a
href="https://redirect.github.com/actions/cache/issues/888">#888</a> and
<a
href="https://redirect.github.com/actions/cache/issues/891">#891</a>.</li>
<li>Allowing users to provide a custom timeout as input for aborting
download of a cache segment using an environment variable
<code>SEGMENT_DOWNLOAD_TIMEOUT_MINS</code>. Default is 60 minutes.</li>
</ul>
<h3>3.0.9</h3>
<ul>
<li>Enhanced the warning message for cache unavailablity in case of
GHES.</li>
</ul>
<h3>3.0.10</h3>
<ul>
<li>Fix a bug with sorting inputs.</li>
<li>Update definition for restore-keys in README.md</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="13aacd865c"><code>13aacd8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1242">#1242</a>
from to-s/main</li>
<li><a
href="53b35c5439"><code>53b35c5</code></a>
Merge branch 'main' into main</li>
<li><a
href="65b8989fab"><code>65b8989</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1284">#1284</a>
from takost/update-to-node-20</li>
<li><a
href="d0be34d544"><code>d0be34d</code></a>
Fix dist</li>
<li><a
href="66cf064d47"><code>66cf064</code></a>
Merge branch 'main' into update-to-node-20</li>
<li><a
href="1326563738"><code>1326563</code></a>
Merge branch 'main' into main</li>
<li><a
href="e71876755e"><code>e718767</code></a>
Fix format</li>
<li><a
href="01229828ff"><code>0122982</code></a>
Apply workaround for earlyExit</li>
<li><a
href="3185ecfd61"><code>3185ecf</code></a>
Update &quot;only-&quot; actions to node20</li>
<li><a
href="25618a0a67"><code>25618a0</code></a>
Bump version</li>
<li>Additional commits viewable in <a
href="e12d46a63a...13aacd865c">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=3.3.3&new-version=4.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
 2024-01-17 08:48:43 -03:00
dependabot[bot]
1b1261adec chore(deps): bump cachix/install-nix-action from 24 to 25 
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action) from 24 to 25.
- [Release notes](https://github.com/cachix/install-nix-action/releases)
- [Commits](https://github.com/cachix/install-nix-action/compare/v24...v25)

---
updated-dependencies:
- dependency-name: cachix/install-nix-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-15 08:50:28 -03:00
Carlos Alexandro Becker
f07af4c269
ci: remove dependabot auto approve 
it doesnt work

Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
 2024-01-12 09:21:28 -03:00
dependabot[bot]
bf799e284f chore(deps): bump actions/cache from 3.3.2 to 3.3.3 
Bumps [actions/cache](https://github.com/actions/cache) from 3.3.2 to 3.3.3.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](704facf57e...e12d46a63a)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-01-12 09:20:24 -03:00
Carlos Alexandro Becker
cbb288be5b
ci: change dependabot commit prefix to chore 
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
 2024-01-11 23:05:21 -03:00
Carlos Alexandro Becker
8e3b7efcfb
ci: dependabot automerge 2024-01-11 23:05:21 -03:00
dependabot[bot]
1d9f15ddf6
chore(deps): bump anchore/sbom-action from 0.15.2 to 0.15.3 (#4526) 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.2 to 0.15.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.3</h2>
<h2>Changes in v0.15.3</h2>
<ul>
<li>chore(deps): update Syft to v0.100.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/435">#435</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c7f031d924"><code>c7f031d</code></a>
chore(deps): update Syft to v0.100.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/435">#435</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.2...v0.15.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anchore/sbom-action&package-manager=github_actions&previous-version=0.15.2&new-version=0.15.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.

[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-09 08:55:29 -03:00
dependabot[bot]
fdd5d89dcf
chore(deps): bump anchore/sbom-action from 0.15.1 to 0.15.2 (#4514) 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.1 to 0.15.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.2</h2>
<h2>Changes in v0.15.2</h2>
<ul>
<li>chore(deps): update Syft to v0.99.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/432">#432</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
<li>chore: fix github-script invocation in update-snapshots workflow (<a
href="https://redirect.github.com/anchore/sbom-action/issues/433">#433</a>)
[<a href="https://github.com/willmurphyscode">willmurphyscode</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="719133684c"><code>7191336</code></a>
chore(deps): update Syft to v0.99.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/432">#432</a>)</li>
<li><a
href="b05b28be1a"><code>b05b28b</code></a>
chore: fix github-script invocation (<a
href="https://redirect.github.com/anchore/sbom-action/issues/433">#433</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.1...v0.15.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anchore/sbom-action&package-manager=github_actions&previous-version=0.15.1&new-version=0.15.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-03 09:23:05 -03:00
Carlos Alexandro Becker
9ce21d3b95
fix: invalid jsonschema 
closes https://github.com/goreleaser/goreleaser/issues/4511

Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
 2023-12-31 14:43:39 -03:00
Carlos Alexandro Becker
48f036b5d6
build: nix devShell (#4507) 
<!--

Hi, thanks for contributing!

Please make sure you read our CONTRIBUTING guide.

Also, add tests and the respective documentation changes as well.

-->


<!-- If applied, this commit will... -->

...

<!-- Why is this change being made? -->

...

<!-- # Provide links to any relevant tickets, URLs or other resources
-->

...

---------

Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
 2023-12-28 20:49:23 -03:00
Carlos Alexandro Becker
0c90fb420b
build: fix generate workflow 
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
 2023-12-26 13:18:46 -03:00
Carlos Alexandro Becker
dda1c708ae
feat(nix): validate licenses (#4497) 
this will check if the license provided by the user is a valid one.

valid list of licenses is generated from nix's source code.

closes #4496
 2023-12-26 08:37:44 -03:00
dependabot[bot]
3f54b5eb2f
chore(deps): bump sigstore/cosign-installer from 3.2.0 to 3.3.0 (#4472) 
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer)
from 3.2.0 to 3.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump actions/setup-go from 4.1.0 to 5.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/152">sigstore/cosign-installer#152</a></li>
<li>update action to use latest cosign v2.2.2 by <a
href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/153">sigstore/cosign-installer#153</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0">https://github.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9614fae9e5"><code>9614fae</code></a>
update action to use latest cosign v2.2.2 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/153">#153</a>)</li>
<li><a
href="c81cf0609e"><code>c81cf06</code></a>
Bump actions/setup-go from 4.1.0 to 5.0.0 (<a
href="https://redirect.github.com/sigstore/cosign-installer/issues/152">#152</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.2.0&new-version=3.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-12 08:23:41 -03:00
dependabot[bot]
d27c755505
chore(deps): bump actions/setup-go from 4.1.0 to 5.0.0 (#4464) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4.1.0
to 5.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<h2>What's Changed</h2>
<p>In scope of this release, we change Nodejs runtime from node16 to
node20 (<a
href="https://redirect.github.com/actions/setup-go/pull/421">actions/setup-go#421</a>).
Moreover, we update some dependencies to the latest versions (<a
href="https://redirect.github.com/actions/setup-go/pull/445">actions/setup-go#445</a>).</p>
<p>Besides, this release contains such changes as:</p>
<ul>
<li>Fix hosted tool cache usage on windows by <a
href="https://github.com/galargh"><code>@​galargh</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/411">actions/setup-go#411</a></li>
<li>Improve documentation regarding dependencies caching by <a
href="https://github.com/artemgavrilov"><code>@​artemgavrilov</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/417">actions/setup-go#417</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/galargh"><code>@​galargh</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/411">actions/setup-go#411</a></li>
<li><a
href="https://github.com/artemgavrilov"><code>@​artemgavrilov</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/417">actions/setup-go#417</a></li>
<li><a
href="https://github.com/chenrui333"><code>@​chenrui333</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/421">actions/setup-go#421</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-go/compare/v4...v5.0.0">https://github.com/actions/setup-go/compare/v4...v5.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0c52d547c9"><code>0c52d54</code></a>
Update dependencies for node20 (<a
href="https://redirect.github.com/actions/setup-go/issues/445">#445</a>)</li>
<li><a
href="bfd2fb341f"><code>bfd2fb3</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-go/issues/421">#421</a>
from chenrui333/node20-runtime</li>
<li><a
href="3d65fa57fc"><code>3d65fa5</code></a>
feat: bump to use actions/checkout@v4</li>
<li><a
href="8a505c9cf2"><code>8a505c9</code></a>
feat: bump to use node20 runtime</li>
<li><a
href="883490dfd0"><code>883490d</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-go/issues/417">#417</a>
from artemgavrilov/main</li>
<li><a
href="d45ebba0ce"><code>d45ebba</code></a>
Rephrase sentence</li>
<li><a
href="317c6617fa"><code>317c661</code></a>
Replace <code>wildcards</code> term with <code>globs</code>.</li>
<li><a
href="f90673ad64"><code>f90673a</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-go/issues/1">#1</a> from
artemgavrilov/caching-docs-improvement</li>
<li><a
href="8018234347"><code>8018234</code></a>
Improve documentation regarding dependencies cachin</li>
<li><a
href="d085b4fe57"><code>d085b4f</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-go/issues/411">#411</a>
from galargh/fix/windows-hostedtoolcache</li>
<li>Additional commits viewable in <a
href="93397bea11...0c52d547c9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-go&package-manager=github_actions&previous-version=4.1.0&new-version=5.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-07 09:06:14 -03:00
dependabot[bot]
8fac823f81
chore(deps): bump anchore/sbom-action from 0.15.0 to 0.15.1 (#4458) 
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.0 to 0.15.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.1</h2>
<h2>Changes in v0.15.1</h2>
<ul>
<li>chore(deps): update Syft to v0.98.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/431">#431</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
<li>Add config input (<a
href="https://redirect.github.com/anchore/sbom-action/issues/430">#430</a>)
[<a href="https://github.com/eyakubovich">eyakubovich</a>]</li>
<li>chore: pin and upgrade gh actions (<a
href="https://redirect.github.com/anchore/sbom-action/issues/429">#429</a>)
[<a href="https://github.com/willmurphyscode">willmurphyscode</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5ecf649a41"><code>5ecf649</code></a>
chore(deps): update Syft to v0.98.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/431">#431</a>)</li>
<li><a
href="a4126e6810"><code>a4126e6</code></a>
Add config input (<a
href="https://redirect.github.com/anchore/sbom-action/issues/430">#430</a>)</li>
<li><a
href="9d0277c4f7"><code>9d0277c</code></a>
chore: pin and upgrade gh actions (<a
href="https://redirect.github.com/anchore/sbom-action/issues/429">#429</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.0...v0.15.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anchore/sbom-action&package-manager=github_actions&previous-version=0.15.0&new-version=0.15.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-05 09:20:12 -03:00
dependabot[bot]
8eccb57161
chore(deps): bump cachix/install-nix-action from 23 to 24 (#4448) 
Bumps
[cachix/install-nix-action](https://github.com/cachix/install-nix-action)
from 23 to 24.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cachix/install-nix-action/releases">cachix/install-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>install-nix-action-v24</h2>
<ul>
<li>Nix 2.19.1</li>
<li>enables KVM on linux</li>
<li>set <code>TMPDIR</code> to avoid potential disk space issues</li>
<li>don't use the default GitHub token for Enterprise</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7ac1ec2549"><code>7ac1ec2</code></a>
Nix 2.19.1</li>
<li><a
href="dc33a216cb"><code>dc33a21</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/200">#200</a>
from cachix/fix/196</li>
<li><a
href="2b90cd3130"><code>2b90cd3</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/202">#202</a>
from cachix/feature/kvm</li>
<li><a
href="fe19c91c6b"><code>fe19c91</code></a>
feat: enable KVM on Linux if available</li>
<li><a
href="a56e3a8089"><code>a56e3a8</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/199">#199</a>
from jalaziz/tempdir</li>
<li><a
href="81eb746179"><code>81eb746</code></a>
Update install-nix.sh</li>
<li><a
href="97a1be3c09"><code>97a1be3</code></a>
fix: don't use the default GitHub token for Enterprise</li>
<li><a
href="2cce1fd76b"><code>2cce1fd</code></a>
fix: Set TMPDIR to avoid disk space issues</li>
<li><a
href="300721fe01"><code>300721f</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/193">#193</a>
from cachix/dependabot/github_actions/actions/checkout-4</li>
<li><a
href="fe6788c5de"><code>fe6788c</code></a>
chore(deps): bump actions/checkout from 3 to 4</li>
<li>See full diff in <a
href="https://github.com/cachix/install-nix-action/compare/v23...v24">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=cachix/install-nix-action&package-manager=github_actions&previous-version=23&new-version=24)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-29 09:35:49 -03:00
Carlos Alexandro Becker
5a74601559
build: fix typo 2023-11-28 09:23:01 -03:00
Carlos Alexandro Becker
9d2162b61c
build: report only new lint problems 
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
 2023-11-24 14:07:24 -03:00