Bumps [actions/cache](https://github.com/actions/cache) from 4.0.1 to
4.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix <code>fail-on-cache-miss</code> not working by <a
href="https://github.com/cdce8p"><code>@cdce8p</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1327">actions/cache#1327</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.0.1...v4.0.2">https://github.com/actions/cache/compare/v4.0.1...v4.0.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.0.2</h3>
<ul>
<li>Fixed restore <code>fail-on-cache-miss</code> not working.</li>
</ul>
<h3>4.0.1</h3>
<ul>
<li>Updated <code>isGhes</code> check</li>
</ul>
<h3>4.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -> node
20</li>
</ul>
<h3>3.3.3</h3>
<ul>
<li>Updates <code>@actions/cache</code> to v3.2.3 to fix accidental
mutated path arguments to <code>getCacheVersion</code> <a
href="https://redirect.github.com/actions/toolkit/pull/1378">actions/toolkit#1378</a></li>
<li>Additional audit fixes of npm package(s)</li>
</ul>
<h3>3.3.2</h3>
<ul>
<li>Fixes bug with Azure SDK causing blob downloads to get stuck.</li>
</ul>
<h3>3.3.1</h3>
<ul>
<li>Reduced segment size to 128MB and segment timeout to 10 minutes to
fail fast in case the cache download is stuck.</li>
</ul>
<h3>3.3.0</h3>
<ul>
<li>Added option to lookup cache without downloading it.</li>
</ul>
<h3>3.2.6</h3>
<ul>
<li>Fix zstd not being used after zstd version upgrade to 1.5.4 on
hosted runners.</li>
</ul>
<h3>3.2.5</h3>
<ul>
<li>Added fix to prevent from setting MYSYS environment variable
globally.</li>
</ul>
<h3>3.2.4</h3>
<ul>
<li>Added option to fail job on cache miss.</li>
</ul>
<h3>3.2.3</h3>
<ul>
<li>Support cross os caching on Windows as an opt-in feature.</li>
<li>Fix issue with symlink restoration on Windows for cross-os
caches.</li>
</ul>
<h3>3.2.2</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0c45773b62"><code>0c45773</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1327">#1327</a>
from cdce8p/fix-fail-on-cache-miss</li>
<li><a
href="8a55f839aa"><code>8a55f83</code></a>
Add test case for process exit</li>
<li><a
href="3884cace14"><code>3884cac</code></a>
Bump version</li>
<li><a
href="e29dad3e36"><code>e29dad3</code></a>
Fix fail-on-cache-miss not working</li>
<li>See full diff in <a
href="ab5e6d0c87...0c45773b62">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 3.1.0 to 3.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.2.0</h2>
<ul>
<li>Rename and align config inputs by <a
href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/303">docker/setup-buildx-action#303</a>
<ul>
<li><code>config</code> to <code>buildkitd-config</code></li>
<li><code>config-inline</code> to
<code>buildkitd-config-inline</code></li>
</ul>
</li>
<li>Bump <code>@docker/actions-toolkit</code> from 0.17.0 to 0.19.0 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/302">docker/setup-buildx-action#302</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/306">docker/setup-buildx-action#306</a></li>
</ul>
<blockquote>
<p>[!NOTE]
<code>config</code> and <code>config-inline</code> input names are
deprecated and will be removed in next major release.</p>
</blockquote>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.1.0...v3.2.0">https://github.com/docker/setup-buildx-action/compare/v3.1.0...v3.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2b51285047"><code>2b51285</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/306">#306</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="0f00370563"><code>0f00370</code></a>
chore: update generated content</li>
<li><a
href="11c9683db9"><code>11c9683</code></a>
build(deps): bump <code>@docker/actions-toolkit</code> from 0.18.0 to
0.19.0</li>
<li><a
href="56a16b8f2a"><code>56a16b8</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/303">#303</a>
from crazy-max/fix-inputs</li>
<li><a
href="c23f46eb91"><code>c23f46e</code></a>
chore: update generated content</li>
<li><a
href="f876da6242"><code>f876da6</code></a>
rename and align config inputs</li>
<li><a
href="b7cf918227"><code>b7cf918</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/304">#304</a>
from crazy-max/rm-docs-dir</li>
<li><a
href="0150f0ed7a"><code>0150f0e</code></a>
chore: remove docs dir</li>
<li><a
href="d89f1f9116"><code>d89f1f9</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/302">#302</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="12d65f6595"><code>12d65f6</code></a>
chore: update generated content</li>
<li>Additional commits viewable in <a
href="0d103c3126...2b51285047">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.8 to 0.15.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.9</h2>
<h2>Changes in v0.15.9</h2>
<ul>
<li>reduce syft debug level (<a
href="https://redirect.github.com/anchore/sbom-action/issues/446">#446</a>)
[<a href="https://github.com/kzantow">kzantow</a>]</li>
<li>update Syft to v0.105.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/442">#442</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9fece9e200"><code>9fece9e</code></a>
fix: reduce syft debug level (<a
href="https://redirect.github.com/anchore/sbom-action/issues/446">#446</a>)</li>
<li><a
href="f3355df2cc"><code>f3355df</code></a>
chore(deps): update Syft to v0.105.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/442">#442</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.8...v0.15.9">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[withfig/push-to-fig-autocomplete-action](https://github.com/withfig/push-to-fig-autocomplete-action)
from 1 to 2.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8cdbba836a"><code>8cdbba8</code></a>
Update dependencies and release 2.0.0 (<a
href="https://redirect.github.com/withfig/push-to-fig-autocomplete-action/issues/120">#120</a>)</li>
<li>See full diff in <a
href="https://github.com/withfig/push-to-fig-autocomplete-action/compare/v1...v2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[cachix/install-nix-action](https://github.com/cachix/install-nix-action)
from 25 to 26.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cachix/install-nix-action/releases">cachix/install-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>v26</h2>
<p>Bump to Nix 2.20.5 to address CVE-2024-27297 /
GHSA-2ffj-w4mj-pg37.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8887e596b4"><code>8887e59</code></a>
Nix: 2.20.5</li>
<li><a
href="39a075cc21"><code>39a075c</code></a>
bump</li>
<li>See full diff in <a
href="https://github.com/cachix/install-nix-action/compare/v25...v26">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/cache](https://github.com/actions/cache) from 4.0.0 to
4.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README.md by <a
href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1304">actions/cache#1304</a></li>
<li>Update examples by <a
href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1305">actions/cache#1305</a></li>
<li>Update actions/cache publish flow by <a
href="https://github.com/bethanyj28"><code>@bethanyj28</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1340">actions/cache#1340</a></li>
<li>Update <code>@actions/cache</code> by <a
href="https://github.com/bethanyj28"><code>@bethanyj28</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1341">actions/cache#1341</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1304">actions/cache#1304</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4...v4.0.1">https://github.com/actions/cache/compare/v4...v4.0.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.0.1</h3>
<ul>
<li>Updated <code>isGhes</code> check</li>
</ul>
<h3>4.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -> node
20</li>
</ul>
<h3>3.3.3</h3>
<ul>
<li>Updates <code>@actions/cache</code> to v3.2.3 to fix accidental
mutated path arguments to <code>getCacheVersion</code> <a
href="https://redirect.github.com/actions/toolkit/pull/1378">actions/toolkit#1378</a></li>
<li>Additional audit fixes of npm package(s)</li>
</ul>
<h3>3.3.2</h3>
<ul>
<li>Fixes bug with Azure SDK causing blob downloads to get stuck.</li>
</ul>
<h3>3.3.1</h3>
<ul>
<li>Reduced segment size to 128MB and segment timeout to 10 minutes to
fail fast in case the cache download is stuck.</li>
</ul>
<h3>3.3.0</h3>
<ul>
<li>Added option to lookup cache without downloading it.</li>
</ul>
<h3>3.2.6</h3>
<ul>
<li>Fix zstd not being used after zstd version upgrade to 1.5.4 on
hosted runners.</li>
</ul>
<h3>3.2.5</h3>
<ul>
<li>Added fix to prevent from setting MYSYS environment variable
globally.</li>
</ul>
<h3>3.2.4</h3>
<ul>
<li>Added option to fail job on cache miss.</li>
</ul>
<h3>3.2.3</h3>
<ul>
<li>Support cross os caching on Windows as an opt-in feature.</li>
<li>Fix issue with symlink restoration on Windows for cross-os
caches.</li>
</ul>
<h3>3.2.2</h3>
<ul>
<li>Reverted the changes made in 3.2.1 to use gnu tar and zstd by
default on windows.</li>
</ul>
<h3>3.2.1</h3>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ab5e6d0c87"><code>ab5e6d0</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1341">#1341</a>
from bethanyj28/main</li>
<li><a
href="89c7d86c71"><code>89c7d86</code></a>
licensed cache</li>
<li><a
href="d2c84da363"><code>d2c84da</code></a>
update <code>@actions/cache</code></li>
<li><a
href="37e7d4eb16"><code>37e7d4e</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1340">#1340</a>
from actions/bethanyj28/update-publish-flow</li>
<li><a
href="a18323f504"><code>a18323f</code></a>
add release action</li>
<li><a
href="a2ed59d39b"><code>a2ed59d</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1305">#1305</a>
from actions/yacaovsnc/update_examples</li>
<li><a
href="dc88ab52d7"><code>dc88ab5</code></a>
Update examples</li>
<li><a
href="1d78355196"><code>1d78355</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1304">#1304</a>
from actions/yacaovsnc/update_readme</li>
<li><a
href="c36458f13b"><code>c36458f</code></a>
Update README.md</li>
<li>See full diff in <a
href="13aacd865c...ab5e6d0c87">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
The PR fixes lint issues, pins `golangci-lint` to `v1.56.2`, disables
`only-new-issues`, and enables `fail-on-issues` in the lint workflow.
After this, all new lint issues will fail CI.
The full log of fixed lint issues:
```sh
❯ golangci-lint run
cmd/docs.go:24:14: unused-parameter: parameter 'cmd' seems to be unused, consider removing or renaming it as _ (revive)
RunE: func(cmd *cobra.Command, args []string) error {
^
cmd/man.go:26:14: unused-parameter: parameter 'cmd' seems to be unused, consider removing or renaming it as _ (revive)
RunE: func(cmd *cobra.Command, args []string) error {
^
cmd/healthcheck.go:36:14: unused-parameter: parameter 'cmd' seems to be unused, consider removing or renaming it as _ (revive)
RunE: func(cmd *cobra.Command, args []string) error {
^
cmd/build.go:72:33: unused-parameter: parameter 'cmd' seems to be unused, consider removing or renaming it as _ (revive)
RunE: timedRunE("build", func(cmd *cobra.Command, args []string) error {
^
cmd/schema.go:29:14: unused-parameter: parameter 'cmd' seems to be unused, consider removing or renaming it as _ (revive)
RunE: func(cmd *cobra.Command, args []string) error {
^
internal/pipe/nix/nix_test.go:547:5: error-is-as: second argument to require.ErrorAs should not be *error (testifylint)
require.ErrorAs(t, err, &tt.expectDefaultErrorIs)
^
internal/pipe/nix/nix_test.go:556:5: error-is-as: second argument to require.ErrorAs should not be *error (testifylint)
require.ErrorAs(t, err, &tt.expectRunErrorIs)
^
internal/pipe/nix/nix_test.go:567:5: error-is-as: second argument to require.ErrorAs should not be *error (testifylint)
require.ErrorAs(t, err, &tt.expectPublishErrorIs)
^
internal/pipe/winget/winget_test.go:709:5: error-is-as: second argument to require.ErrorAs should not be *error (testifylint)
require.ErrorAs(t, err, &tt.expectPublishErrorIs)
^
internal/pipe/winget/winget_test.go:728:5: error-is-as: second argument to require.ErrorAs should not be *error (testifylint)
require.ErrorAs(t, err, &tt.expectPublishErrorIs)
^
internal/pipe/docker/docker_test.go:56:29: unused-parameter: parameter 'use' seems to be unused, consider removing or renaming it as _ (revive)
return func(t *testing.T, use string) {
^
internal/gio/safe_test.go:23:4: go-require: require must only be used in the goroutine running the test function (testifylint)
require.Equal(t, 1, s)
^
internal/gio/safe_test.go:24:4: go-require: require must only be used in the goroutine running the test function (testifylint)
require.NoError(t, err)
^
internal/pipe/gomod/gomod_proxy_test.go:126:3: useless-assert: asserting of the same variable (testifylint)
require.Equal(t, ctx.ModulePath, ctx.ModulePath)
^
internal/pipe/gomod/gomod_proxy_test.go:152:3: useless-assert: asserting of the same variable (testifylint)
require.Equal(t, ctx.ModulePath, ctx.ModulePath)
^
internal/pipe/gomod/gomod_proxy_test.go:178:3: useless-assert: asserting of the same variable (testifylint)
require.Equal(t, ctx.ModulePath, ctx.ModulePath)
^
internal/pipe/gomod/gomod_proxy_test.go:239:3: useless-assert: asserting of the same variable (testifylint)
require.Equal(t, ctx.ModulePath, ctx.ModulePath)
^
internal/artifact/artifact_test.go:638:46: unused-parameter: parameter 'a' seems to be unused, consider removing or renaming it as _ (revive)
require.EqualError(t, artifacts.Visit(func(a *Artifact) error {
^
internal/pipe/milestone/milestone.go:79: File is not `gofumpt`-ed (gofumpt)
internal/http/http_test.go:217:19: unused-parameter: parameter 'k' seems to be unused, consider removing or renaming it as _ (revive)
assetOpen = func(k string, a *artifact.Artifact) (*asset, error) {
^
internal/middleware/logging/logging_test.go:12:37: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
require.NoError(t, Log("foo", func(ctx *context.Context) error {
^
internal/middleware/logging/logging_test.go:16:40: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
require.NoError(t, PadLog("foo", func(ctx *context.Context) error {
^
internal/pipe/chocolatey/chocolatey_test.go:277:15: unused-parameter: parameter 'cmd' seems to be unused, consider removing or renaming it as _ (revive)
exec: func(cmd string, args ...string) ([]byte, error) {
^
internal/client/gitlab.go:325: File is not `gofumpt`-ed (gofumpt)
internal/pipe/linkedin/client_test.go:58:77: unused-parameter: parameter 'req' seems to be unused, consider removing or renaming it as _ (revive)
server := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
^
internal/middleware/errhandler/error_test.go:15:34: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
require.NoError(t, Handle(func(ctx *context.Context) error {
^
internal/middleware/errhandler/error_test.go:21:34: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
require.NoError(t, Handle(func(ctx *context.Context) error {
^
internal/middleware/errhandler/error_test.go:27:32: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
require.Error(t, Handle(func(ctx *context.Context) error {
^
internal/middleware/errhandler/error_test.go:36:37: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
require.NoError(t, memo.Wrap(func(ctx *context.Context) error {
^
internal/middleware/errhandler/error_test.go:42:37: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
require.NoError(t, memo.Wrap(func(ctx *context.Context) error {
^
internal/middleware/errhandler/error_test.go:48:37: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
require.NoError(t, memo.Wrap(func(ctx *context.Context) error {
^
internal/pipe/ko/ko.go:175:29: unused-parameter: parameter 'ctx' seems to be unused, consider removing or renaming it as _ (revive)
build.WithBaseImages(func(ctx stdctx.Context, s string) (name.Reference, build.Result, error) {
^
```
Bumps
[golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action)
from 3.7.0 to 3.7.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3cfe3a4abb"><code>3cfe3a4</code></a>
build(deps): bump <code>@actions/cache</code> from 3.2.3 to 3.2.4 (<a
href="https://redirect.github.com/golangci/golangci-lint-action/issues/963">#963</a>)</li>
<li><a
href="cbc59cf0d1"><code>cbc59cf</code></a>
build(deps-dev): bump prettier from 3.2.4 to 3.2.5 (<a
href="https://redirect.github.com/golangci/golangci-lint-action/issues/960">#960</a>)</li>
<li><a
href="459a04b021"><code>459a04b</code></a>
build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code>
from 6.19.1 to 6.20.0 ...</li>
<li><a
href="e2315b67db"><code>e2315b6</code></a>
build(deps-dev): bump <code>@typescript-eslint/parser</code> from
6.19.1 to 6.20.0 (<a
href="https://redirect.github.com/golangci/golangci-lint-action/issues/961">#961</a>)</li>
<li><a
href="d6173a45d0"><code>d6173a4</code></a>
build(deps): bump <code>@types/node</code> from 20.11.10 to 20.11.16
(<a
href="https://redirect.github.com/golangci/golangci-lint-action/issues/962">#962</a>)</li>
<li><a
href="0e8f5bf773"><code>0e8f5bf</code></a>
build(deps): bump <code>@types/node</code> from 20.11.5 to 20.11.10 (<a
href="https://redirect.github.com/golangci/golangci-lint-action/issues/958">#958</a>)</li>
<li><a
href="349d20632d"><code>349d206</code></a>
build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code>
from 6.19.0 to 6.19.1 ...</li>
<li><a
href="2221aee284"><code>2221aee</code></a>
build(deps-dev): bump <code>@typescript-eslint/parser</code> from
6.18.1 to 6.19.1 (<a
href="https://redirect.github.com/golangci/golangci-lint-action/issues/954">#954</a>)</li>
<li><a
href="3b44ae5b24"><code>3b44ae5</code></a>
build(deps-dev): bump <code>@typescript-eslint/eslint-plugin</code>
from 6.18.1 to 6.19.0 ...</li>
<li><a
href="323b871bbc"><code>323b871</code></a>
build(deps-dev): bump prettier from 3.2.2 to 3.2.4 (<a
href="https://redirect.github.com/golangci/golangci-lint-action/issues/950">#950</a>)</li>
<li>Additional commits viewable in <a
href="3a91952989...3cfe3a4abb">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [arduino/setup-task](https://github.com/arduino/setup-task) from
1.0.3 to 2.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/arduino/setup-task/releases">arduino/setup-task's
releases</a>.</em></p>
<blockquote>
<h2>2.0.0</h2>
<h2>Migration Guide</h2>
<p>The version of the <a
href="https://nodejs.org/en/about"><strong>Node.js</strong></a> runtime
used to execute the action has been updated from 16 to 20. This could be
a breaking change for certain GitHub Actions workflows.</p>
<p>If a workflow with dependency on the
<strong>arduino/setup-task</strong> action uses only <a
href="https://docs.github.com/actions/using-github-hosted-runners/about-github-hosted-runners/about-github-hosted-runners">GitHub-hosted
GitHub Actions runners</a>, no changes are required.</p>
<p>If the workflow uses a <a
href="https://docs.github.com/actions/hosting-your-own-runners/managing-self-hosted-runners/about-self-hosted-runners">self-hosted
runner</a>, the workflow run might fail after updating
<strong>arduino/setup-task</strong>:</p>
<pre lang="text"><code>Error: System.ArgumentOutOfRangeException:
Specified argument was out of the range of valid values. (Parameter
''using: node20' is not supported, use 'docker', 'node12' or 'node16'
instead.')
at
GitHub.Runner.Worker.ActionManifestManager.ConvertRuns(IExecutionContext
executionContext, TemplateContext templateContext, TemplateToken
inputsToken, String fileRelativePath, MappingToken outputs)
at GitHub.Runner.Worker.ActionManifestManager.Load(IExecutionContext
executionContext, String manifestFile)
Error: Fail to load arduino/setup-task/v2/action.yml
</code></pre>
<p>This means an older runner version that does not provide Node.js 20.x
is installed on the runner machine and you must update the runner
version.</p>
<h2>Changelog</h2>
<h4>Breaking</h4>
<ul>
<li>Update Node.js runtime for action from 16 to 20 (<a
href="https://redirect.github.com/arduino/setup-task/issues/919">#919</a>)</li>
</ul>
<h4>Enhancement</h4>
<ul>
<li><a
href="https://github.com/arduino/compile-sketches/pulls?q=merged%3A2023-01-31..2024-02-05+author%3Aapp%2Fdependabot">Various
dependency updates</a></li>
</ul>
<h2>Full Changeset</h2>
<p><a
href="https://github.com/arduino/setup-task/compare/1.0.3...2.0.0">https://github.com/arduino/setup-task/compare/1.0.3...2.0.0</a></p>
<h2>Contributors</h2>
<ul>
<li><a href="https://github.com/gdraynz"><code>@gdraynz</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b91d5d2c96"><code>b91d5d2</code></a>
update readme (<a
href="https://redirect.github.com/arduino/setup-task/issues/929">#929</a>)</li>
<li><a
href="f2514b0e1c"><code>f2514b0</code></a>
Bump node from 16 to 20 (<a
href="https://redirect.github.com/arduino/setup-task/issues/919">#919</a>)</li>
<li><a
href="2007903d11"><code>2007903</code></a>
Merge pull request <a
href="https://redirect.github.com/arduino/setup-task/issues/928">#928</a>
from arduino/dependabot/npm_and_yarn/prettier-3.2.5</li>
<li><a
href="3f2ef95f2f"><code>3f2ef95</code></a>
build(deps-dev): bump prettier from 3.2.2 to 3.2.5</li>
<li><a
href="88d658bbef"><code>88d658b</code></a>
Merge pull request <a
href="https://redirect.github.com/arduino/setup-task/issues/927">#927</a>
from arduino/dependabot/npm_and_yarn/types/node-16.18.79</li>
<li><a
href="b79a1c3f82"><code>b79a1c3</code></a>
build(deps-dev): bump <code>@types/node</code> from 16.18.78 to
16.18.79</li>
<li><a
href="5abddba872"><code>5abddba</code></a>
Merge pull request <a
href="https://redirect.github.com/arduino/setup-task/issues/926">#926</a>
from arduino/dependabot/npm_and_yarn/types/node-16.18.78</li>
<li><a
href="b3e99c0fa2"><code>b3e99c0</code></a>
build(deps-dev): bump <code>@types/node</code> from 16.18.76 to
16.18.78</li>
<li><a
href="4145542cd7"><code>4145542</code></a>
Merge pull request <a
href="https://redirect.github.com/arduino/setup-task/issues/924">#924</a>
from arduino/dependabot/npm_and_yarn/typescript-eslin...</li>
<li><a
href="10406e6d87"><code>10406e6</code></a>
build(deps-dev): bump <code>@typescript-eslint/parser</code> from
6.19.1 to 6.20.0</li>
<li>Additional commits viewable in <a
href="e26d897557...b91d5d2c96">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[codecov/codecov-action](https://github.com/codecov/codecov-action) from
3.1.5 to 3.1.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.6</h2>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v3.1.5...v3.1.6">https://github.com/codecov/codecov-action/compare/v3.1.5...v3.1.6</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ab904c41d6"><code>ab904c4</code></a>
chore(release): bump to 3.1.6</li>
<li><a
href="a8c374ae46"><code>a8c374a</code></a>
Revert "action.yml: Update to Node.js 20 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1228">#1228</a>)"</li>
<li>See full diff in <a
href="4fe8c5f003...ab904c41d6">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.6 to 0.15.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.7</h2>
<h2>Changes in v0.15.7</h2>
<ul>
<li>chore: migrate action to use node v20.11.0 (Iron) FROM node v16.x.x
(<a
href="https://redirect.github.com/anchore/sbom-action/issues/440">#440</a>)
[<a href="https://github.com/spiffcs">spiffcs</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="767b08fd88"><code>767b08f</code></a>
chore: migrate action from 16 -> 20 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/440">#440</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.6...v0.15.7">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.5 to 0.15.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.6</h2>
<h2>Changes in v0.15.6</h2>
<ul>
<li>chore(deps): update Syft to v0.102.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/438">#438</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c6aed38a43"><code>c6aed38</code></a>
chore(deps): update Syft to v0.102.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/438">#438</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.5...v0.15.6">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps
[codecov/codecov-action](https://github.com/codecov/codecov-action) from
3.1.4 to 3.1.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.5</h2>
<h2>What's Changed</h2>
<ul>
<li>action.yml: Update to Node.js 20 by <a
href="https://github.com/hallabro"><code>@hallabro</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1228">codecov/codecov-action#1228</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/hallabro"><code>@hallabro</code></a>
made their first contribution in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1228">codecov/codecov-action#1228</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/codecov/codecov-action/compare/v3.1.4...v3.1.5">https://github.com/codecov/codecov-action/compare/v3.1.4...v3.1.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4fe8c5f003"><code>4fe8c5f</code></a>
chore(release): bump to 3.1.5</li>
<li><a
href="9140fdcf54"><code>9140fdc</code></a>
action.yml: Update to Node.js 20 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1228">#1228</a>)</li>
<li>See full diff in <a
href="eaaf4bedf3...4fe8c5f003">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.4 to 0.15.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.5</h2>
<h2>Changes in v0.15.5</h2>
<ul>
<li>chore(deps): update Syft to v0.101.1 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/437">#437</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="24b0d52385"><code>24b0d52</code></a>
chore(deps): update Syft to v0.101.1 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/437">#437</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.4...v0.15.5">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/cache](https://github.com/actions/cache) from 3.3.3 to
4.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update action to node20 by <a
href="https://github.com/takost"><code>@takost</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1284">actions/cache#1284</a></li>
<li>feat: save-always flag by <a
href="https://github.com/to-s"><code>@to-s</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1242">actions/cache#1242</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/takost"><code>@takost</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1284">actions/cache#1284</a></li>
<li><a href="https://github.com/to-s"><code>@to-s</code></a> made their
first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1242">actions/cache#1242</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v4.0.0">https://github.com/actions/cache/compare/v3...v4.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>3.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -> node
16</li>
</ul>
<h3>3.0.1</h3>
<ul>
<li>Added support for caching from GHES 3.5.</li>
<li>Fixed download issue for files > 2GB during restore.</li>
</ul>
<h3>3.0.2</h3>
<ul>
<li>Added support for dynamic cache size cap on GHES.</li>
</ul>
<h3>3.0.3</h3>
<ul>
<li>Fixed avoiding empty cache save when no files are available for
caching. (<a
href="https://redirect.github.com/actions/cache/issues/624">issue</a>)</li>
</ul>
<h3>3.0.4</h3>
<ul>
<li>Fixed tar creation error while trying to create tar with path as
<code>~/</code> home folder on <code>ubuntu-latest</code>. (<a
href="https://redirect.github.com/actions/cache/issues/689">issue</a>)</li>
</ul>
<h3>3.0.5</h3>
<ul>
<li>Removed error handling by consuming actions/cache 3.0 toolkit, Now
cache server error handling will be done by toolkit. (<a
href="https://redirect.github.com/actions/cache/pull/834">PR</a>)</li>
</ul>
<h3>3.0.6</h3>
<ul>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/809">#809</a> -
zstd -d: no such file or directory error</li>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/833">#833</a> -
cache doesn't work with github workspace directory</li>
</ul>
<h3>3.0.7</h3>
<ul>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/810">#810</a> -
download stuck issue. A new timeout is introduced in the download
process to abort the download if it gets stuck and doesn't finish within
an hour.</li>
</ul>
<h3>3.0.8</h3>
<ul>
<li>Fix zstd not working for windows on gnu tar in issues <a
href="https://redirect.github.com/actions/cache/issues/888">#888</a> and
<a
href="https://redirect.github.com/actions/cache/issues/891">#891</a>.</li>
<li>Allowing users to provide a custom timeout as input for aborting
download of a cache segment using an environment variable
<code>SEGMENT_DOWNLOAD_TIMEOUT_MINS</code>. Default is 60 minutes.</li>
</ul>
<h3>3.0.9</h3>
<ul>
<li>Enhanced the warning message for cache unavailablity in case of
GHES.</li>
</ul>
<h3>3.0.10</h3>
<ul>
<li>Fix a bug with sorting inputs.</li>
<li>Update definition for restore-keys in README.md</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="13aacd865c"><code>13aacd8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1242">#1242</a>
from to-s/main</li>
<li><a
href="53b35c5439"><code>53b35c5</code></a>
Merge branch 'main' into main</li>
<li><a
href="65b8989fab"><code>65b8989</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1284">#1284</a>
from takost/update-to-node-20</li>
<li><a
href="d0be34d544"><code>d0be34d</code></a>
Fix dist</li>
<li><a
href="66cf064d47"><code>66cf064</code></a>
Merge branch 'main' into update-to-node-20</li>
<li><a
href="1326563738"><code>1326563</code></a>
Merge branch 'main' into main</li>
<li><a
href="e71876755e"><code>e718767</code></a>
Fix format</li>
<li><a
href="01229828ff"><code>0122982</code></a>
Apply workaround for earlyExit</li>
<li><a
href="3185ecfd61"><code>3185ecf</code></a>
Update "only-" actions to node20</li>
<li><a
href="25618a0a67"><code>25618a0</code></a>
Bump version</li>
<li>Additional commits viewable in <a
href="e12d46a63a...13aacd865c">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.2 to 0.15.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.3</h2>
<h2>Changes in v0.15.3</h2>
<ul>
<li>chore(deps): update Syft to v0.100.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/435">#435</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c7f031d924"><code>c7f031d</code></a>
chore(deps): update Syft to v0.100.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/435">#435</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.2...v0.15.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.15.1 to 0.15.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.15.2</h2>
<h2>Changes in v0.15.2</h2>
<ul>
<li>chore(deps): update Syft to v0.99.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/432">#432</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
<li>chore: fix github-script invocation in update-snapshots workflow (<a
href="https://redirect.github.com/anchore/sbom-action/issues/433">#433</a>)
[<a href="https://github.com/willmurphyscode">willmurphyscode</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="719133684c"><code>7191336</code></a>
chore(deps): update Syft to v0.99.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/432">#432</a>)</li>
<li><a
href="b05b28be1a"><code>b05b28b</code></a>
chore: fix github-script invocation (<a
href="https://redirect.github.com/anchore/sbom-action/issues/433">#433</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/v0.15.1...v0.15.2">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
<!--
Hi, thanks for contributing!
Please make sure you read our CONTRIBUTING guide.
Also, add tests and the respective documentation changes as well.
-->
<!-- If applied, this commit will... -->
...
<!-- Why is this change being made? -->
...
<!-- # Provide links to any relevant tickets, URLs or other resources
-->
...
---------
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Bumps
[cachix/install-nix-action](https://github.com/cachix/install-nix-action)
from 23 to 24.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/cachix/install-nix-action/releases">cachix/install-nix-action's
releases</a>.</em></p>
<blockquote>
<h2>install-nix-action-v24</h2>
<ul>
<li>Nix 2.19.1</li>
<li>enables KVM on linux</li>
<li>set <code>TMPDIR</code> to avoid potential disk space issues</li>
<li>don't use the default GitHub token for Enterprise</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7ac1ec2549"><code>7ac1ec2</code></a>
Nix 2.19.1</li>
<li><a
href="dc33a216cb"><code>dc33a21</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/200">#200</a>
from cachix/fix/196</li>
<li><a
href="2b90cd3130"><code>2b90cd3</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/202">#202</a>
from cachix/feature/kvm</li>
<li><a
href="fe19c91c6b"><code>fe19c91</code></a>
feat: enable KVM on Linux if available</li>
<li><a
href="a56e3a8089"><code>a56e3a8</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/199">#199</a>
from jalaziz/tempdir</li>
<li><a
href="81eb746179"><code>81eb746</code></a>
Update install-nix.sh</li>
<li><a
href="97a1be3c09"><code>97a1be3</code></a>
fix: don't use the default GitHub token for Enterprise</li>
<li><a
href="2cce1fd76b"><code>2cce1fd</code></a>
fix: Set TMPDIR to avoid disk space issues</li>
<li><a
href="300721fe01"><code>300721f</code></a>
Merge pull request <a
href="https://redirect.github.com/cachix/install-nix-action/issues/193">#193</a>
from cachix/dependabot/github_actions/actions/checkout-4</li>
<li><a
href="fe6788c5de"><code>fe6788c</code></a>
chore(deps): bump actions/checkout from 3 to 4</li>
<li>See full diff in <a
href="https://github.com/cachix/install-nix-action/compare/v23...v24">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [actions/github-script](https://github.com/actions/github-script)
from 7.0.0 to 7.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/github-script/releases">actions/github-script's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Avoid setting <code>baseUrl</code> to undefined when input is not
provided by <a
href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/439">actions/github-script#439</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/github-script/compare/v7.0.0...v7.0.1">https://github.com/actions/github-script/compare/v7.0.0...v7.0.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="60a0d83039"><code>60a0d83</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/github-script/issues/440">#440</a>
from actions/joshmgross/v7.0.1</li>
<li><a
href="b7fb2001b4"><code>b7fb200</code></a>
Update version to 7.0.1</li>
<li><a
href="12e22ed06b"><code>12e22ed</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/github-script/issues/439">#439</a>
from actions/joshmgross/avoid-setting-base-url</li>
<li><a
href="d319f8f5b5"><code>d319f8f</code></a>
Avoid setting <code>baseUrl</code> to undefined when input is not
provided</li>
<li>See full diff in <a
href="e69ef5462f...60a0d83039">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot]
Carlos Alexandro Becker
Oleksandr Redko