mirror of
https://github.com/goreleaser/goreleaser.git
synced 2025-01-10 03:47:03 +02:00
2eb6f84f5c
Bumps actions/checkout from 3 to 3.0.2. Release notes Sourced from actions/checkout's releases. v3.0.2 What's Changed Add set-safe-directory input to allow customers to take control. by @TingluoHuang in actions/checkout#770 Prepare changelog for v3.0.2. by @TingluoHuang in actions/checkout#777 Full Changelog: actions/checkout@v3...v3.0.2 v3.0.1 Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory Bumped various npm package versions Changelog Sourced from actions/checkout's changelog. Changelog v3.0.2 Add input set-safe-directory v3.0.1 Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory Bumped various npm package versions v3.0.0 Update to node 16 v2.3.1 Fix default branch resolution for .wiki and when using SSH v2.3.0 Fallback to the default branch v2.2.0 Fetch all history for all tags and branches when fetch-depth=0 v2.1.1 Changes to support GHES (here and here) v2.1.0 Group output Changes to support GHES alpha release Persist core.sshCommand for submodules Add support ssh Convert submodule SSH URL to HTTPS, when not using SSH Add submodule support Follow proxy settings Fix ref for pr closed event when a pr is merged Fix issue checking detached when git less than 2.22 v2.0.0 Do not pass cred on command line Add input persist-credentials Fallback to REST API to download repo v2 (beta) Improved fetch performance ... (truncated) Commits See full diff in compare view Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase. Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: @dependabot rebase will rebase this PR @dependabot recreate will recreate this PR, overwriting any edits that have been made to it @dependabot merge will merge this PR after your CI passes on it @dependabot squash and merge will squash and merge this PR after your CI passes on it @dependabot cancel merge will cancel a previously requested merge and block automerging @dependabot reopen will reopen this PR if it is closed @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
15 lines
360 B
YAML
15 lines
360 B
YAML
name: dependency-review
|
|
on: [pull_request]
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
dependency-review:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3
|
|
- uses: actions/dependency-review-action@v2
|
|
with:
|
|
allow-licenses: BSD-2-Clause, BSD-3-Clause, MIT, Apache-2.0, MPL-2.0
|