4b7388bbe3
Bump github.com/adrg/xdg from 0.4.0 to 0.5.3 ( #5456 )
...
Bumps [github.com/adrg/xdg](https://github.com/adrg/xdg ) from 0.4.0 to
0.5.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/adrg/xdg/releases ">github.com/adrg/xdg's
releases</a>.</em></p>
<blockquote>
<h2>v0.5.3</h2>
<h3>Changelog</h3>
<ul>
<li>Updated <code>xdg.SearchRuntimeFile</code> to also look in the
operating system's temporary directory for runtime files.
This covers unlikely cases in which runtime files cannot be written
relative to the base runtime directory either because it does not exist
or it is not accessible, so <code>xdg.RuntimeFile</code> suggests the
operating system's temporary directory as a suitable fallback
location.</li>
</ul>
<h3>Internal</h3>
<ul>
<li>Improved package testing.</li>
</ul>
<h2>v0.5.2</h2>
<h3>Changelog</h3>
<ul>
<li>
<p>Updated logic of <code>xdg.RuntimeFile</code>: due to the special
nature of the <code>runtime directory</code>, the function no longer
attempts to create it if it does not exist. If that's the case, the
function uses the operating system's <code>temporary directory</code> as
a fallback. The function still creates subdirectories relative to the
base runtime directory or its fallback.</p>
<p>Justification: the creation of the runtime directory is not in the
scope of this package as it has special requirements defined by the <a
href="https://specifications.freedesktop.org/basedir-spec/latest ">XDG
Base Directory Specification</a>. Relevant excerpt:</p>
<blockquote>
<p>The lifetime of the directory MUST be bound to the user being logged
in. It MUST be created when the user first logs in and if the user fully
logs out the directory MUST be removed. If the user logs in more than
once they should get pointed to the same directory, and it is mandatory
that the directory continues to exist from their first login to their
last logout on the system, and not removed in between. Files in the
directory MUST not survive reboot or a full logout/login cycle.</p>
</blockquote>
<p>Also, on <code>Linux</code>, the parent directories of the default
user runtime directory are owned by the root user so they cannot be
created by a regular user. <a
href="https://www.freedesktop.org/software/systemd/man/latest/pam_systemd.html ">pam_systemd</a>
is usually responsible for creating the runtime directory
(<code>/run/user/$UID</code>).</p>
</li>
</ul>
<h2>v0.5.1</h2>
<h3>Changelog</h3>
<ul>
<li>Added support for the non-standard <code>XDG_BIN_HOME</code> base
directory.
See <a
href="https://github.com/adrg/xdg?tab=readme-ov-file#xdg-base-directory ">XDG
base directories</a> README section for more details.</li>
<li>Added more config and data search locations on <code>macOS</code>.
<ul>
<li>Added <code>~/.config</code> at the end of the list of default
locations for <code>XDG_CONFIG_DIRS</code>.</li>
<li>Added <code>~/.local/share</code> at the end of the list of default
locations for <code>XDG_DATA_DIRS</code>.</li>
</ul>
</li>
<li>Added more application search locations on <code>Windows</code>:
<ul>
<li><code>%ProgramFiles%</code></li>
<li><code>%ProgramFiles%\Common Files</code></li>
<li><code>%LOCALAPPDATA%\Programs</code></li>
<li><code>%LOCALAPPDATA%\Programs\Common</code></li>
</ul>
</li>
</ul>
<h3>Internal</h3>
<ul>
<li>Updated <code>golang.org/x/sys</code> dependency to the latest
version.</li>
<li>Improved package testing.</li>
</ul>
<h2>v0.5.0</h2>
<h3>Changelog</h3>
<ul>
<li><code>user-dirs.dirs</code> config file is now parsed on Unix-like
operating systems (except for macOS and Plan 9).
See <a
href="https://github.com/adrg/xdg?tab=readme-ov-file#xdg-user-directories ">XDG
user directories</a> README section for more details.</li>
<li>Updated <code>golang.org/x/sys</code> dependency to the latest
version.</li>
</ul>
<h4>Internal</h4>
<ul>
<li>Moved all path related functionality in internal
<code>pathutil</code> package.</li>
<li>Added internal <code>userdirs</code> package:
<ul>
<li>Moved <code>xdg.UserDirectories</code> to
<code>userdirs.Directories</code>.</li>
<li>Added parsing functions for <code>user-dirs.dirs</code> config
file.</li>
</ul>
</li>
<li>Improved package testing.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/adrg/xdg/commit/aa865a51a1b35fd06925fd6b8604991e79e3167e "><code>aa865a5</code></a>
Merge pull request <a
href="https://redirect.github.com/adrg/xdg/issues/101 ">#101</a> from
adrg/update-search-runtime-file</li>
<li><a
href="https://github.com/adrg/xdg/commit/71a81eccf3e9ac9ebf03e8c11ca3ed60a06eac7f "><code>71a81ec</code></a>
Minor xdg.SearchRuntimeFile function documentation update</li>
<li><a
href="https://github.com/adrg/xdg/commit/88111eba52ac2a211b97194266db5207c975c266 "><code>88111eb</code></a>
Minor example update in README.md and doc.go</li>
<li><a
href="https://github.com/adrg/xdg/commit/d9f76be86d944bf2b9bdb8544952111e2533f3ad "><code>d9f76be</code></a>
Improve non-existent runtime directory test case</li>
<li><a
href="https://github.com/adrg/xdg/commit/800775a49c0a7877af5dca22104b90dc7e788cd0 "><code>800775a</code></a>
Update xdg.SearchRuntimeFile to also look in temporary directory</li>
<li><a
href="https://github.com/adrg/xdg/commit/2335a687b19a49dafb193856d64d911d33c4b3c1 "><code>2335a68</code></a>
Merge pull request <a
href="https://redirect.github.com/adrg/xdg/issues/99 ">#99</a> from
adrg/improve-runtime-file</li>
<li><a
href="https://github.com/adrg/xdg/commit/221e50698e5b31d277289e971f645299279efdd5 "><code>221e506</code></a>
Minor non-existent runtime directory test case fix on macOS</li>
<li><a
href="https://github.com/adrg/xdg/commit/9bbb6024b2e9ee213bbed1f63ae8ea6063767d5b "><code>9bbb602</code></a>
Minor error format improvement in pathutil.Create and
pathutil.Search</li>
<li><a
href="https://github.com/adrg/xdg/commit/987b3ce5c440036b799a21a633a699be91530d0a "><code>987b3ce</code></a>
Minor README.md update</li>
<li><a
href="https://github.com/adrg/xdg/commit/3c39d559725cf005c392630100f4f338b49daf24 "><code>3c39d55</code></a>
Add non-existent runtime directory test case</li>
<li>Additional commits viewable in <a
href="https://github.com/adrg/xdg/compare/v0.4.0...v0.5.3 ">compare
view</a></li>
</ul>
</details>
<br />
2026-04-01 10:58:29 +02:00
a205bb74eb
Bump github.com/adrg/xdg from 0.4.0 to 0.5.3
...
Bumps [github.com/adrg/xdg](https://github.com/adrg/xdg ) from 0.4.0 to 0.5.3.
- [Release notes](https://github.com/adrg/xdg/releases )
- [Commits](https://github.com/adrg/xdg/compare/v0.4.0...v0.5.3 )
---
updated-dependencies:
- dependency-name: github.com/adrg/xdg
dependency-version: 0.5.3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-04-01 08:19:10 +00:00
a33f83cf76
Show pull requests against branches ( #2781 )
...
- **PR Description**
If the user has `gh` installed and is logged in (`gh auth login`),
lazygit shows GitHub PR icons next to the names of branches that have an
associated PR, colored by the PR's status (green=open, red=closed,
purple=merged).
Selecting a branch and pressing `shift-G` opens the PR in the browser.
2026-04-01 10:18:01 +02:00
6c8110f028
Add some brief documentation
2026-04-01 09:13:56 +02:00
e92b04e1dc
Don't refresh pull requests when checking out a local branch
...
For esthetic reasons, checking out a branch (or other ref) blocks the UI until
the refresh is done, so it's important that the refresh doesn't do unnecessary
work. Refreshing pull requests is unnecessary (but costly, when waiting for it)
when a branch is checked out that already existed locally. However, it is
required when checking out a remote branch for the first time, so that the PR
icon appears immediately when there is one.
2026-04-01 09:13:55 +02:00
6ba46ad604
Change "Copy pull request URL to clipboard" command to use existing PR if there is one
2026-04-01 09:13:55 +02:00
a462b7c420
Add commands for opening a Github PR in the browser
...
For the branches panel we might consider unifying it with the existing `o`
command for creating a PR: it could check if there is a PR already, and open it
if so, or create a new one if not.
However, I also want the command in the local commits panel for the checked out
branch, and there's no existing "Create PR" command there; and the `o` command
opens the selected commit in the browser, so it's unrelated.
2026-04-01 09:13:55 +02:00
6145eaf939
Prompt only once per session for each repo
...
If the user hits escape in the "Select base repository for pull requests"
prompt, don't bother them again for this repo at the next refresh.
2026-04-01 09:13:55 +02:00
28affa3399
Add an optional onCancel hook for menus
2026-04-01 09:13:55 +02:00
7a0320b4ec
Call OnMenuPress(nil) when hitting esc in a menu
...
OnMenuPress can already deal with the selected item being nil, so this allows us
to add common code to it that is run when cancelling the menu.
2026-04-01 09:13:55 +02:00
2ab78ad039
Show PR information in main view, above the branch log
2026-04-01 09:13:55 +02:00
fff6003044
Cache PRs in AppState so that they appear immediately at startup
...
Co-authored-by: Stefan Haller <stefan@haller-berlin.de >
2026-04-01 09:13:55 +02:00
ca9eeebea3
Show PR icons in branches list
...
Co-authored-by: Stefan Haller <stefan@haller-berlin.de >
2026-04-01 09:13:55 +02:00
d33fa5bb05
Add pull requests to lazygit's model and refresh them
...
Co-authored-by: Stefan Haller <stefan@haller-berlin.de >
2026-04-01 09:13:55 +02:00
1c89398288
Add GitHub commands and model for fetching PR status
...
Add GitHubCommands struct with GraphQL-based PR fetching, and
GithubPullRequest model. Wire HostingService and GitHub command
structs into GitCommand.
Co-authored-by: Stefan Haller <stefan@haller-berlin.de >
2026-04-01 09:13:55 +02:00
678a2a90cb
Add cli/go-gh/v2 and cli/safeexec vendor dependencies
...
Required for authenticating with GitHub's API using the token
stored by the gh CLI.
2026-04-01 09:13:55 +02:00
4cd72b09a2
Refactor hosting service to support repo name extraction
...
Extract parseRemoteUrl helper to avoid duplication between
getRepoURLFromRemoteURL and new getRepoNameFromRemoteURL.
Add repoNameTemplate to ServiceDefinition and GetRepoName() to
HostingServiceMgr. Add GetRepoInfoFromURL for callers that need
owner/repo without a full service lookup.
2026-03-31 15:48:28 +02:00
649679c33a
Remove branch icons from Branches list
...
The only information that this carries is whether an entry is a real branch or a
detached head. Detached heads can only be at the top, and they are easy to tell
apart from the other branches by their name, so the icon is not really very
useful.
We are going to show PR icons in this column.
2026-03-31 15:48:28 +02:00
968c44b02f
Add missing entries to scopeNameMap
2026-03-31 15:48:28 +02:00
47db2c24cf
Allow turning off nerd fonts without restarting
...
Not a terribly important feature for users, probably, but it is useful for
developers when testing a new feature with or without nerd fonts; and it does go
against or policy of all configs being hot-reloadable.
Note that switching from nerd fonts version 2 to 3 is *not* supported without
restarting, but I find this less important.
2026-03-31 15:48:28 +02:00
eb351dcdeb
README.md: Update Sponsors ( #5397 )
...
Automated changes by
[create-pull-request](https://github.com/peter-evans/create-pull-request )
GitHub action
2026-03-31 13:57:17 +02:00
6bb1051292
README.md: Update Sponsors
2026-03-31 11:54:37 +00:00
09a584c575
Bump github.com/sanity-io/litter from 1.5.2 to 1.5.8 ( #5451 )
...
Bumps [github.com/sanity-io/litter](https://github.com/sanity-io/litter )
from 1.5.2 to 1.5.8.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/sanity-io/litter/commit/4fde30cab354d1dc18c21d2a1b9ac5c75600ec19 "><code>4fde30c</code></a>
fix: fixes panic on unexported field access.</li>
<li><a
href="https://github.com/sanity-io/litter/commit/61ca8aa20ab3dd224ead03cb8e89e9ba38ad5116 "><code>61ca8aa</code></a>
feat: support <code>FormatTime</code>.</li>
<li><a
href="https://github.com/sanity-io/litter/commit/3d1485f1f260405aa7f9b4f7e573c3d4809ec302 "><code>3d1485f</code></a>
chore: fix deprecations.</li>
<li><a
href="https://github.com/sanity-io/litter/commit/7e132579048ac450c3cbcd4d448efbae937017e1 "><code>7e13257</code></a>
feat: adds <code>D()</code>, a shorthand for <code>Dump()</code>.</li>
<li><a
href="https://github.com/sanity-io/litter/commit/f2ba02b77978d2fb5030483056f1939027fd1abc "><code>f2ba02b</code></a>
fix: don't cache array/slice length when traversing.</li>
<li><a
href="https://github.com/sanity-io/litter/commit/c028d3cb966dda224fc5c54dda5b246b478fe149 "><code>c028d3c</code></a>
ci: adds GitHub Actions action.</li>
<li><a
href="https://github.com/sanity-io/litter/commit/cfce9160a04515cc54f0b6fb4c0e2eb1c6edf590 "><code>cfce916</code></a>
Fix pointer resued in maps key</li>
<li><a
href="https://github.com/sanity-io/litter/commit/65e672ecd4d7f12e1e7da5ca7185ffea6cc8ac9f "><code>65e672e</code></a>
ci: removes .travis.yml, which is no longer operative</li>
<li>See full diff in <a
href="https://github.com/sanity-io/litter/compare/v1.5.2...v1.5.8 ">compare
view</a></li>
</ul>
</details>
<br />
2026-03-31 13:54:21 +02:00
9c2d120153
Bump github.com/sanity-io/litter from 1.5.2 to 1.5.8
...
Bumps [github.com/sanity-io/litter](https://github.com/sanity-io/litter ) from 1.5.2 to 1.5.8.
- [Changelog](https://github.com/sanity-io/litter/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sanity-io/litter/compare/v1.5.2...v1.5.8 )
---
updated-dependencies:
- dependency-name: github.com/sanity-io/litter
dependency-version: 1.5.8
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-03-31 11:52:04 +00:00
508d328f70
Bump github.com/stretchr/testify from 1.10.0 to 1.11.1 ( #5450 )
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify )
from 1.10.0 to 1.11.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/stretchr/testify/releases ">github.com/stretchr/testify's
releases</a>.</em></p>
<blockquote>
<h2>v1.11.1</h2>
<p>This release fixes <a
href="https://redirect.github.com/stretchr/testify/issues/1785 ">#1785</a>
introduced in v1.11.0 where expected argument values implementing the
stringer interface (<code>String() string</code>) with a method which
mutates their value, when passed to mock.Mock.On
(<code>m.On("Method", <expected>).Return()</code>) or
actual argument values passed to mock.Mock.Called may no longer match
one another where they previously did match. The behaviour prior to
v1.11.0 where the stringer is always called is restored. Future testify
releases may not call the stringer method at all in this case.</p>
<h2>What's Changed</h2>
<ul>
<li>Backport <a
href="https://redirect.github.com/stretchr/testify/issues/1786 ">#1786</a>
to release/1.11: mock: revert to pre-v1.11.0 argument matching behavior
for mutating stringers by <a
href="https://github.com/brackendawson "><code>@brackendawson</code></a>
in <a
href="https://redirect.github.com/stretchr/testify/pull/1788 ">stretchr/testify#1788</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/stretchr/testify/compare/v1.11.0...v1.11.1 ">https://github.com/stretchr/testify/compare/v1.11.0...v1.11.1 </a></p>
<h2>v1.11.0</h2>
<h2>What's Changed</h2>
<h3>Functional Changes</h3>
<p>v1.11.0 Includes a number of performance improvements.</p>
<ul>
<li>Call stack perf change for CallerInfo by <a
href="https://github.com/mikeauclair "><code>@mikeauclair</code></a> in
<a
href="https://redirect.github.com/stretchr/testify/pull/1614 ">stretchr/testify#1614</a></li>
<li>Lazily render mock diff output on successful match by <a
href="https://github.com/mikeauclair "><code>@mikeauclair</code></a> in
<a
href="https://redirect.github.com/stretchr/testify/pull/1615 ">stretchr/testify#1615</a></li>
<li>assert: check early in Eventually, EventuallyWithT, and Never by <a
href="https://github.com/cszczepaniak "><code>@cszczepaniak</code></a>
in <a
href="https://redirect.github.com/stretchr/testify/pull/1427 ">stretchr/testify#1427</a></li>
<li>assert: add IsNotType by <a
href="https://github.com/bartventer "><code>@bartventer</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1730 ">stretchr/testify#1730</a></li>
<li>assert.JSONEq: shortcut if same strings by <a
href="https://github.com/dolmen "><code>@dolmen</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1754 ">stretchr/testify#1754</a></li>
<li>assert.YAMLEq: shortcut if same strings by <a
href="https://github.com/dolmen "><code>@dolmen</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1755 ">stretchr/testify#1755</a></li>
<li>assert: faster and simpler isEmpty using reflect.Value.IsZero by <a
href="https://github.com/dolmen "><code>@dolmen</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1761 ">stretchr/testify#1761</a></li>
<li>suite: faster methods filtering (internal refactor) by <a
href="https://github.com/dolmen "><code>@dolmen</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1758 ">stretchr/testify#1758</a></li>
</ul>
<h3>Fixes</h3>
<ul>
<li>assert.ErrorAs: log target type by <a
href="https://github.com/craig65535 "><code>@craig65535</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1345 ">stretchr/testify#1345</a></li>
<li>Fix failure message formatting for Positive and Negative asserts in
<a
href="https://redirect.github.com/stretchr/testify/pull/1062 ">stretchr/testify#1062</a></li>
<li>Improve ErrorIs message when error is nil but an error was expected
by <a href="https://github.com/tsioftas "><code>@tsioftas</code></a> in
<a
href="https://redirect.github.com/stretchr/testify/pull/1681 ">stretchr/testify#1681</a></li>
<li>fix Subset/NotSubset when calling with mixed input types by <a
href="https://github.com/siliconbrain "><code>@siliconbrain</code></a>
in <a
href="https://redirect.github.com/stretchr/testify/pull/1729 ">stretchr/testify#1729</a></li>
<li>Improve ErrorAs failure message when error is nil by <a
href="https://github.com/ccoVeille "><code>@ccoVeille</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1734 ">stretchr/testify#1734</a></li>
<li>mock.AssertNumberOfCalls: improve error msg by <a
href="https://github.com/3scalation "><code>@3scalation</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1743 ">stretchr/testify#1743</a></li>
</ul>
<h3>Documentation, Build & CI</h3>
<ul>
<li>docs: Fix typo in README by <a
href="https://github.com/alexandear "><code>@alexandear</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1688 ">stretchr/testify#1688</a></li>
<li>Replace deprecated io/ioutil with io and os by <a
href="https://github.com/alexandear "><code>@alexandear</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1684 ">stretchr/testify#1684</a></li>
<li>Document consequences of calling t.FailNow() by <a
href="https://github.com/greg0ire "><code>@greg0ire</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1710 ">stretchr/testify#1710</a></li>
<li>chore: update docs for Unset <a
href="https://redirect.github.com/stretchr/testify/issues/1621 ">#1621</a>
by <a href="https://github.com/techfg "><code>@techfg</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1709 ">stretchr/testify#1709</a></li>
<li>README: apply gofmt to examples by <a
href="https://github.com/alexandear "><code>@alexandear</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1687 ">stretchr/testify#1687</a></li>
<li>refactor: use %q and %T to simplify fmt.Sprintf by <a
href="https://github.com/alexandear "><code>@alexandear</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1674 ">stretchr/testify#1674</a></li>
<li>Propose Christophe Colombier (ccoVeille) as approver by <a
href="https://github.com/brackendawson "><code>@brackendawson</code></a>
in <a
href="https://redirect.github.com/stretchr/testify/pull/1716 ">stretchr/testify#1716</a></li>
<li>Update documentation for the Error function in assert or require
package by <a
href="https://github.com/architagr "><code>@architagr</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1675 ">stretchr/testify#1675</a></li>
<li>assert: remove deprecated build constraints by <a
href="https://github.com/alexandear "><code>@alexandear</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1671 ">stretchr/testify#1671</a></li>
<li>assert: apply gofumpt to internal test suite by <a
href="https://github.com/ccoVeille "><code>@ccoVeille</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1739 ">stretchr/testify#1739</a></li>
<li>CI: fix shebang in .ci.*.sh scripts by <a
href="https://github.com/dolmen "><code>@dolmen</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1746 ">stretchr/testify#1746</a></li>
<li>assert,require: enable parallel testing on (almost) all top tests by
<a href="https://github.com/dolmen "><code>@dolmen</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1747 ">stretchr/testify#1747</a></li>
<li>suite.Passed: add one more status test report by <a
href="https://github.com/Ararsa-Derese "><code>@Ararsa-Derese</code></a>
in <a
href="https://redirect.github.com/stretchr/testify/pull/1706 ">stretchr/testify#1706</a></li>
<li>Add Helper() method in internal mocks and assert.CollectT by <a
href="https://github.com/dolmen "><code>@dolmen</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1423 ">stretchr/testify#1423</a></li>
<li>assert.Same/NotSame: improve usage of Sprintf by <a
href="https://github.com/ccoVeille "><code>@ccoVeille</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1742 ">stretchr/testify#1742</a></li>
<li>mock: enable parallel testing on internal testsuite by <a
href="https://github.com/dolmen "><code>@dolmen</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1756 ">stretchr/testify#1756</a></li>
<li>suite: cleanup use of 'testing' internals at runtime by <a
href="https://github.com/dolmen "><code>@dolmen</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1751 ">stretchr/testify#1751</a></li>
<li>assert: check test failure message for Empty and NotEmpty by <a
href="https://github.com/ccoVeille "><code>@ccoVeille</code></a> in <a
href="https://redirect.github.com/stretchr/testify/pull/1745 ">stretchr/testify#1745</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/stretchr/testify/commit/2a57335dc9cd6833daa820bc94d9b40c26a7917d "><code>2a57335</code></a>
Merge pull request <a
href="https://redirect.github.com/stretchr/testify/issues/1788 ">#1788</a>
from brackendawson/1785-backport-1.11</li>
<li><a
href="https://github.com/stretchr/testify/commit/af8c91234f184009f57ef29027b39ca89cb00100 "><code>af8c912</code></a>
Backport <a
href="https://redirect.github.com/stretchr/testify/issues/1786 ">#1786</a>
to release/1.11</li>
<li><a
href="https://github.com/stretchr/testify/commit/b7801fbf5cd58d201296d5d0e132d1849966dbd4 "><code>b7801fb</code></a>
Merge pull request <a
href="https://redirect.github.com/stretchr/testify/issues/1778 ">#1778</a>
from stretchr/dependabot/github_actions/actions/chec...</li>
<li><a
href="https://github.com/stretchr/testify/commit/69831f3b08c40d56a09d0be93e9d5ae034f1590b "><code>69831f3</code></a>
build(deps): bump actions/checkout from 4 to 5</li>
<li><a
href="https://github.com/stretchr/testify/commit/a53be35c3b0cfcd5189cffcfd75df60ea581104c "><code>a53be35</code></a>
Improve captureTestingT helper</li>
<li><a
href="https://github.com/stretchr/testify/commit/aafb604176db7e1f2c9810bc90d644291d057687 "><code>aafb604</code></a>
mock: improve formatting of error message</li>
<li><a
href="https://github.com/stretchr/testify/commit/7218e0390acd2aea3edb18574110ec2753c0aeef "><code>7218e03</code></a>
improve error msg</li>
<li><a
href="https://github.com/stretchr/testify/commit/929a2126c2702df436312656a0304580b526c6e9 "><code>929a212</code></a>
Merge pull request <a
href="https://redirect.github.com/stretchr/testify/issues/1758 ">#1758</a>
from stretchr/dolmen/suite-faster-method-filtering</li>
<li><a
href="https://github.com/stretchr/testify/commit/bc7459ec38128532ff32f23cfab4ea0b725210f2 "><code>bc7459e</code></a>
suite: faster filtering of methods (-testify.m)</li>
<li><a
href="https://github.com/stretchr/testify/commit/7d37b5c962954410bcd7a71ff3a77c79514056d1 "><code>7d37b5c</code></a>
suite: refactor methodFilter</li>
<li>Additional commits viewable in <a
href="https://github.com/stretchr/testify/compare/v1.10.0...v1.11.1 ">compare
view</a></li>
</ul>
</details>
<br />
2026-03-31 13:50:39 +02:00
5606ba6d06
Bump github.com/stretchr/testify from 1.10.0 to 1.11.1
...
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify ) from 1.10.0 to 1.11.1.
- [Release notes](https://github.com/stretchr/testify/releases )
- [Commits](https://github.com/stretchr/testify/compare/v1.10.0...v1.11.1 )
---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
dependency-version: 1.11.1
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-03-31 11:48:11 +00:00
df0ba8fce5
Bump github.com/creack/pty from 1.1.11 to 1.1.24 ( #5449 )
...
Bumps [github.com/creack/pty](https://github.com/creack/pty ) from 1.1.11
to 1.1.24.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/creack/pty/releases ">github.com/creack/pty's
releases</a>.</em></p>
<blockquote>
<h2>v1.1.24</h2>
<h2>What's Changed</h2>
<ul>
<li>add z/OS support by <a
href="https://github.com/MacMalainey "><code>@MacMalainey</code></a> in
<a
href="https://redirect.github.com/creack/pty/pull/201 ">creack/pty#201</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/MacMalainey "><code>@MacMalainey</code></a>
made their first contribution in <a
href="https://redirect.github.com/creack/pty/pull/201 ">creack/pty#201</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/creack/pty/compare/v1.1.23...v1.1.24 ">https://github.com/creack/pty/compare/v1.1.23...v1.1.24 </a></p>
<h2>v1.1.23</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgrade to go version 1.18.2 to fix multiple CVEs by <a
href="https://github.com/pinaki124 "><code>@pinaki124</code></a> in <a
href="https://redirect.github.com/creack/pty/pull/154 ">creack/pty#154</a></li>
<li>Tests cleanup by <a
href="https://github.com/creack "><code>@creack</code></a> in <a
href="https://redirect.github.com/creack/pty/pull/173 ">creack/pty#173</a></li>
<li>Revert <a
href="https://redirect.github.com/creack/pty/issues/167 ">#167</a> to
avoid race on Linux. by <a
href="https://github.com/creack "><code>@creack</code></a> in <a
href="https://redirect.github.com/creack/pty/pull/177 ">creack/pty#177</a></li>
<li>Add non-blocking notes by <a
href="https://github.com/WeidiDeng "><code>@WeidiDeng</code></a> in <a
href="https://redirect.github.com/creack/pty/pull/180 ">creack/pty#180</a></li>
<li>ztypes_openbsd_32bit_int.go: remove arch list by <a
href="https://github.com/n2vi "><code>@n2vi</code></a> in <a
href="https://redirect.github.com/creack/pty/pull/189 ">creack/pty#189</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/pinaki124 "><code>@pinaki124</code></a>
made their first contribution in <a
href="https://redirect.github.com/creack/pty/pull/154 ">creack/pty#154</a></li>
<li><a href="https://github.com/WeidiDeng "><code>@WeidiDeng</code></a>
made their first contribution in <a
href="https://redirect.github.com/creack/pty/pull/180 ">creack/pty#180</a></li>
<li><a href="https://github.com/n2vi "><code>@n2vi</code></a> made their
first contribution in <a
href="https://redirect.github.com/creack/pty/pull/189 ">creack/pty#189</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/creack/pty/compare/v1.1.20...v1.1.23 ">https://github.com/creack/pty/compare/v1.1.20...v1.1.23 </a></p>
<h2>v1.1.21</h2>
<h2>What's Changed</h2>
<ul>
<li>Tests cleanup by <a
href="https://github.com/creack "><code>@creack</code></a> in <a
href="https://redirect.github.com/creack/pty/pull/173 ">creack/pty#173</a></li>
<li>Revert <a
href="https://redirect.github.com/creack/pty/issues/167 ">#167</a> to
avoid race on Linux. by <a
href="https://github.com/creack "><code>@creack</code></a> in <a
href="https://redirect.github.com/creack/pty/pull/177 ">creack/pty#177</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/creack/pty/compare/v1.1.20...v1.1.21 ">https://github.com/creack/pty/compare/v1.1.20...v1.1.21 </a></p>
<h2>v1.1.20</h2>
<h2>What's Changed</h2>
<ul>
<li>Avoid calls to (*os.File).Fd() and operations on raw file descriptor
ints by <a href="https://github.com/sio "><code>@sio</code></a> in <a
href="https://redirect.github.com/creack/pty/pull/167 ">creack/pty#167</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/creack/pty/compare/v1.1.19...v1.1.20 ">https://github.com/creack/pty/compare/v1.1.19...v1.1.20 </a></p>
<h2>v1.1.19</h2>
<h2>What's Changed</h2>
<ul>
<li>Add some basic tests by <a
href="https://github.com/Frassle "><code>@Frassle</code></a> in <a
href="https://redirect.github.com/creack/pty/pull/145 ">creack/pty#145</a></li>
<li>Provide correct pty/tty file paths on OpenBSD by <a
href="https://github.com/4a6f656c "><code>@4a6f656c</code></a> in <a
href="https://redirect.github.com/creack/pty/pull/148 ">creack/pty#148</a></li>
<li>Add sparc support by <a
href="https://github.com/matoro "><code>@matoro</code></a> in <a
href="https://redirect.github.com/creack/pty/pull/157 ">creack/pty#157</a></li>
<li>Add support for the 32-bit PPC Linux platform by <a
href="https://github.com/samm-git "><code>@samm-git</code></a> in <a
href="https://redirect.github.com/creack/pty/pull/30 ">creack/pty#30</a></li>
<li>Use upstream compiler for linux/riscv64 and freebsd/riscv64 by <a
href="https://github.com/sio "><code>@sio</code></a> in <a
href="https://redirect.github.com/creack/pty/pull/168 ">creack/pty#168</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/4a6f656c "><code>@4a6f656c</code></a>
made their first contribution in <a
href="https://redirect.github.com/creack/pty/pull/148 ">creack/pty#148</a></li>
<li><a href="https://github.com/matoro "><code>@matoro</code></a> made
their first contribution in <a
href="https://redirect.github.com/creack/pty/pull/157 ">creack/pty#157</a></li>
<li><a href="https://github.com/samm-git "><code>@samm-git</code></a>
made their first contribution in <a
href="https://redirect.github.com/creack/pty/pull/30 ">creack/pty#30</a></li>
<li><a href="https://github.com/sio "><code>@sio</code></a> made their
first contribution in <a
href="https://redirect.github.com/creack/pty/pull/168 ">creack/pty#168</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/creack/pty/commit/edfbf75025b0ba4ee17c19f52d9b600fad80a787 "><code>edfbf75</code></a>
Merge pull request <a
href="https://redirect.github.com/creack/pty/issues/201 ">#201</a> from
MacMalainey/master</li>
<li><a
href="https://github.com/creack/pty/commit/7c00df359733d401c488a76705b51ecd4cb95af1 "><code>7c00df3</code></a>
remove x/sys dependency for zos</li>
<li><a
href="https://github.com/creack/pty/commit/13c571dda34bd85e6f7aa2e642fc13b643576a62 "><code>13c571d</code></a>
add z/OS support</li>
<li><a
href="https://github.com/creack/pty/commit/2cde18bfb702199728dd43bf10a6c15c7336da0a "><code>2cde18b</code></a>
Fix go.mod</li>
<li><a
href="https://github.com/creack/pty/commit/08e77a045af86a5b8300dc7b86e04ce71730a40c "><code>08e77a0</code></a>
Merge pull request <a
href="https://redirect.github.com/creack/pty/issues/189 ">#189</a> from
n2vi/openbsd-arch-free</li>
<li><a
href="https://github.com/creack/pty/commit/3c9ed8dffc223fcae9107ed75626f3502759df87 "><code>3c9ed8d</code></a>
ztypes_openbsd_32bit_int.go: remove arch list</li>
<li><a
href="https://github.com/creack/pty/commit/03db72c7b76cea3be0ad99244f6f8b1ae878cd73 "><code>03db72c</code></a>
Merge pull request <a
href="https://redirect.github.com/creack/pty/issues/180 ">#180</a> from
WeidiDeng/non-blocking</li>
<li><a
href="https://github.com/creack/pty/commit/f3f519ed1212ffa359249a36a223e9837e558495 "><code>f3f519e</code></a>
add notes to README.md</li>
<li><a
href="https://github.com/creack/pty/commit/2711aac0dbfa4a4bb89f069e6ad570c8025f0e73 "><code>2711aac</code></a>
using a larger timeout in test</li>
<li><a
href="https://github.com/creack/pty/commit/bb5f79cd0d3766d07833b8f0fbe53d5235f0c566 "><code>bb5f79c</code></a>
re-enable non-blocking tests</li>
<li>Additional commits viewable in <a
href="https://github.com/creack/pty/compare/v1.1.11...v1.1.24 ">compare
view</a></li>
</ul>
</details>
<br />
2026-03-31 13:47:06 +02:00
8a1f965e64
Bump github.com/creack/pty from 1.1.11 to 1.1.24
...
Bumps [github.com/creack/pty](https://github.com/creack/pty ) from 1.1.11 to 1.1.24.
- [Release notes](https://github.com/creack/pty/releases )
- [Commits](https://github.com/creack/pty/compare/v1.1.11...v1.1.24 )
---
updated-dependencies:
- dependency-name: github.com/creack/pty
dependency-version: 1.1.24
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-03-31 11:43:06 +00:00
7ab5d569c2
Bump github.com/spf13/afero from 1.9.5 to 1.15.0 ( #5448 )
...
Bumps [github.com/spf13/afero](https://github.com/spf13/afero ) from
1.9.5 to 1.15.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spf13/afero/releases ">github.com/spf13/afero's
releases</a>.</em></p>
<blockquote>
<h2>v1.15.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump golangci/golangci-lint-action from 6.5.1 to 6.5.2 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/spf13/afero/pull/479 ">spf13/afero#479</a></li>
<li>Lint by <a
href="https://github.com/sagikazarmark "><code>@sagikazarmark</code></a>
in <a
href="https://redirect.github.com/spf13/afero/pull/492 ">spf13/afero#492</a></li>
<li>build(deps): bump github/codeql-action from 2.13.4 to 3.28.15 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/spf13/afero/pull/494 ">spf13/afero#494</a></li>
<li>build(deps): bump actions/dependency-review-action from 4.5.0 to
4.6.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/spf13/afero/pull/493 ">spf13/afero#493</a></li>
<li>Bump actions/setup-go from 5.3.0 to 5.4.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/spf13/afero/pull/480 ">spf13/afero#480</a></li>
<li>build(deps): bump github/codeql-action from 3.28.15 to 3.28.16 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/spf13/afero/pull/496 ">spf13/afero#496</a></li>
<li>support aliyun oss storage with third-party link by <a
href="https://github.com/messikiller "><code>@messikiller</code></a> in
<a
href="https://redirect.github.com/spf13/afero/pull/491 ">spf13/afero#491</a></li>
<li>build(deps): bump github/codeql-action from 3.28.16 to 3.28.17 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/spf13/afero/pull/497 ">spf13/afero#497</a></li>
<li>chore: update x/test by <a
href="https://github.com/sagikazarmark "><code>@sagikazarmark</code></a>
in <a
href="https://redirect.github.com/spf13/afero/pull/502 ">spf13/afero#502</a></li>
<li>build(deps): bump actions/setup-go from 5.4.0 to 5.5.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/spf13/afero/pull/503 ">spf13/afero#503</a></li>
<li>build(deps): bump actions/dependency-review-action from 4.6.0 to
4.7.1 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/spf13/afero/pull/505 ">spf13/afero#505</a></li>
<li>build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/spf13/afero/pull/506 ">spf13/afero#506</a></li>
<li>fix(gcsfs): update object not exist check logic by <a
href="https://github.com/ahkui "><code>@ahkui</code></a> in <a
href="https://redirect.github.com/spf13/afero/pull/485 ">spf13/afero#485</a></li>
<li>build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/spf13/afero/pull/508 ">spf13/afero#508</a></li>
<li>build(deps): bump github/codeql-action from 3.28.18 to 3.29.4 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/spf13/afero/pull/519 ">spf13/afero#519</a></li>
<li>build(deps): bump github/codeql-action from 3.29.4 to 3.29.7 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/spf13/afero/pull/524 ">spf13/afero#524</a></li>
<li>build(deps): bump github/codeql-action from 3.29.7 to 3.30.1 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/spf13/afero/pull/537 ">spf13/afero#537</a></li>
<li>build(deps): bump actions/setup-go from 5.5.0 to 6.0.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/spf13/afero/pull/536 ">spf13/afero#536</a></li>
<li>build(deps): bump actions/dependency-review-action from 4.7.1 to
4.7.3 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/spf13/afero/pull/533 ">spf13/afero#533</a></li>
<li>build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/spf13/afero/pull/527 ">spf13/afero#527</a></li>
<li>chore: update deps by <a
href="https://github.com/sagikazarmark "><code>@sagikazarmark</code></a>
in <a
href="https://redirect.github.com/spf13/afero/pull/538 ">spf13/afero#538</a></li>
<li>fix: spelling errors (excpected -> expected, iself -> itself)
by <a
href="https://github.com/MarkRosemaker "><code>@MarkRosemaker</code></a>
in <a
href="https://redirect.github.com/spf13/afero/pull/523 ">spf13/afero#523</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/messikiller "><code>@messikiller</code></a>
made their first contribution in <a
href="https://redirect.github.com/spf13/afero/pull/491 ">spf13/afero#491</a></li>
<li><a href="https://github.com/ahkui "><code>@ahkui</code></a> made
their first contribution in <a
href="https://redirect.github.com/spf13/afero/pull/485 ">spf13/afero#485</a></li>
<li><a
href="https://github.com/MarkRosemaker "><code>@MarkRosemaker</code></a>
made their first contribution in <a
href="https://redirect.github.com/spf13/afero/pull/523 ">spf13/afero#523</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/spf13/afero/compare/v1.14.0...v1.15.0 ">https://github.com/spf13/afero/compare/v1.14.0...v1.15.0 </a></p>
<h2>v1.14.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Split gcsfs and sftpfs into separate modules by <a
href="https://github.com/sagikazarmark "><code>@sagikazarmark</code></a>
in <a
href="https://redirect.github.com/spf13/afero/pull/462 ">spf13/afero#462</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/spf13/afero/compare/v1.13.0...v1.14.0 ">https://github.com/spf13/afero/compare/v1.13.0...v1.14.0 </a></p>
<h2>v1.13.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump actions/setup-go from 5.2.0 to 5.3.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/spf13/afero/pull/446 ">spf13/afero#446</a></li>
<li>Bump golangci/golangci-lint-action from 6.1.1 to 6.3.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/spf13/afero/pull/451 ">spf13/afero#451</a></li>
<li>Bump golang.org/x/text from 0.21.0 to 0.22.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/spf13/afero/pull/452 ">spf13/afero#452</a></li>
<li>Bump golang.org/x/oauth2 from 0.25.0 to 0.26.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/spf13/afero/pull/453 ">spf13/afero#453</a></li>
<li>Bump golangci/golangci-lint-action from 6.3.0 to 6.3.3 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/spf13/afero/pull/459 ">spf13/afero#459</a></li>
<li>Bump golang.org/x/crypto from 0.32.0 to 0.33.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/spf13/afero/pull/455 ">spf13/afero#455</a></li>
<li>Bump golangci/golangci-lint-action from 6.3.3 to 6.5.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/spf13/afero/pull/460 ">spf13/afero#460</a></li>
<li>ci: add Go 1.24 to the test matrix by <a
href="https://github.com/sagikazarmark "><code>@sagikazarmark</code></a>
in <a
href="https://redirect.github.com/spf13/afero/pull/461 ">spf13/afero#461</a></li>
<li>Bump golangci/golangci-lint-action from 6.5.0 to 6.5.1 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/spf13/afero/pull/473 ">spf13/afero#473</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/spf13/afero/commit/399bb34ad9fd8a252ad1d8bfaef96279b66dc774 "><code>399bb34</code></a>
Merge pull request <a
href="https://redirect.github.com/spf13/afero/issues/523 ">#523</a> from
MarkRosemaker/fix-spelling</li>
<li><a
href="https://github.com/spf13/afero/commit/9b67716b675a40406678b57cefe0260699008630 "><code>9b67716</code></a>
Merge pull request <a
href="https://redirect.github.com/spf13/afero/issues/538 ">#538</a> from
spf13/deps</li>
<li><a
href="https://github.com/spf13/afero/commit/f5f4f7bd6427212efca35481b3b8c749bbf06243 "><code>f5f4f7b</code></a>
chore: update deps</li>
<li><a
href="https://github.com/spf13/afero/commit/c245c4fc3df2e427d681479553a625c5ef0e1eb8 "><code>c245c4f</code></a>
ci: update ci</li>
<li><a
href="https://github.com/spf13/afero/commit/85c49563d6385bdc0d6873937d5a28c4a5c6f5e6 "><code>85c4956</code></a>
Merge pull request <a
href="https://redirect.github.com/spf13/afero/issues/527 ">#527</a> from
spf13/dependabot/github_actions/actions/checkout...</li>
<li><a
href="https://github.com/spf13/afero/commit/41206fdfdacaad1dffaad870ded6f497ae1b803a "><code>41206fd</code></a>
build(deps): bump actions/checkout from 4.2.2 to 5.0.0</li>
<li><a
href="https://github.com/spf13/afero/commit/a583fade54a843a334e7595da81e287aa7adb63a "><code>a583fad</code></a>
Merge pull request <a
href="https://redirect.github.com/spf13/afero/issues/533 ">#533</a> from
spf13/dependabot/github_actions/actions/dependen...</li>
<li><a
href="https://github.com/spf13/afero/commit/673c03e4c1ba4512a26a91b42602f762a93647af "><code>673c03e</code></a>
Merge pull request <a
href="https://redirect.github.com/spf13/afero/issues/536 ">#536</a> from
spf13/dependabot/github_actions/actions/setup-go...</li>
<li><a
href="https://github.com/spf13/afero/commit/ac849f6a1820b81c052bf0a64e09fd10c8c7a3e0 "><code>ac849f6</code></a>
Merge pull request <a
href="https://redirect.github.com/spf13/afero/issues/537 ">#537</a> from
spf13/dependabot/github_actions/github/codeql-ac...</li>
<li><a
href="https://github.com/spf13/afero/commit/9596fe84b763fd2e18267ac455a4cedba2655194 "><code>9596fe8</code></a>
build(deps): bump github/codeql-action from 3.29.7 to 3.30.1</li>
<li>Additional commits viewable in <a
href="https://github.com/spf13/afero/compare/v1.9.5...v1.15.0 ">compare
view</a></li>
</ul>
</details>
<br />
2026-03-31 13:41:41 +02:00
40438e7b6c
Bump github.com/spf13/afero from 1.9.5 to 1.15.0
...
Bumps [github.com/spf13/afero](https://github.com/spf13/afero ) from 1.9.5 to 1.15.0.
- [Release notes](https://github.com/spf13/afero/releases )
- [Commits](https://github.com/spf13/afero/compare/v1.9.5...v1.15.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/afero
dependency-version: 1.15.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-03-31 11:37:29 +00:00
4bc6b7dd2b
Bump github.com/lucasb-eyer/go-colorful from 1.3.0 to 1.4.0 ( #5447 )
...
Bumps
[github.com/lucasb-eyer/go-colorful](https://github.com/lucasb-eyer/go-colorful )
from 1.3.0 to 1.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/lucasb-eyer/go-colorful/releases ">github.com/lucasb-eyer/go-colorful's
releases</a>.</em></p>
<blockquote>
<h2>v1.4.0</h2>
<p>This release adds support for CSS Color Level 4 wide-gamut RGB color
spaces, along with D50 XYZ helpers and a small <code>HexColor</code>
usability improvement.</p>
<h2>Added</h2>
<ul>
<li>Constructors, decomposers, and blend functions for the CSS Color
Level 4 wide-gamut RGB color spaces <code>DisplayP3</code>,
<code>A98Rgb</code>, <code>ProPhotoRgb</code>, and <code>Rec2020</code>
(<a
href="https://redirect.github.com/lucasb-eyer/go-colorful/issues/81 ">#81</a>)</li>
<li><code>XyzD50</code>, <code>Color.XyzD50</code>,
<code>D50ToD65</code>, and <code>D65ToD50</code> for working with
D50-based color spaces (<a
href="https://redirect.github.com/lucasb-eyer/go-colorful/issues/81 ">#81</a>)</li>
<li><code>HexColor</code> now implements <code>fmt.Stringer</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/lucasb-eyer/go-colorful/blob/master/CHANGELOG.md ">github.com/lucasb-eyer/go-colorful's
changelog</a>.</em></p>
<blockquote>
<h2>[1.4.0] - 2026-03-28</h2>
<h3>Added</h3>
<ul>
<li>Constructors, decomposers, and blend functions for the CSS Color
Level 4 wide-gamut RGB color spaces <code>DisplayP3</code>,
<code>A98Rgb</code>, <code>ProPhotoRgb</code>, and <code>Rec2020</code>
(<a
href="https://redirect.github.com/lucasb-eyer/go-colorful/issues/81 ">#81</a>)</li>
<li><code>XyzD50</code>, <code>Color.XyzD50</code>,
<code>D50ToD65</code>, and <code>D65ToD50</code> for working with
D50-based color spaces (<a
href="https://redirect.github.com/lucasb-eyer/go-colorful/issues/81 ">#81</a>)</li>
<li><code>HexColor</code> now implements <code>fmt.Stringer</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/lucasb-eyer/go-colorful/commit/960803eeca7760b91ead14a54fabac75e3cfa5d8 "><code>960803e</code></a>
ready for v1.4.0</li>
<li><a
href="https://github.com/lucasb-eyer/go-colorful/commit/e898165e18081defed534f8a47940a16837a657f "><code>e898165</code></a>
feat(HexColor): add fmt.Stringer interface support</li>
<li><a
href="https://github.com/lucasb-eyer/go-colorful/commit/e7e339961ba32ab663f33ffa6dc77aae290b2e37 "><code>e7e3399</code></a>
feat: add CSS Color Level 4 wide-gamut RGB color spaces and XYZ D50</li>
<li><a
href="https://github.com/lucasb-eyer/go-colorful/commit/5017032dc1360a8bc25a2a806cb20a414aaddb61 "><code>5017032</code></a>
Clarify loss of alpha-parsing in Hex in changelog.</li>
<li><a
href="https://github.com/lucasb-eyer/go-colorful/commit/f2a4dc6c488f0a3c9809ec45f0220e7e181c7b74 "><code>f2a4dc6</code></a>
Update README.md to discuss Oklab and Oklch support</li>
<li>See full diff in <a
href="https://github.com/lucasb-eyer/go-colorful/compare/v1.3.0...v1.4.0 ">compare
view</a></li>
</ul>
</details>
<br />
2026-03-31 13:35:58 +02:00
b37911eba8
Bump github.com/lucasb-eyer/go-colorful from 1.3.0 to 1.4.0
...
Bumps [github.com/lucasb-eyer/go-colorful](https://github.com/lucasb-eyer/go-colorful ) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/lucasb-eyer/go-colorful/releases )
- [Changelog](https://github.com/lucasb-eyer/go-colorful/blob/master/CHANGELOG.md )
- [Commits](https://github.com/lucasb-eyer/go-colorful/compare/v1.3.0...v1.4.0 )
---
updated-dependencies:
- dependency-name: github.com/lucasb-eyer/go-colorful
dependency-version: 1.4.0
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-03-31 11:33:58 +00:00
ec48231f52
Bump actions/upload-artifact from 6 to 7 ( #5446 )
...
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact )
from 6 to 7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases ">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.0</h2>
<h2>v7 What's new</h2>
<h3>Direct Uploads</h3>
<p>Adds support for uploading single files directly (unzipped). Callers
can set the new <code>archive</code> parameter to <code>false</code> to
skip zipping the file during upload. Right now, we only support single
files. The action will fail if the glob passed resolves to multiple
files. The <code>name</code> parameter is also ignored with this
setting. Instead, the name of the artifact will be the name of the
uploaded file.</p>
<h3>ESM</h3>
<p>To support new versions of the <code>@actions/*</code> packages,
we've upgraded the package to ESM.</p>
<h2>What's Changed</h2>
<ul>
<li>Add proxy integration test by <a
href="https://github.com/Link "><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/upload-artifact/pull/754 ">actions/upload-artifact#754</a></li>
<li>Upgrade the module to ESM and bump dependencies by <a
href="https://github.com/danwkennedy "><code>@danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/upload-artifact/pull/762 ">actions/upload-artifact#762</a></li>
<li>Support direct file uploads by <a
href="https://github.com/danwkennedy "><code>@danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/upload-artifact/pull/764 ">actions/upload-artifact#764</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Link "><code>@Link</code></a>- made
their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/754 ">actions/upload-artifact#754</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v6...v7.0.0 ">https://github.com/actions/upload-artifact/compare/v6...v7.0.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f "><code>bbbca2d</code></a>
Support direct file uploads (<a
href="https://redirect.github.com/actions/upload-artifact/issues/764 ">#764</a>)</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296 "><code>589182c</code></a>
Upgrade the module to ESM and bump dependencies (<a
href="https://redirect.github.com/actions/upload-artifact/issues/762 ">#762</a>)</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5 "><code>47309c9</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/754 ">#754</a>
from actions/Link-/add-proxy-integration-tests</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0 "><code>02a8460</code></a>
Add proxy integration test</li>
<li>See full diff in <a
href="https://github.com/actions/upload-artifact/compare/v6...v7 ">compare
view</a></li>
</ul>
</details>
<br />
2026-03-31 13:25:00 +02:00
ba386fd19c
Bump actions/upload-artifact from 6 to 7
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 6 to 7.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-version: '7'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-03-31 11:22:48 +00:00
d0e7842c15
Bump actions/download-artifact from 7 to 8 ( #5445 )
...
Bumps
[actions/download-artifact](https://github.com/actions/download-artifact )
from 7 to 8.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/download-artifact/releases ">actions/download-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v8.0.0</h2>
<h2>v8 - What's new</h2>
<blockquote>
<p>[!IMPORTANT]
actions/download-artifact@v8 has been migrated to an ESM module. This
should be transparent to the caller but forks might need to make
significant changes.</p>
</blockquote>
<blockquote>
<p>[!IMPORTANT]
Hash mismatches will now error by default. Users can override this
behavior with a setting change (see below).</p>
</blockquote>
<h3>Direct downloads</h3>
<p>To support direct uploads in <code>actions/upload-artifact</code>,
the action will no longer attempt to unzip all downloaded files.
Instead, the action checks the <code>Content-Type</code> header ahead of
unzipping and skips non-zipped files. Callers wishing to download a
zipped file as-is can also set the new <code>skip-decompress</code>
parameter to <code>true</code>.</p>
<h3>Enforced checks (breaking)</h3>
<p>A previous release introduced digest checks on the download. If a
download hash didn't match the expected hash from the server, the action
would log a warning. Callers can now configure the behavior on mismatch
with the <code>digest-mismatch</code> parameter. To be secure by
default, we are now defaulting the behavior to <code>error</code> which
will fail the workflow run.</p>
<h3>ESM</h3>
<p>To support new versions of the @actions/* packages, we've upgraded
the package to ESM.</p>
<h2>What's Changed</h2>
<ul>
<li>Don't attempt to un-zip non-zipped downloads by <a
href="https://github.com/danwkennedy "><code>@danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/download-artifact/pull/460 ">actions/download-artifact#460</a></li>
<li>Add a setting to specify what to do on hash mismatch and default it
to <code>error</code> by <a
href="https://github.com/danwkennedy "><code>@danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/download-artifact/pull/461 ">actions/download-artifact#461</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/download-artifact/compare/v7...v8.0.0 ">https://github.com/actions/download-artifact/compare/v7...v8.0.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/download-artifact/commit/3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c "><code>3e5f45b</code></a>
Add regression tests for CJK characters (<a
href="https://redirect.github.com/actions/download-artifact/issues/471 ">#471</a>)</li>
<li><a
href="https://github.com/actions/download-artifact/commit/e6d03f67377d4412c7aa56a8e2e4988e6ec479dd "><code>e6d03f6</code></a>
Add a regression test for artifact name + content-type mismatches (<a
href="https://redirect.github.com/actions/download-artifact/issues/472 ">#472</a>)</li>
<li><a
href="https://github.com/actions/download-artifact/commit/70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 "><code>70fc10c</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/461 ">#461</a>
from actions/danwkennedy/digest-mismatch-behavior</li>
<li><a
href="https://github.com/actions/download-artifact/commit/f258da9a506b755b84a09a531814700b86ccfc62 "><code>f258da9</code></a>
Add change docs</li>
<li><a
href="https://github.com/actions/download-artifact/commit/ccc058e5fbb0bb2352213eaec3491e117cbc4a5c "><code>ccc058e</code></a>
Fix linting issues</li>
<li><a
href="https://github.com/actions/download-artifact/commit/bd7976ba57ecea96e6f3df575eb922d11a12a9fd "><code>bd7976b</code></a>
Add a setting to specify what to do on hash mismatch and default it to
<code>error</code></li>
<li><a
href="https://github.com/actions/download-artifact/commit/ac21fcf45e0aaee541c0f7030558bdad38d77d6c "><code>ac21fcf</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/download-artifact/issues/460 ">#460</a>
from actions/danwkennedy/download-no-unzip</li>
<li><a
href="https://github.com/actions/download-artifact/commit/15999bff51058bc7c19b50ebbba518eaef7c26c0 "><code>15999bf</code></a>
Add note about package bumps</li>
<li><a
href="https://github.com/actions/download-artifact/commit/974686ed5098c7f9c9289ec946b9058e496a2561 "><code>974686e</code></a>
Bump the version to <code>v8</code> and add release notes</li>
<li><a
href="https://github.com/actions/download-artifact/commit/fbe48b1d2756394be4cd4358ed3bc1343b330e75 "><code>fbe48b1</code></a>
Update test names to make it clearer what they do</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/download-artifact/compare/v7...v8 ">compare
view</a></li>
</ul>
</details>
<br />
2026-03-31 13:21:52 +02:00
3804dc7ca1
Bump actions/download-artifact from 7 to 8
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 7 to 8.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](https://github.com/actions/download-artifact/compare/v7...v8 )
---
updated-dependencies:
- dependency-name: actions/download-artifact
dependency-version: '8'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-03-31 11:19:16 +00:00
0a28449b59
Bump actions/cache from 4 to 5 ( #5444 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4 to 5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases ">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<blockquote>
<p>[!IMPORTANT]
<strong><code>actions/cache@v5</code> runs on the Node.js 24 runtime and
requires a minimum Actions Runner version of
<code>2.327.1</code>.</strong></p>
<p>If you are using self-hosted runners, ensure they are updated before
upgrading.</p>
</blockquote>
<hr />
<h2>What's Changed</h2>
<ul>
<li>Upgrade to use node24 by <a
href="https://github.com/salmanmkc "><code>@salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1630 ">actions/cache#1630</a></li>
<li>Prepare v5.0.0 release by <a
href="https://github.com/salmanmkc "><code>@salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1684 ">actions/cache#1684</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.3.0...v5.0.0 ">https://github.com/actions/cache/compare/v4.3.0...v5.0.0 </a></p>
<h2>v4.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add note on runner versions by <a
href="https://github.com/GhadimiR "><code>@GhadimiR</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1642 ">actions/cache#1642</a></li>
<li>Prepare <code>v4.3.0</code> release by <a
href="https://github.com/Link "><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1655 ">actions/cache#1655</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/GhadimiR "><code>@GhadimiR</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1642 ">actions/cache#1642</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4...v4.3.0 ">https://github.com/actions/cache/compare/v4...v4.3.0 </a></p>
<h2>v4.2.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README.md by <a
href="https://github.com/nebuk89 "><code>@nebuk89</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1620 ">actions/cache#1620</a></li>
<li>Upgrade <code>@actions/cache</code> to <code>4.0.5</code> and move
<code>@protobuf-ts/plugin</code> to dev depdencies by <a
href="https://github.com/Link "><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1634 ">actions/cache#1634</a></li>
<li>Prepare release <code>4.2.4</code> by <a
href="https://github.com/Link "><code>@Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1636 ">actions/cache#1636</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/nebuk89 "><code>@nebuk89</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1620 ">actions/cache#1620</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4...v4.2.4 ">https://github.com/actions/cache/compare/v4...v4.2.4 </a></p>
<h2>v4.2.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Update to use <code>@actions/cache</code> 4.0.3 package &
prepare for new release by <a
href="https://github.com/salmanmkc "><code>@salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1577 ">actions/cache#1577</a>
(SAS tokens for cache entries are now masked in debug logs)</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/salmanmkc "><code>@salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1577 ">actions/cache#1577</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.2.2...v4.2.3 ">https://github.com/actions/cache/compare/v4.2.2...v4.2.3 </a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md ">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h2>How to prepare a release</h2>
<blockquote>
<p>[!NOTE]<br />
Relevant for maintainers with write access only.</p>
</blockquote>
<ol>
<li>Switch to a new branch from <code>main</code>.</li>
<li>Run <code>npm test</code> to ensure all tests are passing.</li>
<li>Update the version in <a
href="https://github.com/actions/cache/blob/main/package.json "><code>https://github.com/actions/cache/blob/main/package.json </code></a>.</li>
<li>Run <code>npm run build</code> to update the compiled files.</li>
<li>Update this <a
href="https://github.com/actions/cache/blob/main/RELEASES.md "><code>https://github.com/actions/cache/blob/main/RELEASES.md </code></a>
with the new version and changes in the <code>## Changelog</code>
section.</li>
<li>Run <code>licensed cache</code> to update the license report.</li>
<li>Run <code>licensed status</code> and resolve any warnings by
updating the <a
href="https://github.com/actions/cache/blob/main/.licensed.yml "><code>https://github.com/actions/cache/blob/main/.licensed.yml </code></a>
file with the exceptions.</li>
<li>Commit your changes and push your branch upstream.</li>
<li>Open a pull request against <code>main</code> and get it reviewed
and merged.</li>
<li>Draft a new release <a
href="https://github.com/actions/cache/releases ">https://github.com/actions/cache/releases </a>
use the same version number used in <code>package.json</code>
<ol>
<li>Create a new tag with the version number.</li>
<li>Auto generate release notes and update them to match the changes you
made in <code>RELEASES.md</code>.</li>
<li>Toggle the set as the latest release option.</li>
<li>Publish the release.</li>
</ol>
</li>
<li>Navigate to <a
href="https://github.com/actions/cache/actions/workflows/release-new-action-version.yml ">https://github.com/actions/cache/actions/workflows/release-new-action-version.yml </a>
<ol>
<li>There should be a workflow run queued with the same version
number.</li>
<li>Approve the run to publish the new version and update the major tags
for this action.</li>
</ol>
</li>
</ol>
<h2>Changelog</h2>
<h3>5.0.4</h3>
<ul>
<li>Bump <code>minimatch</code> to v3.1.5 (fixes ReDoS via globstar
patterns)</li>
<li>Bump <code>undici</code> to v6.24.1 (WebSocket decompression bomb
protection, header validation fixes)</li>
<li>Bump <code>fast-xml-parser</code> to v5.5.6</li>
</ul>
<h3>5.0.3</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a
href="https://github.com/actions/cache/security/dependabot/33 ">https://github.com/actions/cache/security/dependabot/33 </a>)</li>
<li>Bump <code>@actions/core</code> to v2.0.3</li>
</ul>
<h3>5.0.2</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v5.0.3 <a
href="https://redirect.github.com/actions/cache/pull/1692 ">#1692</a></li>
</ul>
<h3>5.0.1</h3>
<ul>
<li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via
<code>@actions/cache@5.0.1</code> <a
href="https://redirect.github.com/actions/cache/pull/1685 ">#1685</a></li>
</ul>
<h3>5.0.0</h3>
<blockquote>
<p>[!IMPORTANT]
<code>actions/cache@v5</code> runs on the Node.js 24 runtime and
requires a minimum Actions Runner version of <code>2.327.1</code>.</p>
</blockquote>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/cache/commit/668228422ae6a00e4ad889ee87cd7109ec5666a7 "><code>6682284</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1738 ">#1738</a>
from actions/prepare-v5.0.4</li>
<li><a
href="https://github.com/actions/cache/commit/e34039626f957d3e3e50843d15c1b20547fc90e2 "><code>e340396</code></a>
Update RELEASES</li>
<li><a
href="https://github.com/actions/cache/commit/8a671105293e81530f1af99863cdf94550aba1a6 "><code>8a67110</code></a>
Add licenses</li>
<li><a
href="https://github.com/actions/cache/commit/1865903e1b0cb750dda9bc5c58be03424cc62830 "><code>1865903</code></a>
Update dependencies & patch security vulnerabilities</li>
<li><a
href="https://github.com/actions/cache/commit/565629816435f6c0b50676926c9b05c254113c0c "><code>5656298</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1722 ">#1722</a>
from RyPeck/patch-1</li>
<li><a
href="https://github.com/actions/cache/commit/4e380d19e192ace8e86f23f32ca6fdec98a673c6 "><code>4e380d1</code></a>
Fix cache key in examples.md for bun.lock</li>
<li><a
href="https://github.com/actions/cache/commit/b7e8d49f17405cc70c1c120101943203c98d3a4b "><code>b7e8d49</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1701 ">#1701</a>
from actions/Link-/fix-proxy-integration-tests</li>
<li><a
href="https://github.com/actions/cache/commit/984a21b1cb176a0936f4edafb42be88978f93ef1 "><code>984a21b</code></a>
Add traffic sanity check step</li>
<li><a
href="https://github.com/actions/cache/commit/acf2f1f76affe1ef80eee8e56dfddd3b3e5f0fba "><code>acf2f1f</code></a>
Fix resolution</li>
<li><a
href="https://github.com/actions/cache/commit/95a07c51324af6001b4d6ab8dff29f4dfadc2531 "><code>95a07c5</code></a>
Add wait for proxy</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/cache/compare/v4...v5 ">compare
view</a></li>
</ul>
</details>
<br />
2026-03-31 13:18:21 +02:00
1f41e7d47a
Bump actions/cache from 4 to 5
...
Bumps [actions/cache](https://github.com/actions/cache ) from 4 to 5.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2026-03-31 11:16:15 +00:00
0c5b8f88e6
Allow customizing the window width/height thresholds for when to use portrait mode ( #5452 )
2026-03-31 13:10:51 +02:00
fde4bc1fb2
Allow customizing the window width/height thresholds for when to use portrait mode
2026-03-31 13:08:46 +02:00
f8fd8d04bc
Fix typo
2026-03-31 13:08:46 +02:00
ee370acb58
Add label "maintenance" to PRs created by dependabot ( #5453 )
2026-03-31 13:02:32 +02:00
ca941ffb18
Add label "maintenance" to PRs created by dependabot
2026-03-31 12:58:27 +02:00
0b995121a1
Fix dependabot config file ( #5443 )
...
And tell it to update github actions.
2026-03-31 12:16:33 +02:00
463433996e
Add dependabot config for github actions
...
Again, let's see how often these trigger and if it gets annoying.
2026-03-31 12:12:48 +02:00
bff0be8d6f
Remove the allowed_updates key
...
This isn't a valid key, and according to claude it's not possible to configure
it to get only security updates (I'm too lazy to read the docs). I suppose this
means we will now get pull requests for any updated dependencies, but maybe
that's useful; we'll see how annoying this gets.
2026-03-31 12:12:10 +02:00
82e36878bc
fix: pin 7 unpinned action(s), extract 1 inline secret to env var ( #5439 )
...
Re-submission of #5422 . Had a problem with my fork and had to delete it,
which closed the original PR. Apologies for the noise.
## Summary
This PR pins all GitHub Actions to immutable commit SHAs and extracts an
inline secret from a `run:` block into an `env:` mapping.
- Pin 7 unpinned actions to full 40-character SHAs
- Extract 1 inline secret from run block to env var
## How to verify
Review the diff, each change is mechanical and preserves workflow
behavior:
- **SHA pinning**: `action@v3` becomes `action@abc123 # v3`, original
version preserved as comment
- **Secret extraction**: `${{ secrets.* }}` in `run:` moves to `env:`
block, referenced as `"${ENV_VAR}"` in the script
- No workflow logic, triggers, or permissions are modified
I've been researching CI/CD supply chain attack vectors and submitting
fixes to affected repos. Based on that research I built a scanner called
Runner Guard and open sourced it
[here](https://github.com/Vigilant-LLC/runner-guard ) so you can scan
yourself if you want to. I'll be posting more advisories over the next
few weeks [on Twitter](https://x.com/vigilance_one ) if you want to stay
in the loop.
If you have any questions, reach out. I'll be monitoring comms.
\- Chris (dagecko)
2026-03-31 11:44:42 +02:00
82ff9495ed
Update all actions to their newest versions
2026-03-31 11:40:49 +02:00
35db80f150
fix: pin 7 unpinned action(s) to commit SHAs
2026-03-31 10:27:07 +02:00
821a2809a8
fix: extract inline secret from run block in ci.yml
2026-03-31 10:27:07 +02:00
Stefan Haller
dependabot[bot]
Jesse Duffield
github-actions[bot]
dagecko