From 4b9df0d8fe0464626ca0a27144b55588aa17f988 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 1 Oct 2023 14:19:07 +0200 Subject: [PATCH] chore(deps): bump the deps group with 7 updates (#425) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps the deps group with 7 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `2` | `4` | | [actions/setup-python](https://github.com/actions/setup-python) | `2` | `4` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `3` | `5` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `2` | `3` | | [docker/login-action](https://github.com/docker/login-action) | `2` | `3` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `4` | `5` | | [arduino/setup-protoc](https://github.com/arduino/setup-protoc) | `1` | `2` | Updates `actions/checkout` from 2 to 4
Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v3...v4.0.0

v3.6.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v3.5.3...v3.6.0

v3.5.3

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v3...v3.5.3

v3.5.2

What's Changed

Full Changelog: https://github.com/actions/checkout/compare/v3.5.1...v3.5.2

v3.5.1

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.0

v4.0.0

v3.6.0

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.0

v3.3.0

v3.2.0

v3.1.0

v3.0.2

... (truncated)

Commits

Updates `actions/setup-python` from 2 to 4
Release notes

Sourced from actions/setup-python's releases.

v4.0.0

What's Changed

Example of usage:

- uses: actions/setup-python@v4
  with:
python-version-file: '.python-version' # Read python version from a file
- run: python my_script.py

There is no default python version for this setup-python major version, the action requires to specify either python-version input or python-version-file input. If the python-version input is not specified the action will try to read required version from file from python-version-file input.

Example of usage:

- uses: actions/setup-python@v4
  with:
    python-version: 'pypy3.9' # pypy-X.Y kept for backward compatibility
- run: python my_script.py

v3.1.4

What's Changed

In the scope of this patch release, the warning for deprecating Python 2.x was added in actions/setup-python#674 by @​dmitry-shibanov

For more information, check out actions/setup-python#672

... (truncated)

Commits

Updates `peter-evans/create-pull-request` from 3 to 5
Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v5.0.0

Behaviour changes

What's new

News

:trophy: create-pull-request won an award for "awesome action" at the Open Source Awards at GitHub Universe. Thank you for your support and for making create-pull-request one of the top used actions. Please give it a :star:, or even buy me a coffee.

What's Changed

Full Changelog: https://github.com/peter-evans/create-pull-request/compare/v4.2.4...v5.0.0

Create Pull Request v4.2.4

⚙️ Patches some recent security vulnerabilities.

What's Changed

New Contributors

Full Changelog: https://github.com/peter-evans/create-pull-request/compare/v4.2.3...v4.2.4

Create Pull Request v4.2.3

What's Changed

Full Changelog: https://github.com/peter-evans/create-pull-request/compare/v4.2.2...v4.2.3

Create Pull Request v4.2.2

What's Changed

... (truncated)

Commits

Updates `docker/setup-buildx-action` from 2 to 3
Release notes

Sourced from docker/setup-buildx-action's releases.

v3.0.0

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v2.10.0...v3.0.0

v2.10.0

What's Changed

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v2.9.1...v2.10.0

v2.9.1

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v2.9.0...v2.9.1

v2.9.0

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v2.8.0...v2.9.0

v2.8.0

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v2.7.0...v2.8.0

v2.7.0

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v2.6.0...v2.7.0

v2.6.0

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v2.5.0...v2.6.0

v2.5.0

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v2.4.1...v2.5.0

v2.4.1

... (truncated)

Commits

Updates `docker/login-action` from 2 to 3
Release notes

Sourced from docker/login-action's releases.

v3.0.0

Full Changelog: https://github.com/docker/login-action/compare/v2.2.0...v3.0.0

v2.2.0

Full Changelog: https://github.com/docker/login-action/compare/v2.1.0...v2.2.0

v2.1.0

Full Changelog: https://github.com/docker/login-action/compare/v2.0.0...v2.1.0

Commits

Updates `docker/build-push-action` from 4 to 5
Release notes

Sourced from docker/build-push-action's releases.

v5.0.0

Full Changelog: https://github.com/docker/build-push-action/compare/v4.2.1...v5.0.0

v4.2.1

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

Full Changelog: https://github.com/docker/build-push-action/compare/v4.2.0...v4.2.1

v4.2.0

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

Full Changelog: https://github.com/docker/build-push-action/compare/v4.1.1...v4.2.0

v4.1.1

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

Full Changelog: https://github.com/docker/build-push-action/compare/v4.1.0...v4.1.1

v4.1.0

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

Full Changelog: https://github.com/docker/build-push-action/compare/v4.0.0...v4.1.0

Commits

Updates `arduino/setup-protoc` from 1 to 2
Release notes

Sourced from arduino/setup-protoc's releases.

v2.0.0

Changelog

Adding support for the MINOR.PATCH tag naming

Breaking

Full Changelog: https://github.com/arduino/setup-protoc/compare/v1.3.0...v2.0.0

Contributors

v1.3.0

Changelog

Enhancement

Full Changeset

https://github.com/arduino/setup-protoc/compare/v1.2.0...v1.3.0

Contributors

v1.2.0

Changelog

Enhancement

Full Changeset

https://github.com/arduino/setup-protoc/compare/v1.1.2...v1.2.0

v1.1.2

v1.1.1

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
--------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Teo Stocco --- .github/workflows/autoupdate.yml | 6 ++--- .github/workflows/nightly.yml | 16 ++++++------- .github/workflows/publish-website.yml | 4 ++-- .github/workflows/release.yml | 20 ++++++++-------- .github/workflows/tests.yml | 34 +++++++++++++-------------- dev/lock.yml | 2 +- 6 files changed, 41 insertions(+), 41 deletions(-) diff --git a/.github/workflows/autoupdate.yml b/.github/workflows/autoupdate.yml index 5e3b2cb50f..aa9982f53d 100644 --- a/.github/workflows/autoupdate.yml +++ b/.github/workflows/autoupdate.yml @@ -7,10 +7,10 @@ jobs: auto-update: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: actions/setup-python@v2 + - uses: actions/checkout@v4 + - uses: actions/setup-python@v4 - uses: browniebroke/pre-commit-autoupdate-action@main - - uses: peter-evans/create-pull-request@v3 + - uses: peter-evans/create-pull-request@v5 with: token: ${{ secrets.GITHUB_TOKEN }} branch: update/pre-commit-hooks diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 12f679f61e..17280a5ec1 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -19,14 +19,14 @@ jobs: runner: custom-macos steps: - - uses: actions/checkout@v3 - - uses: docker/setup-buildx-action@v2 - - uses: docker/login-action@v2 + - uses: actions/checkout@v4 + - uses: docker/setup-buildx-action@v3 + - uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - uses: docker/build-push-action@v4 + - uses: docker/build-push-action@v5 id: dev with: file: dev/Dockerfile @@ -38,7 +38,7 @@ jobs: mkdir -p digests/dev digest="${{ steps.dev.outputs.digest }}" touch "digests/dev/${digest#sha256:}" - - uses: docker/build-push-action@v4 + - uses: docker/build-push-action@v5 id: prd with: file: dev/Dockerfile @@ -74,8 +74,8 @@ jobs: with: name: digests path: ./digests - - uses: docker/setup-buildx-action@v2 - - uses: docker/login-action@v2 + - uses: docker/setup-buildx-action@v3 + - uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} @@ -91,7 +91,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: docker/login-action@v2 + - uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} diff --git a/.github/workflows/publish-website.yml b/.github/workflows/publish-website.yml index 03d6d32500..f2af4de1fb 100644 --- a/.github/workflows/publish-website.yml +++ b/.github/workflows/publish-website.yml @@ -13,7 +13,7 @@ jobs: changes: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: dorny/paths-filter@v2 id: filter with: @@ -29,7 +29,7 @@ jobs: if: ${{ needs.changes.outputs.website == 'true' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-python@v4 with: python-version: ${{ env.PYTHON_VERSION }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 636ad28018..91983d43a1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,7 +15,7 @@ jobs: if: github.ref_type == 'tag' steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: denoland/setup-deno@v1 with: deno-version: v${{ env.DENO_VERSION }} @@ -61,7 +61,7 @@ jobs: target: x86_64-pc-windows-msvc suffix: ".exe" steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: dsherret/rust-toolchain-file@v1 with: targets: ${{ matrix.target }} @@ -91,7 +91,7 @@ jobs: - check-bump runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: abatilo/actions-poetry@v2 with: poetry-version: ${{ env.POETRY_VERSION }} @@ -126,14 +126,14 @@ jobs: - platform: linux/arm64 runner: custom-macos steps: - - uses: actions/checkout@v3 - - uses: docker/setup-buildx-action@v2 - - uses: docker/login-action@v2 + - uses: actions/checkout@v4 + - uses: docker/setup-buildx-action@v3 + - uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - uses: docker/build-push-action@v4 + - uses: docker/build-push-action@v5 id: prd with: file: dev/Dockerfile @@ -161,8 +161,8 @@ jobs: with: name: digests path: /tmp/digests - - uses: docker/setup-buildx-action@v2 - - uses: docker/login-action@v2 + - uses: docker/setup-buildx-action@v3 + - uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} @@ -180,7 +180,7 @@ jobs: - docker runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: denoland/setup-deno@v1 with: deno-version: v${{ env.DENO_VERSION }} diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 7fc71b0989..245dfba71b 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -10,7 +10,7 @@ on: env: PYTHON_VERSION: "3.8" - PROTOC_VERSION: "3.x" + PROTOC_VERSION: "v24.x" POETRY_VERSION: "1.4.1" DENO_BINDGEN_URL: https://deno.land/x/deno_bindgen@0.8.1/cli.ts DENO_VERSION: "1.36.1" @@ -27,7 +27,7 @@ jobs: permissions: pull-requests: read steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: dorny/paths-filter@v2 id: filter with: @@ -64,14 +64,14 @@ jobs: test-pre-commit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-python@v4 with: python-version: ${{ env.PYTHON_VERSION }} - uses: pnpm/action-setup@v2.4.0 with: version: ${{ env.PNPM_VERSION }} - - uses: arduino/setup-protoc@v1 + - uses: arduino/setup-protoc@v2 with: version: ${{ env.PROTOC_VERSION }} repo-token: ${{ secrets.GITHUB_TOKEN }} @@ -94,7 +94,7 @@ jobs: if: ${{ needs.changes.outputs.website == 'true' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-python@v4 with: python-version: ${{ env.PYTHON_VERSION }} @@ -129,7 +129,7 @@ jobs: if: ${{ needs.changes.outputs.typegraph == 'true' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: actions/setup-python@v4 with: python-version: ${{ env.PYTHON_VERSION }} @@ -157,7 +157,7 @@ jobs: if: ${{ needs.changes.outputs.typegraph == 'true' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: dsherret/rust-toolchain-file@v1 - uses: Swatinem/rust-cache@v2 with: @@ -172,7 +172,7 @@ jobs: if: ${{ needs.changes.outputs.meta-cli == 'true' || needs.changes.outputs.typegraph == 'true' || needs.changes.outputs.typegate == 'true' || needs.changes.outputs.rust == 'true' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: dsherret/rust-toolchain-file@v1 - uses: Swatinem/rust-cache@v2 with: @@ -214,7 +214,7 @@ jobs: #- os: windows-latest # activate: '.venv\Scripts\activate.bat' steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: dsherret/rust-toolchain-file@v1 - uses: Swatinem/rust-cache@v2 with: @@ -283,7 +283,7 @@ jobs: env: DENO_DIR: deno-dir steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: dsherret/rust-toolchain-file@v1 - uses: Swatinem/rust-cache@v2 with: @@ -301,7 +301,7 @@ jobs: - uses: abatilo/actions-poetry@v2 with: poetry-version: ${{ env.POETRY_VERSION }} - - uses: arduino/setup-protoc@v1 + - uses: arduino/setup-protoc@v2 with: version: ${{ env.PROTOC_VERSION }} repo-token: ${{ secrets.GITHUB_TOKEN }} @@ -357,7 +357,7 @@ jobs: if: ${{ needs.changes.outputs.rust == 'true' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - uses: dsherret/rust-toolchain-file@v1 - uses: Swatinem/rust-cache@v2 with: @@ -389,22 +389,22 @@ jobs: if: ${{ needs.changes.outputs.typegate == 'true' }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 - - uses: docker/setup-buildx-action@v2 + - uses: actions/checkout@v4 + - uses: docker/setup-buildx-action@v3 - uses: scherermichael-oss/action-has-permission@master id: check with: required-permission: write env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - uses: docker/login-action@v2 + - uses: docker/login-action@v3 if: steps.check.outputs.has-permission with: registry: docker.io username: zifeo password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Build with cache (internal) - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 if: steps.check.outputs.has-permission with: file: dev/Dockerfile @@ -413,7 +413,7 @@ jobs: cache-from: type=registry,ref=docker.io/zifeo/metatype-cache:ci cache-to: type=registry,ref=docker.io/zifeo/metatype-cache:ci,mode=max - name: Build without cache (external) - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 if: "! steps.check.outputs.has-permission" with: file: dev/Dockerfile diff --git a/dev/lock.yml b/dev/lock.yml index 581bd72ea1..4711f012f5 100644 --- a/dev/lock.yml +++ b/dev/lock.yml @@ -59,7 +59,7 @@ dev: lock: PYTHON_VERSION: '3.8' POETRY_VERSION: 1.4.1 - PROTOC_VERSION: 3.x + PROTOC_VERSION: v24.x RUST_VERSION: 1.70.0 DENO_BINDGEN_URL: 'https://deno.land/x/deno_bindgen@0.8.1/cli.ts' DENO_VERSION: 1.36.1