Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the github-actions group with 5 updates #30

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the github-actions group with 5 updates #30

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link

@dependabot dependabot bot commented on behalf of github Mar 11, 2024
edited
Loading

Bumps the github-actions group with 5 updates:

Package From To
azure/CLI 1 2
github/codeql-action 2 3
actions/setup-python 4 5
actions/upload-artifact 3 4
actions/stale 8 9

Updates azure/CLI from 1 to 2

Release notes

Sourced from azure/CLI's releases.

GitHub Action for Azure CLI v2

What's Changed

New Contributors

Full Changelog: Azure/cli@v1.0.9...v2

GitHub Action for Azure CLI v1.0.9

  • Set action failure on a non-Linux-based OS (#123)

GitHub Action for Azure CLI v1.0.8

  • Fix #103: Dealing with un-escaped environment variables which cause escalation of privilege (#105)

GitHub Action for Azure CLI v1.0.7

  • Upgraded action to use node 16 instead of node 12
  • Upgrade @​actions/core to ^1.10.0
  • Resolved other minor issues like Azure/cli#87 and Azure/cli#84

GitHub Action for Azure CLI v1.0.6

Resolved customer issue: Error: /bin/sh: 1: az: not found in v1.0.5 Azure/cli#62

GitHub Action for Azure CLI v1.0.5

Resolved compatibility issues between az cli version on agent and container.

[email protected]

  1. Adding support for using env. variables via GITHUB_ENV
  2. Security vulnerability fix

GitHub Action for Azure CLI v1.0.3

User-defined environment variables present in the workflow are now accessible while execution of Azure CLI script.

GitHub Action for Azure CLI v1.0.2

Default environment variables provided by GitHub are now accessible while execution of Azure CLI script. Environment variables with prefix GITHUB_* are accessible during the script execution.

GitHub Action for Azure CLI v1.0.1

GITHUB_SHA default environment variable is available to use in the script.

Changelog

Sourced from azure/CLI's changelog.

Releasing a new version

Semanting versioning is used to release different versions of the action. Following steps are to be followed :

  1. Create a new branch for every major version.
    Example, releases/v1, releases/v2.
  2. For every minor and patch release for a major version, update the corresponding release branch.
    Example, for releasing v1.1.1, update releases/v1.
  3. Create tags for every new release (major/minor/patch).
    Example,v1.0.0. , v1.0.1, v2.0.1, etc. and also have tags like v1, v2 for every major version release.
  4. On releasing minor and patch versions, update the tag of the corresponding major version.
    Example, for releasing v1.0.1, update the v1 tag to point to the ref of the current release.
    The following commands are to be run on the release\v1 branch so that it picks the latest commit and updates the v1 tag accordingly : (Ensure that you are on same commit locally as you want to release)
  • git tag -fa v1 -m "Update v1 tag"
  • git push origin v1 --force
Commits

Updates github/codeql-action from 2 to 3

Release notes

Sourced from github/codeql-action's releases.

CodeQL Bundle v2.16.4

Bundles CodeQL CLI v2.16.4

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.16.4:

CodeQL Bundle v2.16.3

Bundles CodeQL CLI v2.16.3

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.16.3:

CodeQL Bundle v2.16.2

Bundles CodeQL CLI v2.16.2

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.16.2:

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

3.24.6 - 29 Feb 2024

No user facing changes.

3.24.5 - 23 Feb 2024

  • Update default CodeQL bundle version to 2.16.3. #2156

3.24.4 - 21 Feb 2024

  • Fix an issue where an existing, but empty, /sys/fs/cgroup/cpuset.cpus file always resulted in a single-threaded run. #2151

3.24.3 - 15 Feb 2024

  • Fix an issue where the CodeQL Action would fail to load a configuration specified by the config input to the init Action. #2147

3.24.2 - 15 Feb 2024

  • Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. #2141

3.24.1 - 13 Feb 2024

  • Update default CodeQL bundle version to 2.16.2. #2124
  • The CodeQL action no longer fails if it can't write to the telemetry api endpoint. #2121

3.24.0 - 02 Feb 2024

  • CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See release notes for 3.23.0 for more details. #2106

3.23.2 - 26 Jan 2024

  • On Linux, the maximum possible value for the --threads option now respects the CPU count as specified in cgroup files to more accurately reflect the number of available cores when running in containers. #2083
  • Update default CodeQL bundle version to 2.16.1. #2096

3.23.1 - 17 Jan 2024

  • Update default CodeQL bundle version to 2.16.0. #2073
  • Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. #2079

3.23.0 - 08 Jan 2024

  • We are rolling out a feature in January 2024 that will disable Python dependency installation by default for all users. This improves the speed of analysis while having only a very minor impact on results. You can override this behavior by setting CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION=false in your workflow, however we plan to remove this ability in future versions of the CodeQL Action. #2031
  • The CodeQL Action now requires CodeQL version 2.11.6 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.22.7. #2009

3.22.12 - 22 Dec 2023

  • Update default CodeQL bundle version to 2.15.5. #2047

3.22.11 - 13 Dec 2023

... (truncated)

Commits
  • 66c3cec Update checked-in dependencies
  • 36f1104 Bump the npm group with 5 updates
  • 905ae4a Merge pull request #2163 from github/mergeback/v3.24.5-to-main-47b3d888
  • 6dab9f2 Update checked-in dependencies
  • 4d6d2bf Merge remote-tracking branch 'origin/releases/v3' into mergeback/v3.24.5-to-m...
  • 633baf8 Merge pull request #2165 from github/nickfyson/fix-3.24.5-changelog
  • See full diff in compare view

Updates actions/setup-python from 4 to 5

Release notes

Sourced from actions/setup-python's releases.

v5.0.0

What's Changed

In scope of this release, we update node version runtime from node16 to node20 (actions/setup-python#772). Besides, we update dependencies to the latest versions.

Full Changelog: actions/setup-python@v4.8.0...v5.0.0

v4.8.0

What's Changed

In scope of this release we added support for GraalPy (actions/setup-python#694). You can use this snippet to set up GraalPy:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4 
  with:
    python-version: 'graalpy-22.3' 
- run: python my_script.py

Besides, the release contains such changes as:

New Contributors

Full Changelog: actions/setup-python@v4...v4.8.0

v4.7.1

What's Changed

Full Changelog: actions/setup-python@v4...v4.7.1

v4.7.0

In scope of this release, the support for reading python version from pyproject.toml was added (actions/setup-python#669).

      - name: Setup Python
        uses: actions/setup-python@v4
</tr></table>

... (truncated)

Commits

Updates actions/upload-artifact from 3 to 4

Release notes

Sourced from actions/upload-artifact's releases.

v4.0.0

What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.

ℹ️ However, this is a major update that includes breaking changes. Artifacts created with versions v3 and below are not compatible with the v4 actions. Uploads and downloads must use the same major actions versions. There are also key differences from previous versions that may require updates to your workflows.

For more information, please see:

  1. The changelog post.
  2. The README.
  3. The migration documentation.
  4. As well as the underlying npm package, @​actions/artifact documentation.

New Contributors

Full Changelog: actions/upload-artifact@v3...v4.0.0

v3.1.3

What's Changed

Full Changelog: actions/upload-artifact@v3...v3.1.3

v3.1.2

  • Update all @actions/* NPM packages to their latest versions- #374
  • Update all dev dependencies to their most recent versions - #375

v3.1.1

  • Update actions/core package to latest version to remove set-output deprecation warning #351

v3.1.0

What's Changed

Commits
  • 5d5d22a Merge pull request #515 from actions/eggyhead/update-artifact-v2.1.1
  • f1e993d update artifact license
  • 4881bfd updating dist:
  • a30777e @​eggyhead
  • 3a80482 Merge pull request #511 from actions/robherley/migration-docs-typo
  • 9d63e3f Merge branch 'main' into robherley/migration-docs-typo
  • dfa1ab2 fix typo with v3 artifact downloads in migration guide
  • d00351b Merge pull request #509 from markmssd/patch-1
  • 707f5a7 Update limitation of 10 artifacts upload to 500
  • 26f96df Merge pull request #505 from actions/robherley/merge-artifacts
  • Additional commits viewable in compare view

Updates actions/stale from 8 to 9

Release notes

Sourced from actions/stale's releases.

v9.0.0

Breaking Changes

  1. Action is now stateful: If the action ends because of operations-per-run then the next run will start from the first unprocessed issue skipping the issues processed during the previous run(s). The state is reset when all the issues are processed. This should be considered for scheduling workflow runs.
  2. Version 9 of this action updated the runtime to Node.js 20. All scripts are now run with Node.js 20 instead of Node.js 16 and are affected by any breaking changes between Node.js 16 and 20.

What Else Changed

  1. Performance optimization that removes unnecessary API calls by @​dsame #1033 fixes #792
  2. Logs displaying current github API rate limit by @​dsame #1032 addresses #1029

For more information, please read the action documentation and its section about statefulness

New Contributors

Full Changelog: actions/stale@v8...v9.0.0

Changelog

Sourced from actions/stale's changelog.

Changelog

[7.0.0]

⚠️ Breaking change ⚠️

[6.0.1]

Update @​actions/core to v1.10.0 (#839)

[6.0.0]

⚠️ Breaking change ⚠️

Issues/PRs default close-issue-reason is now not_planned(#789)

[5.1.0]

Don't process stale issues right after they're marked stale [Add close-issue-reason option]#764#772 Various dependabot/dependency updates

4.1.0 (2021-07-14)

Features

4.0.0 (2021-07-14)

Features

Bug Fixes

  • dry-run: forbid mutations in dry-run (#500) (f1017f3), closes #499
  • logs: coloured logs (#465) (5fbbfba)
  • operations: fail fast the current batch to respect the operations limit (#474) (5f6f311), closes #466
  • label comparison: make label comparison case insensitive #517, closes #516
  • filtering comments by actor could have strange behavior: "stale" comments are now detected based on if the message is the stale message not who made the comment(#519), fixes #441, #509, #518

Breaking Changes

... (truncated)

Commits
  • 28ca103 Upgrade Node to v20 (#1110)
  • b69b346 build(deps-dev): bump @​types/node from 18.16.18 to 20.5.1 (#1079)
  • 88a6f4f build(deps-dev): bump typescript from 5.1.3 to 5.2.2 (#1083)
  • 796531a Merge pull request #1080 from akv-platform/fix-delete-cache
  • 8986f62 Don not try to delete cache if it does not exists
  • cab99b3 fix typo proceeded/processed
  • 184e7af Merge pull request #1064 from actions/dependabot/npm_and_yarn/typescript-esli...
  • 523885c chore: update eslint-plugin, parser and eslint-plugin-jest
  • 2487a1d build(deps-dev): bump @​typescript-eslint/eslint-plugin
  • 60c722e Merge pull request #1063 from actions/dependabot/npm_and_yarn/jest-29.6.2
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the github-actions group with 5 updates
436de7a 
Bumps the github-actions group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [azure/CLI](https://github.com/azure/cli) | `1` | `2` |
| [github/codeql-action](https://github.com/github/codeql-action) | `2` | `3` |
| [actions/setup-python](https://github.com/actions/setup-python) | `4` | `5` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `3` | `4` |
| [actions/stale](https://github.com/actions/stale) | `8` | `9` |


Updates `azure/CLI` from 1 to 2
- [Release notes](https://github.com/azure/cli/releases)
- [Changelog](https://github.com/Azure/cli/blob/master/ReleaseProcess.md)
- [Commits](Azure/cli@v1...v2)

Updates `github/codeql-action` from 2 to 3
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v2...v3)

Updates `actions/setup-python` from 4 to 5
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@v4...v5)

Updates `actions/upload-artifact` from 3 to 4
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v3...v4)

Updates `actions/stale` from 8 to 9
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](actions/stale@v8...v9)

---
updated-dependencies:
- dependency-name: azure/CLI
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/stale
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants