-
Notifications
You must be signed in to change notification settings - Fork 42
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump the github-actions group across 1 directory with 10 updates #976
Open
dependabot
wants to merge
1
commit into
master
Choose a base branch
from
dependabot/github_actions/github-actions-a66c9618c0
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Open
Bump the github-actions group across 1 directory with 10 updates #976
dependabot
wants to merge
1
commit into
master
from
dependabot/github_actions/github-actions-a66c9618c0
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps the github-actions group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.9.1` | `2.10.2` | | [actions/github-script](https://github.com/actions/github-script) | `3.2.0` | `7.0.1` | | [actions/checkout](https://github.com/actions/checkout) | `4.1.7` | `4.2.2` | | [actions/setup-python](https://github.com/actions/setup-python) | `5.1.1` | `5.3.0` | | [abatilo/actions-poetry](https://github.com/abatilo/actions-poetry) | `c31426b23a8080795905ec73c9e458a2447cb2f2` | `fd0e6716a0de25ef6ade151b8b53190b0376acfd` | | [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) | `1.9.0` | `1.12.2` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.26.3` | `3.27.5` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.3.4` | `4.5.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.3.3` | `2.4.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.6` | `4.4.3` | Updates `step-security/harden-runner` from 2.9.1 to 2.10.2 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@5c7944e...0080882) Updates `actions/github-script` from 3.2.0 to 7.0.1 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@ffc2c79...60a0d83) Updates `actions/checkout` from 4.1.7 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@692973e...11bd719) Updates `actions/setup-python` from 5.1.1 to 5.3.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@39cd149...0b93645) Updates `abatilo/actions-poetry` from c31426b23a8080795905ec73c9e458a2447cb2f2 to fd0e6716a0de25ef6ade151b8b53190b0376acfd - [Release notes](https://github.com/abatilo/actions-poetry/releases) - [Changelog](https://github.com/abatilo/actions-poetry/blob/master/.releaserc) - [Commits](abatilo/actions-poetry@c31426b...fd0e671) Updates `pypa/gh-action-pypi-publish` from 1.9.0 to 1.12.2 - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](pypa/gh-action-pypi-publish@ec4db0b...15c56db) Updates `github/codeql-action` from 3.26.3 to 3.27.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@883d858...f09c1c0) Updates `actions/dependency-review-action` from 4.3.4 to 4.5.0 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@5a2ce3f...3b139cf) Updates `ossf/scorecard-action` from 2.3.3 to 2.4.0 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@dc50aa9...62b2cac) Updates `actions/upload-artifact` from 4.3.6 to 4.4.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@834a144...b4b15b8) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: abatilo/actions-poetry dependency-type: direct:production dependency-group: github-actions - dependency-name: pypa/gh-action-pypi-publish dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the github-actions group with 10 updates in the / directory:
2.9.1
2.10.2
3.2.0
7.0.1
4.1.7
4.2.2
5.1.1
5.3.0
c31426b23a8080795905ec73c9e458a2447cb2f2
fd0e6716a0de25ef6ade151b8b53190b0376acfd
1.9.0
1.12.2
3.26.3
3.27.5
4.3.4
4.5.0
2.3.3
2.4.0
4.3.6
4.4.3
Updates
step-security/harden-runner
from 2.9.1 to 2.10.2Release notes
Sourced from step-security/harden-runner's releases.
Commits
0080882
Merge pull request #476 from step-security/rc-164a3a88b
Update dist556aae6
Merge pull request #480 from h0x0er/jatin/cleanup6c39b84
chore: clean the code40401cf
Update for isdocker806ab1c
Update check for isdocker2846811
update distdf8a07c
Merge pull request #475 from h0x0er/fix-execSync30636fb
bug fixes91182cc
Merge pull request #463 from step-security/rc-14Updates
actions/github-script
from 3.2.0 to 7.0.1Release notes
Sourced from actions/github-script's releases.
... (truncated)
Commits
60a0d83
Merge pull request #440 from actions/joshmgross/v7.0.1b7fb200
Update version to 7.0.112e22ed
Merge pull request #439 from actions/joshmgross/avoid-setting-base-urld319f8f
Avoid settingbaseUrl
to undefined when input is not providede69ef54
Merge pull request #425 from actions/joshmgross/node-20ee0914b
Update licensesd6fc56f
Use@types/node
for Node 20384d6cf
Fix quotations in tests8472492
Only validate GraphQLpreviews
84903f5
Removenode-fetch
from typeUpdates
actions/checkout
from 4.1.7 to 4.2.2Release notes
Sourced from actions/checkout's releases.
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
11bd719
Prepare 4.2.2 Release (#1953)e3d2460
Expand unit test coverage (#1946)163217d
url-helper.ts
now leverages well-known environment variables. (#1941)eef6144
Prepare 4.2.1 release (#1925)6b42224
Add workflow file for publishing releases to immutable action package (#1919)de5a000
Check out other refs/* by commit if provided, fall back to ref (#1924)d632683
Prepare 4.2.0 release (#1878)6d193bf
Bump braces from 3.0.2 to 3.0.3 (#1777)db0cee9
Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1872)b684943
Add Ref and Commit outputs (#1180)Updates
actions/setup-python
from 5.1.1 to 5.3.0Release notes
Sourced from actions/setup-python's releases.
Commits
0b93645
Enhance workflows: Add macOS 13 support, upgrade publish-action, and update d...9c76e71
Bump pillow from 7.2 to 10.2.0 in /tests/data (#956)f4c5a11
ReviseisGhes
logic (#963)19dfb7b
Bump default versions to latest (#905)e9675cc
Merge pull request #943 from actions/Jcambass-patch-13226af6
Upgrade IA publish70dcb22
Merge pull request #941 from actions/Jcambass-patch-165b48c7
Create publish-immutable-actions.yml29a37be
initial commit (#938)f677139
Bump pyinstaller from 3.6 to 5.13.1 in /tests/data (#923)Updates
abatilo/actions-poetry
from c31426b23a8080795905ec73c9e458a2447cb2f2 to fd0e6716a0de25ef6ade151b8b53190b0376acfdChangelog
Sourced from abatilo/actions-poetry's changelog.
Commits
fd0e671
ci: Only auto update v3 (#80)066d6f5
ci: bump setup-python (#79)e78f54a
ci: bump node version (#78)17e9087
ci: Update test matrix (#77)2a40fbe
fix: ubuntu pipx installation by calling pip from python3 (#71)3fde3e5
Support latest main branch commit for poetry-version (#75)d79ef3c
Making nopyproject.toml
support clear (#73)7b6d33e
feat!: use pipx to isolate poetry (#63)Updates
pypa/gh-action-pypi-publish
from 1.9.0 to 1.12.2Release notes
Sourced from pypa/gh-action-pypi-publish's releases.
... (truncated)
Commits
15c56db
Merge pull request #297 from trail-of-forks/ww/bump-pypi-attestationsfe8d148
requirements: bump pypi-attestations to 0.0.151f5d4ec
Merge pull request #295 from trail-of-forks/ww/fix-sdist-collectionfec2f0c
attestations: collect *.zip sdists as wella8b73a6
Merge pull request #294 from webknjaz/bugfixes/optional-python9b4dfb0
✨ Pre-install Python if there's none0a87186
Merge pull request #293 from webknjaz/bugfixes/uncheckout-intermediate-actiondfcfeca
🧪 Use prefetched action to make trampoline0d02f37
📝💅 Update the CI/CD badge in README61da13d
Merge pull request #230 from br3ndonland/ghcrUpdates
github/codeql-action
from 3.26.3 to 3.27.5Release notes
Sourced from github/codeql-action's releases.
... (truncated)
Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
f09c1c0
Merge pull request #2616 from github/update-v3.27.5-a6c8729a567b73ea
Update changelog for v3.27.5a6c8729
Merge pull request #2614 from github/marcogario/per-platform-proxy8f3b487
Start-proxy: Fetch OS specific binarycba5fb5
Merge pull request #2613 from github/dependabot/npm_and_yarn/npm_and_yarn-018...e782c3a
Merge pull request #2612 from github/angelapwen/report-linux-runner-releasedb67881
Update checked-in dependenciesecde4d2
Bump cross-spawn from 7.0.3 to 7.0.6 in the npm_and_yarn groupe3c67a0
Merge pull request #2610 from github/dependabot/npm_and_yarn/npm-d2ca52e617f9ada54
Telemetry: report OS release for GitHub-hosted Linux runnersUpdates
actions/dependency-review-action
from 4.3.4 to 4.5.0Release notes
Sourced from actions/dependency-review-action's releases.
Commits
3b139cf
Merge pull request #851 from actions/ahmed3lmallah/prepare-for-4.5.0-released6807b6
updating generated codec89b41f
addressing lint issueseee97d8
incrementing project version9d10182
Merge pull request #827 from ebickle/fix/comment-warn-only9192be9
Merge pull request #850 from actions/ahmed3lmallah/adressing-CVE-2024-215382fc8e23
Using cross-spawn safe versionfb86db2
fix: resolve race conditions in async core.group calls0a198ab
fix: replace integer failureCount with booleanfc499fc
Merge branch 'main' into fix/comment-warn-onlyUpdates
ossf/scorecard-action
from 2.3.3 to 2.4.0Release notes
Sourced from ossf/scorecard-action's releases.