Bump the actions group across 1 directory with 8 updates #755

dependabot · 2024-04-29T17:18:52Z

Bumps the actions group with 8 updates in the / directory:

Package	From	To
actions/checkout	`4.1.1`	`4.1.4`
mikefarah/yq	`4.40.7`	`4.43.1`
softprops/action-gh-release	`0.1.15`	`2.0.4`
actions/setup-python	`5.0.0`	`5.1.0`
codecov/codecov-action	`3`	`4`
docker/setup-buildx-action	`3.0.0`	`3.3.0`
docker/login-action	`3.0.0`	`3.1.0`
docker/build-push-action	`4.1.1`	`5.3.0`

Updates actions/checkout from 4.1.1 to 4.1.4

Release notes

Sourced from actions/checkout's releases.

v4.1.4

What's Changed

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Full Changelog: actions/checkout@v4.1.3...v4.1.4

v4.1.3

What's Changed

Update actions/checkout version in update-main-version.yml by @jww3 in actions/checkout#1650

Check git version before attempting to disable sparse-checkout by @jww3 in actions/checkout#1656

Add SSH user parameter by @cory-miller in actions/checkout#1685

Full Changelog: actions/checkout@v4.1.2...v4.1.3

v4.1.2

We are investigating the following issue with this release and have rolled-back the v4 tag to point to v4.1.1

sparse-checkout is not available on git versions prior to 2.27.0 (see actions/checkout#1651)

What's Changed

Fix: Disable sparse checkout whenever sparse-checkout option is not present @dscho in actions/checkout#1598

Bump tough-cookie from 4.0.0 to 4.1.3 by @dependabot in actions/checkout#1406

Bump @babel/traverse from 7.20.5 to 7.24.0 by @dependabot in actions/checkout#1642

New Contributors

@jww3 made their first contribution in actions/checkout#1616

Full Changelog: actions/checkout@v4.1.1...v4.1.2

Changelog

Sourced from actions/checkout's changelog.

v4.1.4

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

v4.1.3

Check git version before attempting to disable sparse-checkout by @jww3 in actions/checkout#1656

Add SSH user parameter by @cory-miller in actions/checkout#1685

Update actions/checkout version in update-main-version.yml by @jww3 in actions/checkout#1650

v4.1.2

Fix: Disable sparse checkout whenever sparse-checkout option is not present @dscho in actions/checkout#1598

Commits

0ad4b8f Prep Release v4.1.4 (#1704)
43045ae Disable extensions.worktreeConfig when disabling sparse-checkout (#1692)
37b0821 Bump the minor-actions-dependencies group with 2 updates (#1693)
9839dc1 Add dependabot config (#1688)
9b4c13b Bump word-wrap from 1.2.3 to 1.2.5 (#1643)
1d96c77 Add SSH user parameter (#1685)
cd7d8d6 Check git version before attempting to disable sparse-checkout (#1656)
8410ad0 Update actions/checkout version in update-main-version.yml (#1650)
9bb5618 Prep for release of v4.1.2 (#1649)
8eb1f6a Bump @babel/traverse from 7.20.5 to 7.24.0 (#1642)
Additional commits viewable in compare view

Updates mikefarah/yq from 4.40.7 to 4.43.1

Release notes

Sourced from mikefarah/yq's releases.

v4.43.1

Added omit operator #1989 thanks @mbenson!

Can now multiply strings by numbers #1988 thanks @mbenson!

Added tostring #72

Added string interpolation #1149

Can specify parent(n) levels #1970

Fixed CSV line break issue #1974

Adding a EvaluateAll function to StringEvaluator #1966

yqlib, default to colors off when using yaml library #1964

Removed JSON output warning

Bumped dependencies

v4.42.1

Can execute yq expression files directly with shebang #1851

Added --csv-separator flag #1950

Added --properties-separator option - thanks @learnitall #1864

Added --properties-array-brackets flag for properties encoder #1933

Shell completion improvements - thanks @scop #1911

Bumped dependencies

v4.41.1

Can now comment in yq expressions! #1919

Added new CSV option to turn off auto-parsing #1947

Can now retrieve the alias names of merge anchors #1942

Fixed Toml decoding when table array defined before parent #1922

Fixing with_entries context #1925

Changelog

Sourced from mikefarah/yq's changelog.

4.43.1:

Added omit operator #1989 thanks @mbenson!

Added tostring #72

Added string interpolation #1149

Can specify parent(n) levels #1970

Can now multiply strings by numbers #1988 thanks @mbenson!

Fixed CSV line break issue #1974

Adding a EvaluateAll function to StringEvaluator #1966

yqlib, default to colors off when using yaml library #1964

Removed JSON output warning

Bumped dependencies

4.42.1:

Can execute yq expression files directly with shebang #1851

Added --csv-separator flag #1950

Added --properties-separator option - thanks @learnitall #1864

Added --properties-array-brackets flag for properties encoder #1933

Shell completion improvements - thanks @scop #1911

Bumped dependencies

4.41.1:

Can now comment in yq expressions! #1919

Fixed Toml decoding when table array defined before parent #1922

Added new CSV option to turn off auto-parsing #1947

Fixing with_entries context #1925

Can now retrieve the alias names of merge anchors #1942

Commits

c35ec75 Bumping version
fbd4c84 Remove old JSON warning
d9ef03a Bump github.com/pelletier/go-toml/v2 from 2.1.1 to 2.2.0 (#1986)
f5bfe5a omit operator (#1989)
3b85cef support string X int multiplication as jq (#1988)
76a0da3 Refactoring load op
2b2c285 Adding release notes
8a07e3d Can specify parent levels #1970
9e9cb65 Fixed CSV line break issue #1974
29056ee Bump golang from 1.22.0 to 1.22.1 (#1968)
Additional commits viewable in compare view

Updates softprops/action-gh-release from 0.1.15 to 2.0.4

Release notes

Sourced from softprops/action-gh-release's releases.

v2.0.4

Minor follow up to #417. #425

v2.0.2

Revisit approach to #384 making unresolved pattern failures opt-in #417

v2.0.1

Add support for make_latest property softprops/action-gh-release#304 via @samueljseay

Fail run if files setting contains invalid patterns softprops/action-gh-release#384 via @rpdelaney

Add support for proxy env variables (don't use node-fetch) softprops/action-gh-release#386 via @timor-raiman

Suppress confusing warning when input_files is empty softprops/action-gh-release#389 via @Drowze

v2.0.0

update actions.yml declaration to node20 to address warnings

Changelog

Sourced from softprops/action-gh-release's changelog.

2.0.4

Minor follow up to #417. #425

2.0.3

Declare make_latest as an input field in action.yml #419

2.0.2

Revisit approach to #384 making unresolved pattern failures opt-in #417

2.0.1

Add support for make_latest property #304 via @samueljseay

Fail run if files setting contains invalid patterns #384 via @rpdelaney

Add support for proxy env variables (don't use node-fetch) #386 via @timor-raiman

Suppress confusing warning when input_files is empty #389 via @Drowze

2.0.0

2.0.0!? this release corrects a disjunction between git tag versions used in the marketplace and versions list this file. Previous versions should have really been 1.*. Going forward this should be better aligned.

Upgrade action.yml declaration to node20 to address deprecations

Commits

9d7c94c build
6ffed59 followup to #417 (#425)
1ce812a package script for updating git tag
3198ee1 prep release
7ee8e06 declare an update docs for make_latest input (#419)
d99959e prep release
0e39c67 make pattern error opt in (#417)
20e085c kick off 2.0.1 release
9f5c4d3 update changelog
0bea76b Add support for make_latest property (#304)
Additional commits viewable in compare view

Updates actions/setup-python from 5.0.0 to 5.1.0

Release notes

Sourced from actions/setup-python's releases.

v5.1.0

What's Changed

Leveraging the raw API to retrieve the version-manifest, as it does not impose a rate limit and hence facilitates unrestricted consumption without the need for a token for Github Enterprise Servers by @Shegox in actions/setup-python#766.

Dependency updates by @dependabot and @HarithaVattikuti in actions/setup-python#817

Documentation changes for version in README by @basnijholt in actions/setup-python#776

Documentation changes for link in README by @ukd1 in actions/setup-python#793

Documentation changes for link in Advanced Usage by @Jamim in actions/setup-python#782

Documentation changes for avoiding rate limit issues on GHES by @priya-kinthali in actions/setup-python#835

New Contributors

@basnijholt made their first contribution in actions/setup-python#776

@ukd1 made their first contribution in actions/setup-python#793

@Jamim made their first contribution in actions/setup-python#782

@Shegox made their first contribution in actions/setup-python#766

@priya-kinthali made their first contribution in actions/setup-python#835

Full Changelog: actions/setup-python@v5.0.0...v5.1.0

Commits

See full diff in compare view

Updates codecov/codecov-action from 3 to 4

Release notes

Sourced from codecov/codecov-action's releases.

v4.0.0

v4 of the Codecov Action uses the CLI as the underlying upload. The CLI has helped to power new features including local upload, the global upload token, and new upcoming features.

Breaking Changes

The Codecov Action runs as a node20 action due to node16 deprecation. See this post from GitHub on how to migrate.

Tokenless uploading is unsupported. However, PRs made from forks to the upstream public repos will support tokenless (e.g. contributors to OS projects do not need the upstream repo's Codecov token). This doc shows instructions on how to add the Codecov token.

OS platforms have been added, though some may not be automatically detected. To see a list of platforms, see our CLI download page

Various arguments to the Action have been changed. Please be aware that the arguments match with the CLI's needs

v3 versions and below will not have access to CLI features (e.g. global upload token, ATS).

What's Changed

build(deps): bump openpgp from 5.8.0 to 5.9.0 by @dependabot in codecov/codecov-action#985

build(deps): bump actions/checkout from 3.0.0 to 3.5.3 by @dependabot in codecov/codecov-action#1000

build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 by @dependabot in codecov/codecov-action#1006

build(deps): bump tough-cookie from 4.0.0 to 4.1.3 by @dependabot in codecov/codecov-action#1013

build(deps-dev): bump word-wrap from 1.2.3 to 1.2.4 by @dependabot in codecov/codecov-action#1024

build(deps): bump node-fetch from 3.3.1 to 3.3.2 by @dependabot in codecov/codecov-action#1031

build(deps-dev): bump @types/node from 20.1.4 to 20.4.5 by @dependabot in codecov/codecov-action#1032

build(deps): bump github/codeql-action from 1.0.26 to 2.21.2 by @dependabot in codecov/codecov-action#1033

build commit,report and upload args based on codecovcli by @dana-yaish in codecov/codecov-action#943

build(deps-dev): bump @types/node from 20.4.5 to 20.5.3 by @dependabot in codecov/codecov-action#1055

build(deps): bump github/codeql-action from 2.21.2 to 2.21.4 by @dependabot in codecov/codecov-action#1051

build(deps-dev): bump @types/node from 20.5.3 to 20.5.4 by @dependabot in codecov/codecov-action#1058

chore(deps): update outdated deps by @thomasrockhu-codecov in codecov/codecov-action#1059

build(deps-dev): bump @types/node from 20.5.4 to 20.5.6 by @dependabot in codecov/codecov-action#1060

build(deps-dev): bump @typescript-eslint/parser from 6.4.1 to 6.5.0 by @dependabot in codecov/codecov-action#1065

build(deps-dev): bump @typescript-eslint/eslint-plugin from 6.4.1 to 6.5.0 by @dependabot in codecov/codecov-action#1064

build(deps): bump actions/checkout from 3.5.3 to 3.6.0 by @dependabot in codecov/codecov-action#1063

build(deps-dev): bump eslint from 8.47.0 to 8.48.0 by @dependabot in codecov/codecov-action#1061

build(deps-dev): bump @types/node from 20.5.6 to 20.5.7 by @dependabot in codecov/codecov-action#1062

build(deps): bump openpgp from 5.9.0 to 5.10.1 by @dependabot in codecov/codecov-action#1066

build(deps-dev): bump @types/node from 20.5.7 to 20.5.9 by @dependabot in codecov/codecov-action#1070

build(deps): bump github/codeql-action from 2.21.4 to 2.21.5 by @dependabot in codecov/codecov-action#1069

build(deps-dev): bump @typescript-eslint/eslint-plugin from 6.5.0 to 6.6.0 by @dependabot in codecov/codecov-action#1072

Update README.md by @thomasrockhu-codecov in codecov/codecov-action#1073

build(deps-dev): bump @typescript-eslint/parser from 6.5.0 to 6.6.0 by @dependabot in codecov/codecov-action#1071

build(deps-dev): bump @vercel/ncc from 0.36.1 to 0.38.0 by @dependabot in codecov/codecov-action#1074

build(deps): bump @actions/core from 1.10.0 to 1.10.1 by @dependabot in codecov/codecov-action#1081

build(deps-dev): bump @typescript-eslint/eslint-plugin from 6.6.0 to 6.7.0 by @dependabot in codecov/codecov-action#1080

build(deps): bump actions/checkout from 3.6.0 to 4.0.0 by @dependabot in codecov/codecov-action#1078

build(deps): bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in codecov/codecov-action#1077

build(deps-dev): bump @types/node from 20.5.9 to 20.6.0 by @dependabot in codecov/codecov-action#1075

build(deps-dev): bump @typescript-eslint/parser from 6.6.0 to 6.7.0 by @dependabot in codecov/codecov-action#1079

build(deps-dev): bump eslint from 8.48.0 to 8.49.0 by @dependabot in codecov/codecov-action#1076

use cli instead of node uploader by @dana-yaish in codecov/codecov-action#1068

chore(release): 4.0.0-beta.1 by @thomasrockhu-codecov in codecov/codecov-action#1084

not adding -n if empty to do-upload command by @dana-yaish in codecov/codecov-action#1085

4.0.0-beta.2 by @thomasrockhu-codecov in codecov/codecov-action#1086

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

4.0.0-beta.2

Fixes

#1085 not adding -n if empty to do-upload command

4.0.0-beta.1

v4 represents a move from the universal uploader to the Codecov CLI. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.

Breaking Changes

No current support for aarch64 and alpine architectures.

Tokenless uploading is unsuported

Various arguments to the Action have been removed

3.1.4

Fixes

#967 Fix typo in README.md

#971 fix: add back in working dir

#969 fix: CLI option names for uploader

Dependencies

#970 build(deps-dev): bump @types/node from 18.15.12 to 18.16.3

#979 build(deps-dev): bump @types/node from 20.1.0 to 20.1.2

#981 build(deps-dev): bump @types/node from 20.1.2 to 20.1.4

3.1.3

Fixes

#960 fix: allow for aarch64 build

Dependencies

#957 build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0

#958 build(deps): bump openpgp from 5.7.0 to 5.8.0

#959 build(deps-dev): bump @types/node from 18.15.10 to 18.15.12

3.1.2

Fixes

#718 Update README.md

#851 Remove unsupported path_to_write_report argument

#898 codeql-analysis.yml

#901 Update README to contain correct information - inputs and negate feature

#955 fix: add in all the extra arguments for uploader

Dependencies

#819 build(deps): bump openpgp from 5.4.0 to 5.5.0

#835 build(deps): bump node-fetch from 3.2.4 to 3.2.10

#840 build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4

#841 build(deps): bump @actions/core from 1.9.1 to 1.10.0

#843 build(deps): bump @actions/github from 5.0.3 to 5.1.1

#869 build(deps): bump node-fetch from 3.2.10 to 3.3.0

#872 build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0

#879 build(deps): bump decode-uri-component from 0.2.0 to 0.2.2

... (truncated)

Commits

8450866 chore(release): v4.3.0 (#1366)
e841909 build(deps): bump undici from 5.28.3 to 5.28.4 (#1361)
363a65a feat: add network params (#1365)
640b86a build(deps-dev): bump @typescript-eslint/parser from 7.5.0 to 7.6.0 (#1363)
375c033 build(deps-dev): bump @typescript-eslint/eslint-plugin from 7.5.0 to 7.6.0 (#...
d701256 build(deps): bump github/codeql-action from 3.24.9 to 3.24.10 (#1360)
0bb547a build(deps-dev): bump typescript from 5.4.3 to 5.4.4 (#1355)
55e8381 fix: automatically detect if using GitHub enterprise (#1356)
7afa10e fix: use_oidc shoudl be required false (#1353)
d820d60 feat: allow for authentication via OIDC token (#1330)
Additional commits viewable in compare view

Updates docker/setup-buildx-action from 3.0.0 to 3.3.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v3.3.0

Bump @docker/actions-toolkit from 0.19.0 to 0.20.0 by @crazy-max in docker/setup-buildx-action#307

Full Changelog: docker/setup-buildx-action@v3.2.0...v3.3.0

v3.2.0

Rename and align config inputs by @crazy-max in docker/setup-buildx-action#303

config to buildkitd-config

config-inline to buildkitd-config-inline

Bump @docker/actions-toolkit from 0.17.0 to 0.19.0 in docker/setup-buildx-action#302 docker/setup-buildx-action#306

[!NOTE] config and config-inline input names are deprecated and will be removed in next major release.

Full Changelog: docker/setup-buildx-action@v3.1.0...v3.2.0

v3.1.0

cache-binary input to enable/disable caching binary to GHA cache backend by @crazy-max in docker/setup-buildx-action#300

build(deps): bump @babel/traverse from 7.17.3 to 7.23.2 in docker/setup-buildx-action#282

build(deps): bump @docker/actions-toolkit from 0.12.0 to 0.17.0 in docker/setup-buildx-action#281 docker/setup-buildx-action#284 docker/setup-buildx-action#299

build(deps): bump uuid from 9.0.0 to 9.0.1 in docker/setup-buildx-action#271

build(deps): bump undici from 5.26.3 to 5.28.3 in docker/setup-buildx-action#297

Full Changelog: docker/setup-buildx-action@v3.0.0...v3.1.0

Commits

d70bba7 Merge pull request #307 from crazy-max/bump-toolkit
7638634 chore: update generated content
c68420f bump @docker/actions-toolkit from 0.19.0 to 0.20.0
2b51285 Merge pull request #306 from docker/dependabot/npm_and_yarn/docker/actions-to...
0f00370 chore: update generated content
11c9683 build(deps): bump @docker/actions-toolkit from 0.18.0 to 0.19.0
56a16b8 Merge pull request #303 from crazy-max/fix-inputs
c23f46e chore: update generated content
f876da6 rename and align config inputs
b7cf918 Merge pull request #304 from crazy-max/rm-docs-dir
Additional commits viewable in compare view

Updates docker/login-action from 3.0.0 to 3.1.0

Release notes

Sourced from docker/login-action's releases.

v3.1.0

build(deps): bump @babel/traverse from 7.17.3 to 7.23.2 in docker/login-action#618

build(deps): bump @docker/actions-toolkit from 0.12.0 to 0.18.0 in docker/login-action#616 docker/login-action#636 docker/login-action#682

build(deps): bump aws-sdk dependencies to 3.529.1 in docker/login-action#624 docker/login-action#685

build(deps): bump http-proxy-agent to 7.0.2 in docker/login-action#676

build(deps): bump https-proxy-agent to 7.0.4 in docker/login-action#676

build(deps): bump undici from 5.26.5 to 5.28.3 in docker/login-action#677

Full Changelog: docker/login-action@v3.0.0...v3.1.0

Commits

e92390c Merge pull request #685 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
1e752e2 chore: update generated content
51c6097 build(deps): bump the aws-sdk-dependencies group with 2 updates
8f079fb Merge pull request #676 from docker/dependabot/npm_and_yarn/proxy-agent-depen...
16fa768 chore: update generated content
46d1619 build(deps): bump the proxy-agent-dependencies group with 2 updates
8c291c5 Merge pull request #682 from docker/dependabot/npm_and_yarn/docker/actions-to...
ec726f4 build(deps): bump @docker/actions-toolkit from 0.14.0 to 0.18.0
5139682 Merge pull request #677 from docker/dependabot/npm_and_yarn/undici-5.28.3
6d4e2ba chore: update generated content
Additional commits viewable in compare view

Updates docker/build-push-action from 4.1.1 to 5.3.0

Release notes

Sourced from docker/build-push-action's releases.

v5.3.0

Bump @docker/actions-toolkit from 0.18.0 to 0.19.0 in docker/build-push-action#1080

Full Changelog: docker/build-push-action@v5.2.0...v5.3.0

v5.2.0

Disable quotes detection for outputs input by @crazy-max in docker/build-push-action#1074

Warn about ignored inputs by @favonia in docker/build-push-action#1019

Bump @docker/actions-toolkit from 0.14.0 to 0.18.0 in docker/build-push-action#1070

Bump undici from 5.26.3 to 5.28.3 in docker/build-push-action#1057

Full Changelog: docker/build-push-action@v5.1.0...v5.2.0

v5.1.0

Add annotations input by @crazy-max in docker/build-push-action#992

Add secret-envs input by @elias-lundgren in docker/build-push-action#980

Bump @babel/traverse from 7.17.3 to 7.23.2 in docker/build-push-action#991

Bump @docker/actions-toolkit from 0.13.0-rc.1 to 0.14.0 in docker/build-push-action#990 docker/build-push-action#1006

Full Changelog: docker/build-push-action@v5.0.0...v5.1.0

v5.0.0

Node 20 as default runtime (requires Actions Runner v2.308.0 or later) by @crazy-max in docker/build-push-action#954

Bump @actions/core from 1.10.0 to 1.10.1 in docker/build-push-action#959

Full Changelog: docker/build-push-action@v4.2.1...v5.0.0

v4.2.1

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

warn if docker config can't be parsed by @crazy-max in docker/build-push-action#957

Full Changelog: docker/build-push-action@v4.2.0...v4.2.1

v4.2.0

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

display proxy configuration by @crazy-max in docker/build-push-action#872

chore(deps): Bump @docker/actions-toolkit from 0.6.0 to 0.8.0 in docker/build-push-action#930

chore(deps): Bump word-wrap from 1.2.3 to 1.2.5 in docker/build-push-action#925

chore(deps): Bump semver from 6.3.0 to 6.3.1 in docker/build-push-action#902

Full Changelog: docker/build-push-action@v4.1.1...v4.2.0

Commits

2cdde99 Merge pull request #1080 from docker/dependabot/npm_and_yarn/docker/actions-t...
008747a chore: update generated content
1580753 chore(deps): Bump @docker/actions-toolkit from 0.18.0 to 0.19.0
2a7db1d Merge pull request #1075 from crazy-max/ci-multi-output
35e7dd5 ci: test multi output
af5a7ed Merge pull request #1074 from crazy-max/build-cmd-debug
2a85189 chore: update generated content
6c20794 disable quotes detection for "outputs" input
afdf0c0 chore: debug build cmd and args
00ae31a Merge pull request #1070 from docker/dependabot/npm_and_yarn/docker/actions-t...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the actions group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.1` | `4.1.4` | | [mikefarah/yq](https://github.com/mikefarah/yq) | `4.40.7` | `4.43.1` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `0.1.15` | `2.0.4` | | [actions/setup-python](https://github.com/actions/setup-python) | `5.0.0` | `5.1.0` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `3` | `4` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.0.0` | `3.3.0` | | [docker/login-action](https://github.com/docker/login-action) | `3.0.0` | `3.1.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `4.1.1` | `5.3.0` | Updates `actions/checkout` from 4.1.1 to 4.1.4 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4.1.1...v4.1.4) Updates `mikefarah/yq` from 4.40.7 to 4.43.1 - [Release notes](https://github.com/mikefarah/yq/releases) - [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt) - [Commits](mikefarah/yq@v4.40.7...v4.43.1) Updates `softprops/action-gh-release` from 0.1.15 to 2.0.4 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](softprops/action-gh-release@v0.1.15...v2.0.4) Updates `actions/setup-python` from 5.0.0 to 5.1.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v5...v5.1.0) Updates `codecov/codecov-action` from 3 to 4 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@v3...v4) Updates `docker/setup-buildx-action` from 3.0.0 to 3.3.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v3.0.0...v3.3.0) Updates `docker/login-action` from 3.0.0 to 3.1.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v3.0.0...v3.1.0) Updates `docker/build-push-action` from 4.1.1 to 5.3.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@v4.1.1...v5.3.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: mikefarah/yq dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2024-04-29T17:18:54Z

The following labels could not be found: github-actions.

dependabot bot added the dependencies Pull requests that update a dependency file label Apr 29, 2024

dependabot bot mentioned this pull request Apr 29, 2024

Bump the actions group with 8 updates #750

Closed

BenGalewsky merged commit 4577e48 into develop May 1, 2024
13 of 24 checks passed

BenGalewsky deleted the dependabot/github_actions/actions-fe921297eb branch May 1, 2024 14:14

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Bump the actions group across 1 directory with 8 updates #755

Bump the actions group across 1 directory with 8 updates #755

Uh oh!

dependabot bot commented on behalf of github Apr 29, 2024

Uh oh!

dependabot bot commented on behalf of github Apr 29, 2024

Uh oh!

Uh oh!

Uh oh!

Uh oh!

Bump the actions group across 1 directory with 8 updates #755

Bump the actions group across 1 directory with 8 updates #755

Uh oh!

Conversation

dependabot bot commented on behalf of github Apr 29, 2024

v4.1.4

What's Changed

v4.1.3

What's Changed

v4.1.2

What's Changed

New Contributors

v4.1.4

v4.1.3

v4.1.2

v4.43.1

v4.42.1

v4.41.1

v2.0.4

v2.0.2

v2.0.1

v2.0.0

2.0.4

2.0.3

2.0.2

2.0.1

2.0.0

v5.1.0

What's Changed

New Contributors

v4.0.0

Breaking Changes

What's Changed

4.0.0-beta.2

Fixes

4.0.0-beta.1

Breaking Changes

3.1.4

Fixes

Dependencies

3.1.3

Fixes

Dependencies

3.1.2

Fixes

Dependencies

v3.3.0

v3.2.0

v3.1.0

v3.1.0

v5.3.0

v5.2.0

v5.1.0

v5.0.0

v4.2.1

v4.2.0

Uh oh!

dependabot bot commented on behalf of github Apr 29, 2024

Uh oh!

Uh oh!

Uh oh!