Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): bump the actions-deps group with 9 updates #1500

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 11, 2024

Bumps the actions-deps group with 9 updates:

Package From To
actions/checkout 2 4
actions/setup-node 3 4
actions/cache 3 4
actions/upload-artifact 2 4
actions/download-artifact 2 4
crazy-max/ghaction-github-pages 2 4
actions/github-script 3.1.0 7.0.1
github/codeql-action 2 3
thehanimo/pr-title-checker 1.3.4 1.4.3

Updates actions/checkout from 2 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v4.0.0

v3.6.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3.5.3...v3.6.0

v3.5.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v3.5.3

v3.5.2

What's Changed

Full Changelog: actions/checkout@v3.5.1...v3.5.2

v3.5.1

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

... (truncated)

Commits

Updates actions/setup-node from 3 to 4

Release notes

Sourced from actions/setup-node's releases.

v4.0.0

What's Changed

In scope of this release we changed version of node runtime for action from node16 to node20 and updated dependencies in actions/setup-node#866

Besides, release contains such changes as:

New Contributors

Full Changelog: actions/setup-node@v3...v4.0.0

v3.8.2

What's Changed

Full Changelog: actions/setup-node@v3...v3.8.2

v3.8.1

What's Changed

In scope of this release, the filter was removed within the cache-save step by @​dmitry-shibanov in actions/setup-node#831. It is filtered and checked in the toolkit/cache library.

Full Changelog: actions/setup-node@v3...v3.8.1

v3.8.0

What's Changed

Bug fixes:

Feature implementations:

Documentation changes:

Update dependencies:

... (truncated)

Commits

Updates actions/cache from 3 to 4

Release notes

Sourced from actions/cache's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: actions/cache@v3...v4.0.0

v3.4.0

⚠️ Important Changes

The cache backend service has been rewritten from the ground up for improved performance and reliability. actions/cache now integrates with the new cache service (v2) APIs.

The new service will gradually roll out as of February 1st, 2025. The legacy service will also be sunset on the same date. Changes in these release are fully backward compatible.

We are deprecating some versions of this action. We recommend upgrading to version v4 or v3 as soon as possible before February 1st, 2025. (Upgrade instructions below).

If you are using pinned SHAs, please use the SHAs of versions v4.2.0 or v3.4.0

If you do not upgrade, all workflow runs using any of the deprecated actions/cache will fail.

Upgrading to the recommended versions will not break your workflows.

Read more about the change & access the migration guide: reference to the announcement.

Minor changes

Minor and patch version updates for these dependencies:

  • @​actions/core: 1.11.1
  • @​actions/io: 1.1.3
  • @​vercel/ncc: 0.38.3

Full Changelog: actions/cache@v3...v3.4.0

v3.3.3

What's Changed

New Contributors

Full Changelog: actions/cache@v3...v3.3.3

v3.3.2

What's Changed

... (truncated)

Changelog

Sourced from actions/cache's changelog.

Releases

4.2.0

TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. actions/cache now integrates with the new cache service (v2) APIs.

The new service will gradually roll out as of February 1st, 2025. The legacy service will also be sunset on the same date. Changes in these release are fully backward compatible.

We are deprecating some versions of this action. We recommend upgrading to version v4 or v3 as soon as possible before February 1st, 2025. (Upgrade instructions below).

If you are using pinned SHAs, please use the SHAs of versions v4.2.0 or v3.4.0

If you do not upgrade, all workflow runs using any of the deprecated actions/cache will fail.

Upgrading to the recommended versions will not break your workflows.

4.1.2

  • Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - #1474
  • Security fix: Bump braces from 3.0.2 to 3.0.3 - #1475

4.1.1

  • Restore original behavior of cache-hit output - #1467

4.1.0

  • Ensure cache-hit output is set when a cache is missed - #1404
  • Deprecate save-always input - #1452

4.0.2

  • Fixed restore fail-on-cache-miss not working.

4.0.1

  • Updated isGhes check

4.0.0

  • Updated minimum runner version support from node 12 -> node 20

3.4.0

  • Integrated with the new cache service (v2) APIs

3.3.3

  • Updates @​actions/cache to v3.2.3 to fix accidental mutated path arguments to getCacheVersion actions/toolkit#1378
  • Additional audit fixes of npm package(s)

... (truncated)

Commits

Updates actions/upload-artifact from 2 to 4

Release notes

Sourced from actions/upload-artifact's releases.

v4.0.0

What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.

ℹ️ However, this is a major update that includes breaking changes. Artifacts created with versions v3 and below are not compatible with the v4 actions. Uploads and downloads must use the same major actions versions. There are also key differences from previous versions that may require updates to your workflows.

For more information, please see:

  1. The changelog post.
  2. The README.
  3. The migration documentation.
  4. As well as the underlying npm package, @​actions/artifact documentation.

New Contributors

Full Changelog: actions/upload-artifact@v3...v4.0.0

v3.2.1

What's Changed

This fixes the include-hidden-files input introduced in https://github.com/actions/upload-artifact/releases/tag/v3.2.0

Full Changelog: actions/upload-artifact@v3.2.0...v3.2.1

v3.2.1-node20

What's Changed

This fixes the include-hidden-files input introduced in https://github.com/actions/upload-artifact/releases/tag/v3.2.0-node20

Full Changelog: actions/upload-artifact@v3.2.0-node20...v3.2.1-node20

v3.2.0

Notice: Breaking Changes ⚠️

We will no longer include hidden files and folders by default in the upload-artifact action of this version. This reduces the risk that credentials are accidentally uploaded into artifacts. Customers who need to continue to upload these files can use a new option, include-hidden-files, to continue to do so.

See "Notice of upcoming deprecations and breaking changes in GitHub Actions runners" changelog and this issue for more details.

What's Changed

... (truncated)

Commits
  • b4b15b8 Merge pull request #632 from actions/joshmgross/undo-dependency-changes
  • 92b01eb Undo indirect dependency updates from #627
  • 8448086 Merge pull request #627 from actions/robherley/v4.4.2
  • b1d4642 add explicit relative and absolute symlinks to workflow
  • d50e660 bump version
  • aabe6f8 build with @​actions/artifact v2.1.11
  • 604373d Merge pull request #625 from actions/robherley/artifact-2.1.10
  • 0150148 paste right core version
  • a009b25 update licenses
  • 9f6f6f4 update @​actions/core and @​actions/artifact to latest versions
  • Additional commits viewable in compare view

Updates actions/download-artifact from 2 to 4

Release notes

Sourced from actions/download-artifact's releases.

v4.0.0

What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.

ℹ️ However, this is a major update that includes breaking changes. Artifacts created with versions v3 and below are not compatible with the v4 actions. Uploads and downloads must use the same major actions versions. There are also key differences from previous versions that may require updates to your workflows.

For more information, please see:

  1. The changelog post.
  2. The README.
  3. The migration documentation.
  4. As well as the underlying npm package, @​actions/artifact documentation.

New Contributors

Full Changelog: actions/download-artifact@v3...v4.0.0

v3.0.2

v3.0.1

v3.0.0

What's Changed

Breaking Changes

With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.

v2.1.1

  • Bump @actions/core to the latest version to prevent breaking changes once set-output and save-state commands are deprecated #21

v2.1.0 Download Artifact

  • Improved output & logging
  • Fixed issue where downloading all artifacts could cause display percentages to be over 100%
  • Various small bug fixes & improvements

v2.0.10

  • Retry on HTTP 500 responses from the service

v2.0.9

  • Fixes to proxy related issues

v2.0.8

  • Improvements to retryability if an error is encountered during artifact download

... (truncated)

Commits
  • fa0a91b Merge pull request #341 from actions/robherley/bump-pkgs
  • b54d088 Update @​actions/artifact version, bump dependencies
  • 65a9edc Merge pull request #325 from bethanyj28/main
  • fdd1595 licensed
  • c13dba1 update @​actions/artifact dependency
  • 0daa75e Merge pull request #324 from actions/eggyhead/use-artifact-v2.1.6
  • 9c19ed7 Merge branch 'main' into eggyhead/use-artifact-v2.1.6
  • 3d3ea87 updating license
  • 89af5db updating artifact package v2.1.6
  • b4aefff Merge pull request #323 from actions/eggyhead/update-artifact-v215
  • Additional commits viewable in compare view

Updates crazy-max/ghaction-github-pages from 2 to 4

Release notes

Sourced from crazy-max/ghaction-github-pages's releases.

v4.0.0

Full Changelog: crazy-max/ghaction-github-pages@v3.2.0...v4.0.0

v3.2.0

Full Changelog: crazy-max/ghaction-github-pages@v3.1.0...v3.2.0

v3.1.0

  • Bump @​actions/core from 1.6.0 to 1.10.0 (#177 #178)

Full Changelog: crazy-max/ghaction-github-pages@v3.0.0...v3.1.0

v3.0.0

  • Node 16 as default runtime (#167)
    • This requires a minimum Actions Runner version of v2.285.0, which is by default available in GHES 3.4 or later.

v2.7.0

  • Update dev dependencies and workflow (#166)

v2.6.0

  • Add absolute_build_dir and follow_symlinks inputs (#161)
  • Bump @​actions/exec from 1.0.4 to 1.1.0 (#152)
  • Bump @​actions/core from 1.3.0 to 1.6.0 (#154 #156)

v2.5.0

  • Add verbose input (#150)
  • Bump @​actions/core from 1.2.7 to 1.3.0 (#148)
  • Yarn v2 (#146)

v2.4.1

  • Verbose output

v2.4.0

  • Add dry-run input (#144)
  • Refactor logging output
  • Bump fs-extra from 9.1.0 to 10.0.0 (#139)
  • Bump @​actions/core from 1.2.6 to 1.2.7 (#137)
  • Enhance workflow (#136)

v2.3.0

  • Bring back copySync (#135)
  • Container based developer flow (#134)

... (truncated)

Commits
  • fbf0a4f Merge pull request #221 from crazy-max/dependabot/npm_and_yarn/multi-93d15ec450
  • 06ab351 chore: update generated content
  • ecd7aa6 build(deps): bump fs-extra and @​types/fs-extra
  • ad87320 Merge pull request #229 from crazy-max/dependabot/npm_and_yarn/actions/core-1...
  • 1a3003a chore: update generated content
  • ad3a0f1 build(deps): bump @​actions/core from 1.10.0 to 1.11.1
  • 08f5716 Merge pull request #227 from crazy-max/dependabot/npm_and_yarn/micromatch-4.0.8
  • 167d3e3 build(deps): bump micromatch from 4.0.5 to 4.0.8
  • cda5497 Merge pull request #220 from crazy-max/dependabot/npm_and_yarn/ip-2.0.1
  • d319b0f Merge pull request #222 from crazy-max/dependabot/npm_and_yarn/tar-6.2.1
  • Additional commits viewable in compare view

Updates actions/github-script from 3.1.0 to 7.0.1

Release notes

Sourced from actions/github-script's releases.

v7.0.1

What's Changed

Full Changelog: actions/github-script@v7.0.0...v7.0.1

v7.0.0

What's Changed

New Contributors

Full Changelog: actions/github-script@v6.4.1...v7.0.0

v6.4.1

What's Changed

New Contributors

Full Changelog: actions/github-script@v6.4.0...v6.4.1

v6.4.0

What's Changed

New Contributors

Full Changelog: actions/github-script@v6.3.3...v6.4.0

v6.3.3

What's Changed

New Contributors

... (truncated)

Commits
  • 60a0d83 Merge pull request #440 from actions/joshmgross/v7.0.1
  • b7fb200 Update version to 7.0.1
  • 12e22ed Merge pull request #439 from actions/joshmgross/avoid-setting-base-url
  • d319f8f Avoid setting baseUrl to undefined when input is not provided
  • e69ef54 Merge pull request #425 from actions/joshmgross/node-20
  • ee0914b Update licenses
  • d6fc56f Use @types/node for Node 20
  • 384d6cf Fix quotations in tests
  • 8472492 Only validate GraphQL previews
  • 84903f5 Remove node-fetch from type
  • Additional commits viewable in compare view

Updates github/codeql-action from 2 to 3

Release notes

Sourced from github/codeql-action's releases.

v2.27.7

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

2.27.7 - 10 Dec 2024

  • We are rolling out a change in December 2024 that will extract the CodeQL bundle directly to the toolcache to improve performance. #2631
  • Update default CodeQL bundle version to 2.20.0. #2636

See the full CHANGELOG.md for more information.

v2.27.6

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

2.27.6 - 03 Dec 2024

  • Update default CodeQL bundle version to 2.19.4. #2626

See the full CHANGELOG.md for more information.

v2.27.5

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

2.27.5 - 19 Nov 2024

No user facing changes.

See the full CHANGELOG.md for more information.

v2.27.4

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly ...

Description has been truncated

@dependabot dependabot bot added dependencies Update one or more dependencies version github_actions Pull requests that update GitHub Actions code major Increment the major version when merged labels Dec 11, 2024
Copy link

changeset-bot bot commented Dec 11, 2024

⚠️ No Changeset found

Latest commit: f0f577d

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@dependabot dependabot bot force-pushed the dependabot/github_actions/actions-deps-652cc1e6ba branch 3 times, most recently from f1539f0 to 46951ff Compare December 19, 2024 06:27
Bumps the actions-deps group with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `2` | `4` |
| [actions/setup-node](https://github.com/actions/setup-node) | `3` | `4` |
| [actions/cache](https://github.com/actions/cache) | `3` | `4` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `2` | `4` |
| [actions/download-artifact](https://github.com/actions/download-artifact) | `2` | `4` |
| [crazy-max/ghaction-github-pages](https://github.com/crazy-max/ghaction-github-pages) | `2` | `4` |
| [actions/github-script](https://github.com/actions/github-script) | `3.1.0` | `7.0.1` |
| [github/codeql-action](https://github.com/github/codeql-action) | `2` | `3` |
| [thehanimo/pr-title-checker](https://github.com/thehanimo/pr-title-checker) | `1.3.4` | `1.4.3` |


Updates `actions/checkout` from 2 to 4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v2...v4)

Updates `actions/setup-node` from 3 to 4
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@v3...v4)

Updates `actions/cache` from 3 to 4
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](actions/cache@v3...v4)

Updates `actions/upload-artifact` from 2 to 4
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v2...v4)

Updates `actions/download-artifact` from 2 to 4
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v2...v4)

Updates `crazy-max/ghaction-github-pages` from 2 to 4
- [Release notes](https://github.com/crazy-max/ghaction-github-pages/releases)
- [Commits](crazy-max/ghaction-github-pages@v2...v4)

Updates `actions/github-script` from 3.1.0 to 7.0.1
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](actions/github-script@v3.1.0...v7.0.1)

Updates `github/codeql-action` from 2 to 3
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v2...v3)

Updates `thehanimo/pr-title-checker` from 1.3.4 to 1.4.3
- [Release notes](https://github.com/thehanimo/pr-title-checker/releases)
- [Commits](thehanimo/pr-title-checker@v1.3.4...v1.4.3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
- dependency-name: crazy-max/ghaction-github-pages
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
- dependency-name: thehanimo/pr-title-checker
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/github_actions/actions-deps-652cc1e6ba branch from 46951ff to f0f577d Compare December 23, 2024 06:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Update one or more dependencies version github_actions Pull requests that update GitHub Actions code major Increment the major version when merged
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants