Bump the github-action-dependencies group across 1 directory with 5 updates #135

dependabot · 2024-06-17T20:02:37Z

Bumps the github-action-dependencies group with 5 updates in the / directory:

Package	From	To
actions/checkout	`4.1.1`	`4.1.7`
actions/upload-artifact	`4.3.1`	`4.3.3`
actions/download-artifact	`4.1.4`	`4.1.7`
softprops/action-gh-release	`0.1.15`	`2.0.5`
actions/setup-python	`5.0.0`	`5.1.0`

Updates actions/checkout from 4.1.1 to 4.1.7

Release notes

Sourced from actions/checkout's releases.

v4.1.7

What's Changed

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

New Contributors

@orhantoy made their first contribution in actions/checkout#1774

Full Changelog: actions/checkout@v4.1.6...v4.1.7

v4.1.6

What's Changed

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

Update for 4.1.6 release by @cory-miller in actions/checkout#1733

Full Changelog: actions/checkout@v4.1.5...v4.1.6

v4.1.5

What's Changed

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

Full Changelog: actions/checkout@v4.1.4...v4.1.5

v4.1.4

What's Changed

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Full Changelog: actions/checkout@v4.1.3...v4.1.4

v4.1.3

What's Changed

Update actions/checkout version in update-main-version.yml by @jww3 in actions/checkout#1650

Check git version before attempting to disable sparse-checkout by @jww3 in actions/checkout#1656

Add SSH user parameter by @cory-miller in actions/checkout#1685

Full Changelog: actions/checkout@v4.1.2...v4.1.3

v4.1.2

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

v4.1.5

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

v4.1.4

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

v4.1.3

Check git version before attempting to disable sparse-checkout by @jww3 in actions/checkout#1656

Add SSH user parameter by @cory-miller in actions/checkout#1685

Update actions/checkout version in update-main-version.yml by @jww3 in actions/checkout#1650

v4.1.2

Fix: Disable sparse checkout whenever sparse-checkout option is not present @dscho in actions/checkout#1598

Commits

692973e Prepare 4.1.7 release (#1775)
6ccd57f Pin actions/checkout's own workflows to a known, good, stable version. (#1776)
b17fe1e Handle hidden refs (#1774)
b80ff79 Bump actions/checkout from 3 to 4 (#1697)
b1ec302 Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1739)
a5ac7e5 Update for 4.1.6 release (#1733)
24ed1a3 Check platform for extension (#1732)
44c2b7a README: Suggest user.email to be `41898282+github-actions[bot]@users.norepl...
8459bc0 Bump actions/upload-artifact from 2 to 4 (#1695)
3f603f6 Bump actions/setup-node from 1 to 4 (#1696)
Additional commits viewable in compare view

Updates actions/upload-artifact from 4.3.1 to 4.3.3

Release notes

Sourced from actions/upload-artifact's releases.

v4.3.3

What's Changed

updating @actions/artifact dependency to v2.1.6 by @eggyhead in actions/upload-artifact#565

Full Changelog: actions/upload-artifact@v4.3.2...v4.3.3

v4.3.2

What's Changed

Update release-new-action-version.yml by @konradpabjan in actions/upload-artifact#516

Minor fix to the migration readme by @andrewakim in actions/upload-artifact#523

Update readme with v3/v2/v1 deprecation notice by @robherley in actions/upload-artifact#561

updating @actions/artifact dependency to v2.1.5 and @actions/core to v1.0.1 by @eggyhead in actions/upload-artifact#562

New Contributors

@andrewakim made their first contribution in actions/upload-artifact#523

Full Changelog: actions/upload-artifact@v4.3.1...v4.3.2

Commits

6546280 updating package version
c004fb4 Merge branch 'main' into eggyhead/use-artifact-v2.1.6
90aba49 updating toolkit artifact dependency to 2.1.6
b06cde3 Merge pull request #563 from actions/eggyhead/release-4.3.2
1746f4a Revert "updating to release 4.3.2"
31685d0 updating to release 4.3.2
18bf333 Merge pull request #562 from actions/eggyhead/update-artifact-v215
dac413b update package lock version
bb3b4a3 updating package version
3e3da83 updating artifact and core dependencies
Additional commits viewable in compare view

Updates actions/download-artifact from 4.1.4 to 4.1.7

Release notes

Sourced from actions/download-artifact's releases.

v4.1.7

What's Changed

Update @actions/artifact dependency by @bethanyj28 in actions/download-artifact#325

Full Changelog: actions/download-artifact@v4.1.6...v4.1.7

v4.1.6

What's Changed

updating @actions/artifact dependency to v2.1.6 by @eggyhead in actions/download-artifact#324

Full Changelog: actions/download-artifact@v4.1.5...v4.1.6

v4.1.5

What's Changed

Update readme with v3/v2/v1 deprecation notice by @robherley in actions/download-artifact#322

Update dependencies @actions/core to v1.10.1 and @actions/artifact to v2.1.5

Full Changelog: actions/download-artifact@v4.1.4...v4.1.5

Commits

65a9edc Merge pull request #325 from bethanyj28/main
fdd1595 licensed
c13dba1 update @actions/artifact dependency
0daa75e Merge pull request #324 from actions/eggyhead/use-artifact-v2.1.6
9c19ed7 Merge branch 'main' into eggyhead/use-artifact-v2.1.6
3d3ea87 updating license
89af5db updating artifact package v2.1.6
b4aefff Merge pull request #323 from actions/eggyhead/update-artifact-v215
8caf195 package lock update
d7a2ec4 updating package version
Additional commits viewable in compare view

Updates softprops/action-gh-release from 0.1.15 to 2.0.5

Release notes

Sourced from softprops/action-gh-release's releases.

v2.0.5

Factor in file names with spaces when upserting files #446 via @MystiPanda

Improvements to error handling #449 via @till

v2.0.4

Minor follow up to #417. #425

v2.0.2

Revisit approach to #384 making unresolved pattern failures opt-in #417

v2.0.1

Add support for make_latest property softprops/action-gh-release#304 via @samueljseay

Fail run if files setting contains invalid patterns softprops/action-gh-release#384 via @rpdelaney

Add support for proxy env variables (don't use node-fetch) softprops/action-gh-release#386 via @timor-raiman

Suppress confusing warning when input_files is empty softprops/action-gh-release#389 via @Drowze

v2.0.0

update actions.yml declaration to node20 to address warnings

Changelog

Sourced from softprops/action-gh-release's changelog.

2.0.5

Factor in file names with spaces when upserting files #446 via @MystiPanda

Improvements to error handling #449 via @till

2.0.4

Minor follow up to #417. #425

2.0.3

Declare make_latest as an input field in action.yml #419

2.0.2

Revisit approach to #384 making unresolved pattern failures opt-in #417

2.0.1

Add support for make_latest property #304 via @samueljseay

Fail run if files setting contains invalid patterns #384 via @rpdelaney

Add support for proxy env variables (don't use node-fetch) #386 via @timor-raiman

Suppress confusing warning when input_files is empty #389 via @Drowze

2.0.0

2.0.0!? this release corrects a disjunction between git tag versions used in the marketplace and versions list this file. Previous versions should have really been 1.*. Going forward this should be better aligned.

Upgrade action.yml declaration to node20 to address deprecations

Commits

69320db update changelog
9771ccf update changelog rebuild dist
0a76e42 Fix: error handling (#449)
3989e4b document impl detail
72e945e update changelog
40bf9ec fmt and build
998623f fix: support space in file name (#446)
0979303 Fix failure (#447)
9b795e5 Update README.md (#432)
9d7c94c build
Additional commits viewable in compare view

Updates actions/setup-python from 5.0.0 to 5.1.0

Release notes

Sourced from actions/setup-python's releases.

v5.1.0

What's Changed

Leveraging the raw API to retrieve the version-manifest, as it does not impose a rate limit and hence facilitates unrestricted consumption without the need for a token for Github Enterprise Servers by @Shegox in actions/setup-python#766.

Dependency updates by @dependabot and @HarithaVattikuti in actions/setup-python#817

Documentation changes for version in README by @basnijholt in actions/setup-python#776

Documentation changes for link in README by @ukd1 in actions/setup-python#793

Documentation changes for link in Advanced Usage by @Jamim in actions/setup-python#782

Documentation changes for avoiding rate limit issues on GHES by @priya-kinthali in actions/setup-python#835

New Contributors

@basnijholt made their first contribution in actions/setup-python#776

@ukd1 made their first contribution in actions/setup-python#793

@Jamim made their first contribution in actions/setup-python#782

@Shegox made their first contribution in actions/setup-python#766

@priya-kinthali made their first contribution in actions/setup-python#835

Full Changelog: actions/setup-python@v5.0.0...v5.1.0

Commits

82c7e63 Documentation changes for avoiding rate limit issues on GHES (#835)
10aa35a feat: fallback to raw endpoint for manifest when rate limit is reached (#766)
9a7ac94 Bump undici from 5.27.2 to 5.28.3 (#817)
871daa9 Fix the "Specifying multiple Python/PyPy versions" link (#782)
2f07895 Fix broken README.md link (#793)
e9d6f99 Replace setup-python@v4 by setup-python@v5 in README (#776)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

…pdates Bumps the github-action-dependencies group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.1` | `4.1.7` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.1` | `4.3.3` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4.1.4` | `4.1.7` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `0.1.15` | `2.0.5` | | [actions/setup-python](https://github.com/actions/setup-python) | `5.0.0` | `5.1.0` | Updates `actions/checkout` from 4.1.1 to 4.1.7 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4.1.1...v4.1.7) Updates `actions/upload-artifact` from 4.3.1 to 4.3.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4.3.1...v4.3.3) Updates `actions/download-artifact` from 4.1.4 to 4.1.7 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v4.1.4...v4.1.7) Updates `softprops/action-gh-release` from 0.1.15 to 2.0.5 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](softprops/action-gh-release@v0.1.15...v2.0.5) Updates `actions/setup-python` from 5.0.0 to 5.1.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v5.0.0...v5.1.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-action-dependencies - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-action-dependencies - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-action-dependencies - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-action-dependencies - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-action-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2024-06-24T19:49:29Z

Superseded by #137.

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 17, 2024

dependabot bot mentioned this pull request Jun 17, 2024

Bump the github-action-dependencies group across 1 directory with 5 updates #126

Closed

dependabot bot closed this Jun 24, 2024

dependabot bot deleted the dependabot/github_actions/github-action-dependencies-3f28333389 branch June 24, 2024 19:49

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the github-action-dependencies group across 1 directory with 5 updates #135

Bump the github-action-dependencies group across 1 directory with 5 updates #135

dependabot bot commented on behalf of github Jun 17, 2024 •

edited

Loading

dependabot bot commented on behalf of github Jun 24, 2024

Bump the github-action-dependencies group across 1 directory with 5 updates #135

Bump the github-action-dependencies group across 1 directory with 5 updates #135

Conversation

dependabot bot commented on behalf of github Jun 17, 2024 • edited Loading

v4.1.7

What's Changed

New Contributors

v4.1.6

What's Changed

v4.1.5

What's Changed

v4.1.4

What's Changed

v4.1.3

What's Changed

v4.1.2

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.3.3

What's Changed

v4.3.2

What's Changed

New Contributors

v4.1.7

What's Changed

v4.1.6

What's Changed

v4.1.5

What's Changed

v2.0.5

v2.0.4

v2.0.2

v2.0.1

v2.0.0

2.0.5

2.0.4

2.0.3

2.0.2

2.0.1

2.0.0

v5.1.0

What's Changed

New Contributors

dependabot bot commented on behalf of github Jun 24, 2024

dependabot bot commented on behalf of github Jun 17, 2024 •

edited

Loading