Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): bump the main group with 6 updates #48

Merged
merged 1 commit into from
Mar 28, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 28, 2024

Bumps the main group with 6 updates:

Package From To
actions/checkout 3 4
actions/setup-go 3 5
anothrNick/github-tag-action 1.61.0 1.67.0
softprops/action-gh-release 1 2
arduino/setup-task 1 2
peter-evans/create-pull-request 4 6

Updates actions/checkout from 3 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v4.0.0

v3.6.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3.5.3...v3.6.0

v3.5.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v3.5.3

v3.5.2

What's Changed

Full Changelog: actions/checkout@v3.5.1...v3.5.2

v3.5.1

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.2

v4.1.1

v4.1.0

v4.0.0

v3.6.0

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.0

v3.3.0

v3.2.0

... (truncated)

Commits

Updates actions/setup-go from 3 to 5

Release notes

Sourced from actions/setup-go's releases.

v5.0.0

What's Changed

In scope of this release, we change Nodejs runtime from node16 to node20 (actions/setup-go#421). Moreover, we update some dependencies to the latest versions (actions/setup-go#445).

Besides, this release contains such changes as:

New Contributors

Full Changelog: actions/setup-go@v4...v5.0.0

v4.1.0

What's Changed

In scope of this release, slow installation on Windows was fixed by @​dsame in actions/setup-go#393 and OS version was added to primaryKey for Ubuntu runners to avoid conflicts (actions/setup-go#383)

This release also includes the following changes:

New Contributors

Full Changelog: actions/setup-go@v4...v4.1.0

v4.0.1

What's Changed

New Contributors

Full Changelog: actions/setup-go@v4...v4.0.1

v4.0.0

In scope of release we enable cache by default. The action won’t throw an error if the cache can’t be restored or saved. The action will throw a warning message but it won’t stop a build process. The cache can be disabled by specifying cache: false.

</tr></table> 

... (truncated)

Commits
  • 0c52d54 Update dependencies for node20 (#445)
  • bfd2fb3 Merge pull request #421 from chenrui333/node20-runtime
  • 3d65fa5 feat: bump to use actions/checkout@v4
  • 8a505c9 feat: bump to use node20 runtime
  • 883490d Merge pull request #417 from artemgavrilov/main
  • d45ebba Rephrase sentence
  • 317c661 Replace wildcards term with globs.
  • f90673a Merge pull request #1 from artemgavrilov/caching-docs-improvement
  • 8018234 Improve documentation regarding dependencies cachin
  • d085b4f Merge pull request #411 from galargh/fix/windows-hostedtoolcache
  • Additional commits viewable in compare view

Updates anothrNick/github-tag-action from 1.61.0 to 1.67.0

Release notes

Sourced from anothrNick/github-tag-action's releases.

1.67.0: improvements: tag strategy and tag listing for filtering

Sorting tags by date [ https://redirect.github.com/anothrNick/github-tag-action/pull/272 ] Adding GIT_API_TAGGING false option to switch to cli tagging [ https://redirect.github.com/anothrNick/github-tag-action/pull/210 ]

CLI tagging nowdays is more reliable for github actions permissions.

1.66.0: fixes: sigpipe 141 scenarios

In some cases if the repo contains hundreds of tags, since we set -e grep combined with git tag reads randomly exits with error 141.

1.65.0: fixes pre-release tag exists

Fixes a bug introduced in 1.64 that makes pre-releases error when following a release branch strategy. More details here anothrNick/github-tag-action#265

1.64.0: hotfix: in some cases git rev errors since set -e

No release notes provided.

1.63.0: Improvements: set node to lts and catch actions errors efficiently

No release notes provided.

1.62.0: More tests and outputs when default_bump set to NONE

This is a very minor release, adds outputs to workflows using default_bump none when there are no #comments found that trigger a commit bump.

Commits
  • a2c70ae feature: add option to use git tag / git push instead of http soft tags (#210)
  • 698f1bb Sorting tags based on commit date for branch (#272)
  • 72703d0 Suddenly existing repos fail with missing permissions for token (#271)
  • b2c568f Fix pipefail error caused by piping output to head (#270)
  • 94666f1 remove -qs from pretag case (#267)
  • 564a0cc Update documentation for pre-releases and repository permissions (#268)
  • c360518 Fix: tag_commit on fresh repo with no tags (#261)
  • 72f3a54 Update to node 18 and set bash -e for error catching (#258)
  • d77194f Adding more dirty tests (#254)
  • 1d71e25 fix README used version (#251)
  • Additional commits viewable in compare view

Updates softprops/action-gh-release from 1 to 2

Release notes

Sourced from softprops/action-gh-release's releases.

v2.0.0

  • update actions.yml declaration to node20 to address warnings
Changelog

Sourced from softprops/action-gh-release's changelog.

0.1.12

  • fix bug leading to empty strings subsituted for inputs users don't provide breaking api calls #144
Commits

Updates arduino/setup-task from 1 to 2

Release notes

Sourced from arduino/setup-task's releases.

2.0.0

Migration Guide

The version of the Node.js runtime used to execute the action has been updated from 16 to 20. This could be a breaking change for certain GitHub Actions workflows.

If a workflow with dependency on the arduino/setup-task action uses only GitHub-hosted GitHub Actions runners, no changes are required.

If the workflow uses a self-hosted runner, the workflow run might fail after updating arduino/setup-task:

Error: System.ArgumentOutOfRangeException: Specified argument was out of the range of valid values. (Parameter ''using: node20' is not supported, use 'docker', 'node12' or 'node16' instead.')
   at GitHub.Runner.Worker.ActionManifestManager.ConvertRuns(IExecutionContext executionContext, TemplateContext templateContext, TemplateToken inputsToken, String fileRelativePath, MappingToken outputs)
   at GitHub.Runner.Worker.ActionManifestManager.Load(IExecutionContext executionContext, String manifestFile)
Error: Fail to load arduino/setup-task/v2/action.yml

This means an older runner version that does not provide Node.js 20.x is installed on the runner machine and you must update the runner version.

Changelog

Breaking

  • Update Node.js runtime for action from 16 to 20 (#919)

Enhancement

Full Changeset

arduino/setup-task@1.0.3...2.0.0

Contributors

1.0.3

Changelog

Enhancement

  • Add support for all Task build architectures (43e1bb8c37ce39c24e88b4622c2f66b6d7d9ebbd)

Full Changeset

arduino/setup-task@1.0.2...1.0.3

1.0.2

Release Notes

... (truncated)

Commits
  • b91d5d2 update readme (#929)
  • f2514b0 Bump node from 16 to 20 (#919)
  • 2007903 Merge pull request #928 from arduino/dependabot/npm_and_yarn/prettier-3.2.5
  • 3f2ef95 build(deps-dev): bump prettier from 3.2.2 to 3.2.5
  • 88d658b Merge pull request #927 from arduino/dependabot/npm_and_yarn/types/node-16.18.79
  • b79a1c3 build(deps-dev): bump @​types/node from 16.18.78 to 16.18.79
  • 5abddba Merge pull request #926 from arduino/dependabot/npm_and_yarn/types/node-16.18.78
  • b3e99c0 build(deps-dev): bump @​types/node from 16.18.76 to 16.18.78
  • 4145542 Merge pull request #924 from arduino/dependabot/npm_and_yarn/typescript-eslin...
  • 10406e6 build(deps-dev): bump @​typescript-eslint/parser from 6.19.1 to 6.20.0
  • Additional commits viewable in compare view

Updates peter-evans/create-pull-request from 4 to 6

Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v6.0.0

Behaviour changes

  • The default values for author and committer have changed. See "What's new" below for details. If you are overriding the default values you will not be affected by this change.
  • On completion, the action now removes the temporary git remote configuration it adds when using push-to-fork. This should not affect you unless you were using the temporary configuration for some other purpose after the action completes.

What's new

  • Updated runtime to Node.js 20
    • The action now requires a minimum version of v2.308.0 for the Actions runner. Update self-hosted runners to v2.308.0 or later to ensure compatibility.
  • The default value for author has been changed to ${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com>. The change adds the ${{ github.actor_id }}+ prefix to the email address to align with GitHub's standard format for the author email address.
  • The default value for committer has been changed to github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>. This is to align with the default GitHub Actions bot user account.
  • Adds input git-token, the Personal Access Token (PAT) that the action will use for git operations. This input defaults to the value of token. Use this input if you would like the action to use a different token for git operations than the one used for the GitHub API.
  • push-to-fork now supports pushing to sibling repositories in the same network.
  • Previously, when using push-to-fork, the action did not remove temporary git remote configuration it adds during execution. This has been fixed and the configuration is now removed when the action completes.
  • If the pull request body is truncated due to exceeding the maximum length, the action will now suffix the body with the message "...[Pull request body truncated]" to indicate that the body has been truncated.
  • The action now uses --unshallow only when necessary, rather than as a default argument of git fetch. This should improve performance, particularly for large git repositories with extensive commit history.
  • The action can now be executed on one GitHub server and create pull requests on a different GitHub server. Server products include GitHub hosted (github.com), GitHub Enterprise Server (GHES), and GitHub Enterprise Cloud (GHEC). For example, the action can be executed on GitHub hosted and create pull requests on a GHES or GHEC instance.

What's Changed

New Contributors

Full Changelog: peter-evans/create-pull-request@v5.0.2...v6.0.0

Create Pull Request v5.0.2

⚙️ Fixes an issue that occurs when using push-to-fork and both base and head repositories are in the same org/user account.

What's Changed

Full Changelog: peter-evans/create-pull-request@v5.0.1...v5.0.2

Create Pull Request v5.0.1

What's Changed

Full Changelog: peter-evans/create-pull-request@v5.0.0...v5.0.1

... (truncated)

Commits
  • 70a41ab perf: shallow fetch the actual base when rebasing from working base (#2816)
  • 57a1014 build(deps-dev): bump @​types/node from 18.19.21 to 18.19.23 (#2811)
  • b3a2c5d build(deps-dev): bump @​types/node from 18.19.18 to 18.19.21 (#2798)
  • 02c7da5 build(deps-dev): bump eslint-plugin-github from 4.10.1 to 4.10.2 (#2797)
  • bac6da8 docs: update description of delete-branch
  • a4f52f8 fix: list pulls using the correct head format (#2792)
  • 853c071 build(deps-dev): bump eslint from 8.56.0 to 8.57.0 (#2781)
  • d2c126e build(deps-dev): bump @​types/node from 18.19.17 to 18.19.18 (#2780)
  • 43d39c6 build(deps-dev): bump @​types/node from 18.19.15 to 18.19.17 (#2768)
  • 5a9d206 build(deps-dev): bump eslint-plugin-jest from 27.6.3 to 27.9.0 (#2769)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot requested a review from a team March 28, 2024 10:37
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 28, 2024
@Serpentiel Serpentiel self-assigned this Mar 28, 2024
Copy link
Contributor

@Serpentiel Serpentiel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@Serpentiel
Copy link
Contributor

@dependabot rebase

@Serpentiel Serpentiel enabled auto-merge (squash) March 28, 2024 10:51
Bumps the main group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `3` | `4` |
| [actions/setup-go](https://github.com/actions/setup-go) | `3` | `5` |
| [anothrNick/github-tag-action](https://github.com/anothrnick/github-tag-action) | `1.61.0` | `1.67.0` |
| [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `1` | `2` |
| [arduino/setup-task](https://github.com/arduino/setup-task) | `1` | `2` |
| [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `4` | `6` |


Updates `actions/checkout` from 3 to 4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3...v4)

Updates `actions/setup-go` from 3 to 5
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v3...v5)

Updates `anothrNick/github-tag-action` from 1.61.0 to 1.67.0
- [Release notes](https://github.com/anothrnick/github-tag-action/releases)
- [Commits](anothrNick/github-tag-action@1.61.0...1.67.0)

Updates `softprops/action-gh-release` from 1 to 2
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](softprops/action-gh-release@v1...v2)

Updates `arduino/setup-task` from 1 to 2
- [Release notes](https://github.com/arduino/setup-task/releases)
- [Commits](arduino/setup-task@v1...v2)

Updates `peter-evans/create-pull-request` from 4 to 6
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@v4...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: main
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: main
- dependency-name: anothrNick/github-tag-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: main
- dependency-name: softprops/action-gh-release
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: main
- dependency-name: arduino/setup-task
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: main
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: main
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/github_actions/main-bacb3c3944 branch from 9a4fb9f to f9458b4 Compare March 28, 2024 10:51
@Serpentiel Serpentiel merged commit 6883e96 into main Mar 28, 2024
6 checks passed
@Serpentiel Serpentiel deleted the dependabot/github_actions/main-bacb3c3944 branch March 28, 2024 10:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant