Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the gha-dependencies group across 1 directory with 3 updates #835

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the gha-dependencies group across 1 directory with 3 updates #835

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 1, 2024
edited
Loading

Bumps the gha-dependencies group with 3 updates in the / directory: astral-sh/setup-uv, docker/login-action and docker/build-push-action.

Updates astral-sh/setup-uv from 1 to 3

Release notes

Sourced from astral-sh/setup-uv's releases.

v3.1.3 🌈 update known checksums for 0.4.17

Changes

🧰 Maintenance

⬆️ Dependency updates

v3.1.2 🌈 update known checksums for 0.4.16

Changes

🐛 Bug fixes

🧰 Maintenance

⬆️ Dependency updates

v3.1.1 🌈 update known checksums for 0.4.15

Changes

🧰 Maintenance

📚 Documentation

v3.0.0 🌈 Set the cache-dependency-glob default to **/uv.lock

Changes

With this release cache-dependency-glob defaults to **/uv.lock. This is in line with what most users would expect and also mirrors the default behaviors for setup-python which use **/requirements.txt, **/Pipfile.lock or **/poetry.lock.

The previous default led to the cache being created only once and never invalidated or updated even when the dependencies changed.

This change only affects you if you are using enable-cache: true without specifying cache-dependency-glob. The only behavioral change you might see is one time cache miss.

Learn more about cache-dependency-glob in the README section.

... (truncated)

Commits
  • 023eb78 chore: update known checksums for 0.4.17 (#104)
  • 315da29 Bump @​types/node from 22.7.0 to 22.7.3 (#103)
  • 4cda7d7 Bump @​types/node from 22.6.1 to 22.7.0 (#101)
  • 8114e5e chore: update known checksums for 0.4.16 (#100)
  • 7ee921e Bump @​types/node from 22.5.5 to 22.6.1 (#98)
  • 8c3a35e Only log checksum is valid when it really is (#97)
  • abac0ce Use runner label selfhosted-ubuntu-arm64 (#96)
  • 03e245b chore: update known checksums for 0.4.15 (#95)
  • aeb4649 Set tool(-bin) dir and add to PATH (#87)
  • dbb680f chore: update known checksums for 0.4.14 (#94)
  • Additional commits viewable in compare view

Updates docker/login-action from 2 to 3

Release notes

Sourced from docker/login-action's releases.

v3.0.0

Full Changelog: docker/login-action@v2.2.0...v3.0.0

v2.2.0

Full Changelog: docker/login-action@v2.1.0...v2.2.0

v2.1.0

  • Ensure AWS temp credentials are redacted in workflow logs by @​crazy-max (#275)
  • Bump @​actions/core from 1.6.0 to 1.10.0 (#252 #292)
  • Bump @​aws-sdk/client-ecr from 3.53.0 to 3.186.0 (#298)
  • Bump @​aws-sdk/client-ecr-public from 3.53.0 to 3.186.0 (#299)

Full Changelog: docker/login-action@v2.0.0...v2.1.0

Commits
  • 9780b0c Merge pull request #741 from docker/dependabot/npm_and_yarn/proxy-agent-depen...
  • 2fa130c chore: update generated content
  • 5e87b2a build(deps): bump https-proxy-agent
  • e039495 Merge pull request #754 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 9af18aa chore: update generated content
  • 668190a switch to Docker exec
  • be5150d build(deps): bump @​docker/actions-toolkit from 0.24.0 to 0.35.0
  • e80ebca Merge pull request #730 from docker/dependabot/npm_and_yarn/braces-3.0.3
  • 75ee3ea Merge pull request #733 from docker/dependabot/github_actions/docker/bake-act...
  • 793c19c build(deps): bump docker/bake-action from 4 to 5
  • Additional commits viewable in compare view

Updates docker/build-push-action from 5 to 6

Release notes

Sourced from docker/build-push-action's releases.

v6.0.0

[!NOTE] This major release adds support for generating Build summary and exporting build record for your build. You can disable this feature by setting DOCKER_BUILD_NO_SUMMARY: true environment variable in your workflow.

Full Changelog: docker/build-push-action@v5.4.0...v6.0.0

v5.4.0

Full Changelog: docker/build-push-action@v5.3.0...v5.4.0

v5.3.0

Full Changelog: docker/build-push-action@v5.2.0...v5.3.0

v5.2.0

Full Changelog: docker/build-push-action@v5.1.0...v5.2.0

v5.1.0

Full Changelog: docker/build-push-action@v5.0.0...v5.1.0

Commits
  • 4f58ea7 Merge pull request #1234 from docker/dependabot/npm_and_yarn/docker/actions-t...
  • 49b5ea6 chore: update generated content
  • 13c9fdd chore(deps): Bump @​docker/actions-toolkit from 0.38.0 to 0.39.0
  • e44afff Merge pull request #1232 from docker/dependabot/npm_and_yarn/path-to-regexp-6...
  • 67ebad3 chore(deps): Bump path-to-regexp from 6.2.2 to 6.3.0
  • 32945a3 Merge pull request #1230 from docker/dependabot/npm_and_yarn/docker/actions-t...
  • e0fe9cf chore: update generated content
  • 8f1ff6b chore(deps): Bump @​docker/actions-toolkit from 0.37.1 to 0.38.0
  • 5cd11c3 Merge pull request #1211 from crazy-max/summary-info-message
  • 0aba704 chore: update generated content
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Oct 1, 2024
@codecov Codecov
Copy link

codecov bot commented Oct 3, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 67.15%. Comparing base (b0cfdbd) to head (b404997).

Additional details and impacted files 
@@           Coverage Diff           @@
##             main     #835   +/-   ##
=======================================
  Coverage   67.15%   67.15%           
=======================================
  Files          51       51           
  Lines        4707     4707           
=======================================
  Hits         3161     3161           
  Misses       1546     1546
Flag Coverage Δ
python-3.11 67.15% <ø> (ø)
python-3.9 67.18% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@dependabot @danielhollas
Bump the gha-dependencies group across 1 directory with 3 updates
b404997 
Bumps the gha-dependencies group with 3 updates in the / directory: [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv), [docker/login-action](https://github.com/docker/login-action) and [docker/build-push-action](https://github.com/docker/build-push-action).


Updates `astral-sh/setup-uv` from 1 to 3
- [Release notes](https://github.com/astral-sh/setup-uv/releases)
- [Commits](astral-sh/setup-uv@v1...v3)

Updates `docker/login-action` from 2 to 3
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@v2...v3)

Updates `docker/build-push-action` from 5 to 6
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@v5...v6)

---
updated-dependencies:
- dependency-name: astral-sh/setup-uv
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gha-dependencies
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gha-dependencies
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gha-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@danielhollas danielhollas force-pushed the dependabot/github_actions/gha-dependencies-20974953c4 branch from c654e74 to b404997 Compare October 24, 2024 16:14
@danielhollas danielhollas self-requested a review October 24, 2024 16:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@danielhollas danielhollas Awaiting requested review from danielhollas

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants