Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump the github_actions group with 7 updates #1464

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 1, 2024

Bumps the github_actions group with 7 updates:

Package From To
actions/checkout 3 4
tj-actions/changed-files 41 44
docker/setup-buildx-action 2 3
docker/metadata-action 4 5
docker/login-action 2 3
docker/setup-qemu-action 2 3
actions/download-artifact 3 4

Updates actions/checkout from 3 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v4.0.0

v3.6.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3.5.3...v3.6.0

v3.5.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v3.5.3

v3.5.2

What's Changed

Full Changelog: actions/checkout@v3.5.1...v3.5.2

v3.5.1

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.2

v4.1.1

v4.1.0

v4.0.0

v3.6.0

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.0

v3.3.0

v3.2.0

... (truncated)

Commits

Updates tj-actions/changed-files from 41 to 44

Release notes

Sourced from tj-actions/changed-files's releases.

v44

Changes in v44.0.0

🔥🔥 BREAKING CHANGE 🔥🔥

Overview

We've made a significant update to how pull requests (PRs) from forked repositories are processed. This improvement not only streamlines the handling of such PRs but also fixes a previously identified issue.

Before the Change

Previously, when you created a pull request from a forked repository, any files changed in the target branch after the PR creation would erroneously appear as part of the PR's changed files. This made it difficult to distinguish between the actual changes introduced by the PR and subsequent changes made directly to the target branch.

What Has Changed

With this update, a pull request from a fork will now only include the files that were explicitly changed in the fork. This ensures that the list of changed files in a PR accurately reflects the contributions from the fork, without being muddled by unrelated changes to the target branch.


What's Changed

New Contributors

Full Changelog: tj-actions/changed-files@v43.0.1...v44.0.0


v44.0.0

🔥🔥 BREAKING CHANGE 🔥🔥

Overview

We've made a significant update to how pull requests (PRs) from forked repositories are processed. This improvement not only streamlines the handling of such PRs but also fixes a previously identified issue.

Before the Change

Previously, when you created a pull request from a forked repository, any files changed in the target branch after the PR creation would erroneously appear as part of the PR's changed files. This made it difficult to distinguish between the actual changes introduced by the PR and subsequent changes made directly to the target branch.

What Has Changed

With this update, a pull request from a fork will now only include the files that were explicitly changed in the fork. This ensures that the list of changed files in a PR accurately reflects the contributions from the fork, without being muddled by unrelated changes to the target branch.

... (truncated)

Changelog

Sourced from tj-actions/changed-files's changelog.

Changelog

44.0.0 - (2024-03-27)

🐛 Bug Fixes

  • Ensure the fork remote doesn't exists before creating it (#2012) (4bbd49b) - (Tonye Jack)
  • Update previos sha for forks (#2011) (f0e7702) - (Tonye Jack)
  • Update to add the fork remote (#2010) (6354e6c) - (Tonye Jack)
  • Check for setting remote urls for forks (#2009) (1176164) - (Tonye Jack)
  • Bug with prs from forks returning incorrect set of changed files (#2007) (4ff7936) - (Tonye Jack)

➖ Remove

🔄 Update

  • Updated README.md (#2016)

Co-authored-by: jackton1 [email protected] (2d756ea) - (tj-actions[bot])

  • Update README.md (2d21bbb) - (Tonye Jack)
  • Updated README.md (#2013)

Co-authored-by: jackton1 [email protected] (2ca8dc4) - (tj-actions[bot])

  • Update README.md (4621617) - (tonyejack1)
  • Update README.md (c6557ed) - (Tonye Jack)
  • Update README.md (0713a11) - (Tonye Jack)

⚙️ Miscellaneous Tasks

  • Update description of outputs removing asterisks (#2015) (ce497c3) - (tonyejack1)
  • Update description of other_deleted_files output (#2008) (ee096d6) - (tonyejack1)
  • deps: Update typescript-eslint monorepo to v7.4.0 (0647424) - (renovate[bot])
  • deps: Lock file maintenance (efe5e6c) - (renovate[bot])

⬆️ Upgrades

  • Upgraded to v43.0.1 (#2004)

Co-authored-by: jackton1 [email protected] (01e9662) - (tj-actions[bot])

43.0.1 - (2024-03-20)

🐛 Bug Fixes

  • Remove warning with detecting the local git repository when using Github's REST API (#2002) (077b23f) - (Tonye Jack)

📦 Bumps

... (truncated)

Commits

Updates docker/setup-buildx-action from 2 to 3

Release notes

Sourced from docker/setup-buildx-action's releases.

v3.0.0

Full Changelog: docker/setup-buildx-action@v2.10.0...v3.0.0

v2.10.0

Full Changelog: docker/setup-buildx-action@v2.9.1...v2.10.0

v2.9.1

Full Changelog: docker/setup-buildx-action@v2.9.0...v2.9.1

v2.9.0

  • Bump @​docker/actions-toolkit from 0.6.0 to 0.7.0 in docker/setup-buildx-action#246
    • Adds support to cache Buildx binary to hosted tool cache and GHA cache backend

Full Changelog: docker/setup-buildx-action@v2.8.0...v2.9.0

v2.8.0

Full Changelog: docker/setup-buildx-action@v2.7.0...v2.8.0

v2.7.0

Full Changelog: docker/setup-buildx-action@v2.6.0...v2.7.0

v2.6.0

Full Changelog: docker/setup-buildx-action@v2.5.0...v2.6.0

v2.5.0

Full Changelog: docker/setup-buildx-action@v2.4.1...v2.5.0

v2.4.1

... (truncated)

Commits
  • 2b51285 Merge pull request #306 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 0f00370 chore: update generated content
  • 11c9683 build(deps): bump @​docker/actions-toolkit from 0.18.0 to 0.19.0
  • 56a16b8 Merge pull request #303 from crazy-max/fix-inputs
  • c23f46e chore: update generated content
  • f876da6 rename and align config inputs
  • b7cf918 Merge pull request #304 from crazy-max/rm-docs-dir
  • 0150f0e chore: remove docs dir
  • d89f1f9 Merge pull request #302 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 12d65f6 chore: update generated content
  • Additional commits viewable in compare view

Updates docker/metadata-action from 4 to 5

Release notes

Sourced from docker/metadata-action's releases.

v5.0.0

Full Changelog: docker/metadata-action@v4.6.0...v5.0.0

v4.6.0

Full Changelog: docker/metadata-action@v4.5.0...v4.6.0

v4.5.0

Full Changelog: docker/metadata-action@v4.4.0...v4.5.0

v4.4.0

Full Changelog: docker/metadata-action@v4.3.0...v4.4.0

v4.3.0

Full Changelog: docker/metadata-action@v4.2.0...v4.3.0

v4.2.0

  • Add tz attribute to handlebar date function by @​chroju (#251)
  • Bump minimatch from 3.0.4 to 3.1.2 (#242)
  • Bump csv-parse from 5.3.1 to 5.3.3 (#245)
  • Bump json5 from 2.2.0 to 2.2.3 (#252)

Full Changelog: docker/metadata-action@v4.1.1...v4.2.0

v4.1.1

  • Revert changes to set associated head sha on pull request event by @​crazy-max (#239)
    • User can still set associated head sha on PR by setting the env var DOCKER_METADATA_PR_HEAD_SHA=true
  • Bump csv-parse from 5.3.0 to 5.3.1 (#237)

Full Changelog: docker/metadata-action@v4.1.0...v4.1.1

... (truncated)

Upgrade guide

Sourced from docker/metadata-action's upgrade guide.

Upgrade notes

v2 to v3

  • Repository has been moved to docker org. Replace crazy-max/ghaction-docker-meta@v2 with docker/metadata-action@v5
  • The default bake target has been changed: ghaction-docker-meta > docker-metadata-action

v1 to v2

inputs

New Unchanged Removed
tags images tag-sha
flavor sep-tags tag-edge
labels sep-labels tag-edge-branch
tag-semver
tag-match
tag-match-group
tag-latest
tag-schedule
tag-custom
tag-custom-only
label-custom

tag-sha

tags: |
  type=sha

tag-edge / tag-edge-branch

tags: |
  # default branch
</tr></table> 

... (truncated)

Commits
  • 8e5442c Merge pull request #382 from crazy-max/dont-set-cwd-prefix
  • eda41b7 chore: update generated content
  • 388c08f don't set cwd:// prefix for local bake files
  • dbef880 Merge pull request #374 from docker/dependabot/npm_and_yarn/moment-timezone-0...
  • b73e7a7 chore: update generated content
  • b9fba69 chore(deps): Bump moment-timezone from 0.5.43 to 0.5.44
  • ac82374 Merge pull request #373 from docker/dependabot/npm_and_yarn/moment-2.30.1
  • c92519a chore: update generated content
  • 3b4179d chore(deps): Bump moment from 2.29.4 to 2.30.1
  • 0784993 Merge pull request #371 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • Additional commits viewable in compare view

Updates docker/login-action from 2 to 3

Release notes

Sourced from docker/login-action's releases.

v3.0.0

Full Changelog: docker/login-action@v2.2.0...v3.0.0

v2.2.0

Full Changelog: docker/login-action@v2.1.0...v2.2.0

v2.1.0

  • Ensure AWS temp credentials are redacted in workflow logs by @​crazy-max (#275)
  • Bump @​actions/core from 1.6.0 to 1.10.0 (#252 #292)
  • Bump @​aws-sdk/client-ecr from 3.53.0 to 3.186.0 (#298)
  • Bump @​aws-sdk/client-ecr-public from 3.53.0 to 3.186.0 (#299)

Full Changelog: docker/login-action@v2.0.0...v2.1.0

Commits
  • e92390c Merge pull request #685 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
  • 1e752e2 chore: update generated content
  • 51c6097 build(deps): bump the aws-sdk-dependencies group with 2 updates
  • 8f079fb Merge pull request #676 from docker/dependabot/npm_and_yarn/proxy-agent-depen...
  • 16fa768 chore: update generated content
  • 46d1619 build(deps): bump the proxy-agent-dependencies group with 2 updates
  • 8c291c5 Merge pull request #682 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • ec726f4 build(deps): bump @​docker/actions-toolkit from 0.14.0 to 0.18.0
  • 5139682 Merge pull request #677 from docker/dependabot/npm_and_yarn/undici-5.28.3
  • 6d4e2ba chore: update generated content
  • Additional commits viewable in compare view

Updates docker/setup-qemu-action from 2 to 3

Release notes

Sourced from docker/setup-qemu-action's releases.

v3.0.0

Full Changelog: docker/setup-qemu-action@v2.2.0...v3.0.0

v2.2.0

Full Changelog: docker/setup-qemu-action@v2.1.0...v2.2.0

v2.1.0

Full Changelog: docker/setup-qemu-action@v2.0.0...v2.1.0

Commits
  • 6882732 Merge pull request #103 from docker/dependabot/npm_and_yarn/actions/core-1.10.1
  • 183f4af chore: update generated content
  • f174935 build(deps): bump @​actions/core from 1.10.0 to 1.10.1
  • 2e423eb Merge pull request #89 from docker/dependabot/npm_and_yarn/semver-6.3.1
  • ecc406a Bump semver from 6.3.0 to 6.3.1
  • 12dec5e Merge pull request #102 from crazy-max/update-node20
  • c29b312 chore: node 20 as default runtime
  • 34ae628 chore: update generated content
  • 1f3d2e1 chore: fix author in package.json
  • 277dbe8 vendor: bump @​docker/actions-toolkit from 0.3.0 to 0.12.0
  • Additional commits viewable in compare view

Updates actions/download-artifact from 3 to 4

Release notes

Sourced from actions/download-artifact's releases.

v4.0.0

What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.

ℹ️ However, this is a major update that includes breaking changes. Artifacts created with versions v3 and below are not compatible with the v4 actions. Uploads and downloads must use the same major actions versions. There are also key differences from previous versions that may require updates to your workflows.

For more information, please see:

  1. The changelog post.
  2. The README.
  3. The migration documentation.
  4. As well as the underlying npm package, @​actions/artifact documentation.

New Contributors

Full Changelog: actions/download-artifact@v3...v4.0.0

v3.0.2

v3.0.1

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific depend...

Description has been truncated

@dependabot dependabot bot requested a review from a team as a code owner April 1, 2024 15:51
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Apr 1, 2024
@dependabot dependabot bot force-pushed the dependabot/github_actions/github_actions-3971d49877 branch from 49c6708 to 71bccc6 Compare April 8, 2024 15:29
@dependabot dependabot bot force-pushed the dependabot/github_actions/github_actions-3971d49877 branch from 71bccc6 to c4aa30b Compare April 15, 2024 15:31
@dependabot dependabot bot force-pushed the dependabot/github_actions/github_actions-3971d49877 branch from c4aa30b to 6adc2c3 Compare April 29, 2024 15:09
@Emilgardis Emilgardis added no changelog A valid PR without changelog (no-changelog) no-ci-tests labels Apr 29, 2024
@Emilgardis Emilgardis added this pull request to the merge queue Apr 29, 2024
@Emilgardis Emilgardis removed this pull request from the merge queue due to a manual request Apr 29, 2024
@dependabot dependabot bot force-pushed the dependabot/github_actions/github_actions-3971d49877 branch from 6adc2c3 to 994566d Compare May 6, 2024 15:55
@dependabot dependabot bot force-pushed the dependabot/github_actions/github_actions-3971d49877 branch from 994566d to 2d3c147 Compare May 13, 2024 15:56
@Emilgardis
Copy link
Member

Need to make sure this doesn't break stuff, checkout v4 changed some stuff

Bumps the github_actions group with 7 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `3` | `4` |
| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `41` | `44` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `2` | `3` |
| [docker/metadata-action](https://github.com/docker/metadata-action) | `4` | `5` |
| [docker/login-action](https://github.com/docker/login-action) | `2` | `3` |
| [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `2` | `3` |
| [actions/download-artifact](https://github.com/actions/download-artifact) | `3` | `4` |


Updates `actions/checkout` from 3 to 4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3...v4)

Updates `tj-actions/changed-files` from 41 to 44
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](tj-actions/changed-files@v41...v44)

Updates `docker/setup-buildx-action` from 2 to 3
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@v2...v3)

Updates `docker/metadata-action` from 4 to 5
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](docker/metadata-action@v4...v5)

Updates `docker/login-action` from 2 to 3
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@v2...v3)

Updates `docker/setup-qemu-action` from 2 to 3
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](docker/setup-qemu-action@v2...v3)

Updates `actions/download-artifact` from 3 to 4
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github_actions
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github_actions
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github_actions
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github_actions
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github_actions
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github_actions
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github_actions
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/github_actions/github_actions-3971d49877 branch from 2d3c147 to b35077c Compare May 20, 2024 15:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file no changelog A valid PR without changelog (no-changelog) no-ci-tests
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant