Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump the github-actions group across 1 directory with 7 updates #39526

Closed

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 12, 2024

Bumps the github-actions group with 7 updates in the / directory:

Package From To
actions/checkout 2 4
actions/setup-go 3 5
magefile/mage-action 2 3
golangci/golangci-lint-action 3 6
actions/setup-python 4 5
hashicorp/vault-action 2.5.0 3.0.0
dawidd6/action-send-mail 3.7.1 3.12.0

Updates actions/checkout from 2 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v4.0.0

v3.6.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3.5.3...v3.6.0

v3.5.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v3.5.3

v3.5.2

What's Changed

Full Changelog: actions/checkout@v3.5.1...v3.5.2

v3.5.1

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v4.0.0

v3.6.0

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.0

... (truncated)

Commits

Updates actions/setup-go from 3 to 5

Release notes

Sourced from actions/setup-go's releases.

v5.0.0

What's Changed

In scope of this release, we change Nodejs runtime from node16 to node20 (actions/setup-go#421). Moreover, we update some dependencies to the latest versions (actions/setup-go#445).

Besides, this release contains such changes as:

New Contributors

Full Changelog: actions/setup-go@v4...v5.0.0

v4.1.0

What's Changed

In scope of this release, slow installation on Windows was fixed by @​dsame in actions/setup-go#393 and OS version was added to primaryKey for Ubuntu runners to avoid conflicts (actions/setup-go#383)

This release also includes the following changes:

New Contributors

Full Changelog: actions/setup-go@v4...v4.1.0

v4.0.1

What's Changed

New Contributors

Full Changelog: actions/setup-go@v4...v4.0.1

v4.0.0

In scope of release we enable cache by default. The action won’t throw an error if the cache can’t be restored or saved. The action will throw a warning message but it won’t stop a build process. The cache can be disabled by specifying cache: false.

</tr></table> 

... (truncated)

Commits

Updates magefile/mage-action from 2 to 3

Release notes

Sourced from magefile/mage-action's releases.

v3.0.0

What's Changed

Full Changelog: magefile/mage-action@v2.4.1...v3.0.0

v2.4.1

What's Changed

Full Changelog: magefile/mage-action@v2.4.0...v2.4.1

v2.4.0

What's Changed

New Contributors

Full Changelog: magefile/mage-action@v2.3.0...v2.4.0

v2.3.0

What's Changed

Full Changelog: magefile/mage-action@v2.2.0...v2.3.0

v2.2.0

What's Changed

  • use Octokit client to check mage release by @​crazy-max (#269)
  • Bump json5 from 2.1.3 to 2.2.3 (#265)
  • Bump minimatch from 3.0.4 to 3.1.2 (#266)

Full Changelog: magefile/mage-action@v2.1.0...v2.2.0

v2.1.0

What's Changed

  • Bump @​actions/core from 1.6.0 to 1.10.0 (#261 #262)
  • Bump @​actions/http-client from 1.0.11 to 2.0.1 (#256)
  • Bump @​actions/tool-cache from 1.7.2 to 2.0.1 (#257)
  • Support arm64 arch by @​jmontroy90 (#263)

Full Changelog: magefile/mage-action@v2.0.0...v2.1.0

Commits
  • 6a5dcb5 Merge pull request #307 from crazy-max/fix-home-dir
  • d0d1cd3 chore: update generated content
  • d076338 fix: create mage home dir if it does not exist
  • 74678e6 Merge pull request #298 from magefile/dependabot/github_actions/actions/check...
  • 7436432 Merge pull request #306 from crazy-max/codecov-conf
  • 7b6abc8 codecov: update config
  • 010bea5 Merge pull request #302 from crazy-max/form-templates
  • 8bee9e2 chore: github form templates
  • 71f3796 Merge pull request #301 from crazy-max/align-labels
  • 7cb1fb0 chore: cleanup labels config
  • Additional commits viewable in compare view

Updates golangci/golangci-lint-action from 3 to 6

Release notes

Sourced from golangci/golangci-lint-action's releases.

v6.0.0

What's Changed

This version removes annotations option (because it was useless), and removes the default output format (github-actions). The annotations are still produced but with another approach.

Changes

Dependencies

Full Changelog: golangci/golangci-lint-action@v5.3.0...v6.0.0

v5.3.0

What's Changed

Changes

Full Changelog: golangci/golangci-lint-action@v5.2.0...v5.3.0

v5.2.0

What's Changed

Changes

Full Changelog: golangci/golangci-lint-action@v5.1.0...v5.2.0

v5.1.0

What's Changed

Changes

Dependencies

... (truncated)

Commits
  • a4f60bb fix: use 3-dots syntax for diff on push (#1040)
  • 5815a4b doc: improve readme
  • 23faadf doc: improve readme
  • b556f25 doc: improve readme
  • 789f114 feat: rewrite format handling (#1038)
  • d36b91c build(deps-dev): bump @​typescript-eslint/parser from 7.7.1 to 7.8.0 (#1035)
  • a9eb115 build(deps): bump @​types/node from 20.12.7 to 20.12.8 (#1036)
  • bd4fa7c build(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.7.1 to 7.8.0 (#...
  • 38e1018 feat: improve log about pwd/cwd (#1033)
  • 21e9e6b feat: use OS and working-directory as cache key (#1032)
  • Additional commits viewable in compare view

Updates actions/setup-python from 4 to 5

Release notes

Sourced from actions/setup-python's releases.

v5.0.0

What's Changed

In scope of this release, we update node version runtime from node16 to node20 (actions/setup-python#772). Besides, we update dependencies to the latest versions.

Full Changelog: actions/setup-python@v4.8.0...v5.0.0

v4.8.0

What's Changed

In scope of this release we added support for GraalPy (actions/setup-python#694). You can use this snippet to set up GraalPy:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4 
  with:
    python-version: 'graalpy-22.3' 
- run: python my_script.py

Besides, the release contains such changes as:

New Contributors

Full Changelog: actions/setup-python@v4...v4.8.0

v4.7.1

What's Changed

Full Changelog: actions/setup-python@v4...v4.7.1

v4.7.0

In scope of this release, the support for reading python version from pyproject.toml was added (actions/setup-python#669).

      - name: Setup Python
        uses: actions/setup-python@v4
</tr></table> 

... (truncated)

Commits
  • 82c7e63 Documentation changes for avoiding rate limit issues on GHES (#835)
  • 10aa35a feat: fallback to raw endpoint for manifest when rate limit is reached (#766)
  • 9a7ac94 Bump undici from 5.27.2 to 5.28.3 (#817)
  • 871daa9 Fix the "Specifying multiple Python/PyPy versions" link (#782)
  • 2f07895 Fix broken README.md link (#793)
  • e9d6f99 Replace setup-python@v4 by setup-python@v5 in README (#776)
  • 0a5c615 Update action to node20 (#772)
  • 0ae5836 Add example of GraalPy to docs (#773)
  • b64ffca update actions/checkout to v4 (#761)
  • 8d28961 Examples now use checkout@v4 (#738)
  • Additional commits viewable in compare view

Updates hashicorp/vault-action from 2.5.0 to 3.0.0

Release notes

Sourced from hashicorp/vault-action's releases.

v3.0.0

3.0.0 (February 15, 2024)

Improvements:

  • Bump node runtime from node16 to node20 GH-528

v2.8.1

2.8.1 (February 15, 2024)

Bugs:

  • Revert GH-509 which made a backwards incompatible bump of the node runtime from node16 to node20 GH-527

v2.8.0

2.8.0 (February 1, 2024)

Features:

  • Add ignoreNotFound input (default: false) to prevent the action from failing when a secret does not exist GH-518

Improvements:

  • bump jsrsasign from 10.8.6 to 11.0.0 GH-513
  • bump @​actions/core from 1.10.0 to 1.10.1 GH-489
  • bump jest-when from 3.5.2 to 3.6.0 GH-484
  • bump jest from 29.5.0 to 29.7.0 GH-490
  • bump @​vercel/ncc from 0.36.1 to 0.38.1 GH-503

v2.7.5

2.7.5 (January 30, 2024)

Improvements:

  • Bump node runtime from node16 to node20 GH-509
  • Bump got from 11.8.5 to 11.8.6 GH-492

v2.7.4

2.7.4 (October 26, 2023)

Features:

  • Add ability to specify a wildcard for the key name to get all keys in the path GH-488

v2.7.3

2.7.3 (July 13, 2023)

Bugs:

... (truncated)

Changelog

Sourced from hashicorp/vault-action's changelog.

3.0.0 (February 15, 2024)

Improvements:

  • Bump node runtime from node16 to node20 GH-529

2.8.1 (February 15, 2024)

Bugs:

  • Revert GH-509 which made a backwards incompatible bump of the node runtime from node16 to node20 GH-527

2.8.0 (February 1, 2024)

Features:

  • Add ignoreNotFound input (default: false) to prevent the action from failing when a secret does not exist GH-518

Improvements:

  • bump jsrsasign from 10.8.6 to 11.0.0 GH-513
  • bump @​actions/core from 1.10.0 to 1.10.1 GH-489
  • bump jest-when from 3.5.2 to 3.6.0 GH-484
  • bump jest from 29.5.0 to 29.7.0 GH-490
  • bump @​vercel/ncc from 0.36.1 to 0.38.1 GH-503

2.7.5 (January 30, 2024)

Improvements:

  • Bump node runtime from node16 to node20 GH-509
  • Bump got from 11.8.5 to 11.8.6 GH-492

2.7.4 (October 26, 2023)

Features:

  • Add ability to specify a wildcard for the key name to get all keys in the path GH-488

2.7.3 (July 13, 2023)

Bugs:

  • Revert to the handling of secrets in JSON format since v2.1.2 GH-478

2.7.2 (July 6, 2023)

Bugs:

  • Fix a regression that broke support for secrets in JSON format GH-473

... (truncated)

Commits

Updates dawidd6/action-send-mail from 3.7.1 to 3.12.0

Release notes

Sourced from dawidd6/action-send-mail's releases.

v3.12.0

What's Changed

New Contributors

Full Changelog: dawidd6/action-send-mail@v3.11.0...v3.12.0

v3.11.0

What's Changed

New Contributors

Full Changelog: dawidd6/action-send-mail@v3...v3.11.0

v3.10.0

No release notes provided.

v3.9.0

No release notes provided.

v3.8.0

No release notes provided.

v3.7.2

No release notes provided.

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot requested a review from a team as a code owner May 12, 2024 22:24
@dependabot dependabot bot added automation dependabot GitHub Dependabot labels May 12, 2024
@botelastic botelastic bot added the needs_team Indicates that the issue/PR needs a Team:* label label May 12, 2024
@botelastic
Copy link

botelastic bot commented May 12, 2024

This pull request doesn't have a Team:<team> label.

Copy link
Contributor

mergify bot commented May 12, 2024

This pull request does not have a backport label.
If this is a bug or security fix, could you label this PR @dependabot[bot]? 🙏.
For such, you'll need to label your PR with:

  • The upcoming major version of the Elastic Stack
  • The upcoming minor version of the Elastic Stack (if you're not pushing a breaking change)

To fixup this pull request, you need to add the backport labels for the needed
branches, such as:

  • backport-v8./d.0 is the label to automatically backport to the 8./d branch. /d is the digit

@dependabot dependabot bot force-pushed the dependabot/github_actions/github-actions-b37f0312ca branch from 90c4205 to b5c6a0d Compare May 15, 2024 12:46
…updates

Bumps the github-actions group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `2` | `4` |
| [actions/setup-go](https://github.com/actions/setup-go) | `3` | `5` |
| [magefile/mage-action](https://github.com/magefile/mage-action) | `2` | `3` |
| [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `3` | `6` |
| [actions/setup-python](https://github.com/actions/setup-python) | `4` | `5` |
| [hashicorp/vault-action](https://github.com/hashicorp/vault-action) | `2.5.0` | `3.0.0` |
| [dawidd6/action-send-mail](https://github.com/dawidd6/action-send-mail) | `3.7.1` | `3.12.0` |



Updates `actions/checkout` from 2 to 4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v2...v4)

Updates `actions/setup-go` from 3 to 5
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v3...v5)

Updates `magefile/mage-action` from 2 to 3
- [Release notes](https://github.com/magefile/mage-action/releases)
- [Commits](magefile/mage-action@v2...v3)

Updates `golangci/golangci-lint-action` from 3 to 6
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](golangci/golangci-lint-action@v3...v6)

Updates `actions/setup-python` from 4 to 5
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@v4...v5)

Updates `hashicorp/vault-action` from 2.5.0 to 3.0.0
- [Release notes](https://github.com/hashicorp/vault-action/releases)
- [Changelog](https://github.com/hashicorp/vault-action/blob/main/CHANGELOG.md)
- [Commits](hashicorp/vault-action@v2.5.0...v3.0.0)

Updates `dawidd6/action-send-mail` from 3.7.1 to 3.12.0
- [Release notes](https://github.com/dawidd6/action-send-mail/releases)
- [Commits](dawidd6/action-send-mail@6063705...2cea961)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: magefile/mage-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: hashicorp/vault-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: dawidd6/action-send-mail
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/github_actions/github-actions-b37f0312ca branch from b5c6a0d to 06d091d Compare May 15, 2024 12:49
Copy link
Contributor

mergify bot commented May 16, 2024

This pull request is now in conflicts. Could you fix it? 🙏
To fixup this pull request, you can check out it locally. See documentation: https://help.github.com/articles/checking-out-pull-requests-locally/

git fetch upstream
git checkout -b dependabot/github_actions/github-actions-b37f0312ca upstream/dependabot/github_actions/github-actions-b37f0312ca
git merge upstream/main
git push upstream dependabot/github_actions/github-actions-b37f0312ca

Copy link
Contributor Author

dependabot bot commented on behalf of github May 16, 2024

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this May 16, 2024
@dependabot dependabot bot deleted the dependabot/github_actions/github-actions-b37f0312ca branch May 16, 2024 14:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
automation dependabot GitHub Dependabot needs_team Indicates that the issue/PR needs a Team:* label
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants