ci: bump the patch-minor-dependencies group across 1 directory with 16 updates #215

dependabot · 2024-06-24T07:00:41Z

Bumps the patch-minor-dependencies group with 16 updates in the / directory:

Package	From	To
actions/checkout	`4.1.1`	`4.1.7`
github/codeql-action	`3.23.1`	`3.25.10`
actions/setup-java	`4.0.0`	`4.2.1`
taiki-e/install-action	`2.26.7`	`2.41.3`
actions/dependency-review-action	`4.0.0`	`4.3.3`
aws-actions/configure-aws-credentials	`4.0.1`	`4.0.2`
zgosalvez/github-actions-ensure-sha-pinned-actions	`3.0.3`	`3.0.9`
gitleaks/gitleaks-action	`2.3.2`	`2.3.6`
anchore/scan-action	`3.6.1`	`3.6.4`
ncipollo/release-action	`1.13.0`	`1.14.0`
actions/upload-artifact	`4.2.0`	`4.3.3`
aquasecurity/trivy-action	`0.16.1`	`0.23.0`
hashicorp/setup-terraform	`3.0.0`	`3.1.1`
actions/cache	`4.0.0`	`4.0.2`
actions/setup-node	`4.0.1`	`4.0.2`
trunk-io/trunk-action	`1.1.9`	`1.1.15`

Updates actions/checkout from 4.1.1 to 4.1.7

Release notes

Sourced from actions/checkout's releases.

v4.1.7

What's Changed

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

New Contributors

@orhantoy made their first contribution in actions/checkout#1774

Full Changelog: actions/checkout@v4.1.6...v4.1.7

v4.1.6

What's Changed

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

Update for 4.1.6 release by @cory-miller in actions/checkout#1733

Full Changelog: actions/checkout@v4.1.5...v4.1.6

v4.1.5

What's Changed

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

Full Changelog: actions/checkout@v4.1.4...v4.1.5

v4.1.4

What's Changed

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Full Changelog: actions/checkout@v4.1.3...v4.1.4

v4.1.3

What's Changed

Update actions/checkout version in update-main-version.yml by @jww3 in actions/checkout#1650

Check git version before attempting to disable sparse-checkout by @jww3 in actions/checkout#1656

Add SSH user parameter by @cory-miller in actions/checkout#1685

Full Changelog: actions/checkout@v4.1.2...v4.1.3

v4.1.2

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

v4.1.5

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

v4.1.4

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

v4.1.3

Check git version before attempting to disable sparse-checkout by @jww3 in actions/checkout#1656

Add SSH user parameter by @cory-miller in actions/checkout#1685

Update actions/checkout version in update-main-version.yml by @jww3 in actions/checkout#1650

v4.1.2

Fix: Disable sparse checkout whenever sparse-checkout option is not present @dscho in actions/checkout#1598

v4.1.1

Correct link to GitHub Docs by @peterbe in actions/checkout#1511

Link to release page from what's new section by @cory-miller in actions/checkout#1514

v4.1.0

Add support for partial checkout filters

v4.0.0

Support fetching without the --progress option

Update to node20

v3.6.0

Fix: Mark test scripts with Bash'isms to be run via Bash

Add option to fetch tags even if fetch-depth > 0

v3.5.3

Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in

Fix typos found by codespell

... (truncated)

Commits

692973e Prepare 4.1.7 release (#1775)
6ccd57f Pin actions/checkout's own workflows to a known, good, stable version. (#1776)
b17fe1e Handle hidden refs (#1774)
b80ff79 Bump actions/checkout from 3 to 4 (#1697)
b1ec302 Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1739)
a5ac7e5 Update for 4.1.6 release (#1733)
24ed1a3 Check platform for extension (#1732)
44c2b7a README: Suggest user.email to be `41898282+github-actions[bot]@users.norepl...
8459bc0 Bump actions/upload-artifact from 2 to 4 (#1695)
3f603f6 Bump actions/setup-node from 1 to 4 (#1696)
Additional commits viewable in compare view

Updates github/codeql-action from 3.23.1 to 3.25.10

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

[UNRELEASED]

Avoid failing the workflow run if there is an error while uploading debug artifacts. #2349

3.25.10 - 13 Jun 2024

Update default CodeQL bundle version to 2.17.5. #2327

3.25.9 - 12 Jun 2024

Avoid failing database creation if the database folder already exists and contains some unexpected files. Requires CodeQL 2.18.0 or higher. #2330

The init Action will attempt to clean up the database cluster directory before creating a new database and at the end of the job. This will help to avoid issues where the database cluster directory is left in an inconsistent state. #2332

3.25.8 - 04 Jun 2024

Update default CodeQL bundle version to 2.17.4. #2321

3.25.7 - 31 May 2024

We are rolling out a feature in May/June 2024 that will reduce the Actions cache usage of the Action by keeping only the newest TRAP cache for each language. #2306

3.25.6 - 20 May 2024

Update default CodeQL bundle version to 2.17.3. #2295

3.25.5 - 13 May 2024

Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the https://github.com/github/codeql-action/blob/main/README.md. #2273

Avoid printing out a warning for a missing on.push trigger when the CodeQL Action is triggered via a workflow_call event. #2274

The tools: latest input to the init Action has been renamed to tools: linked. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. #2281

3.25.4 - 08 May 2024

Update default CodeQL bundle version to 2.17.2. #2270

3.25.3 - 25 Apr 2024

Update default CodeQL bundle version to 2.17.1. #2247

Workflows running on macos-latest using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as macos-12. ARM machines with SIP disabled, including the newest macos-latest image, are unsupported for CLI versions before 2.15.1. #2261

3.25.2 - 22 Apr 2024

No user facing changes.

... (truncated)

Commits

23acc5c Merge pull request #2337 from github/update-v3.25.10-5bf6dad35
9b72dbd Update changelog for v3.25.10
5bf6dad Merge pull request #2329 from github/henrymercer/csharp-buildless-rollback-me...
feec81c Merge branch 'main' into henrymercer/csharp-buildless-rollback-mechanism
789b5f8 Merge pull request #2328 from github/henrymercer/direct-tracing-fix
c36b5fc Merge pull request #2327 from github/update-bundle/codeql-bundle-v2.17.5
b3642aa Merge branch 'main' into update-bundle/codeql-bundle-v2.17.5
1fc6e20 Merge pull request #2335 from github/mergeback/v3.25.9-to-main-530d4fea
356bee4 Update checked-in dependencies
385808c Update changelog and version after v3.25.9
Additional commits viewable in compare view

Updates actions/setup-java from 4.0.0 to 4.2.1

Release notes

Sourced from actions/setup-java's releases.

v4.2.1

What's Changed

Patch for java version file to accept it from any path by @mahabaleshwars in actions/setup-java#610

Full Changelog: actions/setup-java@v4...v4.2.1

v4.2.0

What's Changed

Updated actions/httpclient version to 2.2.1 and other dependencies by @HarithaVattikuti in actions/setup-java#607

Added .tool-versions file support along with .java-version file by @mahabaleshwars in actions/setup-java#606

New Contributors

@HarithaVattikuti made their first contribution in actions/setup-java#607 Full Changelog: actions/setup-java@v4...v4.2.0

V4.1.0

What's Changed

Added Windows Arm64 Support for Windows Arm64 Runners by @mahabaleshwars in actions/setup-java#595

feat: bump actions/checkout and actions/setup-java to v4 by @kbdharun in actions/setup-java#533

Handle authorization when the token is undefined by @peter-murray in actions/setup-java#556

Documentation update of Java 21 by @Okeanos in actions/setup-java#566

Documentation update about maven-gpg-plugin version note by @IvanZosimov in actions/setup-java#570

Oracle JDK 21 support by @jdubois in actions/setup-java#538

Fix typo in configuration example by @Bananeweizen in actions/setup-java#572

New Contributors

@kbdharun made their first contribution in actions/setup-java#533

@peter-murray made their first contribution in actions/setup-java#556

@jdubois made their first contribution in actions/setup-java#538

@Bananeweizen made their first contribution in actions/setup-java#572

@mahabaleshwars made their first contribution in actions/setup-java#595

Full Changelog: actions/setup-java@v4...v4.1.0

Commits

99b8673 Patch for java version file (#610)
5896cec Added .tool-versions file support (#606)
80ae3c2 Update httpclient version and other dependencies (#607)
9704b39 Added Windows Arm64 Support for Windows Arm64 Runners (#595)
7a445ee Fix typo in configuration example (#572)
3232623 Oracle JDK 21 support (#538)
c0660d8 docs: add note about maven-gpg-plugin version (#570)
2f7af1b make it clear that Java 21 is supported (#566)
16ef37f HTTP errors when the token is undefined (#556)
a237454 feat: bump actions/checkout and actions/setup-java to v4 (#533)
See full diff in compare view

Updates taiki-e/install-action from 2.26.7 to 2.41.3

Release notes

Sourced from taiki-e/install-action's releases.

2.41.3

Update cargo-binstall@latest to 1.7.3.

2.41.2

Update typos@latest to 1.22.9.

2.41.1

Update typos@latest to 1.22.8.

2.41.0

Support knope. (#553, thanks @jayvdb)

Update osv-scanner@latest to 1.8.1.

2.40.2

Update zola@latest to 0.19.0.

Update wasmtime@latest to 22.0.0.

2.40.1

Update cargo-zigbuild@latest to 0.19.0.

Update cargo-binstall@latest to 1.7.2.

Update biome@latest to 1.8.2.

2.40.0

Fix an installation issue on some container environments. (#545)

2.39.2

Update dprint@latest to 0.46.3.

Update cargo-semver-checks@latest to 0.32.0.

Update cargo-dinghy@latest to 0.7.2.

2.39.1

Update cargo-binstall@latest to 1.7.1.

2.39.0

Update cargo-binstall@latest to 1.7.0.

2.38.7

Update syft@latest to 1.7.0.

Update just@latest to 1.29.1.

Update rclone@latest to 1.67.0.

2.38.6

... (truncated)

Changelog

Sourced from taiki-e/install-action's changelog.

Changelog

All notable changes to this project will be documented in this file.

This project adheres to Semantic Versioning.

[Unreleased]

[2.41.3] - 2024-06-24

Update cargo-binstall@latest to 1.7.3.

[2.41.2] - 2024-06-23

Update typos@latest to 1.22.9.

[2.41.1] - 2024-06-22

Update typos@latest to 1.22.8.

[2.41.0] - 2024-06-21

Support knope. (#553, thanks @jayvdb)

Update osv-scanner@latest to 1.8.1.

[2.40.2] - 2024-06-21

Update zola@latest to 0.19.0.

Update wasmtime@latest to 22.0.0.

[2.40.1] - 2024-06-20

Update cargo-zigbuild@latest to 0.19.0.

Update cargo-binstall@latest to 1.7.2.

Update biome@latest to 1.8.2.

[2.40.0] - 2024-06-19

Fix an installation issue on some container environments. (#545)

[2.39.2] - 2024-06-18

... (truncated)

Commits

e6c7481 Release 2.41.3
8a2a112 Update cargo-binstall@latest to 1.7.3
77774d8 Release 2.41.2
481510c Update typos@latest to 1.22.9
bb478bb Release 2.41.1
4558bb8 Speedup codegen by caching tools/codegen compilation (#554)
315e996 Update typos@latest to 1.22.8
b661de9 Release 2.41.0
216f840 Apply clippy::as_underscore lint
926cd2a codegen: Remove needless allocation
Additional commits viewable in compare view

Updates actions/dependency-review-action from 4.0.0 to 4.3.3

Release notes

Sourced from actions/dependency-review-action's releases.

Notes for v4.3.3

What's Changed

Allow slashes in purl package names by @juxtin in actions/dependency-review-action#765

use the v3 version of the deps.dev API by @josieang in actions/dependency-review-action#741

PR with suggestions - [Improvement]: Help streamline / simplify dependency review action README by @am-stead in actions/dependency-review-action#773

fix show-openssf-scorecard-levels input by @ramann in actions/dependency-review-action#776

Updates to the contribution guidelines by @jonjanego in actions/dependency-review-action#778

Create issue templates by @jonjanego in actions/dependency-review-action#777

Fix the max comment length issue by @jhutchings1 and @elireisman in actions/dependency-review-action#767

Bump project version to 4.3.3 in prep for a release by @elireisman in actions/dependency-review-action#781

New Contributors

@josieang made their first contribution in actions/dependency-review-action#741

@am-stead made their first contribution in actions/dependency-review-action#773

@ramann made their first contribution in actions/dependency-review-action#776

Full Changelog: actions/dependency-review-action@v4.3.2...v4.3.3

v4.3.2

What's Changed

Fix package-url parsing for allow-dependencies-licenses by @juxtin in actions/dependency-review-action#761

Full Changelog: actions/dependency-review-action@v4.3.1...v4.3.2

v4.3.1

What's Changed

This release fixes some bugs related to package-url parsing that were introduced in 4.3.0. See actions/dependency-review-action#753.

Full Changelog: actions/dependency-review-action@V4.3.0...v4.3.1

v4.3.0

New Features

The deny-packages option can now be used without a version number to exclude all versions of a package.

What's Changed

Fix action variable name for scorecard by @lukehinds in actions/dependency-review-action#735

Fix extra https:// in summary by @jhutchings1 in actions/dependency-review-action#748

Bump typescript from 5.3.3 to 5.4.5 by @dependabot in actions/dependency-review-action#744

Bump eslint-plugin-github from 4.10.1 to 4.10.2 by @dependabot in actions/dependency-review-action#737

Show denied packages with red X by @juxtin in actions/dependency-review-action#750

deny-packages configuration option can deny specified version or all packages by @febuiles and @bteng22 in actions/dependency-review-action#733

New Contributors

@bteng22 made their first contribution in actions/dependency-review-action#733

@lukehinds made their first contribution in actions/dependency-review-action#735

Full Changelog: actions/dependency-review-action@v4.2.5...V4.3.0

4.2.5

... (truncated)

Commits

72eb03d Merge pull request #781 from actions/release-v4.3.3
137d8b4 bump to version v4.3.3
e6b618e Merge pull request #767 from actions/max-comment-length
3c42649 fix ws for linter
8e6ea8d update packaging
1b3d277 post-review: add PR comment full summary test case
220872c Update src/main.ts
087d0f8 repackage to update dist
4531204 whitespace
df1ca89 appease linter
Additional commits viewable in compare view

Updates aws-actions/configure-aws-credentials from 4.0.1 to 4.0.2

Release notes

Sourced from aws-actions/configure-aws-credentials's releases.

v4.0.2

See the changelog for details about the changes included in this release.

Changelog

Sourced from aws-actions/configure-aws-credentials's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

4.0.2 (2024-02-09)

Revert 4.0.1 to remove warning

4.0.1 (2023-10-03)

Documentation

Throw a warning when customers use long-term credentials.

4.0.0 (2023-09-11)

Upgraded runtime to node20 from node16

3.0.2 (2023-09-07)

Bug Fixes

fixes #817 #819: validation logic throwing unwanted errors d78f55b

3.0.1 (2023-08-24)

Features

Can configure special-characters-workaround to keep retrying credentials if the returned credentials have special characters (Fixes #599)

Bug Fixes

Fixes #792: Action fails when intending to use existing credentials

Minor typo fix from @ubaid-ansari21

Changes to existing functionality

Special characters are now allowed in returned credential variables unless you configure the special-characters-workaround option

3.0.0 (2023-08-21)

Features

Can configure max-retries and disable-retry to modify retry functionality when the assume role call fails

Set returned credentials as step outputs with output-credentials

Clear AWS related environment variables at the start of the action with unset-current-credentials

Unique role identifier is now printed in the workflow logs

Bug Fixes

Can't use credentials if they contain a special character

Retry functionality added when generating the JWT fails

Can now use webIdentityTokenFile option

Branch name validation too strict

JS SDK v2 deprecation warning in workflow logs

... (truncated)

Commits

e3dd6a4 chore: Bump @types/jest from 29.5.11 to 29.5.12 (#1000)
c6c400f chore: Bump @types/node from 20.11.5 to 20.11.16 (#999)
c38ab41 chore: Bump prettier from 3.2.4 to 3.2.5 (#998)
2071ebe chore: Bump @types/node from 20.11.3 to 20.11.5 (#986)
44112af chore: Update dist
492c455 chore: Bump @aws-sdk/client-sts from 3.490.0 to 3.496.0 (#982)
13e074e chore: Update dist
5a676ce chore: Bump @smithy/property-provider from 2.0.17 to 2.1.1 (#985)
e43a696 chore: Bump ts-jest from 29.1.1 to 29.1.2 (#983)
eb98af5 chore: Bump prettier from 3.2.2 to 3.2.4 (#981)
Additional commits viewable in compare view

Updates zgosalvez/github-actions-ensure-sha-pinned-actions from 3.0.3 to 3.0.9

Release notes

Sourced from zgosalvez/github-actions-ensure-sha-pinned-actions's releases.

v3.0.9

What's Changed

Update README.md by @zgosalvez in zgosalvez/github-actions-ensure-sha-pinned-actions#167

Full Changelog: zgosalvez/github-actions-ensure-sha-pinned-actions@v3...v3.0.9

v3.0.8

What's Changed

Bump eslint from 9.4.0 to 9.5.0 by @dependabot in zgosalvez/github-actions-ensure-sha-pinned-actions#165

Bump braces from 3.0.2 to 3.0.3 by @dependabot in zgosalvez/github-actions-ensure-sha-pinned-actions#166

Bump yaml from 2.4.4 to 2.4.5 by @dependabot in zgosalvez/github-actions-ensure-sha-pinned-actions#164

Full Changelog: zgosalvez/github-actions-ensure-sha-pinned-actions@v3...v3.0.8

v3.0.7

What's Changed

Bump yaml from 2.4.2 to 2.4.4 by @dependabot in zgosalvez/github-actions-ensure-sha-pinned-actions#161

Full Changelog: zgosalvez/github-actions-ensure-sha-pinned-actions@v3...v3.0.7

v3.0.6

What's Changed

Bump eslint from 9.1.1 to 9.4.0 by @dependabot in zgosalvez/github-actions-ensure-sha-pinned-actions#160

Bump actions/checkout from 4.1.4 to 4.1.6 by @dependabot in zgosalvez/github-actions-ensure-sha-pinned-actions#159

Bump zgosalvez/github-actions-get-action-runs-using-version from 2.0.4 to 2.0.5 by @dependabot in zgosalvez/github-actions-ensure-sha-pinned-actions#158

Bump yaml from 2.4.1 to 2.4.2 by @dependabot in zgosalvez/github-actions-ensure-sha-pinned-actions#155

Full Changelog: zgosalvez/github-actions-ensure-sha-pinned-actions@v3...v3.0.6

v3.0.5

What's Changed

Bump eslint from 9.0.0 to 9.1.0 by @dependabot in zgosalvez/github-actions-ensure-sha-pinned-actions#150

Bump eslint from 9.1.0 to 9.1.1 by @dependabot in zgosalvez/github-actions-ensure-sha-pinned-actions#151

Bump stefanzweifel/git-auto-commit-action from 5.0.0 to 5.0.1 by @dependabot in zgosalvez/github-actions-ensure-sha-pinned-actions#152

Bump actions/checkout from 4.1.2 to 4.1.4 by @dependabot in zgosalvez/github-actions-ensure-sha-pinned-actions#153

Bump zgosalvez/github-actions-get-action-runs-using-version from 2.0.3 to 2.0.4 by @dependabot in zgosalvez/github-actions-ensure-sha-pinned-actions#154

Full Changelog: zgosalvez/github-actions-ensure-sha-pinned-actions@v3.0.4...v3.0.5

v3.0.4

What's Changed

Update dependencies by @zgosalvez in zgosalvez/github-actions-ensure-sha-pinned-actions#146

Bump zgosalvez/github-actions-get-action-runs-using-version from 2.0.1 to 2.0.3 by @dependabot in zgosalvez/github-actions-ensure-sha-pinned-actions#138

Bump actions/setup-node from 4.0.0 to 4.0.2 by @dependabot in zgosalvez/github-actions-ensure-sha-pinned-actions#143

Bump actions/checkout from 4.1.1 to 4.1.2 by @dependabot in zgosalvez/github-actions-ensure-sha-pinned-actions#148

... (truncated)

Commits

74606c3 Update README.md (#167)
08d8d3c Bump yaml from 2.4.4 to 2.4.5 (#164)
89bdf9b Bump braces from 3.0.2 to 3.0.3 (#166)
b393516 Bump eslint from 9.4.0 to 9.5.0 (#165)
76d1d8e Bump yaml from 2.4.2 to 2.4.4 (#161)
2f2ebc6 Bump yaml from 2.4.1 to 2.4.2 (#155)
fc524d0 Bump zgosalvez/github-actions-get-action-runs-using-version (#158)
0ca258f Bump actions/checkout from 4.1.4 to 4.1.6 (#159)
c8e74cf Bump eslint from 9.1.1 to 9.4.0 (#160)
40e45e7 Bump zgosalvez/github-actions-get-action-runs-using-version (#154)
Additional commits viewable in compare view

Updates gitleaks/gitleaks-action from 2.3.2 to 2.3.6

Release notes

Sourced from gitleaks/gitleaks-action's releases.

v2.3.6

What's Changed

Using DefaultArtifactClient from @actions/artifact package by @codykhon in gitleaks/gitleaks-action#157

New Contributors

@codykhon made their first contribution in gitleaks/gitleaks-action#157

Full Changelog: gitleaks/gitleaks-action@v2...v2.3.6

v2.3.5

What's Changed

bumping artifact dep by @zricethezav in gitleaks/gitleaks-action#153

Full Changelog: gitleaks/gitleaks-action@v2...v2.3.5

v2.3.4

Full Changelog: gitleaks/gitleaks-action@v2.3.3...v2.3.4

v2.3.3

What's Changed

bump gitleaks version by @zricethezav in gitleaks/gitleaks-action#111

Document GITLEAKS_VERSION env var by @spaze in gitleaks/gitleaks-action#123

Upgrade from 'node16' to 'node20' by @ericcornelissen in gitleaks/gitleaks-action#134

New Contributors

@spaze made their first contribution in gitleaks/gitleaks-action#123

Full Changelog: https://github.com/gitleaks/gitleaks-action/compare/v2.3.2...v2...
Description has been truncated

…6 updates Bumps the patch-minor-dependencies group with 16 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.1` | `4.1.7` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.23.1` | `3.25.10` | | [actions/setup-java](https://github.com/actions/setup-java) | `4.0.0` | `4.2.1` | | [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.26.7` | `2.41.3` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.0.0` | `4.3.3` | | [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | `4.0.1` | `4.0.2` | | [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions) | `3.0.3` | `3.0.9` | | [gitleaks/gitleaks-action](https://github.com/gitleaks/gitleaks-action) | `2.3.2` | `2.3.6` | | [anchore/scan-action](https://github.com/anchore/scan-action) | `3.6.1` | `3.6.4` | | [ncipollo/release-action](https://github.com/ncipollo/release-action) | `1.13.0` | `1.14.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.2.0` | `4.3.3` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.16.1` | `0.23.0` | | [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) | `3.0.0` | `3.1.1` | | [actions/cache](https://github.com/actions/cache) | `4.0.0` | `4.0.2` | | [actions/setup-node](https://github.com/actions/setup-node) | `4.0.1` | `4.0.2` | | [trunk-io/trunk-action](https://github.com/trunk-io/trunk-action) | `1.1.9` | `1.1.15` | Updates `actions/checkout` from 4.1.1 to 4.1.7 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@b4ffde6...692973e) Updates `github/codeql-action` from 3.23.1 to 3.25.10 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@0b21cf2...23acc5c) Updates `actions/setup-java` from 4.0.0 to 4.2.1 - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](actions/setup-java@387ac29...99b8673) Updates `taiki-e/install-action` from 2.26.7 to 2.41.3 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](taiki-e/install-action@bee85d7...e6c7481) Updates `actions/dependency-review-action` from 4.0.0 to 4.3.3 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@4901385...72eb03d) Updates `aws-actions/configure-aws-credentials` from 4.0.1 to 4.0.2 - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](aws-actions/configure-aws-credentials@010d0da...e3dd6a4) Updates `zgosalvez/github-actions-ensure-sha-pinned-actions` from 3.0.3 to 3.0.9 - [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases) - [Commits](zgosalvez/github-actions-ensure-sha-pinned-actions@ba37328...74606c3) Updates `gitleaks/gitleaks-action` from 2.3.2 to 2.3.6 - [Release notes](https://github.com/gitleaks/gitleaks-action/releases) - [Commits](gitleaks/gitleaks-action@1f2d10f...44c470f) Updates `anchore/scan-action` from 3.6.1 to 3.6.4 - [Release notes](https://github.com/anchore/scan-action/releases) - [Changelog](https://github.com/anchore/scan-action/blob/main/CHANGELOG.md) - [Commits](anchore/scan-action@c35e932...3343887) Updates `ncipollo/release-action` from 1.13.0 to 1.14.0 - [Release notes](https://github.com/ncipollo/release-action/releases) - [Commits](ncipollo/release-action@6c75be8...2c591bc) Updates `actions/upload-artifact` from 4.2.0 to 4.3.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@694cdab...6546280) Updates `aquasecurity/trivy-action` from 0.16.1 to 0.23.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@d43c1f1...7c2007b) Updates `hashicorp/setup-terraform` from 3.0.0 to 3.1.1 - [Release notes](https://github.com/hashicorp/setup-terraform/releases) - [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md) - [Commits](hashicorp/setup-terraform@a1502cd...651471c) Updates `actions/cache` from 4.0.0 to 4.0.2 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@13aacd8...0c45773) Updates `actions/setup-node` from 4.0.1 to 4.0.2 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@b39b52d...60edb5d) Updates `trunk-io/trunk-action` from 1.1.9 to 1.1.15 - [Release notes](https://github.com/trunk-io/trunk-action/releases) - [Commits](trunk-io/trunk-action@97ecd21...f6c5f1b) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-minor-dependencies - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: patch-minor-dependencies - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-minor dependency-group: patch-minor-dependencies - dependency-name: taiki-e/install-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: patch-minor-dependencies - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: patch-minor-dependencies - dependency-name: aws-actions/configure-aws-credentials dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-minor-dependencies - dependency-name: zgosalvez/github-actions-ensure-sha-pinned-actions dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-minor-dependencies - dependency-name: gitleaks/gitleaks-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-minor-dependencies - dependency-name: anchore/scan-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-minor-dependencies - dependency-name: ncipollo/release-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: patch-minor-dependencies - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: patch-minor-dependencies - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: patch-minor-dependencies - dependency-name: hashicorp/setup-terraform dependency-type: direct:production update-type: version-update:semver-minor dependency-group: patch-minor-dependencies - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-minor-dependencies - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-minor-dependencies - dependency-name: trunk-io/trunk-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: patch-minor-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot requested a review from aps831 as a code owner June 24, 2024 07:00

dependabot bot added github_actions Update to Github actions no_ci_cd_run Do not run Github actions labels Jun 24, 2024

dependabot bot assigned aps831 Jun 24, 2024

dependabot bot mentioned this pull request Jun 24, 2024

ci: bump the patch-minor-dependencies group across 1 directory with 16 updates #214

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ci: bump the patch-minor-dependencies group across 1 directory with 16 updates #215

ci: bump the patch-minor-dependencies group across 1 directory with 16 updates #215

dependabot bot commented on behalf of github Jun 24, 2024

ci: bump the patch-minor-dependencies group across 1 directory with 16 updates #215

Are you sure you want to change the base?

ci: bump the patch-minor-dependencies group across 1 directory with 16 updates #215

Conversation

dependabot bot commented on behalf of github Jun 24, 2024

v4.1.7

What's Changed

New Contributors

v4.1.6

What's Changed

v4.1.5

What's Changed

v4.1.4

What's Changed

v4.1.3

What's Changed

v4.1.2

Changelog

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v4.0.0

v3.6.0

v3.5.3

CodeQL Action Changelog

[UNRELEASED]

3.25.10 - 13 Jun 2024

3.25.9 - 12 Jun 2024

3.25.8 - 04 Jun 2024

3.25.7 - 31 May 2024

3.25.6 - 20 May 2024

3.25.5 - 13 May 2024

3.25.4 - 08 May 2024

3.25.3 - 25 Apr 2024

3.25.2 - 22 Apr 2024

v4.2.1

What's Changed

v4.2.0

What's Changed

New Contributors

V4.1.0

What's Changed

New Contributors

2.41.3

2.41.2

2.41.1

2.41.0

2.40.2

2.40.1

2.40.0

2.39.2

2.39.1

2.39.0

2.38.7

2.38.6

Changelog

[Unreleased]

[2.41.3] - 2024-06-24

[2.41.2] - 2024-06-23

[2.41.1] - 2024-06-22

[2.41.0] - 2024-06-21

[2.40.2] - 2024-06-21

[2.40.1] - 2024-06-20

[2.40.0] - 2024-06-19

[2.39.2] - 2024-06-18

Notes for v4.3.3

What's Changed

New Contributors

v4.3.2

What's Changed

v4.3.1

What's Changed

v4.3.0

New Features

What's Changed