Bump the all-actions group across 1 directory with 9 updates #10811
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the all-actions group with 9 updates in the / directory:
4.1.7
4.2.1
1.187.0
1.197.0
3.25.13
3.26.13
2.0
2.1
1.10.3
1.11.0
3.5.0
3.7.0
2.3.3
2.4.0
4.0.2
4.1.1
4.3.4
4.4.3
Updates
actions/checkout
from 4.1.7 to 4.2.1Release notes
Sourced from actions/checkout's releases.
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
eef6144
Prepare 4.2.1 release (#1925)6b42224
Add workflow file for publishing releases to immutable action package (#1919)de5a000
Check out other refs/* by commit if provided, fall back to ref (#1924)d632683
Prepare 4.2.0 release (#1878)6d193bf
Bump braces from 3.0.2 to 3.0.3 (#1777)db0cee9
Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1872)b684943
Add Ref and Commit outputs (#1180)2d7d9f7
Provide explanation for where user email came from (#1869)9a9194f
Bump docker/build-push-action from 5.3.0 to 6.5.0 (#1832)dd960bd
Bump docker/login-action in the minor-actions-dependencies group (#1831)Updates
ruby/setup-ruby
from 1.187.0 to 1.197.0Release notes
Sourced from ruby/setup-ruby's releases.
... (truncated)
Commits
7bae1d0
Add truffleruby-24.1.1,truffleruby+graalvm-24.1.14d521ea
Fix exclusion1d9686e
Mention the new ruby-asan under Supported Versionsbea2fb9
Add some details about using asan build.f269373
Test the last 3.4 preview in CI784fcda
Add ruby-3.4.0-preview2f6e0571
Update README.md207a399
Move the link to the list together with other text about builds086ffb1
Update thedist/index.js
.27ceac8
Add asan to the test matrix.Updates
github/codeql-action
from 3.25.13 to 3.26.13Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
f779452
Merge pull request #2539 from github/update-v3.26.13-0c3e006415329324
Update CHANGELOG.md007ba25
Update changelog for v3.26.130c3e006
Merge pull request #2536 from yoff/python/ff-std-lib-extraction38469af
Merge pull request #2537 from github/henrymercer/no-zstd-windows5b6984e
Assert that Windows downloads gzipeefb943
Don't use Zstandard bundles on Windows201e02e
rebuild the actionce5f900
formatting65dd816
remove unused importUpdates
codespell-project/actions-codespell
from 2.0 to 2.1Release notes
Sourced from codespell-project/actions-codespell's releases.
Commits
406322e
[pre-commit.ci] pre-commit autoupdate (#76)3174815
feat: bump to use node20 runtime (#71)8edd9f2
Bump actions/setup-python from 4 to 5 (#74)8dc8168
Bump actions/checkout from 3 to 4 (#72)41170f1
Use v2 in README (#69)Updates
actions/create-github-app-token
from 1.10.3 to 1.11.0Release notes
Sourced from actions/create-github-app-token's releases.
Commits
5d869da
build(release): 1.11.0 [skip ci]796b88d
feat: allow repositories input to be comma or newline-separated (#169)3378cda
build(release): 1.10.4 [skip ci]e177c20
fix(deps): bump the production-dependencies group across 1 directory with 3 u...961c228
build(deps-dev): bump the development-dependencies group across 1 directory w...15db037
test: fix test file extensions and inputs for repositories (#161)9ccc6db
ci(test): addworkflow_dispatch
trigger000e2a0
docs(readme): document how a Base64 private key could be decoded (#155)d0ac2ad
docs(README): fix thegit committer string
andConfigure git CLI
examples...040c259
build(deps-dev): bump the development-dependencies group with 4 updates (#150)Updates
sigstore/cosign-installer
from 3.5.0 to 3.7.0Release notes
Sourced from sigstore/cosign-installer's releases.
Commits
dc72c7d
bump for latest cosign v2.4.1 release (#173)08bb361
Bump actions/checkout from 4.1.7 to 4.2.0 (#172)4959ce0
update readme for new release (#170)45ffe83
bump default version to v2.4.0 release (#168)7e1d9c1
pin public key used for verification (#169)cc23fe1
Bump actions/setup-go from 5.0.1 to 5.0.2 (#167)b235ed9
Bump actions/checkout from 4.1.6 to 4.1.7 (#166)b49ef6b
Bump actions/checkout from 4.1.5 to 4.1.6 (#165)7a59e5a
Bump actions/checkout from 4.1.4 to 4.1.5 (#164)8d927bd
Bump actions/setup-go from 5.0.0 to 5.0.1 (#163)Updates
ossf/scorecard-action
from 2.3.3 to 2.4.0Release notes
Sourced from ossf/scorecard-action's releases.
Commits
62b2cac
bump docker tag to v2.4.0 for release (#1414)c09630c
lower license score alert threshold to 9 (#1411)cf8594c
🌱 Bump github.com/sigstore/cosign/v2 from 2.2.4 to 2.3.0 (#1413)de5fcb9
🌱 Bump the github-actions group with 2 updates (#1412)a46b90b
bump scorecard to v5.0.0 release (#1410)9fc518d
🌱 Bump golang in the docker-images group (#1407)a8eaa1b
🌱 Bump the github-actions group with 2 updates (#1408)873d5fd
🌱 Bump the github-actions group across 1 directory with 2 updates (#...54cc1fe
🌱 Bump the docker-images group with 2 updates (#1401)82bcb91
🌱 Bump golang.org/x/net from 0.26.0 to 0.27.0 (#1400)Updates
actions/cache
from 4.0.2 to 4.1.1Release notes
Sourced from actions/cache's releases.
Changelog
Sourced from actions/cache's changelog.
... (truncated)
Commits
3624ceb
Restore original behavior ofcache-hit
output (#1467)2cdf405
Prepare4.1.0
release (#1464)a11fb02
restore action's README now references v4 instead of v3 (#1445)cf7a75e
Fix typo: depening -> depending (#1462)c74ca40
Deprecatesave-always
input (#1452)f8a7ab4
Merge pull request #1463 from actions/Jcambass-patch-145b7be0
Add workflow file for publishing releases to immutable action package81382a7
Merge pull request #1311 from todgru/todgru/v4-documentation-updatec4ee99a
Merge branch 'main' into todgru/v4-documentation-update57b8e40
Clarify that therestore-keys
input is a string in the docs (#1434)Updates
actions/upload-artifact
from 4.3.4 to 4.4.3Release notes
Sourced from actions/upload-artifact's releases.
... (truncated)
Commits
b4b15b8
Merge pull request #632 from actions/joshmgross/undo-dependency-changes92b01eb
Undo indirect dependency updates from #6278448086
Merge pull request #627 from actions/robherley/v4.4.2b1d4642
add explicit relative and absolute symlinks to workflowd50e660
bump versionaabe6f8
build with@actions/artifact
v2.1.11604373d
Merge pull request #625 from actions/robherley/artifact-2.1.100150148
paste right core versiona009b25
update licenses9f6f6f4
update@actions/core
and@actions/artifact
to latest versionsDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditions