-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(deps): update all non-major dependencies #69
Open
renovate
wants to merge
1
commit into
main
Choose a base branch
from
renovate/all-minor-patch-digest-pin
base: main
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
from
August 28, 2024 00:26
1af16b0
to
babdf91
Compare
renovate
bot
changed the title
chore(deps): update github/codeql-action action to v3.26.5
fix(deps): update all non-major dependencies
Aug 28, 2024
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
from
August 29, 2024 14:13
babdf91
to
99903b4
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
from
September 6, 2024 22:55
99903b4
to
9a55437
Compare
renovate
bot
changed the title
fix(deps): update all non-major dependencies
chore(deps): update all non-major dependencies
Sep 6, 2024
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
3 times, most recently
from
September 13, 2024 13:59
44553a9
to
42dd2b8
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
2 times, most recently
from
September 19, 2024 14:18
af132e1
to
86d5603
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
6 times, most recently
from
October 1, 2024 16:43
3ee387a
to
46c07b0
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
2 times, most recently
from
October 2, 2024 18:13
35f9285
to
893b464
Compare
ℹ Artifact update noticeFile name: go.modIn order to perform the update(s) described in the table above, Renovate ran the
Details:
|
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
3 times, most recently
from
October 7, 2024 18:38
0e67763
to
9070087
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
3 times, most recently
from
October 16, 2024 13:13
1f0599c
to
b4b2b02
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
3 times, most recently
from
October 24, 2024 17:30
dfc3a26
to
a3d9a72
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
2 times, most recently
from
October 25, 2024 18:19
085d302
to
2c87214
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
6 times, most recently
from
November 14, 2024 16:40
38855c5
to
767f672
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
2 times, most recently
from
November 20, 2024 17:02
09eff2f
to
7d4686e
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
4 times, most recently
from
December 4, 2024 01:30
78f5986
to
4b82e29
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
3 times, most recently
from
December 6, 2024 03:59
d5a3dea
to
6ac50c9
Compare
renovate
bot
changed the title
chore(deps): update all non-major dependencies
fix(deps): update all non-major dependencies
Dec 10, 2024
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
5 times, most recently
from
December 17, 2024 14:49
405f5b2
to
f6e3a0a
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
from
December 17, 2024 18:08
f6e3a0a
to
d05e493
Compare
renovate
bot
force-pushed
the
renovate/all-minor-patch-digest-pin
branch
from
December 20, 2024 19:44
d05e493
to
55320c6
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v4.1.7
->v4.2.2
v5.0.2
->v5.2.0
3.20.2
->3.21.0
3.20.2
->3.21.0
2.55.0
->2.64.0
v4.5.0
->v4.6.0
v3.2.1
->v3.3.1
v0.24.0
->v0.25.1
v2.27.4
->v2.27.5
v3.26.4
->v3.28.0
v2.6.2
->v2.7.0
Release Notes
actions/checkout (actions/checkout)
v4.2.2
Compare Source
url-helper.ts
now leverages well-known environment variables by @jww3 in https://github.com/actions/checkout/pull/1941isGhes
by @jww3 in https://github.com/actions/checkout/pull/1946v4.2.1
Compare Source
v4.2.0
Compare Source
actions/setup-go (actions/setup-go)
v5.2.0
Compare Source
What's Changed
New Contributors
Full Changelog: actions/setup-go@v5...v5.2.0
v5.1.0
Compare Source
What's Changed
This addresses issues with caching by adding the architecture (arch) to the cache key, ensuring that cache keys are accurate to prevent conflicts.
Note: This change may break previous cache keys as they will no longer be compatible with the new format.
Bug Fixes
isGhes
logic by @jww3 in https://github.com/actions/setup-go/pull/511New Contributors
Full Changelog: actions/setup-go@v5...v5.1.0
cli/cli (cli/cli)
v2.64.0
: GitHub CLI 2.64.0Compare Source
What's Changed
gh attestation verify
when thebundle-from-oci
flag is specified by @malancas in https://github.com/cli/cli/pull/10020gh repo rename
help text clarifies new repo name should not include owner by @BagToad in https://github.com/cli/cli/pull/10044gh run
andgh codespace
by @uday-rana in https://github.com/cli/cli/pull/10043gh pr merge --delete-branch
exits with error when merge requested via merge queue by @BagToad in https://github.com/cli/cli/pull/10074gh at inspect
improvements by @phillmv in https://github.com/cli/cli/pull/9954pr view
for intra-org forks by @williammartin in https://github.com/cli/cli/pull/10078gh attestation download
by @malancas in https://github.com/cli/cli/pull/10051gh attestation verify
policy options configuration in thenewEnforcementCriteria()
function by @malancas in https://github.com/cli/cli/pull/10012New Contributors
Full Changelog: cli/cli@v2.63.2...2.64.0
v2.63.2
: GitHub CLI 2.63.2Compare Source
What's Changed
Full Changelog: cli/cli@v2.63.1...v2.63.2
v2.63.1
: GitHub CLI 2.63.1Compare Source
What's Changed
git/client_test.go
comments for linter by @BagToad in https://github.com/cli/cli/pull/9969gh repo fork
, log the change by @timrogers in https://github.com/cli/cli/pull/9983Security
A security vulnerability has been identified in GitHub CLI that could create or overwrite files in unintended directories when users download a malicious GitHub Actions workflow artifact through
gh run download
.For more information, see GHSA-2m9h-r57g-45pj
Full Changelog: cli/cli@v2.63.0...v2.63.1
v2.63.0
: GitHub CLI 2.63.0Compare Source
What's Changed
getAttestations
functions by @malancas in https://github.com/cli/cli/pull/9892baseRefOid
inpr view
by @daliusd in https://github.com/cli/cli/pull/9938heredoc
strings by @BagToad in https://github.com/cli/cli/pull/9948release create
fails due to missingworkflow
OAuth scope by @BagToad in https://github.com/cli/cli/pull/9791Full Changelog: cli/cli@v2.62.0...v2.63.0
Security
A security vulnerability has been identified in the GitHub CLI that could leak authentication tokens when cloning repositories containing git submodules hosted outside of GitHub.com and ghe.com.
For more information, see GHSA-jwcm-9g39-pmcw
New Contributors
v2.62.0
: GitHub CLI 2.62.0Compare Source
What's Changed
Full Changelog: cli/cli@v2.61.0...v2.62.0
Security
A security vulnerability has been identified in GitHub CLI that could allow remote code execution (RCE) when users connect to a malicious Codespace SSH server and use the
gh codespace ssh
orgh codespace logs
commands.For more information, see GHSA-p2h2-3vg9-4p87
GitHub CLI notifies users about latest extension upgrades
Similar to the notification of latest
gh
releases, thev2.62.0
version of GitHub CLI will notify users about latest extension upgrades when the extension is used:Why does this matter?
This removes a common pain point of extension authors as they have had to reverse engineer and implement a similar mechanism within their extensions directly.
With this quality of life improvement, there are 2 big benefits:
What do you need to do?
Extension authors should review their extensions and consider removing any custom logic previously implemented to notify users of new releases.
v2.61.0
: GitHub CLI 2.61.0Compare Source
Ensure users understand consequences before making repository visibility changes
In
v2.61.0
,gh repo edit
command has been enhanced to inform users about consequences of changing visibility and ensure users are intentional before making irreversible changes:gh repo edit
visibility change requires confirmation when changing frompublic
,private
, orinternal
gh repo edit --visibility
change requires new--accept-visibility-change-consequences
flag to confirmgh repo edit
experienceWhat's Changed
project
command by @jtmcg in https://github.com/cli/cli/pull/9816gh ruleset
by @andyfeller in https://github.com/cli/cli/pull/9815gh repo edit
by @andyfeller in https://github.com/cli/cli/pull/9845gh attestation verify
by @malancas in https://github.com/cli/cli/pull/9838gh attestation verify
should only verify provenance attestations by default by @malancas in https://github.com/cli/cli/pull/9825dnf5
commands as default by @its-miroma in https://github.com/cli/cli/pull/9844gh attestation verify
policy enforcement refactor by @malancas in https://github.com/cli/cli/pull/9848gh attestation verify
by @malancas in https://github.com/cli/cli/pull/9877gh cache list
when--json
is provided by @williammartin in https://github.com/cli/cli/pull/9883gh pr create -w
ignore template flag by @nilvng in https://github.com/cli/cli/pull/9863New Contributors
Full Changelog: cli/cli@v2.60.1...v2.61.0
v2.60.1
: GitHub CLI 2.60.1Compare Source
This is a small patch release to fix installing
gh
viago install
which was broken with v2.60.0.What's Changed
Full Changelog: cli/cli@v2.60.0...v2.60.1
v2.60.0
: GitHub CLI 2.60.0Compare Source
What's Changed
LiveSigstoreVerifier.Verify
should error if no attestations are present by @phillmv in https://github.com/cli/cli/pull/9742gh at verify
retries fetching attestations if it receives a 5xx by @phillmv in https://github.com/cli/cli/pull/9797working-with-us.md
by @BagToad in https://github.com/cli/cli/pull/9800gh
is supported on GitHub Enterprise Cloud by @BagToad in https://github.com/cli/cli/pull/9805Acceptance Test Changes
workflow
,run
, andcache
commands by @BagToad in https://github.com/cli/cli/pull/9766api
acceptance tests by @BagToad in https://github.com/cli/cli/pull/9770release
commands by @BagToad in https://github.com/cli/cli/pull/9771org
andssh-key
commands by @BagToad in https://github.com/cli/cli/pull/9812gh auth
commands by @jtmcg in https://github.com/cli/cli/pull/9787repo
commands by @jtmcg in https://github.com/cli/cli/pull/9783search
command by @BagToad in https://github.com/cli/cli/pull/9786variable
commands by @andyfeller in https://github.com/cli/cli/pull/978secret
commands by @andyfeller in https://github.com/cli/cli/pull/9782New Contributors
Full Changelog: cli/cli@v2.59.0...v2.60.0
v2.59.0
: GitHub CLI 2.59.0Compare Source
What's Changed
SECURITY.md
with expectations for privately reported vulnerabilities by @BagToad in https://github.com/cli/cli/pull/9687darwin-amd64
binary on an Apple Silicon macOS device by @timrogers in https://github.com/cli/cli/pull/9650repo license list/view
andrepo gitignore list/view
by @BagToad in https://github.com/cli/cli/pull/9721GH_ACCEPTANCE_SCRIPT
env var to target a single script by @williammartin in https://github.com/cli/cli/pull/9756issue
command by @williammartin in https://github.com/cli/cli/pull/9757gist list
by @heaths in https://github.com/cli/cli/pull/9728New Contributors
Full Changelog: cli/cli@v2.58.0...v2.59.0
v2.58.0
: GitHub CLI 2.58.0Compare Source
What's Changed
attestation verify
custom issuer mismatch error by @bdehamer in https://github.com/cli/cli/pull/9616attestation trusted-root
command by @BagToad in https://github.com/cli/cli/pull/9635attestation trusted-root
command by @bdehamer in https://github.com/cli/cli/pull/9610trusted-root
command by @bdehamer in https://github.com/cli/cli/pull/9638dnf5
instructions todocs/install_linux.md
by @its-miroma in https://github.com/cli/cli/pull/9660New Contributors
Full Changelog: cli/cli@v2.57.0...v2.58.0
v2.57.0
: GitHub CLI 2.57.0Compare Source
What's Changed
--active
flag to thegh auth status
command by @velumuruganr in https://github.com/cli/cli/pull/9520gh attestation verify
test for custom OIDC issuers by @bdehamer in https://github.com/cli/cli/pull/9595darwin-arm64
binary, but adarwin-amd64
binary is available by @timrogers in https://github.com/cli/cli/pull/9599gh attestation verify
bundle parsing and validation errors by @malancas in https://github.com/cli/cli/pull/9564attestation verify
output when no TTY present by @bdehamer in https://github.com/cli/cli/pull/9612New Contributors
Full Changelog: cli/cli@v2.56.0...v2.57.0
v2.56.0
: GitHub CLI 2.56.0Compare Source
Important note about renewed GPG key
The Debian and RedHat releases have been signed with a new GPG key. If you are experiencing issues updating your
.deb
or.rpm
packages, please read cli/cli#9569.What's Changed
gh repo sync
stdout by @muzimuzhi in https://github.com/cli/cli/pull/9491Internal
fromgh repo create
prompt when owner is not an org by @jtmcg in https://github.com/cli/cli/pull/9465gh run view
by @benebsiny in https://github.com/cli/cli/pull/9482repo sync
by @muzimuzhi in https://github.com/cli/cli/pull/9509gh attestation verify
handles empty JSONL files by @malancas in https://github.com/cli/cli/pull/9541New Contributors
Full Changelog: cli/cli@v2.55.0...v2.56.0
codecov/codecov-action (codecov/codecov-action)
v4.6.0
Compare Source
What's Changed
versionInfo
by @marcobiedermann in https://github.com/codecov/codecov-action/pull/1407Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.