Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the gha group with 5 updates #1701

Merged
merged 1 commit into from
Oct 7, 2024
Merged

chore(deps): bump the gha group with 5 updates #1701

merged 1 commit into from
Oct 7, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 7, 2024

Bumps the gha group with 5 updates:

Package From To
tj-actions/changed-files 45.0.2 45.0.3
kyverno/action-install-chainsaw 0.2.10 0.2.11
golangci/golangci-lint-action 6.1.0 6.1.1
fluxcd/flux2 2.3.0 2.4.0
sigstore/cosign-installer 3.6.0 3.7.0

Updates tj-actions/changed-files from 45.0.2 to 45.0.3

Release notes

Sourced from tj-actions/changed-files's releases.

v45.0.3

What's Changed

Full Changelog: tj-actions/changed-files@v45...v45.0.3

Changelog

Sourced from tj-actions/changed-files's changelog.

Changelog

45.0.3 - (2024-10-03)

🐛 Bug Fixes

  • Overwriting yaml filter patterns (#2307) (c3a1bb2) - (Tonye Jack)
  • deps: Update dependency @​actions/core to v1.11.0 (9d4f8fe) - (renovate[bot])
  • Bug with files ignore yaml patterns not filtering the list of files (#2304) (d0cf164) - (Tonye Jack)
  • Test for since last remote commit check on pull_request closed (#2295) (e753fb0) - (Tonye Jack)

➕ Add

  • Added missing changes and modified dist assets. (36d5b9d) - (GitHub Action)
  • Added missing changes and modified dist assets. (4dbe54f) - (GitHub Action)

📚 Documentation

⚙️ Miscellaneous Tasks

  • deps: Update dependency @​types/lodash to v4.17.10 (27843f1) - (renovate[bot])
  • deps: Lock file maintenance (8a4a975) - (renovate[bot])
  • deps: Update dependency @​types/node to v22.7.4 (6bfa9e7) - (renovate[bot])
  • deps: Update dependency @​types/node to v22.7.3 (625dbd6) - (renovate[bot])
  • deps: Update dependency @​types/node to v22.7.2 (c29c1d3) - (renovate[bot])
  • deps: Update dependency @​types/node to v22.7.0 (e21f1a3) - (renovate[bot])
  • deps: Update dependency @​types/node to v22.6.1 (792230f) - (renovate[bot])
  • deps: Update dependency @​vercel/ncc to v0.38.2 (537f1c6) - (renovate[bot])
  • deps: Update dependency @​types/lodash to v4.17.9 (82587d8) - (renovate[bot])
  • deps: Lock file maintenance (eda64a6) - (renovate[bot])
  • deps: Update actions/setup-node action to v4.0.4 (4d5444c) - (renovate[bot])
  • deps: Update peter-evans/create-pull-request action to v7.0.5 (c2e104b) - (renovate[bot])
  • deps: Update dependency eslint to v8.57.1 (eed685a) - (renovate[bot])

⬆️ Upgrades

  • Upgraded to v45.0.2 (#2282)

Co-authored-by: jackton1 [email protected] (6f538bb) - (tj-actions[bot])

45.0.2 - (2024-09-16)

🐛 Bug Fixes

  • deps: Update dependency yaml to v2.5.1 (c7114f6) - (renovate[bot])

... (truncated)

Commits
  • c3a1bb2 fix: overwriting yaml filter patterns (#2307)
  • 27843f1 chore(deps): update dependency @​types/lodash to v4.17.10
  • 36d5b9d Added missing changes and modified dist assets.
  • 9d4f8fe fix(deps): update dependency @​actions/core to v1.11.0
  • d0cf164 fix: bug with files ignore yaml patterns not filtering the list of files (#2304)
  • 641e22a docs: Update README.md (#2300)
  • 8a4a975 chore(deps): lock file maintenance
  • 6bfa9e7 chore(deps): update dependency @​types/node to v22.7.4
  • 625dbd6 chore(deps): update dependency @​types/node to v22.7.3
  • 1a71128 docs: Update README.md (#2296)
  • Additional commits viewable in compare view

Updates kyverno/action-install-chainsaw from 0.2.10 to 0.2.11

Release notes

Sourced from kyverno/action-install-chainsaw's releases.

v0.2.11

What's Changed

Full Changelog: kyverno/action-install-chainsaw@v0.2.10...v0.2.11

Commits

Updates golangci/golangci-lint-action from 6.1.0 to 6.1.1

Release notes

Sourced from golangci/golangci-lint-action's releases.

v6.1.1

What's Changed

Changes

Documentation

Dependencies

New Contributors

Full Changelog: golangci/golangci-lint-action@v6.1.0...v6.1.1

Commits
  • 971e284 build(deps-dev): bump the dev-dependencies group with 3 updates (#1108)
  • bbe7eb5 build(deps): bump @​types/node from 22.5.5 to 22.7.4 in the dependencies group...
  • ebae5ce build(deps-dev): bump the dev-dependencies group with 3 updates (#1105)
  • 06c3f3a build(deps): bump @​types/node from 22.5.4 to 22.5.5 in the dependencies group...
  • 56689d8 build(deps-dev): bump the dev-dependencies group with 3 updates (#1103)
  • c7bab6f fix: clean go install output (#1102)
  • 33f56cc build(deps-dev): bump the dev-dependencies group with 3 updates (#1099)
  • e954224 build(deps): bump @​types/node from 22.5.2 to 22.5.4 in the dependencies group...
  • 68de804 build(deps): bump @​types/node from 22.5.1 to 22.5.2 in the dependencies group...
  • 22a3756 build(deps-dev): bump the dev-dependencies group with 2 updates (#1097)
  • Additional commits viewable in compare view

Updates fluxcd/flux2 from 2.3.0 to 2.4.0

Release notes

Sourced from fluxcd/flux2's releases.

v2.4.0

Highlights

Flux v2.4.0 is a feature release. Users are encouraged to upgrade for the best experience.

For a comprehensive overview of new features and API changes included in this release, please refer to the Announcing Flux 2.4 GA blog post.

This release marks the General Availability (GA) of Flux Bucket API. The Bucket v1 API comes with new features including: proxy support, mTLS and custom STS configuration for AWS S3 and MinIO LDAP authentication.

The GitRepository v1 API gains support for OIDC authentication. Starting with this version, you can authenticate against Azure DevOps repositories using AKS Workload Identity.

The OCIRepository v1beta2 API gains support for proxy configuration thus allowing dedicated HTTP/S Proxy authentication on multi-tenant Kubernetes clusters.

The HelmRelease v2 API gains support for disabling JSON schema validation of the Helm release values during installation and upgrade. And allows adopting existing Kubernetes resources during Helm release installation.

The Flux controllers are now built with Go 1.23 and their dependencies have been updated to Kubernetes 1.31, Helm 3.16, SOPS 3.9 Cosign 2.4 and Notation 1.2.

❤️ Big thanks to all the Flux contributors that helped us with this release!

Kubernetes compatibility

This release is compatible with the following Kubernetes versions:

Kubernetes version Minimum required
v1.29 >= 1.29.0
v1.30 >= 1.30.0
v1.31 >= 1.31.0

[!NOTE] Note that the Flux project offers support only for the latest three minor versions of Kubernetes. Backwards compatibility with older versions of Kubernetes and OpenShift is offered by vendors such as ControlPlane that provide enterprise support for Flux.

OpenShift compatibility

Flux can be installed on Red Hat OpenShift cluster directly from OperatorHub using Flux Operator. The operator allows the configuration of Flux multi-tenancy lockdown, network policies, persistent storage, sharding, vertical scaling and the synchronization of the cluster state from Git repositories, OCI artifacts and S3-compatible storage.

API changes

Bucket v1

The Bucket kind was promoted from v1beta2 to v1 (GA).

The v1 API is backwards compatible with v1beta2.

New fields:

  • .spec.proxySecretRef allows configuring HTTP/S Proxy authentication for the S3-compatible storage service.

... (truncated)

Commits
  • 5350425 Merge pull request #5014 from fluxcd/k8s-v0.31.1
  • 6611a4f Update Kubernetes dependencies to v1.31.1
  • 297b15b Merge pull request #5005 from fluxcd/update-components
  • 56a3d08 Update toolkit components
  • cf26cf2 Merge pull request #5011 from fluxcd/remove-deprecated-tls-flags
  • a3dbf31 Remove TLS deprecated flags from flux create secret
  • 3e4524b Merge pull request #5010 from fluxcd/create-secret-proxy
  • 8470f23 Add flux create secret proxy command
  • e17f3f0 Merge pull request #5009 from fluxcd/proxy-secret-ref
  • e0b8464 Add --proxy-secret-ref to flux create source commands
  • Additional commits viewable in compare view

Updates sigstore/cosign-installer from 3.6.0 to 3.7.0

Release notes

Sourced from sigstore/cosign-installer's releases.

v3.7.0

What's Changed

Full Changelog: sigstore/cosign-installer@v3.6.0...v3.7.0

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the gha group with 5 updates
1719d39 
Bumps the gha group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `45.0.2` | `45.0.3` |
| [kyverno/action-install-chainsaw](https://github.com/kyverno/action-install-chainsaw) | `0.2.10` | `0.2.11` |
| [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `6.1.0` | `6.1.1` |
| [fluxcd/flux2](https://github.com/fluxcd/flux2) | `2.3.0` | `2.4.0` |
| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.6.0` | `3.7.0` |


Updates `tj-actions/changed-files` from 45.0.2 to 45.0.3
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](tj-actions/changed-files@48d8f15...c3a1bb2)

Updates `kyverno/action-install-chainsaw` from 0.2.10 to 0.2.11
- [Release notes](https://github.com/kyverno/action-install-chainsaw/releases)
- [Commits](kyverno/action-install-chainsaw@v0.2.10...v0.2.11)

Updates `golangci/golangci-lint-action` from 6.1.0 to 6.1.1
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](golangci/golangci-lint-action@v6.1.0...v6.1.1)

Updates `fluxcd/flux2` from 2.3.0 to 2.4.0
- [Release notes](https://github.com/fluxcd/flux2/releases)
- [Changelog](https://github.com/fluxcd/flux2/blob/main/.goreleaser.yml)
- [Commits](fluxcd/flux2@v2.3.0...v2.4.0)

Updates `sigstore/cosign-installer` from 3.6.0 to 3.7.0
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](sigstore/cosign-installer@v3.6.0...v3.7.0)

---
updated-dependencies:
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gha
- dependency-name: kyverno/action-install-chainsaw
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gha
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gha
- dependency-name: fluxcd/flux2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Oct 7, 2024
@dependabot dependabot bot requested a review from theSuess as a code owner October 7, 2024 00:05
@dependabot dependabot bot added the github_actions Pull requests that update GitHub Actions code label Oct 7, 2024
@dependabot dependabot bot requested a review from pb82 as a code owner October 7, 2024 00:05
@theSuess theSuess enabled auto-merge October 7, 2024 06:14
@theSuess theSuess added this pull request to the merge queue Oct 7, 2024
Merged via the queue into master with commit 70b6599 Oct 7, 2024
14 checks passed
@theSuess theSuess deleted the dependabot/github_actions/gha-a48c7dd466 branch October 7, 2024 06:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@theSuess theSuess theSuess approved these changes

@NissesSenap NissesSenap Awaiting requested review from NissesSenap NissesSenap is a code owner

@weisdd weisdd Awaiting requested review from weisdd weisdd is a code owner

@ishanjainn ishanjainn Awaiting requested review from ishanjainn ishanjainn is a code owner

@pb82 pb82 Awaiting requested review from pb82 pb82 is a code owner

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@theSuess