From 05ea9d81da71ef756b5b966419f15b8ba616ca93 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 10 Oct 2024 14:50:50 +0200 Subject: [PATCH 01/10] Bump azure/docker-login from 1 to 2 in /.github/actions/frontend-deploy (#307) Bumps [azure/docker-login](https://github.com/azure/docker-login) from 1 to 2.
Release notes

Sourced from azure/docker-login's releases.

Version 2.0

Update the action to run with Node 16

No release notes provided.

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=azure/docker-login&package-manager=github_actions&previous-version=1&new-version=2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/actions/frontend-deploy/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/frontend-deploy/action.yml b/.github/actions/frontend-deploy/action.yml index 0a7f617b..85d3831f 100644 --- a/.github/actions/frontend-deploy/action.yml +++ b/.github/actions/frontend-deploy/action.yml @@ -16,7 +16,7 @@ runs: using: "composite" steps: - name: "Docker Login" - uses: azure/docker-login@v1 + uses: azure/docker-login@v2 with: login-server: ${{ env.DOCKER_REGISTRY_SERVER }} username: ${{ env.DOCKER_REGISTRY_USERNAME }} From d3637ba9e82d7e2597da5ce472c70e1ca057941c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 10 Oct 2024 14:51:11 +0200 Subject: [PATCH 02/10] Bump im-open/update-pr-comment from 1.1.3 to 1.2.2 in /.github/actions/frontend-deploy (#306) Bumps [im-open/update-pr-comment](https://github.com/im-open/update-pr-comment) from 1.1.3 to 1.2.2.
Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=im-open/update-pr-comment&package-manager=github_actions&previous-version=1.1.3&new-version=1.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/actions/frontend-deploy/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/frontend-deploy/action.yml b/.github/actions/frontend-deploy/action.yml index 85d3831f..82d6ac5f 100644 --- a/.github/actions/frontend-deploy/action.yml +++ b/.github/actions/frontend-deploy/action.yml @@ -32,7 +32,7 @@ runs: docker push ${{ env.DOCKER_REGISTRY_SERVER }}/${{ inputs.docker_image_name }}:latest - name: "Create or update deploy results PR comment" - uses: im-open/update-pr-comment@v1.1.3 + uses: im-open/update-pr-comment@v1.2.2 if: ${{ github.event_name == 'pull_request' && github.actor != 'dependabot[bot]' }} with: github-token: ${{ env.GH_TOKEN }} From 068d822fdd496137581cfcb23b46aff810c95cb7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 10 Oct 2024 14:51:21 +0200 Subject: [PATCH 03/10] Bump im-open/update-pr-comment from 1.1.3 to 1.2.2 in /.github/actions/backend-deploy (#305) Bumps [im-open/update-pr-comment](https://github.com/im-open/update-pr-comment) from 1.1.3 to 1.2.2.
Commits
  • b782531 Merge pull request #24 from im-open/update-node
  • a94fd10 Import core differently
  • 52a057f Merge branch 'main' into update-node
  • 9b4e1ab Update to node 20
  • 8f9dee5 Merge pull request #23 from im-open/revert-22-update-node
  • 1f213bd Update readme with latest version and/or recompile the action.
  • 4776e37 Revert "Update to Node 20"
  • a6cf314 Merge pull request #22 from im-open/update-node
  • 41653ed Remove extra space
  • ba5cf84 Update readme with latest version and/or recompile the action.
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=im-open/update-pr-comment&package-manager=github_actions&previous-version=1.1.3&new-version=1.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/actions/backend-deploy/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/backend-deploy/action.yml b/.github/actions/backend-deploy/action.yml index 7c9e468a..906be0af 100644 --- a/.github/actions/backend-deploy/action.yml +++ b/.github/actions/backend-deploy/action.yml @@ -96,7 +96,7 @@ runs: images: ${{ env.DOCKER_REGISTRY_SERVER }}/${{ inputs.docker_image_name }}:${{ env.INFORMATIONAL_VERSION }} - name: "Create or update deploy results PR comment" - uses: im-open/update-pr-comment@v1.1.3 + uses: im-open/update-pr-comment@v1.2.2 if: ${{ github.event_name == 'pull_request' && github.actor != 'dependabot[bot]' }} with: github-token: ${{ env.GH_TOKEN }} From 599a66a6539a234144dc051f95d02adea2c056df Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 10 Oct 2024 14:53:20 +0200 Subject: [PATCH 04/10] Bump peter-evans/create-pull-request from 6 to 7 (#300) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6 to 7.
Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v7.0.0

:sparkles: Now supports commit signing with bot-generated tokens! See "What's new" below. :writing_hand::robot:

Behaviour changes

  • Action input git-token has been renamed branch-token, to be more clear about its purpose. The branch-token is the token that the action will use to create and update the branch.
  • The action now handles requests that have been rate-limited by GitHub. Requests hitting a primary rate limit will retry twice, for a total of three attempts. Requests hitting a secondary rate limit will not be retried.
  • The pull-request-operation output now returns none when no operation was executed.
  • Removed deprecated output environment variable PULL_REQUEST_NUMBER. Please use the pull-request-number action output instead.

What's new

  • The action can now sign commits as github-actions[bot] when using GITHUB_TOKEN, or your own bot when using GitHub App tokens. See commit signing for details.
  • Action input draft now accepts a new value always-true. This will set the pull request to draft status when the pull request is updated, as well as on creation.
  • A new action input maintainer-can-modify indicates whether maintainers can modify the pull request. The default is true, which retains the existing behaviour of the action.
  • A new output pull-request-commits-verified returns true or false, indicating whether GitHub considers the signature of the branch's commits to be verified.

What's Changed

New Contributors

Full Changelog: https://github.com/peter-evans/create-pull-request/compare/v6.1.0...v7.0.0

Create Pull Request v6.1.0

✨ Adds pull-request-branch as an action output.

What's Changed

... (truncated)

Commits
  • 5e91468 fix: support symlinks when commit signing (#3359)
  • 2f38cd2 fix: support submodules when commit signing (#3354)
  • 7a8aeac build(deps-dev): bump eslint from 8.57.0 to 8.57.1 (#3344)
  • d39d596 build(deps-dev): bump @​types/jest from 29.5.12 to 29.5.13 (#3343)
  • f6f978f docs: correct suggestion for bot setup (#3342)
  • 6cd32fd fix: disable abbreviated commit shas in diff (#3337)
  • d121e62 fix: disable diff detection for renames and copies (#3330)
  • f4d66f4 build(deps-dev): bump typescript from 5.5.4 to 5.6.2 (#3319)
  • 488c869 build(deps-dev): bump @​types/node from 18.19.48 to 18.19.50 (#3320)
  • 5354f85 docs: update readme
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=6&new-version=7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/promotion-pull-request.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/promotion-pull-request.yml b/.github/workflows/promotion-pull-request.yml index 6ae96af3..60a1548e 100644 --- a/.github/workflows/promotion-pull-request.yml +++ b/.github/workflows/promotion-pull-request.yml @@ -59,7 +59,7 @@ jobs: - name: Create Pull Request id: create-pr - uses: peter-evans/create-pull-request@v6 + uses: peter-evans/create-pull-request@v7 if: ${{ steps.check.outputs.skip == 'false' && steps.check.outputs.has_diff == 'true' }} with: token: ${{ secrets.WORKFLOW_TOKEN }} @@ -125,7 +125,7 @@ jobs: - name: Create Pull Request id: create-pr - uses: peter-evans/create-pull-request@v6 + uses: peter-evans/create-pull-request@v7 if: ${{ steps.check.outputs.skip == 'false' && steps.check.outputs.has_diff == 'true' }} with: token: ${{ secrets.WORKFLOW_TOKEN }} From ac2e6f7efcbe8a24296aa28346b4533f1f7171d2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 10 Oct 2024 14:53:36 +0200 Subject: [PATCH 05/10] Bump azure/docker-login from 1 to 2 in /.github/actions/backend-deploy (#304) Bumps [azure/docker-login](https://github.com/azure/docker-login) from 1 to 2.
Release notes

Sourced from azure/docker-login's releases.

Version 2.0

  • update of Node20
  • update dependencies

Update the action to run with Node 16

No release notes provided.

Commits
  • 15c4aad Merge pull request #69 from lgmorand/master
  • 8fa230a add node_modules
  • cf67284 action/core => last version
  • 7aabc0a rebuild lock
  • af42a18 fix some npm packages after upgrade to node20
  • 3fe855c Update README.md to use v2
  • f3bf641 Merge pull request #64 from eikooc/master
  • b35be4d Update to nodejs v20
  • 51016b5 Merge pull request #61 from Azure/stephenmichaelf/remove-integration-tests
  • 6a8199f Remove Integration tests.
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=azure/docker-login&package-manager=github_actions&previous-version=1&new-version=2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/actions/backend-deploy/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/backend-deploy/action.yml b/.github/actions/backend-deploy/action.yml index 906be0af..f2ae5ae8 100644 --- a/.github/actions/backend-deploy/action.yml +++ b/.github/actions/backend-deploy/action.yml @@ -43,7 +43,7 @@ runs: # creds: ${{ env.AZURE_CREDENTIALS }} - name: "Docker Login" - uses: azure/docker-login@v1 + uses: azure/docker-login@v2 with: login-server: ${{ env.DOCKER_REGISTRY_SERVER }} username: ${{ env.DOCKER_REGISTRY_USERNAME }} From 562fe8725eda6b8c172d117411114e2ea1743d79 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 10 Oct 2024 14:54:01 +0200 Subject: [PATCH 06/10] Bump reecetech/version-increment from 2024.4.4 to 2024.9.2 (#301) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [reecetech/version-increment](https://github.com/reecetech/version-increment) from 2024.4.4 to 2024.9.2.
Release notes

Sourced from reecetech/version-increment's releases.

2024.9.2

No release notes provided.

2024.9.1

What's Changed

New Contributors

Full Changelog: https://github.com/reecetech/version-increment/compare/2024.4.4...2024.9.1

Commits
  • a5d6598 Merge pull request #38 from reecetech/fix-when-no-prefix
  • 39ac246 set prefix tag default to empty string
  • 2ec1961 Merge pull request #37 from reecetech/fix-test
  • 95aaf0c Fix test for when on main branch
  • a67b798 Merge pull request #36 from reecetech/fix-lint
  • 9791034 Improve + fix test
  • 233fed5 Fix lint; Add comment
  • dbf9c56 Merge pull request #35 from sefasenturk95/main
  • 0f29812 Update README
  • 5af72f0 Introduce new outputs
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=reecetech/version-increment&package-manager=github_actions&previous-version=2024.4.4&new-version=2024.9.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/deploy-cd.yml | 2 +- .github/workflows/release-drafter.yml | 2 +- .github/workflows/tag.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/deploy-cd.yml b/.github/workflows/deploy-cd.yml index 6618a7f9..29d22845 100644 --- a/.github/workflows/deploy-cd.yml +++ b/.github/workflows/deploy-cd.yml @@ -63,7 +63,7 @@ jobs: uses: actions/checkout@v4 - name: Get version - uses: reecetech/version-increment@2024.4.4 + uses: reecetech/version-increment@2024.9.2 id: version with: scheme: semver diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index 4c69d572..e5568b7a 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -29,7 +29,7 @@ jobs: fetch-depth: 0 # used by GitVersion to find the most recent tag outside of this branch - name: Get version - uses: reecetech/version-increment@2024.4.4 + uses: reecetech/version-increment@2024.9.2 id: version with: scheme: semver diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml index f83485e3..c202b8fe 100644 --- a/.github/workflows/tag.yml +++ b/.github/workflows/tag.yml @@ -39,7 +39,7 @@ jobs: fi - name: Get next version - uses: reecetech/version-increment@2024.4.4 + uses: reecetech/version-increment@2024.9.2 id: version if: ${{ steps.check-changes.outputs.has_diff == 'true' }} with: From 296b1cecc5f7ace5206295ae5df39ccf58f56f90 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 10 Oct 2024 14:54:18 +0200 Subject: [PATCH 07/10] Bump actions/cache from 3 to 4 in /.github/actions/backend-deploy (#302) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
Release notes

Sourced from actions/cache's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/cache/compare/v3...v4.0.0

v3.3.3

What's Changed

New Contributors

Full Changelog: https://github.com/actions/cache/compare/v3...v3.3.3

v3.3.2

What's Changed

New Contributors

Full Changelog: https://github.com/actions/cache/compare/v3...v3.3.2

v3.3.1

What's Changed

Full Changelog: https://github.com/actions/cache/compare/v3...v3.3.1

v3.3.0

What's Changed

... (truncated)

Changelog

Sourced from actions/cache's changelog.

Releases

4.1.1

  • Restore original behavior of cache-hit output - #1467

4.1.0

  • Ensure cache-hit output is set when a cache is missed - #1404
  • Deprecate save-always input - #1452

4.0.2

  • Fixed restore fail-on-cache-miss not working.

4.0.1

  • Updated isGhes check

4.0.0

  • Updated minimum runner version support from node 12 -> node 20

3.3.3

  • Updates @​actions/cache to v3.2.3 to fix accidental mutated path arguments to getCacheVersion actions/toolkit#1378
  • Additional audit fixes of npm package(s)

3.3.2

  • Fixes bug with Azure SDK causing blob downloads to get stuck.

3.3.1

  • Reduced segment size to 128MB and segment timeout to 10 minutes to fail fast in case the cache download is stuck.

3.3.0

  • Added option to lookup cache without downloading it.

3.2.6

  • Fix zstd not being used after zstd version upgrade to 1.5.4 on hosted runners.

3.2.5

  • Added fix to prevent from setting MYSYS environment variable globally.

3.2.4

  • Added option to fail job on cache miss.

... (truncated)

Commits
  • 3624ceb Restore original behavior of cache-hit output (#1467)
  • 2cdf405 Prepare 4.1.0 release (#1464)
  • a11fb02 restore action's README now references v4 instead of v3 (#1445)
  • cf7a75e Fix typo: depening -> depending (#1462)
  • c74ca40 Deprecate save-always input (#1452)
  • f8a7ab4 Merge pull request #1463 from actions/Jcambass-patch-1
  • 45b7be0 Add workflow file for publishing releases to immutable action package
  • 81382a7 Merge pull request #1311 from todgru/todgru/v4-documentation-update
  • c4ee99a Merge branch 'main' into todgru/v4-documentation-update
  • 57b8e40 Clarify that the restore-keys input is a string in the docs (#1434)
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=3&new-version=4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/actions/backend-deploy/action.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/actions/backend-deploy/action.yml b/.github/actions/backend-deploy/action.yml index f2ae5ae8..1cfcddf1 100644 --- a/.github/actions/backend-deploy/action.yml +++ b/.github/actions/backend-deploy/action.yml @@ -55,7 +55,7 @@ runs: with: dotnet-version: ${{ env.DOTNET_VERSION }} - - uses: actions/cache@v3 + - uses: actions/cache@v4 if: ${{ !inputs.skip_setup }} id: nuget-cache with: From bf7c384dd01dbcb908b126294200b29452c96735 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 10 Oct 2024 14:54:47 +0200 Subject: [PATCH 08/10] Bump @playwright/test from 1.47.1 to 1.48.0 in /tests/playwright (#303) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [@playwright/test](https://github.com/microsoft/playwright) from 1.47.1 to 1.48.0.
Release notes

Sourced from @​playwright/test's releases.

v1.48.0

WebSocket routing

New methods page.routeWebSocket() and browserContext.routeWebSocket() allow to intercept, modify and mock WebSocket connections initiated in the page. Below is a simple example that mocks WebSocket communication by responding to a "request" with a "response".

await page.routeWebSocket('/ws', ws => {
  ws.onMessage(message => {
    if (message === 'request')
      ws.send('response');
  });
});

See WebSocketRoute for more details.

UI updates

  • New "copy" buttons for annotations and test location in the HTML report.
  • Route method calls like route.fulfill() are not shown in the report and trace viewer anymore. You can see which network requests were routed in the network tab instead.
  • New "Copy as cURL" and "Copy as fetch" buttons for requests in the network tab.

Miscellaneous

Browser Versions

  • Chromium 130.0.6723.19
  • Mozilla Firefox 130.0
  • WebKit 18.0

This version was also tested against the following stable channels:

  • Google Chrome 129
  • Microsoft Edge 129

v1.47.2

Highlights

microsoft/playwright#32699 [REGRESSION]: fix(codegen): use content_frame property in python/.NET microsoft/playwright#32706 [REGRESSION]: page.pause() does not pause test timeout after 1.47 microsoft/playwright#32661 - fix(trace-viewer): time delta between local and remote actions

Browser Versions

  • Chromium 129.0.6668.29
  • Mozilla Firefox 130.0
  • WebKit 18.0

This version was also tested against the following stable channels:

  • Google Chrome 128

... (truncated)

Commits

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=@playwright/test&package-manager=npm_and_yarn&previous-version=1.47.1&new-version=1.48.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- tests/playwright/package-lock.json | 24 ++++++++++++------------ tests/playwright/package.json | 2 +- 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/tests/playwright/package-lock.json b/tests/playwright/package-lock.json index 2ba8b1b5..e48b23d7 100644 --- a/tests/playwright/package-lock.json +++ b/tests/playwright/package-lock.json @@ -11,7 +11,7 @@ "devDependencies": { "@cspell/eslint-plugin": "^8.9.1", "@eslint/js": "8.57.0", - "@playwright/test": "^1.47.1", + "@playwright/test": "^1.48.0", "@types/node": "^22.7.5", "@typescript-eslint/eslint-plugin": "^7.8.0", "@typescript-eslint/parser": "^7.2.0", @@ -778,12 +778,12 @@ } }, "node_modules/@playwright/test": { - "version": "1.47.1", - "resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.47.1.tgz", - "integrity": "sha512-dbWpcNQZ5nj16m+A5UNScYx7HX5trIy7g4phrcitn+Nk83S32EBX/CLU4hiF4RGKX/yRc93AAqtfaXB7JWBd4Q==", + "version": "1.48.0", + "resolved": "https://registry.npmjs.org/@playwright/test/-/test-1.48.0.tgz", + "integrity": "sha512-W5lhqPUVPqhtc/ySvZI5Q8X2ztBOUgZ8LbAFy0JQgrXZs2xaILrUcNO3rQjwbLPfGK13+rZsDa1FpG+tqYkT5w==", "dev": true, "dependencies": { - "playwright": "1.47.1" + "playwright": "1.48.0" }, "bin": { "playwright": "cli.js" @@ -3750,12 +3750,12 @@ } }, "node_modules/playwright": { - "version": "1.47.1", - "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.47.1.tgz", - "integrity": "sha512-SUEKi6947IqYbKxRiqnbUobVZY4bF1uu+ZnZNJX9DfU1tlf2UhWfvVjLf01pQx9URsOr18bFVUKXmanYWhbfkw==", + "version": "1.48.0", + "resolved": "https://registry.npmjs.org/playwright/-/playwright-1.48.0.tgz", + "integrity": "sha512-qPqFaMEHuY/ug8o0uteYJSRfMGFikhUysk8ZvAtfKmUK3kc/6oNl/y3EczF8OFGYIi/Ex2HspMfzYArk6+XQSA==", "dev": true, "dependencies": { - "playwright-core": "1.47.1" + "playwright-core": "1.48.0" }, "bin": { "playwright": "cli.js" @@ -3768,9 +3768,9 @@ } }, "node_modules/playwright-core": { - "version": "1.47.1", - "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.47.1.tgz", - "integrity": "sha512-i1iyJdLftqtt51mEk6AhYFaAJCDx0xQ/O5NU8EKaWFgMjItPVma542Nh/Aq8aLCjIJSzjaiEQGW/nyqLkGF1OQ==", + "version": "1.48.0", + "resolved": "https://registry.npmjs.org/playwright-core/-/playwright-core-1.48.0.tgz", + "integrity": "sha512-RBvzjM9rdpP7UUFrQzRwR8L/xR4HyC1QXMzGYTbf1vjw25/ya9NRAVnXi/0fvFopjebvyPzsmoK58xxeEOaVvA==", "dev": true, "bin": { "playwright-core": "cli.js" diff --git a/tests/playwright/package.json b/tests/playwright/package.json index a70f0a96..6e927b91 100644 --- a/tests/playwright/package.json +++ b/tests/playwright/package.json @@ -19,7 +19,7 @@ "devDependencies": { "@cspell/eslint-plugin": "^8.9.1", "@eslint/js": "8.57.0", - "@playwright/test": "^1.47.1", + "@playwright/test": "^1.48.0", "@types/node": "^22.7.5", "@typescript-eslint/eslint-plugin": "^7.8.0", "@typescript-eslint/parser": "^7.2.0", From dc0e0c87bf3421bad8e5225cdb5a85162ff5a876 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 10 Oct 2024 14:55:15 +0200 Subject: [PATCH 09/10] Bump typescript from 5.5.2 to 5.6.3 in /src/frontend (#309) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [typescript](https://github.com/microsoft/TypeScript) from 5.5.2 to 5.6.3.
Release notes

Sourced from typescript's releases.

TypeScript 5.6.3

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.6

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.6 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.6 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

... (truncated)

Commits
  • d48a5cf Bump version to 5.6.3 and LKG
  • fefa70a 🤖 Pick PR #60083 (Don't issue implicit any when obtai...) into release-5.6 (#...
  • ff71692 [release-5.6] Remove tsbuildInfo specification error now that we need it for ...
  • 1f44dcf 🤖 Pick PR #60157 (fix automatic type acquisition) into release-5.6 (#60169)
  • a7e3374 Bump version to 5.6.2 and LKG
  • 2063357 🤖 Pick PR #59708 (LEGO: Pull request from lego/hb_537...) into release-5.6 (#...
  • 4fe7e41 🤖 Pick PR #59670 (fix(59649): ts Move to a new file d...) into release-5.6 (#...
  • 1a03e53 🤖 Pick PR #59761 (this can be nullish) into release-5.6 (#59762)
  • 6212132 Update LKG
  • bbb5faf 🤖 Pick PR #59542 (Fixing delay caused in vscode due t...) into release-5.6 (#...
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript&package-manager=npm_and_yarn&previous-version=5.5.2&new-version=5.6.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- src/frontend/package-lock.json | 9 ++++----- src/frontend/package.json | 2 +- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/src/frontend/package-lock.json b/src/frontend/package-lock.json index d02ddd97..6e1b3383 100644 --- a/src/frontend/package-lock.json +++ b/src/frontend/package-lock.json @@ -49,7 +49,7 @@ "openapi-types": "^12.1.3", "orval": "^7.1.0", "prettier": "^3.3.2", - "typescript": "^5.2.2", + "typescript": "^5.6.3", "typescript-eslint": "^8.8.1", "vite": "^5.4.7", "vite-plugin-mkcert": "^1.17.5", @@ -10220,11 +10220,10 @@ } }, "node_modules/typescript": { - "version": "5.5.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.5.2.tgz", - "integrity": "sha512-NcRtPEOsPFFWjobJEtfihkLCZCXZt/os3zf8nTxjVH3RvTSxjrCamJpbExGvYOF+tFHc3pA65qpdwPbzjohhew==", + "version": "5.6.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.6.3.tgz", + "integrity": "sha512-hjcS1mhfuyi4WW8IWtjP7brDrG2cuDZukyrYrSauoXGNgx0S7zceP07adYkJycEr56BOUTNPzbInooiN3fn1qw==", "dev": true, - "license": "Apache-2.0", "bin": { "tsc": "bin/tsc", "tsserver": "bin/tsserver" diff --git a/src/frontend/package.json b/src/frontend/package.json index ae51dbf1..dbff47c1 100644 --- a/src/frontend/package.json +++ b/src/frontend/package.json @@ -58,7 +58,7 @@ "openapi-types": "^12.1.3", "orval": "^7.1.0", "prettier": "^3.3.2", - "typescript": "^5.2.2", + "typescript": "^5.6.3", "typescript-eslint": "^8.8.1", "vite": "^5.4.7", "vite-plugin-mkcert": "^1.17.5", From 9e1ee313f2ab164e9135388545a5db22fbec4901 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 10 Oct 2024 14:56:53 +0200 Subject: [PATCH 10/10] Bump typescript from 5.5.2 to 5.6.3 in /tests/playwright (#308) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps [typescript](https://github.com/microsoft/TypeScript) from 5.5.2 to 5.6.3.
Release notes

Sourced from typescript's releases.

TypeScript 5.6.3

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.6

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.6 RC

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

Downloads are available on:

TypeScript 5.6 Beta

For release notes, check out the release announcement.

For the complete list of fixed issues, check out the

... (truncated)

Commits
  • d48a5cf Bump version to 5.6.3 and LKG
  • fefa70a 🤖 Pick PR #60083 (Don't issue implicit any when obtai...) into release-5.6 (#...
  • ff71692 [release-5.6] Remove tsbuildInfo specification error now that we need it for ...
  • 1f44dcf 🤖 Pick PR #60157 (fix automatic type acquisition) into release-5.6 (#60169)
  • a7e3374 Bump version to 5.6.2 and LKG
  • 2063357 🤖 Pick PR #59708 (LEGO: Pull request from lego/hb_537...) into release-5.6 (#...
  • 4fe7e41 🤖 Pick PR #59670 (fix(59649): ts Move to a new file d...) into release-5.6 (#...
  • 1a03e53 🤖 Pick PR #59761 (this can be nullish) into release-5.6 (#59762)
  • 6212132 Update LKG
  • bbb5faf 🤖 Pick PR #59542 (Fixing delay caused in vscode due t...) into release-5.6 (#...
  • Additional commits viewable in compare view

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=typescript&package-manager=npm_and_yarn&previous-version=5.5.2&new-version=5.6.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- tests/playwright/package-lock.json | 9 ++++----- tests/playwright/package.json | 2 +- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/tests/playwright/package-lock.json b/tests/playwright/package-lock.json index e48b23d7..3dd6993e 100644 --- a/tests/playwright/package-lock.json +++ b/tests/playwright/package-lock.json @@ -28,7 +28,7 @@ "eslint-ts-patch": "^8.57.0-0", "globals": "^15.11.0", "prettier": "^3.2.5", - "typescript": "^5.4.5", + "typescript": "^5.6.3", "typescript-eslint": "^7.8.0" } }, @@ -4412,11 +4412,10 @@ } }, "node_modules/typescript": { - "version": "5.5.2", - "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.5.2.tgz", - "integrity": "sha512-NcRtPEOsPFFWjobJEtfihkLCZCXZt/os3zf8nTxjVH3RvTSxjrCamJpbExGvYOF+tFHc3pA65qpdwPbzjohhew==", + "version": "5.6.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.6.3.tgz", + "integrity": "sha512-hjcS1mhfuyi4WW8IWtjP7brDrG2cuDZukyrYrSauoXGNgx0S7zceP07adYkJycEr56BOUTNPzbInooiN3fn1qw==", "dev": true, - "license": "Apache-2.0", "bin": { "tsc": "bin/tsc", "tsserver": "bin/tsserver" diff --git a/tests/playwright/package.json b/tests/playwright/package.json index 6e927b91..e2327ae9 100644 --- a/tests/playwright/package.json +++ b/tests/playwright/package.json @@ -36,7 +36,7 @@ "eslint-ts-patch": "^8.57.0-0", "globals": "^15.11.0", "prettier": "^3.2.5", - "typescript": "^5.4.5", + "typescript": "^5.6.3", "typescript-eslint": "^7.8.0" } }