Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

build(deps): bump actions/checkout from 3 to 4 #1385

Merged
merged 2 commits into from
May 20, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 20, 2024

Bumps actions/checkout from 3 to 4.

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v4.0.0

v3.6.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3.5.3...v3.6.0

v3.5.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v3.5.3

v3.5.2

What's Changed

Full Changelog: actions/checkout@v3.5.1...v3.5.2

v3.5.1

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v4.0.0

v3.6.0

v3.5.3

v3.5.2

v3.5.1

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 20, 2024
@dependabot dependabot bot requested review from qweeah and TerryHowe as code owners May 20, 2024 03:35
Copy link

codecov bot commented May 20, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 85.07%. Comparing base (67b2182) to head (832d66a).

Additional details and impacted files
@@            Coverage Diff             @@
##             main    #1385      +/-   ##
==========================================
+ Coverage   85.02%   85.07%   +0.05%     
==========================================
  Files         107      107              
  Lines        3806     3806              
==========================================
+ Hits         3236     3238       +2     
+ Misses        341      339       -2     
  Partials      229      229              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

Copy link
Contributor

@qweeah qweeah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@qweeah qweeah merged commit e255afa into main May 20, 2024
8 checks passed
@dependabot dependabot bot deleted the dependabot/github_actions/actions/checkout-4 branch May 20, 2024 12:48
ti-chi-bot bot referenced this pull request in PingCAP-QE/artifacts Jul 5, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [oras-project/oras](https://togithub.com/oras-project/oras) | minor |
`v1.1.0` -> `v1.2.0` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>oras-project/oras (oras-project/oras)</summary>

###
[`v1.2.0`](https://togithub.com/oras-project/oras/releases/tag/v1.2.0)

[Compare
Source](https://togithub.com/oras-project/oras/compare/v1.1.0...v1.2.0)

#### New Features

- `oras` is compliant with OCI [image-spec
v1.1.0](https://togithub.com/opencontainers/image-spec/blob/v1.1.0) and
[distribution-spec
v1.1.0](https://togithub.com/opencontainers/distribution-spec/tree/v1.1.0)
-   Introduce brand-new default terminal experience
    -   Show live progress for the following commands:
        -   `oras copy`
        -   `oras pull`
        -   `oras push`
        -   `oras attach`
        -   `oras blob fetch`
        -   `oras blob push`
- The new terminal experience can be turned off via the preview flag
`--no-tty`
-   Support deletion of manifests and blobs in OCI image layout
-   Support X.509 mTLS authentication with OCI registries

#### Preview Features

- **BREAKING CHANGE** Registries supporting `Referrers API` prior to
[distribution-spec
v1.1.0-rc4](https://togithub.com/opencontainers/distribution-spec/tree/v1.1.0-rc4)
will fall back to `Referrers tag schema`, causing unexpected results of
`oras attach` and `oras discover` commands
- Introduce `--platform` to `oras attach` for better multi-arch
attaching experience, which allows adding referrer artifact to a
specific sub-platform
- Re-purpose the flag `--recursive` of `oras cp` from [extended
copy](https://oras.land/docs/client_libraries/overview#extended-copy) to
copy an artifact or a multi-arch image and its referrers
-   Promote `--image-spec` to a preview flag from experimental

#### Experimental Features

- **BREAKING CHANGE** `oras discover` shows `tree` view output by
default
- Introduce formatted output via `--format` by implementing the
[specification](https://togithub.com/oras-project/oras/blob/v1.2.0/docs/proposals/formatted-output.md)
    -   Formatted output is available to the following commands:
        -   `oras pull`
        -   `oras push`
        -   `oras attach`
        -   `oras discover`
        -   `oras manifest fetch`
    -   Examples:
        -   `--format json` to print operation result as a JSON object
- `--format "go-template={{ .digest }}"` to print the digest of the
manifest using [Go template](https://pkg.go.dev/text/template)
            -   Template can also be specified by `--template`
-   Introduce `oras resolve` to get the digest of an artifact

#### Deprecation

- `oras discover`: `--output` is marked as deprecated and succeeded by
`--format`

#### Bug Fixes

- Fix
[#&#8203;1079](https://togithub.com/oras-project/oras/issues/1079):
Snaps build cannot read default credentials file
- Fix
[#&#8203;1096](https://togithub.com/oras-project/oras/issues/1096):
Mixed request number in the debug mode
- Fix
[#&#8203;1106](https://togithub.com/oras-project/oras/issues/1106): Flag
`--plain-http=false` does not work for local registries
- Fix
[#&#8203;1129](https://togithub.com/oras-project/oras/issues/1129):
`oras cp -r` fails if index has a child manifest as subject
-   Minor fixes

#### Other Changes

-   Improve UX
- `oras discover`: show placeholder when `artifactType` is not presented
in an index referrer
    -   `oras push`: show artifact type when pushing files
- Improve error message based on [ORAS CLI error handling
guildline](https://togithub.com/oras-project/oras/blob/v1.2.0/docs/proposals/error-handling-guideline.md)
- Improve identity token input by a new flag `--identity-token` to
replace `--password` without `--username`
-   Improve performance
- Reduce authentication request count for`oras copy`, `oras manifest
delete`, and `oras blob delete`
- Support blob mounting across repositories in the same registry for
`oras copy`
-   Update dependencies
-   Update to Golang `1.22.3`
-   Minor security enhancements

***

### What's Changed Since RC.1

#### Other Changes

-   Improve documentation
-   Update dependencies

#### Detailed Commits

- bump: tag and release ORAS CLI v1.2.0-rc.1 by
[@&#8203;qweeah](https://togithub.com/qweeah) in
[https://github.com/oras-project/oras/pull/1381](https://togithub.com/oras-project/oras/pull/1381)
- fix: remove non-classic snap plugins by
[@&#8203;qweeah](https://togithub.com/qweeah) in
[https://github.com/oras-project/oras/pull/1383](https://togithub.com/oras-project/oras/pull/1383)
- fix: oras cp documentation by
[@&#8203;TerryHowe](https://togithub.com/TerryHowe) in
[https://github.com/oras-project/oras/pull/1384](https://togithub.com/oras-project/oras/pull/1384)
- build(deps): bump actions/checkout from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/oras-project/oras/pull/1385](https://togithub.com/oras-project/oras/pull/1385)
- refactor: Get rid of deprecated PrintStatus method by
[@&#8203;TerryHowe](https://togithub.com/TerryHowe) in
[https://github.com/oras-project/oras/pull/1378](https://togithub.com/oras-project/oras/pull/1378)
- build(deps): bump github.com/onsi/ginkgo/v2 from 2.17.3 to 2.18.0 in
/test/e2e by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/oras-project/oras/pull/1388](https://togithub.com/oras-project/oras/pull/1388)
- build(deps): bump github.com/onsi/ginkgo/v2 from 2.18.0 to 2.19.0 in
/test/e2e by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/oras-project/oras/pull/1390](https://togithub.com/oras-project/oras/pull/1390)
- chore: Remove deprecated PrintStatus method by
[@&#8203;TerryHowe](https://togithub.com/TerryHowe) in
[https://github.com/oras-project/oras/pull/1389](https://togithub.com/oras-project/oras/pull/1389)
- doc: verify local files by
[@&#8203;qweeah](https://togithub.com/qweeah) in
[https://github.com/oras-project/oras/pull/1386](https://togithub.com/oras-project/oras/pull/1386)
- fix: remove call to deprecated print by
[@&#8203;TerryHowe](https://togithub.com/TerryHowe) in
[https://github.com/oras-project/oras/pull/1392](https://togithub.com/oras-project/oras/pull/1392)

**Full Changelog**:
oras-project/oras@v1.2.0-rc.1...v1.2.0

#### Notes

This release was signed with `46D3 369B 393F 6F82 71FD 1CE8 F86E C70D
2B0C 404F` ([@&#8203;qweeah](https://togithub.com/qweeah)'s GPG key)
which can be found [here](https://togithub.com/qweeah.gpg).

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/PingCAP-QE/artifacts).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNzcuOCIsInVwZGF0ZWRJblZlciI6IjM3LjQyMS45IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJoZWxwIHdhbnRlZCJdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant