From e00469ea0920c177d780227feb47f07103357e6a Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 19 Apr 2023 12:08:00 -0700
Subject: [PATCH] ci(deps): Bump peter-evans/create-pull-request from 4 to 5
 (#342)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps
[peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request)
from 4 to 5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's
releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v5.0.0</h2>
<h2>Behaviour changes</h2>
<ul>
<li>The action will no longer leave the local repository checked out on
the pull request <code>branch</code>. Instead, it will leave the
repository checked out on the branch or commit that it was when the
action started.</li>
<li>When using <code>add-paths</code>, uncommitted changes will no
longer be destroyed. They will be stashed and restored at the end of the
action run.</li>
</ul>
<h2>What's new</h2>
<ul>
<li>Adds input <code>body-path</code>, the path to a file containing the
pull request body.</li>
<li>At the end of the action run the local repository is now checked out
on the branch or commit that it was when the action started.</li>
<li>Any uncommitted tracked or untracked changes are now stashed and
restored at the end of the action run. Currently, this can only occur
when using the <code>add-paths</code> input, which allows for changes to
not be committed. Previously, any uncommitted changes would be
destroyed.</li>
<li>The proxy implementation has been revised but is not expected to
have any change in behaviour. It continues to support the standard
environment variables <code>http_proxy</code>, <code>https_proxy</code>
and <code>no_proxy</code>.</li>
<li>Now sets the git <code>safe.directory</code> configuration for the
local repository path. The configuration is removed when the action
completes. Fixes issue <a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/1170">peter-evans/create-pull-request#1170</a>.</li>
<li>Now determines the git directory path using the <code>git rev-parse
--git-dir</code> command. This allows users with custom repository
configurations to use the action.</li>
<li>Improved handling of the <code>team-reviewers</code> input and
associated errors.</li>
</ul>
<h2>News</h2>
<p>:trophy: create-pull-request won <a
href="https://twitter.com/peterevans0/status/1638463617686470657?s=20">an
award</a> for &quot;awesome action&quot; at the Open Source Awards at
GitHub Universe. Thank you for your support and for making
create-pull-request one of the top used actions. Please give it a
:star:, or even <a href="https://github.com/sponsors/peter-evans">buy me
a coffee</a>.</p>
<h2>What's Changed</h2>
<ul>
<li>v5 by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/1792">peter-evans/create-pull-request#1792</a></li>
<li>15 dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/create-pull-request/compare/v4.2.4...v5.0.0">https://github.com/peter-evans/create-pull-request/compare/v4.2.4...v5.0.0</a></p>
<h2>Create Pull Request v4.2.4</h2>
<p>⚙️ Patches some recent security vulnerabilities.</p>
<h2>What's Changed</h2>
<ul>
<li>Update concepts-guidelines.md by <a
href="https://github.com/chrisbruford"><code>@​chrisbruford</code></a>
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/1610">peter-evans/create-pull-request#1610</a></li>
<li>58 dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/chrisbruford"><code>@​chrisbruford</code></a>
made their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/1610">peter-evans/create-pull-request#1610</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/create-pull-request/compare/v4.2.3...v4.2.4">https://github.com/peter-evans/create-pull-request/compare/v4.2.3...v4.2.4</a></p>
<h2>Create Pull Request v4.2.3</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: add check for missing token input by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/1324">peter-evans/create-pull-request#1324</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/create-pull-request/compare/v4.2.2...v4.2.3">https://github.com/peter-evans/create-pull-request/compare/v4.2.2...v4.2.3</a></p>
<h2>Create Pull Request v4.2.2</h2>
<h2>What's Changed</h2>
<ul>
<li>fix: support github server url for pushing to fork by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/1318">peter-evans/create-pull-request#1318</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/5b4a9f6a9e2af26e5f02351490b90d01eb8ec1e5"><code>5b4a9f6</code></a>
v5 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/1792">#1792</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/1847e5d1d66115e99988ff4ccbe629ae5b14820b"><code>1847e5d</code></a>
build(deps-dev): bump eslint from 8.36.0 to 8.37.0 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/1803">#1803</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/c246f7e9126aba0f1cc780a7133429d9771e9b66"><code>c246f7e</code></a>
build(deps-dev): bump <code>@​typescript-eslint/parser</code> from
5.57.0 to 5.57.1 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/1801">#1801</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/2dd2b11b09f0b3bf86c25cf615e4bbe624f80314"><code>2dd2b11</code></a>
build(deps-dev): bump eslint-import-resolver-typescript (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/1802">#1802</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/05d5a3c3f9506f8628125834beec3993d3eada67"><code>05d5a3c</code></a>
build(deps-dev): bump <code>@​types/node</code> from 18.15.10 to
18.15.11 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/1800">#1800</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/21479f22fcc890fd56c1b5a47d47162fa907dddc"><code>21479f2</code></a>
build(deps-dev): bump ts-jest from 29.0.5 to 29.1.0 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/1799">#1799</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/36a56dac0739df8d3d8ebb9e6e41026ba248ec27"><code>36a56da</code></a>
build(deps-dev): bump <code>@​typescript-eslint/parser</code> from
5.56.0 to 5.57.0 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/1768">#1768</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/b7f0c9773b3f9bd0eb8d00cc963aceb9da2345e5"><code>b7f0c97</code></a>
build(deps-dev): bump prettier from 2.8.6 to 2.8.7 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/1767">#1767</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/6a62596740af10ccfc9800db9f74c255f65c9055"><code>6a62596</code></a>
build(deps): bump peter-evans/enable-pull-request-automerge from 2 to 3
(<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/1766">#1766</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/d1ed29fe1ea9695e51f6bdda3db7211f3294d9d5"><code>d1ed29f</code></a>
build(deps-dev): bump <code>@​types/node</code> from 18.15.5 to 18.15.10
(<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/1765">#1765</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/peter-evans/create-pull-request/compare/v4...v5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=4&new-version=5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/sync-submodules.yaml | 2 +-
 .github/workflows/update-deps.yaml     | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/sync-submodules.yaml b/.github/workflows/sync-submodules.yaml
index 01262453c..10a3bfe2f 100644
--- a/.github/workflows/sync-submodules.yaml
+++ b/.github/workflows/sync-submodules.yaml
@@ -21,7 +21,7 @@ jobs:
           ./.github/bin/update-os-image.sh
 
       - name: Create PR
-        uses: peter-evans/create-pull-request@v4
+        uses: peter-evans/create-pull-request@v5
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           signoff: true
diff --git a/.github/workflows/update-deps.yaml b/.github/workflows/update-deps.yaml
index 90aa7bb0b..c93dd115d 100644
--- a/.github/workflows/update-deps.yaml
+++ b/.github/workflows/update-deps.yaml
@@ -31,7 +31,7 @@ jobs:
           ./.github/bin/update-lima-dep.sh -d ${{ secrets.DEPENDENCY_BUCKET_NAME }} -a {{ secrets.ARTIFACT_BUCKET_NAME }}
 
       - name: create PR
-        uses: peter-evans/create-pull-request@v4
+        uses: peter-evans/create-pull-request@v5
         with:
           # A Personal Access Token instead of the default `GITHUB_TOKEN` is required
           # to trigger the checks (e.g., e2e tests) on the created pull request.