-
Notifications
You must be signed in to change notification settings - Fork 490
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update @actions/artifact dependency #325
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
vmjoseph
approved these changes
Apr 24, 2024
another-rex
referenced
this pull request
in google/osv-scanner
May 6, 2024
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.1` -> `v4.1.4` | | [actions/download-artifact](https://togithub.com/actions/download-artifact) | action | patch | `v4.1.4` -> `v4.1.7` | | [actions/setup-go](https://togithub.com/actions/setup-go) | action | patch | `v5.0.0` -> `v5.0.1` | | [actions/upload-artifact](https://togithub.com/actions/upload-artifact) | action | patch | `v4.3.1` -> `v4.3.3` | | [codecov/codecov-action](https://togithub.com/codecov/codecov-action) | action | patch | `v4.3.0` -> `v4.3.1` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | minor | `v3.24.10` -> `v3.25.3` | | [golangci/golangci-lint-action](https://togithub.com/golangci/golangci-lint-action) | action | patch | `v4.0.0` -> `v4.0.1` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4) - Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1692](https://togithub.com/actions/checkout/pull/1692) - Add dependabot config by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1688](https://togithub.com/actions/checkout/pull/1688) - Bump the minor-actions-dependencies group with 2 updates by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1693](https://togithub.com/actions/checkout/pull/1693) - Bump word-wrap from 1.2.3 to 1.2.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1643](https://togithub.com/actions/checkout/pull/1643) ### [`v4.1.3`](https://togithub.com/actions/checkout/releases/tag/v4.1.3) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.2...v4.1.3) #### What's Changed - Update `actions/checkout` version in `update-main-version.yml` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1650](https://togithub.com/actions/checkout/pull/1650) - Check git version before attempting to disable `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1656](https://togithub.com/actions/checkout/pull/1656) - Add SSH user parameter by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1685](https://togithub.com/actions/checkout/pull/1685) **Full Changelog**: actions/checkout@v4.1.2...v4.1.3 ### [`v4.1.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.1...v4.1.2) - Fix: Disable sparse checkout whenever `sparse-checkout` option is not present [@​dscho](https://togithub.com/dscho) in [https://github.com/actions/checkout/pull/1598](https://togithub.com/actions/checkout/pull/1598) </details> <details> <summary>actions/download-artifact (actions/download-artifact)</summary> ### [`v4.1.7`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.7) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.6...v4.1.7) #### What's Changed - Update [@​actions/artifact](https://togithub.com/actions/artifact) dependency by [@​bethanyj28](https://togithub.com/bethanyj28) in [https://github.com/actions/download-artifact/pull/325](https://togithub.com/actions/download-artifact/pull/325) **Full Changelog**: actions/download-artifact@v4.1.6...v4.1.7 ### [`v4.1.6`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.6) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.5...v4.1.6) #### What's Changed - updating `@actions/artifact` dependency to v2.1.6 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/download-artifact/pull/324](https://togithub.com/actions/download-artifact/pull/324) **Full Changelog**: actions/download-artifact@v4.1.5...v4.1.6 ### [`v4.1.5`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.4...v4.1.5) #### What's Changed - Update readme with v3/v2/v1 deprecation notice by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/download-artifact/pull/322](https://togithub.com/actions/download-artifact/pull/322) - Update dependencies `@actions/core` to v1.10.1 and `@actions/artifact` to v2.1.5 **Full Changelog**: actions/download-artifact@v4.1.4...v4.1.5 </details> <details> <summary>actions/setup-go (actions/setup-go)</summary> ### [`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1) [Compare Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1) #### What's Changed - Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by [@​dependabot](https://togithub.com/dependabot) , [@​HarithaVattikuti](https://togithub.com/HarithaVattikuti) in [https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465) - Update documentation with latest V5 release notes by [@​ab](https://togithub.com/ab) in [https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459) - Update version documentation by [@​178inaba](https://togithub.com/178inaba) in [https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458) - Documentation update of `actions/setup-go` to v5 by [@​chenrui333](https://togithub.com/chenrui333) in [https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449) #### New Contributors - [@​ab](https://togithub.com/ab) made their first contribution in [https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459) **Full Changelog**: actions/setup-go@v5.0.0...v5.0.1 </details> <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v4.3.3`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.3) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.2...v4.3.3) ##### What's Changed - updating `@actions/artifact` dependency to v2.1.6 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/upload-artifact/pull/565](https://togithub.com/actions/upload-artifact/pull/565) **Full Changelog**: actions/upload-artifact@v4.3.2...v4.3.3 ### [`v4.3.2`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.2) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.1...v4.3.2) #### What's Changed - Update release-new-action-version.yml by [@​konradpabjan](https://togithub.com/konradpabjan) in [https://github.com/actions/upload-artifact/pull/516](https://togithub.com/actions/upload-artifact/pull/516) - Minor fix to the migration readme by [@​andrewakim](https://togithub.com/andrewakim) in [https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523) - Update readme with v3/v2/v1 deprecation notice by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/upload-artifact/pull/561](https://togithub.com/actions/upload-artifact/pull/561) - updating `@actions/artifact` dependency to v2.1.5 and `@actions/core` to v1.0.1 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/upload-artifact/pull/562](https://togithub.com/actions/upload-artifact/pull/562) #### New Contributors - [@​andrewakim](https://togithub.com/andrewakim) made their first contribution in [https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523) **Full Changelog**: actions/upload-artifact@v4.3.1...v4.3.2 </details> <details> <summary>codecov/codecov-action (codecov/codecov-action)</summary> ### [`v4.3.1`](https://togithub.com/codecov/codecov-action/compare/v4.3.0...v4.3.1) [Compare Source](https://togithub.com/codecov/codecov-action/compare/v4.3.0...v4.3.1) </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.3`](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3) ### [`v3.25.2`](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2) ### [`v3.25.1`](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1) ### [`v3.25.0`](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.25.0) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.25.0) </details> <details> <summary>golangci/golangci-lint-action (golangci/golangci-lint-action)</summary> ### [`v4.0.1`](https://togithub.com/golangci/golangci-lint-action/releases/tag/v4.0.1) [Compare Source](https://togithub.com/golangci/golangci-lint-action/compare/v4.0.0...v4.0.1) <!-- Release notes generated using configuration in .github/release.yml at v4.0.1 --> #### What's Changed ##### Documentation - docs: update the version of the action used in the README example by [@​178inaba](https://togithub.com/178inaba) in [https://github.com/golangci/golangci-lint-action/pull/977](https://togithub.com/golangci/golangci-lint-action/pull/977) ##### Dependencies - build(deps): bump [@​types/semver](https://togithub.com/types/semver) from 7.5.6 to 7.5.7 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/969](https://togithub.com/golangci/golangci-lint-action/pull/969) - build(deps-dev): bump [@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 6.20.0 to 6.21.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/970](https://togithub.com/golangci/golangci-lint-action/pull/970) - build(deps-dev): bump eslint-plugin-simple-import-sort from 10.0.0 to 12.0.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/971](https://togithub.com/golangci/golangci-lint-action/pull/971) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 6.20.0 to 6.21.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/973](https://togithub.com/golangci/golangci-lint-action/pull/973) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.11.16 to 20.11.17 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/972](https://togithub.com/golangci/golangci-lint-action/pull/972) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.11.17 to 20.11.19 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/979](https://togithub.com/golangci/golangci-lint-action/pull/979) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 6.21.0 to 7.0.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/980](https://togithub.com/golangci/golangci-lint-action/pull/980) - build(deps): bump undici from 5.26.3 to 5.28.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/976](https://togithub.com/golangci/golangci-lint-action/pull/976) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.11.19 to 20.11.20 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/985](https://togithub.com/golangci/golangci-lint-action/pull/985) - build(deps): bump [@​types/semver](https://togithub.com/types/semver) from 7.5.7 to 7.5.8 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/986](https://togithub.com/golangci/golangci-lint-action/pull/986) - build(deps-dev): bump eslint from 8.56.0 to 8.57.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/987](https://togithub.com/golangci/golangci-lint-action/pull/987) - build(deps): bump tmp from 0.2.1 to 0.2.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/989](https://togithub.com/golangci/golangci-lint-action/pull/989) - build(deps-dev): bump [@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 6.21.0 to 7.1.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/988](https://togithub.com/golangci/golangci-lint-action/pull/988) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.11.20 to 20.11.24 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/990](https://togithub.com/golangci/golangci-lint-action/pull/990) - build(deps-dev): bump [@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 7.1.0 to 7.1.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/991](https://togithub.com/golangci/golangci-lint-action/pull/991) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.11.24 to 20.11.25 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/992](https://togithub.com/golangci/golangci-lint-action/pull/992) - build(deps-dev): bump typescript from 5.3.3 to 5.4.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/993](https://togithub.com/golangci/golangci-lint-action/pull/993) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 7.1.0 to 7.1.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/994](https://togithub.com/golangci/golangci-lint-action/pull/994) - build(deps): bump [@​actions/http-client](https://togithub.com/actions/http-client) from 2.2.0 to 2.2.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/995](https://togithub.com/golangci/golangci-lint-action/pull/995) - build(deps): bump google.golang.org/protobuf from 1.28.0 to 1.33.0 in /sample-go-mod by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/997](https://togithub.com/golangci/golangci-lint-action/pull/997) - build(deps-dev): bump [@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 7.1.1 to 7.2.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/998](https://togithub.com/golangci/golangci-lint-action/pull/998) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.11.25 to 20.11.28 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1000](https://togithub.com/golangci/golangci-lint-action/pull/1000) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 7.1.1 to 7.2.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/999](https://togithub.com/golangci/golangci-lint-action/pull/999) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 7.2.0 to 7.3.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1003](https://togithub.com/golangci/golangci-lint-action/pull/1003) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.11.28 to 20.11.30 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1004](https://togithub.com/golangci/golangci-lint-action/pull/1004) - build(deps-dev): bump typescript from 5.4.2 to 5.4.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1005](https://togithub.com/golangci/golangci-lint-action/pull/1005) - build(deps-dev): bump [@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 7.2.0 to 7.3.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1006](https://togithub.com/golangci/golangci-lint-action/pull/1006) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.11.30 to 20.12.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1007](https://togithub.com/golangci/golangci-lint-action/pull/1007) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 7.3.1 to 7.4.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1008](https://togithub.com/golangci/golangci-lint-action/pull/1008) - build(deps-dev): bump [@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 7.3.1 to 7.4.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1009](https://togithub.com/golangci/golangci-lint-action/pull/1009) - build(deps): bump undici from 5.28.3 to 5.28.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1010](https://togithub.com/golangci/golangci-lint-action/pull/1010) - build(deps-dev): bump typescript from 5.4.3 to 5.4.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1011](https://togithub.com/golangci/golangci-lint-action/pull/1011) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.12.2 to 20.12.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1012](https://togithub.com/golangci/golangci-lint-action/pull/1012) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 7.4.0 to 7.5.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1013](https://togithub.com/golangci/golangci-lint-action/pull/1013) - build(deps-dev): bump [@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 7.4.0 to 7.5.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1014](https://togithub.com/golangci/golangci-lint-action/pull/1014) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.12.5 to 20.12.7 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1016](https://togithub.com/golangci/golangci-lint-action/pull/1016) - build(deps-dev): bump typescript from 5.4.4 to 5.4.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1017](https://togithub.com/golangci/golangci-lint-action/pull/1017) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 7.5.0 to 7.6.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1019](https://togithub.com/golangci/golangci-lint-action/pull/1019) - build(deps-dev): bump eslint-plugin-simple-import-sort from 12.0.0 to 12.1.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1018](https://togithub.com/golangci/golangci-lint-action/pull/1018) - build(deps-dev): bump [@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 7.5.0 to 7.7.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1022](https://togithub.com/golangci/golangci-lint-action/pull/1022) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 7.6.0 to 7.7.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1023](https://togithub.com/golangci/golangci-lint-action/pull/1023) #### New Contributors - [@​178inaba](https://togithub.com/178inaba) made their first contribution in [https://github.com/golangci/golangci-lint-action/pull/977](https://togithub.com/golangci/golangci-lint-action/pull/977) **Full Changelog**: golangci/golangci-lint-action@v4.0.0...v4.0.1 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 6am on monday" in timezone Australia/Sydney, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/google/osv-scanner). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMTMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjM0MC4xMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIl19-->
github-merge-queue bot
referenced
this pull request
in 4m-mazi/gh-test
May 11, 2024
….7 (#726) This PR contains the following updates: | Package | Type | Update | Change | OpenSSF | |---|---|---|---|---| | [actions/download-artifact](https://togithub.com/actions/download-artifact) | action | patch | `v4.1.4` -> `v4.1.7` | [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/actions/download-artifact/badge)](https://securityscorecards.dev/viewer/?uri=github.com/actions/download-artifact) | --- ### Release Notes <details> <summary>actions/download-artifact (actions/download-artifact)</summary> ### [`v4.1.7`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.7) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.6...v4.1.7) #### What's Changed - Update [@​actions/artifact](https://togithub.com/actions/artifact) dependency by [@​bethanyj28](https://togithub.com/bethanyj28) in [https://github.com/actions/download-artifact/pull/325](https://togithub.com/actions/download-artifact/pull/325) **Full Changelog**: actions/download-artifact@v4.1.6...v4.1.7 ### [`v4.1.6`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.6) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.5...v4.1.6) #### What's Changed - updating `@actions/artifact` dependency to v2.1.6 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/download-artifact/pull/324](https://togithub.com/actions/download-artifact/pull/324) **Full Changelog**: actions/download-artifact@v4.1.5...v4.1.6 ### [`v4.1.5`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.4...v4.1.5) #### What's Changed - Update readme with v3/v2/v1 deprecation notice by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/download-artifact/pull/322](https://togithub.com/actions/download-artifact/pull/322) - Update dependencies `@actions/core` to v1.10.1 and `@actions/artifact` to v2.1.5 **Full Changelog**: actions/download-artifact@v4.1.4...v4.1.5 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- This PR has been generated by [Renovate Bot](https://togithub.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMTMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjMxMy4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJzZW12ZXI6bm9uZSJdfQ==--> Co-authored-by: mazi-renovate[bot] <161091290+mazi-renovate[bot]@users.noreply.github.com>
ianlewis
referenced
this pull request
in slsa-framework/slsa-github-generator
May 17, 2024
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | actions/checkout | action | digest | `b4ffde6` -> `a5ac7e5` | | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.1` -> `v4.1.6` | | [actions/download-artifact](https://togithub.com/actions/download-artifact) | action | patch | `v4.1.4` -> `v4.1.7` | | [actions/upload-artifact](https://togithub.com/actions/upload-artifact) | action | patch | `v4.3.1` -> `v4.3.3` | | [ianlewis/todo-issue-reopener](https://togithub.com/ianlewis/todo-issue-reopener) | action | patch | `v1.2.0` -> `v1.2.1` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.0` -> `v2.3.3` | | [sigstore/cosign-installer](https://togithub.com/sigstore/cosign-installer) | action | minor | `v3.4.0` -> `v3.5.0` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6) - Check platform to set archive extension appropriately by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1732](https://togithub.com/actions/checkout/pull/1732) ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703) - Bump github/codeql-action from 2 to 3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694) - Bump actions/setup-node from 1 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696) - Bump actions/upload-artifact from 2 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695) - README: Suggest `user.email` to be `41898282+github-actions[bot]@​users.noreply.github.com` by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707) **Full Changelog**: actions/checkout@v4.1.4...v4.1.5 ### [`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4) - Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1692](https://togithub.com/actions/checkout/pull/1692) - Add dependabot config by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1688](https://togithub.com/actions/checkout/pull/1688) - Bump the minor-actions-dependencies group with 2 updates by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1693](https://togithub.com/actions/checkout/pull/1693) - Bump word-wrap from 1.2.3 to 1.2.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1643](https://togithub.com/actions/checkout/pull/1643) ### [`v4.1.3`](https://togithub.com/actions/checkout/releases/tag/v4.1.3) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.2...v4.1.3) #### What's Changed - Update `actions/checkout` version in `update-main-version.yml` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1650](https://togithub.com/actions/checkout/pull/1650) - Check git version before attempting to disable `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1656](https://togithub.com/actions/checkout/pull/1656) - Add SSH user parameter by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1685](https://togithub.com/actions/checkout/pull/1685) **Full Changelog**: actions/checkout@v4.1.2...v4.1.3 ### [`v4.1.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.1...v4.1.2) - Fix: Disable sparse checkout whenever `sparse-checkout` option is not present [@​dscho](https://togithub.com/dscho) in [https://github.com/actions/checkout/pull/1598](https://togithub.com/actions/checkout/pull/1598) </details> <details> <summary>actions/download-artifact (actions/download-artifact)</summary> ### [`v4.1.7`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.7) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.6...v4.1.7) #### What's Changed - Update [@​actions/artifact](https://togithub.com/actions/artifact) dependency by [@​bethanyj28](https://togithub.com/bethanyj28) in [https://github.com/actions/download-artifact/pull/325](https://togithub.com/actions/download-artifact/pull/325) **Full Changelog**: actions/download-artifact@v4.1.6...v4.1.7 ### [`v4.1.6`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.6) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.5...v4.1.6) #### What's Changed - updating `@actions/artifact` dependency to v2.1.6 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/download-artifact/pull/324](https://togithub.com/actions/download-artifact/pull/324) **Full Changelog**: actions/download-artifact@v4.1.5...v4.1.6 ### [`v4.1.5`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.4...v4.1.5) #### What's Changed - Update readme with v3/v2/v1 deprecation notice by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/download-artifact/pull/322](https://togithub.com/actions/download-artifact/pull/322) - Update dependencies `@actions/core` to v1.10.1 and `@actions/artifact` to v2.1.5 **Full Changelog**: actions/download-artifact@v4.1.4...v4.1.5 </details> <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v4.3.3`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.3) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.2...v4.3.3) ##### What's Changed - updating `@actions/artifact` dependency to v2.1.6 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/upload-artifact/pull/565](https://togithub.com/actions/upload-artifact/pull/565) **Full Changelog**: actions/upload-artifact@v4.3.2...v4.3.3 ### [`v4.3.2`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.2) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.1...v4.3.2) #### What's Changed - Update release-new-action-version.yml by [@​konradpabjan](https://togithub.com/konradpabjan) in [https://github.com/actions/upload-artifact/pull/516](https://togithub.com/actions/upload-artifact/pull/516) - Minor fix to the migration readme by [@​andrewakim](https://togithub.com/andrewakim) in [https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523) - Update readme with v3/v2/v1 deprecation notice by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/upload-artifact/pull/561](https://togithub.com/actions/upload-artifact/pull/561) - updating `@actions/artifact` dependency to v2.1.5 and `@actions/core` to v1.0.1 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/upload-artifact/pull/562](https://togithub.com/actions/upload-artifact/pull/562) #### New Contributors - [@​andrewakim](https://togithub.com/andrewakim) made their first contribution in [https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523) **Full Changelog**: actions/upload-artifact@v4.3.1...v4.3.2 </details> <details> <summary>ianlewis/todo-issue-reopener (ianlewis/todo-issue-reopener)</summary> ### [`v1.2.1`](https://togithub.com/ianlewis/todo-issue-reopener/releases/tag/v1.2.1) [Compare Source](https://togithub.com/ianlewis/todo-issue-reopener/compare/v1.2.0...v1.2.1) ##### Fixed in 1.2.1 - Fixed the "error updating to TUF remote mirror: invalid key" error ([#​688](https://togithub.com/ianlewis/todo-issue-reopener/issues/688)). #### All changes - fix: Update slsa-verifier version by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/ianlewis/todo-issue-reopener/pull/689](https://togithub.com/ianlewis/todo-issue-reopener/pull/689) - chore(deps): Bump github/codeql-action from 3.23.2 to 3.25.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/ianlewis/todo-issue-reopener/pull/711](https://togithub.com/ianlewis/todo-issue-reopener/pull/711) - chore(deps): Bump codecov/codecov-action from 4.0.1 to 4.4.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/ianlewis/todo-issue-reopener/pull/705](https://togithub.com/ianlewis/todo-issue-reopener/pull/705) - chore(deps): Bump actions/upload-artifact from 4.3.0 to 4.3.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/ianlewis/todo-issue-reopener/pull/670](https://togithub.com/ianlewis/todo-issue-reopener/pull/670) - chore(deps-dev): Bump [@​types/jest](https://togithub.com/types/jest) from 29.5.11 to 29.5.12 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/ianlewis/todo-issue-reopener/pull/664](https://togithub.com/ianlewis/todo-issue-reopener/pull/664) - chore(deps): Bump actions/setup-node from 4.0.1 to 4.0.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/ianlewis/todo-issue-reopener/pull/605](https://togithub.com/ianlewis/todo-issue-reopener/pull/605) - chore(deps): Bump yamllint from 1.33.0 to 1.35.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/ianlewis/todo-issue-reopener/pull/598](https://togithub.com/ianlewis/todo-issue-reopener/pull/598) - chore(deps-dev): Bump eslint-plugin-github from 4.9.1 to 4.10.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/ianlewis/todo-issue-reopener/pull/592](https://togithub.com/ianlewis/todo-issue-reopener/pull/592) - chore(deps): Bump thehanimo/pr-title-checker from 1.4.1 to 1.4.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/ianlewis/todo-issue-reopener/pull/604](https://togithub.com/ianlewis/todo-issue-reopener/pull/604) - chore(deps): Bump yaml from 2.3.4 to 2.4.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/ianlewis/todo-issue-reopener/pull/727](https://togithub.com/ianlewis/todo-issue-reopener/pull/727) - chore(deps-dev): Bump [@​vercel/ncc](https://togithub.com/vercel/ncc) from 0.36.1 to 0.38.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/ianlewis/todo-issue-reopener/pull/635](https://togithub.com/ianlewis/todo-issue-reopener/pull/635) - chore(deps-dev): Bump eslint from 8.56.0 to 8.57.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/ianlewis/todo-issue-reopener/pull/634](https://togithub.com/ianlewis/todo-issue-reopener/pull/634) - chore(release): v1.2.1 by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/ianlewis/todo-issue-reopener/pull/833](https://togithub.com/ianlewis/todo-issue-reopener/pull/833) **Full Changelog**: ianlewis/todo-issue-reopener@v1.2.0...v1.2.1 </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) > \[!NOTE]\ > There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag #### What's Changed - 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1366](https://togithub.com/ossf/scorecard-action/pull/1366) - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1374](https://togithub.com/ossf/scorecard-action/pull/1374) - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1377](https://togithub.com/ossf/scorecard-action/pull/1377) For a full changelist of what these include, see the [v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1) and [v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2) release notes. ##### Documentation - 📖 Move token discussion out of main README. by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1279](https://togithub.com/ossf/scorecard-action/pull/1279) - 📖 link to `ossf/scorecard` workflow instead of maintaining an example by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1352](https://togithub.com/ossf/scorecard-action/pull/1352) - 📖 update api links to new scorecard.dev site by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1376](https://togithub.com/ossf/scorecard-action/pull/1376) **Full Changelog**: ossf/scorecard-action@v2.3.1...v2.3.3 ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) ### [`v2.3.1`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.1) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.0...v2.3.1) #### What's Changed - 🌱 Bump github.com/ossf/scorecard/v4 from v4.13.0 to v4.13.1 by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1282](https://togithub.com/ossf/scorecard-action/pull/1282) - Adds additional Fuzzing detection and fixes a SAST bug related to detecting CodeQL. For a full changelist of what this includes, see the [v4.13.1](https://togithub.com/ossf/scorecard/releases/tag/v4.13.1) release notes **Full Changelog**: ossf/scorecard-action@v2.3.0...v2.3.1 </details> <details> <summary>sigstore/cosign-installer (sigstore/cosign-installer)</summary> ### [`v3.5.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.5.0) [Compare Source](https://togithub.com/sigstore/cosign-installer/compare/v3.4.0...v3.5.0) #### What's Changed - Bump actions/checkout from 4.1.1 to 4.1.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/sigstore/cosign-installer/pull/157](https://togithub.com/sigstore/cosign-installer/pull/157) - use go 1.22 now by [@​bobcallaway](https://togithub.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/160](https://togithub.com/sigstore/cosign-installer/pull/160) - bump default version to v2.2.4, prep for v3.5.0 release by [@​bobcallaway](https://togithub.com/bobcallaway) in [https://github.com/sigstore/cosign-installer/pull/159](https://togithub.com/sigstore/cosign-installer/pull/159) **Full Changelog**: sigstore/cosign-installer@v3.4.0...v3.5.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on the first day of the month" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/slsa-framework/slsa-github-generator). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNjMuNSIsInVwZGF0ZWRJblZlciI6IjM3LjM2My41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Signed-off-by: Mend Renovate <bot@renovateapp.com>
josieang
referenced
this pull request
in josieang/osv-scanner
Jun 6, 2024
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.1` -> `v4.1.4` | | [actions/download-artifact](https://togithub.com/actions/download-artifact) | action | patch | `v4.1.4` -> `v4.1.7` | | [actions/setup-go](https://togithub.com/actions/setup-go) | action | patch | `v5.0.0` -> `v5.0.1` | | [actions/upload-artifact](https://togithub.com/actions/upload-artifact) | action | patch | `v4.3.1` -> `v4.3.3` | | [codecov/codecov-action](https://togithub.com/codecov/codecov-action) | action | patch | `v4.3.0` -> `v4.3.1` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | minor | `v3.24.10` -> `v3.25.3` | | [golangci/golangci-lint-action](https://togithub.com/golangci/golangci-lint-action) | action | patch | `v4.0.0` -> `v4.0.1` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4) - Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1692](https://togithub.com/actions/checkout/pull/1692) - Add dependabot config by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1688](https://togithub.com/actions/checkout/pull/1688) - Bump the minor-actions-dependencies group with 2 updates by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1693](https://togithub.com/actions/checkout/pull/1693) - Bump word-wrap from 1.2.3 to 1.2.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1643](https://togithub.com/actions/checkout/pull/1643) ### [`v4.1.3`](https://togithub.com/actions/checkout/releases/tag/v4.1.3) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.2...v4.1.3) #### What's Changed - Update `actions/checkout` version in `update-main-version.yml` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1650](https://togithub.com/actions/checkout/pull/1650) - Check git version before attempting to disable `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1656](https://togithub.com/actions/checkout/pull/1656) - Add SSH user parameter by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1685](https://togithub.com/actions/checkout/pull/1685) **Full Changelog**: actions/checkout@v4.1.2...v4.1.3 ### [`v4.1.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.1...v4.1.2) - Fix: Disable sparse checkout whenever `sparse-checkout` option is not present [@​dscho](https://togithub.com/dscho) in [https://github.com/actions/checkout/pull/1598](https://togithub.com/actions/checkout/pull/1598) </details> <details> <summary>actions/download-artifact (actions/download-artifact)</summary> ### [`v4.1.7`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.7) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.6...v4.1.7) #### What's Changed - Update [@​actions/artifact](https://togithub.com/actions/artifact) dependency by [@​bethanyj28](https://togithub.com/bethanyj28) in [https://github.com/actions/download-artifact/pull/325](https://togithub.com/actions/download-artifact/pull/325) **Full Changelog**: actions/download-artifact@v4.1.6...v4.1.7 ### [`v4.1.6`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.6) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.5...v4.1.6) #### What's Changed - updating `@actions/artifact` dependency to v2.1.6 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/download-artifact/pull/324](https://togithub.com/actions/download-artifact/pull/324) **Full Changelog**: actions/download-artifact@v4.1.5...v4.1.6 ### [`v4.1.5`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.4...v4.1.5) #### What's Changed - Update readme with v3/v2/v1 deprecation notice by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/download-artifact/pull/322](https://togithub.com/actions/download-artifact/pull/322) - Update dependencies `@actions/core` to v1.10.1 and `@actions/artifact` to v2.1.5 **Full Changelog**: actions/download-artifact@v4.1.4...v4.1.5 </details> <details> <summary>actions/setup-go (actions/setup-go)</summary> ### [`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1) [Compare Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1) #### What's Changed - Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by [@​dependabot](https://togithub.com/dependabot) , [@​HarithaVattikuti](https://togithub.com/HarithaVattikuti) in [https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465) - Update documentation with latest V5 release notes by [@​ab](https://togithub.com/ab) in [https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459) - Update version documentation by [@​178inaba](https://togithub.com/178inaba) in [https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458) - Documentation update of `actions/setup-go` to v5 by [@​chenrui333](https://togithub.com/chenrui333) in [https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449) #### New Contributors - [@​ab](https://togithub.com/ab) made their first contribution in [https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459) **Full Changelog**: actions/setup-go@v5.0.0...v5.0.1 </details> <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v4.3.3`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.3) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.2...v4.3.3) ##### What's Changed - updating `@actions/artifact` dependency to v2.1.6 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/upload-artifact/pull/565](https://togithub.com/actions/upload-artifact/pull/565) **Full Changelog**: actions/upload-artifact@v4.3.2...v4.3.3 ### [`v4.3.2`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.2) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.1...v4.3.2) #### What's Changed - Update release-new-action-version.yml by [@​konradpabjan](https://togithub.com/konradpabjan) in [https://github.com/actions/upload-artifact/pull/516](https://togithub.com/actions/upload-artifact/pull/516) - Minor fix to the migration readme by [@​andrewakim](https://togithub.com/andrewakim) in [https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523) - Update readme with v3/v2/v1 deprecation notice by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/upload-artifact/pull/561](https://togithub.com/actions/upload-artifact/pull/561) - updating `@actions/artifact` dependency to v2.1.5 and `@actions/core` to v1.0.1 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/upload-artifact/pull/562](https://togithub.com/actions/upload-artifact/pull/562) #### New Contributors - [@​andrewakim](https://togithub.com/andrewakim) made their first contribution in [https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523) **Full Changelog**: actions/upload-artifact@v4.3.1...v4.3.2 </details> <details> <summary>codecov/codecov-action (codecov/codecov-action)</summary> ### [`v4.3.1`](https://togithub.com/codecov/codecov-action/compare/v4.3.0...v4.3.1) [Compare Source](https://togithub.com/codecov/codecov-action/compare/v4.3.0...v4.3.1) </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.3`](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3) ### [`v3.25.2`](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2) ### [`v3.25.1`](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1) ### [`v3.25.0`](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.25.0) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.25.0) </details> <details> <summary>golangci/golangci-lint-action (golangci/golangci-lint-action)</summary> ### [`v4.0.1`](https://togithub.com/golangci/golangci-lint-action/releases/tag/v4.0.1) [Compare Source](https://togithub.com/golangci/golangci-lint-action/compare/v4.0.0...v4.0.1) <!-- Release notes generated using configuration in .github/release.yml at v4.0.1 --> #### What's Changed ##### Documentation - docs: update the version of the action used in the README example by [@​178inaba](https://togithub.com/178inaba) in [https://github.com/golangci/golangci-lint-action/pull/977](https://togithub.com/golangci/golangci-lint-action/pull/977) ##### Dependencies - build(deps): bump [@​types/semver](https://togithub.com/types/semver) from 7.5.6 to 7.5.7 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/969](https://togithub.com/golangci/golangci-lint-action/pull/969) - build(deps-dev): bump [@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 6.20.0 to 6.21.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/970](https://togithub.com/golangci/golangci-lint-action/pull/970) - build(deps-dev): bump eslint-plugin-simple-import-sort from 10.0.0 to 12.0.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/971](https://togithub.com/golangci/golangci-lint-action/pull/971) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 6.20.0 to 6.21.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/973](https://togithub.com/golangci/golangci-lint-action/pull/973) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.11.16 to 20.11.17 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/972](https://togithub.com/golangci/golangci-lint-action/pull/972) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.11.17 to 20.11.19 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/979](https://togithub.com/golangci/golangci-lint-action/pull/979) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 6.21.0 to 7.0.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/980](https://togithub.com/golangci/golangci-lint-action/pull/980) - build(deps): bump undici from 5.26.3 to 5.28.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/976](https://togithub.com/golangci/golangci-lint-action/pull/976) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.11.19 to 20.11.20 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/985](https://togithub.com/golangci/golangci-lint-action/pull/985) - build(deps): bump [@​types/semver](https://togithub.com/types/semver) from 7.5.7 to 7.5.8 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/986](https://togithub.com/golangci/golangci-lint-action/pull/986) - build(deps-dev): bump eslint from 8.56.0 to 8.57.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/987](https://togithub.com/golangci/golangci-lint-action/pull/987) - build(deps): bump tmp from 0.2.1 to 0.2.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/989](https://togithub.com/golangci/golangci-lint-action/pull/989) - build(deps-dev): bump [@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 6.21.0 to 7.1.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/988](https://togithub.com/golangci/golangci-lint-action/pull/988) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.11.20 to 20.11.24 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/990](https://togithub.com/golangci/golangci-lint-action/pull/990) - build(deps-dev): bump [@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 7.1.0 to 7.1.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/991](https://togithub.com/golangci/golangci-lint-action/pull/991) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.11.24 to 20.11.25 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/992](https://togithub.com/golangci/golangci-lint-action/pull/992) - build(deps-dev): bump typescript from 5.3.3 to 5.4.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/993](https://togithub.com/golangci/golangci-lint-action/pull/993) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 7.1.0 to 7.1.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/994](https://togithub.com/golangci/golangci-lint-action/pull/994) - build(deps): bump [@​actions/http-client](https://togithub.com/actions/http-client) from 2.2.0 to 2.2.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/995](https://togithub.com/golangci/golangci-lint-action/pull/995) - build(deps): bump google.golang.org/protobuf from 1.28.0 to 1.33.0 in /sample-go-mod by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/997](https://togithub.com/golangci/golangci-lint-action/pull/997) - build(deps-dev): bump [@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 7.1.1 to 7.2.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/998](https://togithub.com/golangci/golangci-lint-action/pull/998) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.11.25 to 20.11.28 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1000](https://togithub.com/golangci/golangci-lint-action/pull/1000) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 7.1.1 to 7.2.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/999](https://togithub.com/golangci/golangci-lint-action/pull/999) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 7.2.0 to 7.3.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1003](https://togithub.com/golangci/golangci-lint-action/pull/1003) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.11.28 to 20.11.30 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1004](https://togithub.com/golangci/golangci-lint-action/pull/1004) - build(deps-dev): bump typescript from 5.4.2 to 5.4.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1005](https://togithub.com/golangci/golangci-lint-action/pull/1005) - build(deps-dev): bump [@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 7.2.0 to 7.3.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1006](https://togithub.com/golangci/golangci-lint-action/pull/1006) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.11.30 to 20.12.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1007](https://togithub.com/golangci/golangci-lint-action/pull/1007) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 7.3.1 to 7.4.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1008](https://togithub.com/golangci/golangci-lint-action/pull/1008) - build(deps-dev): bump [@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 7.3.1 to 7.4.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1009](https://togithub.com/golangci/golangci-lint-action/pull/1009) - build(deps): bump undici from 5.28.3 to 5.28.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1010](https://togithub.com/golangci/golangci-lint-action/pull/1010) - build(deps-dev): bump typescript from 5.4.3 to 5.4.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1011](https://togithub.com/golangci/golangci-lint-action/pull/1011) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.12.2 to 20.12.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1012](https://togithub.com/golangci/golangci-lint-action/pull/1012) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 7.4.0 to 7.5.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1013](https://togithub.com/golangci/golangci-lint-action/pull/1013) - build(deps-dev): bump [@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 7.4.0 to 7.5.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1014](https://togithub.com/golangci/golangci-lint-action/pull/1014) - build(deps): bump [@​types/node](https://togithub.com/types/node) from 20.12.5 to 20.12.7 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1016](https://togithub.com/golangci/golangci-lint-action/pull/1016) - build(deps-dev): bump typescript from 5.4.4 to 5.4.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1017](https://togithub.com/golangci/golangci-lint-action/pull/1017) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 7.5.0 to 7.6.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1019](https://togithub.com/golangci/golangci-lint-action/pull/1019) - build(deps-dev): bump eslint-plugin-simple-import-sort from 12.0.0 to 12.1.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1018](https://togithub.com/golangci/golangci-lint-action/pull/1018) - build(deps-dev): bump [@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 7.5.0 to 7.7.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1022](https://togithub.com/golangci/golangci-lint-action/pull/1022) - build(deps-dev): bump [@​typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin) from 7.6.0 to 7.7.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/golangci/golangci-lint-action/pull/1023](https://togithub.com/golangci/golangci-lint-action/pull/1023) #### New Contributors - [@​178inaba](https://togithub.com/178inaba) made their first contribution in [https://github.com/golangci/golangci-lint-action/pull/977](https://togithub.com/golangci/golangci-lint-action/pull/977) **Full Changelog**: golangci/golangci-lint-action@v4.0.0...v4.0.1 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 6am on monday" in timezone Australia/Sydney, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/google/osv-scanner). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMTMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjM0MC4xMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIl19-->
ramonpetgrave64
referenced
this pull request
in slsa-framework/slsa-verifier
Jul 1, 2024
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.1` -> `v4.1.7` | | [actions/dependency-review-action](https://togithub.com/actions/dependency-review-action) | action | minor | `v4.2.5` -> `v4.3.3` | | [actions/download-artifact](https://togithub.com/actions/download-artifact) | action | patch | `v4.1.4` -> `v4.1.7` | | [actions/setup-go](https://togithub.com/actions/setup-go) | action | patch | `v5.0.0` -> `v5.0.1` | | [actions/upload-artifact](https://togithub.com/actions/upload-artifact) | action | patch | `v4.3.1` -> `v4.3.3` | | [actionsdesk/lfs-warning](https://togithub.com/actionsdesk/lfs-warning) | action | minor | `v3.2` -> `v3.3` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | minor | `v3.24.9` -> `v3.25.11` | | [golangci/golangci-lint-action](https://togithub.com/golangci/golangci-lint-action) | action | pinDigest | -> `d6238b0` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.1` -> `v2.3.3` | | [slsa-framework/slsa-github-generator](https://togithub.com/slsa-framework/slsa-github-generator) | action | pinDigest | -> `c747fe7` | | [slsa-framework/slsa-verifier](https://togithub.com/slsa-framework/slsa-verifier) | action | minor | `v2.4.1` -> `v2.5.1` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.7`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v417) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.6...v4.1.7) - Bump the minor-npm-dependencies group across 1 directory with 4 updates by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1739](https://togithub.com/actions/checkout/pull/1739) - Bump actions/checkout from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1697](https://togithub.com/actions/checkout/pull/1697) - Check out other refs/\* by commit by [@​orhantoy](https://togithub.com/orhantoy) in [https://github.com/actions/checkout/pull/1774](https://togithub.com/actions/checkout/pull/1774) - Pin actions/checkout's own workflows to a known, good, stable version. by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1776](https://togithub.com/actions/checkout/pull/1776) ### [`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6) - Check platform to set archive extension appropriately by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1732](https://togithub.com/actions/checkout/pull/1732) ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703) - Bump github/codeql-action from 2 to 3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694) - Bump actions/setup-node from 1 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696) - Bump actions/upload-artifact from 2 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695) - README: Suggest `user.email` to be `41898282+github-actions[bot]@​users.noreply.github.com` by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707) **Full Changelog**: actions/checkout@v4.1.4...v4.1.5 ### [`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4) - Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1692](https://togithub.com/actions/checkout/pull/1692) - Add dependabot config by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1688](https://togithub.com/actions/checkout/pull/1688) - Bump the minor-actions-dependencies group with 2 updates by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1693](https://togithub.com/actions/checkout/pull/1693) - Bump word-wrap from 1.2.3 to 1.2.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1643](https://togithub.com/actions/checkout/pull/1643) ### [`v4.1.3`](https://togithub.com/actions/checkout/releases/tag/v4.1.3) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.2...v4.1.3) #### What's Changed - Update `actions/checkout` version in `update-main-version.yml` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1650](https://togithub.com/actions/checkout/pull/1650) - Check git version before attempting to disable `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1656](https://togithub.com/actions/checkout/pull/1656) - Add SSH user parameter by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1685](https://togithub.com/actions/checkout/pull/1685) **Full Changelog**: actions/checkout@v4.1.2...v4.1.3 ### [`v4.1.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.1...v4.1.2) - Fix: Disable sparse checkout whenever `sparse-checkout` option is not present [@​dscho](https://togithub.com/dscho) in [https://github.com/actions/checkout/pull/1598](https://togithub.com/actions/checkout/pull/1598) </details> <details> <summary>actions/dependency-review-action (actions/dependency-review-action)</summary> ### [`v4.3.3`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.3.3): Notes for v4.3.3 [Compare Source](https://togithub.com/actions/dependency-review-action/compare/v4.3.2...v4.3.3) #### What's Changed - Allow slashes in purl package names by [@​juxtin](https://togithub.com/juxtin) in [https://github.com/actions/dependency-review-action/pull/765](https://togithub.com/actions/dependency-review-action/pull/765) - use the v3 version of the deps.dev API by [@​josieang](https://togithub.com/josieang) in [https://github.com/actions/dependency-review-action/pull/741](https://togithub.com/actions/dependency-review-action/pull/741) - PR with suggestions - \[Improvement]: Help streamline / simplify dependency review action README by [@​am-stead](https://togithub.com/am-stead) in [https://github.com/actions/dependency-review-action/pull/773](https://togithub.com/actions/dependency-review-action/pull/773) - fix show-openssf-scorecard-levels input by [@​ramann](https://togithub.com/ramann) in [https://github.com/actions/dependency-review-action/pull/776](https://togithub.com/actions/dependency-review-action/pull/776) - Updates to the contribution guidelines by [@​jonjanego](https://togithub.com/jonjanego) in [https://github.com/actions/dependency-review-action/pull/778](https://togithub.com/actions/dependency-review-action/pull/778) - Create issue templates by [@​jonjanego](https://togithub.com/jonjanego) in [https://github.com/actions/dependency-review-action/pull/777](https://togithub.com/actions/dependency-review-action/pull/777) - Fix the max comment length issue by [@​jhutchings1](https://togithub.com/jhutchings1) and [@​elireisman](https://togithub.com/elireisman) in [https://github.com/actions/dependency-review-action/pull/767](https://togithub.com/actions/dependency-review-action/pull/767) - Bump project version to 4.3.3 in prep for a release by [@​elireisman](https://togithub.com/elireisman) in [https://github.com/actions/dependency-review-action/pull/781](https://togithub.com/actions/dependency-review-action/pull/781) #### New Contributors - [@​josieang](https://togithub.com/josieang) made their first contribution in [https://github.com/actions/dependency-review-action/pull/741](https://togithub.com/actions/dependency-review-action/pull/741) - [@​am-stead](https://togithub.com/am-stead) made their first contribution in [https://github.com/actions/dependency-review-action/pull/773](https://togithub.com/actions/dependency-review-action/pull/773) - [@​ramann](https://togithub.com/ramann) made their first contribution in [https://github.com/actions/dependency-review-action/pull/776](https://togithub.com/actions/dependency-review-action/pull/776) **Full Changelog**: actions/dependency-review-action@v4.3.2...v4.3.3 ### [`v4.3.2`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.3.2) [Compare Source](https://togithub.com/actions/dependency-review-action/compare/v4.3.1...v4.3.2) #### What's Changed - Fix package-url parsing for allow-dependencies-licenses by [@​juxtin](https://togithub.com/juxtin) in [https://github.com/actions/dependency-review-action/pull/761](https://togithub.com/actions/dependency-review-action/pull/761) **Full Changelog**: actions/dependency-review-action@v4.3.1...v4.3.2 ### [`v4.3.1`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.3.1) [Compare Source](https://togithub.com/actions/dependency-review-action/compare/v4.3.0...v4.3.1) #### What's Changed This release fixes some bugs related to package-url parsing that were introduced in 4.3.0. See [https://github.com/actions/dependency-review-action/pull/753](https://togithub.com/actions/dependency-review-action/pull/753). **Full Changelog**: actions/dependency-review-action@V4.3.0...v4.3.1 ### [`v4.3.0`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.3.0) [Compare Source](https://togithub.com/actions/dependency-review-action/compare/v4.2.5...v4.3.0) #### New Features - The `deny-packages` option can now be used without a version number to exclude *all* versions of a package. #### What's Changed - Fix action variable name for scorecard by [@​lukehinds](https://togithub.com/lukehinds) in [https://github.com/actions/dependency-review-action/pull/735](https://togithub.com/actions/dependency-review-action/pull/735) - Fix extra https:// in summary by [@​jhutchings1](https://togithub.com/jhutchings1) in [https://github.com/actions/dependency-review-action/pull/748](https://togithub.com/actions/dependency-review-action/pull/748) - Bump typescript from 5.3.3 to 5.4.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/744](https://togithub.com/actions/dependency-review-action/pull/744) - Bump eslint-plugin-github from 4.10.1 to 4.10.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/737](https://togithub.com/actions/dependency-review-action/pull/737) - Show denied packages with red X by [@​juxtin](https://togithub.com/juxtin) in [https://github.com/actions/dependency-review-action/pull/750](https://togithub.com/actions/dependency-review-action/pull/750) - deny-packages configuration option can deny specified version or all packages by [@​febuiles](https://togithub.com/febuiles) and [@​bteng22](https://togithub.com/bteng22) in [https://github.com/actions/dependency-review-action/pull/733](https://togithub.com/actions/dependency-review-action/pull/733) #### New Contributors - [@​bteng22](https://togithub.com/bteng22) made their first contribution in [https://github.com/actions/dependency-review-action/pull/733](https://togithub.com/actions/dependency-review-action/pull/733) - [@​lukehinds](https://togithub.com/lukehinds) made their first contribution in [https://github.com/actions/dependency-review-action/pull/735](https://togithub.com/actions/dependency-review-action/pull/735) **Full Changelog**: actions/dependency-review-action@v4.2.5...V4.3.0 </details> <details> <summary>actions/download-artifact (actions/download-artifact)</summary> ### [`v4.1.7`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.7) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.6...v4.1.7) #### What's Changed - Update [@​actions/artifact](https://togithub.com/actions/artifact) dependency by [@​bethanyj28](https://togithub.com/bethanyj28) in [https://github.com/actions/download-artifact/pull/325](https://togithub.com/actions/download-artifact/pull/325) **Full Changelog**: actions/download-artifact@v4.1.6...v4.1.7 ### [`v4.1.6`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.6) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.5...v4.1.6) #### What's Changed - updating `@actions/artifact` dependency to v2.1.6 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/download-artifact/pull/324](https://togithub.com/actions/download-artifact/pull/324) **Full Changelog**: actions/download-artifact@v4.1.5...v4.1.6 ### [`v4.1.5`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.4...v4.1.5) #### What's Changed - Update readme with v3/v2/v1 deprecation notice by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/download-artifact/pull/322](https://togithub.com/actions/download-artifact/pull/322) - Update dependencies `@actions/core` to v1.10.1 and `@actions/artifact` to v2.1.5 **Full Changelog**: actions/download-artifact@v4.1.4...v4.1.5 </details> <details> <summary>actions/setup-go (actions/setup-go)</summary> ### [`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1) [Compare Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1) #### What's Changed - Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by [@​dependabot](https://togithub.com/dependabot) , [@​HarithaVattikuti](https://togithub.com/HarithaVattikuti) in [https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465) - Update documentation with latest V5 release notes by [@​ab](https://togithub.com/ab) in [https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459) - Update version documentation by [@​178inaba](https://togithub.com/178inaba) in [https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458) - Documentation update of `actions/setup-go` to v5 by [@​chenrui333](https://togithub.com/chenrui333) in [https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449) #### New Contributors - [@​ab](https://togithub.com/ab) made their first contribution in [https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459) **Full Changelog**: actions/setup-go@v5.0.0...v5.0.1 </details> <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v4.3.3`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.3) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.2...v4.3.3) ##### What's Changed - updating `@actions/artifact` dependency to v2.1.6 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/upload-artifact/pull/565](https://togithub.com/actions/upload-artifact/pull/565) **Full Changelog**: actions/upload-artifact@v4.3.2...v4.3.3 ### [`v4.3.2`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.2) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.1...v4.3.2) #### What's Changed - Update release-new-action-version.yml by [@​konradpabjan](https://togithub.com/konradpabjan) in [https://github.com/actions/upload-artifact/pull/516](https://togithub.com/actions/upload-artifact/pull/516) - Minor fix to the migration readme by [@​andrewakim](https://togithub.com/andrewakim) in [https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523) - Update readme with v3/v2/v1 deprecation notice by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/upload-artifact/pull/561](https://togithub.com/actions/upload-artifact/pull/561) - updating `@actions/artifact` dependency to v2.1.5 and `@actions/core` to v1.0.1 by [@​eggyhead](https://togithub.com/eggyhead) in [https://github.com/actions/upload-artifact/pull/562](https://togithub.com/actions/upload-artifact/pull/562) #### New Contributors - [@​andrewakim](https://togithub.com/andrewakim) made their first contribution in [https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523) **Full Changelog**: actions/upload-artifact@v4.3.1...v4.3.2 </details> <details> <summary>actionsdesk/lfs-warning (actionsdesk/lfs-warning)</summary> ### [`v3.3`](https://togithub.com/ppremk/lfs-warning/releases/tag/v3.3) [Compare Source](https://togithub.com/actionsdesk/lfs-warning/compare/v3.2...v3.3) #### What's Changed - update node js to 16 by [@​GlazerMann](https://togithub.com/GlazerMann) in [https://github.com/ppremk/lfs-warning/pull/148](https://togithub.com/ppremk/lfs-warning/pull/148) - Fixing README to match repo move by [@​samthebest](https://togithub.com/samthebest) in [https://github.com/ppremk/lfs-warning/pull/153](https://togithub.com/ppremk/lfs-warning/pull/153) - Update CODEOWNERS by [@​rajbos](https://togithub.com/rajbos) in [https://github.com/ppremk/lfs-warning/pull/158](https://togithub.com/ppremk/lfs-warning/pull/158) - Bump http-cache-semantics from 4.1.0 to 4.1.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/ppremk/lfs-warning/pull/151](https://togithub.com/ppremk/lfs-warning/pull/151) - Bump [@​babel/traverse](https://togithub.com/babel/traverse) from 7.15.4 to 7.23.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/ppremk/lfs-warning/pull/159](https://togithub.com/ppremk/lfs-warning/pull/159) - Bump tough-cookie from 4.0.0 to 4.1.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/ppremk/lfs-warning/pull/160](https://togithub.com/ppremk/lfs-warning/pull/160) - Bump cacheable-request and gts by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/ppremk/lfs-warning/pull/152](https://togithub.com/ppremk/lfs-warning/pull/152) - Update emoji and convert file list to markdown list by [@​rajbos](https://togithub.com/rajbos) in [https://github.com/ppremk/lfs-warning/pull/161](https://togithub.com/ppremk/lfs-warning/pull/161) - Bump got and gts by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/ppremk/lfs-warning/pull/155](https://togithub.com/ppremk/lfs-warning/pull/155) - Exclude files without blob_url when getting PR blobs by [@​rajbos](https://togithub.com/rajbos) in [https://github.com/ppremk/lfs-warning/pull/162](https://togithub.com/ppremk/lfs-warning/pull/162) - Support pull_request_target by [@​rajbos](https://togithub.com/rajbos) in [https://github.com/ppremk/lfs-warning/pull/164](https://togithub.com/ppremk/lfs-warning/pull/164) - Update-node by [@​rajbos](https://togithub.com/rajbos) in [https://github.com/ppremk/lfs-warning/pull/163](https://togithub.com/ppremk/lfs-warning/pull/163) - Fix text setup for the issue comment by [@​rajbos](https://togithub.com/rajbos) in [https://github.com/ppremk/lfs-warning/pull/166](https://togithub.com/ppremk/lfs-warning/pull/166) - Validate PR changes to make sure there are no changes missing by [@​rajbos](https://togithub.com/rajbos) in [https://github.com/ppremk/lfs-warning/pull/165](https://togithub.com/ppremk/lfs-warning/pull/165) - Fix emoji by [@​rajbos](https://togithub.com/rajbos) in [https://github.com/ppremk/lfs-warning/pull/167](https://togithub.com/ppremk/lfs-warning/pull/167) - Bump undici from 5.28.2 to 5.28.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/ppremk/lfs-warning/pull/171](https://togithub.com/ppremk/lfs-warning/pull/171) #### New Contributors - [@​GlazerMann](https://togithub.com/GlazerMann) made their first contribution in [https://github.com/ppremk/lfs-warning/pull/148](https://togithub.com/ppremk/lfs-warning/pull/148) - [@​samthebest](https://togithub.com/samthebest) made their first contribution in [https://github.com/ppremk/lfs-warning/pull/153](https://togithub.com/ppremk/lfs-warning/pull/153) - [@​rajbos](https://togithub.com/rajbos) made their first contribution in [https://github.com/ppremk/lfs-warning/pull/158](https://togithub.com/ppremk/lfs-warning/pull/158) **Full Changelog**: ppremk/lfs-warning@v3.2...v3.3 </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.11`](https://togithub.com/github/codeql-action/compare/v3.25.10...v3.25.11) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.10...v3.25.11) ### [`v3.25.10`](https://togithub.com/github/codeql-action/compare/v3.25.9...v3.25.10) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.9...v3.25.10) ### [`v3.25.9`](https://togithub.com/github/codeql-action/compare/v3.25.8...v3.25.9) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.8...v3.25.9) ### [`v3.25.8`](https://togithub.com/github/codeql-action/compare/v3.25.7...v3.25.8) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.7...v3.25.8) ### [`v3.25.7`](https://togithub.com/github/codeql-action/compare/v3.25.6...v3.25.7) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.6...v3.25.7) ### [`v3.25.6`](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) ### [`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) ### [`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) ### [`v3.25.3`](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3) ### [`v3.25.2`](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2) ### [`v3.25.1`](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1) ### [`v3.25.0`](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.25.0) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.11...v3.25.0) ### [`v3.24.11`](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.24.11) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.24.11) ### [`v3.24.10`](https://togithub.com/github/codeql-action/compare/v3.24.9...v3.24.10) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.9...v3.24.10) </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) > \[!NOTE]\ > There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag #### What's Changed - 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1366](https://togithub.com/ossf/scorecard-action/pull/1366) - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1374](https://togithub.com/ossf/scorecard-action/pull/1374) - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1377](https://togithub.com/ossf/scorecard-action/pull/1377) For a full changelist of what these include, see the [v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1) and [v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2) release notes. ##### Documentation - 📖 Move token discussion out of main README. by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1279](https://togithub.com/ossf/scorecard-action/pull/1279) - 📖 link to `ossf/scorecard` workflow instead of maintaining an example by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1352](https://togithub.com/ossf/scorecard-action/pull/1352) - 📖 update api links to new scorecard.dev site by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1376](https://togithub.com/ossf/scorecard-action/pull/1376) **Full Changelog**: ossf/scorecard-action@v2.3.1...v2.3.3 ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) </details> <details> <summary>slsa-framework/slsa-verifier (slsa-framework/slsa-verifier)</summary> ### [`v2.5.1`](https://togithub.com/slsa-framework/slsa-verifier/releases/tag/v2.5.1) [Compare Source](https://togithub.com/slsa-framework/slsa-verifier/compare/v2.4.1...v2.5.1) #### What's Changed - feat: Add cosign registry opts for provenance registry by [@​saisatishkarra](https://togithub.com/saisatishkarra) in [https://github.com/slsa-framework/slsa-verifier/pull/729](https://togithub.com/slsa-framework/slsa-verifier/pull/729) and [https://github.com/slsa-framework/slsa-verifier/pull/736](https://togithub.com/slsa-framework/slsa-verifier/pull/736) - feat: Add support for DSSE Rekor type by [@​haydentherapper](https://togithub.com/haydentherapper) in [https://github.com/slsa-framework/slsa-verifier/pull/742](https://togithub.com/slsa-framework/slsa-verifier/pull/742) #### New Contributors - [@​saisatishkarra](https://togithub.com/saisatishkarra) made their first contribution in [https://github.com/slsa-framework/slsa-verifier/pull/729](https://togithub.com/slsa-framework/slsa-verifier/pull/729) - [@​ramonpetgrave64](https://togithub.com/ramonpetgrave64) made their first contribution in [https://github.com/slsa-framework/slsa-verifier/pull/737](https://togithub.com/slsa-framework/slsa-verifier/pull/737) - [@​haydentherapper](https://togithub.com/haydentherapper) made their first contribution in [https://github.com/slsa-framework/slsa-verifier/pull/742](https://togithub.com/slsa-framework/slsa-verifier/pull/742) **Full Changelog**: v2.4.1...v2.5.1 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on the first day of the month" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/slsa-framework/slsa-verifier). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40MjEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjQyMS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
simonknittel
referenced
this pull request
in simonknittel/sinister-incorporated
Jul 23, 2024
This PR contains the following updates: | Package | Type | Update | Change | Pending | |---|---|---|---|---| | [@tanstack/react-table](https://tanstack.com/table) ([source](https://togithub.com/TanStack/table/tree/HEAD/packages/react-table)) | dependencies | patch | [`8.19.2` -> `8.19.3`](https://renovatebot.com/diffs/npm/@tanstack%2freact-table/8.19.2/8.19.3) | | | [@trpc/client](https://trpc.io) ([source](https://togithub.com/trpc/trpc/tree/HEAD/packages/client)) | dependencies | patch | [`11.0.0-rc.456` -> `11.0.0-rc.461`](https://renovatebot.com/diffs/npm/@trpc%2fclient/11.0.0-rc.456/11.0.0-rc.461) | `11.0.0-rc.467` (+2) | | [@trpc/next](https://trpc.io) ([source](https://togithub.com/trpc/trpc/tree/HEAD/packages/next)) | dependencies | patch | [`11.0.0-rc.456` -> `11.0.0-rc.461`](https://renovatebot.com/diffs/npm/@trpc%2fnext/11.0.0-rc.456/11.0.0-rc.461) | `11.0.0-rc.467` (+2) | | [@trpc/react-query](https://trpc.io) ([source](https://togithub.com/trpc/trpc/tree/HEAD/packages/react)) | dependencies | patch | [`11.0.0-rc.456` -> `11.0.0-rc.461`](https://renovatebot.com/diffs/npm/@trpc%2freact-query/11.0.0-rc.456/11.0.0-rc.461) | `11.0.0-rc.467` (+2) | | [@trpc/server](https://trpc.io) ([source](https://togithub.com/trpc/trpc/tree/HEAD/packages/server)) | dependencies | patch | [`11.0.0-rc.456` -> `11.0.0-rc.461`](https://renovatebot.com/diffs/npm/@trpc%2fserver/11.0.0-rc.456/11.0.0-rc.461) | `11.0.0-rc.467` (+2) | | [@types/lodash](https://togithub.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/lodash) ([source](https://togithub.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/lodash)) | devDependencies | patch | [`4.17.6` -> `4.17.7`](https://renovatebot.com/diffs/npm/@types%2flodash/4.17.6/4.17.7) | | | [@typescript-eslint/eslint-plugin](https://typescript-eslint.io/packages/eslint-plugin) ([source](https://togithub.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/eslint-plugin)) | devDependencies | patch | [`7.16.0` -> `7.16.1`](https://renovatebot.com/diffs/npm/@typescript-eslint%2feslint-plugin/7.16.0/7.16.1) | `7.17.0` | | [@typescript-eslint/parser](https://typescript-eslint.io/packages/parser) ([source](https://togithub.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser)) | devDependencies | patch | [`7.16.0` -> `7.16.1`](https://renovatebot.com/diffs/npm/@typescript-eslint%2fparser/7.16.0/7.16.1) | `7.17.0` | | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.3` -> `v4.1.7` | | | [actions/download-artifact](https://togithub.com/actions/download-artifact) | action | patch | `v4.1.6` -> `v4.1.8` | | | [actions/setup-node](https://togithub.com/actions/setup-node) | action | patch | `v4.0.2` -> `v4.0.3` | | | [actions/upload-artifact](https://togithub.com/actions/upload-artifact) | action | patch | `v4.3.3` -> `v4.3.4` | | | [hashicorp/setup-terraform](https://togithub.com/hashicorp/setup-terraform) | action | minor | `v3.0.0` -> `v3.1.1` | | | [oven-sh/setup-bun](https://togithub.com/oven-sh/setup-bun) | action | patch | `v1.2.1` -> `v1.2.2` | | | [prettier](https://prettier.io) ([source](https://togithub.com/prettier/prettier)) | devDependencies | patch | [`3.3.2` -> `3.3.3`](https://renovatebot.com/diffs/npm/prettier/3.3.2/3.3.3) | | | [renovatebot/github-action](https://togithub.com/renovatebot/github-action) | action | minor | `v40.1.11` -> `v40.2.2` | `v40.2.3` | | [tailwindcss](https://tailwindcss.com) ([source](https://togithub.com/tailwindlabs/tailwindcss)) | devDependencies | patch | [`3.4.4` -> `3.4.5`](https://renovatebot.com/diffs/npm/tailwindcss/3.4.4/3.4.5) | `3.4.6` | --- ### Release Notes <details> <summary>TanStack/table (@​tanstack/react-table)</summary> ### [`v8.19.3`](https://togithub.com/TanStack/table/releases/tag/v8.19.3) [Compare Source](https://togithub.com/TanStack/table/compare/v8.19.2...v8.19.3) Version 8.19.3 - 7/14/24, 8:44 AM #### Changes ##### Fix - table-core: assign unassign parentId in grouped row model ([#​5657](https://togithub.com/TanStack/table/issues/5657)) ([`a71ce10`](https://togithub.com/TanStack/table/commit/a71ce10)) by PiR ##### Ci - enable npm provenance ([#​5654](https://togithub.com/TanStack/table/issues/5654)) ([`0054eb3`](https://togithub.com/TanStack/table/commit/0054eb3)) by Lachlan Collins - Add pkg-pr-new previews ([#​5648](https://togithub.com/TanStack/table/issues/5648)) ([`241f26f`](https://togithub.com/TanStack/table/commit/241f26f)) by Lachlan Collins ##### Docs - use [@​tanstack/lit-virtual](https://togithub.com/tanstack/lit-virtual) for the virtualized table example ([#​5655](https://togithub.com/TanStack/table/issues/5655)) ([`bb0a536`](https://togithub.com/TanStack/table/commit/bb0a536)) by [@​kadoshms](https://togithub.com/kadoshms) - Fix typo in docs/guide/data.md ([#​5642](https://togithub.com/TanStack/table/issues/5642)) ([`6a4a10d`](https://togithub.com/TanStack/table/commit/6a4a10d)) by Joseph Markus - vue: vue filters example ([#​5644](https://togithub.com/TanStack/table/issues/5644)) ([`e749f31`](https://togithub.com/TanStack/table/commit/e749f31)) by Radu Suciu - fix rowpinningstate ([`7548860`](https://togithub.com/TanStack/table/commit/7548860)) by Kevin Vandy #### Packages - [@​tanstack/table-core](https://togithub.com/tanstack/table-core)[@​8](https://togithub.com/8).19.3 - [@​tanstack/angular-table](https://togithub.com/tanstack/angular-table)[@​8](https://togithub.com/8).19.3 - [@​tanstack/lit-table](https://togithub.com/tanstack/lit-table)[@​8](https://togithub.com/8).19.3 - [@​tanstack/qwik-table](https://togithub.com/tanstack/qwik-table)[@​8](https://togithub.com/8).19.3 - [@​tanstack/react-table](https://togithub.com/tanstack/react-table)[@​8](https://togithub.com/8).19.3 - [@​tanstack/solid-table](https://togithub.com/tanstack/solid-table)[@​8](https://togithub.com/8).19.3 - [@​tanstack/svelte-table](https://togithub.com/tanstack/svelte-table)[@​8](https://togithub.com/8).19.3 - [@​tanstack/vue-table](https://togithub.com/tanstack/vue-table)[@​8](https://togithub.com/8).19.3 - [@​tanstack/react-table-devtools](https://togithub.com/tanstack/react-table-devtools)[@​8](https://togithub.com/8).19.3 </details> <details> <summary>trpc/trpc (@​trpc/client)</summary> ### [`v11.0.0-rc.461`](https://togithub.com/trpc/trpc/compare/ab0de47480c1b0d52dc1774bc3b5e481f4f420d3...f178d3fed131c9036014603665a0803de0533c9a) [Compare Source](https://togithub.com/trpc/trpc/compare/ab0de47480c1b0d52dc1774bc3b5e481f4f420d3...f178d3fed131c9036014603665a0803de0533c9a) ### [`v11.0.0-rc.460`](https://togithub.com/trpc/trpc/compare/e14ad2175af4647060a7dd679d293b090636beda...ab0de47480c1b0d52dc1774bc3b5e481f4f420d3) [Compare Source](https://togithub.com/trpc/trpc/compare/e14ad2175af4647060a7dd679d293b090636beda...ab0de47480c1b0d52dc1774bc3b5e481f4f420d3) ### [`v11.0.0-rc.459`](https://togithub.com/trpc/trpc/compare/46c7eea8285542a1115c9dada7b45e9b07f7c23d...e14ad2175af4647060a7dd679d293b090636beda) [Compare Source](https://togithub.com/trpc/trpc/compare/46c7eea8285542a1115c9dada7b45e9b07f7c23d...e14ad2175af4647060a7dd679d293b090636beda) ### [`v11.0.0-rc.458`](https://togithub.com/trpc/trpc/compare/a9a2c25b1ead6113bde45bb26c627e3696fb61a8...46c7eea8285542a1115c9dada7b45e9b07f7c23d) [Compare Source](https://togithub.com/trpc/trpc/compare/a9a2c25b1ead6113bde45bb26c627e3696fb61a8...46c7eea8285542a1115c9dada7b45e9b07f7c23d) </details> <details> <summary>trpc/trpc (@​trpc/next)</summary> ### [`v11.0.0-rc.461`](https://togithub.com/trpc/trpc/compare/ab0de47480c1b0d52dc1774bc3b5e481f4f420d3...f178d3fed131c9036014603665a0803de0533c9a) [Compare Source](https://togithub.com/trpc/trpc/compare/ab0de47480c1b0d52dc1774bc3b5e481f4f420d3...f178d3fed131c9036014603665a0803de0533c9a) ### [`v11.0.0-rc.460`](https://togithub.com/trpc/trpc/compare/e14ad2175af4647060a7dd679d293b090636beda...ab0de47480c1b0d52dc1774bc3b5e481f4f420d3) [Compare Source](https://togithub.com/trpc/trpc/compare/e14ad2175af4647060a7dd679d293b090636beda...ab0de47480c1b0d52dc1774bc3b5e481f4f420d3) ### [`v11.0.0-rc.459`](https://togithub.com/trpc/trpc/compare/46c7eea8285542a1115c9dada7b45e9b07f7c23d...e14ad2175af4647060a7dd679d293b090636beda) [Compare Source](https://togithub.com/trpc/trpc/compare/46c7eea8285542a1115c9dada7b45e9b07f7c23d...e14ad2175af4647060a7dd679d293b090636beda) ### [`v11.0.0-rc.458`](https://togithub.com/trpc/trpc/compare/a9a2c25b1ead6113bde45bb26c627e3696fb61a8...46c7eea8285542a1115c9dada7b45e9b07f7c23d) [Compare Source](https://togithub.com/trpc/trpc/compare/a9a2c25b1ead6113bde45bb26c627e3696fb61a8...46c7eea8285542a1115c9dada7b45e9b07f7c23d) </details> <details> <summary>trpc/trpc (@​trpc/react-query)</summary> ### [`v11.0.0-rc.461`](https://togithub.com/trpc/trpc/compare/ab0de47480c1b0d52dc1774bc3b5e481f4f420d3...f178d3fed131c9036014603665a0803de0533c9a) [Compare Source](https://togithub.com/trpc/trpc/compare/ab0de47480c1b0d52dc1774bc3b5e481f4f420d3...f178d3fed131c9036014603665a0803de0533c9a) ### [`v11.0.0-rc.460`](https://togithub.com/trpc/trpc/compare/e14ad2175af4647060a7dd679d293b090636beda...ab0de47480c1b0d52dc1774bc3b5e481f4f420d3) [Compare Source](https://togithub.com/trpc/trpc/compare/e14ad2175af4647060a7dd679d293b090636beda...ab0de47480c1b0d52dc1774bc3b5e481f4f420d3) ### [`v11.0.0-rc.459`](https://togithub.com/trpc/trpc/compare/46c7eea8285542a1115c9dada7b45e9b07f7c23d...e14ad2175af4647060a7dd679d293b090636beda) [Compare Source](https://togithub.com/trpc/trpc/compare/46c7eea8285542a1115c9dada7b45e9b07f7c23d...e14ad2175af4647060a7dd679d293b090636beda) ### [`v11.0.0-rc.458`](https://togithub.com/trpc/trpc/compare/a9a2c25b1ead6113bde45bb26c627e3696fb61a8...46c7eea8285542a1115c9dada7b45e9b07f7c23d) [Compare Source](https://togithub.com/trpc/trpc/compare/a9a2c25b1ead6113bde45bb26c627e3696fb61a8...46c7eea8285542a1115c9dada7b45e9b07f7c23d) </details> <details> <summary>trpc/trpc (@​trpc/server)</summary> ### [`v11.0.0-rc.461`](https://togithub.com/trpc/trpc/compare/ab0de47480c1b0d52dc1774bc3b5e481f4f420d3...f178d3fed131c9036014603665a0803de0533c9a) [Compare Source](https://togithub.com/trpc/trpc/compare/ab0de47480c1b0d52dc1774bc3b5e481f4f420d3...f178d3fed131c9036014603665a0803de0533c9a) ### [`v11.0.0-rc.460`](https://togithub.com/trpc/trpc/compare/e14ad2175af4647060a7dd679d293b090636beda...ab0de47480c1b0d52dc1774bc3b5e481f4f420d3) [Compare Source](https://togithub.com/trpc/trpc/compare/e14ad2175af4647060a7dd679d293b090636beda...ab0de47480c1b0d52dc1774bc3b5e481f4f420d3) ### [`v11.0.0-rc.459`](https://togithub.com/trpc/trpc/compare/46c7eea8285542a1115c9dada7b45e9b07f7c23d...e14ad2175af4647060a7dd679d293b090636beda) [Compare Source](https://togithub.com/trpc/trpc/compare/46c7eea8285542a1115c9dada7b45e9b07f7c23d...e14ad2175af4647060a7dd679d293b090636beda) ### [`v11.0.0-rc.458`](https://togithub.com/trpc/trpc/compare/a9a2c25b1ead6113bde45bb26c627e3696fb61a8...46c7eea8285542a1115c9dada7b45e9b07f7c23d) [Compare Source](https://togithub.com/trpc/trpc/compare/a9a2c25b1ead6113bde45bb26c627e3696fb61a8...46c7eea8285542a1115c9dada7b45e9b07f7c23d) </details> <details> <summary>typescript-eslint/typescript-eslint (@​typescript-eslint/eslint-plugin)</summary> ### [`v7.16.1`](https://togithub.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/eslint-plugin/CHANGELOG.md#7161-2024-07-15) [Compare Source](https://togithub.com/typescript-eslint/typescript-eslint/compare/v7.16.0...v7.16.1) ##### 🩹 Fixes - **eslint-plugin:** \[no-unnecessary-type-parameters] descend into all parts of mapped types in no-unnecessary-type-parameters ##### ❤️ Thank You - Dan Vanderkam You can read about our [versioning strategy](https://main--typescript-eslint.netlify.app/users/versioning) and [releases](https://main--typescript-eslint.netlify.app/users/releases) on our website. </details> <details> <summary>typescript-eslint/typescript-eslint (@​typescript-eslint/parser)</summary> ### [`v7.16.1`](https://togithub.com/typescript-eslint/typescript-eslint/blob/HEAD/packages/parser/CHANGELOG.md#7161-2024-07-15) [Compare Source](https://togithub.com/typescript-eslint/typescript-eslint/compare/v7.16.0...v7.16.1) This was a version bump only for parser to align it with other projects, there were no code changes. You can read about our [versioning strategy](https://main--typescript-eslint.netlify.app/users/versioning) and [releases](https://main--typescript-eslint.netlify.app/users/releases) on our website. </details> <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.7`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v417) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.6...v4.1.7) - Bump the minor-npm-dependencies group across 1 directory with 4 updates by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1739](https://togithub.com/actions/checkout/pull/1739) - Bump actions/checkout from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1697](https://togithub.com/actions/checkout/pull/1697) - Check out other refs/\* by commit by [@​orhantoy](https://togithub.com/orhantoy) in [https://github.com/actions/checkout/pull/1774](https://togithub.com/actions/checkout/pull/1774) - Pin actions/checkout's own workflows to a known, good, stable version. by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1776](https://togithub.com/actions/checkout/pull/1776) ### [`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6) - Check platform to set archive extension appropriately by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1732](https://togithub.com/actions/checkout/pull/1732) ### [`v4.1.5`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v415) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) - Update NPM dependencies by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703) - Bump github/codeql-action from 2 to 3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694) - Bump actions/setup-node from 1 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696) - Bump actions/upload-artifact from 2 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695) - README: Suggest `user.email` to be `41898282+github-actions[bot]@​users.noreply.github.com` by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707) ### [`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4) - Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1692](https://togithub.com/actions/checkout/pull/1692) - Add dependabot config by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1688](https://togithub.com/actions/checkout/pull/1688) - Bump the minor-actions-dependencies group with 2 updates by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1693](https://togithub.com/actions/checkout/pull/1693) - Bump word-wrap from 1.2.3 to 1.2.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1643](https://togithub.com/actions/checkout/pull/1643) </details> <details> <summary>actions/download-artifact (actions/download-artifact)</summary> ### [`v4.1.8`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.8) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.7...v4.1.8) ##### What's Changed - Update [@​actions/artifact](https://togithub.com/actions/artifact) version, bump dependencies by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/download-artifact/pull/341](https://togithub.com/actions/download-artifact/pull/341) **Full Changelog**: https://github.com/actions/download-artifact/compare/v4...v4.1.8 ### [`v4.1.7`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.7) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.6...v4.1.7) ##### What's Changed - Update [@​actions/artifact](https://togithub.com/actions/artifact) dependency by [@​bethanyj28](https://togithub.com/bethanyj28) in [https://github.com/actions/download-artifact/pull/325](https://togithub.com/actions/download-artifact/pull/325) **Full Changelog**: https://github.com/actions/download-artifact/compare/v4.1.6...v4.1.7 </details> <details> <summary>actions/setup-node (actions/setup-node)</summary> ### [`v4.0.3`](https://togithub.com/actions/setup-node/releases/tag/v4.0.3) [Compare Source](https://togithub.com/actions/setup-node/compare/v4.0.2...v4.0.3) ##### What's Changed ##### Bug fixes: - Fix macos latest check failures by [@​HarithaVattikuti](https://togithub.com/HarithaVattikuti) in [https://github.com/actions/setup-node/pull/1041](https://togithub.com/actions/setup-node/pull/1041) ##### Documentation changes: - Documentation update to update default Node version to 20 by [@​bengreeley](https://togithub.com/bengreeley) in [https://github.com/actions/setup-node/pull/949](https://togithub.com/actions/setup-node/pull/949) ##### Dependency updates: - Bump undici from 5.26.5 to 5.28.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/setup-node/pull/965](https://togithub.com/actions/setup-node/pull/965) - Bump braces from 3.0.2 to 3.0.3 and other dependency updates by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/setup-node/pull/1087](https://togithub.com/actions/setup-node/pull/1087) ##### New Contributors - [@​bengreeley](https://togithub.com/bengreeley) made their first contribution in [https://github.com/actions/setup-node/pull/949](https://togithub.com/actions/setup-node/pull/949) - [@​HarithaVattikuti](https://togithub.com/HarithaVattikuti) made their first contribution in [https://github.com/actions/setup-node/pull/1041](https://togithub.com/actions/setup-node/pull/1041) **Full Changelog**: https://github.com/actions/setup-node/compare/v4...v4.0.3 </details> <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v4.3.4`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.4) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.3...v4.3.4) ##### What's Changed - Update [@​actions/artifact](https://togithub.com/actions/artifact) version, bump dependencies by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/upload-artifact/pull/584](https://togithub.com/actions/upload-artifact/pull/584) **Full Changelog**: https://github.com/actions/upload-artifact/compare/v4.3.3...v4.3.4 </details> <details> <summary>hashicorp/setup-terraform (hashicorp/setup-terraform)</summary> ### [`v3.1.1`](https://togithub.com/hashicorp/setup-terraform/releases/tag/v3.1.1) [Compare Source](https://togithub.com/hashicorp/setup-terraform/compare/v3.1.0...v3.1.1) BUG FIXES: - wrapper: Fix wrapper to output to stdout and stderr immediately when data is received ([#​395](https://togithub.com/hashicorp/setup-terraform/issues/395)) ### [`v3.1.0`](https://togithub.com/hashicorp/setup-terraform/releases/tag/v3.1.0) [Compare Source](https://togithub.com/hashicorp/setup-terraform/compare/v3.0.0...v3.1.0) ENHANCEMENTS: - Automatically fallback to darwin/amd64 for Terraform versions before 1.0.2 as releases for darwin/arm64 are not available ([#​409](https://togithub.com/hashicorp/setup-terraform/issues/409)) </details> <details> <summary>oven-sh/setup-bun (oven-sh/setup-bun)</summary> ### [`v1.2.2`](https://togithub.com/oven-sh/setup-bun/releases/tag/v1.2.2) [Compare Source](https://togithub.com/oven-sh/setup-bun/compare/v1.2.1...v1.2.2) `oven-sh/setup-bun` is the github action for setting up Bun. This release introduces support for the `bun-download-url` input, which lets you override the URL used to download the .zip file for Bun. Here's an example: ```yaml - name: Setup Bun uses: oven-sh/setup-bun@v1.2.2 with: bun-version: latest bun-download-url: "https://github.com/oven-sh/bun/releases/latest/download/bun-${{runner.os == 'macOS' && 'darwin' || runner.os}}-${{ runner.arch == 'X64' && 'x64' || 'arm64' }}.zip" ``` </details> <details> <summary>prettier/prettier (prettier)</summary> ### [`v3.3.3`](https://togithub.com/prettier/prettier/blob/HEAD/CHANGELOG.md#333) [Compare Source](https://togithub.com/prettier/prettier/compare/3.3.2...3.3.3) [diff](https://togithub.com/prettier/prettier/compare/3.3.2...3.3.3) ##### Add parentheses for nullish coalescing in ternary ([#​16391](https://togithub.com/prettier/prettier/pull/16391) by [@​cdignam-segment](https://togithub.com/cdignam-segment)) This change adds clarity to operator precedence. <!-- prettier-ignore --> ```js // Input foo ? bar ?? foo : baz; foo ?? bar ? a : b; a ? b : foo ?? bar; // Prettier 3.3.2 foo ? bar ?? foo : baz; foo ?? bar ? a : b; a ? b : foo ?? bar; // Prettier 3.3.3 foo ? (bar ?? foo) : baz; (foo ?? bar) ? a : b; a ? b : (foo ?? bar); ``` ##### Add parentheses for decorator expressions ([#​16458](https://togithub.com/prettier/prettier/pull/16458) by [@​y-schneider](https://togithub.com/y-schneider)) Prevent parentheses around member expressions or tagged template literals from being removed to follow the stricter parsing rules of TypeScript 5.5. <!-- prettier-ignore --> ```ts // Input @​(foo`tagged template`) class X {} // Prettier 3.3.2 @​foo`tagged template` class X {} // Prettier 3.3.3 @​(foo`tagged template`) class X {} ``` ##### Support `@let` declaration syntax ([#​16474](https://togithub.com/prettier/prettier/pull/16474) by [@​sosukesuzuki](https://togithub.com/sosukesuzuki)) Adds support for Angular v18 `@let` declaration syntax. Please see the following code example. The `@let` declaration allows you to define local variables within the template: <!-- prettier-ignore --> ```html @​let name = 'Frodo'; <h1>Dashboard for {{name}}</h1> Hello, {{name}} ``` For more details, please refer to the excellent blog post by the Angular Team: [Introducing @​let in Angular](https://blog.angular.dev/introducing-let-in-angular-686f9f383f0f). We also appreciate the Angular Team for kindly answering our questions to implement this feature. </details> <details> <summary>renovatebot/github-action (renovatebot/github-action)</summary> ### [`v40.2.2`](https://togithub.com/renovatebot/github-action/releases/tag/v40.2.2) [Compare Source](https://togithub.com/renovatebot/github-action/compare/v40.2.1...v40.2.2) ##### Build System - **deps:** update dependency typescript to v5.5.3 ([aa452e6](https://togithub.com/renovatebot/github-action/commit/aa452e6e1be78a232ee775b6a89125c3e989b282)) ##### Continuous Integration - **deps:** update renovate docker tag to v37.426.0 ([fbafef1](https://togithub.com/renovatebot/github-action/commit/fbafef16fbdc9809abf8018bf453069f6b7554f7)) ### [`v40.2.1`](https://togithub.com/renovatebot/github-action/releases/tag/v40.2.1) [Compare Source](https://togithub.com/renovatebot/github-action/compare/v40.2.0...v40.2.1) ##### Documentation - update references to ghcr.io/renovatebot/renovate to v37.425.1 ([d6eed90](https://togithub.com/renovatebot/github-action/commit/d6eed90a68c5bd8b6b1306eb36f25b2cff8c23d8)) - update references to renovatebot/github-action to v40.2.0 ([5ddce28](https://togithub.com/renovatebot/github-action/commit/5ddce2870f4956736608fe53fd3ebb5417e77ee7)) ##### Miscellaneous Chores - **deps:** update dependency [@​types/node](https://togithub.com/types/node) to v20.14.9 ([ec99267](https://togithub.com/renovatebot/github-action/commit/ec99267e602367ffde8c2e59d74ec575d43fc2b3)) ##### Build System - **deps:** lock file maintenance ([65e4373](https://togithub.com/renovatebot/github-action/commit/65e437339eabc083f143603e11e6151abc425de4)) ##### Continuous Integration - **deps:** update renovate docker tag to v37.421.10 ([07e2a27](https://togithub.com/renovatebot/github-action/commit/07e2a2730acf4b5b8abc674d716cb91d9e715486)) - **deps:** update renovate docker tag to v37.422.0 ([39218de](https://togithub.com/renovatebot/github-action/commit/39218de016bcee5a7db50071ae413d48501a7455)) - **deps:** update renovate docker tag to v37.422.1 ([5c05ca6](https://togithub.com/renovatebot/github-action/commit/5c05ca638e6baf2917fd36c1575936073c04aeb6)) - **deps:** update renovate docker tag to v37.422.4 ([de537d7](https://togithub.com/renovatebot/github-action/commit/de537d7c960c01a79a2c6a1433c23b9dcb97c69c)) - **deps:** update renovate docker tag to v37.423.0 ([7901eac](https://togithub.com/renovatebot/github-action/commit/7901eac76864166db606bbffee9500f4877b77e3)) - **deps:** update renovate docker tag to v37.423.1 ([dcd1175](https://togithub.com/renovatebot/github-action/commit/dcd1175e39129bccdede6aa111e494d785ca8662)) - **deps:** update renovate docker tag to v37.424.0 ([f4c559c](https://togithub.com/renovatebot/github-action/commit/f4c559c9ffc73a7d8f1a10def186a0171d3d253e)) - **deps:** update renovate docker tag to v37.424.1 ([beaea3f](https://togithub.com/renovatebot/github-action/commit/beaea3ff534e9eecc90bf98cd8a70c910c3ce5a2)) - **deps:** update renovate docker tag to v37.424.2 ([4ebf550](https://togithub.com/renovatebot/github-action/commit/4ebf5502a23f87d8582fb043c3bb8dede847c2c5)) - **deps:** update renovate docker tag to v37.424.3 ([2a0f11e](https://togithub.com/renovatebot/github-action/commit/2a0f11e6a3baaa8c6c5d733035b29747f6f9413c)) - **deps:** update renovate docker tag to v37.424.4 ([f6a1a25](https://togithub.com/renovatebot/github-action/commit/f6a1a25c1a03b55d35028b8fcdfa57581e5701cf)) - **deps:** update renovate docker tag to v37.425.1 ([e8ded76](https://togithub.com/renovatebot/github-action/commit/e8ded76463d84a1fb507d9af27c4c5d49ba69a1e)) ### [`v40.2.0`](https://togithub.com/renovatebot/github-action/releases/tag/v40.2.0) [Compare Source](https://togithub.com/renovatebot/github-action/compare/v40.1.12...v40.2.0) ##### Features - Add `docker-network` input param ([#​853](https://togithub.com/renovatebot/github-action/issues/853)) ([c928c7f](https://togithub.com/renovatebot/github-action/commit/c928c7fe822ee5d2cc982be0629e7edd753062d0)) ##### Documentation - update references to actions/checkout to v4.1.7 ([4ff182b](https://togithub.com/renovatebot/github-action/commit/4ff182b83a0d598aced93aaef002844ff580dfb6)) - update references to ghcr.io/renovatebot/renovate to v37.399.10 ([d9f7b19](https://togithub.com/renovatebot/github-action/commit/d9f7b19cb18ea286e7368cfdfb3aa1300a08b7db)) - update references to ghcr.io/renovatebot/renovate to v37.409.1 ([b1a2cdc](https://togithub.com/renovatebot/github-action/commit/b1a2cdc9ba49694ecce0ad948a8291ad5098d532)) - update references to ghcr.io/renovatebot/renovate to v37.414.1 ([ed5f0a1](https://togithub.com/renovatebot/github-action/commit/ed5f0a13528de22e3361c4cc055a278250c390ee)) - update references to ghcr.io/renovatebot/renovate to v37.421.3 ([9f6242a](https://togithub.com/renovatebot/github-action/commit/9f6242aff8cf4e1a1cb777841969481269e9cfba)) - update references to renovatebot/github-action to v40.1.12 ([1d7e888](https://togithub.com/renovatebot/github-action/commit/1d7e88866f2f7927c23b266ec76b4c9000d45dd4)) ##### Miscellaneous Chores - **deps:** update commitlint monorepo to v19 (major) ([#​844](https://togithub.com/renovatebot/github-action/issues/844)) ([34e6b8d](https://togithub.com/renovatebot/github-action/commit/34e6b8d22e28e17e0fea173cbaff3edbc2cda190)) - **deps:** update dependency [@​semantic-release/github](https://togithub.com/semantic-release/github) to v10.0.6 ([847b012](https://togithub.com/renovatebot/github-action/commit/847b0122258a184193fabaa8598461670015887a)) - **deps:** update dependency [@​types/node](https://togithub.com/types/node) to v20.12.13 ([1e8ce71](https://togithub.com/renovatebot/github-action/commit/1e8ce718895d96f1128d4c86c5368dec008fa47f)) - **deps:** update dependency [@​types/node](https://togithub.com/types/node) to v20.13.0 ([359b038](https://togithub.com/renovatebot/github-action/commit/359b0383779f3a442dd518f46824eb0c4c6b43a5)) - **deps:** update dependency [@​types/node](https://togithub.com/types/node) to v20.14.0 ([6cc1def](https://togithub.com/renovatebot/github-action/commit/6cc1defe7c3386b79d390abf2ad737a44524d0f1)) - **deps:** update dependency [@​types/node](https://togithub.com/types/node) to v20.14.1 ([d9cd851](https://togithub.com/renovatebot/github-action/commit/d9cd851a8f3d7a07c00e7232a3ca60ebde39fcf5)) - **deps:** update dependency [@​types/node](https://togithub.com/types/node) to v20.14.2 ([c7042bf](https://togithub.com/renovatebot/github-action/commit/c7042bf99e95715f74bf49b82a0a26f4b1741093)) - **deps:** update dependency [@​types/node](https://togithub.com/types/node) to v20.14.4 ([49567cf](https://togithub.com/renovatebot/github-action/commit/49567cfae756cfcb5f26450302ba4c465c94bb05)) - **deps:** update dependency [@​types/node](https://togithub.com/types/node) to v20.14.5 ([f3cb0cb](https://togithub.com/renovatebot/github-action/commit/f3cb0cbc6f282c0b856b61bee314a41ab5859ae9)) - **deps:** update dependency [@​types/node](https://togithub.com/types/node) to v20.14.6 ([9d5ef66](https://togithub.com/renovatebot/github-action/commit/9d5ef6649f857b1eee5135bc6ac5110312f65000)) - **deps:** update dependency [@​types/node](https://togithub.com/types/node) to v20.14.7 ([26228c5](https://togithub.com/renovatebot/github-action/commit/26228c536969c8b2143bc67581647edccfbff096)) - **deps:** update dependency [@​types/node](https://togithub.com/types/node) to v20.14.8 ([bbad4ca](https://togithub.com/renovatebot/github-action/commit/bbad4ca496aa2995eac982e0ea7902f076ae43ac)) - **deps:** update dependency conventional-changelog-conventionalcommits to v8 ([#​845](https://togithub.com/renovatebot/github-action/issues/845)) ([baa196d](https://togithub.com/renovatebot/github-action/commit/baa196d89e153b5e8499f2bd52703a68e9d9119f)) - **deps:** update dependency lint-staged to v15.2.6 ([86e740b](https://togithub.com/renovatebot/github-action/commit/86e740bce75af8d42aa36b7f585d9d9fd32ada8f)) - **deps:** update dependency lint-staged to v15.2.7 ([f3a7571](https://togithub.com/renovatebot/github-action/commit/f3a7571983a77f92e0b07e1cadab7ce8566efb7e)) - **deps:** update dependency prettier to v3.3.0 ([9677d0a](https://togithub.com/renovatebot/github-action/commit/9677d0af3024334b573048d02d882fc62bf82599)) - **deps:** update dependency prettier to v3.3.1 ([0559cdb](https://togithub.com/renovatebot/github-action/commit/0559cdbf2aef339a2d5d2f6c753d563ed1dfc44a)) - **deps:** update dependency prettier to v3.3.2 ([a78922f](https://togithub.com/renovatebot/github-action/commit/a78922fdb18e5e9a2ae915d0e8885b7ef121f982)) - **deps:** update dependency semantic-release to v24 ([#​854](https://togithub.com/renovatebot/github-action/issues/854)) ([38db792](https://togithub.com/renovatebot/github-action/commit/38db79277cb1d644a018af98adb8b8506b5ab333)) - **deps:** update pnpm to v9 ([#​847](https://togithub.com/renovatebot/github-action/issues/847)) ([642ac77](https://togithub.com/renovatebot/github-action/commit/642ac7721c6fefbf8556de8cdbeca4fb2ac550db)) - **deps:** update pnpm to v9.1.4 ([6ecec78](https://togithub.com/renovatebot/github-action/commit/6ecec78fb0c86eae8e8fb3d9b5dfe51b6e9b2275)) - **deps:** update pnpm to v9.2.0 ([749814c](https://togithub.com/renovatebot/github-action/commit/749814c4b1bc2b1bc715d4b53121ff30f97641d2)) - **deps:** update pnpm to v9.3.0 ([1c2bc6d](https://togithub.com/renovatebot/github-action/commit/1c2bc6d7d6051897b787d8888a327778d131d09c)) - **deps:** update pnpm to v9.4.0 ([4e8557f](https://togithub.com/renovatebot/github-action/commit/4e8557fc875d914f5e14610880a7cc78b5baaa80)) - **deps:** update semantic-release monorepo (major) ([#​848](https://togithub.com/renovatebot/github-action/issues/848)) ([bfe0ea9](https://togithub.com/renovatebot/github-action/commit/bfe0ea93f180e1ae845b6485d33f172dd9da9b63)) ##### Build System - **deps:** lock file maintenance ([f9e5140](https://togithub.com/renovatebot/github-action/commit/f9e5140430b6c45398ce9dc0e5aff6f5b3919e79)) - **deps:** lock file maintenance ([859f2d0](https://togithub.com/renovatebot/github-action/commit/859f2d0e820d171efb6441fe80746fe75a3bcc66)) - **deps:** lock file maintenance ([f0aa6a9](https://togithub.com/renovatebot/github-action/commit/f0aa6a9a386d4f95848da82db64e8c457bea7ef9)) - **deps:** update dependency typescript to v5.5.2 ([eeae706](https://togithub.com/renovatebot/github-action/commit/eeae706dd1b6f333ffc6d900180d7700403fc34e)) ##### Continuous Integration - **deps:** update actions/checkout action to v4.1.7 ([d92d1c6](https://togithub.com/renovatebot/github-action/commit/d92d1c679bf7f9b8ed054c11f969e509e946620e)) - **deps:** update renovate docker tag to v37.388.0 ([e58e07a](https://togithub.com/renovatebot/github-action/commit/e58e07a410be684dcde222e282638cc1713f8d34)) - **deps:** update renovate docker tag to v37.388.1 ([b969215](https://togithub.com/renovatebot/github-action/commit/b969215ab1dee49c3f80b91f276866e669965b4e)) - **deps:** update renovate docker tag to v37.390.0 ([6537120](https://togithub.com/renovatebot/github-action/commit/6537120a3a2cc406700167e82ce0ec482759a512)) - **deps:** update renovate docker tag to v37.390.1 ([b39ccad](https://togithub.com/renovatebot/github-action/commit/b39ccad4a39a079c9023f1603a7952c050b98b71)) - **deps:** update renovate docker tag to v37.391.0 ([b390760](https://togithub.com/renovatebot/github-action/commit/b39076090718d04db154d469e04715714d2780ed)) - **deps:** update renovate docker tag to v37.392.0 ([b62d5e0](https://togithub.com/renovatebot/github-action/commit/b62d5e036a35e5e59bfff846f02f289f7e1f72af)) - **deps:** update renovate docker tag to v37.393.0 ([2616b2e](https://togithub.com/renovatebot/github-action/commit/2616b2e07f30ca81d387587db7488d2dd3b7452a)) - **deps:** update renovate docker tag to v37.395.0 ([bed7655](https://togithub.com/renovatebot/github-action/commit/bed7655c6752174ee310dd4cd86ca60bfb22f65b)) - **deps:** update renovate docker tag to v37.399.0 ([2040c48](https://togithub.com/renovatebot/github-action/commit/2040c48dd92ecc6b85a93806144bb2552b9a8ec7)) - **deps:** update renovate docker tag to v37.399.10 ([225db92](https://togithub.com/renovatebot/github-action/commit/225db9223290a5686007dba22480b4d6dc830831)) - **deps:** update renovate docker tag to v37.399.3 ([88330a2](https://togithub.com/renovatebot/github-action/commit/88330a288f70f2db9d38593b6656135245036dac)) - **deps:** update renovate docker tag to v37.399.8 ([cac78b1](https://togithub.com/renovatebot/github-action/commit/cac78b1786da614f25178a3fd1a7d951cedcf939)) - **deps:** update renovate docker tag to v37.401.1 ([b45d221](https://togithub.com/renovatebot/github-action/commit/b45d221c083e62a2b93ff272667beccad3067bef)) - **deps:** update renovate docker tag to v37.401.2 ([7a3b5f2](https://togithub.com/renovatebot/github-action/commit/7a3b5f2e4fbcd0a0a49d43338801e4666274f336)) - **deps:** update renovate docker tag to v37.401.4 ([d73e4b3](https://togithub.com/renovatebot/github-action/commit/d73e4b3cf83816ce01fa1ac0b705211fd368e937)) - **deps:** update renovate docker tag to v37.401.5 ([a97d457](https://togithub.com/renovatebot/github-action/commit/a97d4573f844480ef626accce038c1c3f538244d)) - **deps:** update renovate docker tag to v37.402.1 ([203a2e1](https://togithub.com/renovatebot/github-action/commit/203a2e11bd9886e374f2ee3e456a703116ec7d12)) - **deps:** update renovate docker tag to v37.404.1 ([b7493c5](https://togithub.com/renovatebot/github-action/commit/b7493c5bfada0358b35318e07bef0a2d4cf5b712)) - **deps:** update renovate docker tag to v37.406.1 ([9844fc5](https://togithub.com/renovatebot/github-action/commit/9844fc5744169479fd57cd175310cb89ef870b10)) - **deps:** update renovate docker tag to v37.406.2 ([6b1676d](https://togithub.com/renovatebot/github-action/commit/6b1676d3da13fad2100a2e8cf6c49fa8e6ad72bf)) - **deps:** update renovate docker tag to v37.407.1 ([5428f14](https://togithub.com/renovatebot/github-action/commit/5428f142eabc422aa207a377b9d9a50d8bd3b000)) - **deps:** update renovate docker tag to v37.407.2 ([0f6ba96](https://togithub.com/renovatebot/github-action/commit/0f6ba96accb8cc24a9c15c98706d6e14e74b4b20)) - **deps:** update renovate docker tag to v37.407.3 ([186a106](https://togithub.com/renovatebot/github-action/commit/186a106dbf35bddf38a20cc4149f3d01dd27f877)) - **deps:** update renovate docker tag to v37.408.0 ([d0274f1](https://togithub.com/renovatebot/github-action/commit/d0274f1e16b7ac87bd955d6e0f016a5607d967b3)) - **deps:** update renovate docker tag to v37.408.1 ([56ab7c8](https://togithub.com/renovatebot/github-action/commit/56ab7c80f3767e01294830a15e7b33d5a6080781)) - **deps:** update renovate docker tag to v37.408.2 ([23ad392](https://togithub.com/renovatebot/github-action/commit/23ad39265518d3fbdd9051e94d22b52da8bd43ab)) - **deps:** update renovate docker tag to v37.409.0 ([d00fdff](https://togithub.com/renovatebot/github-action/commit/d00fdff668bc4f1ac6e8f3b2903f760fad4878c3)) - **deps:** update renovate docker tag to v37.409.1 ([9936cc1](https://togithub.com/renovatebot/github-action/commit/9936cc155cbafa3201e3e4c79ca1628a5d44cec5)) - **deps:** update renovate docker tag to v37.410.1 ([07c293a](https://togithub.com/renovatebot/github-action/commit/07c293aa6110de7db6e522a4e41b173d0b15e5a7)) - **deps:** update renovate docker tag to v37.410.2 ([8501ada](https://togithub.com/renovatebot/github-action/commit/8501adad681dbd6cf0c22b21a00d7af74c3610f3)) - **deps:** update renovate docker tag to v37.412.1 ([a91a675](https://togithub.com/renovatebot/github-action/commit/a91a675a9fbb28a4d2937ec20ca60eadb726dfa2)) - **deps:** update renovate docker tag to v37.412.2 ([91a706b](https://togithub.com/renovatebot/github-action/commit/91a706b01e974bf885c8c24f33e0f946a0a7f3eb)) - **deps:** update renovate docker tag to v37.413.1 ([4bc2e47](https://togithub.com/renovatebot/github-action/commit/4bc2e4746623ca75627984079ab171d79cf64fae)) - **deps:** update renovate docker tag to v37.413.2 ([82cd1a4](https://togithub.com/renovatebot/github-action/commit/82cd1a48aef7ed5018713022222841aa937f3903)) - **deps:** update renovate docker tag to v37.413.3 ([c183ec8](https://togithub.com/renovatebot/github-action/commit/c183ec8712a595debc5e14f85805142184cdbf1b)) - **deps:** update renovate docker tag to v37.413.4 ([195bea4](https://togithub.com/renovatebot/github-action/commit/195bea467251e40012ce76ef4f7e6291333c882f)) - **deps:** update renovate docker tag to v37.414.0 ([3c2f890](https://togithub.com/renovatebot/github-action/commit/3c2f8900d38fb47435a6b9c80c6073f448dfd5ec)) - **deps:** update renovate docker tag to v37.414.1 ([8efba2f](https://togithub.com/renovatebot/github-action/commit/8efba2f7452188443ba9bfd64e236d3d40635bf7)) - **deps:** update renovate docker tag to v37.415.0 ([221a5ff](https://togithub.com/renovatebot/github-action/commit/221a5ff8f4f31b8a4ba8aa6f0c05302a5a7348c2)) - **deps:** update renovate docker tag to v37.417.1 ([7850b39](https://togithub.com/renovatebot/github-action/commit/7850b398ee7a3ec1f49fc30e953833daa8744f2a)) - **deps:** update renovate docker tag to v37.419.0 ([b297b93](https://togithub.com/renovatebot/github-action/commit/b297b930fac322dfc40f23ecd4a81d32c14517f7)) - **deps:** update renovate docker tag to v37.419.1 ([b4f97bb](https://togithub.com/renovatebot/github-action/commit/b4f97bb6a0a14973d1c84fee11f6618055b967ad)) - **deps:** update renovate docker tag to v37.420.1 ([6a8705c](https://togithub.com/renovatebot/github-action/commit/6a8705c2efcc9a2ffdf3038facc2cc5d6b805ef0)) - **deps:** update renovate docker tag to v37.421.0 ([b79224e](https://togithub.com/renovatebot/github-action/commit/b79224e398a2eddfd22f6fa3f7566c30ac5724b0)) - **deps:** update renovate docker tag to v37.421.1 ([d210104](https://togithub.com/renovatebot/github-action/commit/d2101042d82b2ed749614a44ab55f9f76c76fb86)) - **deps:** update renovate docker tag to v37.421.2 ([1b88eda](https://togithub.com/renovatebot/github-action/commit/1b88eda8776e4f82ba524f275d6d9aff0ac05ec5)) - **deps:** update renovate docker tag to v37.421.3 ([3172258](https://togithub.com/renovatebot/github-action/commit/31722580834491869caadf88535218ed43dbf446)) - **deps:** update renovate docker tag to v37.421.5 ([5a127d9](https://togithub.com/renovatebot/github-action/commit/5a127d969d9d43d9fa221c6ac862896960fd367a)) - **deps:** update renovate docker tag to v37.421.6 ([031bba2](https://togithub.com/renovatebot/github-action/commit/031bba2f1808a41e67aab536e4a91f9ea830b418)) - **deps:** update renovate docker tag to v37.421.7 ([c9067a7](https://togithub.com/renovatebot/github-action/commit/c9067a73ab902c53f2242f239f560b0a43dea17e)) - **deps:** update renovate docker tag to v37.421.9 ([59545c6](https://togithub.com/renovatebot/github-action/commit/59545c60fd01818672b4336309e06f662ed988be)) ### [`v40.1.12`](https://togithub.com/renovatebot/github-action/releases/tag/v40.1.12) [Compare Source](https://togithub.com/renovatebot/github-action/compare/v40.1.11...v40.1.12) ##### Documentation - add section about commit signing using GitHub App ([#​838](https://togithub.com/renovatebot/github-action/issues/838)) ([6537be5](https://togithub.com/renovatebot/github-action/commit/6537be502beb6ec24d09026f88f1fccf1f716890)) - clarify file naming ([#​835](https://togithub.com/renovatebot/github-action/issues/835)) ([e063ae9](https://togithub.com/renovatebot/github-action/commit/e063ae963e472fcbda01b080631c7cc4d42d732a)) - update references to actions/checkout to v4.1.5 ([9f55642](https://togithub.com/renovatebot/github-action/commit/9f556420b415b25d5cb3004f280e181fc52bf795)) - update references to actions/checkout to v4.1.6 ([ef89c4f](https://togithub.com/renovatebot/github-action/commit/ef89c4f2784ce14b5d8d9f1cb4e7ebb35c851c11)) - update references to ghcr.io/renovatebot/renovate to v37.342.1 ([9912bcb](https://togithub.com/renovatebot/github-action/commit/9912bcb97df4615c446b93de13a0951c165215f7)) - update references to ghcr.io/renovatebot/renovate to v37.356.1 ([fb25c83](https://togithub.com/renovatebot/github-action/commit/fb25c831953a81748b9f1b121a4fb0e927f9f34b)) - update references to ghcr.io/renovatebot/renovate to v37.385.0 ([af35cfd](https://togithub.com/renovatebot/github-action/commit/af35cfd69505ff53eca31ab9cc4716390eab289e)) - update references to renovatebot/github-action to v40.1.11 ([ded0be5](https://togithub.com/renovatebot/github-action/commit/ded0be57b427f64ffcb247ee675cfc84ca1e26d7)) ##### Miscellaneous Chores - **deps:** update dependency [@​types/node](https://togithub.com/types/node) to v20.12.10 ([b03198a](https://togithub.com/renovatebot/github-action/commit/b03198a090960eeacfe91c80c257422cc4ffc587)) - **deps:** update dependency [@​types/node](https://togithub.com/types/node) to v20.12.11 ([264a396](https://togithub.com/renovatebot/github-action/commit/264a396747cce18ad09968d7edd7b3d42f22d24c)) - **deps:** update dependency [@​types/node](https://togithub.com/types/node) to v20.12.12 ([38a7ea3](https://togithub.com/renovatebot/github-action/commit/38a7ea3b017ffaf094ade08501a3f8ce38427bc0)) - **deps:** update dependency [@​types/node](https://togithub.com/types/node) to v20.12.8 ([809e5eb](https://togithub.com/renovatebot/github-action/commit/809e5eb2d7c57149cfaa5811cc7207b1fb07c0a0)) - **deps:** update dependency [@​types/node](https://togithub.com/types/node) to v20.12.9 ([bfe08a7](https://togithub.com/renovatebot/github-action/commit/bfe08a7f2ab21b93ba2c7af5bb8141ed80f5451c)) - **deps:** update dependency lint-staged to v15.2.4 ([e2c0ea7](https://togithub.com/renovatebot/github-action/commit/e2c0ea7650c5bc2918b744eddc8bc9f45f9d78a2)) - **deps:** update dependency lint-staged to v15.2.5 ([d9d9189](https://togithub.com/renovatebot/github-action/commit/d9d9189a63217d41dc2b46e41dcfab3152f9ffb9)) - **deps:** update dependency npm-run-all2 to v6.2.0 ([05e22d8](https://togithub.com/renovatebot/github-action/commit/05e22d86dff0511bb8c40afe9daf6f2fbf2e1897)) - **deps:** update dependency rimraf to v5.0.6 ([04130f6](https://togithub.com/renovatebot/github-action/commit/04130f6d4c94ec0c62d18da0b2daa4ee90bc9609)) - **deps:** update dependency rimraf to v5.0.7 ([c77a685](https://togithub.com/renovatebot/github-action/commit/c77a6852c5d0d7421b0b5d987617695e1cbe5d24)) - **deps:** update dependency semantic-release to v23.1.1 ([2129005](https://togithub.com/renovatebot/github-action/commit/21290052d4e870e43a87feca58731d3d943578b2)) - **deps:** update pnpm to v8.15.8 ([c40251f](https://togithub.com/renovatebot/github-action/commit/c40251f758fe5ceac86e0569d5dd512145a1d852)) ##### Build System - **deps:** lock file maintenance ([2b0dd43](https://togithub.com/renovatebot/github-action/commit/2b0dd43600e17c9de973b1d2daacae3e2e73c9b5)) ##### Continuous Integration - **deps:** update actions/checkout action to v4.1.5 ([726c6ce](https://togithub.com/renovatebot/github-action/commit/726c6ce34c0d699156ba33507bb70be495a46186)) - **deps:** update actions/checkout action to v4.1.6 ([c469b8b](https://togithub.com/renovatebot/github-action/commit/c469b8b354d1eb80ba1e0f031057c07b8a59444e)) - **deps:** update renovate docker tag to v37.327.2 ([a5a32e5](https://togithub.com/renovatebot/github-action/commit/a5a32e51a075f1ebac37777cf18f650a32fb529c)) - **deps:** update renovate docker tag to v37.329.0 ([80ac7b0](https://togithub.com/renovatebot/github-action/commit/80ac7b01be6172f24aba9717faee95ffee97585f)) - **deps:** update renovate docker tag to v37.329.1 ([c860f8b](https://togithub.com/renovatebot/github-action/commit/c860f8b8964e1d91b9ca08683205603662fed18c)) - **deps:** update renovate docker tag to v37.330.0 ([4ac1023](https://togithub.com/renovatebot/github-action/commit/4ac10236c5baeb06e177f8190ab8758c50326cee)) - **deps:** update renovate docker tag to v37.336.0 ([c3a2a92](https://togithub.com/renovatebot/github-action/commit/c3a2a928e119581e14718c5d12a02f8d71e3a6ee)) - **deps:** update renovate docker tag to v37.340.4 ([a5c073e](https://togithub.com/renovatebot/github-action/commit/a5c073e469ee7a1102440ee4ae7f24fdfb4c7948)) - **deps:** update renovate docker tag to v37.340.5 ([7c8209b](https://togithub.com/renovatebot/github-action/commit/7c8209bb7c099736295c3638e38d333f1e54927f)) - **deps:** update renovate docker tag to v37.340.7 ([#​836](https://togithub.com/renovatebot/github-action/issues/836)) ([c83cffd](https://togithub.com/renovatebot/github-action/commit/c83cffd8fdbfb314cddd0d43b7f37b4b5ef19cf2)) - **deps:** update renovate docker tag to v37.340.8 ([747a790](https://togithub.com/renovatebot/github-action/commit/747a790b165a5dce90d41fd6dfe4b8a8ba800579)) - **deps:** update renovate docker tag to v37.340.9 ([9510584](https://togithub.com/renovatebot/github-action/commit/95105845ebd7d51e8e6c84ec030c923d3a01aeb0)) - **deps:** update renovate docker tag to v37.342.1 ([8370a32](https://togithub.com/renovatebot/github-action/commit/8370a32dd5944d75ec6b46a339cc0aea175d4989)) - **deps:** update renovate docker tag to v37.347.0 ([f30f9cd](https://togithub.com/renovatebot/github-action/commit/f30f9cd8d50d50d1662219d698935b2ae0f2d766)) - **deps:** update renovate docker tag to v37.349.2 ([ccae59d](https://togithub.com/renovatebot/github-action/commit/ccae59db5d3ef0b7c8cc3b8f4555dd0404f5d8ef)) - **deps:** update renovate docker tag to v37.349.3 ([c3f50f9](https://togithub.com/renovatebot/github-action/commit/c3f50f9b44a55c6f999540eb0476b12fea58d320)) - **deps:** update renovate docker tag to v37.351.2 ([5aa9fd4](https://togithub.com/renovatebot/github-action/commit/5aa9fd46f8c589ae1835c7da88707087c3806128)) - **deps:** update renovate docker tag to v37.353.0 ([fc254a7](https://togithub.com/renovatebot/github-action/commit/fc254a73a4fd852140702be0139f94696d6afbce)) - **deps:** update renovate docker tag to v37.353.1 ([32702b1](https://togithub.com/renovatebot/github-action/commit/32702b14ab1b59cc09068f98363e0e5e141b6451)) - **deps:** update renovate docker tag to v37.354.1 ([64b8e78](https://togithub.com/renovatebot/github-action/commit/64b8e786f7c0018adaa804ea5abfe5a79952b90d)) - **deps:** update renovate docker tag to v37.354.6 ([835916b](https://togithub.com/renovatebot/github-action/commit/835916b732a41521c853a977237d65e291f16052)) - **deps:** update renovate docker tag to v37.355.1 ([fa66f0f](https://togithub.com/renovatebot/github-action/commit/fa66f0ff32e0164b85f37d788ddab92f2cab2f17)) - **deps:** update renovate docker tag to v37.356.0 ([f26bed6](https://togithub.com/renovatebot/github-action/commit/f26bed602856bd57505a47729b51a5ca9477969b)) - **deps:** update renovate docker tag to v37.356.1 ([0cb6900](https://togithub.com/renovatebot/github-action/commit/0cb69003a70da39e0cd38dcb268214e63f56ba39)) - **deps:** update renovate docker tag to v37.358.0 ([8d0582d](https://togithub.com/renovatebot/github-action/commit/8d0582d0337d6ebbbad3748b03bd03a95dcae61e)) - **deps:** update renovate docker tag to v37.363.9 ([1bb8d42](https://togithub.com/renovatebot/github-action/commit/1bb8d42866ba2bad4194025ddc4145de83f076c7)) - **deps:** update renovate docker tag to v37.368.1 ([012ab12](https://togithub.com/renovatebot/github-action/commit/012ab121a89fd9aaea061a444e98305eb1411388)) - **deps:** update renovate docker tag to v37.368.6 ([129d6fe](https://togithub.com/renovatebot/github-action/commit/129d6fead07bd76b341fe9d7da6dbf8753e785b2)) - **deps:** update renovate docker tag to v37.368.7 ([f4404cb](https://togithub.com/renovatebot/github-action/commit/f4404cb99963a0ff826684e4069b079cdc805e01)) - **deps:** update renovate docker tag to v37.368.9 ([45e5900](https://togithub.com/renovatebot/github-action/commit/45e590035ffa37686885cb8d15cc5d05f0585715)) - **deps:** update renovate docker tag to v37.371.1 ([e966f22](https://togithub.com/renovatebot/github-action/commit/e966f228d3c26b9d59a53b68385fdaf14aefb333)) - **deps:** update renovate docker tag to v37.374.3 ([ed9467d](https://togithub.com/renovatebot/github-action/commit/ed9467d63e501a7e9e4278bc78ae01513c7a970e)) - **deps:** update renovate docker tag to v37.375.2 ([a57ae60](https://togithub.com/renovatebot/github-action/commit/a57ae609afe8909882d2993eb42257af730efe16)) - **deps:** update renovate docker tag to v37.377.0 ([7cd9e62](https://togithub.com/renovatebot/github-action/commit/7cd9e62c064773130d312f57f3b40e86de3571cd)) - **deps:** update renovate docker tag to v37.377.2 ([c5b906f](https://togithub.com/renovatebot/github-action/commit/c5b906f5713e2fda647190ad655578e687259dc0)) - **deps:** update renovate docker tag to v37.377.4 ([11c642f](https://togithub.com/renovatebot/github-action/commit/11c642fc174a22c44e4b4d7f9061dd620277861e)) - **deps:** update renovate docker tag to v37.377.5 ([6be22c7](https://togithub.com/renovatebot/github-action/commit/6be22c7d53cd676f698ce343b61e1cc792b58ef6)) - **deps:** update renovate docker tag to v37.377.6 ([1c7d894](https://togithub.com/renovatebot/github-action/commit/1c7d894f0988ccb81d6684b78c3dd6126c9cd0fd)) - **deps:** update renovate docker tag to v37.377.7 ([eeb5134](https://togithub.com/renovatebot/github-action/commit/eeb5134ff67e97b0b8e3b6f23a68ae1f129badd3)) - **deps:** update renovate docker tag to v37.377.8 ([9d4b1c8](https://togithub.com/renovatebot/github-action/commit/9d4b1c86613e3e2807fd93bcc4ee42ee4800f004)) - **deps:** update renovate docker tag to v37.379.0 ([72ad8b1](https://togithub.com/renovatebot/github-action/commit/72ad8b19421c1e310818c0732187f00706323536)) - **deps:** update renovate docker tag to v37.381.10 ([16df9eb](https://togithub.com/renovatebot/github-action/commit/16df9ebe4462114b7dc571e804795de6eb459814)) - **deps:** update renovate docker tag to v37.381.2 ([2fd6048](https://togithub.com/renovatebot/github-action/commit/2fd6048513690e1da59828fad87f2ed3ef7cb598)) - **deps:** update renovate docker tag to v37.381.3 ([2132b87](https://togithub.com/renovatebot/github-action/commit/2132b8745dc0e9dfbbc0edac29cf991510d2a958)) - **deps:** update renovate docker tag to v37.381.4 ([30625d1](https://togithub.com/renovatebot/github-action/commit/30625d1ce7067a50a5011042ea3f8a1d7ae51a77)) - **deps:** update renovate docker tag to v37.381.6 ([8050d3a](https://togithub.com/renovatebot/github-action/commit/8050d3afe4041a3649215e5d17176aea70d14b02)) - **deps:** update renovate docker tag to v37.381.7 ([6723050](https://togithub.com/renovatebot/github-action/commit/6723050f27bca3cd3be391f3f0eff5dbbc23dbbe)) - **deps:** update renovate docker tag to v37.381.8 ([fa4b235](https://togithub.com/renovatebot/github-action/commit/fa4b23586c3fcae4fe3945f4ef6872350268ee49)) - **deps:** update renovate docker tag to v37.381.9 ([d51bce0](https://togithub.com/renovatebot/github-action/commit/d51bce0f1382c975674ae56a60eeba4322e14af4)) - **deps:** update renovate docker tag to v37.382.3 ([a7244bf](https://togithub.com/renovatebot/github-action/commit/a7244bfd4a66b24c294e66f3fef2f681e65b0b7f)) - **deps:** update renovate docker tag to v37.382.4 ([9672df0](https://togithub.com/renovatebot/github-action/commit/9672df09e6d6725bcd3699c60208ec42b40587ed)) - **deps:** update renovate docker tag to v37.384.0 ([2499cb4](https://togithub.com/renovatebot/github-action/commit/2499cb44da5c7cdf0050ca21481ffcc8f1d33593)) - **deps:** update renovate docker tag to v37.385.0 ([40dc267](https://togithub.com/renovatebot/github-action/commit/40dc267f03f2d356a075cbaf499fa1ec8c467469)) </details> <details> <summary>tailwindlabs/tailwindcss (tailwindcss)</summary> ### [`v3.4.5`](https://togithub.com/tailwindlabs/tailwindcss/releases/tag/v3.4.5) [Compare Source](https://togithub.com/tailwindlabs/tailwindcss/compare/v3.4.4...v3.4.5) ##### Fixed - Disable automatic `var()` injection for anchor properties ([#​13826](https://togithub.com/tailwindlabs/tailwindcss/pull/13826)) - Use no value instead of `blur(0px)` for `backdrop-blur-none` and `blur-none` utilities ([#​13830](https://togithub.com/tailwindlabs/tailwindcss/pull/13830)) - Add `.mts` and `.cts` config file detection ([#​13940](https://togithub.com/tailwindlabs/tailwindcss/pull/13940)) - Don't generate utilities like `px-1` unnecessarily when using utilities like `px-1.5` ([#​13959](https://togithub.com/tailwindlabs/tailwindcss/pull/13959)) - Always generate `-webkit-backdrop-filter` for `backdrop-*` utilities ([#​13997](https://togithub.com/tailwindlabs/tailwindcss/pull/13997)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://togithub.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40NDAuMCIsInVwZGF0ZWRJblZlciI6IjM3LjQ0MC4wIiwidGFyZ2V0QnJhbmNoIjoiZGV2ZWxvcCIsImxhYmVscyI6W119--> Co-authored-by: Renovate Bot <renovate@whitesourcesoftware.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Pulls in latest toolkit changes for @actions/artifact: actions/toolkit#1724