build(deps): bump actions/dependency-review-action from 4.4.0 to 4.5.0 #3913
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.4.0 to 4.5.0. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@4081bf9...3b139cf) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
added
dependencies
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
dependabot
bot
deleted the
dependabot/github_actions/actions/dependency-review-action-4.5.0
branch
Merged
create-app-token-action-releaser bot
pushed a commit
to actions/create-github-app-token
that referenced
this pull request
Jan 30, 2025
## [1.11.2](v1.11.1...v1.11.2) (2025-01-30) ### Bug Fixes * **deps:** bump @octokit/request from 9.1.3 to 9.1.4 in the production-dependencies group ([#196](#196)) ([b4192a5](b4192a5)), closes [#730](https://github.com/actions/create-github-app-token/issues/730) [#730](https://github.com/actions/create-github-app-token/issues/730) [#729](https://github.com/actions/create-github-app-token/issues/729) [#727](https://github.com/actions/create-github-app-token/issues/727) [#726](https://github.com/actions/create-github-app-token/issues/726) [#723](https://github.com/actions/create-github-app-token/issues/723) [#724](https://github.com/actions/create-github-app-token/issues/724) [#722](https://github.com/actions/create-github-app-token/issues/722) [#721](https://github.com/actions/create-github-app-token/issues/721) [#720](https://github.com/actions/create-github-app-token/issues/720) [#719](https://github.com/actions/create-github-app-token/issues/719) * **deps:** bump undici from 6.19.8 to 7.2.0 ([#198](#198)) ([29aa051](29aa051)), closes [nodejs/undici#3958](nodejs/undici#3958) [nodejs/undici#3955](nodejs/undici#3955) [nodejs/undici#3962](nodejs/undici#3962) [nodejs/undici#3921](nodejs/undici#3921) [nodejs/undici#3923](nodejs/undici#3923) [nodejs/undici#3925](nodejs/undici#3925) [nodejs/undici#3926](nodejs/undici#3926) [nodejs/undici#3924](nodejs/undici#3924) [nodejs/undici#3933](nodejs/undici#3933) [nodejs/undici#3916](nodejs/undici#3916) [nodejs/undici#3930](nodejs/undici#3930) [nodejs/undici#3938](nodejs/undici#3938) [#3937](https://github.com/actions/create-github-app-token/issues/3937) [nodejs/undici#3940](nodejs/undici#3940) [nodejs/undici#3931](nodejs/undici#3931) [nodejs/undici#3941](nodejs/undici#3941) [nodejs/undici#3911](nodejs/undici#3911) [nodejs/undici#3888](nodejs/undici#3888) [nodejs/undici#3939](nodejs/undici#3939) [nodejs/undici#3947](nodejs/undici#3947) [nodejs/undici#3945](nodejs/undici#3945) [nodejs/undici#3916](nodejs/undici#3916) [nodejs/undici#3893](nodejs/undici#3893) [nodejs/undici#3902](nodejs/undici#3902) [#3901](https://github.com/actions/create-github-app-token/issues/3901) [nodejs/undici#3903](nodejs/undici#3903) [nodejs/undici#3905](nodejs/undici#3905) [nodejs/undici#3900](nodejs/undici#3900) [nodejs/undici#3913](nodejs/undici#3913) [nodejs/undici#3910](nodejs/undici#3910) [nodejs/undici#3909](nodejs/undici#3909) [nodejs/undici#3906](nodejs/undici#3906) [nodejs/undici#3922](nodejs/undici#3922) [#3962](https://github.com/actions/create-github-app-token/issues/3962) [#3955](https://github.com/actions/create-github-app-token/issues/3955) [#3958](https://github.com/actions/create-github-app-token/issues/3958) [#3945](https://github.com/actions/create-github-app-token/issues/3945) [#3947](https://github.com/actions/create-github-app-token/issues/3947) [#3939](https://github.com/actions/create-github-app-token/issues/3939) [#3888](https://github.com/actions/create-github-app-token/issues/3888) [#3911](https://github.com/actions/create-github-app-token/issues/3911) [#3941](https://github.com/actions/create-github-app-token/issues/3941)
bloopy-boi bot
added a commit
to h3mmy/bloopyboi
that referenced
this pull request
Jan 31, 2025
…→ v1.11.2 ) (#459) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | action | patch | `v1.11.1` -> `v1.11.2` | --- ### Release Notes <details> <summary>actions/create-github-app-token (actions/create-github-app-token)</summary> ### [`v1.11.2`](https://github.com/actions/create-github-app-token/releases/tag/v1.11.2) [Compare Source](https://github.com/actions/create-github-app-token/compare/v1.11.1...v1.11.2) ##### Bug Fixes - **deps:** bump [@​octokit/request](https://github.com/octokit/request) from 9.1.3 to 9.1.4 in the production-dependencies group ([#​196](https://github.com/actions/create-github-app-token/issues/196)) ([b4192a5](https://github.com/actions/create-github-app-token/commit/b4192a5b3659c0e5875f868c44727ef4ecc5d579)), closes [#​730](https://github.com/actions/create-github-app-token/issues/730) [#​730](https://github.com/actions/create-github-app-token/issues/730) [#​729](https://github.com/actions/create-github-app-token/issues/729) [#​727](https://github.com/actions/create-github-app-token/issues/727) [#​726](https://github.com/actions/create-github-app-token/issues/726) [#​723](https://github.com/actions/create-github-app-token/issues/723) [#​724](https://github.com/actions/create-github-app-token/issues/724) [#​722](https://github.com/actions/create-github-app-token/issues/722) [#​721](https://github.com/actions/create-github-app-token/issues/721) [#​720](https://github.com/actions/create-github-app-token/issues/720) [#​719](https://github.com/actions/create-github-app-token/issues/719) - **deps:** bump undici from 6.19.8 to 7.2.0 ([#​198](https://github.com/actions/create-github-app-token/issues/198)) ([29aa051](https://github.com/actions/create-github-app-token/commit/29aa0514a79f3b4aa8b1547173a41455949e4bf6)), closes [nodejs/undici#3958](https://github.com/nodejs/undici/issues/3958) [nodejs/undici#3955](https://github.com/nodejs/undici/issues/3955) [nodejs/undici#3962](https://github.com/nodejs/undici/issues/3962) [nodejs/undici#3921](https://github.com/nodejs/undici/issues/3921) [nodejs/undici#3923](https://github.com/nodejs/undici/issues/3923) [nodejs/undici#3925](https://github.com/nodejs/undici/issues/3925) [nodejs/undici#3926](https://github.com/nodejs/undici/issues/3926) [nodejs/undici#3924](https://github.com/nodejs/undici/issues/3924) [nodejs/undici#3933](https://github.com/nodejs/undici/issues/3933) [nodejs/undici#3916](https://github.com/nodejs/undici/issues/3916) [nodejs/undici#3930](https://github.com/nodejs/undici/issues/3930) [nodejs/undici#3938](https://github.com/nodejs/undici/issues/3938) [#​3937](https://github.com/actions/create-github-app-token/issues/3937) [nodejs/undici#3940](https://github.com/nodejs/undici/issues/3940) [nodejs/undici#3931](https://github.com/nodejs/undici/issues/3931) [nodejs/undici#3941](https://github.com/nodejs/undici/issues/3941) [nodejs/undici#3911](https://github.com/nodejs/undici/issues/3911) [nodejs/undici#3888](https://github.com/nodejs/undici/issues/3888) [nodejs/undici#3939](https://github.com/nodejs/undici/issues/3939) [nodejs/undici#3947](https://github.com/nodejs/undici/issues/3947) [nodejs/undici#3945](https://github.com/nodejs/undici/issues/3945) [nodejs/undici#3916](https://github.com/nodejs/undici/issues/3916) [nodejs/undici#3893](https://github.com/nodejs/undici/issues/3893) [nodejs/undici#3902](https://github.com/nodejs/undici/issues/3902) [#​3901](https://github.com/actions/create-github-app-token/issues/3901) [nodejs/undici#3903](https://github.com/nodejs/undici/issues/3903) [nodejs/undici#3905](https://github.com/nodejs/undici/issues/3905) [nodejs/undici#3900](https://github.com/nodejs/undici/issues/3900) [nodejs/undici#3913](https://github.com/nodejs/undici/issues/3913) [nodejs/undici#3910](https://github.com/nodejs/undici/issues/3910) [nodejs/undici#3909](https://github.com/nodejs/undici/issues/3909) [nodejs/undici#3906](https://github.com/nodejs/undici/issues/3906) [nodejs/undici#3922](https://github.com/nodejs/undici/issues/3922) [#​3962](https://github.com/actions/create-github-app-token/issues/3962) [#​3955](https://github.com/actions/create-github-app-token/issues/3955) [#​3958](https://github.com/actions/create-github-app-token/issues/3958) [#​3945](https://github.com/actions/create-github-app-token/issues/3945) [#​3947](https://github.com/actions/create-github-app-token/issues/3947) [#​3939](https://github.com/actions/create-github-app-token/issues/3939) [#​3888](https://github.com/actions/create-github-app-token/issues/3888) [#​3911](https://github.com/actions/create-github-app-token/issues/3911) [#​3941](https://github.com/actions/create-github-app-token/issues/3941) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xNDYuMSIsInVwZGF0ZWRJblZlciI6IjM5LjE0Ni4xIiwidGFyZ2V0QnJhbmNoIjoiZGV2IiwibGFiZWxzIjpbInJlbm92YXRlL2dpdGh1Yi1hY3Rpb24iLCJyZW5vdmF0ZS9naXRodWItcmVsZWFzZSIsInR5cGUvcGF0Y2giXX0=--> Co-authored-by: bloopy-boi[bot] <98279278+bloopy-boi[bot]@users.noreply.github.com>
renovate bot
added a commit
to Hapag-Lloyd/Workflow-Templates
that referenced
this pull request
Feb 1, 2025
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://github.com/actions/checkout) | action | minor | `v4.1.1` -> `v4.2.2` | | [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | action | patch | `v1.11.1` -> `v1.11.2` | | [actions/setup-java](https://github.com/actions/setup-java) | action | minor | `v4.6.0` -> `v4.7.0` | | [actions/setup-node](https://github.com/actions/setup-node) | action | minor | `v4.1.0` -> `v4.2.0` | | [actions/setup-python](https://github.com/actions/setup-python) | action | minor | `v4.7.1` -> `v4.8.0` | | [actions/stale](https://github.com/actions/stale) | action | minor | `v9.0.0` -> `v9.1.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | action | minor | `v4.5.0` -> `v4.6.0` | | [astral-sh/ruff-action](https://github.com/astral-sh/ruff-action) | action | minor | `v3.0.1` -> `v3.1.0` | | [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | action | patch | `v4.0.2` -> `v4.0.3` | | [docker/build-push-action](https://github.com/docker/build-push-action) | action | minor | `v6.11.0` -> `v6.13.0` | | [github/codeql-action](https://github.com/github/codeql-action) | action | patch | `v3.28.0` -> `v3.28.8` | | [hoverkraft-tech/compose-action](https://github.com/hoverkraft-tech/compose-action) | action | minor | `v2.0.1` -> `v2.2.0` | | rhysd/actionlint | container | patch | `1.7.6` -> `1.7.7` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.2.2`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v422) [Compare Source](https://github.com/actions/checkout/compare/v4.2.1...v4.2.2) - `url-helper.ts` now leverages well-known environment variables by [@​jww3](https://github.com/jww3) in [https://github.com/actions/checkout/pull/1941](https://github.com/actions/checkout/pull/1941) - Expand unit test coverage for `isGhes` by [@​jww3](https://github.com/jww3) in [https://github.com/actions/checkout/pull/1946](https://github.com/actions/checkout/pull/1946) ### [`v4.2.1`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v421) [Compare Source](https://github.com/actions/checkout/compare/v4.2.0...v4.2.1) - Check out other refs/\* by commit if provided, fall back to ref by [@​orhantoy](https://github.com/orhantoy) in [https://github.com/actions/checkout/pull/1924](https://github.com/actions/checkout/pull/1924) ### [`v4.2.0`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v420) [Compare Source](https://github.com/actions/checkout/compare/v4.1.7...v4.2.0) - Add Ref and Commit outputs by [@​lucacome](https://github.com/lucacome) in [https://github.com/actions/checkout/pull/1180](https://github.com/actions/checkout/pull/1180) - Dependency updates by [@​dependabot-](https://github.com/dependabot-) [https://github.com/actions/checkout/pull/1777](https://github.com/actions/checkout/pull/1777), [https://github.com/actions/checkout/pull/1872](https://github.com/actions/checkout/pull/1872) ### [`v4.1.7`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v417) [Compare Source](https://github.com/actions/checkout/compare/v4.1.6...v4.1.7) - Bump the minor-npm-dependencies group across 1 directory with 4 updates by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/checkout/pull/1739](https://github.com/actions/checkout/pull/1739) - Bump actions/checkout from 3 to 4 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/checkout/pull/1697](https://github.com/actions/checkout/pull/1697) - Check out other refs/\* by commit by [@​orhantoy](https://github.com/orhantoy) in [https://github.com/actions/checkout/pull/1774](https://github.com/actions/checkout/pull/1774) - Pin actions/checkout's own workflows to a known, good, stable version. by [@​jww3](https://github.com/jww3) in [https://github.com/actions/checkout/pull/1776](https://github.com/actions/checkout/pull/1776) ### [`v4.1.6`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416) [Compare Source](https://github.com/actions/checkout/compare/v4.1.5...v4.1.6) - Check platform to set archive extension appropriately by [@​cory-miller](https://github.com/cory-miller) in [https://github.com/actions/checkout/pull/1732](https://github.com/actions/checkout/pull/1732) ### [`v4.1.5`](https://github.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://github.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@​cory-miller](https://github.com/cory-miller) in [https://github.com/actions/checkout/pull/1703](https://github.com/actions/checkout/pull/1703) - Bump github/codeql-action from 2 to 3 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/checkout/pull/1694](https://github.com/actions/checkout/pull/1694) - Bump actions/setup-node from 1 to 4 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/checkout/pull/1696](https://github.com/actions/checkout/pull/1696) - Bump actions/upload-artifact from 2 to 4 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/checkout/pull/1695](https://github.com/actions/checkout/pull/1695) - README: Suggest `user.email` to be `41898282+github-actions[bot]@​users.noreply.github.com` by [@​cory-miller](https://github.com/cory-miller) in [https://github.com/actions/checkout/pull/1707](https://github.com/actions/checkout/pull/1707) **Full Changelog**: actions/checkout@v4.1.4...v4.1.5 ### [`v4.1.4`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414) [Compare Source](https://github.com/actions/checkout/compare/v4.1.3...v4.1.4) - Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by [@​jww3](https://github.com/jww3) in [https://github.com/actions/checkout/pull/1692](https://github.com/actions/checkout/pull/1692) - Add dependabot config by [@​cory-miller](https://github.com/cory-miller) in [https://github.com/actions/checkout/pull/1688](https://github.com/actions/checkout/pull/1688) - Bump the minor-actions-dependencies group with 2 updates by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/checkout/pull/1693](https://github.com/actions/checkout/pull/1693) - Bump word-wrap from 1.2.3 to 1.2.5 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/checkout/pull/1643](https://github.com/actions/checkout/pull/1643) ### [`v4.1.3`](https://github.com/actions/checkout/releases/tag/v4.1.3) [Compare Source](https://github.com/actions/checkout/compare/v4.1.2...v4.1.3) #### What's Changed - Update `actions/checkout` version in `update-main-version.yml` by [@​jww3](https://github.com/jww3) in [https://github.com/actions/checkout/pull/1650](https://github.com/actions/checkout/pull/1650) - Check git version before attempting to disable `sparse-checkout` by [@​jww3](https://github.com/jww3) in [https://github.com/actions/checkout/pull/1656](https://github.com/actions/checkout/pull/1656) - Add SSH user parameter by [@​cory-miller](https://github.com/cory-miller) in [https://github.com/actions/checkout/pull/1685](https://github.com/actions/checkout/pull/1685) **Full Changelog**: actions/checkout@v4.1.2...v4.1.3 ### [`v4.1.2`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412) [Compare Source](https://github.com/actions/checkout/compare/v4.1.1...v4.1.2) - Fix: Disable sparse checkout whenever `sparse-checkout` option is not present [@​dscho](https://github.com/dscho) in [https://github.com/actions/checkout/pull/1598](https://github.com/actions/checkout/pull/1598) </details> <details> <summary>actions/create-github-app-token (actions/create-github-app-token)</summary> ### [`v1.11.2`](https://github.com/actions/create-github-app-token/releases/tag/v1.11.2) [Compare Source](https://github.com/actions/create-github-app-token/compare/v1.11.1...v1.11.2) ##### Bug Fixes - **deps:** bump [@​octokit/request](https://github.com/octokit/request) from 9.1.3 to 9.1.4 in the production-dependencies group ([#​196](https://github.com/actions/create-github-app-token/issues/196)) ([b4192a5](https://github.com/actions/create-github-app-token/commit/b4192a5b3659c0e5875f868c44727ef4ecc5d579)), closes [#​730](https://github.com/actions/create-github-app-token/issues/730) [#​730](https://github.com/actions/create-github-app-token/issues/730) [#​729](https://github.com/actions/create-github-app-token/issues/729) [#​727](https://github.com/actions/create-github-app-token/issues/727) [#​726](https://github.com/actions/create-github-app-token/issues/726) [#​723](https://github.com/actions/create-github-app-token/issues/723) [#​724](https://github.com/actions/create-github-app-token/issues/724) [#​722](https://github.com/actions/create-github-app-token/issues/722) [#​721](https://github.com/actions/create-github-app-token/issues/721) [#​720](https://github.com/actions/create-github-app-token/issues/720) [#​719](https://github.com/actions/create-github-app-token/issues/719) - **deps:** bump undici from 6.19.8 to 7.2.0 ([#​198](https://github.com/actions/create-github-app-token/issues/198)) ([29aa051](https://github.com/actions/create-github-app-token/commit/29aa0514a79f3b4aa8b1547173a41455949e4bf6)), closes [nodejs/undici#3958](https://github.com/nodejs/undici/issues/3958) [nodejs/undici#3955](https://github.com/nodejs/undici/issues/3955) [nodejs/undici#3962](https://github.com/nodejs/undici/issues/3962) [nodejs/undici#3921](https://github.com/nodejs/undici/issues/3921) [nodejs/undici#3923](https://github.com/nodejs/undici/issues/3923) [nodejs/undici#3925](https://github.com/nodejs/undici/issues/3925) [nodejs/undici#3926](https://github.com/nodejs/undici/issues/3926) [nodejs/undici#3924](https://github.com/nodejs/undici/issues/3924) [nodejs/undici#3933](https://github.com/nodejs/undici/issues/3933) [nodejs/undici#3916](https://github.com/nodejs/undici/issues/3916) [nodejs/undici#3930](https://github.com/nodejs/undici/issues/3930) [nodejs/undici#3938](https://github.com/nodejs/undici/issues/3938) [#​3937](https://github.com/actions/create-github-app-token/issues/3937) [nodejs/undici#3940](https://github.com/nodejs/undici/issues/3940) [nodejs/undici#3931](https://github.com/nodejs/undici/issues/3931) [nodejs/undici#3941](https://github.com/nodejs/undici/issues/3941) [nodejs/undici#3911](https://github.com/nodejs/undici/issues/3911) [nodejs/undici#3888](https://github.com/nodejs/undici/issues/3888) [nodejs/undici#3939](https://github.com/nodejs/undici/issues/3939) [nodejs/undici#3947](https://github.com/nodejs/undici/issues/3947) [nodejs/undici#3945](https://github.com/nodejs/undici/issues/3945) [nodejs/undici#3916](https://github.com/nodejs/undici/issues/3916) [nodejs/undici#3893](https://github.com/nodejs/undici/issues/3893) [nodejs/undici#3902](https://github.com/nodejs/undici/issues/3902) [#​3901](https://github.com/actions/create-github-app-token/issues/3901) [nodejs/undici#3903](https://github.com/nodejs/undici/issues/3903) [nodejs/undici#3905](https://github.com/nodejs/undici/issues/3905) [nodejs/undici#3900](https://github.com/nodejs/undici/issues/3900) [nodejs/undici#3913](https://github.com/nodejs/undici/issues/3913) [nodejs/undici#3910](https://github.com/nodejs/undici/issues/3910) [nodejs/undici#3909](https://github.com/nodejs/undici/issues/3909) [nodejs/undici#3906](https://github.com/nodejs/undici/issues/3906) [nodejs/undici#3922](https://github.com/nodejs/undici/issues/3922) [#​3962](https://github.com/actions/create-github-app-token/issues/3962) [#​3955](https://github.com/actions/create-github-app-token/issues/3955) [#​3958](https://github.com/actions/create-github-app-token/issues/3958) [#​3945](https://github.com/actions/create-github-app-token/issues/3945) [#​3947](https://github.com/actions/create-github-app-token/issues/3947) [#​3939](https://github.com/actions/create-github-app-token/issues/3939) [#​3888](https://github.com/actions/create-github-app-token/issues/3888) [#​3911](https://github.com/actions/create-github-app-token/issues/3911) [#​3941](https://github.com/actions/create-github-app-token/issues/3941) </details> <details> <summary>actions/setup-java (actions/setup-java)</summary> ### [`v4.7.0`](https://github.com/actions/setup-java/releases/tag/v4.7.0) [Compare Source](https://github.com/actions/setup-java/compare/v4.6.0...v4.7.0) ##### What's Changed - Configure Dependabot settings by [@​HarithaVattikuti](https://github.com/HarithaVattikuti) in [https://github.com/actions/setup-java/pull/722](https://github.com/actions/setup-java/pull/722) - README Update: Added a permissions section by [@​benwells](https://github.com/benwells) in [https://github.com/actions/setup-java/pull/723](https://github.com/actions/setup-java/pull/723) - Upgrade `cache` from version 3.2.4 to 4.0.0 by [@​aparnajyothi-y](https://github.com/aparnajyothi-y) in [https://github.com/actions/setup-java/pull/724](https://github.com/actions/setup-java/pull/724) - Upgrade `@actions/http-client` from 2.2.1 to 2.2.3 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/setup-java/pull/728](https://github.com/actions/setup-java/pull/728) - Upgrade `actions/publish-immutable-action` from 0.0.3 to 0.0.4 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/setup-java/pull/727](https://github.com/actions/setup-java/pull/727) - Upgrade `@types/jest` from 29.5.12 to 29.5.14 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/setup-java/pull/729](https://github.com/actions/setup-java/pull/729) ##### New Contributors - [@​benwells](https://github.com/benwells) made their first contribution in [https://github.com/actions/setup-java/pull/723](https://github.com/actions/setup-java/pull/723) **Full Changelog**: actions/setup-java@v4...v4.7.0 </details> <details> <summary>actions/setup-node (actions/setup-node)</summary> ### [`v4.2.0`](https://github.com/actions/setup-node/compare/v4.1.0...v4.2.0) [Compare Source](https://github.com/actions/setup-node/compare/v4.1.0...v4.2.0) </details> <details> <summary>actions/setup-python (actions/setup-python)</summary> ### [`v4.8.0`](https://github.com/actions/setup-python/releases/tag/v4.8.0) [Compare Source](https://github.com/actions/setup-python/compare/v4.7.1...v4.8.0) #### What's Changed In scope of this release we added support for GraalPy ([https://github.com/actions/setup-python/pull/694](https://github.com/actions/setup-python/pull/694)). You can use this snippet to set up GraalPy: ```yaml steps: - uses: actions/checkout@v4 - uses: actions/setup-python@v4 with: python-version: 'graalpy-22.3' - run: python my_script.py ``` Besides, the release contains such changes as: - Trim python version when reading from file by [@​FerranPares](https://github.com/FerranPares) in [https://github.com/actions/setup-python/pull/628](https://github.com/actions/setup-python/pull/628) - Use non-deprecated versions in examples by [@​jeffwidman](https://github.com/jeffwidman) in [https://github.com/actions/setup-python/pull/724](https://github.com/actions/setup-python/pull/724) - Change deprecation comment to past tense by [@​jeffwidman](https://github.com/jeffwidman) in [https://github.com/actions/setup-python/pull/723](https://github.com/actions/setup-python/pull/723) - Bump [@​babel/traverse](https://github.com/babel/traverse) from 7.9.0 to 7.23.2 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/setup-python/pull/743](https://github.com/actions/setup-python/pull/743) - advanced-usage.md: Encourage the use actions/checkout@v4 by [@​cclauss](https://github.com/cclauss) in [https://github.com/actions/setup-python/pull/729](https://github.com/actions/setup-python/pull/729) - Examples now use checkout@v4 by [@​simonw](https://github.com/simonw) in [https://github.com/actions/setup-python/pull/738](https://github.com/actions/setup-python/pull/738) - Update actions/checkout to v4 by [@​dmitry-shibanov](https://github.com/dmitry-shibanov) in [https://github.com/actions/setup-python/pull/761](https://github.com/actions/setup-python/pull/761) #### New Contributors - [@​FerranPares](https://github.com/FerranPares) made their first contribution in [https://github.com/actions/setup-python/pull/628](https://github.com/actions/setup-python/pull/628) - [@​timfel](https://github.com/timfel) made their first contribution in [https://github.com/actions/setup-python/pull/694](https://github.com/actions/setup-python/pull/694) - [@​jeffwidman](https://github.com/jeffwidman) made their first contribution in [https://github.com/actions/setup-python/pull/724](https://github.com/actions/setup-python/pull/724) **Full Changelog**: actions/setup-python@v4...v4.8.0 </details> <details> <summary>actions/stale (actions/stale)</summary> ### [`v9.1.0`](https://github.com/actions/stale/releases/tag/v9.1.0) [Compare Source](https://github.com/actions/stale/compare/v9.0.0...v9.1.0) #### What's Changed - Documentation update by [@​Marukome0743](https://github.com/Marukome0743) in [https://github.com/actions/stale/pull/1116](https://github.com/actions/stale/pull/1116) - Add workflow file for publishing releases to immutable action package by [@​Jcambass](https://github.com/Jcambass) in [https://github.com/actions/stale/pull/1179](https://github.com/actions/stale/pull/1179) - Update undici from 5.28.2 to 5.28.4 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/stale/pull/1150](https://github.com/actions/stale/pull/1150) - Update actions/checkout from 3 to 4 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/stale/pull/1091](https://github.com/actions/stale/pull/1091) - Update actions/publish-action from 0.2.2 to 0.3.0 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/stale/pull/1147](https://github.com/actions/stale/pull/1147) - Update ts-jest from 29.1.1 to 29.2.5 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/stale/pull/1175](https://github.com/actions/stale/pull/1175) - Update [@​actions/core](https://github.com/actions/core) from 1.10.1 to 1.11.1 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/stale/pull/1191](https://github.com/actions/stale/pull/1191) - Update [@​types/jest](https://github.com/types/jest) from 29.5.11 to 29.5.14 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/stale/pull/1193](https://github.com/actions/stale/pull/1193) - Update [@​actions/cache](https://github.com/actions/cache) from 3.2.2 to 4.0.0 by [@​dependabot](https://github.com/dependabot) in [https://github.com/actions/stale/pull/1194](https://github.com/actions/stale/pull/1194) #### New Contributors - [@​Marukome0743](https://github.com/Marukome0743) made their first contribution in [https://github.com/actions/stale/pull/1116](https://github.com/actions/stale/pull/1116) - [@​Jcambass](https://github.com/Jcambass) made their first contribution in [https://github.com/actions/stale/pull/1179](https://github.com/actions/stale/pull/1179) **Full Changelog**: actions/stale@v9...v9.1.0 </details> <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v4.6.0`](https://github.com/actions/upload-artifact/releases/tag/v4.6.0) [Compare Source](https://github.com/actions/upload-artifact/compare/v4.5.0...v4.6.0) #### What's Changed - Expose env vars to control concurrency and timeout by [@​yacaovsnc](https://github.com/yacaovsnc) in [https://github.com/actions/upload-artifact/pull/662](https://github.com/actions/upload-artifact/pull/662) **Full Changelog**: actions/upload-artifact@v4...v4.6.0 </details> <details> <summary>astral-sh/ruff-action (astral-sh/ruff-action)</summary> ### [`v3.1.0`](https://github.com/astral-sh/ruff-action/releases/tag/v3.1.0): 🌈 Determine ruff version from optional or dependency groups [Compare Source](https://github.com/astral-sh/ruff-action/compare/v3.0.2...v3.1.0) #### Changes Big thank you to [@​AA-Turner](https://github.com/AA-Turner) for expanding the pyproject.toml parsing to also find the ruff version to use in the following scenarios: ```toml [dependency-groups] dev = [ { include-group = "docs" }, { include-group = "lint" }, ] docs = [ "sphinx", ] lint = [ "ruff==0.8.3", ] ``` ```toml [project.optional-dependencies] lint = [ "ruff==0.8.3", ] ``` #### 🚀 Enhancements - Read the `[project.optional-dependencies]` and `[dependency-groups]` tables [@​AA-Turner](https://github.com/AA-Turner) ([#​66](https://github.com/astral-sh/ruff-action/issues/66)) ### [`v3.0.2`](https://github.com/astral-sh/ruff-action/releases/tag/v3.0.2): 🌈 Full support for GHES [Compare Source](https://github.com/astral-sh/ruff-action/compare/v3.0.1...v3.0.2) #### Changes This release fixes some issues that prevented use with GitHub Enterprise Server instances. Parsing the ruff version from pyproject.toml now also uses a library that is fully TOML 1.0.0 compliant. #### 🐛 Bug fixes - Do not expect GITHUB_TOKEN to be set or valid [@​eifinger](https://github.com/eifinger) ([#​65](https://github.com/astral-sh/ruff-action/issues/65)) - Use TOML 1.0.0 compliant library for parsing [@​eifinger](https://github.com/eifinger) ([#​47](https://github.com/astral-sh/ruff-action/issues/47)) #### 🧰 Maintenance - Fix compiled known versions [@​eifinger](https://github.com/eifinger) ([#​62](https://github.com/astral-sh/ruff-action/issues/62)) - chore: update known checksums for 0.9.3 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​61](https://github.com/astral-sh/ruff-action/issues/61)) - chore: update known checksums for 0.9.1 @​[github-actions\[bot\]](https://github.com/apps/github-actions) ([#​42](https://github.com/astral-sh/ruff-action/issues/42)) #### 📚 Documentation - Fix Markdown link to Install the latest version [@​eifinger](https://github.com/eifinger) ([#​58](https://github.com/astral-sh/ruff-action/issues/58)) - update readme to v3 [@​cclauss](https://github.com/cclauss) ([#​35](https://github.com/astral-sh/ruff-action/issues/35)) #### ⬆️ Dependency updates - Bump [@​types/node](https://github.com/types/node) from 22.10.10 to 22.12.0 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​60](https://github.com/astral-sh/ruff-action/issues/60)) - Bump eifinger/actionlint-action from 1.9.0 to 1.9.1 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​59](https://github.com/astral-sh/ruff-action/issues/59)) - Bump typescript from 5.7.2 to 5.7.3 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​41](https://github.com/astral-sh/ruff-action/issues/41)) - Bump release-drafter/release-drafter from 6.0.0 to 6.1.0 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​50](https://github.com/astral-sh/ruff-action/issues/50)) - Bump [@​types/node](https://github.com/types/node) from 22.10.5 to 22.10.10 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​53](https://github.com/astral-sh/ruff-action/issues/53)) - Bump [@​types/node](https://github.com/types/node) from 22.10.2 to 22.10.5 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​38](https://github.com/astral-sh/ruff-action/issues/38)) - Bump eifinger/actionlint-action from 1.8.0 to 1.9.0 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​39](https://github.com/astral-sh/ruff-action/issues/39)) - Bump peter-evans/create-pull-request from 7.0.5 to 7.0.6 @​[dependabot\[bot\]](https://github.com/apps/dependabot) ([#​34](https://github.com/astral-sh/ruff-action/issues/34)) - Bump eifinger/actionlint-action to v1.8.0 [@​eifinger](https://github.com/eifinger) ([#​33](https://github.com/astral-sh/ruff-action/issues/33)) </details> <details> <summary>aws-actions/configure-aws-credentials (aws-actions/configure-aws-credentials)</summary> ### [`v4.0.3`](https://github.com/aws-actions/configure-aws-credentials/releases/tag/v4.0.3) [Compare Source](https://github.com/aws-actions/configure-aws-credentials/compare/v4.0.2...v4.0.3) ##### Features - added release-please action config ([0f88004](https://github.com/aws-actions/configure-aws-credentials/commit/0f88004d9c27e0bdbbc254b3f7c8053cb38f04d7)) ##### Bug Fixes - add id-token permission to automerge ([97834a4](https://github.com/aws-actions/configure-aws-credentials/commit/97834a484a5ab3c40fa9e2eb40fcf8041105a573)) - cpy syntax on npm package ([#​1195](https://github.com/aws-actions/configure-aws-credentials/issues/1195)) ([83b5a56](https://github.com/aws-actions/configure-aws-credentials/commit/83b5a565471214aec459e234bef606339fe07111)) - force push packaged files to main ([bfd2185](https://github.com/aws-actions/configure-aws-credentials/commit/bfd218503eb87938c29603a551e19c6b594f5fe5)) ##### Miscellaneous Chores - release 4.0.3 ([ca00fd4](https://github.com/aws-actions/configure-aws-credentials/commit/ca00fd4d3842ad58c3c21ebfe69defa1f0e7bdc4)) </details> <details> <summary>docker/build-push-action (docker/build-push-action)</summary> ### [`v6.13.0`](https://github.com/docker/build-push-action/releases/tag/v6.13.0) [Compare Source](https://github.com/docker/build-push-action/compare/v6.12.0...v6.13.0) - Bump [@​docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.51.0 to 0.53.0 in [https://github.com/docker/build-push-action/pull/1308](https://github.com/docker/build-push-action/pull/1308) **Full Changelog**: docker/build-push-action@v6.12.0...v6.13.0 ### [`v6.12.0`](https://github.com/docker/build-push-action/releases/tag/v6.12.0) [Compare Source](https://github.com/docker/build-push-action/compare/v6.11.0...v6.12.0) - Bump [@​docker/actions-toolkit](https://github.com/docker/actions-toolkit) from 0.49.0 to 0.51.0 in [https://github.com/docker/build-push-action/pull/1300](https://github.com/docker/build-push-action/pull/1300) **Full Changelog**: docker/build-push-action@v6.11.0...v6.12.0 </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.28.8`](https://github.com/github/codeql-action/releases/tag/v3.28.8) [Compare Source](https://github.com/github/codeql-action/compare/v3.28.7...v3.28.8) ### CodeQL Action Changelog See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. #### 3.28.8 - 29 Jan 2025 - Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. [#​2744](https://github.com/github/codeql-action/pull/2744) See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.28.8/CHANGELOG.md) for more information. ### [`v3.28.7`](https://github.com/github/codeql-action/releases/tag/v3.28.7) [Compare Source](https://github.com/github/codeql-action/compare/v3.28.6...v3.28.7) ### CodeQL Action Changelog See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. #### 3.28.7 - 29 Jan 2025 No user facing changes. See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.28.7/CHANGELOG.md) for more information. ### [`v3.28.6`](https://github.com/github/codeql-action/releases/tag/v3.28.6) [Compare Source](https://github.com/github/codeql-action/compare/v3.28.5...v3.28.6) ### CodeQL Action Changelog See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. #### 3.28.6 - 27 Jan 2025 - Re-enable debug artifact upload for CLI versions 2.20.3 or greater. [#​2726](https://github.com/github/codeql-action/pull/2726) See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.28.6/CHANGELOG.md) for more information. ### [`v3.28.5`](https://github.com/github/codeql-action/releases/tag/v3.28.5) [Compare Source](https://github.com/github/codeql-action/compare/v3.28.4...v3.28.5) ### CodeQL Action Changelog See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. #### 3.28.5 - 24 Jan 2025 - Update default CodeQL bundle version to 2.20.3. [#​2717](https://github.com/github/codeql-action/pull/2717) See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.28.5/CHANGELOG.md) for more information. ### [`v3.28.4`](https://github.com/github/codeql-action/releases/tag/v3.28.4) [Compare Source](https://github.com/github/codeql-action/compare/v3.28.3...v3.28.4) ##### CodeQL Action Changelog See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. ##### 3.28.4 - 23 Jan 2025 No user facing changes. See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.28.4/CHANGELOG.md) for more information. ### [`v3.28.3`](https://github.com/github/codeql-action/releases/tag/v3.28.3) [Compare Source](https://github.com/github/codeql-action/compare/v3.28.2...v3.28.3) ##### CodeQL Action Changelog See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. ##### 3.28.3 - 22 Jan 2025 - Update default CodeQL bundle version to 2.20.2. [#​2707](https://github.com/github/codeql-action/pull/2707) - Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the [CodeQL Action sync tool](https://github.com/github/codeql-action-sync-tool) and the Actions runner did not have Zstandard installed. [#​2710](https://github.com/github/codeql-action/pull/2710) - Uploading debug artifacts for CodeQL analysis is temporarily disabled. [#​2712](https://github.com/github/codeql-action/pull/2712) See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.28.3/CHANGELOG.md) for more information. ### [`v3.28.2`](https://github.com/github/codeql-action/releases/tag/v3.28.2) [Compare Source](https://github.com/github/codeql-action/compare/v3.28.1...v3.28.2) ##### CodeQL Action Changelog See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. ##### 3.28.2 - 21 Jan 2025 No user facing changes. See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.28.2/CHANGELOG.md) for more information. ### [`v3.28.1`](https://github.com/github/codeql-action/releases/tag/v3.28.1) [Compare Source](https://github.com/github/codeql-action/compare/v3.28.0...v3.28.1) ##### CodeQL Action Changelog See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. ##### 3.28.1 - 10 Jan 2025 - CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see [this changelog post](https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/). [#​2677](https://github.com/github/codeql-action/pull/2677) - Update default CodeQL bundle version to 2.20.1. [#​2678](https://github.com/github/codeql-action/pull/2678) See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.28.1/CHANGELOG.md) for more information. </details> <details> <summary>hoverkraft-tech/compose-action (hoverkraft-tech/compose-action)</summary> ### [`v2.2.0`](https://github.com/hoverkraft-tech/compose-action/releases/tag/v2.2.0) [Compare Source](https://github.com/hoverkraft-tech/compose-action/compare/v2.1.0...v2.2.0) #### Release Summary This release introduces a new feature allowing users to specify Docker flags as an input, enhancing flexibility in Docker Compose operations. A bug fix ensures that Docker Compose output is now printed only in debug mode, reducing unnecessary log verbosity. Additionally, documentation has been updated to reflect the latest actions and workflows. Dependencies have been updated for GitHub Actions to maintain compatibility and security. No breaking changes were introduced in this release. #### What's Changed - chore(deps): bump the actions-dependencies group across 1 directory with 2 updates by [@​dependabot](https://github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/107](https://github.com/hoverkraft-tech/compose-action/pull/107) - fix: print docker compose output to debug only by [@​neilime](https://github.com/neilime) in [https://github.com/hoverkraft-tech/compose-action/pull/118](https://github.com/hoverkraft-tech/compose-action/pull/118) - feat: add docker flags input by [@​neilime](https://github.com/neilime) in [https://github.com/hoverkraft-tech/compose-action/pull/115](https://github.com/hoverkraft-tech/compose-action/pull/115) - docs: update actions and workflows documentation by [@​hoverkraft-bot](https://github.com/hoverkraft-bot) in [https://github.com/hoverkraft-tech/compose-action/pull/121](https://github.com/hoverkraft-tech/compose-action/pull/121) - chore(deps): bump the github-actions-dependencies group with 2 updates by [@​dependabot](https://github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/119](https://github.com/hoverkraft-tech/compose-action/pull/119) **Full Changelog**: hoverkraft-tech/compose-action@v2.1.0...v2.2.0 ### [`v2.1.0`](https://github.com/hoverkraft-tech/compose-action/releases/tag/v2.1.0) [Compare Source](https://github.com/hoverkraft-tech/compose-action/compare/v2.0.2...v2.1.0) ##### Release Summary This release introduces a new feature that supports specifying the Compose version, enhancing compatibility and usability. Documentation for actions and workflows has been updated, along with multiple dependency upgrades across npm and GitHub Actions to improve performance, security, and compatibility. Minor lint issues in documentation have been fixed to ensure compliance with standards. Development dependencies were updated extensively, including updates to `eslint-plugin-jsonc`, `eslint-plugin-github`, and other packages, ensuring a more robust development environment. No Breaking changes ##### What's Changed - chore(deps-dev): bump [@​vercel/ncc](https://github.com/vercel/ncc) from 0.38.1 to 0.38.2 in the npm-dev-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/88](https://github.com/hoverkraft-tech/compose-action/pull/88) - chore(deps): bump docker-compose from 0.24.8 to 1.1.0 by [@​dependabot](https://github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/90](https://github.com/hoverkraft-tech/compose-action/pull/90) - chore(deps): bump hoverkraft-tech/ci-github-nodejs from 0.6.0 to 0.7.0 in the github-actions-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/92](https://github.com/hoverkraft-tech/compose-action/pull/92) - feat: support compose version by [@​neilime](https://github.com/neilime) in [https://github.com/hoverkraft-tech/compose-action/pull/93](https://github.com/hoverkraft-tech/compose-action/pull/93) - docs: update actions and workflows documentation by [@​hoverkraft-bot](https://github.com/hoverkraft-bot) in [https://github.com/hoverkraft-tech/compose-action/pull/94](https://github.com/hoverkraft-tech/compose-action/pull/94) - chore(deps-dev): bump eslint-plugin-jsonc from 2.16.0 to 2.17.0 in the npm-dev-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/96](https://github.com/hoverkraft-tech/compose-action/pull/96) - chore(deps-dev): bump eslint-plugin-jsonc from 2.17.0 to 2.18.1 in the npm-dev-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/98](https://github.com/hoverkraft-tech/compose-action/pull/98) - chore(docs): fix lint issues by [@​neilime](https://github.com/neilime) in [https://github.com/hoverkraft-tech/compose-action/pull/100](https://github.com/hoverkraft-tech/compose-action/pull/100) - chore(deps-dev): bump the npm-dev-dependencies group with 3 updates by [@​dependabot](https://github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/101](https://github.com/hoverkraft-tech/compose-action/pull/101) - chore(deps-dev): bump eslint-plugin-github from 5.1.1 to 5.1.3 in the npm-dev-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/102](https://github.com/hoverkraft-tech/compose-action/pull/102) - chore(deps-dev): bump eslint-plugin-github from 5.1.3 to 5.1.4 in the npm-dev-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/103](https://github.com/hoverkraft-tech/compose-action/pull/103) - chore(deps): bump hoverkraft-tech/ci-github-common from 0.15.0 to 0.16.0 in the github-actions-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/105](https://github.com/hoverkraft-tech/compose-action/pull/105) - chore(deps-dev): bump eslint-plugin-github from 5.1.4 to 5.1.5 in the npm-dev-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/106](https://github.com/hoverkraft-tech/compose-action/pull/106) - chore: move [@​ts-dev-tools](https://github.com/ts-dev-tools) to dev deps by [@​neilime](https://github.com/neilime) in [https://github.com/hoverkraft-tech/compose-action/pull/108](https://github.com/hoverkraft-tech/compose-action/pull/108) **Full Changelog**: hoverkraft-tech/compose-action@v2.0.2...v2.1.0 ### [`v2.0.2`](https://github.com/hoverkraft-tech/compose-action/releases/tag/v2.0.2) [Compare Source](https://github.com/hoverkraft-tech/compose-action/compare/v2.0.1...v2.0.2) ##### Release Summary This release introduces new tests for the `attach-dependencies` feature, along with support for absolute paths in the `compose-file` input. Documentation for actions and workflows has been updated, and several dependencies related to GitHub actions and npm development have been bumped to ensure better performance and stability. No breaking changes have been introduced. ##### What's Changed - ci: add test for attach-dependencies by [@​neilime](https://github.com/neilime) in [https://github.com/hoverkraft-tech/compose-action/pull/75](https://github.com/hoverkraft-tech/compose-action/pull/75) - chore(deps): bump hoverkraft-tech/ci-github-common from 0.13.2 to 0.13.3 in the github-actions-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/77](https://github.com/hoverkraft-tech/compose-action/pull/77) - docs: update actions and workflows documentation by [@​hoverkraft-bot](https://github.com/hoverkraft-bot) in [https://github.com/hoverkraft-tech/compose-action/pull/78](https://github.com/hoverkraft-tech/compose-action/pull/78) - chore(deps): bump hoverkraft-tech/ci-github-common from 0.13.3 to 0.14.0 in the github-actions-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/79](https://github.com/hoverkraft-tech/compose-action/pull/79) - chore(deps): bump hoverkraft-tech/ci-github-nodejs from 0.5.1 to 0.6.0 in the github-actions-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/80](https://github.com/hoverkraft-tech/compose-action/pull/80) - chore(deps-dev): bump eslint-plugin-github from 5.0.1 to 5.0.2 in the npm-dev-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/84](https://github.com/hoverkraft-tech/compose-action/pull/84) - fix: support absolute path for compose-file input by [@​neilime](https://github.com/neilime) in [https://github.com/hoverkraft-tech/compose-action/pull/85](https://github.com/hoverkraft-tech/compose-action/pull/85) - docs: update actions and workflows documentation by [@​hoverkraft-bot](https://github.com/hoverkraft-bot) in [https://github.com/hoverkraft-tech/compose-action/pull/86](https://github.com/hoverkraft-tech/compose-action/pull/86) - chore(deps): bump hoverkraft-tech/ci-github-common from 0.14.0 to 0.15.0 in the github-actions-dependencies group by [@​dependabot](https://github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/87](https://github.com/hoverkraft-tech/compose-action/pull/87) **Full Changelog**: hoverkraft-tech/compose-action@v2.0.1...v2.0.2 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "* * 1 * *" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/Hapag-Lloyd/Workflow-Templates). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xNDUuMCIsInVwZGF0ZWRJblZlciI6IjM5LjE0NS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmN5Il19--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps actions/dependency-review-action from 4.4.0 to 4.5.0.
Release notes
Sourced from actions/dependency-review-action's releases.
Commits
3b139cfMerge pull request #851 from actions/ahmed3lmallah/prepare-for-4.5.0-released6807b6updating generated codec89b41faddressing lint issueseee97d8incrementing project version9d10182Merge pull request #827 from ebickle/fix/comment-warn-only9192be9Merge pull request #850 from actions/ahmed3lmallah/adressing-CVE-2024-215382fc8e23Using cross-spawn safe versionfb86db2fix: resolve race conditions in async core.group calls0a198abfix: replace integer failureCount with booleanfc499fcMerge branch 'main' into fix/comment-warn-onlyDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)