build(deps): bump the callable-workflows group across 1 directory with 11 updates

[dependabot]

Bumps the callable-workflows group with 11 updates in the / directory:

Package	From	To
docker/setup-buildx-action	3.7.1	3.8.0
docker/metadata-action	5.5.1	5.6.1
docker/build-push-action	6.9.0	6.12.0
actions/attest-build-provenance	1.4.3	2.1.0
actions/checkout	4.2.1	4.2.2
actions/setup-python	5.2.0	5.3.0
actions/cache	4.1.1	4.2.0
actions/upload-artifact	4.4.3	4.6.0
pypa/gh-action-pypi-publish	1.10.3	1.12.3
codecov/codecov-action	4.6.0	5.1.2
Swatinem/rust-cache	2.7.5	2.7.7

Updates docker/setup-buildx-action from 3.7.1 to 3.8.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v3.8.0

• Make cloud prefix optional to download buildx if driver is cloud by @​crazy-max in docker/setup-buildx-action#390
• Bump @​actions/core from 1.10.1 to 1.11.1 in docker/setup-buildx-action#370
• Bump @​docker/actions-toolkit from 0.39.0 to 0.48.0 in docker/setup-buildx-action#389
• Bump cross-spawn from 7.0.3 to 7.0.6 in docker/setup-buildx-action#382

Full Changelog: docker/setup-buildx-action@v3.7.1...v3.8.0

Commits

• 6524bf6 Merge pull request #390 from crazy-max/buildx-cloud-latest
• 8d5e074 chore: update generated content
• 7199e57 make cloud prefix optional to download buildx if driver is cloud
• db63cee Merge pull request #381 from docker/dependabot/github_actions/codecov/codecov...
• 043ebe1 Merge pull request #389 from docker/dependabot/npm_and_yarn/docker/actions-to...
• 686da90 chore: update generated content
• a3d7487 Merge pull request #382 from docker/dependabot/npm_and_yarn/cross-spawn-7.0.6
• 4dcdbce build(deps): bump @​docker/actions-toolkit from 0.39.0 to 0.48.0
• 1a8ac74 ci: fix deprecated input for codecov-action
• e827ebe build(deps): bump cross-spawn from 7.0.3 to 7.0.6
• Additional commits viewable in compare view

Updates docker/metadata-action from 5.5.1 to 5.6.1

Release notes

Sourced from docker/metadata-action's releases.

v5.6.1

• Fix GitHub API request fallback for commit date by @​crazy-max in docker/metadata-action#478
• Revert to default commit SHA length of 7 by @​crazy-max in docker/metadata-action#480

Full Changelog: docker/metadata-action@v5.6.0...v5.6.1

v5.6.0

• Add commit_date global expression by @​trim21 in docker/metadata-action#471 docker/metadata-action#475
• Increase short commit sha length to 12 for uniqueness by @​crazy-max in docker/metadata-action#467
• Bump @​actions/core from 1.10.1 to 1.11.1 docker/metadata-action#460
• Bump @​docker/actions-toolkit from 0.16.1 to 0.44.0 docker/metadata-action#391 docker/metadata-action#399 docker/metadata-action#413 docker/metadata-action#441
• Bump braces from 3.0.2 to 3.0.3 docker/metadata-action#424
• Bump cross-spawn from 7.0.3 to 7.0.5 docker/metadata-action#474
• Bump csv-parse from 5.5.5 to 5.5.6 docker/metadata-action#412
• Bump moment-timezone from 0.5.44 to 0.5.46 docker/metadata-action#383 docker/metadata-action#470 docker/metadata-action#459
• Bump path-to-regexp from 6.2.2 to 6.3.0 docker/metadata-action#454
• Bump semver from 7.6.0 to 7.6.3 docker/metadata-action#400 docker/metadata-action#411 docker/metadata-action#440
• Bump undici from 5.26.3 to 5.28.4 docker/metadata-action#386 docker/metadata-action#402

Full Changelog: docker/metadata-action@v5.5.1...v5.6.0

Commits

• 369eb59 Merge pull request #480 from crazy-max/back-to-sha-7
• 7d870ce chore: update generated content
• e44a9cd back to commit sha length of 7
• 8cb0002 Merge pull request #478 from crazy-max/commit-date-request
• e01ddd3 chore: update generated content
• 861d98a commiter_date: fix github api request fallback
• 359e915 Merge pull request #475 from crazy-max/commit-date-changes
• 0c395eb commit_date: code cleanup and readme updates
• 1156622 Merge pull request #474 from docker/dependabot/npm_and_yarn/cross-spawn-7.0.5
• 95ea8d0 chore(deps): Bump cross-spawn from 7.0.3 to 7.0.5
• Additional commits viewable in compare view

Updates docker/build-push-action from 6.9.0 to 6.12.0

Release notes

Sourced from docker/build-push-action's releases.

v6.12.0

• Bump @​docker/actions-toolkit from 0.49.0 to 0.51.0 in docker/build-push-action#1300

Full Changelog: docker/build-push-action@v6.11.0...v6.12.0

v6.11.0

• Handlebar defaultContext support for build-contexts input by @​crazy-max in docker/build-push-action#1283
• Bump @​docker/actions-toolkit from 0.46.0 to 0.49.0 in docker/build-push-action#1281

Full Changelog: docker/build-push-action@v6.10.0...v6.11.0

v6.10.0

• Add call input to set method for evaluating build by @​crazy-max in docker/build-push-action#1265
• Bump @​actions/core from 1.10.1 to 1.11.1 in docker/build-push-action#1238
• Bump @​docker/actions-toolkit from 0.39.0 to 0.46.0 in docker/build-push-action#1268
• Bump cross-spawn from 7.0.3 to 7.0.6 in docker/build-push-action#1261

Full Changelog: docker/build-push-action@v6.9.0...v6.10.0

Commits

• 67a2d40 Merge pull request #1300 from docker/dependabot/npm_and_yarn/docker/actions-t...
• 0b1b1c9 chore: update generated content
• b6a7c2c chore(deps): Bump @​docker/actions-toolkit from 0.49.0 to 0.51.0
• 31ca4e5 Merge pull request #1296 from crazy-max/bake-v6
• e613db9 update bake-action to v6
• b32b51a Merge pull request #1281 from docker/dependabot/npm_and_yarn/docker/actions-t...
• 594bf46 Merge pull request #1294 from crazy-max/fix-e2e
• fd37bd5 ci(e2e): fix setup docker config
• e6478a2 chore: update generated content
• 78785bd chore(deps): Bump @​docker/actions-toolkit from 0.46.0 to 0.49.0
• Additional commits viewable in compare view

Updates actions/attest-build-provenance from 1.4.3 to 2.1.0

Release notes

Sourced from actions/attest-build-provenance's releases.

v2.1.0

What's Changed

• Update README w/ note about GH plans supporting attestations by @​bdehamer in actions/attest-build-provenance#414
• Add attestation-id and attestation-url outputs by @​bdehamer in actions/attest-build-provenance#415

Full Changelog: actions/attest-build-provenance@v2.0.1...v2.1.0

v2.0.1

What's Changed

• Bump actions/attest from 2.0.0 to 2.0.1 by @​bdehamer in actions/attest-build-provenance#406
  • Deduplicate subjects before adding to in-toto statement

Full Changelog: actions/attest-build-provenance@v2.0.0...v2.0.1

v2.0.0

The attest-build-provenance action now supports attesting multiple subjects simultaneously. When identifying multiple subjects with the subject-path input a single attestation is created with references to each of the supplied subjects, rather than generating separate attestations for each artifact. This reduces the number of attestations that you need to create and manage.

What's Changed

• Bump cross-spawn from 7.0.3 to 7.0.6 by @​dependabot in actions/attest-build-provenance#319
• Prepare v2.0.0 release by @​bdehamer in actions/attest-build-provenance#321
  • Bump actions/attest from 1.4.1 to 2.0.0 (w/ multi-subject attestation support)

Full Changelog: actions/attest-build-provenance@v1.4.4...v2.0.0

v1.4.4

What's Changed

• Bump predicate action from 1.1.3 to 1.1.4 by @​bdehamer in actions/attest-build-provenance#310
  • Bump @​actions/core from 1.10.1 to 1.11.1 by @​dependabot in actions/attest-build-provenance#275
  • Bump @​actions/attest from 1.4.2 to 1.5.0 by @​bdehamer in actions/attest-build-provenance#309
    • Fix SLSA provenance bug related to workflow_ref OIDC token claims containing the "@" symbol in the tag name (actions/toolkit#1863)

Full Changelog: actions/attest-build-provenance@v1.4.3...v1.4.4

Commits

• 7668571 add attestation-id and attestation-url outputs (#415)
• 9ad33ff add note about gh plans supporting attestations (#414)
• f2f0851 Bump the npm-development group with 2 updates (#412)
• c4fbc64 bump actions/attest from 2.0.0 to 2.0.1 (#406)
• 619dbb2 bump actions/attest to v2.0.0 (#321)
• 90d4930 Bump the npm-development group with 3 updates (#329)
• fb315c1 Bump the npm-development group with 5 updates (#323)
• a379071 Bump cross-spawn from 7.0.3 to 7.0.6 (#319)
• dada0c3 Bump the npm-development group across 1 directory with 5 updates (#317)
• ef24412 bump predicate from 1.1.3 to 1.1.4 (#310)
• Additional commits viewable in compare view

Updates actions/checkout from 4.2.1 to 4.2.2

Release notes

Sourced from actions/checkout's releases.

v4.2.2

What's Changed

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

Full Changelog: actions/checkout@v4.2.1...v4.2.2

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

v4.1.6

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732

v4.1.5

• Update NPM dependencies by @​cory-miller in actions/checkout#1703
• Bump github/codeql-action from 2 to 3 by @​dependabot in actions/checkout#1694
• Bump actions/setup-node from 1 to 4 by @​dependabot in actions/checkout#1696
• Bump actions/upload-artifact from 2 to 4 by @​dependabot in actions/checkout#1695
• README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @​cory-miller in actions/checkout#1707

v4.1.4

• Disable extensions.worktreeConfig when disabling sparse-checkout by @​jww3 in actions/checkout#1692
• Add dependabot config by @​cory-miller in actions/checkout#1688
• Bump the minor-actions-dependencies group with 2 updates by @​dependabot in actions/checkout#1693
• Bump word-wrap from 1.2.3 to 1.2.5 by @​dependabot in actions/checkout#1643

v4.1.3

• Check git version before attempting to disable sparse-checkout by @​jww3 in actions/checkout#1656
• Add SSH user parameter by @​cory-miller in actions/checkout#1685
• Update actions/checkout version in update-main-version.yml by @​jww3 in actions/checkout#1650

v4.1.2

• Fix: Disable sparse checkout whenever sparse-checkout option is not present @​dscho in actions/checkout#1598

v4.1.1

• Correct link to GitHub Docs by @​peterbe in actions/checkout#1511
• Link to release page from what's new section by @​cory-miller in actions/checkout#1514

v4.1.0

• Add support for partial checkout filters

... (truncated)

Commits

• 11bd719 Prepare 4.2.2 Release (#1953)
• e3d2460 Expand unit test coverage (#1946)
• 163217d url-helper.ts now leverages well-known environment variables. (#1941)
• See full diff in compare view

Updates actions/setup-python from 5.2.0 to 5.3.0

Release notes

Sourced from actions/setup-python's releases.

v5.3.0

What's Changed

• Add workflow file for publishing releases to immutable action package by @​Jcambass in actions/setup-python#941
• Upgrade IA publish by @​Jcambass in actions/setup-python#943

Bug Fixes:

• Normalise Line Endings to Ensure Cross-Platform Consistency by @​priya-kinthali in actions/setup-python#938
• Revise isGhes logic by @​jww3 in actions/setup-python#963
• Bump pillow from 7.2 to 10.2.0 by @​aparnajyothi-y in actions/setup-python#956

Enhancements:

• Enhance workflows and documentation updates by @​priya-kinthali in actions/setup-python#965
• Bump default versions to latest by @​jeffwidman in actions/setup-python#905

New Contributors

• @​Jcambass made their first contribution in actions/setup-python#941
• @​jww3 made their first contribution in actions/setup-python#963

Full Changelog: actions/setup-python@v5...v5.3.0

Commits

• 0b93645 Enhance workflows: Add macOS 13 support, upgrade publish-action, and update d...
• 9c76e71 Bump pillow from 7.2 to 10.2.0 in /tests/data (#956)
• f4c5a11 Revise isGhes logic (#963)
• 19dfb7b Bump default versions to latest (#905)
• e9675cc Merge pull request #943 from actions/Jcambass-patch-1
• 3226af6 Upgrade IA publish
• 70dcb22 Merge pull request #941 from actions/Jcambass-patch-1
• 65b48c7 Create publish-immutable-actions.yml
• 29a37be initial commit (#938)
• See full diff in compare view

Updates actions/cache from 4.1.1 to 4.2.0

Release notes

Sourced from actions/cache's releases.

v4.2.0

⚠️ Important Changes

The cache backend service has been rewritten from the ground up for improved performance and reliability. actions/cache now integrates with the new cache service (v2) APIs.

The new service will gradually roll out as of February 1st, 2025. The legacy service will also be sunset on the same date. Changes in these release are fully backward compatible.

We are deprecating some versions of this action. We recommend upgrading to version v4 or v3 as soon as possible before February 1st, 2025. (Upgrade instructions below).

If you are using pinned SHAs, please use the SHAs of versions v4.2.0 or v3.4.0

If you do not upgrade, all workflow runs using any of the deprecated actions/cache will fail.

Upgrading to the recommended versions will not break your workflows.

Read more about the change & access the migration guide: reference to the announcement.

Minor changes

Minor and patch version updates for these dependencies:

• @​actions/core: 1.11.1
• @​actions/io: 1.1.3
• @​vercel/ncc: 0.38.3

Full Changelog: actions/cache@v4...v4.2.0

v4.1.2

What's Changed

• Add Bun example by @​idleberg in actions/cache#1456
• Revise isGhes logic by @​jww3 in actions/cache#1474
• Bump braces from 3.0.2 to 3.0.3 by @​dependabot in actions/cache#1475
• Add dependabot.yml to enable automatic dependency upgrades by @​Link- in actions/cache#1476
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/cache#1478
• Bump actions/stale from 3 to 9 by @​dependabot in actions/cache#1479
• Bump github/codeql-action from 2 to 3 by @​dependabot in actions/cache#1483
• Bump actions/setup-node from 3 to 4 by @​dependabot in actions/cache#1481
• Prepare 4.1.2 release by @​Link- in actions/cache#1477

New Contributors

• @​idleberg made their first contribution in actions/cache#1456
• @​jww3 made their first contribution in actions/cache#1474
• @​Link- made their first contribution in actions/cache#1476

Full Changelog: actions/cache@v4...v4.1.2

Changelog

Sourced from actions/cache's changelog.

Releases

4.2.0

TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. actions/cache now integrates with the new cache service (v2) APIs.

The new service will gradually roll out as of February 1st, 2025. The legacy service will also be sunset on the same date. Changes in these release are fully backward compatible.

We are deprecating some versions of this action. We recommend upgrading to version v4 or v3 as soon as possible before February 1st, 2025. (Upgrade instructions below).

If you are using pinned SHAs, please use the SHAs of versions v4.2.0 or v3.4.0

If you do not upgrade, all workflow runs using any of the deprecated actions/cache will fail.

Upgrading to the recommended versions will not break your workflows.

4.1.2

• Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - #1474
• Security fix: Bump braces from 3.0.2 to 3.0.3 - #1475

4.1.1

• Restore original behavior of cache-hit output - #1467

4.1.0

• Ensure cache-hit output is set when a cache is missed - #1404
• Deprecate save-always input - #1452

4.0.2

• Fixed restore fail-on-cache-miss not working.

4.0.1

• Updated isGhes check

4.0.0

• Updated minimum runner version support from node 12 -> node 20

3.4.0

• Integrated with the new cache service (v2) APIs

3.3.3

• Updates @​actions/cache to v3.2.3 to fix accidental mutated path arguments to getCacheVersion actions/toolkit#1378
• Additional audit fixes of npm package(s)

... (truncated)

Commits

• 1bd1e32 Merge pull request #1509 from actions/Link-/cache-4.2.0
• 882d7ce Add 3.4.0 release notes
• f2695d7 Rerun CI
• f46ceeb Add licensed output
• e6f5858 Add lodash to list of reviewed licenses
• 4ae6f21 Add reviewed licensed packages
• c16df86 Add licensed output
• b109c12 Upgrade @​actions/core to 1.11.1 and other deps
• b7d227d Upgrade @​vercel/ncc to 0.38.3
• faf6392 Update RELEASES.md
• Additional commits viewable in compare view

Updates actions/upload-artifact from 4.4.3 to 4.6.0

Release notes

Sourced from actions/upload-artifact's releases.

v4.6.0

What's Changed

• Expose env vars to control concurrency and timeout by @​yacaovsnc in actions/upload-artifact#662

Full Changelog: actions/upload-artifact@v4...v4.6.0

v4.5.0

What's Changed

• fix: deprecated Node.js version in action by @​hamirmahal in actions/upload-artifact#578
• Add new artifact-digest output by @​bdehamer in actions/upload-artifact#656

New Contributors

• @​hamirmahal made their first contribution in actions/upload-artifact#578
• @​bdehamer made their first contribution in actions/upload-artifact#656

Full Changelog: actions/upload-artifact@v4.4.3...v4.5.0

Commits

• 65c4c4a Merge pull request #662 from actions/yacaovsnc/add_variable_for_concurrency_a...
• 0207619 move files back to satisfy licensed ci
• 1ecca81 licensed cache updates
• 9742269 Expose env vars to controll concurrency and timeout
• 6f51ac0 Merge pull request #656 from bdehamer/bdehamer/artifact-digest
• c40c16d add new artifact-digest output
• 735efb4 bump @​actions/artifact from 2.1.11 to 2.2.0
• 184d73b Merge pull request #578 from hamirmahal/fix/deprecated-nodejs-usage-in-action
• b4a0a98 Merge branch 'main' into fix/deprecated-nodejs-usage-in-action
• See full diff in compare view

Updates pypa/gh-action-pypi-publish from 1.10.3 to 1.12.3

Release notes

Sourced from pypa/gh-action-pypi-publish's releases.

v1.12.3

✨ What's Improved

With the updates by @​woodruffw💰 and @​webknjaz💰 via #309 and #313, it is now possible to publish distribution packages that include core metadata v2.4, like those built using maturin. This is done by bumping Twine to v6.0.1 and pkginfo to v1.12.0.

📝 Docs

We've made an attempt to clarify the runtime and workflow shape that are expected to be supported for calling this action in: https://github.com/marketplace/actions/pypi-publish#Non-goals.

[!TIP] Please, let us know in the release discussion if anything still remains unclear. TL;DR always call pypi-publish once per job; don't invoke it in reusable workflows; physically move building the dists into separate jobs having restricted permissions and storing the dists as GitHub Actions artifacts; when using self-hosted runners, make sure to still use pypi-publish on a GitHub-provided infra with runs-on: ubuntu-latest, while building and testing may remain self-hosted; don't perform any other actions in the publishing job; don't call pypi-publish from composite actions.

🛠️ Internal Updates

@​br3ndonland💰 improved the container image generation automation to include Git SHA in #301. And @​woodruffw💰 added the workflow_ref context to Trusted Publishing debug logging in #305, helping us diagnose misconfigurations faster. #313 also extends the smoke test in the CI to check against the maturin-made dists. Additionally, jeepney and secretstorage transitive deps have been added to the pip constraint-based lock file, as Dependabot seems to have missed those earlier.

🪞 Full Diff: pypa/gh-action-pypi-publish@v1.12.2...v1.12.3

🧔‍♂️ Release Manager: @​webknjaz 🇺🇦

🙏 Special Thanks to @​samuelcolvin💰 for nudging me to cut this release sooner and for sponsoring me via @​pydantic💰!

🔌 Shameless Plug: The other day I've made this 🦋 Bluesky 🇺🇦 FOSS Maintainers Starter Pack subscribe to read news from people like me :)

💬 Discuss on Bluesky 🦋, on Mastodon 🐘 and on GitHub.

v1.12.2

🐛 What's Fixed

The fix for signing legacy zip sdists turned out to be incomplete, so @​woodruffw💰 promptly produced another follow-up that updated pypi-attestations from v0.0.13 to v0.0.15 in #297. This is the only change since the previous release.

🪞 Full Diff: pypa/gh-action-pypi-publish@v1.12.1...v1.12.2

🧔‍♂️ Release Manager: @​webknjaz 🇺🇦

v1.12.1

🐛 What's Fixed

Version v1.12.0 hit several rare corner cases we never considered fully supported, and this release fixes a few of those. In #294, @​webknjaz💰 improved the self-hosted runner experience by pre-installing Python if it's not there, and with #293 the ability to use the action on GitHub Enterprise instances has been restored. The latter should've also fixed the ability to invoke pypi-publish from nested in-repo composite actions — another exotic use-case that was never tested in our CI.

... (truncated)

Commits

• 67339c7 📦 Only keep lower bounds @ input requirements
• cbd6d01 📝Fix a typo in "privileges" @ README
• 7252a9a 📝 Outline unsupported scenarios in README
• a536fa9 📌📦 Include jeepney & secretstorage pins
• 43caae4 💅📦 Split transitive dep constraints
• f371c3d Merge pull request #313 from webknjaz/maintenance/metadata-2.4
• 138a121 📌📦 Pin pkginfo to v1.12 @ runtime deps
• ff2b051 🧪 Add a Maturin-based package to CI
• 0a0a6ae 🧪 Allow CI to register multiple distributions
• e7723a4 Merge pull request #309 from trail-of-forks/ww/bumptwine
• Additional commits viewable in compare view

Updates codecov/codecov-action from 4.6.0 to 5.1.2

Release notes

Sourced from codecov/codecov-action's releases.

v5.1.2

What's Changed

• build(deps): bump github/codeql-action from 3.27.5 to 3.27.6 by @​dependabot in codecov/codecov-action#1717
• Remove mistake from options table by @​Acconut in codecov/codecov-action#1718
• build(deps): bump github/codeql-action from 3.27.6 to 3.27.9 by @​dependabot in codecov/codecov-action#1722
• Put quotes around ${{ inputs.token }} in action.yml by @​jwodder in codecov/codecov-action#1721
• chore(release): wrapper-0.0.31 by @​codecov-releaser-app in codecov/codecov-action#1723
• fix: prevent oidc on tokenless due to permissioning by @​thomasrockhu-codecov in codecov/codecov-action#1724
• fix: update action script by @​thomasrockhu-codecov in codecov/codecov-action#1725
• fix: update statment by @​thomasrockhu-codecov in codecov/codecov-action#1726
• chore(release): 5.1.2 by @​thomasrockhu-codecov in codecov/codecov-action#1727

New Contributors

• @​Acconut made their first contribution in codecov/codecov-action#1718

Full Changelog: codecov/codecov-action@v5.1.1...v5.1.2

v5.1.1

What's Changed

• chore(release): wrapper-0.0.30 by @​codecov-releaser-app in codecov/codecov-action#1715

Full Changelog: codecov/codecov-action@v5.1.0...v5.1.1

v5.1.0

What's Changed

• build(deps): bump github/codeql-action from 3.27.4 to 3.27.5 by @​dependabot in codecov/codecov-action#1701
• fix: hide unnecessary error on shasum by @​thomasrockhu-codecov in codecov/codecov-action#1692
• chore(release): wrapper-0.0.29 by @​codecov-releaser-app in codecov/codecov-action#1713
• chore(release): 5.1.0 by @​thomasrockhu-codecov in codecov/codecov-action#1714

Full Changelog: codecov/codecov-action@v5.0.7...v5.1.0

v5.0.7

What's Changed

• fix: use HEAD_REPO by @​thomasrockhu-codecov in codecov/codecov-action#1690
• chore(release): 5.0.7 by @​thomasrockhu-codecov in codecov/codecov-action#1691

Full Changelog: codecov/codecov-action@v5.0.6...v5.0.7

v5.0.6

What's Changed

• fix: update CODECOV_TOKEN and fix tokenless by @​thomasrockhu-codecov in codecov/codecov-action#1688
• chore(release): 5.0.6 by @​thomasrockhu-codecov in codecov/codecov-action#1689

Full Changelog: codecov/codecov-action@v5.0.5...v5.0.6

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

v5.1.2

What's Changed

• fix: update statment by @​thomasrockhu-codecov in codecov/codecov-action#1726
• fix: update action script by @​thomasrockhu-codecov in codecov/codecov-action#1725
• fix: prevent oidc on tokenless due to permissioning by @​thomasr...

  Description has been truncated