build(deps): bump codecov/codecov-action from 4.6.0 to 5.0.7 #3910
+1
−1
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.6.0 to 5.0.7. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@b9fd7d1...015f24e) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
dependabot
bot
deleted the
dependabot/github_actions/codecov/codecov-action-5.0.7
branch
Merged
create-app-token-action-releaser bot
pushed a commit
to actions/create-github-app-token
that referenced
this pull request
Jan 30, 2025
## [1.11.2](v1.11.1...v1.11.2) (2025-01-30) ### Bug Fixes * **deps:** bump @octokit/request from 9.1.3 to 9.1.4 in the production-dependencies group ([#196](#196)) ([b4192a5](b4192a5)), closes [#730](https://github.com/actions/create-github-app-token/issues/730) [#730](https://github.com/actions/create-github-app-token/issues/730) [#729](https://github.com/actions/create-github-app-token/issues/729) [#727](https://github.com/actions/create-github-app-token/issues/727) [#726](https://github.com/actions/create-github-app-token/issues/726) [#723](https://github.com/actions/create-github-app-token/issues/723) [#724](https://github.com/actions/create-github-app-token/issues/724) [#722](https://github.com/actions/create-github-app-token/issues/722) [#721](https://github.com/actions/create-github-app-token/issues/721) [#720](https://github.com/actions/create-github-app-token/issues/720) [#719](https://github.com/actions/create-github-app-token/issues/719) * **deps:** bump undici from 6.19.8 to 7.2.0 ([#198](#198)) ([29aa051](29aa051)), closes [nodejs/undici#3958](nodejs/undici#3958) [nodejs/undici#3955](nodejs/undici#3955) [nodejs/undici#3962](nodejs/undici#3962) [nodejs/undici#3921](nodejs/undici#3921) [nodejs/undici#3923](nodejs/undici#3923) [nodejs/undici#3925](nodejs/undici#3925) [nodejs/undici#3926](nodejs/undici#3926) [nodejs/undici#3924](nodejs/undici#3924) [nodejs/undici#3933](nodejs/undici#3933) [nodejs/undici#3916](nodejs/undici#3916) [nodejs/undici#3930](nodejs/undici#3930) [nodejs/undici#3938](nodejs/undici#3938) [#3937](https://github.com/actions/create-github-app-token/issues/3937) [nodejs/undici#3940](nodejs/undici#3940) [nodejs/undici#3931](nodejs/undici#3931) [nodejs/undici#3941](nodejs/undici#3941) [nodejs/undici#3911](nodejs/undici#3911) [nodejs/undici#3888](nodejs/undici#3888) [nodejs/undici#3939](nodejs/undici#3939) [nodejs/undici#3947](nodejs/undici#3947) [nodejs/undici#3945](nodejs/undici#3945) [nodejs/undici#3916](nodejs/undici#3916) [nodejs/undici#3893](nodejs/undici#3893) [nodejs/undici#3902](nodejs/undici#3902) [#3901](https://github.com/actions/create-github-app-token/issues/3901) [nodejs/undici#3903](nodejs/undici#3903) [nodejs/undici#3905](nodejs/undici#3905) [nodejs/undici#3900](nodejs/undici#3900) [nodejs/undici#3913](nodejs/undici#3913) [nodejs/undici#3910](nodejs/undici#3910) [nodejs/undici#3909](nodejs/undici#3909) [nodejs/undici#3906](nodejs/undici#3906) [nodejs/undici#3922](nodejs/undici#3922) [#3962](https://github.com/actions/create-github-app-token/issues/3962) [#3955](https://github.com/actions/create-github-app-token/issues/3955) [#3958](https://github.com/actions/create-github-app-token/issues/3958) [#3945](https://github.com/actions/create-github-app-token/issues/3945) [#3947](https://github.com/actions/create-github-app-token/issues/3947) [#3939](https://github.com/actions/create-github-app-token/issues/3939) [#3888](https://github.com/actions/create-github-app-token/issues/3888) [#3911](https://github.com/actions/create-github-app-token/issues/3911) [#3941](https://github.com/actions/create-github-app-token/issues/3941)
bloopy-boi bot
added a commit
to h3mmy/bloopyboi
that referenced
this pull request
Jan 31, 2025
…→ v1.11.2 ) (#459) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/create-github-app-token](https://redirect.github.com/actions/create-github-app-token) | action | patch | `v1.11.1` -> `v1.11.2` | --- ### Release Notes <details> <summary>actions/create-github-app-token (actions/create-github-app-token)</summary> ### [`v1.11.2`](https://redirect.github.com/actions/create-github-app-token/releases/tag/v1.11.2) [Compare Source](https://redirect.github.com/actions/create-github-app-token/compare/v1.11.1...v1.11.2) ##### Bug Fixes - **deps:** bump [@​octokit/request](https://redirect.github.com/octokit/request) from 9.1.3 to 9.1.4 in the production-dependencies group ([#​196](https://redirect.github.com/actions/create-github-app-token/issues/196)) ([b4192a5](https://redirect.github.com/actions/create-github-app-token/commit/b4192a5b3659c0e5875f868c44727ef4ecc5d579)), closes [#​730](https://redirect.github.com/actions/create-github-app-token/issues/730) [#​730](https://redirect.github.com/actions/create-github-app-token/issues/730) [#​729](https://redirect.github.com/actions/create-github-app-token/issues/729) [#​727](https://redirect.github.com/actions/create-github-app-token/issues/727) [#​726](https://redirect.github.com/actions/create-github-app-token/issues/726) [#​723](https://redirect.github.com/actions/create-github-app-token/issues/723) [#​724](https://redirect.github.com/actions/create-github-app-token/issues/724) [#​722](https://redirect.github.com/actions/create-github-app-token/issues/722) [#​721](https://redirect.github.com/actions/create-github-app-token/issues/721) [#​720](https://redirect.github.com/actions/create-github-app-token/issues/720) [#​719](https://redirect.github.com/actions/create-github-app-token/issues/719) - **deps:** bump undici from 6.19.8 to 7.2.0 ([#​198](https://redirect.github.com/actions/create-github-app-token/issues/198)) ([29aa051](https://redirect.github.com/actions/create-github-app-token/commit/29aa0514a79f3b4aa8b1547173a41455949e4bf6)), closes [nodejs/undici#3958](https://redirect.github.com/nodejs/undici/issues/3958) [nodejs/undici#3955](https://redirect.github.com/nodejs/undici/issues/3955) [nodejs/undici#3962](https://redirect.github.com/nodejs/undici/issues/3962) [nodejs/undici#3921](https://redirect.github.com/nodejs/undici/issues/3921) [nodejs/undici#3923](https://redirect.github.com/nodejs/undici/issues/3923) [nodejs/undici#3925](https://redirect.github.com/nodejs/undici/issues/3925) [nodejs/undici#3926](https://redirect.github.com/nodejs/undici/issues/3926) [nodejs/undici#3924](https://redirect.github.com/nodejs/undici/issues/3924) [nodejs/undici#3933](https://redirect.github.com/nodejs/undici/issues/3933) [nodejs/undici#3916](https://redirect.github.com/nodejs/undici/issues/3916) [nodejs/undici#3930](https://redirect.github.com/nodejs/undici/issues/3930) [nodejs/undici#3938](https://redirect.github.com/nodejs/undici/issues/3938) [#​3937](https://redirect.github.com/actions/create-github-app-token/issues/3937) [nodejs/undici#3940](https://redirect.github.com/nodejs/undici/issues/3940) [nodejs/undici#3931](https://redirect.github.com/nodejs/undici/issues/3931) [nodejs/undici#3941](https://redirect.github.com/nodejs/undici/issues/3941) [nodejs/undici#3911](https://redirect.github.com/nodejs/undici/issues/3911) [nodejs/undici#3888](https://redirect.github.com/nodejs/undici/issues/3888) [nodejs/undici#3939](https://redirect.github.com/nodejs/undici/issues/3939) [nodejs/undici#3947](https://redirect.github.com/nodejs/undici/issues/3947) [nodejs/undici#3945](https://redirect.github.com/nodejs/undici/issues/3945) [nodejs/undici#3916](https://redirect.github.com/nodejs/undici/issues/3916) [nodejs/undici#3893](https://redirect.github.com/nodejs/undici/issues/3893) [nodejs/undici#3902](https://redirect.github.com/nodejs/undici/issues/3902) [#​3901](https://redirect.github.com/actions/create-github-app-token/issues/3901) [nodejs/undici#3903](https://redirect.github.com/nodejs/undici/issues/3903) [nodejs/undici#3905](https://redirect.github.com/nodejs/undici/issues/3905) [nodejs/undici#3900](https://redirect.github.com/nodejs/undici/issues/3900) [nodejs/undici#3913](https://redirect.github.com/nodejs/undici/issues/3913) [nodejs/undici#3910](https://redirect.github.com/nodejs/undici/issues/3910) [nodejs/undici#3909](https://redirect.github.com/nodejs/undici/issues/3909) [nodejs/undici#3906](https://redirect.github.com/nodejs/undici/issues/3906) [nodejs/undici#3922](https://redirect.github.com/nodejs/undici/issues/3922) [#​3962](https://redirect.github.com/actions/create-github-app-token/issues/3962) [#​3955](https://redirect.github.com/actions/create-github-app-token/issues/3955) [#​3958](https://redirect.github.com/actions/create-github-app-token/issues/3958) [#​3945](https://redirect.github.com/actions/create-github-app-token/issues/3945) [#​3947](https://redirect.github.com/actions/create-github-app-token/issues/3947) [#​3939](https://redirect.github.com/actions/create-github-app-token/issues/3939) [#​3888](https://redirect.github.com/actions/create-github-app-token/issues/3888) [#​3911](https://redirect.github.com/actions/create-github-app-token/issues/3911) [#​3941](https://redirect.github.com/actions/create-github-app-token/issues/3941) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xNDYuMSIsInVwZGF0ZWRJblZlciI6IjM5LjE0Ni4xIiwidGFyZ2V0QnJhbmNoIjoiZGV2IiwibGFiZWxzIjpbInJlbm92YXRlL2dpdGh1Yi1hY3Rpb24iLCJyZW5vdmF0ZS9naXRodWItcmVsZWFzZSIsInR5cGUvcGF0Y2giXX0=--> Co-authored-by: bloopy-boi[bot] <98279278+bloopy-boi[bot]@users.noreply.github.com>
renovate bot
added a commit
to Hapag-Lloyd/Workflow-Templates
that referenced
this pull request
Feb 1, 2025
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://redirect.github.com/actions/checkout) | action | minor | `v4.1.1` -> `v4.2.2` | | [actions/create-github-app-token](https://redirect.github.com/actions/create-github-app-token) | action | patch | `v1.11.1` -> `v1.11.2` | | [actions/setup-java](https://redirect.github.com/actions/setup-java) | action | minor | `v4.6.0` -> `v4.7.0` | | [actions/setup-node](https://redirect.github.com/actions/setup-node) | action | minor | `v4.1.0` -> `v4.2.0` | | [actions/setup-python](https://redirect.github.com/actions/setup-python) | action | minor | `v4.7.1` -> `v4.8.0` | | [actions/stale](https://redirect.github.com/actions/stale) | action | minor | `v9.0.0` -> `v9.1.0` | | [actions/upload-artifact](https://redirect.github.com/actions/upload-artifact) | action | minor | `v4.5.0` -> `v4.6.0` | | [astral-sh/ruff-action](https://redirect.github.com/astral-sh/ruff-action) | action | minor | `v3.0.1` -> `v3.1.0` | | [aws-actions/configure-aws-credentials](https://redirect.github.com/aws-actions/configure-aws-credentials) | action | patch | `v4.0.2` -> `v4.0.3` | | [docker/build-push-action](https://redirect.github.com/docker/build-push-action) | action | minor | `v6.11.0` -> `v6.13.0` | | [github/codeql-action](https://redirect.github.com/github/codeql-action) | action | patch | `v3.28.0` -> `v3.28.8` | | [hoverkraft-tech/compose-action](https://redirect.github.com/hoverkraft-tech/compose-action) | action | minor | `v2.0.1` -> `v2.2.0` | | rhysd/actionlint | container | patch | `1.7.6` -> `1.7.7` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.2.2`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v422) [Compare Source](https://redirect.github.com/actions/checkout/compare/v4.2.1...v4.2.2) - `url-helper.ts` now leverages well-known environment variables by [@​jww3](https://redirect.github.com/jww3) in [https://github.com/actions/checkout/pull/1941](https://redirect.github.com/actions/checkout/pull/1941) - Expand unit test coverage for `isGhes` by [@​jww3](https://redirect.github.com/jww3) in [https://github.com/actions/checkout/pull/1946](https://redirect.github.com/actions/checkout/pull/1946) ### [`v4.2.1`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v421) [Compare Source](https://redirect.github.com/actions/checkout/compare/v4.2.0...v4.2.1) - Check out other refs/\* by commit if provided, fall back to ref by [@​orhantoy](https://redirect.github.com/orhantoy) in [https://github.com/actions/checkout/pull/1924](https://redirect.github.com/actions/checkout/pull/1924) ### [`v4.2.0`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v420) [Compare Source](https://redirect.github.com/actions/checkout/compare/v4.1.7...v4.2.0) - Add Ref and Commit outputs by [@​lucacome](https://redirect.github.com/lucacome) in [https://github.com/actions/checkout/pull/1180](https://redirect.github.com/actions/checkout/pull/1180) - Dependency updates by [@​dependabot-](https://redirect.github.com/dependabot-) [https://github.com/actions/checkout/pull/1777](https://redirect.github.com/actions/checkout/pull/1777), [https://github.com/actions/checkout/pull/1872](https://redirect.github.com/actions/checkout/pull/1872) ### [`v4.1.7`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v417) [Compare Source](https://redirect.github.com/actions/checkout/compare/v4.1.6...v4.1.7) - Bump the minor-npm-dependencies group across 1 directory with 4 updates by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/checkout/pull/1739](https://redirect.github.com/actions/checkout/pull/1739) - Bump actions/checkout from 3 to 4 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/checkout/pull/1697](https://redirect.github.com/actions/checkout/pull/1697) - Check out other refs/\* by commit by [@​orhantoy](https://redirect.github.com/orhantoy) in [https://github.com/actions/checkout/pull/1774](https://redirect.github.com/actions/checkout/pull/1774) - Pin actions/checkout's own workflows to a known, good, stable version. by [@​jww3](https://redirect.github.com/jww3) in [https://github.com/actions/checkout/pull/1776](https://redirect.github.com/actions/checkout/pull/1776) ### [`v4.1.6`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416) [Compare Source](https://redirect.github.com/actions/checkout/compare/v4.1.5...v4.1.6) - Check platform to set archive extension appropriately by [@​cory-miller](https://redirect.github.com/cory-miller) in [https://github.com/actions/checkout/pull/1732](https://redirect.github.com/actions/checkout/pull/1732) ### [`v4.1.5`](https://redirect.github.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://redirect.github.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@​cory-miller](https://redirect.github.com/cory-miller) in [https://github.com/actions/checkout/pull/1703](https://redirect.github.com/actions/checkout/pull/1703) - Bump github/codeql-action from 2 to 3 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/checkout/pull/1694](https://redirect.github.com/actions/checkout/pull/1694) - Bump actions/setup-node from 1 to 4 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/checkout/pull/1696](https://redirect.github.com/actions/checkout/pull/1696) - Bump actions/upload-artifact from 2 to 4 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/checkout/pull/1695](https://redirect.github.com/actions/checkout/pull/1695) - README: Suggest `user.email` to be `41898282+github-actions[bot]@​users.noreply.github.com` by [@​cory-miller](https://redirect.github.com/cory-miller) in [https://github.com/actions/checkout/pull/1707](https://redirect.github.com/actions/checkout/pull/1707) **Full Changelog**: actions/checkout@v4.1.4...v4.1.5 ### [`v4.1.4`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414) [Compare Source](https://redirect.github.com/actions/checkout/compare/v4.1.3...v4.1.4) - Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by [@​jww3](https://redirect.github.com/jww3) in [https://github.com/actions/checkout/pull/1692](https://redirect.github.com/actions/checkout/pull/1692) - Add dependabot config by [@​cory-miller](https://redirect.github.com/cory-miller) in [https://github.com/actions/checkout/pull/1688](https://redirect.github.com/actions/checkout/pull/1688) - Bump the minor-actions-dependencies group with 2 updates by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/checkout/pull/1693](https://redirect.github.com/actions/checkout/pull/1693) - Bump word-wrap from 1.2.3 to 1.2.5 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/checkout/pull/1643](https://redirect.github.com/actions/checkout/pull/1643) ### [`v4.1.3`](https://redirect.github.com/actions/checkout/releases/tag/v4.1.3) [Compare Source](https://redirect.github.com/actions/checkout/compare/v4.1.2...v4.1.3) #### What's Changed - Update `actions/checkout` version in `update-main-version.yml` by [@​jww3](https://redirect.github.com/jww3) in [https://github.com/actions/checkout/pull/1650](https://redirect.github.com/actions/checkout/pull/1650) - Check git version before attempting to disable `sparse-checkout` by [@​jww3](https://redirect.github.com/jww3) in [https://github.com/actions/checkout/pull/1656](https://redirect.github.com/actions/checkout/pull/1656) - Add SSH user parameter by [@​cory-miller](https://redirect.github.com/cory-miller) in [https://github.com/actions/checkout/pull/1685](https://redirect.github.com/actions/checkout/pull/1685) **Full Changelog**: actions/checkout@v4.1.2...v4.1.3 ### [`v4.1.2`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412) [Compare Source](https://redirect.github.com/actions/checkout/compare/v4.1.1...v4.1.2) - Fix: Disable sparse checkout whenever `sparse-checkout` option is not present [@​dscho](https://redirect.github.com/dscho) in [https://github.com/actions/checkout/pull/1598](https://redirect.github.com/actions/checkout/pull/1598) </details> <details> <summary>actions/create-github-app-token (actions/create-github-app-token)</summary> ### [`v1.11.2`](https://redirect.github.com/actions/create-github-app-token/releases/tag/v1.11.2) [Compare Source](https://redirect.github.com/actions/create-github-app-token/compare/v1.11.1...v1.11.2) ##### Bug Fixes - **deps:** bump [@​octokit/request](https://redirect.github.com/octokit/request) from 9.1.3 to 9.1.4 in the production-dependencies group ([#​196](https://redirect.github.com/actions/create-github-app-token/issues/196)) ([b4192a5](https://redirect.github.com/actions/create-github-app-token/commit/b4192a5b3659c0e5875f868c44727ef4ecc5d579)), closes [#​730](https://redirect.github.com/actions/create-github-app-token/issues/730) [#​730](https://redirect.github.com/actions/create-github-app-token/issues/730) [#​729](https://redirect.github.com/actions/create-github-app-token/issues/729) [#​727](https://redirect.github.com/actions/create-github-app-token/issues/727) [#​726](https://redirect.github.com/actions/create-github-app-token/issues/726) [#​723](https://redirect.github.com/actions/create-github-app-token/issues/723) [#​724](https://redirect.github.com/actions/create-github-app-token/issues/724) [#​722](https://redirect.github.com/actions/create-github-app-token/issues/722) [#​721](https://redirect.github.com/actions/create-github-app-token/issues/721) [#​720](https://redirect.github.com/actions/create-github-app-token/issues/720) [#​719](https://redirect.github.com/actions/create-github-app-token/issues/719) - **deps:** bump undici from 6.19.8 to 7.2.0 ([#​198](https://redirect.github.com/actions/create-github-app-token/issues/198)) ([29aa051](https://redirect.github.com/actions/create-github-app-token/commit/29aa0514a79f3b4aa8b1547173a41455949e4bf6)), closes [nodejs/undici#3958](https://redirect.github.com/nodejs/undici/issues/3958) [nodejs/undici#3955](https://redirect.github.com/nodejs/undici/issues/3955) [nodejs/undici#3962](https://redirect.github.com/nodejs/undici/issues/3962) [nodejs/undici#3921](https://redirect.github.com/nodejs/undici/issues/3921) [nodejs/undici#3923](https://redirect.github.com/nodejs/undici/issues/3923) [nodejs/undici#3925](https://redirect.github.com/nodejs/undici/issues/3925) [nodejs/undici#3926](https://redirect.github.com/nodejs/undici/issues/3926) [nodejs/undici#3924](https://redirect.github.com/nodejs/undici/issues/3924) [nodejs/undici#3933](https://redirect.github.com/nodejs/undici/issues/3933) [nodejs/undici#3916](https://redirect.github.com/nodejs/undici/issues/3916) [nodejs/undici#3930](https://redirect.github.com/nodejs/undici/issues/3930) [nodejs/undici#3938](https://redirect.github.com/nodejs/undici/issues/3938) [#​3937](https://redirect.github.com/actions/create-github-app-token/issues/3937) [nodejs/undici#3940](https://redirect.github.com/nodejs/undici/issues/3940) [nodejs/undici#3931](https://redirect.github.com/nodejs/undici/issues/3931) [nodejs/undici#3941](https://redirect.github.com/nodejs/undici/issues/3941) [nodejs/undici#3911](https://redirect.github.com/nodejs/undici/issues/3911) [nodejs/undici#3888](https://redirect.github.com/nodejs/undici/issues/3888) [nodejs/undici#3939](https://redirect.github.com/nodejs/undici/issues/3939) [nodejs/undici#3947](https://redirect.github.com/nodejs/undici/issues/3947) [nodejs/undici#3945](https://redirect.github.com/nodejs/undici/issues/3945) [nodejs/undici#3916](https://redirect.github.com/nodejs/undici/issues/3916) [nodejs/undici#3893](https://redirect.github.com/nodejs/undici/issues/3893) [nodejs/undici#3902](https://redirect.github.com/nodejs/undici/issues/3902) [#​3901](https://redirect.github.com/actions/create-github-app-token/issues/3901) [nodejs/undici#3903](https://redirect.github.com/nodejs/undici/issues/3903) [nodejs/undici#3905](https://redirect.github.com/nodejs/undici/issues/3905) [nodejs/undici#3900](https://redirect.github.com/nodejs/undici/issues/3900) [nodejs/undici#3913](https://redirect.github.com/nodejs/undici/issues/3913) [nodejs/undici#3910](https://redirect.github.com/nodejs/undici/issues/3910) [nodejs/undici#3909](https://redirect.github.com/nodejs/undici/issues/3909) [nodejs/undici#3906](https://redirect.github.com/nodejs/undici/issues/3906) [nodejs/undici#3922](https://redirect.github.com/nodejs/undici/issues/3922) [#​3962](https://redirect.github.com/actions/create-github-app-token/issues/3962) [#​3955](https://redirect.github.com/actions/create-github-app-token/issues/3955) [#​3958](https://redirect.github.com/actions/create-github-app-token/issues/3958) [#​3945](https://redirect.github.com/actions/create-github-app-token/issues/3945) [#​3947](https://redirect.github.com/actions/create-github-app-token/issues/3947) [#​3939](https://redirect.github.com/actions/create-github-app-token/issues/3939) [#​3888](https://redirect.github.com/actions/create-github-app-token/issues/3888) [#​3911](https://redirect.github.com/actions/create-github-app-token/issues/3911) [#​3941](https://redirect.github.com/actions/create-github-app-token/issues/3941) </details> <details> <summary>actions/setup-java (actions/setup-java)</summary> ### [`v4.7.0`](https://redirect.github.com/actions/setup-java/releases/tag/v4.7.0) [Compare Source](https://redirect.github.com/actions/setup-java/compare/v4.6.0...v4.7.0) ##### What's Changed - Configure Dependabot settings by [@​HarithaVattikuti](https://redirect.github.com/HarithaVattikuti) in [https://github.com/actions/setup-java/pull/722](https://redirect.github.com/actions/setup-java/pull/722) - README Update: Added a permissions section by [@​benwells](https://redirect.github.com/benwells) in [https://github.com/actions/setup-java/pull/723](https://redirect.github.com/actions/setup-java/pull/723) - Upgrade `cache` from version 3.2.4 to 4.0.0 by [@​aparnajyothi-y](https://redirect.github.com/aparnajyothi-y) in [https://github.com/actions/setup-java/pull/724](https://redirect.github.com/actions/setup-java/pull/724) - Upgrade `@actions/http-client` from 2.2.1 to 2.2.3 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/setup-java/pull/728](https://redirect.github.com/actions/setup-java/pull/728) - Upgrade `actions/publish-immutable-action` from 0.0.3 to 0.0.4 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/setup-java/pull/727](https://redirect.github.com/actions/setup-java/pull/727) - Upgrade `@types/jest` from 29.5.12 to 29.5.14 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/setup-java/pull/729](https://redirect.github.com/actions/setup-java/pull/729) ##### New Contributors - [@​benwells](https://redirect.github.com/benwells) made their first contribution in [https://github.com/actions/setup-java/pull/723](https://redirect.github.com/actions/setup-java/pull/723) **Full Changelog**: actions/setup-java@v4...v4.7.0 </details> <details> <summary>actions/setup-node (actions/setup-node)</summary> ### [`v4.2.0`](https://redirect.github.com/actions/setup-node/compare/v4.1.0...v4.2.0) [Compare Source](https://redirect.github.com/actions/setup-node/compare/v4.1.0...v4.2.0) </details> <details> <summary>actions/setup-python (actions/setup-python)</summary> ### [`v4.8.0`](https://redirect.github.com/actions/setup-python/releases/tag/v4.8.0) [Compare Source](https://redirect.github.com/actions/setup-python/compare/v4.7.1...v4.8.0) #### What's Changed In scope of this release we added support for GraalPy ([https://github.com/actions/setup-python/pull/694](https://redirect.github.com/actions/setup-python/pull/694)). You can use this snippet to set up GraalPy: ```yaml steps: - uses: actions/checkout@v4 - uses: actions/setup-python@v4 with: python-version: 'graalpy-22.3' - run: python my_script.py ``` Besides, the release contains such changes as: - Trim python version when reading from file by [@​FerranPares](https://redirect.github.com/FerranPares) in [https://github.com/actions/setup-python/pull/628](https://redirect.github.com/actions/setup-python/pull/628) - Use non-deprecated versions in examples by [@​jeffwidman](https://redirect.github.com/jeffwidman) in [https://github.com/actions/setup-python/pull/724](https://redirect.github.com/actions/setup-python/pull/724) - Change deprecation comment to past tense by [@​jeffwidman](https://redirect.github.com/jeffwidman) in [https://github.com/actions/setup-python/pull/723](https://redirect.github.com/actions/setup-python/pull/723) - Bump [@​babel/traverse](https://redirect.github.com/babel/traverse) from 7.9.0 to 7.23.2 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/setup-python/pull/743](https://redirect.github.com/actions/setup-python/pull/743) - advanced-usage.md: Encourage the use actions/checkout@v4 by [@​cclauss](https://redirect.github.com/cclauss) in [https://github.com/actions/setup-python/pull/729](https://redirect.github.com/actions/setup-python/pull/729) - Examples now use checkout@v4 by [@​simonw](https://redirect.github.com/simonw) in [https://github.com/actions/setup-python/pull/738](https://redirect.github.com/actions/setup-python/pull/738) - Update actions/checkout to v4 by [@​dmitry-shibanov](https://redirect.github.com/dmitry-shibanov) in [https://github.com/actions/setup-python/pull/761](https://redirect.github.com/actions/setup-python/pull/761) #### New Contributors - [@​FerranPares](https://redirect.github.com/FerranPares) made their first contribution in [https://github.com/actions/setup-python/pull/628](https://redirect.github.com/actions/setup-python/pull/628) - [@​timfel](https://redirect.github.com/timfel) made their first contribution in [https://github.com/actions/setup-python/pull/694](https://redirect.github.com/actions/setup-python/pull/694) - [@​jeffwidman](https://redirect.github.com/jeffwidman) made their first contribution in [https://github.com/actions/setup-python/pull/724](https://redirect.github.com/actions/setup-python/pull/724) **Full Changelog**: actions/setup-python@v4...v4.8.0 </details> <details> <summary>actions/stale (actions/stale)</summary> ### [`v9.1.0`](https://redirect.github.com/actions/stale/releases/tag/v9.1.0) [Compare Source](https://redirect.github.com/actions/stale/compare/v9.0.0...v9.1.0) #### What's Changed - Documentation update by [@​Marukome0743](https://redirect.github.com/Marukome0743) in [https://github.com/actions/stale/pull/1116](https://redirect.github.com/actions/stale/pull/1116) - Add workflow file for publishing releases to immutable action package by [@​Jcambass](https://redirect.github.com/Jcambass) in [https://github.com/actions/stale/pull/1179](https://redirect.github.com/actions/stale/pull/1179) - Update undici from 5.28.2 to 5.28.4 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/stale/pull/1150](https://redirect.github.com/actions/stale/pull/1150) - Update actions/checkout from 3 to 4 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/stale/pull/1091](https://redirect.github.com/actions/stale/pull/1091) - Update actions/publish-action from 0.2.2 to 0.3.0 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/stale/pull/1147](https://redirect.github.com/actions/stale/pull/1147) - Update ts-jest from 29.1.1 to 29.2.5 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/stale/pull/1175](https://redirect.github.com/actions/stale/pull/1175) - Update [@​actions/core](https://redirect.github.com/actions/core) from 1.10.1 to 1.11.1 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/stale/pull/1191](https://redirect.github.com/actions/stale/pull/1191) - Update [@​types/jest](https://redirect.github.com/types/jest) from 29.5.11 to 29.5.14 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/stale/pull/1193](https://redirect.github.com/actions/stale/pull/1193) - Update [@​actions/cache](https://redirect.github.com/actions/cache) from 3.2.2 to 4.0.0 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/stale/pull/1194](https://redirect.github.com/actions/stale/pull/1194) #### New Contributors - [@​Marukome0743](https://redirect.github.com/Marukome0743) made their first contribution in [https://github.com/actions/stale/pull/1116](https://redirect.github.com/actions/stale/pull/1116) - [@​Jcambass](https://redirect.github.com/Jcambass) made their first contribution in [https://github.com/actions/stale/pull/1179](https://redirect.github.com/actions/stale/pull/1179) **Full Changelog**: actions/stale@v9...v9.1.0 </details> <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v4.6.0`](https://redirect.github.com/actions/upload-artifact/releases/tag/v4.6.0) [Compare Source](https://redirect.github.com/actions/upload-artifact/compare/v4.5.0...v4.6.0) #### What's Changed - Expose env vars to control concurrency and timeout by [@​yacaovsnc](https://redirect.github.com/yacaovsnc) in [https://github.com/actions/upload-artifact/pull/662](https://redirect.github.com/actions/upload-artifact/pull/662) **Full Changelog**: actions/upload-artifact@v4...v4.6.0 </details> <details> <summary>astral-sh/ruff-action (astral-sh/ruff-action)</summary> ### [`v3.1.0`](https://redirect.github.com/astral-sh/ruff-action/releases/tag/v3.1.0): 🌈 Determine ruff version from optional or dependency groups [Compare Source](https://redirect.github.com/astral-sh/ruff-action/compare/v3.0.2...v3.1.0) #### Changes Big thank you to [@​AA-Turner](https://redirect.github.com/AA-Turner) for expanding the pyproject.toml parsing to also find the ruff version to use in the following scenarios: ```toml [dependency-groups] dev = [ { include-group = "docs" }, { include-group = "lint" }, ] docs = [ "sphinx", ] lint = [ "ruff==0.8.3", ] ``` ```toml [project.optional-dependencies] lint = [ "ruff==0.8.3", ] ``` #### 🚀 Enhancements - Read the `[project.optional-dependencies]` and `[dependency-groups]` tables [@​AA-Turner](https://redirect.github.com/AA-Turner) ([#​66](https://redirect.github.com/astral-sh/ruff-action/issues/66)) ### [`v3.0.2`](https://redirect.github.com/astral-sh/ruff-action/releases/tag/v3.0.2): 🌈 Full support for GHES [Compare Source](https://redirect.github.com/astral-sh/ruff-action/compare/v3.0.1...v3.0.2) #### Changes This release fixes some issues that prevented use with GitHub Enterprise Server instances. Parsing the ruff version from pyproject.toml now also uses a library that is fully TOML 1.0.0 compliant. #### 🐛 Bug fixes - Do not expect GITHUB_TOKEN to be set or valid [@​eifinger](https://redirect.github.com/eifinger) ([#​65](https://redirect.github.com/astral-sh/ruff-action/issues/65)) - Use TOML 1.0.0 compliant library for parsing [@​eifinger](https://redirect.github.com/eifinger) ([#​47](https://redirect.github.com/astral-sh/ruff-action/issues/47)) #### 🧰 Maintenance - Fix compiled known versions [@​eifinger](https://redirect.github.com/eifinger) ([#​62](https://redirect.github.com/astral-sh/ruff-action/issues/62)) - chore: update known checksums for 0.9.3 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​61](https://redirect.github.com/astral-sh/ruff-action/issues/61)) - chore: update known checksums for 0.9.1 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​42](https://redirect.github.com/astral-sh/ruff-action/issues/42)) #### 📚 Documentation - Fix Markdown link to Install the latest version [@​eifinger](https://redirect.github.com/eifinger) ([#​58](https://redirect.github.com/astral-sh/ruff-action/issues/58)) - update readme to v3 [@​cclauss](https://redirect.github.com/cclauss) ([#​35](https://redirect.github.com/astral-sh/ruff-action/issues/35)) #### ⬆️ Dependency updates - Bump [@​types/node](https://redirect.github.com/types/node) from 22.10.10 to 22.12.0 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​60](https://redirect.github.com/astral-sh/ruff-action/issues/60)) - Bump eifinger/actionlint-action from 1.9.0 to 1.9.1 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​59](https://redirect.github.com/astral-sh/ruff-action/issues/59)) - Bump typescript from 5.7.2 to 5.7.3 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​41](https://redirect.github.com/astral-sh/ruff-action/issues/41)) - Bump release-drafter/release-drafter from 6.0.0 to 6.1.0 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​50](https://redirect.github.com/astral-sh/ruff-action/issues/50)) - Bump [@​types/node](https://redirect.github.com/types/node) from 22.10.5 to 22.10.10 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​53](https://redirect.github.com/astral-sh/ruff-action/issues/53)) - Bump [@​types/node](https://redirect.github.com/types/node) from 22.10.2 to 22.10.5 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​38](https://redirect.github.com/astral-sh/ruff-action/issues/38)) - Bump eifinger/actionlint-action from 1.8.0 to 1.9.0 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​39](https://redirect.github.com/astral-sh/ruff-action/issues/39)) - Bump peter-evans/create-pull-request from 7.0.5 to 7.0.6 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​34](https://redirect.github.com/astral-sh/ruff-action/issues/34)) - Bump eifinger/actionlint-action to v1.8.0 [@​eifinger](https://redirect.github.com/eifinger) ([#​33](https://redirect.github.com/astral-sh/ruff-action/issues/33)) </details> <details> <summary>aws-actions/configure-aws-credentials (aws-actions/configure-aws-credentials)</summary> ### [`v4.0.3`](https://redirect.github.com/aws-actions/configure-aws-credentials/releases/tag/v4.0.3) [Compare Source](https://redirect.github.com/aws-actions/configure-aws-credentials/compare/v4.0.2...v4.0.3) ##### Features - added release-please action config ([0f88004](https://redirect.github.com/aws-actions/configure-aws-credentials/commit/0f88004d9c27e0bdbbc254b3f7c8053cb38f04d7)) ##### Bug Fixes - add id-token permission to automerge ([97834a4](https://redirect.github.com/aws-actions/configure-aws-credentials/commit/97834a484a5ab3c40fa9e2eb40fcf8041105a573)) - cpy syntax on npm package ([#​1195](https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1195)) ([83b5a56](https://redirect.github.com/aws-actions/configure-aws-credentials/commit/83b5a565471214aec459e234bef606339fe07111)) - force push packaged files to main ([bfd2185](https://redirect.github.com/aws-actions/configure-aws-credentials/commit/bfd218503eb87938c29603a551e19c6b594f5fe5)) ##### Miscellaneous Chores - release 4.0.3 ([ca00fd4](https://redirect.github.com/aws-actions/configure-aws-credentials/commit/ca00fd4d3842ad58c3c21ebfe69defa1f0e7bdc4)) </details> <details> <summary>docker/build-push-action (docker/build-push-action)</summary> ### [`v6.13.0`](https://redirect.github.com/docker/build-push-action/releases/tag/v6.13.0) [Compare Source](https://redirect.github.com/docker/build-push-action/compare/v6.12.0...v6.13.0) - Bump [@​docker/actions-toolkit](https://redirect.github.com/docker/actions-toolkit) from 0.51.0 to 0.53.0 in [https://github.com/docker/build-push-action/pull/1308](https://redirect.github.com/docker/build-push-action/pull/1308) **Full Changelog**: docker/build-push-action@v6.12.0...v6.13.0 ### [`v6.12.0`](https://redirect.github.com/docker/build-push-action/releases/tag/v6.12.0) [Compare Source](https://redirect.github.com/docker/build-push-action/compare/v6.11.0...v6.12.0) - Bump [@​docker/actions-toolkit](https://redirect.github.com/docker/actions-toolkit) from 0.49.0 to 0.51.0 in [https://github.com/docker/build-push-action/pull/1300](https://redirect.github.com/docker/build-push-action/pull/1300) **Full Changelog**: docker/build-push-action@v6.11.0...v6.12.0 </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.28.8`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.8) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.28.7...v3.28.8) ### CodeQL Action Changelog See the [releases page](https://redirect.github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. #### 3.28.8 - 29 Jan 2025 - Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. [#​2744](https://redirect.github.com/github/codeql-action/pull/2744) See the full [CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.8/CHANGELOG.md) for more information. ### [`v3.28.7`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.7) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.28.6...v3.28.7) ### CodeQL Action Changelog See the [releases page](https://redirect.github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. #### 3.28.7 - 29 Jan 2025 No user facing changes. See the full [CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.7/CHANGELOG.md) for more information. ### [`v3.28.6`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.6) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.28.5...v3.28.6) ### CodeQL Action Changelog See the [releases page](https://redirect.github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. #### 3.28.6 - 27 Jan 2025 - Re-enable debug artifact upload for CLI versions 2.20.3 or greater. [#​2726](https://redirect.github.com/github/codeql-action/pull/2726) See the full [CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.6/CHANGELOG.md) for more information. ### [`v3.28.5`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.5) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.28.4...v3.28.5) ### CodeQL Action Changelog See the [releases page](https://redirect.github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. #### 3.28.5 - 24 Jan 2025 - Update default CodeQL bundle version to 2.20.3. [#​2717](https://redirect.github.com/github/codeql-action/pull/2717) See the full [CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.5/CHANGELOG.md) for more information. ### [`v3.28.4`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.4) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.28.3...v3.28.4) ##### CodeQL Action Changelog See the [releases page](https://redirect.github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. ##### 3.28.4 - 23 Jan 2025 No user facing changes. See the full [CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.4/CHANGELOG.md) for more information. ### [`v3.28.3`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.3) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.28.2...v3.28.3) ##### CodeQL Action Changelog See the [releases page](https://redirect.github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. ##### 3.28.3 - 22 Jan 2025 - Update default CodeQL bundle version to 2.20.2. [#​2707](https://redirect.github.com/github/codeql-action/pull/2707) - Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the [CodeQL Action sync tool](https://redirect.github.com/github/codeql-action-sync-tool) and the Actions runner did not have Zstandard installed. [#​2710](https://redirect.github.com/github/codeql-action/pull/2710) - Uploading debug artifacts for CodeQL analysis is temporarily disabled. [#​2712](https://redirect.github.com/github/codeql-action/pull/2712) See the full [CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.3/CHANGELOG.md) for more information. ### [`v3.28.2`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.2) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.28.1...v3.28.2) ##### CodeQL Action Changelog See the [releases page](https://redirect.github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. ##### 3.28.2 - 21 Jan 2025 No user facing changes. See the full [CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.2/CHANGELOG.md) for more information. ### [`v3.28.1`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.1) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.28.0...v3.28.1) ##### CodeQL Action Changelog See the [releases page](https://redirect.github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. ##### 3.28.1 - 10 Jan 2025 - CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see [this changelog post](https://github.blog/changelog/2025-01-10-code-scanning-codeql-action-v2-is-now-deprecated/). [#​2677](https://redirect.github.com/github/codeql-action/pull/2677) - Update default CodeQL bundle version to 2.20.1. [#​2678](https://redirect.github.com/github/codeql-action/pull/2678) See the full [CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.1/CHANGELOG.md) for more information. </details> <details> <summary>hoverkraft-tech/compose-action (hoverkraft-tech/compose-action)</summary> ### [`v2.2.0`](https://redirect.github.com/hoverkraft-tech/compose-action/releases/tag/v2.2.0) [Compare Source](https://redirect.github.com/hoverkraft-tech/compose-action/compare/v2.1.0...v2.2.0) #### Release Summary This release introduces a new feature allowing users to specify Docker flags as an input, enhancing flexibility in Docker Compose operations. A bug fix ensures that Docker Compose output is now printed only in debug mode, reducing unnecessary log verbosity. Additionally, documentation has been updated to reflect the latest actions and workflows. Dependencies have been updated for GitHub Actions to maintain compatibility and security. No breaking changes were introduced in this release. #### What's Changed - chore(deps): bump the actions-dependencies group across 1 directory with 2 updates by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/107](https://redirect.github.com/hoverkraft-tech/compose-action/pull/107) - fix: print docker compose output to debug only by [@​neilime](https://redirect.github.com/neilime) in [https://github.com/hoverkraft-tech/compose-action/pull/118](https://redirect.github.com/hoverkraft-tech/compose-action/pull/118) - feat: add docker flags input by [@​neilime](https://redirect.github.com/neilime) in [https://github.com/hoverkraft-tech/compose-action/pull/115](https://redirect.github.com/hoverkraft-tech/compose-action/pull/115) - docs: update actions and workflows documentation by [@​hoverkraft-bot](https://redirect.github.com/hoverkraft-bot) in [https://github.com/hoverkraft-tech/compose-action/pull/121](https://redirect.github.com/hoverkraft-tech/compose-action/pull/121) - chore(deps): bump the github-actions-dependencies group with 2 updates by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/119](https://redirect.github.com/hoverkraft-tech/compose-action/pull/119) **Full Changelog**: hoverkraft-tech/compose-action@v2.1.0...v2.2.0 ### [`v2.1.0`](https://redirect.github.com/hoverkraft-tech/compose-action/releases/tag/v2.1.0) [Compare Source](https://redirect.github.com/hoverkraft-tech/compose-action/compare/v2.0.2...v2.1.0) ##### Release Summary This release introduces a new feature that supports specifying the Compose version, enhancing compatibility and usability. Documentation for actions and workflows has been updated, along with multiple dependency upgrades across npm and GitHub Actions to improve performance, security, and compatibility. Minor lint issues in documentation have been fixed to ensure compliance with standards. Development dependencies were updated extensively, including updates to `eslint-plugin-jsonc`, `eslint-plugin-github`, and other packages, ensuring a more robust development environment. No Breaking changes ##### What's Changed - chore(deps-dev): bump [@​vercel/ncc](https://redirect.github.com/vercel/ncc) from 0.38.1 to 0.38.2 in the npm-dev-dependencies group by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/88](https://redirect.github.com/hoverkraft-tech/compose-action/pull/88) - chore(deps): bump docker-compose from 0.24.8 to 1.1.0 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/90](https://redirect.github.com/hoverkraft-tech/compose-action/pull/90) - chore(deps): bump hoverkraft-tech/ci-github-nodejs from 0.6.0 to 0.7.0 in the github-actions-dependencies group by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/92](https://redirect.github.com/hoverkraft-tech/compose-action/pull/92) - feat: support compose version by [@​neilime](https://redirect.github.com/neilime) in [https://github.com/hoverkraft-tech/compose-action/pull/93](https://redirect.github.com/hoverkraft-tech/compose-action/pull/93) - docs: update actions and workflows documentation by [@​hoverkraft-bot](https://redirect.github.com/hoverkraft-bot) in [https://github.com/hoverkraft-tech/compose-action/pull/94](https://redirect.github.com/hoverkraft-tech/compose-action/pull/94) - chore(deps-dev): bump eslint-plugin-jsonc from 2.16.0 to 2.17.0 in the npm-dev-dependencies group by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/96](https://redirect.github.com/hoverkraft-tech/compose-action/pull/96) - chore(deps-dev): bump eslint-plugin-jsonc from 2.17.0 to 2.18.1 in the npm-dev-dependencies group by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/98](https://redirect.github.com/hoverkraft-tech/compose-action/pull/98) - chore(docs): fix lint issues by [@​neilime](https://redirect.github.com/neilime) in [https://github.com/hoverkraft-tech/compose-action/pull/100](https://redirect.github.com/hoverkraft-tech/compose-action/pull/100) - chore(deps-dev): bump the npm-dev-dependencies group with 3 updates by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/101](https://redirect.github.com/hoverkraft-tech/compose-action/pull/101) - chore(deps-dev): bump eslint-plugin-github from 5.1.1 to 5.1.3 in the npm-dev-dependencies group by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/102](https://redirect.github.com/hoverkraft-tech/compose-action/pull/102) - chore(deps-dev): bump eslint-plugin-github from 5.1.3 to 5.1.4 in the npm-dev-dependencies group by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/103](https://redirect.github.com/hoverkraft-tech/compose-action/pull/103) - chore(deps): bump hoverkraft-tech/ci-github-common from 0.15.0 to 0.16.0 in the github-actions-dependencies group by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/105](https://redirect.github.com/hoverkraft-tech/compose-action/pull/105) - chore(deps-dev): bump eslint-plugin-github from 5.1.4 to 5.1.5 in the npm-dev-dependencies group by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/106](https://redirect.github.com/hoverkraft-tech/compose-action/pull/106) - chore: move [@​ts-dev-tools](https://redirect.github.com/ts-dev-tools) to dev deps by [@​neilime](https://redirect.github.com/neilime) in [https://github.com/hoverkraft-tech/compose-action/pull/108](https://redirect.github.com/hoverkraft-tech/compose-action/pull/108) **Full Changelog**: hoverkraft-tech/compose-action@v2.0.2...v2.1.0 ### [`v2.0.2`](https://redirect.github.com/hoverkraft-tech/compose-action/releases/tag/v2.0.2) [Compare Source](https://redirect.github.com/hoverkraft-tech/compose-action/compare/v2.0.1...v2.0.2) ##### Release Summary This release introduces new tests for the `attach-dependencies` feature, along with support for absolute paths in the `compose-file` input. Documentation for actions and workflows has been updated, and several dependencies related to GitHub actions and npm development have been bumped to ensure better performance and stability. No breaking changes have been introduced. ##### What's Changed - ci: add test for attach-dependencies by [@​neilime](https://redirect.github.com/neilime) in [https://github.com/hoverkraft-tech/compose-action/pull/75](https://redirect.github.com/hoverkraft-tech/compose-action/pull/75) - chore(deps): bump hoverkraft-tech/ci-github-common from 0.13.2 to 0.13.3 in the github-actions-dependencies group by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/77](https://redirect.github.com/hoverkraft-tech/compose-action/pull/77) - docs: update actions and workflows documentation by [@​hoverkraft-bot](https://redirect.github.com/hoverkraft-bot) in [https://github.com/hoverkraft-tech/compose-action/pull/78](https://redirect.github.com/hoverkraft-tech/compose-action/pull/78) - chore(deps): bump hoverkraft-tech/ci-github-common from 0.13.3 to 0.14.0 in the github-actions-dependencies group by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/79](https://redirect.github.com/hoverkraft-tech/compose-action/pull/79) - chore(deps): bump hoverkraft-tech/ci-github-nodejs from 0.5.1 to 0.6.0 in the github-actions-dependencies group by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/80](https://redirect.github.com/hoverkraft-tech/compose-action/pull/80) - chore(deps-dev): bump eslint-plugin-github from 5.0.1 to 5.0.2 in the npm-dev-dependencies group by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/84](https://redirect.github.com/hoverkraft-tech/compose-action/pull/84) - fix: support absolute path for compose-file input by [@​neilime](https://redirect.github.com/neilime) in [https://github.com/hoverkraft-tech/compose-action/pull/85](https://redirect.github.com/hoverkraft-tech/compose-action/pull/85) - docs: update actions and workflows documentation by [@​hoverkraft-bot](https://redirect.github.com/hoverkraft-bot) in [https://github.com/hoverkraft-tech/compose-action/pull/86](https://redirect.github.com/hoverkraft-tech/compose-action/pull/86) - chore(deps): bump hoverkraft-tech/ci-github-common from 0.14.0 to 0.15.0 in the github-actions-dependencies group by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/hoverkraft-tech/compose-action/pull/87](https://redirect.github.com/hoverkraft-tech/compose-action/pull/87) **Full Changelog**: hoverkraft-tech/compose-action@v2.0.1...v2.0.2 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "* * 1 * *" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/Hapag-Lloyd/Workflow-Templates). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xNDUuMCIsInVwZGF0ZWRJblZlciI6IjM5LjE0NS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmN5Il19--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
komailo
pushed a commit
to komailo/helm-charts
that referenced
this pull request
Feb 2, 2025
…#84) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/create-github-app-token](https://redirect.github.com/actions/create-github-app-token) | action | patch | `v1.11.1` -> `v1.11.2` | --- ### Release Notes <details> <summary>actions/create-github-app-token (actions/create-github-app-token)</summary> ### [`v1.11.2`](https://redirect.github.com/actions/create-github-app-token/releases/tag/v1.11.2) [Compare Source](https://redirect.github.com/actions/create-github-app-token/compare/v1.11.1...v1.11.2) ##### Bug Fixes - **deps:** bump [@​octokit/request](https://redirect.github.com/octokit/request) from 9.1.3 to 9.1.4 in the production-dependencies group ([#​196](https://redirect.github.com/actions/create-github-app-token/issues/196)) ([b4192a5](https://redirect.github.com/actions/create-github-app-token/commit/b4192a5b3659c0e5875f868c44727ef4ecc5d579)), closes [#​730](https://redirect.github.com/actions/create-github-app-token/issues/730) [#​730](https://redirect.github.com/actions/create-github-app-token/issues/730) [#​729](https://redirect.github.com/actions/create-github-app-token/issues/729) [#​727](https://redirect.github.com/actions/create-github-app-token/issues/727) [#​726](https://redirect.github.com/actions/create-github-app-token/issues/726) [#​723](https://redirect.github.com/actions/create-github-app-token/issues/723) [#​724](https://redirect.github.com/actions/create-github-app-token/issues/724) [#​722](https://redirect.github.com/actions/create-github-app-token/issues/722) [#​721](https://redirect.github.com/actions/create-github-app-token/issues/721) [#​720](https://redirect.github.com/actions/create-github-app-token/issues/720) [#​719](https://redirect.github.com/actions/create-github-app-token/issues/719) - **deps:** bump undici from 6.19.8 to 7.2.0 ([#​198](https://redirect.github.com/actions/create-github-app-token/issues/198)) ([29aa051](https://redirect.github.com/actions/create-github-app-token/commit/29aa0514a79f3b4aa8b1547173a41455949e4bf6)), closes [nodejs/undici#3958](https://redirect.github.com/nodejs/undici/issues/3958) [nodejs/undici#3955](https://redirect.github.com/nodejs/undici/issues/3955) [nodejs/undici#3962](https://redirect.github.com/nodejs/undici/issues/3962) [nodejs/undici#3921](https://redirect.github.com/nodejs/undici/issues/3921) [nodejs/undici#3923](https://redirect.github.com/nodejs/undici/issues/3923) [nodejs/undici#3925](https://redirect.github.com/nodejs/undici/issues/3925) [nodejs/undici#3926](https://redirect.github.com/nodejs/undici/issues/3926) [nodejs/undici#3924](https://redirect.github.com/nodejs/undici/issues/3924) [nodejs/undici#3933](https://redirect.github.com/nodejs/undici/issues/3933) [nodejs/undici#3916](https://redirect.github.com/nodejs/undici/issues/3916) [nodejs/undici#3930](https://redirect.github.com/nodejs/undici/issues/3930) [nodejs/undici#3938](https://redirect.github.com/nodejs/undici/issues/3938) [#​3937](https://redirect.github.com/actions/create-github-app-token/issues/3937) [nodejs/undici#3940](https://redirect.github.com/nodejs/undici/issues/3940) [nodejs/undici#3931](https://redirect.github.com/nodejs/undici/issues/3931) [nodejs/undici#3941](https://redirect.github.com/nodejs/undici/issues/3941) [nodejs/undici#3911](https://redirect.github.com/nodejs/undici/issues/3911) [nodejs/undici#3888](https://redirect.github.com/nodejs/undici/issues/3888) [nodejs/undici#3939](https://redirect.github.com/nodejs/undici/issues/3939) [nodejs/undici#3947](https://redirect.github.com/nodejs/undici/issues/3947) [nodejs/undici#3945](https://redirect.github.com/nodejs/undici/issues/3945) [nodejs/undici#3916](https://redirect.github.com/nodejs/undici/issues/3916) [nodejs/undici#3893](https://redirect.github.com/nodejs/undici/issues/3893) [nodejs/undici#3902](https://redirect.github.com/nodejs/undici/issues/3902) [#​3901](https://redirect.github.com/actions/create-github-app-token/issues/3901) [nodejs/undici#3903](https://redirect.github.com/nodejs/undici/issues/3903) [nodejs/undici#3905](https://redirect.github.com/nodejs/undici/issues/3905) [nodejs/undici#3900](https://redirect.github.com/nodejs/undici/issues/3900) [nodejs/undici#3913](https://redirect.github.com/nodejs/undici/issues/3913) [nodejs/undici#3910](https://redirect.github.com/nodejs/undici/issues/3910) [nodejs/undici#3909](https://redirect.github.com/nodejs/undici/issues/3909) [nodejs/undici#3906](https://redirect.github.com/nodejs/undici/issues/3906) [nodejs/undici#3922](https://redirect.github.com/nodejs/undici/issues/3922) [#​3962](https://redirect.github.com/actions/create-github-app-token/issues/3962) [#​3955](https://redirect.github.com/actions/create-github-app-token/issues/3955) [#​3958](https://redirect.github.com/actions/create-github-app-token/issues/3958) [#​3945](https://redirect.github.com/actions/create-github-app-token/issues/3945) [#​3947](https://redirect.github.com/actions/create-github-app-token/issues/3947) [#​3939](https://redirect.github.com/actions/create-github-app-token/issues/3939) [#​3888](https://redirect.github.com/actions/create-github-app-token/issues/3888) [#​3911](https://redirect.github.com/actions/create-github-app-token/issues/3911) [#​3941](https://redirect.github.com/actions/create-github-app-token/issues/3941) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/komailo/helm-charts). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xNDUuMCIsInVwZGF0ZWRJblZlciI6IjM5LjE0NS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
renovate bot
added a commit
to ibis-project/ibis-substrait
that referenced
this pull request
Feb 8, 2025
…#1230) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/create-github-app-token](https://redirect.github.com/actions/create-github-app-token) | action | patch | `v1.11.0` -> `v1.11.3` | --- ### Release Notes <details> <summary>actions/create-github-app-token (actions/create-github-app-token)</summary> ### [`v1.11.3`](https://redirect.github.com/actions/create-github-app-token/compare/v1.11.2...v1.11.3) [Compare Source](https://redirect.github.com/actions/create-github-app-token/compare/v1.11.2...v1.11.3) ### [`v1.11.2`](https://redirect.github.com/actions/create-github-app-token/releases/tag/v1.11.2) [Compare Source](https://redirect.github.com/actions/create-github-app-token/compare/v1.11.1...v1.11.2) ##### Bug Fixes - **deps:** bump [@​octokit/request](https://redirect.github.com/octokit/request) from 9.1.3 to 9.1.4 in the production-dependencies group ([#​196](https://redirect.github.com/actions/create-github-app-token/issues/196)) ([b4192a5](https://redirect.github.com/actions/create-github-app-token/commit/b4192a5b3659c0e5875f868c44727ef4ecc5d579)), closes [#​730](https://redirect.github.com/actions/create-github-app-token/issues/730) [#​730](https://redirect.github.com/actions/create-github-app-token/issues/730) [#​729](https://redirect.github.com/actions/create-github-app-token/issues/729) [#​727](https://redirect.github.com/actions/create-github-app-token/issues/727) [#​726](https://redirect.github.com/actions/create-github-app-token/issues/726) [#​723](https://redirect.github.com/actions/create-github-app-token/issues/723) [#​724](https://redirect.github.com/actions/create-github-app-token/issues/724) [#​722](https://redirect.github.com/actions/create-github-app-token/issues/722) [#​721](https://redirect.github.com/actions/create-github-app-token/issues/721) [#​720](https://redirect.github.com/actions/create-github-app-token/issues/720) [#​719](https://redirect.github.com/actions/create-github-app-token/issues/719) - **deps:** bump undici from 6.19.8 to 7.2.0 ([#​198](https://redirect.github.com/actions/create-github-app-token/issues/198)) ([29aa051](https://redirect.github.com/actions/create-github-app-token/commit/29aa0514a79f3b4aa8b1547173a41455949e4bf6)), closes [nodejs/undici#3958](https://redirect.github.com/nodejs/undici/issues/3958) [nodejs/undici#3955](https://redirect.github.com/nodejs/undici/issues/3955) [nodejs/undici#3962](https://redirect.github.com/nodejs/undici/issues/3962) [nodejs/undici#3921](https://redirect.github.com/nodejs/undici/issues/3921) [nodejs/undici#3923](https://redirect.github.com/nodejs/undici/issues/3923) [nodejs/undici#3925](https://redirect.github.com/nodejs/undici/issues/3925) [nodejs/undici#3926](https://redirect.github.com/nodejs/undici/issues/3926) [nodejs/undici#3924](https://redirect.github.com/nodejs/undici/issues/3924) [nodejs/undici#3933](https://redirect.github.com/nodejs/undici/issues/3933) [nodejs/undici#3916](https://redirect.github.com/nodejs/undici/issues/3916) [nodejs/undici#3930](https://redirect.github.com/nodejs/undici/issues/3930) [nodejs/undici#3938](https://redirect.github.com/nodejs/undici/issues/3938) [#​3937](https://redirect.github.com/actions/create-github-app-token/issues/3937) [nodejs/undici#3940](https://redirect.github.com/nodejs/undici/issues/3940) [nodejs/undici#3931](https://redirect.github.com/nodejs/undici/issues/3931) [nodejs/undici#3941](https://redirect.github.com/nodejs/undici/issues/3941) [nodejs/undici#3911](https://redirect.github.com/nodejs/undici/issues/3911) [nodejs/undici#3888](https://redirect.github.com/nodejs/undici/issues/3888) [nodejs/undici#3939](https://redirect.github.com/nodejs/undici/issues/3939) [nodejs/undici#3947](https://redirect.github.com/nodejs/undici/issues/3947) [nodejs/undici#3945](https://redirect.github.com/nodejs/undici/issues/3945) [nodejs/undici#3916](https://redirect.github.com/nodejs/undici/issues/3916) [nodejs/undici#3893](https://redirect.github.com/nodejs/undici/issues/3893) [nodejs/undici#3902](https://redirect.github.com/nodejs/undici/issues/3902) [#​3901](https://redirect.github.com/actions/create-github-app-token/issues/3901) [nodejs/undici#3903](https://redirect.github.com/nodejs/undici/issues/3903) [nodejs/undici#3905](https://redirect.github.com/nodejs/undici/issues/3905) [nodejs/undici#3900](https://redirect.github.com/nodejs/undici/issues/3900) [nodejs/undici#3913](https://redirect.github.com/nodejs/undici/issues/3913) [nodejs/undici#3910](https://redirect.github.com/nodejs/undici/issues/3910) [nodejs/undici#3909](https://redirect.github.com/nodejs/undici/issues/3909) [nodejs/undici#3906](https://redirect.github.com/nodejs/undici/issues/3906) [nodejs/undici#3922](https://redirect.github.com/nodejs/undici/issues/3922) [#​3962](https://redirect.github.com/actions/create-github-app-token/issues/3962) [#​3955](https://redirect.github.com/actions/create-github-app-token/issues/3955) [#​3958](https://redirect.github.com/actions/create-github-app-token/issues/3958) [#​3945](https://redirect.github.com/actions/create-github-app-token/issues/3945) [#​3947](https://redirect.github.com/actions/create-github-app-token/issues/3947) [#​3939](https://redirect.github.com/actions/create-github-app-token/issues/3939) [#​3888](https://redirect.github.com/actions/create-github-app-token/issues/3888) [#​3911](https://redirect.github.com/actions/create-github-app-token/issues/3911) [#​3941](https://redirect.github.com/actions/create-github-app-token/issues/3941) ### [`v1.11.1`](https://redirect.github.com/actions/create-github-app-token/releases/tag/v1.11.1) [Compare Source](https://redirect.github.com/actions/create-github-app-token/compare/v1.11.0...v1.11.1) #### What's Changed ##### Bug Fixes - **deps:** bump the production-dependencies group across 1 directory with 3 updates by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/create-github-app-token/pull/193](https://redirect.github.com/actions/create-github-app-token/pull/193) **Full Changelog**: actions/create-github-app-token@v1.11.0...v1.11.1 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 5pm on friday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/ibis-project/ibis-substrait). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS43Mi41IiwidXBkYXRlZEluVmVyIjoiMzkuMTQ1LjAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Closed
zachariahmiller
pushed a commit
to defenseunicorns/maru-runner
that referenced
this pull request
Mar 14, 2025
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[actions/create-github-app-token](https://redirect.github.com/actions/create-github-app-token)
| action | patch | `v1.11.1` -> `v1.11.6` |
|
[actions/download-artifact](https://redirect.github.com/actions/download-artifact)
| action | patch | `v4.1.8` -> `v4.1.9` |
| [actions/setup-go](https://redirect.github.com/actions/setup-go) |
action | minor | `v5.2.0` -> `v5.3.0` |
| [actions/setup-node](https://redirect.github.com/actions/setup-node) |
action | minor | `v4.1.0` -> `v4.2.0` |
|
[actions/upload-artifact](https://redirect.github.com/actions/upload-artifact)
| action | patch | `v4.6.0` -> `v4.6.1` |
| [anchore/sbom-action](https://redirect.github.com/anchore/sbom-action)
| action | minor | `v0.17.9` -> `v0.18.0` |
|
[github/codeql-action](https://redirect.github.com/github/codeql-action)
| action | patch | `v3.28.1` -> `v3.28.11` |
|
[goreleaser/goreleaser-action](https://redirect.github.com/goreleaser/goreleaser-action)
| action | minor | `v6.1.0` -> `v6.2.1` |
|
[morphy/revive-action](https://redirect.github.com/morphy2k/revive-action)
| docker | digest | `793c4e8` -> `28eca8b` |
|
[ossf/scorecard-action](https://redirect.github.com/ossf/scorecard-action)
| action | patch | `v2.4.0` -> `v2.4.1` |
| [zarf-dev/zarf](https://redirect.github.com/zarf-dev/zarf) | | minor |
`v0.46.0` -> `v0.49.1` |
---
### Release Notes
<details>
<summary>actions/create-github-app-token
(actions/create-github-app-token)</summary>
###
[`v1.11.6`](https://redirect.github.com/actions/create-github-app-token/releases/tag/v1.11.6)
[Compare
Source](https://redirect.github.com/actions/create-github-app-token/compare/v1.11.5...v1.11.6)
##### Bug Fixes
- **deps:** bump the production-dependencies group with 2 updates
([#​210](https://redirect.github.com/actions/create-github-app-token/issues/210))
([1ff1dea](https://redirect.github.com/actions/create-github-app-token/commit/1ff1dea6a9d1de5b4795e5314291e04acc63c38b))
###
[`v1.11.5`](https://redirect.github.com/actions/create-github-app-token/releases/tag/v1.11.5)
[Compare
Source](https://redirect.github.com/actions/create-github-app-token/compare/v1.11.4...v1.11.5)
##### Bug Fixes
- **deps:** bump
[@​octokit/request](https://redirect.github.com/octokit/request)
from 9.2.0 to 9.2.2
([#​209](https://redirect.github.com/actions/create-github-app-token/issues/209))
([8cedd97](https://redirect.github.com/actions/create-github-app-token/commit/8cedd97af185a345311c6ff53158738940cfef67)),
closes
[#​740](https://redirect.github.com/actions/create-github-app-token/issues/740)
[#​738](https://redirect.github.com/actions/create-github-app-token/issues/738)
[#​740](https://redirect.github.com/actions/create-github-app-token/issues/740)
[#​737](https://redirect.github.com/actions/create-github-app-token/issues/737)
[#​738](https://redirect.github.com/actions/create-github-app-token/issues/738)
[#​736](https://redirect.github.com/actions/create-github-app-token/issues/736)
[#​735](https://redirect.github.com/actions/create-github-app-token/issues/735)
[#​734](https://redirect.github.com/actions/create-github-app-token/issues/734)
[#​733](https://redirect.github.com/actions/create-github-app-token/issues/733)
[#​732](https://redirect.github.com/actions/create-github-app-token/issues/732)
- **deps:** bump
[@​octokit/request-error](https://redirect.github.com/octokit/request-error)
from 6.1.6 to 6.1.7
([#​208](https://redirect.github.com/actions/create-github-app-token/issues/208))
([415f6a5](https://redirect.github.com/actions/create-github-app-token/commit/415f6a523daf7072d0ea81f3cdc20426287bd566)),
closes
[#​494](https://redirect.github.com/actions/create-github-app-token/issues/494)
[#​491](https://redirect.github.com/actions/create-github-app-token/issues/491)
[#​490](https://redirect.github.com/actions/create-github-app-token/issues/490)
[#​488](https://redirect.github.com/actions/create-github-app-token/issues/488)
[#​486](https://redirect.github.com/actions/create-github-app-token/issues/486)
[#​487](https://redirect.github.com/actions/create-github-app-token/issues/487)
[#​485](https://redirect.github.com/actions/create-github-app-token/issues/485)
[#​484](https://redirect.github.com/actions/create-github-app-token/issues/484)
###
[`v1.11.4`](https://redirect.github.com/actions/create-github-app-token/releases/tag/v1.11.4)
[Compare
Source](https://redirect.github.com/actions/create-github-app-token/compare/v1.11.3...v1.11.4)
##### Bug Fixes
- **deps:** bump
[@​octokit/endpoint](https://redirect.github.com/octokit/endpoint)
from 10.1.1 to 10.1.3
([#​207](https://redirect.github.com/actions/create-github-app-token/issues/207))
([d30def8](https://redirect.github.com/actions/create-github-app-token/commit/d30def842e4992ac18a35cd1108d776944ab7535)),
closes
[#​507](https://redirect.github.com/actions/create-github-app-token/issues/507)
[#​514](https://redirect.github.com/actions/create-github-app-token/issues/514)
[#​512](https://redirect.github.com/actions/create-github-app-token/issues/512)
[#​511](https://redirect.github.com/actions/create-github-app-token/issues/511)
[#​509](https://redirect.github.com/actions/create-github-app-token/issues/509)
[#​508](https://redirect.github.com/actions/create-github-app-token/issues/508)
[#​507](https://redirect.github.com/actions/create-github-app-token/issues/507)
[#​506](https://redirect.github.com/actions/create-github-app-token/issues/506)
[#​505](https://redirect.github.com/actions/create-github-app-token/issues/505)
[#​504](https://redirect.github.com/actions/create-github-app-token/issues/504)
###
[`v1.11.3`](https://redirect.github.com/actions/create-github-app-token/releases/tag/v1.11.3)
[Compare
Source](https://redirect.github.com/actions/create-github-app-token/compare/v1.11.2...v1.11.3)
##### Bug Fixes
- **deps:** bump the production-dependencies group with 3 updates
([#​203](https://redirect.github.com/actions/create-github-app-token/issues/203))
([8e85a3c](https://redirect.github.com/actions/create-github-app-token/commit/8e85a3cf1418b864b528ed9c756cd9c84932d442)),
closes
[#​665](https://redirect.github.com/actions/create-github-app-token/issues/665)
[#​665](https://redirect.github.com/actions/create-github-app-token/issues/665)
[#​663](https://redirect.github.com/actions/create-github-app-token/issues/663)
[#​662](https://redirect.github.com/actions/create-github-app-token/issues/662)
[#​661](https://redirect.github.com/actions/create-github-app-token/issues/661)
[#​659](https://redirect.github.com/actions/create-github-app-token/issues/659)
[#​660](https://redirect.github.com/actions/create-github-app-token/issues/660)
[#​658](https://redirect.github.com/actions/create-github-app-token/issues/658)
[#​656](https://redirect.github.com/actions/create-github-app-token/issues/656)
[#​657](https://redirect.github.com/actions/create-github-app-token/issues/657)
[#​655](https://redirect.github.com/actions/create-github-app-token/issues/655)
[#​731](https://redirect.github.com/actions/create-github-app-token/issues/731)
[nodejs/undici#4016](https://redirect.github.com/nodejs/undici/issues/4016)
[nodejs/undici#4017](https://redirect.github.com/nodejs/undici/issues/4017)
[nodejs/undici#4018](https://redirect.github.com/nodejs/undici/issues/4018)
[nodejs/undici#4008](https://redirect.github.com/nodejs/undici/issues/4008)
[nodejs/undici#3991](https://redirect.github.com/nodejs/undici/issues/3991)
[nodejs/undici#4001](https://redirect.github.com/nodejs/undici/issues/4001)
[nodejs/undici#3980](https://redirect.github.com/nodejs/undici/issues/3980)
[nodejs/undici#4003](https://redirect.github.com/nodejs/undici/issues/4003)
[nodejs/undici#3965](https://redirect.github.com/nodejs/undici/issues/3965)
[nodejs/undici#4002](https://redirect.github.com/nodejs/undici/issues/4002)
[nodejs/undici#4006](https://redirect.github.com/nodejs/undici/issues/4006)
[nodejs/undici#3956](https://redirect.github.com/nodejs/undici/issues/3956)
[nodejs/undici#3964](https://redirect.github.com/nodejs/undici/issues/3964)
[nodejs/undici#3447](https://redirect.github.com/nodejs/undici/issues/3447)
[#​3966](https://redirect.github.com/actions/create-github-app-token/issues/3966)
[nodejs/undici#3967](https://redirect.github.com/nodejs/undici/issues/3967)
[nodejs/undici#3971](https://redirect.github.com/nodejs/undici/issues/3971)
[nodejs/undici#3954](https://redirect.github.com/nodejs/undici/issues/3954)
[nodejs/undici#3972](https://redirect.github.com/nodejs/undici/issues/3972)
[nodejs/undici#3974](https://redirect.github.com/nodejs/undici/issues/3974)
[nodejs/undici#3976](https://redirect.github.com/nodejs/undici/issues/3976)
[#​3975](https://redirect.github.com/actions/create-github-app-token/issues/3975)
[nodejs/undici#3977](https://redirect.github.com/nodejs/undici/issues/3977)
[nodejs/undici#3978](https://redirect.github.com/nodejs/undici/issues/3978)
[nodejs/undici#3981](https://redirect.github.com/nodejs/undici/issues/3981)
[nodejs/undici#3983](https://redirect.github.com/nodejs/undici/issues/3983)
[nodejs/undici#3986](https://redirect.github.com/nodejs/undici/issues/3986)
[#​4021](https://redirect.github.com/actions/create-github-app-token/issues/4021)
[#​4018](https://redirect.github.com/actions/create-github-app-token/issues/4018)
[#​4017](https://redirect.github.com/actions/create-github-app-token/issues/4017)
[#​4016](https://redirect.github.com/actions/create-github-app-token/issues/4016)
[#​4008](https://redirect.github.com/actions/create-github-app-token/issues/4008)
[#​4007](https://redirect.github.com/actions/create-github-app-token/issues/4007)
[#​4006](https://redirect.github.com/actions/create-github-app-token/issues/4006)
[#​3965](https://redirect.github.com/actions/create-github-app-token/issues/3965)
###
[`v1.11.2`](https://redirect.github.com/actions/create-github-app-token/releases/tag/v1.11.2)
[Compare
Source](https://redirect.github.com/actions/create-github-app-token/compare/v1.11.1...v1.11.2)
##### Bug Fixes
- **deps:** bump
[@​octokit/request](https://redirect.github.com/octokit/request)
from 9.1.3 to 9.1.4 in the production-dependencies group
([#​196](https://redirect.github.com/actions/create-github-app-token/issues/196))
([b4192a5](https://redirect.github.com/actions/create-github-app-token/commit/b4192a5b3659c0e5875f868c44727ef4ecc5d579)),
closes
[#​730](https://redirect.github.com/actions/create-github-app-token/issues/730)
[#​730](https://redirect.github.com/actions/create-github-app-token/issues/730)
[#​729](https://redirect.github.com/actions/create-github-app-token/issues/729)
[#​727](https://redirect.github.com/actions/create-github-app-token/issues/727)
[#​726](https://redirect.github.com/actions/create-github-app-token/issues/726)
[#​723](https://redirect.github.com/actions/create-github-app-token/issues/723)
[#​724](https://redirect.github.com/actions/create-github-app-token/issues/724)
[#​722](https://redirect.github.com/actions/create-github-app-token/issues/722)
[#​721](https://redirect.github.com/actions/create-github-app-token/issues/721)
[#​720](https://redirect.github.com/actions/create-github-app-token/issues/720)
[#​719](https://redirect.github.com/actions/create-github-app-token/issues/719)
- **deps:** bump undici from 6.19.8 to 7.2.0
([#​198](https://redirect.github.com/actions/create-github-app-token/issues/198))
([29aa051](https://redirect.github.com/actions/create-github-app-token/commit/29aa0514a79f3b4aa8b1547173a41455949e4bf6)),
closes
[nodejs/undici#3958](https://redirect.github.com/nodejs/undici/issues/3958)
[nodejs/undici#3955](https://redirect.github.com/nodejs/undici/issues/3955)
[nodejs/undici#3962](https://redirect.github.com/nodejs/undici/issues/3962)
[nodejs/undici#3921](https://redirect.github.com/nodejs/undici/issues/3921)
[nodejs/undici#3923](https://redirect.github.com/nodejs/undici/issues/3923)
[nodejs/undici#3925](https://redirect.github.com/nodejs/undici/issues/3925)
[nodejs/undici#3926](https://redirect.github.com/nodejs/undici/issues/3926)
[nodejs/undici#3924](https://redirect.github.com/nodejs/undici/issues/3924)
[nodejs/undici#3933](https://redirect.github.com/nodejs/undici/issues/3933)
[nodejs/undici#3916](https://redirect.github.com/nodejs/undici/issues/3916)
[nodejs/undici#3930](https://redirect.github.com/nodejs/undici/issues/3930)
[nodejs/undici#3938](https://redirect.github.com/nodejs/undici/issues/3938)
[#​3937](https://redirect.github.com/actions/create-github-app-token/issues/3937)
[nodejs/undici#3940](https://redirect.github.com/nodejs/undici/issues/3940)
[nodejs/undici#3931](https://redirect.github.com/nodejs/undici/issues/3931)
[nodejs/undici#3941](https://redirect.github.com/nodejs/undici/issues/3941)
[nodejs/undici#3911](https://redirect.github.com/nodejs/undici/issues/3911)
[nodejs/undici#3888](https://redirect.github.com/nodejs/undici/issues/3888)
[nodejs/undici#3939](https://redirect.github.com/nodejs/undici/issues/3939)
[nodejs/undici#3947](https://redirect.github.com/nodejs/undici/issues/3947)
[nodejs/undici#3945](https://redirect.github.com/nodejs/undici/issues/3945)
[nodejs/undici#3916](https://redirect.github.com/nodejs/undici/issues/3916)
[nodejs/undici#3893](https://redirect.github.com/nodejs/undici/issues/3893)
[nodejs/undici#3902](https://redirect.github.com/nodejs/undici/issues/3902)
[#​3901](https://redirect.github.com/actions/create-github-app-token/issues/3901)
[nodejs/undici#3903](https://redirect.github.com/nodejs/undici/issues/3903)
[nodejs/undici#3905](https://redirect.github.com/nodejs/undici/issues/3905)
[nodejs/undici#3900](https://redirect.github.com/nodejs/undici/issues/3900)
[nodejs/undici#3913](https://redirect.github.com/nodejs/undici/issues/3913)
[nodejs/undici#3910](https://redirect.github.com/nodejs/undici/issues/3910)
[nodejs/undici#3909](https://redirect.github.com/nodejs/undici/issues/3909)
[nodejs/undici#3906](https://redirect.github.com/nodejs/undici/issues/3906)
[nodejs/undici#3922](https://redirect.github.com/nodejs/undici/issues/3922)
[#​3962](https://redirect.github.com/actions/create-github-app-token/issues/3962)
[#​3955](https://redirect.github.com/actions/create-github-app-token/issues/3955)
[#​3958](https://redirect.github.com/actions/create-github-app-token/issues/3958)
[#​3945](https://redirect.github.com/actions/create-github-app-token/issues/3945)
[#​3947](https://redirect.github.com/actions/create-github-app-token/issues/3947)
[#​3939](https://redirect.github.com/actions/create-github-app-token/issues/3939)
[#​3888](https://redirect.github.com/actions/create-github-app-token/issues/3888)
[#​3911](https://redirect.github.com/actions/create-github-app-token/issues/3911)
[#​3941](https://redirect.github.com/actions/create-github-app-token/issues/3941)
</details>
<details>
<summary>actions/download-artifact (actions/download-artifact)</summary>
###
[`v4.1.9`](https://redirect.github.com/actions/download-artifact/releases/tag/v4.1.9)
[Compare
Source](https://redirect.github.com/actions/download-artifact/compare/v4.1.8...v4.1.9)
#### What's Changed
- Add workflow file for publishing releases to immutable action package
by [@​Jcambass](https://redirect.github.com/Jcambass) in
[https://github.com/actions/download-artifact/pull/354](https://redirect.github.com/actions/download-artifact/pull/354)
- docs: small migration fix by
[@​froblesmartin](https://redirect.github.com/froblesmartin) in
[https://github.com/actions/download-artifact/pull/370](https://redirect.github.com/actions/download-artifact/pull/370)
- Update MIGRATION.md by
[@​andyfeller](https://redirect.github.com/andyfeller) in
[https://github.com/actions/download-artifact/pull/372](https://redirect.github.com/actions/download-artifact/pull/372)
- Update artifact package to 2.2.2 by
[@​yacaovsnc](https://redirect.github.com/yacaovsnc) in
[https://github.com/actions/download-artifact/pull/380](https://redirect.github.com/actions/download-artifact/pull/380)
#### New Contributors
- [@​Jcambass](https://redirect.github.com/Jcambass) made their
first contribution in
[https://github.com/actions/download-artifact/pull/354](https://redirect.github.com/actions/download-artifact/pull/354)
- [@​froblesmartin](https://redirect.github.com/froblesmartin)
made their first contribution in
[https://github.com/actions/download-artifact/pull/370](https://redirect.github.com/actions/download-artifact/pull/370)
- [@​andyfeller](https://redirect.github.com/andyfeller) made
their first contribution in
[https://github.com/actions/download-artifact/pull/372](https://redirect.github.com/actions/download-artifact/pull/372)
- [@​yacaovsnc](https://redirect.github.com/yacaovsnc) made their
first contribution in
[https://github.com/actions/download-artifact/pull/380](https://redirect.github.com/actions/download-artifact/pull/380)
**Full Changelog**:
https://github.com/actions/download-artifact/compare/v4...v4.1.9
</details>
<details>
<summary>actions/setup-go (actions/setup-go)</summary>
###
[`v5.3.0`](https://redirect.github.com/actions/setup-go/releases/tag/v5.3.0)
[Compare
Source](https://redirect.github.com/actions/setup-go/compare/v5.2.0...v5.3.0)
##### What's Changed
- Use the new cache service: upgrade `@actions/cache` to `^4.0.0` by
[@​Link-](https://redirect.github.com/Link-) in
[https://github.com/actions/setup-go/pull/531](https://redirect.github.com/actions/setup-go/pull/531)
- Configure Dependabot settings by
[@​HarithaVattikuti](https://redirect.github.com/HarithaVattikuti)
in
[https://github.com/actions/setup-go/pull/530](https://redirect.github.com/actions/setup-go/pull/530)
- Document update - permission section by
[@​HarithaVattikuti](https://redirect.github.com/HarithaVattikuti)
in
[https://github.com/actions/setup-go/pull/533](https://redirect.github.com/actions/setup-go/pull/533)
- Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/actions/setup-go/pull/534](https://redirect.github.com/actions/setup-go/pull/534)
##### New Contributors
- [@​Link-](https://redirect.github.com/Link-) made their first
contribution in
[https://github.com/actions/setup-go/pull/531](https://redirect.github.com/actions/setup-go/pull/531)
**Full Changelog**:
https://github.com/actions/setup-go/compare/v5...v5.3.0
</details>
<details>
<summary>actions/setup-node (actions/setup-node)</summary>
###
[`v4.2.0`](https://redirect.github.com/actions/setup-node/releases/tag/v4.2.0)
[Compare
Source](https://redirect.github.com/actions/setup-node/compare/v4.1.0...v4.2.0)
#### What's Changed
- Enhance workflows and upgrade publish-actions from 0.2.2 to 0.3.0 by
[@​aparnajyothi-y](https://redirect.github.com/aparnajyothi-y) in
[https://github.com/actions/setup-node/pull/1174](https://redirect.github.com/actions/setup-node/pull/1174)
- Add recommended permissions section to readme by
[@​benwells](https://redirect.github.com/benwells) in
[https://github.com/actions/setup-node/pull/1193](https://redirect.github.com/actions/setup-node/pull/1193)
- Configure Dependabot settings by
[@​HarithaVattikuti](https://redirect.github.com/HarithaVattikuti)
in
[https://github.com/actions/setup-node/pull/1192](https://redirect.github.com/actions/setup-node/pull/1192)
- Upgrade `@actions/cache` to `^4.0.0` by
[@​priyagupta108](https://redirect.github.com/priyagupta108) in
[https://github.com/actions/setup-node/pull/1191](https://redirect.github.com/actions/setup-node/pull/1191)
- Upgrade pnpm/action-setup from 2 to 4 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/actions/setup-node/pull/1194](https://redirect.github.com/actions/setup-node/pull/1194)
- Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/actions/setup-node/pull/1195](https://redirect.github.com/actions/setup-node/pull/1195)
- Upgrade semver from 7.6.0 to 7.6.3 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/actions/setup-node/pull/1196](https://redirect.github.com/actions/setup-node/pull/1196)
- Upgrade [@​types/jest](https://redirect.github.com/types/jest)
from 29.5.12 to 29.5.14 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/actions/setup-node/pull/1201](https://redirect.github.com/actions/setup-node/pull/1201)
- Upgrade undici from 5.28.4 to 5.28.5 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/actions/setup-node/pull/1205](https://redirect.github.com/actions/setup-node/pull/1205)
#### New Contributors
- [@​benwells](https://redirect.github.com/benwells) made their
first contribution in
[https://github.com/actions/setup-node/pull/1193](https://redirect.github.com/actions/setup-node/pull/1193)
**Full Changelog**:
https://github.com/actions/setup-node/compare/v4...v4.2.0
</details>
<details>
<summary>actions/upload-artifact (actions/upload-artifact)</summary>
###
[`v4.6.1`](https://redirect.github.com/actions/upload-artifact/releases/tag/v4.6.1)
[Compare
Source](https://redirect.github.com/actions/upload-artifact/compare/v4.6.0...v4.6.1)
#### What's Changed
- Update to use artifact 2.2.2 package by
[@​yacaovsnc](https://redirect.github.com/yacaovsnc) in
[https://github.com/actions/upload-artifact/pull/673](https://redirect.github.com/actions/upload-artifact/pull/673)
**Full Changelog**:
https://github.com/actions/upload-artifact/compare/v4...v4.6.1
</details>
<details>
<summary>anchore/sbom-action (anchore/sbom-action)</summary>
###
[`v0.18.0`](https://redirect.github.com/anchore/sbom-action/releases/tag/v0.18.0)
[Compare
Source](https://redirect.github.com/anchore/sbom-action/compare/v0.17.9...v0.18.0)
#### Changes in v0.18.0
- chore(deps): update Syft to v1.19.0
([#​513](https://redirect.github.com/anchore/sbom-action/issues/513))
- [See Syft changelog for latest
changes](https://redirect.github.com/anchore/syft/releases/tag/v1.19.0)
</details>
<details>
<summary>github/codeql-action (github/codeql-action)</summary>
###
[`v3.28.11`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.11)
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.28.10...v3.28.11)
##### CodeQL Action Changelog
See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.
##### 3.28.11 - 07 Mar 2025
- Update default CodeQL bundle version to 2.20.6.
[#​2793](https://redirect.github.com/github/codeql-action/pull/2793)
See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.11/CHANGELOG.md)
for more information.
###
[`v3.28.10`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.10)
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.28.9...v3.28.10)
##### CodeQL Action Changelog
See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.
##### 3.28.10 - 21 Feb 2025
- Update default CodeQL bundle version to 2.20.5.
[#​2772](https://redirect.github.com/github/codeql-action/pull/2772)
- Address an issue where the CodeQL Bundle would occasionally fail to
decompress on macOS.
[#​2768](https://redirect.github.com/github/codeql-action/pull/2768)
See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.10/CHANGELOG.md)
for more information.
###
[`v3.28.9`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.9)
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.28.8...v3.28.9)
##### CodeQL Action Changelog
See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.
##### 3.28.9 - 07 Feb 2025
- Update default CodeQL bundle version to 2.20.4.
[#​2753](https://redirect.github.com/github/codeql-action/pull/2753)
See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.9/CHANGELOG.md)
for more information.
###
[`v3.28.8`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.8)
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.28.7...v3.28.8)
### CodeQL Action Changelog
See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.
#### 3.28.8 - 29 Jan 2025
- Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3.
[#​2744](https://redirect.github.com/github/codeql-action/pull/2744)
See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.8/CHANGELOG.md)
for more information.
###
[`v3.28.7`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.7)
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.28.6...v3.28.7)
##### CodeQL Action Changelog
See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.
##### 3.28.7 - 29 Jan 2025
No user facing changes.
See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.7/CHANGELOG.md)
for more information.
###
[`v3.28.6`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.6)
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.28.5...v3.28.6)
##### CodeQL Action Changelog
See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.
##### 3.28.6 - 27 Jan 2025
- Re-enable debug artifact upload for CLI versions 2.20.3 or greater.
[#​2726](https://redirect.github.com/github/codeql-action/pull/2726)
See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.6/CHANGELOG.md)
for more information.
###
[`v3.28.5`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.5)
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.28.4...v3.28.5)
##### CodeQL Action Changelog
See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.
##### 3.28.5 - 24 Jan 2025
- Update default CodeQL bundle version to 2.20.3.
[#​2717](https://redirect.github.com/github/codeql-action/pull/2717)
See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.5/CHANGELOG.md)
for more information.
###
[`v3.28.4`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.4)
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.28.3...v3.28.4)
##### CodeQL Action Changelog
See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.
##### 3.28.4 - 23 Jan 2025
No user facing changes.
See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.4/CHANGELOG.md)
for more information.
###
[`v3.28.3`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.3)
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.28.2...v3.28.3)
##### CodeQL Action Changelog
See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.
##### 3.28.3 - 22 Jan 2025
- Update default CodeQL bundle version to 2.20.2.
[#​2707](https://redirect.github.com/github/codeql-action/pull/2707)
- Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise
Server instance which occurred when the CodeQL Bundle had been synced to
the instance using the [CodeQL Action sync
tool](https://redirect.github.com/github/codeql-action-sync-tool) and
the Actions runner did not have Zstandard installed.
[#​2710](https://redirect.github.com/github/codeql-action/pull/2710)
- Uploading debug artifacts for CodeQL analysis is temporarily disabled.
[#​2712](https://redirect.github.com/github/codeql-action/pull/2712)
See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.3/CHANGELOG.md)
for more information.
###
[`v3.28.2`](https://redirect.github.com/github/codeql-action/releases/tag/v3.28.2)
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.28.1...v3.28.2)
##### CodeQL Action Changelog
See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.
##### 3.28.2 - 21 Jan 2025
No user facing changes.
See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.28.2/CHANGELOG.md)
for more information.
</details>
<details>
<summary>goreleaser/goreleaser-action
(goreleaser/goreleaser-action)</summary>
###
[`v6.2.1`](https://redirect.github.com/goreleaser/goreleaser-action/releases/tag/v6.2.1)
[Compare
Source](https://redirect.github.com/goreleaser/goreleaser-action/compare/v6.2.0...v6.2.1)
#### What's Changed
This version of the actions adds support for GoReleaser Pro v2.7.0
versioning (which dropped the `-pro` suffix).
Older versions should work fine.
> \[!WARNING]
> This version is **required** for GoReleaser Pro v2.7.0+.
> Read more [here](https://goreleaser.com/blog/goreleaser-v2.7/).
**Full Changelog**:
https://github.com/goreleaser/goreleaser-action/compare/v6.2.0...v6.2.1
###
[`v6.2.0`](https://redirect.github.com/goreleaser/goreleaser-action/releases/tag/v6.2.0)
[Compare
Source](https://redirect.github.com/goreleaser/goreleaser-action/compare/v6.1.0...v6.2.0)
##### What's Changed
This version of the actions adds support for GoReleaser Pro v2.7.0
versioning (which dropped the `-pro` suffix).
Older versions should work fine.
> \[!WARNING]
> This version is **required** for GoReleaser Pro v2.7.0+.
> Read more [here](https://goreleaser.com/blog/goreleaser-v2.7/).
**Full Changelog**:
https://github.com/goreleaser/goreleaser-action/compare/v6.1.0...v6.2.0
</details>
<details>
<summary>ossf/scorecard-action (ossf/scorecard-action)</summary>
###
[`v2.4.1`](https://redirect.github.com/ossf/scorecard-action/releases/tag/v2.4.1)
[Compare
Source](https://redirect.github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.1)
#### What's Changed
- This update bumps the Scorecard version to the v5.1.1 release. For a
complete list of changes, please refer to the
[v5.1.0](https://redirect.github.com/ossf/scorecard/releases/tag/v5.1.0)
and
[v5.1.1](https://redirect.github.com/ossf/scorecard/releases/tag/v5.1.1)
release notes.
- Publishing results now uses half the API quota as before. The exact
savings depends on the repository in question.
- use Scorecard library entrypoint instead of Cobra hooking by
[@​spencerschrock](https://redirect.github.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1423](https://redirect.github.com/ossf/scorecard-action/pull/1423)
- Some errors were made into annotations to make them more visible
- Make default branch error more prominent by
[@​jsoref](https://redirect.github.com/jsoref) in
[https://github.com/ossf/scorecard-action/pull/1459](https://redirect.github.com/ossf/scorecard-action/pull/1459)
- There is now an optional `file_mode` input which controls how
repository files are fetched from GitHub. The default is `archive`, but
`git` produces the most accurate results for repositories with
`.gitattributes` files at the cost of analysis speed.
- add input for specifying `--file-mode` by
[@​spencerschrock](https://redirect.github.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1509](https://redirect.github.com/ossf/scorecard-action/pull/1509)
- The underlying container for the action is now [hosted on GitHub
Container
Registry](https://redirect.github.com/ossf/scorecard-action/pkgs/container/scorecard-action).
There should be no functional changes.
- :seedling: publish docker images to GitHub Container Registry by
[@​spencerschrock](https://redirect.github.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1453](https://redirect.github.com/ossf/scorecard-action/pull/1453)
##### Docs
- Installation docs update by
[@​JeremiahAHoward](https://redirect.github.com/JeremiahAHoward)
in
[https://github.com/ossf/scorecard-action/pull/1416](https://redirect.github.com/ossf/scorecard-action/pull/1416)
#### New Contributors
- [@​JeremiahAHoward](https://redirect.github.com/JeremiahAHoward)
made their first contribution in
[https://github.com/ossf/scorecard-action/pull/1416](https://redirect.github.com/ossf/scorecard-action/pull/1416)
- [@​jsoref](https://redirect.github.com/jsoref) made their first
contribution in
[https://github.com/ossf/scorecard-action/pull/1459](https://redirect.github.com/ossf/scorecard-action/pull/1459)
**Full Changelog**:
https://github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.1
</details>
<details>
<summary>zarf-dev/zarf (zarf-dev/zarf)</summary>
###
[`v0.49.1`](https://redirect.github.com/zarf-dev/zarf/releases/tag/v0.49.1)
[Compare
Source](https://redirect.github.com/zarf-dev/zarf/compare/v0.49.0...v0.49.1)
<!-- Release notes generated using configuration in .github/release.yml
at v0.49.1 -->
#### What's Changed
##### 🚀 Updates
- fix: allow absolute file paths on create by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3518](https://redirect.github.com/zarf-dev/zarf/pull/3518)
- fix: do not create SBOM for packages without SBOMable material by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3540](https://redirect.github.com/zarf-dev/zarf/pull/3540)
- 2335 docs best practices by
[@​brandtkeller](https://redirect.github.com/brandtkeller) in
[https://github.com/zarf-dev/zarf/pull/3551](https://redirect.github.com/zarf-dev/zarf/pull/3551)
- feat: add more logging to packager2.Pull by
[@​mkcp](https://redirect.github.com/mkcp) in
[https://github.com/zarf-dev/zarf/pull/3557](https://redirect.github.com/zarf-dev/zarf/pull/3557)
##### 📦 Dependencies
- chore(deps): bump the cosign-providers group across 1 directory with 3
updates by [@​dependabot](https://redirect.github.com/dependabot)
in
[https://github.com/zarf-dev/zarf/pull/3519](https://redirect.github.com/zarf-dev/zarf/pull/3519)
- chore(deps): bump github.com/fairwindsops/pluto/v5 from 5.21.1 to
5.21.3 by [@​dependabot](https://redirect.github.com/dependabot)
in
[https://github.com/zarf-dev/zarf/pull/3522](https://redirect.github.com/zarf-dev/zarf/pull/3522)
- chore(deps): bump github.com/prometheus/client_golang from 1.20.5 to
1.21.0 by [@​dependabot](https://redirect.github.com/dependabot)
in
[https://github.com/zarf-dev/zarf/pull/3521](https://redirect.github.com/zarf-dev/zarf/pull/3521)
- chore(deps): bump github.com/derailed/k9s from 0.40.3 to 0.40.5 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3520](https://redirect.github.com/zarf-dev/zarf/pull/3520)
- chore(deps): bump github/codeql-action from 3.28.9 to 3.28.10 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3537](https://redirect.github.com/zarf-dev/zarf/pull/3537)
- chore(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.1 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3538](https://redirect.github.com/zarf-dev/zarf/pull/3538)
- chore(deps): bump actions/upload-artifact from 4.6.0 to 4.6.1 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3539](https://redirect.github.com/zarf-dev/zarf/pull/3539)
- chore(deps): bump golang.org/x/crypto from 0.33.0 to 0.34.0 in the
golang group across 1 directory by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3534](https://redirect.github.com/zarf-dev/zarf/pull/3534)
- chore(deps): bump golang.org/x/crypto from 0.34.0 to 0.35.0 in the
golang group across 1 directory by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3542](https://redirect.github.com/zarf-dev/zarf/pull/3542)
- chore(deps): bump github.com/avast/retry-go/v4 from 4.6.0 to 4.6.1 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3543](https://redirect.github.com/zarf-dev/zarf/pull/3543)
- chore(deps): bump github.com/go-git/go-git/v5 from 5.13.2 to 5.14.0 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3550](https://redirect.github.com/zarf-dev/zarf/pull/3550)
- chore(deps): bump codecov/codecov-action from 5.3.1 to 5.4.0 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3547](https://redirect.github.com/zarf-dev/zarf/pull/3547)
- chore(deps): bump actions/create-github-app-token from 1.11.5 to
1.11.6 by [@​dependabot](https://redirect.github.com/dependabot)
in
[https://github.com/zarf-dev/zarf/pull/3555](https://redirect.github.com/zarf-dev/zarf/pull/3555)
- chore(deps): bump actions/download-artifact from 4.1.8 to 4.1.9 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3545](https://redirect.github.com/zarf-dev/zarf/pull/3545)
**Full Changelog**:
https://github.com/zarf-dev/zarf/compare/v0.49.0...v0.49.1
###
[`v0.49.0`](https://redirect.github.com/zarf-dev/zarf/releases/tag/v0.49.0)
[Compare
Source](https://redirect.github.com/zarf-dev/zarf/compare/v0.48.1...v0.49.0)
<!-- Release notes generated using configuration in .github/release.yml
at v0.49.0 -->
This release includes a number of project adjustments as well as fixes.
Breaking Changes
- Configuration file formats other than `yaml` and `toml` are being
deprecated
- See Proposed
[ZEP-0015](https://redirect.github.com/zarf-dev/proposals/pull/16) for
background on limitations driving this decision
- `zarf connect` default execution has a UX change
- The `--cli-only` flag has been removed - this behavior is now the
default
- Browsers can be automatically opened with the command using the
`--open` flag
The update to `zarf connect` is with consideration of zarf behaviors
defaulting to fully-encapsulated execution. As a general principle we
want zarf to have minimal dependency on external/system tooling by
default.
#### What's Changed
##### 🚀 Updates
- fix: pass insecure flag option to FindChartInAuthAndTLSRepoURL by
[@​willswire](https://redirect.github.com/willswire) in
[https://github.com/zarf-dev/zarf/pull/3477](https://redirect.github.com/zarf-dev/zarf/pull/3477)
- feat: improve skeleton package messaging by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3482](https://redirect.github.com/zarf-dev/zarf/pull/3482)
- fix: injector build process by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3479](https://redirect.github.com/zarf-dev/zarf/pull/3479)
- feat(connect): update default behavior to be cli-only by
[@​brandtkeller](https://redirect.github.com/brandtkeller) in
[https://github.com/zarf-dev/zarf/pull/3487](https://redirect.github.com/zarf-dev/zarf/pull/3487)
- chore(release): install cross before injector build by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3493](https://redirect.github.com/zarf-dev/zarf/pull/3493)
- fix: pulling not respecting "uncompressed" setting in metadata by
[@​a1994sc](https://redirect.github.com/a1994sc) in
[https://github.com/zarf-dev/zarf/pull/3472](https://redirect.github.com/zarf-dev/zarf/pull/3472)
- chore(docs): update meetups issue reference by
[@​brandtkeller](https://redirect.github.com/brandtkeller) in
[https://github.com/zarf-dev/zarf/pull/3502](https://redirect.github.com/zarf-dev/zarf/pull/3502)
- test: remove dependency on `make build-examples` in e2e tests by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3494](https://redirect.github.com/zarf-dev/zarf/pull/3494)
- fix: add check during image discovery to make sure images are valid by
[@​a1994sc](https://redirect.github.com/a1994sc) in
[https://github.com/zarf-dev/zarf/pull/3234](https://redirect.github.com/zarf-dev/zarf/pull/3234)
- Update TSC in CONTRIBUTING.md by
[@​mkcp](https://redirect.github.com/mkcp) in
[https://github.com/zarf-dev/zarf/pull/3496](https://redirect.github.com/zarf-dev/zarf/pull/3496)
- feat: deprecate config file types other than yaml and toml by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3517](https://redirect.github.com/zarf-dev/zarf/pull/3517)
##### 📦 Dependencies
- chore(deps): bump github.com/fluxcd/pkg/apis/meta from 1.9.0 to 1.10.0
by [@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3458](https://redirect.github.com/zarf-dev/zarf/pull/3458)
- chore(deps): bump github/codeql-action from 3.28.8 to 3.28.9 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3484](https://redirect.github.com/zarf-dev/zarf/pull/3484)
- chore(deps): bump golang.org/x/crypto from 0.32.0 to 0.33.0 in the
golang group across 1 directory by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3485](https://redirect.github.com/zarf-dev/zarf/pull/3485)
- chore(deps): bump golangci/golangci-lint-action from 6.3.0 to 6.3.1 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3483](https://redirect.github.com/zarf-dev/zarf/pull/3483)
- chore(deps): bump github.com/goccy/go-yaml from 1.15.17 to 1.15.19 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3486](https://redirect.github.com/zarf-dev/zarf/pull/3486)
- chore(deps): bump aws-actions/configure-aws-credentials from 4.0.3 to
4.1.0 by [@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3488](https://redirect.github.com/zarf-dev/zarf/pull/3488)
- chore(deps): bump golangci/golangci-lint-action from 6.3.1 to 6.3.2 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3489](https://redirect.github.com/zarf-dev/zarf/pull/3489)
- chore(deps): bump goreleaser/goreleaser-action from 6.1.0 to 6.2.1 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3490](https://redirect.github.com/zarf-dev/zarf/pull/3490)
- chore(deps): bump github.com/goccy/go-yaml from 1.15.19 to 1.15.20 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3492](https://redirect.github.com/zarf-dev/zarf/pull/3492)
- chore(deps): bump github.com/distribution/distribution/v3 from
3.0.0-rc.2 to 3.0.0-rc.3 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3491](https://redirect.github.com/zarf-dev/zarf/pull/3491)
- chore(deps): bump helm.sh/helm/v3 from 3.17.0 to 3.17.1 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3498](https://redirect.github.com/zarf-dev/zarf/pull/3498)
- chore(deps): bump the k8s group across 1 directory with 5 updates by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3503](https://redirect.github.com/zarf-dev/zarf/pull/3503)
- chore(deps): bump golangci/golangci-lint-action from 6.3.2 to 6.4.0 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3506](https://redirect.github.com/zarf-dev/zarf/pull/3506)
- chore(deps): bump github.com/goccy/go-yaml from 1.15.20 to 1.15.22 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3497](https://redirect.github.com/zarf-dev/zarf/pull/3497)
- chore(deps): bump github.com/fluxcd/source-controller/api from 1.4.1
to 1.5.0 by [@​dependabot](https://redirect.github.com/dependabot)
in
[https://github.com/zarf-dev/zarf/pull/3505](https://redirect.github.com/zarf-dev/zarf/pull/3505)
- chore(deps): bump the cosign-providers group across 1 directory with 3
updates by [@​dependabot](https://redirect.github.com/dependabot)
in
[https://github.com/zarf-dev/zarf/pull/3504](https://redirect.github.com/zarf-dev/zarf/pull/3504)
- chore(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3512](https://redirect.github.com/zarf-dev/zarf/pull/3512)
- chore(deps): bump sigs.k8s.io/controller-runtime from 0.20.1 to 0.20.2
by [@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3509](https://redirect.github.com/zarf-dev/zarf/pull/3509)
- chore(deps): bump github.com/goccy/go-yaml from 1.15.22 to 1.15.23 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3510](https://redirect.github.com/zarf-dev/zarf/pull/3510)
- chore(deps): bump github.com/derailed/k9s from 0.32.7 to 0.40.3 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3513](https://redirect.github.com/zarf-dev/zarf/pull/3513)
- chore(deps): bump actions/create-github-app-token from 1.11.3 to
1.11.5 by [@​dependabot](https://redirect.github.com/dependabot)
in
[https://github.com/zarf-dev/zarf/pull/3507](https://redirect.github.com/zarf-dev/zarf/pull/3507)
- chore(deps): bump golangci/golangci-lint-action from 6.4.0 to 6.5.0 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3508](https://redirect.github.com/zarf-dev/zarf/pull/3508)
**Full Changelog**:
https://github.com/zarf-dev/zarf/compare/v0.48.1...v0.49.0
###
[`v0.48.1`](https://redirect.github.com/zarf-dev/zarf/releases/tag/v0.48.1)
[Compare
Source](https://redirect.github.com/zarf-dev/zarf/compare/v0.48.0...v0.48.1)
<!-- Release notes generated using configuration in .github/release.yml
at v0.48.1 -->
#### What's Changed
##### 🚀 Updates
- feat: error when building a package with zero components by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3403](https://redirect.github.com/zarf-dev/zarf/pull/3403)
- chore(deps): group golang dependencies in dependabot by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3471](https://redirect.github.com/zarf-dev/zarf/pull/3471)
- test: delete e2e test for examples/package-flavors by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3463](https://redirect.github.com/zarf-dev/zarf/pull/3463)
- fix: avoid error when building package importing skeleton with remote
components by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3470](https://redirect.github.com/zarf-dev/zarf/pull/3470)
- fix: avoid incorrect cyclic error when two packages import each other
on separate component chains by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3460](https://redirect.github.com/zarf-dev/zarf/pull/3460)
##### 📦 Dependencies
- chore(deps): bump github.com/spf13/pflag from 1.0.5 to 1.0.6 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3450](https://redirect.github.com/zarf-dev/zarf/pull/3450)
- chore(deps): bump github/codeql-action from 3.28.6 to 3.28.8 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3451](https://redirect.github.com/zarf-dev/zarf/pull/3451)
- chore(deps): bump actions/create-github-app-token from 1.11.1 to
1.11.2 by [@​dependabot](https://redirect.github.com/dependabot)
in
[https://github.com/zarf-dev/zarf/pull/3456](https://redirect.github.com/zarf-dev/zarf/pull/3456)
- chore(deps): bump golang.org/x/term from 0.28.0 to 0.29.0 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3465](https://redirect.github.com/zarf-dev/zarf/pull/3465)
- chore(deps): bump actions/create-github-app-token from 1.11.2 to
1.11.3 by [@​dependabot](https://redirect.github.com/dependabot)
in
[https://github.com/zarf-dev/zarf/pull/3467](https://redirect.github.com/zarf-dev/zarf/pull/3467)
- chore(deps): bump golang.org/x/sync from 0.10.0 to 0.11.0 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3466](https://redirect.github.com/zarf-dev/zarf/pull/3466)
- chore(deps): bump golangci/golangci-lint-action from 6.2.0 to 6.3.0 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3468](https://redirect.github.com/zarf-dev/zarf/pull/3468)
- chore(deps): bump github.com/goccy/go-yaml from 1.15.15 to 1.15.17 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3462](https://redirect.github.com/zarf-dev/zarf/pull/3462)
**Full Changelog**:
https://github.com/zarf-dev/zarf/compare/v0.48.0...v0.48.1
###
[`v0.48.0`](https://redirect.github.com/zarf-dev/zarf/releases/tag/v0.48.0)
[Compare
Source](https://redirect.github.com/zarf-dev/zarf/compare/v0.47.0...v0.48.0)
<!-- Release notes generated using configuration in .github/release.yml
at v0.48.0 -->
#### What's Changed
##### 🚀 Updates
- test: avoid flake in test external by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3432](https://redirect.github.com/zarf-dev/zarf/pull/3432)
- fix: avoid errors when `--max-package-size` differs between create
runs by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3398](https://redirect.github.com/zarf-dev/zarf/pull/3398)
- fix: log correct size with units during image pull by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3440](https://redirect.github.com/zarf-dev/zarf/pull/3440)
- feat: introduce output format flag for `zarf tools get-creds` and
`zarf package list` by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3415](https://redirect.github.com/zarf-dev/zarf/pull/3415)
- feat: deprecate and replace `zarf package inspect` with child commands
`zarf package inspect definition|sbom|images` by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3416](https://redirect.github.com/zarf-dev/zarf/pull/3416)
- chore: separate code changes from dependency updates in release notes
by [@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3445](https://redirect.github.com/zarf-dev/zarf/pull/3445)
- fix: avoid false positives in import cycle detection by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3449](https://redirect.github.com/zarf-dev/zarf/pull/3449)
##### 📦 Dependencies
- chore(deps): bump codecov/codecov-action from 5.2.0 to 5.3.0 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3431](https://redirect.github.com/zarf-dev/zarf/pull/3431)
- chore(deps): bump sigs.k8s.io/controller-runtime from 0.20.0 to 0.20.1
by [@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3429](https://redirect.github.com/zarf-dev/zarf/pull/3429)
- chore(deps): bump github/codeql-action from 3.28.3 to 3.28.4 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3430](https://redirect.github.com/zarf-dev/zarf/pull/3430)
- chore(deps): bump codecov/codecov-action from 5.3.0 to 5.3.1 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3437](https://redirect.github.com/zarf-dev/zarf/pull/3437)
- chore(deps): bump github/codeql-action from 3.28.4 to 3.28.5 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3438](https://redirect.github.com/zarf-dev/zarf/pull/3438)
- chore(deps): bump actions/setup-node from 4.1.0 to 4.2.0 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3441](https://redirect.github.com/zarf-dev/zarf/pull/3441)
- chore(deps): bump github/codeql-action from 3.28.5 to 3.28.6 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3442](https://redirect.github.com/zarf-dev/zarf/pull/3442)
- chore(deps): bump aws-actions/configure-aws-credentials from 4.0.2 to
4.0.3 by [@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3443](https://redirect.github.com/zarf-dev/zarf/pull/3443)
- chore(deps): bump github.com/agnivade/levenshtein from 1.2.0 to 1.2.1
by [@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3447](https://redirect.github.com/zarf-dev/zarf/pull/3447)
**Full Changelog**:
https://github.com/zarf-dev/zarf/compare/v0.47.0...v0.48.0
###
[`v0.47.0`](https://redirect.github.com/zarf-dev/zarf/releases/tag/v0.47.0)
[Compare
Source](https://redirect.github.com/zarf-dev/zarf/compare/v0.46.0...v0.47.0)
#### Highlights:
##### Breaking
- Zarf's Commands have been unexported in favor of cmd.NewZarfCommand()
for users embedding Zarf in their CLI applications.
##### UX
- The logging overhaul is out of beta and now fully released.
--log-format="legacy" will be available for at least the next two minor
releases for a smooth upgrade path.
- zarf package create's build scroll has been simplified and Yaml
inspection has been migrated to a first class command zarf dev inspect
{definition} ([dev
inspect](https://redirect.github.com/zarf-dev/proposals/blob/main/0008-rework-inspect/README.md)
feature requests welcome!).
#### What's Changed
- chore(deps): bump the cosign-providers group across 1 directory with 4
updates by [@​dependabot](https://redirect.github.com/dependabot)
in
[https://github.com/zarf-dev/zarf/pull/3390](https://redirect.github.com/zarf-dev/zarf/pull/3390)
- chore(deps): bump actions/upload-artifact from 4.5.0 to 4.6.0 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3391](https://redirect.github.com/zarf-dev/zarf/pull/3391)
- chore(deps): bump github/codeql-action from 3.28.0 to 3.28.1 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3395](https://redirect.github.com/zarf-dev/zarf/pull/3395)
- chore(deps): bump github.com/go-git/go-billy/v5 from 5.6.1 to 5.6.2 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3394](https://redirect.github.com/zarf-dev/zarf/pull/3394)
- chore(deps): bump github.com/mikefarah/yq/v4 from 4.44.6 to 4.45.1 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3393](https://redirect.github.com/zarf-dev/zarf/pull/3393)
- refactor: normal creator by
[@​phillebaba](https://redirect.github.com/phillebaba) in
[https://github.com/zarf-dev/zarf/pull/3114](https://redirect.github.com/zarf-dev/zarf/pull/3114)
- fix: remove empty directory in package tars by
[@​AustinAbro321](https://redirect.github.com/AustinAbro321) in
[https://github.com/zarf-dev/zarf/pull/3396](https://redirect.github.com/zarf-dev/zarf/pull/3396)
- chore(deps): bump sigs.k8s.io/kustomize/api from 0.18.0 to 0.19.0 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3405](https://redirect.github.com/zarf-dev/zarf/pull/3405)
- chore(deps): bump helm.sh/helm/v3 from 3.16.4 to 3.17.0 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3407](https://redirect.github.com/zarf-dev/zarf/pull/3407)
- chore(deps): bump github.com/google/go-containerregistry from 0.20.2
to 0.20.3 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3406](https://redirect.github.com/zarf-dev/zarf/pull/3406)
- chore(deps): bump the k8s group across 1 directory with 5 updates by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3409](https://redirect.github.com/zarf-dev/zarf/pull/3409)
- chore(deps): bump github.com/goccy/go-yaml from 1.15.13 to 1.15.14 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3410](https://redirect.github.com/zarf-dev/zarf/pull/3410)
- chore(deps): bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 by
[@​dependabot](https://redirect.github.com/dependabot) in
[https://github.com/zarf-dev/zarf/pull/3412](https://redirect.github.com/zarf
</details>
---
### Configuration
📅 **Schedule**: Branch creation - "after 12pm every weekday,before 11am
every weekday" in timezone America/New_York, Automerge - At any time (no
schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.
---
- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/defenseunicorns/maru-runner).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xMDcuMCIsInVwZGF0ZWRJblZlciI6IjM5LjIwMC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJzdXBwb3J0LWRlcHMiXX0=-->
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps codecov/codecov-action from 4.6.0 to 5.0.7.
Release notes
Sourced from codecov/codecov-action's releases.
... (truncated)
Changelog
Sourced from codecov/codecov-action's changelog.
... (truncated)
Commits
015f24echore(release): 5.0.7 (#1691)a76271dfix: use HEAD_REPO (#1690)d168679chore(release): 5.0.6 (#1689)373fd71fix: update CODECOV_TOKEN and fix tokenless (#1688)288befbchore(release): 5.0.5 (#1686)7e69d37chore(release): wrapper-0.0.27 (#1685)985343dchore(release): 5.0.4 (#1682)31d1900chore(deps): bump wrapper to 0.0.26 (#1681)095cfe0fix: strip out a trailing /n from input tokens (#1679)b542d5afix: add action version (#1678)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)