⬆️ (deps-ghaction): Bump the github-actions group across 1 directory with 14 updates #63

dependabot · 2024-06-24T13:28:43Z

Bumps the github-actions group with 14 updates in the / directory:

Package	From	To
step-security/harden-runner	`2.7.0`	`2.8.1`
actions/checkout	`4.1.2`	`4.1.7`
actions/setup-go	`5.0.0`	`5.0.1`
github/codeql-action	`3.24.8`	`3.25.10`
actions/dependency-review-action	`4.2.3`	`4.3.3`
reviewdog/action-tflint	`1.22.0`	`1.23.0`
reviewdog/action-trivy	`1.4.0`	`1.9.0`
reviewdog/action-golangci-lint	`2.6.1`	`2.6.2`
reviewdog/action-misspell	`1.16.0`	`1.21.0`
reviewdog/action-alex	`1.7.0`	`1.11.0`
reviewdog/action-markdownlint	`0.14.0`	`0.22.0`
reviewdog/action-actionlint	`1.43.0`	`1.51.0`
ossf/scorecard-action	`2.3.1`	`2.3.3`
actions/upload-artifact	`4.3.1`	`4.3.3`

Updates step-security/harden-runner from 2.7.0 to 2.8.1

Release notes

Sourced from step-security/harden-runner's releases.

v2.8.1

What's Changed

Bug fix: Update isGitHubHosted implementation by @varunsh-coder in step-security/harden-runner#425 The previous implementation incorrectly identified large GitHub-hosted runners as self-hosted runners. As a result, harden-runner was not executing on these large GitHub-hosted runners.

Full Changelog: step-security/harden-runner@v2...v2.8.1

v2.8.0

What's Changed

Release v2.8.0 by @h0x0er and @varunsh-coder in step-security/harden-runner#416 This release includes:

File Monitoring Enhancements: Adds the capability to view the name and path of every file written during the build process.

Process Tracking Enhancements: Adds the capability to view process names and arguments of processes run during the build process.

These enhancements are based on insights from the XZ Utils incident, aimed at improving observability and detections during the build process.

Full Changelog: step-security/harden-runner@v2...v2.8.0

v2.7.1

What's Changed

Release v2.7.1 by @varunsh-coder, @h0x0er, @ashishkurmi in step-security/harden-runner#397 This release:

Improves the capability to inspect outbound HTTPS traffic on GitHub-hosted and self-hosted VM runners

Updates README to add link to case study video on how Harden-Runner detected a supply chain attack on a Google open-source project

Addresses minor bugs

Full Changelog: step-security/harden-runner@v2.7.0...v2.7.1

Commits

17d0e2b Merge pull request #425 from step-security/rc-9
bb112d0 Update isGitHubHosted implementation
f4f3f44 Merge pull request #407 from step-security/dependabot/github_actions/actions/...
7a946b5 Bump actions/dependency-review-action from 3.1.3 to 4.3.2
75a01c2 Merge pull request #417 from step-security/dependabot/github_actions/step-sec...
53413f1 Bump step-security/harden-runner from 2.7.1 to 2.8.0
f086349 Merge pull request #416 from step-security/rc-8
b9c325d Update image
808a771 Add info about file and process events
7171429 Update agent
Additional commits viewable in compare view

Updates actions/checkout from 4.1.2 to 4.1.7

Release notes

Sourced from actions/checkout's releases.

v4.1.7

What's Changed

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

New Contributors

@orhantoy made their first contribution in actions/checkout#1774

Full Changelog: actions/checkout@v4.1.6...v4.1.7

v4.1.6

What's Changed

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

Update for 4.1.6 release by @cory-miller in actions/checkout#1733

Full Changelog: actions/checkout@v4.1.5...v4.1.6

v4.1.5

What's Changed

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

Full Changelog: actions/checkout@v4.1.4...v4.1.5

v4.1.4

What's Changed

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Full Changelog: actions/checkout@v4.1.3...v4.1.4

v4.1.3

What's Changed

Update actions/checkout version in update-main-version.yml by @jww3 in actions/checkout#1650

Check git version before attempting to disable sparse-checkout by @jww3 in actions/checkout#1656

Add SSH user parameter by @cory-miller in actions/checkout#1685

Full Changelog: actions/checkout@v4.1.2...v4.1.3

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

v4.1.5

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

v4.1.4

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

v4.1.3

Check git version before attempting to disable sparse-checkout by @jww3 in actions/checkout#1656

Add SSH user parameter by @cory-miller in actions/checkout#1685

Update actions/checkout version in update-main-version.yml by @jww3 in actions/checkout#1650

v4.1.2

Fix: Disable sparse checkout whenever sparse-checkout option is not present @dscho in actions/checkout#1598

v4.1.1

Correct link to GitHub Docs by @peterbe in actions/checkout#1511

Link to release page from what's new section by @cory-miller in actions/checkout#1514

v4.1.0

Add support for partial checkout filters

v4.0.0

Support fetching without the --progress option

Update to node20

v3.6.0

Fix: Mark test scripts with Bash'isms to be run via Bash

Add option to fetch tags even if fetch-depth > 0

v3.5.3

Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in

Fix typos found by codespell

... (truncated)

Commits

692973e Prepare 4.1.7 release (#1775)
6ccd57f Pin actions/checkout's own workflows to a known, good, stable version. (#1776)
b17fe1e Handle hidden refs (#1774)
b80ff79 Bump actions/checkout from 3 to 4 (#1697)
b1ec302 Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1739)
a5ac7e5 Update for 4.1.6 release (#1733)
24ed1a3 Check platform for extension (#1732)
44c2b7a README: Suggest user.email to be `41898282+github-actions[bot]@users.norepl...
8459bc0 Bump actions/upload-artifact from 2 to 4 (#1695)
3f603f6 Bump actions/setup-node from 1 to 4 (#1696)
Additional commits viewable in compare view

Updates actions/setup-go from 5.0.0 to 5.0.1

Release notes

Sourced from actions/setup-go's releases.

v5.0.1

What's Changed

Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by @dependabot , @HarithaVattikuti in actions/setup-go#465

Update documentation with latest V5 release notes by @ab in actions/setup-go#459

Update version documentation by @178inaba in actions/setup-go#458

Documentation update of actions/setup-go to v5 by @chenrui333 in actions/setup-go#449

New Contributors

@ab made their first contribution in actions/setup-go#459

Full Changelog: actions/setup-go@v5.0.0...v5.0.1

Commits

cdcb360 Remove the description of the old go.mod specification (#458)
99176a8 Update README.md with V5 release notes (#459)
be1aa11 Bump undici from 5.28.2 to 5.28.3 (#465)
6c1fd22 docs: bump actions/setup-go to v5 (#449)
See full diff in compare view

Updates github/codeql-action from 3.24.8 to 3.25.10

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

[UNRELEASED]

Avoid failing the workflow run if there is an error while uploading debug artifacts. #2349

3.25.10 - 13 Jun 2024

Update default CodeQL bundle version to 2.17.5. #2327

3.25.9 - 12 Jun 2024

Avoid failing database creation if the database folder already exists and contains some unexpected files. Requires CodeQL 2.18.0 or higher. #2330

The init Action will attempt to clean up the database cluster directory before creating a new database and at the end of the job. This will help to avoid issues where the database cluster directory is left in an inconsistent state. #2332

3.25.8 - 04 Jun 2024

Update default CodeQL bundle version to 2.17.4. #2321

3.25.7 - 31 May 2024

We are rolling out a feature in May/June 2024 that will reduce the Actions cache usage of the Action by keeping only the newest TRAP cache for each language. #2306

3.25.6 - 20 May 2024

Update default CodeQL bundle version to 2.17.3. #2295

3.25.5 - 13 May 2024

Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the https://github.com/github/codeql-action/blob/main/README.md. #2273

Avoid printing out a warning for a missing on.push trigger when the CodeQL Action is triggered via a workflow_call event. #2274

The tools: latest input to the init Action has been renamed to tools: linked. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. #2281

3.25.4 - 08 May 2024

Update default CodeQL bundle version to 2.17.2. #2270

3.25.3 - 25 Apr 2024

Update default CodeQL bundle version to 2.17.1. #2247

Workflows running on macos-latest using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as macos-12. ARM machines with SIP disabled, including the newest macos-latest image, are unsupported for CLI versions before 2.15.1. #2261

3.25.2 - 22 Apr 2024

No user facing changes.

... (truncated)

Commits

23acc5c Merge pull request #2337 from github/update-v3.25.10-5bf6dad35
9b72dbd Update changelog for v3.25.10
5bf6dad Merge pull request #2329 from github/henrymercer/csharp-buildless-rollback-me...
feec81c Merge branch 'main' into henrymercer/csharp-buildless-rollback-mechanism
789b5f8 Merge pull request #2328 from github/henrymercer/direct-tracing-fix
c36b5fc Merge pull request #2327 from github/update-bundle/codeql-bundle-v2.17.5
b3642aa Merge branch 'main' into update-bundle/codeql-bundle-v2.17.5
1fc6e20 Merge pull request #2335 from github/mergeback/v3.25.9-to-main-530d4fea
356bee4 Update checked-in dependencies
385808c Update changelog and version after v3.25.9
Additional commits viewable in compare view

Updates actions/dependency-review-action from 4.2.3 to 4.3.3

Release notes

Sourced from actions/dependency-review-action's releases.

Notes for v4.3.3

What's Changed

Allow slashes in purl package names by @juxtin in actions/dependency-review-action#765

use the v3 version of the deps.dev API by @josieang in actions/dependency-review-action#741

PR with suggestions - [Improvement]: Help streamline / simplify dependency review action README by @am-stead in actions/dependency-review-action#773

fix show-openssf-scorecard-levels input by @ramann in actions/dependency-review-action#776

Updates to the contribution guidelines by @jonjanego in actions/dependency-review-action#778

Create issue templates by @jonjanego in actions/dependency-review-action#777

Fix the max comment length issue by @jhutchings1 and @elireisman in actions/dependency-review-action#767

Bump project version to 4.3.3 in prep for a release by @elireisman in actions/dependency-review-action#781

New Contributors

@josieang made their first contribution in actions/dependency-review-action#741

@am-stead made their first contribution in actions/dependency-review-action#773

@ramann made their first contribution in actions/dependency-review-action#776

Full Changelog: actions/dependency-review-action@v4.3.2...v4.3.3

v4.3.2

What's Changed

Fix package-url parsing for allow-dependencies-licenses by @juxtin in actions/dependency-review-action#761

Full Changelog: actions/dependency-review-action@v4.3.1...v4.3.2

v4.3.1

What's Changed

This release fixes some bugs related to package-url parsing that were introduced in 4.3.0. See actions/dependency-review-action#753.

Full Changelog: actions/dependency-review-action@V4.3.0...v4.3.1

v4.3.0

New Features

The deny-packages option can now be used without a version number to exclude all versions of a package.

What's Changed

Fix action variable name for scorecard by @lukehinds in actions/dependency-review-action#735

Fix extra https:// in summary by @jhutchings1 in actions/dependency-review-action#748

Bump typescript from 5.3.3 to 5.4.5 by @dependabot in actions/dependency-review-action#744

Bump eslint-plugin-github from 4.10.1 to 4.10.2 by @dependabot in actions/dependency-review-action#737

Show denied packages with red X by @juxtin in actions/dependency-review-action#750

deny-packages configuration option can deny specified version or all packages by @febuiles and @bteng22 in actions/dependency-review-action#733

New Contributors

@bteng22 made their first contribution in actions/dependency-review-action#733

@lukehinds made their first contribution in actions/dependency-review-action#735

Full Changelog: actions/dependency-review-action@v4.2.5...V4.3.0

4.2.5

... (truncated)

Commits

72eb03d Merge pull request #781 from actions/release-v4.3.3
137d8b4 bump to version v4.3.3
e6b618e Merge pull request #767 from actions/max-comment-length
3c42649 fix ws for linter
8e6ea8d update packaging
1b3d277 post-review: add PR comment full summary test case
220872c Update src/main.ts
087d0f8 repackage to update dist
4531204 whitespace
df1ca89 appease linter
Additional commits viewable in compare view

Updates reviewdog/action-tflint from 1.22.0 to 1.23.0

Release notes

Sourced from reviewdog/action-tflint's releases.

Release v1.23.0

What's Changed

chore(deps): update reviewdog/reviewdog to 0.17.5 by @github-actions in reviewdog/action-tflint#85

Full Changelog: reviewdog/action-tflint@v1.22.0...v1.23.0

Commits

ed9fc53 chore(deps): update reviewdog/reviewdog to 0.17.5 (#85)
See full diff in compare view

Updates reviewdog/action-trivy from 1.4.0 to 1.9.0

Release notes

Sourced from reviewdog/action-trivy's releases.

Release v1.9.0

v1.9.0: PR #50 - chore(deps): update reviewdog to 0.18.1

Release v1.8.0

v1.8.0: PR #49 - chore(deps): update reviewdog to 0.18.0

Release v1.7.0

v1.7.0: PR #40 - feat: use SARIF format

Release v1.6.0

v1.6.0: PR #44 - chore(deps): update reviewdog to 0.17.5

Release v1.5.2

v1.5.2: PR #38 - chore(deps): update terraform aws to ~> 5.51.0

Release v1.5.1

v1.5.1: PR #39 - chore(deps): update terraform azurerm to ~> 3.105.0

Release v1.5.0

v1.5.0: PR #41 - chore(deps): update reviewdog to 0.17.4

Commits

53df306 Merge pull request #50 from reviewdog/depup/reviewdog
77fb9ea chore(deps): update reviewdog to 0.18.1
26a12db Merge pull request #49 from reviewdog/depup/reviewdog
a9ddd92 chore(deps): update reviewdog to 0.18.0
a0e0a53 Merge pull request #40 from Darwiner/feat-use-sarif
f1b5099 Merge pull request #44 from reviewdog/depup/reviewdog
ca7ae73 chore(deps): update reviewdog to 0.17.5
382326f Merge pull request #38 from reviewdog/renovate/aws-5.x
022c347 Merge pull request #39 from reviewdog/renovate/azurerm-3.x
0199f6c Merge pull request #41 from reviewdog/depup/reviewdog
Additional commits viewable in compare view

Updates reviewdog/action-golangci-lint from 2.6.1 to 2.6.2

Release notes

Sourced from reviewdog/action-golangci-lint's releases.

Release v2.6.2

What's Changed

chore(deps): update dependency typescript to v5.4.2 by @renovate in reviewdog/action-golangci-lint#684

chore(deps): update dependency typescript to v5.4.3 by @renovate in reviewdog/action-golangci-lint#685

chore(deps): update dependency typescript to v5.4.4 by @renovate in reviewdog/action-golangci-lint#688

chore(deps): update dependency @types/node to v20.12.4 - autoclosed by @renovate in reviewdog/action-golangci-lint#683

chore(deps): update dependency typescript to v5.4.5 by @renovate in reviewdog/action-golangci-lint#692

chore(deps): update dependency @types/node to v20.12.7 - autoclosed by @renovate in reviewdog/action-golangci-lint#689

chore(deps): update dependency @types/node to v20.12.11 by @renovate in reviewdog/action-golangci-lint#693

chore(deps): update dependency @types/node to v20.12.12 by @renovate in reviewdog/action-golangci-lint#697

chore(deps): update dependency prettier to v3.3.1 by @renovate in reviewdog/action-golangci-lint#700

chore(deps): update dependency @types/node to v20.14.2 by @renovate in reviewdog/action-golangci-lint#699

chore(deps): update dependency ts-jest to v29.1.4 by @renovate in reviewdog/action-golangci-lint#698

chore(deps): update dependency prettier to v3.3.2 by @renovate in reviewdog/action-golangci-lint#701

Bump braces from 3.0.2 to 3.0.3 by @dependabot in reviewdog/action-golangci-lint#702

renovate: join @typescript-eslint/parser and eslint-plugin-jest by @massongit in reviewdog/action-golangci-lint#704

Bump undici from 5.26.3 to 5.28.4 by @dependabot in reviewdog/action-golangci-lint#703

fix(deps): update dependency semver to v7.6.2 by @renovate in reviewdog/action-golangci-lint#694

New Contributors

@dependabot made their first contribution in reviewdog/action-golangci-lint#702

Full Changelog: reviewdog/action-golangci-lint@v2.6.1...v2.6.2

Commits

7708105 Merge pull request #694 from reviewdog/renovate/semver-7.x
06ef73a npm run package
302b62a fix(deps): update dependency semver to v7.6.2
151839c Merge pull request #703 from reviewdog/dependabot/npm_and_yarn/undici-5.28.4
ac7edb7 npm run package
42b393a Merge pull request #704 from reviewdog/massongit-patch-1
4e7f656 renovate: join @typescript-eslint/parser and eslint-plugin-jest
bace6b9 Merge pull request #702 from reviewdog/dependabot/npm_and_yarn/braces-3.0.3
76e26ef Bump undici from 5.26.3 to 5.28.4
67512a3 Bump braces from 3.0.2 to 3.0.3
Additional commits viewable in compare view

Updates reviewdog/action-misspell from 1.16.0 to 1.21.0

Release notes

Sourced from reviewdog/action-misspell's releases.

Release v1.21.0

What's Changed

chore(deps): update reviewdog to 0.18.1 by @github-actions in reviewdog/action-misspell#70

Full Changelog: reviewdog/action-misspell@v1.20.0...v1.21.0

Release v1.20.0

What's Changed

chore(deps): update reviewdog to 0.18.0 by @github-actions in reviewdog/action-misspell#69

Full Changelog: reviewdog/action-misspell@v1.19.0...v1.20.0

Release v1.19.0

What's Changed

Switch to golangci fork by @talal in reviewdog/action-misspell#67

release by @massongit in reviewdog/action-misspell#68

New Contributors

@talal made their first contribution in reviewdog/action-misspell#67

@massongit made their first contribution in reviewdog/action-misspell#68

Full Changelog: reviewdog/action-misspell@v1.18.0...v1.19.0

Release v1.18.0

What's Changed

chore(deps): update reviewdog to 0.17.5 by @github-actions in reviewdog/action-misspell#66

Full Changelog: reviewdog/action-misspell@v1.17.0...v1.18.0

Release v1.17.0

What's Changed

change base image to debian by @srz-zumix in reviewdog/action-misspell#65

chore(deps): update reviewdog to 0.17.2 by @github-actions in reviewdog/action-misspell#64

New Contributors

@srz-zumix made their first contribution in reviewdog/action-misspell#65

Full Changelog: reviewdog/action-misspell@v1.16.0...v1.17.0

Commits

30433ca Merge pull request #70 from reviewdog/depup/reviewdog
e8ea52e chore(deps): update reviewdog to 0.18.1
e4602ab Merge pull request #69 from reviewdog/depup/reviewdog
3bd49a8 chore(deps): update reviewdog to 0.18.0
8cd4a88 Merge pull request #68 from reviewdog/minor_release
28229e4 empty commit
e51de88 Merge pull request #67 from talal/golangci-fork
a8d4835 Merge pull request #66 from reviewdog/depup/reviewdog
69e05c8 chore(deps): update reviewdog to 0.17.5
d43321b feat(misspell): use golangci fork
Additional commits viewable in compare view

Updates reviewdog/action-alex from 1.7.0 to 1.11.0

Release notes

Sourced from reviewdog/action-alex's releases.

Release v1.11.0

What's Changed

chore(deps): update reviewdog to 0.18.1 by @github-actions in reviewdog/action-alex#29

Full Changelog: reviewdog/action-alex@v1.10.0...v1.11.0

Release v1.10.0

What's Changed

chore(deps): update reviewdog to 0.18.0 by @github-actions in reviewdog/action-alex#28

Full Changelog: reviewdog/action-alex@v1.9.1...v1.10.0

Release v1.9.1

What's Changed

chore(deps): update peter-evans/create-pull-request action to v6 by @renovate in reviewdog/action-alex#25

Full Changelog: reviewdog/action-alex@v1.9.0...v1.9.1

Release v1.9.0

What's Changed

chore(deps): update reviewdog to 0.17.5 by @github-actions in reviewdog/action-alex#27

Full Changelog: reviewdog/action-alex@v1.8.0...v1.9.0

Release v1.8.0

What's Changed

chore(deps): update actions/checkout digest to 8ade135 by @renovate in reviewdog/action-alex#24

chore(deps): update reviewdog to 0.17.3 by @github-actions in reviewdog/action-alex#26

Full Changelog: reviewdog/action-alex@v1.7.0...v1.8.0

Commits

cb33600 Merge pull request #29 from reviewdog/depup/reviewdog
04d61da chore(deps): update reviewdog to 0.18.1
ac7b702 Merge pull request #28 from reviewdog/depup/reviewdog
2337187 chore(deps): update reviewdog to 0.18.0
4cb2194 Merge pull request #25 from reviewdog/renovate/peter-evans-create-pull-reques...
1714a70 Merge pull request #27 from reviewdog/depup/reviewdog
5ddaf92 chore(deps): update reviewdog to 0.17.5
0f066ba Merge pull request #26 from reviewdog/depup/reviewdog
f6a447e chore(deps): update reviewdog to 0.17.3
005d3ba chore(deps): update peter-evans/create-pull-request action to v6
Additional commits viewable in compare view

Updates reviewdog/action-markdownlint from 0.14.0 to 0.22.0

Release notes

Sourced from reviewdog/action-markdownlint's releases.

Release v0.22.0

v0.22.0: PR #61 - chore(deps): update reviewdog to 0.18.1

Release v0.21.0

v0.21.0: PR #60 - chore(deps): update reviewdog to 0.18.0

Release v0.20.0

v0.20.0: PR #57 - chore(deps): update...
Description has been truncated

…with 14 updates Bumps the github-actions group with 14 updates in the / directory: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.7.0` | `2.8.1` | | [actions/checkout](https://github.com/actions/checkout) | `4.1.2` | `4.1.7` | | [actions/setup-go](https://github.com/actions/setup-go) | `5.0.0` | `5.0.1` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.24.8` | `3.25.10` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.2.3` | `4.3.3` | | [reviewdog/action-tflint](https://github.com/reviewdog/action-tflint) | `1.22.0` | `1.23.0` | | [reviewdog/action-trivy](https://github.com/reviewdog/action-trivy) | `1.4.0` | `1.9.0` | | [reviewdog/action-golangci-lint](https://github.com/reviewdog/action-golangci-lint) | `2.6.1` | `2.6.2` | | [reviewdog/action-misspell](https://github.com/reviewdog/action-misspell) | `1.16.0` | `1.21.0` | | [reviewdog/action-alex](https://github.com/reviewdog/action-alex) | `1.7.0` | `1.11.0` | | [reviewdog/action-markdownlint](https://github.com/reviewdog/action-markdownlint) | `0.14.0` | `0.22.0` | | [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.43.0` | `1.51.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.3.1` | `2.3.3` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.1` | `4.3.3` | Updates `step-security/harden-runner` from 2.7.0 to 2.8.1 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@63c24ba...17d0e2b) Updates `actions/checkout` from 4.1.2 to 4.1.7 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@9bb5618...692973e) Updates `actions/setup-go` from 5.0.0 to 5.0.1 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@0c52d54...cdcb360) Updates `github/codeql-action` from 3.24.8 to 3.25.10 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@05963f4...23acc5c) Updates `actions/dependency-review-action` from 4.2.3 to 4.3.3 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@0fa40c3...72eb03d) Updates `reviewdog/action-tflint` from 1.22.0 to 1.23.0 - [Release notes](https://github.com/reviewdog/action-tflint/releases) - [Commits](reviewdog/action-tflint@2fa6092...ed9fc53) Updates `reviewdog/action-trivy` from 1.4.0 to 1.9.0 - [Release notes](https://github.com/reviewdog/action-trivy/releases) - [Commits](reviewdog/action-trivy@e3b2989...53df306) Updates `reviewdog/action-golangci-lint` from 2.6.1 to 2.6.2 - [Release notes](https://github.com/reviewdog/action-golangci-lint/releases) - [Commits](reviewdog/action-golangci-lint@00311c2...7708105) Updates `reviewdog/action-misspell` from 1.16.0 to 1.21.0 - [Release notes](https://github.com/reviewdog/action-misspell/releases) - [Commits](reviewdog/action-misspell@32cdac9...30433ca) Updates `reviewdog/action-alex` from 1.7.0 to 1.11.0 - [Release notes](https://github.com/reviewdog/action-alex/releases) - [Commits](reviewdog/action-alex@83d6502...cb33600) Updates `reviewdog/action-markdownlint` from 0.14.0 to 0.22.0 - [Release notes](https://github.com/reviewdog/action-markdownlint/releases) - [Commits](reviewdog/action-markdownlint@6e02140...03033f3) Updates `reviewdog/action-actionlint` from 1.43.0 to 1.51.0 - [Release notes](https://github.com/reviewdog/action-actionlint/releases) - [Commits](reviewdog/action-actionlint@c6ee1eb...afad3b6) Updates `ossf/scorecard-action` from 2.3.1 to 2.3.3 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@0864cf1...dc50aa9) Updates `actions/upload-artifact` from 4.3.1 to 4.3.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@5d5d22a...6546280) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: reviewdog/action-tflint dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: reviewdog/action-trivy dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: reviewdog/action-golangci-lint dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: reviewdog/action-misspell dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: reviewdog/action-alex dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: reviewdog/action-markdownlint dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: reviewdog/action-actionlint dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <[email protected]>

bendoerr · 2024-07-25T15:56:49Z

@dependabot recreate

dependabot · 2024-07-25T15:58:33Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 24, 2024

dependabot bot mentioned this pull request Jun 24, 2024

⬆️ (deps-ghaction): Bump the github-actions group across 1 directory with 14 updates #62

Closed

dependabot bot closed this Jul 25, 2024

dependabot bot deleted the dependabot/github_actions/github-actions-6d226b85a3 branch July 25, 2024 15:58

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

⬆️ (deps-ghaction): Bump the github-actions group across 1 directory with 14 updates #63

⬆️ (deps-ghaction): Bump the github-actions group across 1 directory with 14 updates #63

dependabot bot commented on behalf of github Jun 24, 2024 •

edited

Loading

bendoerr commented Jul 25, 2024

dependabot bot commented on behalf of github Jul 25, 2024

⬆️ (deps-ghaction): Bump the github-actions group across 1 directory with 14 updates #63

⬆️ (deps-ghaction): Bump the github-actions group across 1 directory with 14 updates #63

Conversation

dependabot bot commented on behalf of github Jun 24, 2024 • edited Loading

v2.8.1

What's Changed

v2.8.0

What's Changed

v2.7.1

What's Changed

v4.1.7

What's Changed

New Contributors

v4.1.6

What's Changed

v4.1.5

What's Changed

v4.1.4

What's Changed

v4.1.3

What's Changed

Changelog

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v4.0.0

v3.6.0

v3.5.3

v5.0.1

What's Changed

New Contributors

CodeQL Action Changelog

[UNRELEASED]

3.25.10 - 13 Jun 2024

3.25.9 - 12 Jun 2024

3.25.8 - 04 Jun 2024

3.25.7 - 31 May 2024

3.25.6 - 20 May 2024

3.25.5 - 13 May 2024

3.25.4 - 08 May 2024

3.25.3 - 25 Apr 2024

3.25.2 - 22 Apr 2024

Notes for v4.3.3

What's Changed

New Contributors

v4.3.2

What's Changed

v4.3.1

What's Changed

v4.3.0

New Features

What's Changed

New Contributors

4.2.5

Release v1.23.0

What's Changed

Release v1.9.0

Release v1.8.0

Release v1.7.0

Release v1.6.0

Release v1.5.2

Release v1.5.1

Release v1.5.0

Release v2.6.2

What's Changed

New Contributors

Release v1.21.0

What's Changed

Release v1.20.0

What's Changed

Release v1.19.0

What's Changed

New Contributors

Release v1.18.0

What's Changed

dependabot bot commented on behalf of github Jun 24, 2024 •

edited

Loading