Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update mattermost support dependencies #43

Merged
merged 3 commits into from
Mar 29, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Mar 21, 2024

Mend Renovate

This PR contains the following updates:

Package Type Update Change
actions/checkout action major v3.6.0 -> v4.1.1
actions/dependency-review-action action major v2.5.1 -> v4.2.5
actions/upload-artifact action minor v4.0.0 -> v4.3.1
defenseunicorns/uds-common patch v0.3.3 -> v0.3.9
defenseunicorns/uds-common action patch v0.3.3 -> v0.3.9
defenseunicorns/uds-common-tasks patch v0.3.3 -> v0.3.9
defenseunicorns/zarf minor v0.29.1 -> v0.32.6
docker/login-action action digest 343f7c4 -> e92390c
github/codeql-action action minor v3.22.12 -> v3.24.9
github/codeql-action action major v2.24.5 -> v3.24.9
golangci/golangci-lint repository minor v1.55.2 -> v1.57.2
google-github-actions/release-please-action action minor v4.0.2 -> v4.1.0
python-jsonschema/check-jsonschema repository minor 0.27.4 -> 0.28.0
renovatebot/pre-commit-hooks repository minor 37.165.5 -> 37.275.0

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.


Release Notes

actions/checkout (actions/checkout)

v4.1.1

Compare Source

What's Changed
New Contributors

Full Changelog: actions/checkout@v4.1.0...v4.1.1

v4.1.0

Compare Source

v4.0.0

Compare Source

actions/dependency-review-action (actions/dependency-review-action)

v4.2.5: 4.2.5

Compare Source

What's Changed

Full Changelog: actions/dependency-review-action@v4.2.4...v4.2.5

v4.2.4

Compare Source

What's Changed

Fixed a bug in the output of OpenSSF cards for GitHub Actions.

New Contributors

Full Changelog: actions/dependency-review-action@v4.2.3...v4.2.4

v4.2.3: 4.2.3

Compare Source

What's Changed

New Contributors

Full Changelog: actions/dependency-review-action@v4.1.3...v4.2.3

v4.1.3: 4.1.3

Compare Source

Fixes a bug in 4.1.2 that would introduce comments in every pull request, regardless of the user's configuration (see https://github.com/actions/dependency-review-action/issues/697).

Full Changelog: actions/dependency-review-action@v4.1.2...v4.1.3

v4.1.2: 4.1.2

Compare Source

What's Changed

Full Changelog: actions/dependency-review-action@v4.1.1...v4.1.2

v4.1.1: 4.1.1

Compare Source

What's Changed

Full Changelog: actions/dependency-review-action@v4.1.0...v4.1.1

v4.1.0: 4.1.0

Compare Source

What's Changed

Added a new configuration option (warn-only, boolean) that makes the action always succeed while still displaying found vulnerabilities in the log.

New Contributors

Full Changelog: actions/dependency-review-action@v4...v4.1.0

v4.0.0

Compare Source

New Contributors

Full Changelog: actions/dependency-review-action@v3.1.5...v4.0.0

v3.1.5: 3.1.5

Compare Source

What's Changed

Full Changelog: actions/dependency-review-action@v3.1.4...v3.1.5

v3.1.4: 3.1.4

Compare Source

What's Changed

Full Changelog: actions/dependency-review-action@v3...v3.1.4

v3.1.3: 3.1.3

Compare Source

What's Changed

Full Changelog: actions/dependency-review-action@v3...v3.1.3

v3.1.2: 3.1.2

Compare Source

What's Changed

Full Changelog: actions/dependency-review-action@v3...v3.1.2

v3.1.1: 3.1.1

Compare Source

What's Changed

  • Update a bunch of dependencies, including major version upgrades for octokit, @actions/github and typescript.

Full Changelog: actions/dependency-review-action@v3.1.0...v3.1.1

v3.1.0: 3.1.0

Compare Source

What's New

Added support for dependencies submitted through the dependency submission API. This includes two new configuration parameters: retry-on-snapshot-warnings and retry-on-snapshot-warnings-timeout.

What's Changed

New Contributors

Full Changelog: actions/dependency-review-action@v3...v3.1.0

v3.0.8: 3.0.8

Compare Source

What's Changed

Added on-failure option to comment-summary-in-pr setting by @​sgmurphy in https://github.com/actions/dependency-review-action/pull/540

Previous configuration files using true/false for comment-summary-in-pr will be mapped automatically to the new values, but we encourage you to update to always/on-failure/never.

New Contributors

Full Changelog: actions/dependency-review-action@v3...v3.0.8

v3.0.7: 3.0.7

Compare Source

What's Changed

New Contributors

Full Changelog: actions/dependency-review-action@v3...v3.0.7

v3.0.6: 3.0.6

Compare Source

Fixes a bug introduced in 3.0.5 where we raised PURL errors when Dependency Graph returns an empty package_url.

v3.0.5: 3.0.5

Compare Source

What's Changed

Thanks to @​theztefan, we now have a new allow-dependencies-licenses option that takes a list of dependencies that will be excluded from license checks. See the configuration options for more information on how to use it.

New Contributors

Full Changelog: actions/dependency-review-action@v3...v3.0.5

v3.0.4: 3.0.4

Compare Source

What's New?

The Action can now publish a comment in the pull request if the comment-summary-in-pr option is set. More information can be found in the README.

New Contributors

Changelog

Full Changelog: actions/dependency-review-action@v3...v3.0.4

v3.0.3: 3.0.3

Compare Source

What's Changed

New Contributors

Full Changelog: actions/dependency-review-action@v3...v3.0.3

v3.0.2: 3.0.2

Compare Source

This release fixes spelling errors https://github.com/actions/dependency-review-action/pull/348 and upgrades dependencies to fix known vulnerabilities

Full Changelog: actions/dependency-review-action@v3...v3.0.2

v3.0.1: 3.0.1

Compare Source

This release contains the following bugfixes:

Full Changelog: actions/dependency-review-action@v3...v3.0.1

v3.0.0: 3.0.0

Compare Source

Breaking Changes

By default the action now expects SPDX-compliant licenses everywhere. If you were previously using license names in the allow or deny lists make sure they're valid!

What's Changed

Support for external configuration files

You can now specify a configuration file external to your repository. This allows organizations to have a single configuration file for all their repos.

Broader license support

We've added support for a much broader set of project licenses by using GitHub's Licenses API.

SPDX Compliance

All of our license-related code now expects SPDX-compliant licenses or expressions. This allows us to standardize on a license naming scheme that already supports OR/AND expressions.

Disable individual checks

You can now use the boolean options license-check and vulnerability-check to disable either one of the checks. More information in our configuration options.

Thanks

Contributors for this release include:

Thanks everyone!
Full Changelog: actions/dependency-review-action@v2...v3.0.0

actions/upload-artifact (actions/upload-artifact)

v4.3.1

Compare Source

v4.3.0

Compare Source

What's Changed

Full Changelog: actions/upload-artifact@v4...v4.3.0

v4.2.0

Compare Source

What's Changed

Full Changelog: actions/upload-artifact@v4...v4.2.0

v4.1.0

Compare Source

What's Changed

New Contributors

Full Changelog: actions/upload-artifact@v4...v4.1.0

defenseunicorns/uds-common (defenseunicorns/uds-common)

v0.3.9

Compare Source

Miscellaneous

v0.3.8

Compare Source

Miscellaneous
  • add upgrade tests to common (#​91) (bb2e590)
  • deps: update dependency defenseunicorns/uds-cli to v0.10.1 (#​84) (6b455b7)
  • deps: update dependency defenseunicorns/uds-core to v0.17.0 (#​83) (b8d8181)
  • deps: update uds common package dependencies to v6.6.1 (#​92) (862b635)
  • update registry login to happen in the common env setup action (#​88) (b7bce88)

v0.3.7

Compare Source

Miscellaneous

v0.3.6

Compare Source

Miscellaneous
  • hotfix the spoof containing a dash in the input and add a publish step (#​81) (f9c7aac)

v0.3.5

Compare Source

Miscellaneous

v0.3.4

Compare Source

Miscellaneous
  • add the ability to spoof to common (#​77) (49634e1)
  • deps: update dependency defenseunicorns/uds-core to v0.16.1 (#​72) (32d1ad6)
defenseunicorns/uds-common-tasks (defenseunicorns/uds-common-tasks)

v0.3.9

Compare Source

Miscellaneous

v0.3.8

Compare Source

Miscellaneous
  • add upgrade tests to common (#​91) (bb2e590)
  • deps: update dependency defenseunicorns/uds-cli to v0.10.1 (#​84) (6b455b7)
  • deps: update dependency defenseunicorns/uds-core to v0.17.0 (#​83) (b8d8181)
  • deps: update uds common package dependencies to v6.6.1 (#​92) (862b635)
  • update registry login to happen in the common env setup action (#​88) (b7bce88)

v0.3.7

Compare Source

Miscellaneous

v0.3.6

Compare Source

Miscellaneous
  • hotfix the spoof containing a dash in the input and add a publish step (#​81) (f9c7aac)

v0.3.5

Compare Source

Miscellaneous

v0.3.4

Compare Source

Miscellaneous
  • add the ability to spoof to common (#​77) (49634e1)
  • deps: update dependency defenseunicorns/uds-core to v0.16.1 (#​72) (32d1ad6)
defenseunicorns/zarf (defenseunicorns/zarf)

v0.32.6

Compare Source

[0.32.6] - 2024-03-22

trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~@​Noxsios

🚀 Features
🐛 Bug Fixes
🚜 Refactor
🧪 Testing
⚙️ Miscellaneous Tasks
🛡️ Security

Full Changelog: zarf-dev/zarf@v0.32.5...v0.32.6

v0.32.5

Compare Source

[0.32.5] - 2024-03-11

trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~@​Noxsios

🚀 Features
🐛 Bug Fixes
📚 Documentation
⚙️ Miscellaneous Tasks
🛡️ Security
First Time Contributors

Full Changelog: zarf-dev/zarf@v0.32.4...v0.32.5

v0.32.4

Compare Source

What's Changed
Fixes
Dependencies
Docs
Development
New Contributors

Full Changelog: zarf-dev/zarf@v0.32.3...v0.32.4

v0.32.3

Compare Source

What's Changed
Fixes
Docs
Dependencies
Development
New Contributors

Full Changelog: zarf-dev/zarf@v0.32.2...v0.32.3

v0.32.2

Compare Source

What's Changed

Features

Fixes

Docs

Dependencies

Development

New Contributors

Full Changelog: zarf-dev/zarf@v0.32.1...v0.32.2

[v0.32.1](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32


Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot requested a review from a team as a code owner March 21, 2024 21:59
@renovate renovate bot force-pushed the renovate/mattermost-support-dependencies branch 21 times, most recently from efdb8c9 to 7dadccf Compare March 29, 2024 00:59
| datasource  | package                                     | from     | to       |
| ----------- | ------------------------------------------- | -------- | -------- |
| github-tags | actions/checkout                            | v3.6.0   | v4.1.1   |
| github-tags | actions/dependency-review-action            | v2.5.1   | v4.2.5   |
| github-tags | actions/upload-artifact                     | v4.0.0   | v4.3.1   |
| github-tags | defenseunicorns/uds-common                  | v0.3.3   | v0.3.9   |
| github-tags | defenseunicorns/uds-common-tasks            | v0.3.3   | v0.3.9   |
| github-tags | defenseunicorns/zarf                        | v0.29.1  | v0.32.6  |
| github-tags | github/codeql-action                        | v3.22.12 | v3.24.9  |
| github-tags | github/codeql-action                        | v2.24.5  | v3.24.9  |
| github-tags | golangci/golangci-lint                      | v1.55.2  | v1.57.2  |
| github-tags | google-github-actions/release-please-action | v4.0.2   | v4.1.0   |
| github-tags | python-jsonschema/check-jsonschema          | 0.27.4   | 0.28.0   |
| github-tags | renovatebot/pre-commit-hooks                | 37.165.5 | 37.275.0 |
@renovate renovate bot force-pushed the renovate/mattermost-support-dependencies branch from 7dadccf to 955722b Compare March 29, 2024 16:16
Copy link
Contributor Author

renovate bot commented Mar 29, 2024

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

Warning: custom changes will be lost.

tasks.yaml Show resolved Hide resolved
Copy link
Contributor

@zachariahmiller zachariahmiller left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:shipit:

@Racer159 Racer159 merged commit 0946c88 into main Mar 29, 2024
13 checks passed
@Racer159 Racer159 deleted the renovate/mattermost-support-dependencies branch March 29, 2024 23:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants