mirror of
https://github.com/flutter/flutter
synced 2024-10-03 23:14:12 +00:00
206 commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
dependabot[bot] |
3bb9624ca9
|
Bump github/codeql-action from 3.25.5 to 3.25.6 (#148715)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.5 to 3.25.6. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.25.6 - 20 May 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.17.3. <a href="https://redirect.github.com/github/codeql-action/pull/2295">#2295</a></li> </ul> <h2>3.25.5 - 13 May 2024</h2> <ul> <li>Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the <a href="https://github.com/github/codeql-action/blob/main/README.md">https://github.com/github/codeql-action/blob/main/README.md</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2273">#2273</a></li> <li>Avoid printing out a warning for a missing <code>on.push</code> trigger when the CodeQL Action is triggered via a <code>workflow_call</code> event. <a href="https://redirect.github.com/github/codeql-action/pull/2274">#2274</a></li> <li>The <code>tools: latest</code> input to the <code>init</code> Action has been renamed to <code>tools: linked</code>. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. <a href="https://redirect.github.com/github/codeql-action/pull/2281">#2281</a></li> </ul> <h2>3.25.4 - 08 May 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.17.2. <a href="https://redirect.github.com/github/codeql-action/pull/2270">#2270</a></li> </ul> <h2>3.25.3 - 25 Apr 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.17.1. <a href="https://redirect.github.com/github/codeql-action/pull/2247">#2247</a></li> <li>Workflows running on <code>macos-latest</code> using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as <code>macos-12</code>. ARM machines with SIP disabled, including the newest <code>macos-latest</code> image, are unsupported for CLI versions before 2.15.1. <a href="https://redirect.github.com/github/codeql-action/pull/2261">#2261</a></li> </ul> <h2>3.25.2 - 22 Apr 2024</h2> <p>No user facing changes.</p> <h2>3.25.1 - 17 Apr 2024</h2> <ul> <li>We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the <code>autobuild</code> <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build mode</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2235">#2235</a></li> <li>Fix a bug where the <code>init</code> Action would fail if <code>--overwrite</code> was specified in <code>CODEQL_ACTION_EXTRA_OPTIONS</code>. <a href="https://redirect.github.com/github/codeql-action/pull/2245">#2245</a></li> </ul> <h2>3.25.0 - 15 Apr 2024</h2> <ul> <li> <p>The deprecated feature for extracting dependencies for a Python analysis has been removed. <a href="https://redirect.github.com/github/codeql-action/pull/2224">#2224</a></p> <p>As a result, the following inputs and environment variables are now ignored:</p> <ul> <li>The <code>setup-python-dependencies</code> input to the <code>init</code> Action</li> <li>The <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION</code> environment variable</li> </ul> <p>We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.</p> </li> <li> <p>Automatically overwrite an existing database if found on the filesystem. <a href="https://redirect.github.com/github/codeql-action/pull/2229">#2229</a></p> </li> <li> <p>Bump the minimum CodeQL bundle version to 2.12.6. <a href="https://redirect.github.com/github/codeql-action/pull/2232">#2232</a></p> </li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
7bd4bbed11
|
Bump codecov/codecov-action from 4.4.0 to 4.4.1 (#148714)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.4.0 to 4.4.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>v4.4.1</h2> <h2>What's Changed</h2> <ul> <li>build(deps-dev): bump <code>@âtypescript-eslint/eslint-plugin</code> from 7.8.0 to 7.9.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1427">codecov/codecov-action#1427</a></li> <li>fix: prevent xlarge from running on forks by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1432">codecov/codecov-action#1432</a></li> <li>build(deps): bump github/codeql-action from 3.25.4 to 3.25.5 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1439">codecov/codecov-action#1439</a></li> <li>build(deps): bump actions/checkout from 4.1.5 to 4.1.6 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1438">codecov/codecov-action#1438</a></li> <li>fix: isPullRequestFromFork returns false for any PR by <a href="https://github.com/shahar-h"><code>@âshahar-h</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1437">codecov/codecov-action#1437</a></li> <li>chore(release): 4.4.1 by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1441">codecov/codecov-action#1441</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/shahar-h"><code>@âshahar-h</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1437">codecov/codecov-action#1437</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.4.0...v4.4.1">https://github.com/codecov/codecov-action/compare/v4.4.0...v4.4.1</a></p> <h2>What's Changed</h2> <ul> <li>build(deps-dev): bump <code>@âtypescript-eslint/eslint-plugin</code> from 7.8.0 to 7.9.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1427">codecov/codecov-action#1427</a></li> <li>fix: prevent xlarge from running on forks by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1432">codecov/codecov-action#1432</a></li> <li>build(deps): bump github/codeql-action from 3.25.4 to 3.25.5 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1439">codecov/codecov-action#1439</a></li> <li>build(deps): bump actions/checkout from 4.1.5 to 4.1.6 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1438">codecov/codecov-action#1438</a></li> <li>fix: isPullRequestFromFork returns false for any PR by <a href="https://github.com/shahar-h"><code>@âshahar-h</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1437">codecov/codecov-action#1437</a></li> <li>chore(release): 4.4.1 by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1441">codecov/codecov-action#1441</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/shahar-h"><code>@âshahar-h</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1437">codecov/codecov-action#1437</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.4.0...v4.4.1">https://github.com/codecov/codecov-action/compare/v4.4.0...v4.4.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
54830cf143
|
Bump actions/checkout from 4.1.5 to 4.1.6 (#148516)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.5 to 4.1.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.1.6</h2> <h2>What's Changed</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> <li>Update for 4.1.6 release by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1733">actions/checkout#1733</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.5...v4.1.6">https://github.com/actions/checkout/compare/v4.1.5...v4.1.6</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@âjww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <ul> <li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@âjww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li> <li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li> <li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@âjww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li> </ul> <h2>v4.1.2</h2> <ul> <li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@âdscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li> </ul> <h2>v4.1.1</h2> <ul> <li>Correct link to GitHub Docs by <a href="https://github.com/peterbe"><code>@âpeterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li> <li>Link to release page from what's new section by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li> </ul> <h2>v4.1.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li> </ul> <h2>v4.0.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1067">Support fetching without the --progress option</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1436">Update to node20</a></li> </ul> <h2>v3.6.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark test scripts with Bash'isms to be run via Bash</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/579">Add option to fetch tags even if fetch-depth > 0</a></li> </ul> <h2>v3.5.3</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1196">Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix typos found by codespell</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add support for sparse checkouts</a></li> </ul> <h2>v3.5.2</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix api endpoint for GHES</a></li> </ul> <h2>v3.5.1</h2> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
cbc51f15eb
|
Bump codecov/codecov-action from 4.3.1 to 4.4.0 (#148355)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.3.1 to 4.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>v4.4.0</h2> <h2>What's Changed</h2> <ul> <li>chore: Clarify isPullRequestFromFork by <a href="https://github.com/jsoref"><code>@âjsoref</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1411">codecov/codecov-action#1411</a></li> <li>build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1423">codecov/codecov-action#1423</a></li> <li>build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1421">codecov/codecov-action#1421</a></li> <li>build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1420">codecov/codecov-action#1420</a></li> <li>feat: remove GPG and run on spawn by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1426">codecov/codecov-action#1426</a></li> <li>build(deps-dev): bump <code>@âtypescript-eslint/parser</code> from 7.8.0 to 7.9.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1428">codecov/codecov-action#1428</a></li> <li>chore(release): 4.4.0 by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1430">codecov/codecov-action#1430</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.3.1...v4.4.0">https://github.com/codecov/codecov-action/compare/v4.3.1...v4.4.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
27f683d6c3
|
Bump github/codeql-action from 3.25.3 to 3.25.5 (#148262)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.3 to 3.25.5. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.25.5 - 13 May 2024</h2> <ul> <li>Add a compatibility matrix of supported CodeQL Action, CodeQL CLI, and GitHub Enterprise Server versions to the <a href="https://github.com/github/codeql-action/blob/main/README.md">https://github.com/github/codeql-action/blob/main/README.md</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2273">#2273</a></li> <li>Avoid printing out a warning for a missing <code>on.push</code> trigger when the CodeQL Action is triggered via a <code>workflow_call</code> event. <a href="https://redirect.github.com/github/codeql-action/pull/2274">#2274</a></li> <li>The <code>tools: latest</code> input to the <code>init</code> Action has been renamed to <code>tools: linked</code>. This option specifies that the Action should use the tools shipped at the same time as the Action. The old name will continue to work for backwards compatibility, but we recommend that new workflows use the new name. <a href="https://redirect.github.com/github/codeql-action/pull/2281">#2281</a></li> </ul> <h2>3.25.4 - 08 May 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.17.2. <a href="https://redirect.github.com/github/codeql-action/pull/2270">#2270</a></li> </ul> <h2>3.25.3 - 25 Apr 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.17.1. <a href="https://redirect.github.com/github/codeql-action/pull/2247">#2247</a></li> <li>Workflows running on <code>macos-latest</code> using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as <code>macos-12</code>. ARM machines with SIP disabled, including the newest <code>macos-latest</code> image, are unsupported for CLI versions before 2.15.1. <a href="https://redirect.github.com/github/codeql-action/pull/2261">#2261</a></li> </ul> <h2>3.25.2 - 22 Apr 2024</h2> <p>No user facing changes.</p> <h2>3.25.1 - 17 Apr 2024</h2> <ul> <li>We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the <code>autobuild</code> <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build mode</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2235">#2235</a></li> <li>Fix a bug where the <code>init</code> Action would fail if <code>--overwrite</code> was specified in <code>CODEQL_ACTION_EXTRA_OPTIONS</code>. <a href="https://redirect.github.com/github/codeql-action/pull/2245">#2245</a></li> </ul> <h2>3.25.0 - 15 Apr 2024</h2> <ul> <li> <p>The deprecated feature for extracting dependencies for a Python analysis has been removed. <a href="https://redirect.github.com/github/codeql-action/pull/2224">#2224</a></p> <p>As a result, the following inputs and environment variables are now ignored:</p> <ul> <li>The <code>setup-python-dependencies</code> input to the <code>init</code> Action</li> <li>The <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION</code> environment variable</li> </ul> <p>We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.</p> </li> <li> <p>Automatically overwrite an existing database if found on the filesystem. <a href="https://redirect.github.com/github/codeql-action/pull/2229">#2229</a></p> </li> <li> <p>Bump the minimum CodeQL bundle version to 2.12.6. <a href="https://redirect.github.com/github/codeql-action/pull/2232">#2232</a></p> </li> <li> <p>A more relevant log message and a diagnostic are now emitted when the <code>file</code> program is not installed on a Linux runner, but is required for Go tracing to succeed. <a href="https://redirect.github.com/github/codeql-action/pull/2234">#2234</a></p> </li> </ul> <h2>3.24.10 - 05 Apr 2024</h2> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
c90e18c6f5
|
Bump ossf/scorecard-action from 2.3.1 to 2.3.3 (#148091)
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.1 to 2.3.3. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
4031041a4b
|
Bump actions/checkout from 4.1.4 to 4.1.5 (#147888)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.4 to 4.1.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.1.5</h2> <h2>What's Changed</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.4...v4.1.5">https://github.com/actions/checkout/compare/v4.1.4...v4.1.5</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
ffbeb5a39c
|
Bump codecov/codecov-action from 4.3.0 to 4.3.1 (#147674)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.3.0 to 4.3.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>v4.3.1</h2> <h2>What's Changed</h2> <ul> <li>build(deps-dev): bump typescript from 5.4.4 to 5.4.5 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1370">codecov/codecov-action#1370</a></li> <li>fix: more verbose log message when failing to import pgp key by <a href="https://github.com/ReenigneArcher"><code>@âReenigneArcher</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1371">codecov/codecov-action#1371</a></li> <li>build(deps-dev): bump <code>@âtypescript-eslint/eslint-plugin</code> from 7.6.0 to 7.7.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1374">codecov/codecov-action#1374</a></li> <li>build(deps-dev): bump <code>@âtypescript-eslint/parser</code> from 7.6.0 to 7.7.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1375">codecov/codecov-action#1375</a></li> <li>build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1382">codecov/codecov-action#1382</a></li> <li>build(deps): bump github/codeql-action from 3.24.10 to 3.25.1 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1381">codecov/codecov-action#1381</a></li> <li>build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.2 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1380">codecov/codecov-action#1380</a></li> <li>build(deps-dev): bump <code>@âtypescript-eslint/parser</code> from 7.7.0 to 7.7.1 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1384">codecov/codecov-action#1384</a></li> <li>build(deps-dev): bump <code>@âtypescript-eslint/eslint-plugin</code> from 7.7.0 to 7.7.1 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1383">codecov/codecov-action#1383</a></li> <li>Update README.md to point to docs about tokenless by <a href="https://github.com/rohan-at-sentry"><code>@ârohan-at-sentry</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1395">codecov/codecov-action#1395</a></li> <li>build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1393">codecov/codecov-action#1393</a></li> <li>build(deps): bump actions/checkout from 4.1.3 to 4.1.4 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1392">codecov/codecov-action#1392</a></li> <li>build(deps): bump github/codeql-action from 3.25.1 to 3.25.3 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1391">codecov/codecov-action#1391</a></li> <li>style: Node Packages by <a href="https://github.com/marcobiedermann"><code>@âmarcobiedermann</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1394">codecov/codecov-action#1394</a></li> <li>build(deps-dev): bump <code>@âtypescript-eslint/eslint-plugin</code> from 7.7.1 to 7.8.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1402">codecov/codecov-action#1402</a></li> <li>build(deps-dev): bump <code>@âtypescript-eslint/parser</code> from 7.7.1 to 7.8.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1401">codecov/codecov-action#1401</a></li> <li>docs: Type Annotations by <a href="https://github.com/marcobiedermann"><code>@âmarcobiedermann</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1397">codecov/codecov-action#1397</a></li> <li>docs: main branch by <a href="https://github.com/marcobiedermann"><code>@âmarcobiedermann</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1396">codecov/codecov-action#1396</a></li> <li>fix: bypass token checks for forks and OIDC by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1404">codecov/codecov-action#1404</a></li> <li>chore(release): 4.3.1. by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1405">codecov/codecov-action#1405</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/ReenigneArcher"><code>@âReenigneArcher</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1371">codecov/codecov-action#1371</a></li> <li><a href="https://github.com/rohan-at-sentry"><code>@ârohan-at-sentry</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1395">codecov/codecov-action#1395</a></li> <li><a href="https://github.com/marcobiedermann"><code>@âmarcobiedermann</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1394">codecov/codecov-action#1394</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.3.0...v4.3.1">https://github.com/codecov/codecov-action/compare/v4.3.0...v4.3.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
3488d9af80
|
Bump github/codeql-action from 3.25.2 to 3.25.3 (#147437)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.2 to 3.25.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.25.3 - 25 Apr 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.17.1. <a href="https://redirect.github.com/github/codeql-action/pull/2247">#2247</a></li> <li>Workflows running on <code>macos-latest</code> using CodeQL CLI versions before v2.15.1 will need to either upgrade their CLI version to v2.15.1 or newer, or change the platform to an Intel MacOS runner, such as <code>macos-12</code>. ARM machines with SIP disabled, including the newest <code>macos-latest</code> image, are unsupported for CLI versions before 2.15.1. <a href="https://redirect.github.com/github/codeql-action/pull/2261">#2261</a></li> </ul> <h2>3.25.2 - 22 Apr 2024</h2> <p>No user facing changes.</p> <h2>3.25.1 - 17 Apr 2024</h2> <ul> <li>We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the <code>autobuild</code> <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build mode</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2235">#2235</a></li> <li>Fix a bug where the <code>init</code> Action would fail if <code>--overwrite</code> was specified in <code>CODEQL_ACTION_EXTRA_OPTIONS</code>. <a href="https://redirect.github.com/github/codeql-action/pull/2245">#2245</a></li> </ul> <h2>3.25.0 - 15 Apr 2024</h2> <ul> <li> <p>The deprecated feature for extracting dependencies for a Python analysis has been removed. <a href="https://redirect.github.com/github/codeql-action/pull/2224">#2224</a></p> <p>As a result, the following inputs and environment variables are now ignored:</p> <ul> <li>The <code>setup-python-dependencies</code> input to the <code>init</code> Action</li> <li>The <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION</code> environment variable</li> </ul> <p>We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.</p> </li> <li> <p>Automatically overwrite an existing database if found on the filesystem. <a href="https://redirect.github.com/github/codeql-action/pull/2229">#2229</a></p> </li> <li> <p>Bump the minimum CodeQL bundle version to 2.12.6. <a href="https://redirect.github.com/github/codeql-action/pull/2232">#2232</a></p> </li> <li> <p>A more relevant log message and a diagnostic are now emitted when the <code>file</code> program is not installed on a Linux runner, but is required for Go tracing to succeed. <a href="https://redirect.github.com/github/codeql-action/pull/2234">#2234</a></p> </li> </ul> <h2>3.24.10 - 05 Apr 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.17.0. <a href="https://redirect.github.com/github/codeql-action/pull/2219">#2219</a></li> <li>Add a deprecation warning for customers using CodeQL version 2.12.5 and earlier. These versions of CodeQL were discontinued on 26 March 2024 alongside GitHub Enterprise Server 3.8, and will be unsupported by CodeQL Action versions 3.25.0 and later and versions 2.25.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2220">#2220</a> <ul> <li>If you are using one of these versions, please update to CodeQL CLI version 2.12.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li> <li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.11.6 and 2.12.5, you can replace <code>github/codeql-action/*@v3</code> by <code>github/codeql-action/*@v3.24.10</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.24.10</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li> </ul> </li> </ul> <h2>3.24.9 - 22 Mar 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.5. <a href="https://redirect.github.com/github/codeql-action/pull/2203">#2203</a></li> </ul> <h2>3.24.8 - 18 Mar 2024</h2> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
af34484cb8
|
Bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 (#147388)
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.4 to 6.0.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p> <blockquote> <h2>Create Pull Request v6.0.5</h2> <p>âï¸ Fixes an issue with proxy support for users that run self-hosted behind a proxy.</p> <h2>What's Changed</h2> <ul> <li>fix: update proxy support to follow octokit change to fetch api by <a href="https://github.com/peter-evans"><code>@âpeter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2867">peter-evans/create-pull-request#2867</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v6.0.4...v6.0.5">https://github.com/peter-evans/create-pull-request/compare/v6.0.4...v6.0.5</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
c22ed980d0
|
Bump actions/checkout from 4.1.3 to 4.1.4 (#147334)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.3 to 4.1.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.1.4</h2> <h2>What's Changed</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@âjww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.3...v4.1.4">https://github.com/actions/checkout/compare/v4.1.3...v4.1.4</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@âjww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <ul> <li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@âjww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li> <li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li> <li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@âjww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li> </ul> <h2>v4.1.2</h2> <ul> <li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@âdscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li> </ul> <h2>v4.1.1</h2> <ul> <li>Correct link to GitHub Docs by <a href="https://github.com/peterbe"><code>@âpeterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li> <li>Link to release page from what's new section by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li> </ul> <h2>v4.1.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li> </ul> <h2>v4.0.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1067">Support fetching without the --progress option</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1436">Update to node20</a></li> </ul> <h2>v3.6.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark test scripts with Bash'isms to be run via Bash</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/579">Add option to fetch tags even if fetch-depth > 0</a></li> </ul> <h2>v3.5.3</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1196">Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix typos found by codespell</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add support for sparse checkouts</a></li> </ul> <h2>v3.5.2</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix api endpoint for GHES</a></li> </ul> <h2>v3.5.1</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1246">Fix slow checkout on Windows</a></li> </ul> <h2>v3.5.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1237">Add new public key for known_hosts</a></li> </ul> <h2>v3.4.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade codeql actions to v2</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade dependencies</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade <code>@âactions/io</code></a></li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
c217f763e9
|
Bump actions/upload-artifact from 4.3.2 to 4.3.3 (#147192)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.2 to 4.3.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.3.3</h2> <h2>What's Changed</h2> <ul> <li>updating <code>@actions/artifact</code> dependency to v2.1.6 by <a href="https://github.com/eggyhead"><code>@âeggyhead</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/565">actions/upload-artifact#565</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4.3.2...v4.3.3">https://github.com/actions/upload-artifact/compare/v4.3.2...v4.3.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
be62c7f743
|
Bump github/codeql-action from 3.25.1 to 3.25.2 (#147193)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.1 to 3.25.2. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
24def4d417
|
Bump actions/checkout from 4.1.2 to 4.1.3 (#147090)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.2 to 4.1.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.1.3</h2> <h2>What's Changed</h2> <ul> <li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@âjww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li> <li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@âjww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li> <li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.2...v4.1.3">https://github.com/actions/checkout/compare/v4.1.2...v4.1.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
7433225a95
|
Bump actions/upload-artifact from 4.3.1 to 4.3.2 (#147011)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.1 to 4.3.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.3.2</h2> <h2>What's Changed</h2> <ul> <li>Update release-new-action-version.yml by <a href="https://github.com/konradpabjan"><code>@âkonradpabjan</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/516">actions/upload-artifact#516</a></li> <li>Minor fix to the migration readme by <a href="https://github.com/andrewakim"><code>@âandrewakim</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/523">actions/upload-artifact#523</a></li> <li>Update readme with v3/v2/v1 deprecation notice by <a href="https://github.com/robherley"><code>@ârobherley</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/561">actions/upload-artifact#561</a></li> <li>updating <code>@actions/artifact</code> dependency to v2.1.5 and <code>@actions/core</code> to v1.0.1 by <a href="https://github.com/eggyhead"><code>@âeggyhead</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/562">actions/upload-artifact#562</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/andrewakim"><code>@âandrewakim</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/523">actions/upload-artifact#523</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4.3.1...v4.3.2">https://github.com/actions/upload-artifact/compare/v4.3.1...v4.3.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
00c21929f5
|
Bump github/codeql-action from 3.25.0 to 3.25.1 (#146953)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.0 to 3.25.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.25.1 - 17 Apr 2024</h2> <ul> <li>We are rolling out a feature in April/May 2024 that improves the reliability and performance of analyzing code when analyzing a compiled language with the <code>autobuild</code> <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build mode</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2235">#2235</a></li> <li>Fix a bug where the <code>init</code> Action would fail if <code>--overwrite</code> was specified in <code>CODEQL_ACTION_EXTRA_OPTIONS</code>. <a href="https://redirect.github.com/github/codeql-action/pull/2245">#2245</a></li> </ul> <h2>3.25.0 - 15 Apr 2024</h2> <ul> <li> <p>The deprecated feature for extracting dependencies for a Python analysis has been removed. <a href="https://redirect.github.com/github/codeql-action/pull/2224">#2224</a></p> <p>As a result, the following inputs and environment variables are now ignored:</p> <ul> <li>The <code>setup-python-dependencies</code> input to the <code>init</code> Action</li> <li>The <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION</code> environment variable</li> </ul> <p>We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.</p> </li> <li> <p>Automatically overwrite an existing database if found on the filesystem. <a href="https://redirect.github.com/github/codeql-action/pull/2229">#2229</a></p> </li> <li> <p>Bump the minimum CodeQL bundle version to 2.12.6. <a href="https://redirect.github.com/github/codeql-action/pull/2232">#2232</a></p> </li> <li> <p>A more relevant log message and a diagnostic are now emitted when the <code>file</code> program is not installed on a Linux runner, but is required for Go tracing to succeed. <a href="https://redirect.github.com/github/codeql-action/pull/2234">#2234</a></p> </li> </ul> <h2>3.24.10 - 05 Apr 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.17.0. <a href="https://redirect.github.com/github/codeql-action/pull/2219">#2219</a></li> <li>Add a deprecation warning for customers using CodeQL version 2.12.5 and earlier. These versions of CodeQL were discontinued on 26 March 2024 alongside GitHub Enterprise Server 3.8, and will be unsupported by CodeQL Action versions 3.25.0 and later and versions 2.25.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2220">#2220</a> <ul> <li>If you are using one of these versions, please update to CodeQL CLI version 2.12.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li> <li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.11.6 and 2.12.5, you can replace <code>github/codeql-action/*@v3</code> by <code>github/codeql-action/*@v3.24.10</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.24.10</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li> </ul> </li> </ul> <h2>3.24.9 - 22 Mar 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.5. <a href="https://redirect.github.com/github/codeql-action/pull/2203">#2203</a></li> </ul> <h2>3.24.8 - 18 Mar 2024</h2> <ul> <li>Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. <a href="https://redirect.github.com/github/codeql-action/pull/2195">#2195</a></li> </ul> <h2>3.24.7 - 12 Mar 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.4. <a href="https://redirect.github.com/github/codeql-action/pull/2185">#2185</a></li> </ul> <h2>3.24.6 - 29 Feb 2024</h2> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
86cf97300f
|
Bump peter-evans/create-pull-request from 6.0.3 to 6.0.4 (#146954)
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.3 to 6.0.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p> <blockquote> <h2>Create Pull Request v6.0.4</h2> <p>â¡ Improves performance in some cases for very large git repositories.</p> <h2>What's Changed</h2> <ul> <li>perf: limit the fetch depth of pr branch by <a href="https://github.com/peter-evans"><code>@âpeter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2857">peter-evans/create-pull-request#2857</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v6.0.3...v6.0.4">https://github.com/peter-evans/create-pull-request/compare/v6.0.3...v6.0.4</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
Pierre-Louis |
4a65a76279
|
Reland: Update link branches to main (#146882)
Reland https://github.com/flutter/flutter/pull/146558, reverted in https://github.com/flutter/flutter/pull/146880 due to an outdated test result ## Original description - Update CS and googlesource.com link branches - Update GitHub /blob/ and /tree/ links Tested links manually and fixes a few broken or deprecated links Added a test that validates that `master` isn't used, except for specified repos. Part of https://github.com/flutter/flutter/issues/121564 |
||
Pierre-Louis |
33a9643b5d
|
Revert "Update link branches to main " (#146880)
Reverts flutter/flutter#146558 Causes failure |
||
Pierre-Louis |
072b8874a0
|
Update link branches to main (#146558)
- Update CS and googlesource.com link branches - Update GitHub /blob/ and /tree/ links Tested links manually and fixes a few broken or deprecated links Added a test that validates that `master` isn't used, except for specified repos. Part of https://github.com/flutter/flutter/issues/121564 ## Pre-launch Checklist - [x] I read the [Contributor Guide] and followed the process outlined there for submitting PRs. - [x] I read the [Tree Hygiene] wiki page, which explains my responsibilities. - [x] I read and followed the [Flutter Style Guide], including [Features we expect every widget to implement]. - [x] I signed the [CLA]. - [x] I listed at least one issue that this PR fixes in the description above. - [x] I updated/added relevant documentation (doc comments with `///`). - [x] I added new tests to check the change I am making, or this PR is [test-exempt]. - [x] I followed the [breaking change policy] and added [Data Driven Fixes] where supported. - [x] All existing and new tests are passing. If you need help, consider asking for advice on the #hackers-new channel on [Discord]. <!-- Links --> [Contributor Guide]: https://github.com/flutter/flutter/wiki/Tree-hygiene#overview [Tree Hygiene]: https://github.com/flutter/flutter/wiki/Tree-hygiene [test-exempt]: https://github.com/flutter/flutter/wiki/Tree-hygiene#tests [Flutter Style Guide]: https://github.com/flutter/flutter/wiki/Style-guide-for-Flutter-repo [Features we expect every widget to implement]: https://github.com/flutter/flutter/wiki/Style-guide-for-Flutter-repo#features-we-expect-every-widget-to-implement [CLA]: https://cla.developers.google.com/ [flutter/tests]: https://github.com/flutter/tests [breaking change policy]: https://github.com/flutter/flutter/wiki/Tree-hygiene#handling-breaking-changes [Discord]: https://github.com/flutter/flutter/wiki/Chat [Data Driven Fixes]: https://github.com/flutter/flutter/wiki/Data-driven-Fixes |
||
dependabot[bot] |
38dcca9081
|
Bump github/codeql-action from 3.24.10 to 3.25.0 (#146784)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.10 to 3.25.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.25.0 - 15 Apr 2024</h2> <ul> <li> <p>The deprecated feature for extracting dependencies for a Python analysis has been removed. <a href="https://redirect.github.com/github/codeql-action/pull/2224">#2224</a></p> <p>As a result, the following inputs and environment variables are now ignored:</p> <ul> <li>The <code>setup-python-dependencies</code> input to the <code>init</code> Action</li> <li>The <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION</code> environment variable</li> </ul> <p>We recommend removing any references to these from your workflows. For more information, see the release notes for CodeQL Action v3.23.0 and v2.23.0.</p> </li> <li> <p>Automatically overwrite an existing database if found on the filesystem. <a href="https://redirect.github.com/github/codeql-action/pull/2229">#2229</a></p> </li> <li> <p>Bump the minimum CodeQL bundle version to 2.12.6. <a href="https://redirect.github.com/github/codeql-action/pull/2232">#2232</a></p> </li> <li> <p>A more relevant log message and a diagnostic are now emitted when the <code>file</code> program is not installed on a Linux runner, but is required for Go tracing to succeed. <a href="https://redirect.github.com/github/codeql-action/pull/2234">#2234</a></p> </li> </ul> <h2>3.24.10 - 05 Apr 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.17.0. <a href="https://redirect.github.com/github/codeql-action/pull/2219">#2219</a></li> <li>Add a deprecation warning for customers using CodeQL version 2.12.5 and earlier. These versions of CodeQL were discontinued on 26 March 2024 alongside GitHub Enterprise Server 3.8, and will be unsupported by CodeQL Action versions 3.25.0 and later and versions 2.25.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2220">#2220</a> <ul> <li>If you are using one of these versions, please update to CodeQL CLI version 2.12.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li> <li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.11.6 and 2.12.5, you can replace <code>github/codeql-action/*@v3</code> by <code>github/codeql-action/*@v3.24.10</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.24.10</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li> </ul> </li> </ul> <h2>3.24.9 - 22 Mar 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.5. <a href="https://redirect.github.com/github/codeql-action/pull/2203">#2203</a></li> </ul> <h2>3.24.8 - 18 Mar 2024</h2> <ul> <li>Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. <a href="https://redirect.github.com/github/codeql-action/pull/2195">#2195</a></li> </ul> <h2>3.24.7 - 12 Mar 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.4. <a href="https://redirect.github.com/github/codeql-action/pull/2185">#2185</a></li> </ul> <h2>3.24.6 - 29 Feb 2024</h2> <p>No user facing changes.</p> <h2>3.24.5 - 23 Feb 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
c845a78838
|
Bump peter-evans/create-pull-request from 6.0.2 to 6.0.3 (#146702)
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.2 to 6.0.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p> <blockquote> <h2>Create Pull Request v6.0.3</h2> <p>â¡ Improves performance of the <code>push-to-fork</code> feature.</p> <h2>What's Changed</h2> <ul> <li>build(deps-dev): bump <code>@âtypes/node</code> from 18.19.23 to 18.19.25 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2826">peter-evans/create-pull-request#2826</a></li> <li>build(deps-dev): bump <code>@âtypes/node</code> from 18.19.25 to 18.19.26 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2831">peter-evans/create-pull-request#2831</a></li> <li>build(deps-dev): bump <code>@âtypes/node</code> from 18.19.26 to 18.19.28 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2836">peter-evans/create-pull-request#2836</a></li> <li>build(deps-dev): bump <code>@âtypes/node</code> from 18.19.28 to 18.19.31 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2842">peter-evans/create-pull-request#2842</a></li> <li>fix: drop unnecessary fetch with unshallow on push-to-fork by <a href="https://github.com/peter-evans"><code>@âpeter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2849">peter-evans/create-pull-request#2849</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v6.0.2...v6.0.3">https://github.com/peter-evans/create-pull-request/compare/v6.0.2...v6.0.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
237d88510f
|
Bump codecov/codecov-action from 4.2.0 to 4.3.0 (#146528)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.2.0 to 4.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>v4.3.0</h2> <h2>What's Changed</h2> <ul> <li>fix: automatically detect if using GitHub enterprise by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1356">codecov/codecov-action#1356</a></li> <li>build(deps-dev): bump typescript from 5.4.3 to 5.4.4 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1355">codecov/codecov-action#1355</a></li> <li>build(deps): bump github/codeql-action from 3.24.9 to 3.24.10 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1360">codecov/codecov-action#1360</a></li> <li>build(deps-dev): bump <code>@âtypescript-eslint/eslint-plugin</code> from 7.5.0 to 7.6.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1364">codecov/codecov-action#1364</a></li> <li>build(deps-dev): bump <code>@âtypescript-eslint/parser</code> from 7.5.0 to 7.6.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1363">codecov/codecov-action#1363</a></li> <li>feat: add network params by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1365">codecov/codecov-action#1365</a></li> <li>build(deps): bump undici from 5.28.3 to 5.28.4 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1361">codecov/codecov-action#1361</a></li> <li>chore(release): v4.3.0 by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1366">codecov/codecov-action#1366</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.2.0...v4.3.0">https://github.com/codecov/codecov-action/compare/v4.2.0...v4.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
86c8565050
|
Bump github/codeql-action from 3.24.9 to 3.24.10 (#146368)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.9 to 3.24.10. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.24.10 - 05 Apr 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.17.0. <a href="https://redirect.github.com/github/codeql-action/pull/2219">#2219</a></li> <li>Add a deprecation warning for customers using CodeQL version 2.12.5 and earlier. These versions of CodeQL were discontinued on 26 March 2024 alongside GitHub Enterprise Server 3.8, and will be unsupported by CodeQL Action versions 3.25.0 and later and versions 2.25.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2220">#2220</a> <ul> <li>If you are using one of these versions, please update to CodeQL CLI version 2.12.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li> <li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.11.6 and 2.12.5, you can replace <code>github/codeql-action/*@v3</code> by <code>github/codeql-action/*@v3.24.10</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.24.10</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li> </ul> </li> </ul> <h2>3.24.9 - 22 Mar 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.5. <a href="https://redirect.github.com/github/codeql-action/pull/2203">#2203</a></li> </ul> <h2>3.24.8 - 18 Mar 2024</h2> <ul> <li>Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. <a href="https://redirect.github.com/github/codeql-action/pull/2195">#2195</a></li> </ul> <h2>3.24.7 - 12 Mar 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.4. <a href="https://redirect.github.com/github/codeql-action/pull/2185">#2185</a></li> </ul> <h2>3.24.6 - 29 Feb 2024</h2> <p>No user facing changes.</p> <h2>3.24.5 - 23 Feb 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li> </ul> <h2>3.24.4 - 21 Feb 2024</h2> <ul> <li>Fix an issue where an existing, but empty, <code>/sys/fs/cgroup/cpuset.cpus</code> file always resulted in a single-threaded run. <a href="https://redirect.github.com/github/codeql-action/pull/2151">#2151</a></li> </ul> <h2>3.24.3 - 15 Feb 2024</h2> <ul> <li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li> </ul> <h2>3.24.2 - 15 Feb 2024</h2> <ul> <li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li> </ul> <h2>3.24.1 - 13 Feb 2024</h2> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
7330045768
|
Bump codecov/codecov-action from 4.1.1 to 4.2.0 (#146310)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.1.1 to 4.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>v4.2.0</h2> <h2>What's Changed</h2> <ul> <li>chore(deps): update deps by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1351">codecov/codecov-action#1351</a></li> <li>feat: allow for authentication via OIDC token by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1330">codecov/codecov-action#1330</a></li> <li>fix: use_oidc shoudl be required false by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1353">codecov/codecov-action#1353</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.1.1...v4.2.0">https://github.com/codecov/codecov-action/compare/v4.1.1...v4.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
d2a193804b
|
Bump codecov/codecov-action from 4.1.0 to 4.1.1 (#145787)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.1.0 to 4.1.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>v4.1.1</h2> <h2>What's Changed</h2> <ul> <li>build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1315">codecov/codecov-action#1315</a></li> <li>build(deps-dev): bump typescript from 5.3.3 to 5.4.2 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1319">codecov/codecov-action#1319</a></li> <li>Removed mention of Mercurial by <a href="https://github.com/drazisil-codecov"><code>@âdrazisil-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1325">codecov/codecov-action#1325</a></li> <li>build(deps): bump github/codeql-action from 3.24.6 to 3.24.7 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1332">codecov/codecov-action#1332</a></li> <li>build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1331">codecov/codecov-action#1331</a></li> <li>fix: force version by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1329">codecov/codecov-action#1329</a></li> <li>build(deps-dev): bump typescript from 5.4.2 to 5.4.3 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1334">codecov/codecov-action#1334</a></li> <li>build(deps): bump undici from 5.28.2 to 5.28.3 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1338">codecov/codecov-action#1338</a></li> <li>build(deps): bump github/codeql-action from 3.24.7 to 3.24.9 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1341">codecov/codecov-action#1341</a></li> <li>fix: typo in disable_safe_directory by <a href="https://github.com/mkroening"><code>@âmkroening</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1343">codecov/codecov-action#1343</a></li> <li>chore(release): 4.1.1 by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1344">codecov/codecov-action#1344</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/mkroening"><code>@âmkroening</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1343">codecov/codecov-action#1343</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.1.0...v4.1.1">https://github.com/codecov/codecov-action/compare/v4.1.0...v4.1.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md">codecov/codecov-action's changelog</a>.</em></p> <blockquote> <h2>4.0.0-beta.2</h2> <h3>Fixes</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/1085">#1085</a> not adding -n if empty to do-upload command</li> </ul> <h2>4.0.0-beta.1</h2> <p><code>v4</code> represents a move from the <a href="https://github.com/codecov/uploader">universal uploader</a> to the <a href="https://github.com/codecov/codecov-cli">Codecov CLI</a>. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.</p> <h3>Breaking Changes</h3> <ul> <li>No current support for <code>aarch64</code> and <code>alpine</code> architectures.</li> <li>Tokenless uploading is unsuported</li> <li>Various arguments to the Action have been removed</li> </ul> <h2>3.1.4</h2> <h3>Fixes</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/967">#967</a> Fix typo in README.md</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/971">#971</a> fix: add back in working dir</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/969">#969</a> fix: CLI option names for uploader</li> </ul> <h3>Dependencies</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/970">#970</a> build(deps-dev): bump <code>@âtypes/node</code> from 18.15.12 to 18.16.3</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/979">#979</a> build(deps-dev): bump <code>@âtypes/node</code> from 20.1.0 to 20.1.2</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/981">#981</a> build(deps-dev): bump <code>@âtypes/node</code> from 20.1.2 to 20.1.4</li> </ul> <h2>3.1.3</h2> <h3>Fixes</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/960">#960</a> fix: allow for aarch64 build</li> </ul> <h3>Dependencies</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/957">#957</a> build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/958">#958</a> build(deps): bump openpgp from 5.7.0 to 5.8.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/959">#959</a> build(deps-dev): bump <code>@âtypes/node</code> from 18.15.10 to 18.15.12</li> </ul> <h2>3.1.2</h2> <h3>Fixes</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/718">#718</a> Update README.md</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/851">#851</a> Remove unsupported path_to_write_report argument</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/898">#898</a> codeql-analysis.yml</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/901">#901</a> Update README to contain correct information - inputs and negate feature</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/955">#955</a> fix: add in all the extra arguments for uploader</li> </ul> <h3>Dependencies</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/819">#819</a> build(deps): bump openpgp from 5.4.0 to 5.5.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/835">#835</a> build(deps): bump node-fetch from 3.2.4 to 3.2.10</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/840">#840</a> build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/841">#841</a> build(deps): bump <code>@âactions/core</code> from 1.9.1 to 1.10.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/843">#843</a> build(deps): bump <code>@âactions/github</code> from 5.0.3 to 5.1.1</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/869">#869</a> build(deps): bump node-fetch from 3.2.10 to 3.3.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/872">#872</a> build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/879">#879</a> build(deps): bump decode-uri-component from 0.2.0 to 0.2.2</li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
5b6a121dc5
|
Bump github/codeql-action from 3.24.8 to 3.24.9 (#145627)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.8 to 3.24.9. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.24.9 - 22 Mar 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.5. <a href="https://redirect.github.com/github/codeql-action/pull/2203">#2203</a></li> </ul> <h2>3.24.8 - 18 Mar 2024</h2> <ul> <li>Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. <a href="https://redirect.github.com/github/codeql-action/pull/2195">#2195</a></li> </ul> <h2>3.24.7 - 12 Mar 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.4. <a href="https://redirect.github.com/github/codeql-action/pull/2185">#2185</a></li> </ul> <h2>3.24.6 - 29 Feb 2024</h2> <p>No user facing changes.</p> <h2>3.24.5 - 23 Feb 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li> </ul> <h2>3.24.4 - 21 Feb 2024</h2> <ul> <li>Fix an issue where an existing, but empty, <code>/sys/fs/cgroup/cpuset.cpus</code> file always resulted in a single-threaded run. <a href="https://redirect.github.com/github/codeql-action/pull/2151">#2151</a></li> </ul> <h2>3.24.3 - 15 Feb 2024</h2> <ul> <li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li> </ul> <h2>3.24.2 - 15 Feb 2024</h2> <ul> <li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li> </ul> <h2>3.24.1 - 13 Feb 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.2. <a href="https://redirect.github.com/github/codeql-action/pull/2124">#2124</a></li> <li>The CodeQL action no longer fails if it can't write to the telemetry api endpoint. <a href="https://redirect.github.com/github/codeql-action/pull/2121">#2121</a></li> </ul> <h2>3.24.0 - 02 Feb 2024</h2> <ul> <li>CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See <a href="https://github.com/github/codeql-action/blob/main/#3230---08-jan-2024">release notes for 3.23.0</a> for more details. <a href="https://redirect.github.com/github/codeql-action/pull/2106">#2106</a></li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
ed2c7eda89
|
Bump github/codeql-action from 3.24.7 to 3.24.8 (#145358)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.7 to 3.24.8. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.24.8 - 18 Mar 2024</h2> <ul> <li>Improve the ease of debugging extraction issues by increasing the verbosity of the extractor logs when running in debug mode. <a href="https://redirect.github.com/github/codeql-action/pull/2195">#2195</a></li> </ul> <h2>3.24.7 - 12 Mar 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.4. <a href="https://redirect.github.com/github/codeql-action/pull/2185">#2185</a></li> </ul> <h2>3.24.6 - 29 Feb 2024</h2> <p>No user facing changes.</p> <h2>3.24.5 - 23 Feb 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li> </ul> <h2>3.24.4 - 21 Feb 2024</h2> <ul> <li>Fix an issue where an existing, but empty, <code>/sys/fs/cgroup/cpuset.cpus</code> file always resulted in a single-threaded run. <a href="https://redirect.github.com/github/codeql-action/pull/2151">#2151</a></li> </ul> <h2>3.24.3 - 15 Feb 2024</h2> <ul> <li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li> </ul> <h2>3.24.2 - 15 Feb 2024</h2> <ul> <li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li> </ul> <h2>3.24.1 - 13 Feb 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.2. <a href="https://redirect.github.com/github/codeql-action/pull/2124">#2124</a></li> <li>The CodeQL action no longer fails if it can't write to the telemetry api endpoint. <a href="https://redirect.github.com/github/codeql-action/pull/2121">#2121</a></li> </ul> <h2>3.24.0 - 02 Feb 2024</h2> <ul> <li>CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See <a href="https://github.com/github/codeql-action/blob/main/#3230---08-jan-2024">release notes for 3.23.0</a> for more details. <a href="https://redirect.github.com/github/codeql-action/pull/2106">#2106</a></li> </ul> <h2>3.23.2 - 26 Jan 2024</h2> <ul> <li>On Linux, the maximum possible value for the <code>--threads</code> option now respects the CPU count as specified in <code>cgroup</code> files to more accurately reflect the number of available cores when running in containers. <a href="https://redirect.github.com/github/codeql-action/pull/2083">#2083</a></li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
5b006bf50c
|
Bump actions/checkout from 4.1.1 to 4.1.2 (#145032)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.1.2</h2> <p>We are investigating the following issue with this release and have rolled-back the <code>v4</code> tag to point to <code>v4.1.1</code></p> <ul> <li><code>sparse-checkout</code> is not available on git versions prior to 2.27.0 (see <a href="https://redirect.github.com/actions/checkout/issues/1651">actions/checkout#1651</a>)</li> </ul> <h2>What's Changed</h2> <ul> <li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@âdscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li> <li>Bump tough-cookie from 4.0.0 to 4.1.3 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1406">actions/checkout#1406</a></li> <li>Bump <code>@âbabel/traverse</code> from 7.20.5 to 7.24.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1642">actions/checkout#1642</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/jww3"><code>@âjww3</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1616">actions/checkout#1616</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.1...v4.1.2">https://github.com/actions/checkout/compare/v4.1.1...v4.1.2</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v4.1.2</h2> <ul> <li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@âdscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li> </ul> <h2>v4.1.1</h2> <ul> <li>Correct link to GitHub Docs by <a href="https://github.com/peterbe"><code>@âpeterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li> <li>Link to release page from what's new section by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li> </ul> <h2>v4.1.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li> </ul> <h2>v4.0.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1067">Support fetching without the --progress option</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1436">Update to node20</a></li> </ul> <h2>v3.6.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark test scripts with Bash'isms to be run via Bash</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/579">Add option to fetch tags even if fetch-depth > 0</a></li> </ul> <h2>v3.5.3</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1196">Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix typos found by codespell</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add support for sparse checkouts</a></li> </ul> <h2>v3.5.2</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix api endpoint for GHES</a></li> </ul> <h2>v3.5.1</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1246">Fix slow checkout on Windows</a></li> </ul> <h2>v3.5.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1237">Add new public key for known_hosts</a></li> </ul> <h2>v3.4.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade codeql actions to v2</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade dependencies</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade <code>@âactions/io</code></a></li> </ul> <h2>v3.3.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1045">Implement branch list using callbacks from exec function</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1050">Add in explicit reference to private checkout options</a></li> <li>[Fix comment typos (that got added in <a href="https://redirect.github.com/actions/checkout/issues/770">#770</a>)](<a href="https://redirect.github.com/actions/checkout/pull/1057">actions/checkout#1057</a>)</li> </ul> <h2>v3.2.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/942">Add GitHub Action to perform release</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/967">Fix status badge</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1002">Replace datadog/squid with ubuntu/squid Docker image</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/964">Wrap pipeline commands for submoduleForeach in quotes</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1029">Update <code>@âactions/io</code> to 1.1.2</a></li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
72fa1c3043
|
Bump peter-evans/create-pull-request from 6.0.1 to 6.0.2 (#145034)
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.1 to 6.0.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p> <blockquote> <h2>Create Pull Request v6.0.2</h2> <p>â¡ Improves performance in some cases where the action rebases changes on to the specified <code>base</code>.</p> <h2>What's Changed</h2> <ul> <li>build(deps-dev): bump eslint-plugin-github from 4.10.1 to 4.10.2 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2797">peter-evans/create-pull-request#2797</a></li> <li>build(deps-dev): bump <code>@âtypes/node</code> from 18.19.18 to 18.19.21 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2798">peter-evans/create-pull-request#2798</a></li> <li>build(deps-dev): bump <code>@âtypes/node</code> from 18.19.21 to 18.19.23 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2811">peter-evans/create-pull-request#2811</a></li> <li>perf: shallow fetch the actual base when rebasing from working base by <a href="https://github.com/peter-evans"><code>@âpeter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2816">peter-evans/create-pull-request#2816</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/webmonarch"><code>@âwebmonarch</code></a> made their first contribution in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2816">peter-evans/create-pull-request#2816</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v6.0.1...v6.0.2">https://github.com/peter-evans/create-pull-request/compare/v6.0.1...v6.0.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
b686ddad53
|
Bump github/codeql-action from 3.24.6 to 3.24.7 (#145033)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.6 to 3.24.7. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.24.7 - 12 Mar 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.4. <a href="https://redirect.github.com/github/codeql-action/pull/2185">#2185</a></li> </ul> <h2>3.24.6 - 29 Feb 2024</h2> <p>No user facing changes.</p> <h2>3.24.5 - 23 Feb 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li> </ul> <h2>3.24.4 - 21 Feb 2024</h2> <ul> <li>Fix an issue where an existing, but empty, <code>/sys/fs/cgroup/cpuset.cpus</code> file always resulted in a single-threaded run. <a href="https://redirect.github.com/github/codeql-action/pull/2151">#2151</a></li> </ul> <h2>3.24.3 - 15 Feb 2024</h2> <ul> <li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li> </ul> <h2>3.24.2 - 15 Feb 2024</h2> <ul> <li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li> </ul> <h2>3.24.1 - 13 Feb 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.2. <a href="https://redirect.github.com/github/codeql-action/pull/2124">#2124</a></li> <li>The CodeQL action no longer fails if it can't write to the telemetry api endpoint. <a href="https://redirect.github.com/github/codeql-action/pull/2121">#2121</a></li> </ul> <h2>3.24.0 - 02 Feb 2024</h2> <ul> <li>CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See <a href="https://github.com/github/codeql-action/blob/main/#3230---08-jan-2024">release notes for 3.23.0</a> for more details. <a href="https://redirect.github.com/github/codeql-action/pull/2106">#2106</a></li> </ul> <h2>3.23.2 - 26 Jan 2024</h2> <ul> <li>On Linux, the maximum possible value for the <code>--threads</code> option now respects the CPU count as specified in <code>cgroup</code> files to more accurately reflect the number of available cores when running in containers. <a href="https://redirect.github.com/github/codeql-action/pull/2083">#2083</a></li> <li>Update default CodeQL bundle version to 2.16.1. <a href="https://redirect.github.com/github/codeql-action/pull/2096">#2096</a></li> </ul> <h2>3.23.1 - 17 Jan 2024</h2> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
bbb005296c
|
Bump codecov/codecov-action from 4.0.2 to 4.1.0 (#144174)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.0.2 to 4.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>v4.1.0</h2> <h2>What's Changed</h2> <ul> <li>fix: set safe directory by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1304">codecov/codecov-action#1304</a></li> <li>build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1306">codecov/codecov-action#1306</a></li> <li>build(deps-dev): bump eslint from 8.56.0 to 8.57.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1305">codecov/codecov-action#1305</a></li> <li>chore(release): v4.1.0 by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1307">codecov/codecov-action#1307</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.0.2...v4.1.0">https://github.com/codecov/codecov-action/compare/v4.0.2...v4.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
fe56a35602
|
Bump github/codeql-action from 3.24.5 to 3.24.6 (#144424)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.5 to 3.24.6. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.24.6 - 29 Feb 2024</h2> <p>No user facing changes.</p> <h2>3.24.5 - 23 Feb 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li> </ul> <h2>3.24.4 - 21 Feb 2024</h2> <ul> <li>Fix an issue where an existing, but empty, <code>/sys/fs/cgroup/cpuset.cpus</code> file always resulted in a single-threaded run. <a href="https://redirect.github.com/github/codeql-action/pull/2151">#2151</a></li> </ul> <h2>3.24.3 - 15 Feb 2024</h2> <ul> <li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li> </ul> <h2>3.24.2 - 15 Feb 2024</h2> <ul> <li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li> </ul> <h2>3.24.1 - 13 Feb 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.2. <a href="https://redirect.github.com/github/codeql-action/pull/2124">#2124</a></li> <li>The CodeQL action no longer fails if it can't write to the telemetry api endpoint. <a href="https://redirect.github.com/github/codeql-action/pull/2121">#2121</a></li> </ul> <h2>3.24.0 - 02 Feb 2024</h2> <ul> <li>CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See <a href="https://github.com/github/codeql-action/blob/main/#3230---08-jan-2024">release notes for 3.23.0</a> for more details. <a href="https://redirect.github.com/github/codeql-action/pull/2106">#2106</a></li> </ul> <h2>3.23.2 - 26 Jan 2024</h2> <ul> <li>On Linux, the maximum possible value for the <code>--threads</code> option now respects the CPU count as specified in <code>cgroup</code> files to more accurately reflect the number of available cores when running in containers. <a href="https://redirect.github.com/github/codeql-action/pull/2083">#2083</a></li> <li>Update default CodeQL bundle version to 2.16.1. <a href="https://redirect.github.com/github/codeql-action/pull/2096">#2096</a></li> </ul> <h2>3.23.1 - 17 Jan 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.0. <a href="https://redirect.github.com/github/codeql-action/pull/2073">#2073</a></li> <li>Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. <a href="https://redirect.github.com/github/codeql-action/pull/2079">#2079</a></li> </ul> <h2>3.23.0 - 08 Jan 2024</h2> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
3095c116b6
|
Bump peter-evans/create-pull-request from 6.0.0 to 6.0.1 (#144344)
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.0 to 6.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p> <blockquote> <h2>Create Pull Request v6.0.1</h2> <p>âï¸ Fixes <a href="https://redirect.github.com/peter-evans/create-pull-request/issues/2790">an issue</a> where updating a pull request leads to the error <code>Cannot read properties of undefined (reading 'number')</code>. This was likely caused by GitHub fixing a long standing bug with an API endpoint, resulting in a breaking change.</p> <h2>What's Changed</h2> <ul> <li>build(deps-dev): bump <code>@âtypes/jest</code> from 29.5.11 to 29.5.12 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2730">peter-evans/create-pull-request#2730</a></li> <li>build(deps-dev): bump prettier from 3.2.4 to 3.2.5 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2731">peter-evans/create-pull-request#2731</a></li> <li>build(deps-dev): bump <code>@âtypes/node</code> from 18.19.10 to 18.19.14 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2732">peter-evans/create-pull-request#2732</a></li> <li>build(deps): bump peter-evans/slash-command-dispatch from 3 to 4 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2748">peter-evans/create-pull-request#2748</a></li> <li>build(deps): bump peter-evans/create-pull-request from 5 to 6 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2747">peter-evans/create-pull-request#2747</a></li> <li>build(deps-dev): bump <code>@âtypes/node</code> from 18.19.14 to 18.19.15 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2759">peter-evans/create-pull-request#2759</a></li> <li>build(deps-dev): bump eslint-plugin-jest from 27.6.3 to 27.9.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2769">peter-evans/create-pull-request#2769</a></li> <li>build(deps-dev): bump <code>@âtypes/node</code> from 18.19.15 to 18.19.17 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2768">peter-evans/create-pull-request#2768</a></li> <li>build(deps-dev): bump <code>@âtypes/node</code> from 18.19.17 to 18.19.18 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2780">peter-evans/create-pull-request#2780</a></li> <li>build(deps-dev): bump eslint from 8.56.0 to 8.57.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2781">peter-evans/create-pull-request#2781</a></li> <li>fix: list pulls using the correct head format by <a href="https://github.com/peter-evans"><code>@âpeter-evans</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2792">peter-evans/create-pull-request#2792</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v6.0.0...v6.0.1">https://github.com/peter-evans/create-pull-request/compare/v6.0.0...v6.0.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
b1203fbcdc
|
Bump github/codeql-action from 3.24.4 to 3.24.5 (#144059)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.4 to 3.24.5. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.24.5 - 23 Feb 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li> </ul> <h2>3.24.4 - 21 Feb 2024</h2> <ul> <li>Fix an issue where an existing, but empty, <code>/sys/fs/cgroup/cpuset.cpus</code> file always resulted in a single-threaded run. <a href="https://redirect.github.com/github/codeql-action/pull/2151">#2151</a></li> </ul> <h2>3.24.3 - 15 Feb 2024</h2> <ul> <li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li> </ul> <h2>3.24.2 - 15 Feb 2024</h2> <ul> <li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li> </ul> <h2>3.24.1 - 13 Feb 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.2. <a href="https://redirect.github.com/github/codeql-action/pull/2124">#2124</a></li> <li>The CodeQL action no longer fails if it can't write to the telemetry api endpoint. <a href="https://redirect.github.com/github/codeql-action/pull/2121">#2121</a></li> </ul> <h2>3.24.0 - 02 Feb 2024</h2> <ul> <li>CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See <a href="https://github.com/github/codeql-action/blob/main/#3230---08-jan-2024">release notes for 3.23.0</a> for more details. <a href="https://redirect.github.com/github/codeql-action/pull/2106">#2106</a></li> </ul> <h2>3.23.2 - 26 Jan 2024</h2> <ul> <li>On Linux, the maximum possible value for the <code>--threads</code> option now respects the CPU count as specified in <code>cgroup</code> files to more accurately reflect the number of available cores when running in containers. <a href="https://redirect.github.com/github/codeql-action/pull/2083">#2083</a></li> <li>Update default CodeQL bundle version to 2.16.1. <a href="https://redirect.github.com/github/codeql-action/pull/2096">#2096</a></li> </ul> <h2>3.23.1 - 17 Jan 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.0. <a href="https://redirect.github.com/github/codeql-action/pull/2073">#2073</a></li> <li>Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. <a href="https://redirect.github.com/github/codeql-action/pull/2079">#2079</a></li> </ul> <h2>3.23.0 - 08 Jan 2024</h2> <ul> <li>We are rolling out a feature in January 2024 that will disable Python dependency installation by default for all users. This improves the speed of analysis while having only a very minor impact on results. You can override this behavior by setting <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION=false</code> in your workflow, however we plan to remove this ability in future versions of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/2031">#2031</a></li> <li>The CodeQL Action now requires CodeQL version 2.11.6 or later. For more information, see <a href="https://github.com/github/codeql-action/blob/main/#2227---16-nov-2023">the corresponding changelog entry for CodeQL Action version 2.22.7</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2009">#2009</a></li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
5b3c216816
|
Bump codecov/codecov-action from 4.0.1 to 4.0.2 (#144060)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.0.1 to 4.0.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>v4.0.2</h2> <h2>What's Changed</h2> <ul> <li>Update README.md by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1251">codecov/codecov-action#1251</a></li> <li>build(deps-dev): bump <code>@âtypes/jest</code> from 29.5.11 to 29.5.12 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1257">codecov/codecov-action#1257</a></li> <li>build(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1266">codecov/codecov-action#1266</a></li> <li>Escape pipes in table of arguments by <a href="https://github.com/jwodder"><code>@âjwodder</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1265">codecov/codecov-action#1265</a></li> <li>Add link to docs on Dependabot secrets by <a href="https://github.com/ianlewis"><code>@âianlewis</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1260">codecov/codecov-action#1260</a></li> <li>fix: working-directory input for all stages by <a href="https://github.com/Bo98"><code>@âBo98</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1272">codecov/codecov-action#1272</a></li> <li>build(deps-dev): bump <code>@âtypescript-eslint/parser</code> from 6.20.0 to 6.21.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1271">codecov/codecov-action#1271</a></li> <li>build(deps-dev): bump <code>@âtypescript-eslint/eslint-plugin</code> from 6.20.0 to 6.21.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1269">codecov/codecov-action#1269</a></li> <li>build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1298">codecov/codecov-action#1298</a></li> <li>Use updated syntax for GitHub Markdown notes by <a href="https://github.com/jamacku"><code>@âjamacku</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1300">codecov/codecov-action#1300</a></li> <li>build(deps-dev): bump <code>@âtypescript-eslint/eslint-plugin</code> from 6.21.0 to 7.0.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1290">codecov/codecov-action#1290</a></li> <li>build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1286">codecov/codecov-action#1286</a></li> <li>chore(release): bump to 4.0.2 by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1302">codecov/codecov-action#1302</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/jwodder"><code>@âjwodder</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1265">codecov/codecov-action#1265</a></li> <li><a href="https://github.com/ianlewis"><code>@âianlewis</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1260">codecov/codecov-action#1260</a></li> <li><a href="https://github.com/Bo98"><code>@âBo98</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1272">codecov/codecov-action#1272</a></li> <li><a href="https://github.com/jamacku"><code>@âjamacku</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1300">codecov/codecov-action#1300</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.0.1...v4.0.2">https://github.com/codecov/codecov-action/compare/v4.0.1...v4.0.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
b476e9674e
|
Bump github/codeql-action from 3.24.3 to 3.24.4 (#143971)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.3 to 3.24.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.24.4 - 21 Feb 2024</h2> <ul> <li>Fix an issue where an existing, but empty, <code>/sys/fs/cgroup/cpuset.cpus</code> file always resulted in a single-threaded run. <a href="https://redirect.github.com/github/codeql-action/pull/2151">#2151</a></li> <li>Update default CodeQL bundle version to 2.16.3. <a href="https://redirect.github.com/github/codeql-action/pull/2156">#2156</a></li> </ul> <h2>3.24.3 - 15 Feb 2024</h2> <ul> <li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li> </ul> <h2>3.24.2 - 15 Feb 2024</h2> <ul> <li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li> </ul> <h2>3.24.1 - 13 Feb 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.2. <a href="https://redirect.github.com/github/codeql-action/pull/2124">#2124</a></li> <li>The CodeQL action no longer fails if it can't write to the telemetry api endpoint. <a href="https://redirect.github.com/github/codeql-action/pull/2121">#2121</a></li> </ul> <h2>3.24.0 - 02 Feb 2024</h2> <ul> <li>CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See <a href="https://github.com/github/codeql-action/blob/main/#3230---08-jan-2024">release notes for 3.23.0</a> for more details. <a href="https://redirect.github.com/github/codeql-action/pull/2106">#2106</a></li> </ul> <h2>3.23.2 - 26 Jan 2024</h2> <ul> <li>On Linux, the maximum possible value for the <code>--threads</code> option now respects the CPU count as specified in <code>cgroup</code> files to more accurately reflect the number of available cores when running in containers. <a href="https://redirect.github.com/github/codeql-action/pull/2083">#2083</a></li> <li>Update default CodeQL bundle version to 2.16.1. <a href="https://redirect.github.com/github/codeql-action/pull/2096">#2096</a></li> </ul> <h2>3.23.1 - 17 Jan 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.0. <a href="https://redirect.github.com/github/codeql-action/pull/2073">#2073</a></li> <li>Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. <a href="https://redirect.github.com/github/codeql-action/pull/2079">#2079</a></li> </ul> <h2>3.23.0 - 08 Jan 2024</h2> <ul> <li>We are rolling out a feature in January 2024 that will disable Python dependency installation by default for all users. This improves the speed of analysis while having only a very minor impact on results. You can override this behavior by setting <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION=false</code> in your workflow, however we plan to remove this ability in future versions of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/2031">#2031</a></li> <li>The CodeQL Action now requires CodeQL version 2.11.6 or later. For more information, see <a href="https://github.com/github/codeql-action/blob/main/#2227---16-nov-2023">the corresponding changelog entry for CodeQL Action version 2.22.7</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2009">#2009</a></li> </ul> <h2>3.22.12 - 22 Dec 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.15.5. <a href="https://redirect.github.com/github/codeql-action/pull/2047">#2047</a></li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
cef33536aa
|
Bump github/codeql-action from 3.24.1 to 3.24.3 (#143546)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.1 to 3.24.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.24.3 - 15 Feb 2024</h2> <ul> <li>Fix an issue where the CodeQL Action would fail to load a configuration specified by the <code>config</code> input to the <code>init</code> Action. <a href="https://redirect.github.com/github/codeql-action/pull/2147">#2147</a></li> </ul> <h2>3.24.2 - 15 Feb 2024</h2> <ul> <li>Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2141">#2141</a></li> </ul> <h2>3.24.1 - 13 Feb 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.2. <a href="https://redirect.github.com/github/codeql-action/pull/2124">#2124</a></li> <li>The CodeQL action no longer fails if it can't write to the telemetry api endpoint. <a href="https://redirect.github.com/github/codeql-action/pull/2121">#2121</a></li> </ul> <h2>3.24.0 - 02 Feb 2024</h2> <ul> <li>CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See <a href="https://github.com/github/codeql-action/blob/main/#3230---08-jan-2024">release notes for 3.23.0</a> for more details. <a href="https://redirect.github.com/github/codeql-action/pull/2106">#2106</a></li> </ul> <h2>3.23.2 - 26 Jan 2024</h2> <ul> <li>On Linux, the maximum possible value for the <code>--threads</code> option now respects the CPU count as specified in <code>cgroup</code> files to more accurately reflect the number of available cores when running in containers. <a href="https://redirect.github.com/github/codeql-action/pull/2083">#2083</a></li> <li>Update default CodeQL bundle version to 2.16.1. <a href="https://redirect.github.com/github/codeql-action/pull/2096">#2096</a></li> </ul> <h2>3.23.1 - 17 Jan 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.0. <a href="https://redirect.github.com/github/codeql-action/pull/2073">#2073</a></li> <li>Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. <a href="https://redirect.github.com/github/codeql-action/pull/2079">#2079</a></li> </ul> <h2>3.23.0 - 08 Jan 2024</h2> <ul> <li>We are rolling out a feature in January 2024 that will disable Python dependency installation by default for all users. This improves the speed of analysis while having only a very minor impact on results. You can override this behavior by setting <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION=false</code> in your workflow, however we plan to remove this ability in future versions of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/2031">#2031</a></li> <li>The CodeQL Action now requires CodeQL version 2.11.6 or later. For more information, see <a href="https://github.com/github/codeql-action/blob/main/#2227---16-nov-2023">the corresponding changelog entry for CodeQL Action version 2.22.7</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2009">#2009</a></li> </ul> <h2>3.22.12 - 22 Dec 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.15.5. <a href="https://redirect.github.com/github/codeql-action/pull/2047">#2047</a></li> </ul> <h2>3.22.11 - 13 Dec 2023</h2> <ul> <li>[v3+ only] The CodeQL Action now runs on Node.js v20. <a href="https://redirect.github.com/github/codeql-action/pull/2006">#2006</a></li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
5025681129
|
Bump github/codeql-action from 3.24.0 to 3.24.1 (#143395)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.0 to 3.24.1. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.24.1 - 13 Feb 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.2. <a href="https://redirect.github.com/github/codeql-action/pull/2124">#2124</a></li> <li>The CodeQL action no longer fails if it can't write to the telemetry api endpoint. <a href="https://redirect.github.com/github/codeql-action/pull/2121">#2121</a></li> </ul> <h2>3.24.0 - 02 Feb 2024</h2> <ul> <li>CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See <a href="https://github.com/github/codeql-action/blob/main/#3230---08-jan-2024">release notes for 3.23.0</a> for more details. <a href="https://redirect.github.com/github/codeql-action/pull/2106">#2106</a></li> </ul> <h2>3.23.2 - 26 Jan 2024</h2> <ul> <li>On Linux, the maximum possible value for the <code>--threads</code> option now respects the CPU count as specified in <code>cgroup</code> files to more accurately reflect the number of available cores when running in containers. <a href="https://redirect.github.com/github/codeql-action/pull/2083">#2083</a></li> <li>Update default CodeQL bundle version to 2.16.1. <a href="https://redirect.github.com/github/codeql-action/pull/2096">#2096</a></li> </ul> <h2>3.23.1 - 17 Jan 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.0. <a href="https://redirect.github.com/github/codeql-action/pull/2073">#2073</a></li> <li>Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. <a href="https://redirect.github.com/github/codeql-action/pull/2079">#2079</a></li> </ul> <h2>3.23.0 - 08 Jan 2024</h2> <ul> <li>We are rolling out a feature in January 2024 that will disable Python dependency installation by default for all users. This improves the speed of analysis while having only a very minor impact on results. You can override this behavior by setting <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION=false</code> in your workflow, however we plan to remove this ability in future versions of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/2031">#2031</a></li> <li>The CodeQL Action now requires CodeQL version 2.11.6 or later. For more information, see <a href="https://github.com/github/codeql-action/blob/main/#2227---16-nov-2023">the corresponding changelog entry for CodeQL Action version 2.22.7</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2009">#2009</a></li> </ul> <h2>3.22.12 - 22 Dec 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.15.5. <a href="https://redirect.github.com/github/codeql-action/pull/2047">#2047</a></li> </ul> <h2>3.22.11 - 13 Dec 2023</h2> <ul> <li>[v3+ only] The CodeQL Action now runs on Node.js v20. <a href="https://redirect.github.com/github/codeql-action/pull/2006">#2006</a></li> </ul> <h2>2.22.10 - 12 Dec 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.15.4. <a href="https://redirect.github.com/github/codeql-action/pull/2016">#2016</a></li> </ul> <h2>2.22.9 - 07 Dec 2023</h2> <p>No user facing changes.</p> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
81dcba5fb3
|
Bump actions/upload-artifact from 4.3.0 to 4.3.1 (#142944)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.0 to 4.3.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.3.1</h2> <ul> <li>Bump <code>@âactions/artifacts</code> to latest version to include <a href="https://redirect.github.com/actions/toolkit/pull/1648">updated GHES host check</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
fab207791d
|
Bump github/codeql-action from 3.23.2 to 3.24.0 (#142839)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.23.2 to 3.24.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.24.0 - 02 Feb 2024</h2> <ul> <li>CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See <a href="https://github.com/github/codeql-action/blob/main/#3230---08-jan-2024">release notes for 3.23.0</a> for more details. <a href="https://redirect.github.com/github/codeql-action/pull/2106">#2106</a></li> </ul> <h2>3.23.2 - 26 Jan 2024</h2> <ul> <li>On Linux, the maximum possible value for the <code>--threads</code> option now respects the CPU count as specified in <code>cgroup</code> files to more accurately reflect the number of available cores when running in containers. <a href="https://redirect.github.com/github/codeql-action/pull/2083">#2083</a></li> <li>Update default CodeQL bundle version to 2.16.1. <a href="https://redirect.github.com/github/codeql-action/pull/2096">#2096</a></li> </ul> <h2>3.23.1 - 17 Jan 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.0. <a href="https://redirect.github.com/github/codeql-action/pull/2073">#2073</a></li> <li>Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. <a href="https://redirect.github.com/github/codeql-action/pull/2079">#2079</a></li> </ul> <h2>3.23.0 - 08 Jan 2024</h2> <ul> <li>We are rolling out a feature in January 2024 that will disable Python dependency installation by default for all users. This improves the speed of analysis while having only a very minor impact on results. You can override this behavior by setting <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION=false</code> in your workflow, however we plan to remove this ability in future versions of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/2031">#2031</a></li> <li>The CodeQL Action now requires CodeQL version 2.11.6 or later. For more information, see <a href="https://github.com/github/codeql-action/blob/main/#2227---16-nov-2023">the corresponding changelog entry for CodeQL Action version 2.22.7</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2009">#2009</a></li> </ul> <h2>3.22.12 - 22 Dec 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.15.5. <a href="https://redirect.github.com/github/codeql-action/pull/2047">#2047</a></li> </ul> <h2>3.22.11 - 13 Dec 2023</h2> <ul> <li>[v3+ only] The CodeQL Action now runs on Node.js v20. <a href="https://redirect.github.com/github/codeql-action/pull/2006">#2006</a></li> </ul> <h2>2.22.10 - 12 Dec 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.15.4. <a href="https://redirect.github.com/github/codeql-action/pull/2016">#2016</a></li> </ul> <h2>2.22.9 - 07 Dec 2023</h2> <p>No user facing changes.</p> <h2>2.22.8 - 23 Nov 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.15.3. <a href="https://redirect.github.com/github/codeql-action/pull/2001">#2001</a></li> </ul> <h2>2.22.7 - 16 Nov 2023</h2> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
7550baff75
|
Bump codecov/codecov-action from 3.1.6 to 4.0.1 (#142838)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.6 to 4.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>v4.0.1</h2> <h2>What's Changed</h2> <ul> <li>Update README.md by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1243">codecov/codecov-action#1243</a></li> <li>Add all args by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1245">codecov/codecov-action#1245</a></li> <li>fix: show both token uses in readme by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1250">codecov/codecov-action#1250</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v4.0.0...v4.0.1">https://github.com/codecov/codecov-action/compare/v4.0.0...v4.0.1</a></p> <h2>v4.0.0</h2> <p>v4 of the Codecov Action uses the <a href="https://docs.codecov.com/docs/the-codecov-cli">CLI</a> as the underlying upload. The CLI has helped to power new features including local upload, the global upload token, and new upcoming features.</p> <h2>Breaking Changes</h2> <ul> <li>The Codecov Action runs as a <code>node20</code> action due to <code>node16</code> deprecation. See <a href="https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/">this post from GitHub</a> on how to migrate.</li> <li>Tokenless uploading is unsupported. However, PRs made from forks to the upstream public repos will support tokenless (e.g. contributors to OS projects do not need the upstream repo's Codecov token). This <a href="https://docs.codecov.com/docs/adding-the-codecov-token#github-actions">doc</a> shows instructions on how to add the Codecov token.</li> <li>OS platforms have been added, though some may not be automatically detected. To see a list of platforms, see our <a href="https://cli.codecov.io">CLI download page</a></li> <li>Various arguments to the Action have been changed. Please be aware that the arguments match with the CLI's needs</li> </ul> <p><code>v3</code> versions and below will not have access to CLI features (e.g. global upload token, ATS).</p> <h2>What's Changed</h2> <ul> <li>build(deps): bump openpgp from 5.8.0 to 5.9.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/985">codecov/codecov-action#985</a></li> <li>build(deps): bump actions/checkout from 3.0.0 to 3.5.3 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1000">codecov/codecov-action#1000</a></li> <li>build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1006">codecov/codecov-action#1006</a></li> <li>build(deps): bump tough-cookie from 4.0.0 to 4.1.3 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1013">codecov/codecov-action#1013</a></li> <li>build(deps-dev): bump word-wrap from 1.2.3 to 1.2.4 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1024">codecov/codecov-action#1024</a></li> <li>build(deps): bump node-fetch from 3.3.1 to 3.3.2 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1031">codecov/codecov-action#1031</a></li> <li>build(deps-dev): bump <code>@âtypes/node</code> from 20.1.4 to 20.4.5 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1032">codecov/codecov-action#1032</a></li> <li>build(deps): bump github/codeql-action from 1.0.26 to 2.21.2 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1033">codecov/codecov-action#1033</a></li> <li>build commit,report and upload args based on codecovcli by <a href="https://github.com/dana-yaish"><code>@âdana-yaish</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/943">codecov/codecov-action#943</a></li> <li>build(deps-dev): bump <code>@âtypes/node</code> from 20.4.5 to 20.5.3 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1055">codecov/codecov-action#1055</a></li> <li>build(deps): bump github/codeql-action from 2.21.2 to 2.21.4 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1051">codecov/codecov-action#1051</a></li> <li>build(deps-dev): bump <code>@âtypes/node</code> from 20.5.3 to 20.5.4 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1058">codecov/codecov-action#1058</a></li> <li>chore(deps): update outdated deps by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1059">codecov/codecov-action#1059</a></li> <li>build(deps-dev): bump <code>@âtypes/node</code> from 20.5.4 to 20.5.6 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1060">codecov/codecov-action#1060</a></li> <li>build(deps-dev): bump <code>@âtypescript-eslint/parser</code> from 6.4.1 to 6.5.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1065">codecov/codecov-action#1065</a></li> <li>build(deps-dev): bump <code>@âtypescript-eslint/eslint-plugin</code> from 6.4.1 to 6.5.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1064">codecov/codecov-action#1064</a></li> <li>build(deps): bump actions/checkout from 3.5.3 to 3.6.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1063">codecov/codecov-action#1063</a></li> <li>build(deps-dev): bump eslint from 8.47.0 to 8.48.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1061">codecov/codecov-action#1061</a></li> <li>build(deps-dev): bump <code>@âtypes/node</code> from 20.5.6 to 20.5.7 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1062">codecov/codecov-action#1062</a></li> <li>build(deps): bump openpgp from 5.9.0 to 5.10.1 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1066">codecov/codecov-action#1066</a></li> <li>build(deps-dev): bump <code>@âtypes/node</code> from 20.5.7 to 20.5.9 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1070">codecov/codecov-action#1070</a></li> <li>build(deps): bump github/codeql-action from 2.21.4 to 2.21.5 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1069">codecov/codecov-action#1069</a></li> <li>build(deps-dev): bump <code>@âtypescript-eslint/eslint-plugin</code> from 6.5.0 to 6.6.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1072">codecov/codecov-action#1072</a></li> <li>Update README.md by <a href="https://github.com/thomasrockhu-codecov"><code>@âthomasrockhu-codecov</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1073">codecov/codecov-action#1073</a></li> <li>build(deps-dev): bump <code>@âtypescript-eslint/parser</code> from 6.5.0 to 6.6.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1071">codecov/codecov-action#1071</a></li> <li>build(deps-dev): bump <code>@âvercel/ncc</code> from 0.36.1 to 0.38.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1074">codecov/codecov-action#1074</a></li> <li>build(deps): bump <code>@âactions/core</code> from 1.10.0 to 1.10.1 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1081">codecov/codecov-action#1081</a></li> <li>build(deps-dev): bump <code>@âtypescript-eslint/eslint-plugin</code> from 6.6.0 to 6.7.0 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1080">codecov/codecov-action#1080</a></li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md">codecov/codecov-action's changelog</a>.</em></p> <blockquote> <h2>4.0.0-beta.2</h2> <h3>Fixes</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/1085">#1085</a> not adding -n if empty to do-upload command</li> </ul> <h2>4.0.0-beta.1</h2> <p><code>v4</code> represents a move from the <a href="https://github.com/codecov/uploader">universal uploader</a> to the <a href="https://github.com/codecov/codecov-cli">Codecov CLI</a>. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.</p> <h3>Breaking Changes</h3> <ul> <li>No current support for <code>aarch64</code> and <code>alpine</code> architectures.</li> <li>Tokenless uploading is unsuported</li> <li>Various arguments to the Action have been removed</li> </ul> <h2>3.1.4</h2> <h3>Fixes</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/967">#967</a> Fix typo in README.md</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/971">#971</a> fix: add back in working dir</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/969">#969</a> fix: CLI option names for uploader</li> </ul> <h3>Dependencies</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/970">#970</a> build(deps-dev): bump <code>@âtypes/node</code> from 18.15.12 to 18.16.3</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/979">#979</a> build(deps-dev): bump <code>@âtypes/node</code> from 20.1.0 to 20.1.2</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/981">#981</a> build(deps-dev): bump <code>@âtypes/node</code> from 20.1.2 to 20.1.4</li> </ul> <h2>3.1.3</h2> <h3>Fixes</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/960">#960</a> fix: allow for aarch64 build</li> </ul> <h3>Dependencies</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/957">#957</a> build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/958">#958</a> build(deps): bump openpgp from 5.7.0 to 5.8.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/959">#959</a> build(deps-dev): bump <code>@âtypes/node</code> from 18.15.10 to 18.15.12</li> </ul> <h2>3.1.2</h2> <h3>Fixes</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/718">#718</a> Update README.md</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/851">#851</a> Remove unsupported path_to_write_report argument</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/898">#898</a> codeql-analysis.yml</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/901">#901</a> Update README to contain correct information - inputs and negate feature</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/955">#955</a> fix: add in all the extra arguments for uploader</li> </ul> <h3>Dependencies</h3> <ul> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/819">#819</a> build(deps): bump openpgp from 5.4.0 to 5.5.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/835">#835</a> build(deps): bump node-fetch from 3.2.4 to 3.2.10</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/840">#840</a> build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/841">#841</a> build(deps): bump <code>@âactions/core</code> from 1.9.1 to 1.10.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/843">#843</a> build(deps): bump <code>@âactions/github</code> from 5.0.3 to 5.1.1</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/869">#869</a> build(deps): bump node-fetch from 3.2.10 to 3.3.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/872">#872</a> build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0</li> <li><a href="https://redirect.github.com/codecov/codecov-action/issues/879">#879</a> build(deps): bump decode-uri-component from 0.2.0 to 0.2.2</li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
Xilai Zhang |
be4be30cc8
|
[github actions] ping actor of workflow on cherry pick pr creation (#142676)
Context: Follow up from sync with @itsjustkevin today. Tag and ping the actor of workflow, when the cherry pick pull request is successfully created. 1. actor of workflow will be the username of the user that triggered the initial workflow run. i.e., whoever labels the PR. This person might not necessarily be the author of the cherry pick PR. 2. PR number of newly created cherry pick PR is parsed from the output of "gh pr create" as a multi line string. Tested: on cp success: https://github.com/flutter/flutter/pull/142674 pings the actor of workflow (not the pr author). on cp failure: [example workflow](https://github.com/XilaiZhang/miscellaneous-side-project/actions/runs/7734400373/job/21088324523) leaves a msg on the original PR. |
||
dependabot[bot] |
354803f705
|
Bump peter-evans/create-pull-request from 5.0.2 to 6.0.0 (#142650)
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 5.0.2 to 6.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's releases</a>.</em></p> <blockquote> <h2>Create Pull Request v6.0.0</h2> <h2>Behaviour changes</h2> <ul> <li>The default values for <code>author</code> and <code>committer</code> have changed. See "What's new" below for details. If you are overriding the default values you will not be affected by this change.</li> <li>On completion, the action now removes the temporary git remote configuration it adds when using <code>push-to-fork</code>. This should not affect you unless you were using the temporary configuration for some other purpose after the action completes.</li> </ul> <h2>What's new</h2> <ul> <li>Updated runtime to Node.js 20 <ul> <li>The action now requires a minimum version of <a href="https://github.com/actions/runner/releases/tag/v2.308.0">v2.308.0</a> for the Actions runner. Update self-hosted runners to v2.308.0 or later to ensure compatibility.</li> </ul> </li> <li>The default value for <code>author</code> has been changed to <code>${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com></code>. The change adds the <code>${{ github.actor_id }}+</code> prefix to the email address to align with GitHub's standard format for the author email address.</li> <li>The default value for <code>committer</code> has been changed to <code>github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com></code>. This is to align with the default GitHub Actions bot user account.</li> <li>Adds input <code>git-token</code>, the <a href="https://docs.github.com/en/github/authenticating-to-github/creating-a-personal-access-token">Personal Access Token (PAT)</a> that the action will use for git operations. This input defaults to the value of <code>token</code>. Use this input if you would like the action to use a different token for git operations than the one used for the GitHub API.</li> <li><code>push-to-fork</code> now supports pushing to sibling repositories in the same network.</li> <li>Previously, when using <code>push-to-fork</code>, the action did not remove temporary git remote configuration it adds during execution. This has been fixed and the configuration is now removed when the action completes.</li> <li>If the pull request body is truncated due to exceeding the maximum length, the action will now suffix the body with the message "...<em>[Pull request body truncated]</em>" to indicate that the body has been truncated.</li> <li>The action now uses <code>--unshallow</code> only when necessary, rather than as a default argument of <code>git fetch</code>. This should improve performance, particularly for large git repositories with extensive commit history.</li> <li>The action can now be executed on one GitHub server and create pull requests on a <em>different</em> GitHub server. Server products include GitHub hosted (github.com), GitHub Enterprise Server (GHES), and GitHub Enterprise Cloud (GHEC). For example, the action can be executed on GitHub hosted and create pull requests on a GHES or GHEC instance.</li> </ul> <h2>What's Changed</h2> <ul> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@âactions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2086">peter-evans/create-pull-request#2086</a></li> <li>fix crazy-max/ghaction-import-gp parameters by <a href="https://github.com/fharper"><code>@âfharper</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2177">peter-evans/create-pull-request#2177</a></li> <li>Update distribution by <a href="https://github.com/actions-bot"><code>@âactions-bot</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2364">peter-evans/create-pull-request#2364</a></li> <li>Use checkout v4 by <a href="https://github.com/okuramasafumi"><code>@âokuramasafumi</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2521">peter-evans/create-pull-request#2521</a></li> <li>Note about <code>delete-branch</code> by <a href="https://github.com/dezren39"><code>@âdezren39</code></a> in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2631">peter-evans/create-pull-request#2631</a></li> <li>98 dependency updates by <a href="https://github.com/dependabot"><code>@âdependabot</code></a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/fharper"><code>@âfharper</code></a> made their first contribution in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2177">peter-evans/create-pull-request#2177</a></li> <li><a href="https://github.com/okuramasafumi"><code>@âokuramasafumi</code></a> made their first contribution in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2521">peter-evans/create-pull-request#2521</a></li> <li><a href="https://github.com/dezren39"><code>@âdezren39</code></a> made their first contribution in <a href="https://redirect.github.com/peter-evans/create-pull-request/pull/2631">peter-evans/create-pull-request#2631</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/peter-evans/create-pull-request/compare/v5.0.2...v6.0.0">https://github.com/peter-evans/create-pull-request/compare/v5.0.2...v6.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
c40acdad15
|
Bump codecov/codecov-action from 3.1.5 to 3.1.6 (#142553)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.5 to 3.1.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>v3.1.6</h2> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v3.1.5...v3.1.6">https://github.com/codecov/codecov-action/compare/v3.1.5...v3.1.6</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
a386473e32
|
Bump github/codeql-action from 3.23.1 to 3.23.2 (#142345)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.23.1 to 3.23.2. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.23.2 - 26 Jan 2024</h2> <ul> <li>On Linux, the maximum possible value for the <code>--threads</code> option now respects the CPU count as specified in <code>cgroup</code> files to more accurately reflect the number of available cores when running in containers. <a href="https://redirect.github.com/github/codeql-action/pull/2083">#2083</a></li> <li>Update default CodeQL bundle version to 2.16.1. <a href="https://redirect.github.com/github/codeql-action/pull/2096">#2096</a></li> </ul> <h2>3.23.1 - 17 Jan 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.16.0. <a href="https://redirect.github.com/github/codeql-action/pull/2073">#2073</a></li> <li>Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. <a href="https://redirect.github.com/github/codeql-action/pull/2079">#2079</a></li> </ul> <h2>3.23.0 - 08 Jan 2024</h2> <ul> <li>We are rolling out a feature in January 2024 that will disable Python dependency installation by default for all users. This improves the speed of analysis while having only a very minor impact on results. You can override this behavior by setting <code>CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION=false</code> in your workflow, however we plan to remove this ability in future versions of the CodeQL Action. <a href="https://redirect.github.com/github/codeql-action/pull/2031">#2031</a></li> <li>The CodeQL Action now requires CodeQL version 2.11.6 or later. For more information, see <a href="https://github.com/github/codeql-action/blob/main/#2227---16-nov-2023">the corresponding changelog entry for CodeQL Action version 2.22.7</a>. <a href="https://redirect.github.com/github/codeql-action/pull/2009">#2009</a></li> </ul> <h2>3.22.12 - 22 Dec 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.15.5. <a href="https://redirect.github.com/github/codeql-action/pull/2047">#2047</a></li> </ul> <h2>3.22.11 - 13 Dec 2023</h2> <ul> <li>[v3+ only] The CodeQL Action now runs on Node.js v20. <a href="https://redirect.github.com/github/codeql-action/pull/2006">#2006</a></li> </ul> <h2>2.22.10 - 12 Dec 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.15.4. <a href="https://redirect.github.com/github/codeql-action/pull/2016">#2016</a></li> </ul> <h2>2.22.9 - 07 Dec 2023</h2> <p>No user facing changes.</p> <h2>2.22.8 - 23 Nov 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.15.3. <a href="https://redirect.github.com/github/codeql-action/pull/2001">#2001</a></li> </ul> <h2>2.22.7 - 16 Nov 2023</h2> <ul> <li>Add a deprecation warning for customers using CodeQL version 2.11.5 and earlier. These versions of CodeQL were discontinued on 8 November 2023 alongside GitHub Enterprise Server 3.7, and will be unsupported by CodeQL Action v2.23.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/1993">#1993</a> <ul> <li>If you are using one of these versions, please update to CodeQL CLI version 2.11.6 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li> <li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.10.5 and 2.11.5, you can replace <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.22.7</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li> </ul> </li> </ul> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
ab30122f6b
|
Bump codecov/codecov-action from 3.1.4 to 3.1.5 (#142259)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.4 to 3.1.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's releases</a>.</em></p> <blockquote> <h2>v3.1.5</h2> <h2>What's Changed</h2> <ul> <li>action.yml: Update to Node.js 20 by <a href="https://github.com/hallabro"><code>@âhallabro</code></a> in <a href="https://redirect.github.com/codecov/codecov-action/pull/1228">codecov/codecov-action#1228</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/hallabro"><code>@âhallabro</code></a> made their first contribution in <a href="https://redirect.github.com/codecov/codecov-action/pull/1228">codecov/codecov-action#1228</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/codecov/codecov-action/compare/v3.1.4...v3.1.5">https://github.com/codecov/codecov-action/compare/v3.1.4...v3.1.5</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
Xilai Zhang |
23c08bf08f
|
[github actions] FINALLY fix the mysterious token error in github actions (#142058)
This should finally (with high confidence) fix https://github.com/flutter/flutter/issues/141980, the mysterious error where git push sometimes fail. **Root cause**: When a pull request merges onto flutter's master branch, it is actually a merge from a branch on a flutter contributor's repository, to flutter's repository. Therefore, the [actor](https://stackoverflow.com/questions/58737785/github-actions-empty-env-secrets) of the pull request event, is the user that opened the pull request. And this actor would not have write access to repo and therefore the repo secret resolves to empty. Therefore [running your pull_request workflow when a pull request merges](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#running-your-pull_request-workflow-when-a-pull-request-merges) doesn't work because even though we are not running our workflows on a forked repository, the **actor** of the pull_request event comes from a forked repository, and secrets are not passed to this actor. The correct way is using [pull_request_target](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target) event instead of pull_request event. In workflows triggered by this event, GITHUB_TOKEN is granted read/write repository permission unless the permissions key is specified and the workflow **can** access secrets, even when the actor of the workflow trigger comes from a fork. Note that workflows of this event runs in the context of the base commit and not the merge commit. But this doesn't matter for our use case since we are good with using the actions file from the base commit in the pull request event. **Tested**: I was finally able to reproduce the error by: 1. create a pull request under the username of different user other than the repository owner 2. merge and label the pull request, and use the token of this different user, but use it as repository secrets in the workflow [reproduced error](https://github.com/XilaiZhang/miscellaneous-side-project/actions/runs/7619699924/job/20753210562) previously I wasn't able to reproduce this error on my personal repo because the actors in my tests are the same user. Also tested on my personal repo, following the steps mentioned above, that using the pull_request_event type fixes the error. [succeeded run](https://github.com/XilaiZhang/miscellaneous-side-project/actions/runs/7630017020/job/20784762242) **The Debug Process**: spent quite a while looking at other things during debugging, but they turned out to be unrelated. things that we experimented with are workflow conditions, ssh setup, git push url, manual trigger, workflow env, secret setup, dependency on market place actions (actions/checkout and peter-evans/create-pullrequest) |
||
dependabot[bot] |
5dd667a6da
|
Bump actions/upload-artifact from 4.2.0 to 4.3.0 (#142075)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.2.0 to 4.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.3.0</h2> <h2>What's Changed</h2> <ul> <li>Reorganize upload code in prep for merge logic & add more tests by <a href="https://github.com/robherley"><code>@ârobherley</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/504">actions/upload-artifact#504</a></li> <li>Add sub-action to merge artifacts by <a href="https://github.com/robherley"><code>@ârobherley</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/505">actions/upload-artifact#505</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4...v4.3.0">https://github.com/actions/upload-artifact/compare/v4...v4.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
dependabot[bot] |
fac26c575d
|
Bump actions/upload-artifact from 4.1.0 to 4.2.0 (#141803)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.1.0 to 4.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.2.0</h2> <h2>What's Changed</h2> <ul> <li>Ability to overwrite an Artifact by <a href="https://github.com/robherley"><code>@ârobherley</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/501">actions/upload-artifact#501</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4...v4.2.0">https://github.com/actions/upload-artifact/compare/v4...v4.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |