Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump the dependencies group with 4 updates #146

Merged
merged 2 commits into from
Feb 11, 2024
Merged

chore(deps): bump the dependencies group with 4 updates #146

merged 2 commits into from
Feb 11, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 5, 2024
edited
Loading

Bumps the dependencies group with 4 updates: toshimaru/auto-author-assign, abatilo/actions-poetry, actions/cache and peter-evans/create-pull-request.

Updates toshimaru/auto-author-assign from 2.0.1 to 2.1.0

Release notes

Sourced from toshimaru/auto-author-assign's releases.

v2.1.0

What's Changed

Dependencies

Full Changelog: toshimaru/auto-author-assign@v2.0.1...v2.1.0

Changelog

Sourced from toshimaru/auto-author-assign's changelog.

2.1.0 (2024-01-17)

Commits
  • ebd30f1 chore(release): 2.1.0
  • fe944cf build(deps): bump @​actions/github from 5.1.1 to 6.0.0 (#99)
  • 60a9f1a build(deps-dev): bump @​vercel/ncc from 0.38.0 to 0.38.1 (#100)
  • 5a5d40b build(deps): bump actions/setup-node from 3 to 4 (#101)
  • See full diff in compare view

Updates abatilo/actions-poetry from 2 to 3

Release notes

Sourced from abatilo/actions-poetry's releases.

v3.0.0

3.0.0 (2024-1-11)

BREAKING CHANGE

Use pipx to isolate poetry (#63) (7b6d33e)

Functionality itself should expect to be the same but the affected virtualenv is different and people might have depended on this behavior so we're considering this a breaking change.

v2.4.0

2.4.0 (2023-12-29)

Features

  • Add ability to install plugins as part of the action setup (#66) (a5643c6)

v2.3.0

2.3.0 (2023-02-24)

Features

  • by default use the latest poetry version (#62) (192395c)

v2.2.0

2.2.0 (2022-11-26)

Features

  • update default Poetry version to 1.2.2 (#57) (f295866)

v2.1.6

2.1.6 (2022-08-23)

Bug Fixes

  • Updating default poetry version to 1.15 (#49) (0816ab2)

v2.1.5

2.1.5 (2022-06-26)

Bug Fixes

  • quote versions to fix parsing errors (c1aba0c)

... (truncated)

Commits

Updates actions/cache from 3 to 4

Release notes

Sourced from actions/cache's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: actions/cache@v3...v4.0.0

v3.3.3

What's Changed

New Contributors

Full Changelog: actions/cache@v3...v3.3.3

v3.3.2

What's Changed

New Contributors

Full Changelog: actions/cache@v3...v3.3.2

v3.3.1

What's Changed

Full Changelog: actions/cache@v3...v3.3.1

v3.3.0

What's Changed

... (truncated)

Changelog

Sourced from actions/cache's changelog.

Releases

3.0.0

  • Updated minimum runner version support from node 12 -> node 16

3.0.1

  • Added support for caching from GHES 3.5.
  • Fixed download issue for files > 2GB during restore.

3.0.2

  • Added support for dynamic cache size cap on GHES.

3.0.3

  • Fixed avoiding empty cache save when no files are available for caching. (issue)

3.0.4

  • Fixed tar creation error while trying to create tar with path as ~/ home folder on ubuntu-latest. (issue)

3.0.5

  • Removed error handling by consuming actions/cache 3.0 toolkit, Now cache server error handling will be done by toolkit. (PR)

3.0.6

  • Fixed #809 - zstd -d: no such file or directory error
  • Fixed #833 - cache doesn't work with github workspace directory

3.0.7

  • Fixed #810 - download stuck issue. A new timeout is introduced in the download process to abort the download if it gets stuck and doesn't finish within an hour.

3.0.8

  • Fix zstd not working for windows on gnu tar in issues #888 and #891.
  • Allowing users to provide a custom timeout as input for aborting download of a cache segment using an environment variable SEGMENT_DOWNLOAD_TIMEOUT_MINS. Default is 60 minutes.

3.0.9

  • Enhanced the warning message for cache unavailablity in case of GHES.

3.0.10

  • Fix a bug with sorting inputs.
  • Update definition for restore-keys in README.md

... (truncated)

Commits

Updates peter-evans/create-pull-request from 5 to 6

Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v6.0.0

Behaviour changes

  • The default values for author and committer have changed. See "What's new" below for details. If you are overriding the default values you will not be affected by this change.
  • On completion, the action now removes the temporary git remote configuration it adds when using push-to-fork. This should not affect you unless you were using the temporary configuration for some other purpose after the action completes.

What's new

  • Updated runtime to Node.js 20
    • The action now requires a minimum version of v2.308.0 for the Actions runner. Update self-hosted runners to v2.308.0 or later to ensure compatibility.
  • The default value for author has been changed to ${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com>. The change adds the ${{ github.actor_id }}+ prefix to the email address to align with GitHub's standard format for the author email address.
  • The default value for committer has been changed to github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>. This is to align with the default GitHub Actions bot user account.
  • Adds input git-token, the Personal Access Token (PAT) that the action will use for git operations. This input defaults to the value of token. Use this input if you would like the action to use a different token for git operations than the one used for the GitHub API.
  • push-to-fork now supports pushing to sibling repositories in the same network.
  • Previously, when using push-to-fork, the action did not remove temporary git remote configuration it adds during execution. This has been fixed and the configuration is now removed when the action completes.
  • If the pull request body is truncated due to exceeding the maximum length, the action will now suffix the body with the message "...[Pull request body truncated]" to indicate that the body has been truncated.
  • The action now uses --unshallow only when necessary, rather than as a default argument of git fetch. This should improve performance, particularly for large git repositories with extensive commit history.
  • The action can now be executed on one GitHub server and create pull requests on a different GitHub server. Server products include GitHub hosted (github.com), GitHub Enterprise Server (GHES), and GitHub Enterprise Cloud (GHEC). For example, the action can be executed on GitHub hosted and create pull requests on a GHES or GHEC instance.

What's Changed

New Contributors

Full Changelog: peter-evans/create-pull-request@v5.0.2...v6.0.0

Create Pull Request v5.0.2

⚙️ Fixes an issue that occurs when using push-to-fork and both base and head repositories are in the same org/user account.

What's Changed

Full Changelog: peter-evans/create-pull-request@v5.0.1...v5.0.2

Create Pull Request v5.0.1

What's Changed

Full Changelog: peter-evans/create-pull-request@v5.0.0...v5.0.1

Commits
  • b1ddad2 feat: v6 (#2717)
  • bb80902 build(deps-dev): bump @​types/node from 18.19.8 to 18.19.10 (#2712)
  • e0037d4 build(deps): bump peter-evans/create-or-update-comment from 3 to 4 (#2702)
  • 94b1f99 build(deps): bump peter-evans/find-comment from 2 to 3 (#2703)
  • 69c27ea build(deps-dev): bump ts-jest from 29.1.1 to 29.1.2 (#2685)
  • 7ea722a build(deps-dev): bump prettier from 3.2.2 to 3.2.4 (#2684)
  • 5ee839a build(deps-dev): bump @​types/node from 18.19.7 to 18.19.8 (#2683)
  • 60fc256 build(deps-dev): bump eslint-plugin-prettier from 5.1.2 to 5.1.3 (#2660)
  • 0c67723 build(deps-dev): bump @​types/node from 18.19.5 to 18.19.7 (#2661)
  • 4e288e8 build(deps-dev): bump prettier from 3.1.1 to 3.2.2 (#2659)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Feb 5, 2024
@changeset-bot changeset-bot
Copy link

changeset-bot bot commented Feb 5, 2024
edited
Loading

🦋 Changeset detected

Latest commit: 62e66ea

The changes in this PR will be included in the next version bump.

This PR includes changesets to release 1 package
Name Type
json-on-the-clocktower Patch

Not sure what this means? Click here to learn what changesets are.

Click here if you're a maintainer who wants to add another changeset to this PR

@chizmw
Copy link
Owner

chizmw commented Feb 11, 2024

@dependabot recreate

@dependabot
chore(deps): bump the dependencies group with 4 updates
c4492c0 
Bumps the dependencies group with 4 updates: [toshimaru/auto-author-assign](https://github.com/toshimaru/auto-author-assign), [abatilo/actions-poetry](https://github.com/abatilo/actions-poetry), [actions/cache](https://github.com/actions/cache) and [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request).


Updates `toshimaru/auto-author-assign` from 2.0.1 to 2.1.0
- [Release notes](https://github.com/toshimaru/auto-author-assign/releases)
- [Changelog](https://github.com/toshimaru/auto-author-assign/blob/main/CHANGELOG.md)
- [Commits](toshimaru/auto-author-assign@v2.0.1...v2.1.0)

Updates `abatilo/actions-poetry` from 2 to 3
- [Release notes](https://github.com/abatilo/actions-poetry/releases)
- [Changelog](https://github.com/abatilo/actions-poetry/blob/master/.releaserc)
- [Commits](abatilo/actions-poetry@v2...v3)

Updates `actions/cache` from 3 to 4
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](actions/cache@v3...v4)

Updates `peter-evans/create-pull-request` from 5 to 6
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@v5...v6)

---
updated-dependencies:
- dependency-name: toshimaru/auto-author-assign
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: abatilo/actions-poetry
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: peter-evans/create-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/github_actions/dependencies-e38830398f branch from 7cb6dd0 to c4492c0 Compare February 11, 2024 19:43
@chizmw chizmw merged commit 04f428c into main Feb 11, 2024
1 check passed
@chizmw chizmw deleted the dependabot/github_actions/dependencies-e38830398f branch February 11, 2024 19:46
@chizmw chizmw mentioned this pull request Feb 11, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@chizmw