search

Andrewshin-7th-technology-student / build-CI

Building a CI web config. for the XXC file GO TO THE LINK TO SEE REPO RULES, ETC.
https://github.com/Andrewshin-7th-technology-student/build-CI/blob/main/.repo%20files/README.md
GNU Affero General Public License v3.0
3 stars 1 forks source link

Bump the dev-dependencies group across 1 directory with 4 updates #86

Open dependabot[bot] opened 5 hours ago

dependabot[bot] commented 5 hours ago

Bumps the dev-dependencies group with 4 updates in the / directory: actions/checkout, GitGuardian/ggshield, actions/setup-node and actions/stale.

Updates actions/checkout from 3 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v3...v4.0.0

v3.6.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v3.5.3...v3.6.0

v3.5.3

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v3...v3.5.3

v3.5.2

What's Changed

Full Changelog: https://github.com/actions/checkout/compare/v3.5.1...v3.5.2

v3.5.1

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

... (truncated)

Commits
  • eef6144 Prepare 4.2.1 release (#1925)
  • 6b42224 Add workflow file for publishing releases to immutable action package (#1919)
  • de5a000 Check out other refs/* by commit if provided, fall back to ref (#1924)
  • d632683 Prepare 4.2.0 release (#1878)
  • 6d193bf Bump braces from 3.0.2 to 3.0.3 (#1777)
  • db0cee9 Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1872)
  • b684943 Add Ref and Commit outputs (#1180)
  • 2d7d9f7 Provide explanation for where user email came from (#1869)
  • 9a9194f Bump docker/build-push-action from 5.3.0 to 6.5.0 (#1832)
  • dd960bd Bump docker/login-action in the minor-actions-dependencies group (#1831)
  • Additional commits viewable in compare view


Updates GitGuardian/ggshield from 1.32.0 to 1.32.2

Release notes

Sourced from GitGuardian/ggshield's releases.

1.32.2

Fixed

  • Fixed a regression introduced in ggshield 1.32.1, which made ggshield install -m global crash (#972).

1.32.1

Fixed

  • Fixed a case where ggshield commit parser could fail because of the local git configuration.
Changelog

Sourced from GitGuardian/ggshield's changelog.

1.32.2 — 2024-10-16

Fixed

  • Fixed a regression introduced in ggshield 1.32.1, which made ggshield install -m global crash (#972).

1.32.1 — 2024-10-01

Fixed

  • Fixed a case where ggshield commit parser could fail because of the local git configuration.

Commits
  • 66269d0 chore(release): 1.32.2
  • 3668b10 fix: unbreak installing of global git hooks
  • 80e46c9 chore: add a get_data_dir() function to core.dirs
  • c135c97 chore(release): 1.32.1
  • 804e3a3 Merge pull request #970 from GitGuardian/agateau/ignore-git-config
  • c97aab6 fix: fix parsing patches when the diff.noprefix git config option is set
  • 50b56bb Merge pull request #968 from GitGuardian/agateau/post-release-fixes
  • 6ef1006 test: do not fail if GITGUARDIAN_INSTANCE is set
  • 077ef7a test: wait longer for hashicorp_vault test server to start
  • 589aa14 Merge pull request #967 from GitGuardian/agateau/update-ggshield-version
  • Additional commits viewable in compare view


Updates actions/setup-node from 3 to 4

Release notes

Sourced from actions/setup-node's releases.

v4.0.0

What's Changed

In scope of this release we changed version of node runtime for action from node16 to node20 and updated dependencies in actions/setup-node#866

Besides, release contains such changes as:

New Contributors

Full Changelog: https://github.com/actions/setup-node/compare/v3...v4.0.0

v3.8.2

What's Changed

Full Changelog: https://github.com/actions/setup-node/compare/v3...v3.8.2

v3.8.1

What's Changed

In scope of this release, the filter was removed within the cache-save step by @​dmitry-shibanov in actions/setup-node#831. It is filtered and checked in the toolkit/cache library.

Full Changelog: https://github.com/actions/setup-node/compare/v3...v3.8.1

v3.8.0

What's Changed

Bug fixes:

Feature implementations:

Documentation changes:

Update dependencies:

... (truncated)

Commits


Updates actions/stale from 5 to 9

Release notes

Sourced from actions/stale's releases.

v9.0.0

Breaking Changes

  1. Action is now stateful: If the action ends because of operations-per-run then the next run will start from the first unprocessed issue skipping the issues processed during the previous run(s). The state is reset when all the issues are processed. This should be considered for scheduling workflow runs.
  2. Version 9 of this action updated the runtime to Node.js 20. All scripts are now run with Node.js 20 instead of Node.js 16 and are affected by any breaking changes between Node.js 16 and 20.

What Else Changed

  1. Performance optimization that removes unnecessary API calls by @​dsame #1033 fixes #792
  2. Logs displaying current github API rate limit by @​dsame #1032 addresses #1029

For more information, please read the action documentation and its section about statefulness

New Contributors

Full Changelog: https://github.com/actions/stale/compare/v8...v9.0.0

v8.0.0

:warning: This version contains breaking changes :warning:

What's Changed

Breaking Changes

  • In this release we prevent scenarios when the build is not interrupted on some exceptions, which led to successful builds when they are supposed to fail

Example

name: 'Remove labels when the issue or PR becomes stale'
on:
  schedule:
    - cron: '30 1 * * *'

permissions:
pull-requests: write


jobs:
stale:
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v8
with:
labels-to-remove-when-stale: 'label1,label2'

v7.0.0

... (truncated)

Changelog

Sourced from actions/stale's changelog.

Changelog

[7.0.0]

:warning: Breaking change :warning:

[6.0.1]

Update @​actions/core to v1.10.0 (#839)

[6.0.0]

:warning: Breaking change :warning:

Issues/PRs default close-issue-reason is now not_planned(#789)

[5.1.0]

Don't process stale issues right after they're marked stale [Add close-issue-reason option]#764#772 Various dependabot/dependency updates

4.1.0 (2021-07-14)

Features

4.0.0 (2021-07-14)

Features

Bug Fixes

  • dry-run: forbid mutations in dry-run (#500) (f1017f3), closes #499
  • logs: coloured logs (#465) (5fbbfba)
  • operations: fail fast the current batch to respect the operations limit (#474) (5f6f311), closes #466
  • label comparison: make label comparison case insensitive #517, closes #516
  • filtering comments by actor could have strange behavior: "stale" comments are now detected based on if the message is the stale message not who made the comment(#519), fixes #441, #509, #518

Breaking Changes

... (truncated)

Commits
  • 28ca103 Upgrade Node to v20 (#1110)
  • b69b346 build(deps-dev): bump @​types/node from 18.16.18 to 20.5.1 (#1079)
  • 88a6f4f build(deps-dev): bump typescript from 5.1.3 to 5.2.2 (#1083)
  • 796531a Merge pull request #1080 from akv-platform/fix-delete-cache
  • 8986f62 Don not try to delete cache if it does not exists
  • cab99b3 fix typo proceeded/processed
  • 184e7af Merge pull request #1064 from actions/dependabot/npm_and_yarn/typescript-esli...
  • 523885c chore: update eslint-plugin, parser and eslint-plugin-jest
  • 2487a1d build(deps-dev): bump @​typescript-eslint/eslint-plugin
  • 60c722e Merge pull request #1063 from actions/dependabot/npm_and_yarn/jest-29.6.2
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions

Summary by Sourcery

Bump versions of several GitHub Actions used in workflows, including actions/checkout, GitGuardian/ggshield, actions/setup-node, and actions/stale, to their latest versions.

Build:

cr-gpt[bot] commented 5 hours ago

Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information

keploynavigator[bot] commented 5 hours ago

Thanks for opening this pull request!

sourcery-ai[bot] commented 5 hours ago

Reviewer's Guide by Sourcery

This pull request updates several GitHub Actions dependencies across the repository. The changes include upgrading actions/checkout, GitGuardian/ggshield, actions/setup-node, and actions/stale to their latest versions. These updates aim to improve the CI/CD pipeline by incorporating the latest features and bug fixes from these actions.

Architecture diagram for updated GitHub Actions workflow

graph TD;
    A[GitHub Actions Workflow] --> B[actions/checkout@v4];
    A --> C[GitGuardian/ggshield@v1.32.2];
    A --> D[actions/setup-node@v4];
    A --> E[actions/stale@v9];

    B -->|Updated from v3 to v4| B;
    C -->|Updated from v1.32.0 to v1.32.2| C;
    D -->|Updated from v3 to v4| D;
    E -->|Updated from v5 to v9| E;

File-Level Changes

Change Details Files
Update actions/checkout from v3 to v4
  • Upgrade to the latest major version of actions/checkout
  • New features include support for fetching without the --progress option
  • Improves performance and reliability of the checkout process
 .github/workflows/gitguardian.yaml
.github/workflows/stale-to-pr.yml
Update GitGuardian/ggshield from v1.32.0 to v1.32.2
  • Minor version update for the GitGuardian secret scanning action
  • Includes bug fixes and performance improvements
 .github/workflows/gitguardian.yaml
Update actions/setup-node from v3 to v4
  • Major version update for the Node.js setup action
  • Includes support for the latest Node.js versions
  • Improves caching and overall performance
 .github/workflows/package-v.yml
Update actions/stale from v5 to v9
  • Major version update for the stale issue/PR management action
  • Introduces statefulness for better handling of large repositories
  • Improves performance by reducing unnecessary API calls
  • Adds new features like removing specific labels when an item becomes stale
 .github/workflows/stale-to-pr.yml
Tips and commands #### Interacting with Sourcery - **Trigger a new review:** Comment `@sourcery-ai review` on the pull request. - **Continue discussions:** Reply directly to Sourcery's review comments. - **Generate a GitHub issue from a review comment:** Ask Sourcery to create an issue from a review comment by replying to it. - **Generate a pull request title:** Write `@sourcery-ai` anywhere in the pull request title to generate a title at any time. - **Generate a pull request summary:** Write `@sourcery-ai summary` anywhere in the pull request body to generate a PR summary at any time. You can also use this command to specify where the summary should be inserted. #### Customizing Your Experience Access your [dashboard](https://app.sourcery.ai) to: - Enable or disable review features such as the Sourcery-generated pull request summary, the reviewer's guide, and others. - Change the review language. - Add, remove or edit custom review instructions. - Adjust other review settings. #### Getting Help - [Contact our support team](mailto:support@sourcery.ai) for questions or feedback. - Visit our [documentation](https://docs.sourcery.ai) for detailed guides and information. - Keep in touch with the Sourcery team by following us on [X/Twitter](https://x.com/SourceryAI), [LinkedIn](https://www.linkedin.com/company/sourcery-ai/) or [GitHub](https://github.com/sourcery-ai).
semanticdiff-com[bot] commented 5 hours ago

Review changes with SemanticDiff.

deepsource-io[bot] commented 5 hours ago

Here's the code health analysis summary for commits ae5a67c..ee6b8d9. View details on DeepSource ↗.

Analysis Summary

AnalyzerStatusSummaryLink
DeepSource Python LogoPython✅ SuccessView Check ↗
DeepSource Java LogoJava✅ SuccessView Check ↗
DeepSource C# LogoC#✅ SuccessView Check ↗
DeepSource JavaScript LogoJavaScript✅ SuccessView Check ↗
DeepSource Shell LogoShell✅ SuccessView Check ↗
DeepSource Kotlin LogoKotlin✅ SuccessView Check ↗
💡 If you’re a repository administrator, you can configure the quality gates from the settings.
what-the-diff[bot] commented 5 hours ago

PR Summary

github-actions[bot] commented 5 hours ago

Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information

codiumai-pr-agent-free[bot] commented 5 hours ago

CI Failure Feedback 🧐

(Checks updated until commit https://github.com/Andrewshin-7th-technology-student/build-CI/commit/ee6b8d93dc8c8c2de5eaa3e0c5f933d36c97276a)

**Action:** GitGuardian scan
**Failed stage:** [GitGuardian scan](https://github.com/Andrewshin-7th-technology-student/build-CI/actions/runs/11483989613/job/31960713744) [❌]
**Failure summary:** The action failed due to the following reason:
  • An "Invalid API key" error was encountered, indicating that the GITGUARDIAN_API_KEY environment
    variable is either missing, incorrect, or not authorized.
    • Relevant error logs: ```yaml 1: ##[group]Operating System 2: Ubuntu ... 182: ##[endgroup] 183: ##[command]/usr/bin/docker run --name gitguardianggshieldv1322_68749f --label e6732c --workdir /github/workspace --rm -e "GITHUB_PUSH_BEFORE_SHA" -e "GITHUB_PUSH_BASE_SHA" -e "GITHUB_PULL_BASE_SHA" -e "GITHUB_DEFAULT_BRANCH" -e "GITGUARDIAN_API_KEY" -e "INPUT_ARGS" -e "HOME" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_REPOSITORY_OWNER_ID" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_REPOSITORY_ID" -e "GITHUB_ACTOR_ID" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKFLOW_REF" -e "GITHUB_WORKFLOW_SHA" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "GITHUB_STATE" -e "GITHUB_OUTPUT" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_ENVIRONMENT" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e "ACTIONS_RESULTS_URL" -e GITHUB_ACTIONS=true -e CI=true --entrypoint "/app/docker/actions-secret-entrypoint.sh" -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/build-CI/build-CI":"/github/workspace" gitguardian/ggshield:v1.32.2 "" 184: github_push_before_sha: 2c35aa46f5ab0b94056012222b06df8f286f05e9 185: github_push_base_sha: 186: github_pull_base_sha: ae5a67c3e53a254582fb4621813230d064307dd3 187: github_default_branch: main 188: github_head_sha: 88cfeec04a48f048faff6b77db830024a7f9381e 189: Commits to scan: 2 190: Error: Invalid API key. ```
    ✨ CI feedback usage guide:
    The CI feedback tool (`/checks)` automatically triggers when a PR has a failed check. The tool analyzes the failed checks and provides several feedbacks: - Failed stage - Failed test name - Failure summary - Relevant error logs In addition to being automatically triggered, the tool can also be invoked manually by commenting on a PR: ``` /checks "https://github.com/{repo_name}/actions/runs/{run_number}/job/{job_number}" ``` where `{repo_name}` is the name of the repository, `{run_number}` is the run number of the failed check, and `{job_number}` is the job number of the failed check. #### Configuration options - `enable_auto_checks_feedback` - if set to true, the tool will automatically provide feedback when a check is failed. Default is true. - `excluded_checks_list` - a list of checks to exclude from the feedback, for example: ["check1", "check2"]. Default is an empty list. - `enable_help_text` - if set to true, the tool will provide a help message with the feedback. Default is true. - `persistent_comment` - if set to true, the tool will overwrite a previous checks comment with the new feedback. Default is true. - `final_update_message` - if `persistent_comment` is true and updating a previous checks message, the tool will also create a new message: "Persistent checks updated to latest commit". Default is true. See more information about the `checks` tool in the [docs](https://pr-agent-docs.codium.ai/tools/ci_feedback/).
    github-actions[bot] commented 5 hours ago

    🚨 Prettier check failed for the following files:

    [warn] .github/workflows/package-v.yml
[warn] .github/workflows/stale-to-pr.yml
[warn] Code style issues found in 2 files. Run Prettier with --write to fix.

    To fix the issue, run the following command:

    npx prettier --write .github/workflows/package-v.yml .github/workflows/stale-to-pr.yml
    cr-gpt[bot] commented 4 hours ago

    Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information

    github-actions[bot] commented 4 hours ago

    Seems you are using me but didn't get OPENAI_API_KEY seted in Variables/Secrets for this repo. you could follow readme for more information

    sonarcloud[bot] commented 4 hours ago

    Quality Gate Passed Quality Gate passed

    Issues
    0 New issues
    0 Accepted issues

    Measures
    0 Security Hotspots
    0.0% Coverage on New Code
    0.0% Duplication on New Code

    See analysis details on SonarCloud