search

FusionAuth / fusionauth-android-sdk

Android SDK for FusionAuth
https://fusionauth.io
Other
3 stars 1 forks source link

build(deps): bump the prod-github-actions group with 4 updates #79

Closed dependabot[bot] closed 3 months ago

dependabot[bot] commented 4 months ago

Bumps the prod-github-actions group with 4 updates: actions/checkout, github/codeql-action, gradle/actions and MobSF/mobsfscan.

Updates actions/checkout from 4.1.2 to 4.1.6

Release notes

Sourced from actions/checkout's releases.

v4.1.6

What's Changed

Full Changelog: https://github.com/actions/checkout/compare/v4.1.5...v4.1.6

v4.1.5

What's Changed

Full Changelog: https://github.com/actions/checkout/compare/v4.1.4...v4.1.5

v4.1.4

What's Changed

Full Changelog: https://github.com/actions/checkout/compare/v4.1.3...v4.1.4

v4.1.3

What's Changed

Full Changelog: https://github.com/actions/checkout/compare/v4.1.2...v4.1.3

Changelog

Sourced from actions/checkout's changelog.

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v4.0.0

v3.6.0

v3.5.3

v3.5.2

v3.5.1

... (truncated)

Commits


Updates github/codeql-action from 3.25.6 to 3.25.7

Changelog

Sourced from github/codeql-action's changelog.

3.25.7 - 31 May 2024

  • We are rolling out a feature in May/June 2024 that will reduce the Actions cache usage of the Action by keeping only the newest TRAP cache for each language. #2306
Commits
  • f079b84 Merge pull request #2317 from github/update-v3.25.7-a095bf2a1
  • e1a4268 Update changelog for v3.25.7
  • a095bf2 Merge pull request #2313 from github/revert-2312-update-bundle/codeql-bundle-...
  • bbd4e19 Revert "Update default bundle to 2.17.4"
  • 9ab5d16 Merge pull request #2312 from github/update-bundle/codeql-bundle-v2.17.4
  • 028346e Add changelog note
  • 5fe0847 Update default bundle to codeql-bundle-v2.17.4
  • 9550da9 Merge pull request #2311 from github/henrymercer/pack-missing-auth-config-error
  • 6548a4d Add configuration error for missing auth to package registry
  • 7927df0 Bump micromatch from 4.0.5 to 4.0.7 in the npm group (#2310)
  • Additional commits viewable in compare view


Updates gradle/actions from 3.1.0 to 3.3.2

Release notes

Sourced from gradle/actions's releases.

v3.3.2

This patch release fixes a bug in both dependency-submission and setup-gradle (#196 introduced in v3.3.1), which resulted in "No dependency-graph files found to submit" when using the download-and-submit function. A number of other minor issues have also been addressed:

What's Changed

  • [dependency-submission] Fix bug finding dependency-graph files with 'download-and-submit' (#199)
  • [dependency-submission] Use Gradle logger instead of println in dependency graph init script (#191 from @​aleksandrserbin)
  • [dependency-submission] Retain and log full stacktrace for dependency submission errors (#192)
  • [setup-gradle] Improve build scan badge readability with long task names (#200 from @​gabrielfeo)

Full Changelog: https://github.com/gradle/actions/compare/v3.3.1...v3.3.2

v3.3.1

This patch release fixes a bug in setting the report dir for dependency-submission, and updates the plugin versions applied in Develocity injection.

What's Changed

  • Bump Develocity and CCUD plugin versions (#185)
  • Support custom DEPENDENCY_GRAPH_REPORT_DIR variable for dependency-submission (#188)

Full Changelog: https://github.com/gradle/actions/compare/v3.3.0...v3.3.1

v3.3.0

This release includes a new action, and improvements to the existing actions.

Highlights include:

[!IMPORTANT] The caching protocol version has changed in this release, so cache entries written with previous versions of the action will not be reused. This means that jobs will effectively start with an empty cache after switching to this release.

Changelog

NEW action gradle/actions/wrapper-validation

  • [NEW] Add replacement for wrapper-validation-action (#160)

Improvements to gradle/actions/setup-gradle

  • [NEW] Cache paths have been updated for Gradle 8.6+ (#45, #163)
  • [NEW] setup-gradle action can now perform wrapper-validation automatically (#161, #162)
  • [FIX] Make cache-keys more consistent (#131).
  • [FIX] Avoid listing old build results in Job Summary on self-hosted runner (#127)
  • [FIX] Deprecation warnings are emitted when using deprecated inputs (#108)
  • [FIX] Generate correct toolchains.xml file on ARM runners (#89)

Improvements to gradle/actions/depenency-submission

  • [NEW] Action is now implemented directly in TypeScript, and does not delegate to setup-gradle (#116)

... (truncated)

Commits
  • db19848 [bot] Update dist directory
  • 941b289 Avoid running Gradle 3.5.1 on MacOS where Java 8 is not available
  • bce7dac Improve build scan badge readability with long tasks (#200)
  • 11eaed9 Avoid Java 8 since it is not available on MacOS runners
  • cd62d9c Improve job summary readability with long tasks
  • a54fb6a Add tests on current job-summary behavior
  • ef36f81 Fix typo in build shell script
  • 18998bc [bot] Update dist directory
  • a772c14 Avoid updating real dependency graph in tests
  • 7763d71 Set the report dir for download-and-submit
  • Additional commits viewable in compare view


Updates MobSF/mobsfscan from 0.3.8 to 0.3.9

Release notes

Sourced from MobSF/mobsfscan's releases.

0.3.9

What's Changed

Full Changelog: https://github.com/MobSF/mobsfscan/compare/0.3.8...0.3.9

Commits


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Aaron-Ritter commented 3 months ago

@dependabot rebase

dependabot[bot] commented 3 months ago

Superseded by #81.