UKHSA-Internal / coronavirus-dashboard-api-net-sdk

Coronavirus (COVID-19) in the UK - API Service SDK for .Net
https://coronavirus.data.gov.uk/
MIT License
12 stars 4 forks source link

Bump actions/setup-dotnet from 1 to 2.1.0 #47

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps actions/setup-dotnet from 1 to 2.1.0.

Release notes

Sourced from actions/setup-dotnet's releases.

Package updates, support for global json file in a subdirectory, installer scripts updates

This release includes the following PRs:

  • Adding support for the global-json-file input: #276 Example of usage:

    - uses: actions/setup-dotnet@v2
      with:
        global-json-file: csharp/global.json
    - run: dotnet build <my project>
      working-directory: csharp
    
  • Update @​zeit/ncc to @​vercel/ncc: #290

  • Update vulnerable packages: #289

  • Improve documentation and update installer scripts to the latest version: #278

v2.0.0

In scope of this release we changed version of the runtime Node.js for the setup-dotnet action and updated package-lock.json file to v2.

Breaking Changes With the update to Node 16 in #271 all scripts will now be run with Node 16 rather than Node 12.

Installer scripts updates

Update dotnet-install scripts to the latest versions: #270

Support for installation of multiple versions, warnings for deprecated versions

This release includes the following PRs:

  • Adding support to install multiple .NET versions in single action invocation: #240 example:
- uses: actions/setup-dotnet@v1
  with:
    dotnet-version: | 
      3.1.x
      5.0.x

The latest installed .NET version is default, according .NET documentation.

  • Adding the build warnings if the deprecated .NET versions are installed by action: #245

Package Updates, Improvement for global.json handling

  • Bump path-parse from 1.0.6 to 1.0.7 #222
  • Update installer scripts #226
  • Support rollForward option for global.json #224

Update packages

  • Bump ws from 7.3.1 to 7.5.0 #212
  • Bump hosted-git-info from 2.8.8 to 2.8.9 #198
  • Bump lodash from 4.17.20 to 4.17.21 #197

... (truncated)

Commits
  • c0d4ad6 Don't need C# analysis for CodeQL
  • afe2dab Create codeql-analysis.yml
  • 5cc8955 Update @​zeit/ncc to @​vercel/ncc (#290)
  • 158737d Merge pull request #289 from vsafonkin/v-vsafonkin/update-wget-package
  • fcf565e Update vulnerable packages
  • f078482 add global-json-file input (#276)
  • 0fb87b1 Merge pull request #285 from vsafonkin/v-vsafonkin/add-code-of-conduct
  • 4fe7a19 Add code of conduct
  • 9283a8c switch side by side testing example to single setup step (#283)
  • 53d632b Update docs to v2 (#278)
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 2 years ago

Superseded by #56.