Xerolux / violet-hass

This custom integration allows you to monitor and control your pool equipment using the Violet Pool Controller in Home Assistant. It includes sensors, binary sensors, and switches to track various pool metrics and perform essential operations.
https://xerolux.github.io/violet-hass/
MIT License
1 stars 0 forks source link

Bump actions/stale from 5 to 9 #11

Closed dependabot[bot] closed 1 month ago

dependabot[bot] commented 1 month ago

Bumps actions/stale from 5 to 9.

Release notes

Sourced from actions/stale's releases.

v9.0.0

Breaking Changes

  1. Action is now stateful: If the action ends because of operations-per-run then the next run will start from the first unprocessed issue skipping the issues processed during the previous run(s). The state is reset when all the issues are processed. This should be considered for scheduling workflow runs.
  2. Version 9 of this action updated the runtime to Node.js 20. All scripts are now run with Node.js 20 instead of Node.js 16 and are affected by any breaking changes between Node.js 16 and 20.

What Else Changed

  1. Performance optimization that removes unnecessary API calls by @​dsame #1033 fixes #792
  2. Logs displaying current github API rate limit by @​dsame #1032 addresses #1029

For more information, please read the action documentation and its section about statefulness

New Contributors

Full Changelog: https://github.com/actions/stale/compare/v8...v9.0.0

v8.0.0

:warning: This version contains breaking changes :warning:

What's Changed

Breaking Changes

  • In this release we prevent scenarios when the build is not interrupted on some exceptions, which led to successful builds when they are supposed to fail

Example

name: 'Remove labels when the issue or PR becomes stale'
on:
  schedule:
    - cron: '30 1 * * *'

permissions: pull-requests: write

jobs: stale: runs-on: ubuntu-latest steps: - uses: actions/stale@v8 with: labels-to-remove-when-stale: 'label1,label2'

v7.0.0

... (truncated)

Changelog

Sourced from actions/stale's changelog.

Changelog

[7.0.0]

:warning: Breaking change :warning:

[6.0.1]

Update @​actions/core to v1.10.0 (#839)

[6.0.0]

:warning: Breaking change :warning:

Issues/PRs default close-issue-reason is now not_planned(#789)

[5.1.0]

Don't process stale issues right after they're marked stale [Add close-issue-reason option]#764#772 Various dependabot/dependency updates

4.1.0 (2021-07-14)

Features

4.0.0 (2021-07-14)

Features

Bug Fixes

  • dry-run: forbid mutations in dry-run (#500) (f1017f3), closes #499
  • logs: coloured logs (#465) (5fbbfba)
  • operations: fail fast the current batch to respect the operations limit (#474) (5f6f311), closes #466
  • label comparison: make label comparison case insensitive #517, closes #516
  • filtering comments by actor could have strange behavior: "stale" comments are now detected based on if the message is the stale message not who made the comment(#519), fixes #441, #509, #518

Breaking Changes

... (truncated)

Commits
  • 28ca103 Upgrade Node to v20 (#1110)
  • b69b346 build(deps-dev): bump @​types/node from 18.16.18 to 20.5.1 (#1079)
  • 88a6f4f build(deps-dev): bump typescript from 5.1.3 to 5.2.2 (#1083)
  • 796531a Merge pull request #1080 from akv-platform/fix-delete-cache
  • 8986f62 Don not try to delete cache if it does not exists
  • cab99b3 fix typo proceeded/processed
  • 184e7af Merge pull request #1064 from actions/dependabot/npm_and_yarn/typescript-esli...
  • 523885c chore: update eslint-plugin, parser and eslint-plugin-jest
  • 2487a1d build(deps-dev): bump @​typescript-eslint/eslint-plugin
  • 60c722e Merge pull request #1063 from actions/dependabot/npm_and_yarn/jest-29.6.2
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
github-actions[bot] commented 1 month ago

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

PackageVersionScoreDetails
actions/actions/stale 9.*.* :green_circle: 5.6
Details
CheckScoreReason
Code-Review:green_circle: 10all changesets reviewed
Maintained:warning: 00 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0
CII-Best-Practices:warning: 0no effort to earn an OpenSSF best practices badge detected
License:green_circle: 10license file detected
Signed-Releases:warning: -1no releases found
Branch-Protection:warning: -1internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration
Packaging:warning: -1packaging workflow not detected
Dangerous-Workflow:green_circle: 10no dangerous workflow patterns detected
Token-Permissions:warning: 0detected GitHub workflow tokens with excessive permissions
Binary-Artifacts:green_circle: 10no binaries found in the repo
Pinned-Dependencies:warning: 0dependency not pinned by hash detected -- score normalized to 0
Fuzzing:warning: 0project is not fuzzed
Security-Policy:green_circle: 9security policy file detected
SAST:green_circle: 10SAST tool is run on all commits
Vulnerabilities:green_circle: 55 existing vulnerabilities detected

Scanned Manifest Files

.github/workflows/stale.yml
  • actions/stale@9.*.*
  • actions/stale@5.*.*