search

dpgaspar / Flask-AppBuilder

Simple and rapid application development framework, built on top of Flask. includes detailed security, auto CRUD generation for your models, google charts and much more. Demo (login with guest/welcome) - http://flaskappbuilder.pythonanywhere.com/
BSD 3-Clause "New" or "Revised" License
4.63k stars 1.35k forks source link

chore(deps): bump the github-actions group with 4 updates #2201

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 6 months ago

Bumps the github-actions group with 4 updates: actions/checkout, actions/setup-python, github/codeql-action and morrisoncole/pr-lint-action.

Updates actions/checkout from 3 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v3...v4.0.0

v3.6.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v3.5.3...v3.6.0

v3.5.3

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v3...v3.5.3

v3.5.2

What's Changed

Full Changelog: https://github.com/actions/checkout/compare/v3.5.1...v3.5.2

v3.5.1

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.0

v4.0.0

v3.6.0

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.0

v3.3.0

v3.2.0

v3.1.0

v3.0.2

... (truncated)

Commits


Updates actions/setup-python from 4 to 5

Release notes

Sourced from actions/setup-python's releases.

v5.0.0

What's Changed

In scope of this release, we update node version runtime from node16 to node20 (actions/setup-python#772). Besides, we update dependencies to the latest versions.

Full Changelog: https://github.com/actions/setup-python/compare/v4.8.0...v5.0.0

v4.8.0

What's Changed

In scope of this release we added support for GraalPy (actions/setup-python#694). You can use this snippet to set up GraalPy:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4 
  with:
    python-version: 'graalpy-22.3' 
- run: python my_script.py

Besides, the release contains such changes as:

New Contributors

Full Changelog: https://github.com/actions/setup-python/compare/v4...v4.8.0

v4.7.1

What's Changed

Full Changelog: https://github.com/actions/setup-python/compare/v4...v4.7.1

v4.7.0

In scope of this release, the support for reading python version from pyproject.toml was added (actions/setup-python#669).

      - name: Setup Python
        uses: actions/setup-python@v4
</tr></table>

... (truncated)

Commits


Updates github/codeql-action from 2 to 3

Release notes

Sourced from github/codeql-action's releases.

CodeQL Bundle v2.16.2

Bundles CodeQL CLI v2.16.2

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.16.2:

CodeQL Bundle v2.16.1

Bundles CodeQL CLI v2.16.1

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.16.1:

CodeQL Bundle v2.16.0

Bundles CodeQL CLI v2.16.0

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.16.0:

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

3.24.3 - 15 Feb 2024

  • Fix an issue where the CodeQL Action would fail to load a configuration specified by the config input to the init Action. #2147

3.24.2 - 15 Feb 2024

  • Enable improved multi-threaded performance on larger runners for GitHub Enterprise Server users. This feature is already available to GitHub.com users. #2141

3.24.1 - 13 Feb 2024

  • Update default CodeQL bundle version to 2.16.2. #2124
  • The CodeQL action no longer fails if it can't write to the telemetry api endpoint. #2121

3.24.0 - 02 Feb 2024

  • CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See release notes for 3.23.0 for more details. #2106

3.23.2 - 26 Jan 2024

  • On Linux, the maximum possible value for the --threads option now respects the CPU count as specified in cgroup files to more accurately reflect the number of available cores when running in containers. #2083
  • Update default CodeQL bundle version to 2.16.1. #2096

3.23.1 - 17 Jan 2024

  • Update default CodeQL bundle version to 2.16.0. #2073
  • Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. #2079

3.23.0 - 08 Jan 2024

  • We are rolling out a feature in January 2024 that will disable Python dependency installation by default for all users. This improves the speed of analysis while having only a very minor impact on results. You can override this behavior by setting CODEQL_ACTION_DISABLE_PYTHON_DEPENDENCY_INSTALLATION=false in your workflow, however we plan to remove this ability in future versions of the CodeQL Action. #2031
  • The CodeQL Action now requires CodeQL version 2.11.6 or later. For more information, see the corresponding changelog entry for CodeQL Action version 2.22.7. #2009

3.22.12 - 22 Dec 2023

  • Update default CodeQL bundle version to 2.15.5. #2047

3.22.11 - 13 Dec 2023

  • [v3+ only] The CodeQL Action now runs on Node.js v20. #2006

2.22.10 - 12 Dec 2023

  • Update default CodeQL bundle version to 2.15.4. #2016

2.22.9 - 07 Dec 2023

No user facing changes.

2.22.8 - 23 Nov 2023

... (truncated)

Commits
  • 729def5 Teach rebuild Action how to resolve conflicts in lib
  • eb60ca2 Merge branch 'main' into henrymercer/java-buildless-rollback
  • c6cf6fd Merge pull request #2138 from jsoref/update-release-branch-backticks-for-branch
  • 7b30fef Add common CLI configuration error categories (#2130)
  • 427cfbe Add backticks around branch
  • bc64d12 Merge pull request #2135 from github/henrymercer/no-analyze-config
  • ecdd69d Merge pull request #2132 from github/mergeback/v3.24.1-to-main-e675ced7
  • 191f59f Store generated config file in temporary directory
  • 057a9cb Merge pull request #2134 from github/henrymercer/remove-junk
  • 3935424 Remove some inadvertently checked in build files
  • Additional commits viewable in compare view


Updates morrisoncole/pr-lint-action from 1.4.1 to 1.7.0

Release notes

Sourced from morrisoncole/pr-lint-action's releases.

v1.7.0

  • Fixes #389: once the bot has commented once, it will now update that comment rather than creating new ones.
  • Fixes #333: removed trailing period from the end of the default error message.

v1.6.1

  • Fixes #266: the success comment will now be created once the PR Lint succeeds, even when on-failed-regex-create-review is set to false. Thank you @​talboren for reporting, debugging, and fixing this! 💪

v1.6.0

  • Updated documentation to recommend running the action on PR synchronize events too, so that the checks won't go stale.
  • Fixes #175: can now customize the success message when reviews are dismissed using on-succeeded-regex-dismiss-review-comment.
  • Fixes #171: run action with Node 16.
  • Upgrade dependencies.

v1.5.1

Internal refactoring only:

  • Migrate to Yarn 2.
  • Upgrade dependencies.

v1.5.0

  • Reduces action run time from around 40 seconds to 1 second 🔥🚀. We now ship the packaged source with Vercel's ncc and run those directly rather than building on the fly with Docker.

v1.4.2

Commits
  • 327d082 fix: don't set key when updating
  • 708c389 fix: #389, #333
  • 259bc2d feat: update existing review comments when possible
  • 1b5b7a5 fix: update with success comment, rather than creating a new one
  • 4c03c1a fix: use async
  • cfc9f3c feat: setup Jest, document existing options, prepare for refactor
  • f02c7b0 chore(deps): update dependency @​types/node to v16.11.59 #ex-123
  • 35152ac chore(deps): update typescript-eslint monorepo to v5.37.0 #ex-123 (#385)
  • 03a9e01 chore(deps): update dependency eslint to v8.23.1 #ex-123 (#384)
  • 0847553 chore(deps): update dependency typescript to v4.8.3 #ex-123 (#383)
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions