This release introduces a new experimental input that you can use to configure experimental features. We encourage everyone to try them out and share feedback.
As a first experimental feature, this release adds detect_merge_method. When enabled, it cherry-picks the resulting commits based on the detected merge method. Give it a try if you're using the Squash and merge or Rebase and merge merge method for your pull requests, and please report any issues you encounter.
To enable merge method detection add the following to your backport workflow:
In scope of this release, we change Nodejs runtime from node16 to node20 (actions/setup-go#421). Moreover, we update some dependencies to the latest versions (actions/setup-go#445).
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Bumps the ci group with 4 updates: korthout/backport-action, actions/setup-go, docker/metadata-action and anchore/sbom-action.
Updates
korthout/backport-action
from 2.1.1 to 2.2.0Release notes
Sourced from korthout/backport-action's releases.
Commits
b982d29
dist: release 2.2.032e3a3b
dist: build new artifacts13b24fe
Merge pull request #399 from jschmid1/feat/respect-squash-and-rebase-merges1e95a33
fix: reverse found commits for range4735b06
fix: check commits to cherry pick for merges68c7aff
fix: remove surrounding quotes from shas995cf04
fix: store fetched refs indefinitelya34b7c2
refactor: remove unused function3b378cd
feat: warn about unknown experimental input493766a
docs: describe merge_commit_shaUpdates
actions/setup-go
from 4.1.0 to 5.0.0Release notes
Sourced from actions/setup-go's releases.
Commits
0c52d54
Update dependencies for node20 (#445)bfd2fb3
Merge pull request #421 from chenrui333/node20-runtime3d65fa5
feat: bump to use actions/checkout@v48a505c9
feat: bump to use node20 runtime883490d
Merge pull request #417 from artemgavrilov/maind45ebba
Rephrase sentence317c661
Replacewildcards
term withglobs
.f90673a
Merge pull request #1 from artemgavrilov/caching-docs-improvement8018234
Improve documentation regarding dependencies cachind085b4f
Merge pull request #411 from galargh/fix/windows-hostedtoolcacheUpdates
docker/metadata-action
from 5.0.0 to 5.3.0Release notes
Sourced from docker/metadata-action's releases.
Commits
31cebac
Merge pull request #363 from docker/dependabot/npm_and_yarn/docker/actions-to...394bbab
chore: update generated contentee4c905
chore(deps): Bump@docker/actions-toolkit
from 0.14.0 to 0.15.0e6428a5
Merge pull request #361 from crazy-max/custom-annotations26b4721
Merge pull request #359 from favonia/document-annotations352ce8b
chore: update generated contentcb0becc
custom annotations support91224bc
docs(README): add a hint about multi-arch buildsf19c369
Merge pull request #358 from crazy-max/empty-images4066f0c
chore: update generated contentUpdates
anchore/sbom-action
from 0.15.0 to 0.15.1Release notes
Sourced from anchore/sbom-action's releases.
Commits
5ecf649
chore(deps): update Syft to v0.98.0 (#431)a4126e6
Add config input (#430)9d0277c
chore: pin and upgrade gh actions (#429)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show