mher / flower

Real-time monitor and web admin for Celery distributed task queue
https://flower.readthedocs.io
Other
6.5k stars 1.09k forks source link

Bump the github-actions group with 6 updates #1394

Closed dependabot[bot] closed 2 months ago

dependabot[bot] commented 2 months ago

Bumps the github-actions group with 6 updates:

Package From To
actions/checkout 2 4
docker/setup-qemu-action 1 3
docker/setup-buildx-action 1 3
docker/metadata-action 3 5
docker/login-action 1 3
docker/build-push-action 2 6

Updates actions/checkout from 2 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v3...v4.0.0

v3.6.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v3.5.3...v3.6.0

v3.5.3

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v3...v3.5.3

v3.5.2

What's Changed

Full Changelog: https://github.com/actions/checkout/compare/v3.5.1...v3.5.2

v3.5.1

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v4.0.0

v3.6.0

v3.5.3

... (truncated)

Commits


Updates docker/setup-qemu-action from 1 to 3

Release notes

Sourced from docker/setup-qemu-action's releases.

v3.0.0

Full Changelog: https://github.com/docker/setup-qemu-action/compare/v2.2.0...v3.0.0

v2.2.0

Full Changelog: https://github.com/docker/setup-qemu-action/compare/v2.1.0...v2.2.0

v2.1.0

Full Changelog: https://github.com/docker/setup-qemu-action/compare/v2.0.0...v2.1.0

v2.0.0

  • Node 16 as default runtime by @​crazy-max (#48)
    • This requires a minimum Actions Runner version of v2.285.0, which is by default available in GHES 3.4 or later.
  • chore: update dev dependencies and workflow by @​crazy-max (#43 #47)
  • Bump @​actions/core from 1.3.0 to 1.6.0 (#37 #39 #41)
  • Bump @​actions/exec from 1.0.4 to 1.1.1 (#38 #46)

Full Changelog: https://github.com/docker/setup-qemu-action/compare/v1.2.0...v2.0.0

v1.2.0

  • Display image information (#36)
  • Bump @​actions/core from 1.2.7 to 1.3.0 (#35)

v1.1.0

  • Remove os limitation (#30)
  • Bump @​actions/core from 1.2.6 to 1.2.7 (#29)

v1.0.2

  • Enhance workflow (#26)
  • Container based developer flow (#19 #20)

v1.0.1

  • Fix CVE-2020-15228
Commits
  • 49b3bc8 Merge pull request #155 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 9dec05b chore: update generated content
  • 73387bc build(deps): bump @​docker/actions-toolkit from 0.34.0 to 0.35.0
  • fcfabe0 Merge pull request #154 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 948a838 chore: update generated content
  • 31629f6 switch to Docker exec
  • 6ae1d4d build(deps): bump @​docker/actions-toolkit from 0.31.0 to 0.34.0
  • 5927c83 Merge pull request #149 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 32ea29b chore: update generated content
  • 92ac892 build(deps): bump @​docker/actions-toolkit from 0.23.0 to 0.31.0
  • Additional commits viewable in compare view


Updates docker/setup-buildx-action from 1 to 3

Release notes

Sourced from docker/setup-buildx-action's releases.

v3.0.0

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v2.10.0...v3.0.0

v2.10.0

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v2.9.1...v2.10.0

v2.9.1

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v2.9.0...v2.9.1

v2.9.0

  • Bump @​docker/actions-toolkit from 0.6.0 to 0.7.0 in docker/setup-buildx-action#246
    • Adds support to cache Buildx binary to hosted tool cache and GHA cache backend

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v2.8.0...v2.9.0

v2.8.0

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v2.7.0...v2.8.0

v2.7.0

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v2.6.0...v2.7.0

v2.6.0

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v2.5.0...v2.6.0

v2.5.0

Full Changelog: https://github.com/docker/setup-buildx-action/compare/v2.4.1...v2.5.0

v2.4.1

... (truncated)

Commits
  • 988b5a0 Merge pull request #347 from crazy-max/skip-malformed-context
  • 2c21562 chore: update generated content
  • 3382292 check for malformed docker context
  • 3d68780 Merge pull request #341 from crazy-max/docker-context-tls
  • d069e98 chore: update generated content
  • 8b850f8 create docker context if default one has TLS data loaded
  • aa33708 Merge pull request #345 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 2d99e34 chore: update generated content
  • 4dab436 build(deps): bump @​docker/actions-toolkit from 0.34.0 to 0.35.0
  • 49a04d6 Merge pull request #344 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • Additional commits viewable in compare view


Updates docker/metadata-action from 3 to 5

Release notes

Sourced from docker/metadata-action's releases.

v5.0.0

Full Changelog: https://github.com/docker/metadata-action/compare/v4.6.0...v5.0.0

v4.6.0

Full Changelog: https://github.com/docker/metadata-action/compare/v4.5.0...v4.6.0

v4.5.0

Full Changelog: https://github.com/docker/metadata-action/compare/v4.4.0...v4.5.0

v4.4.0

Full Changelog: https://github.com/docker/metadata-action/compare/v4.3.0...v4.4.0

v4.3.0

Full Changelog: https://github.com/docker/metadata-action/compare/v4.2.0...v4.3.0

v4.2.0

  • Add tz attribute to handlebar date function by @​chroju (#251)
  • Bump minimatch from 3.0.4 to 3.1.2 (#242)
  • Bump csv-parse from 5.3.1 to 5.3.3 (#245)
  • Bump json5 from 2.2.0 to 2.2.3 (#252)

Full Changelog: https://github.com/docker/metadata-action/compare/v4.1.1...v4.2.0

v4.1.1

  • Revert changes to set associated head sha on pull request event by @​crazy-max (#239)
    • User can still set associated head sha on PR by setting the env var DOCKER_METADATA_PR_HEAD_SHA=true
  • Bump csv-parse from 5.3.0 to 5.3.1 (#237)

Full Changelog: https://github.com/docker/metadata-action/compare/v4.1.0...v4.1.1

... (truncated)

Upgrade guide

Sourced from docker/metadata-action's upgrade guide.

Upgrade notes

v2 to v3

  • Repository has been moved to docker org. Replace crazy-max/ghaction-docker-meta@v2 with docker/metadata-action@v5
  • The default bake target has been changed: ghaction-docker-meta > docker-metadata-action

v1 to v2

inputs

New Unchanged Removed
tags images tag-sha
flavor sep-tags tag-edge
labels sep-labels tag-edge-branch
tag-semver
tag-match
tag-match-group
tag-latest
tag-schedule
tag-custom
tag-custom-only
label-custom

tag-sha

tags: |
  type=sha

tag-edge / tag-edge-branch

tags: |
  # default branch
</tr></table> 

... (truncated)

Commits
  • 8e5442c Merge pull request #382 from crazy-max/dont-set-cwd-prefix
  • eda41b7 chore: update generated content
  • 388c08f don't set cwd:// prefix for local bake files
  • dbef880 Merge pull request #374 from docker/dependabot/npm_and_yarn/moment-timezone-0...
  • b73e7a7 chore: update generated content
  • b9fba69 chore(deps): Bump moment-timezone from 0.5.43 to 0.5.44
  • ac82374 Merge pull request #373 from docker/dependabot/npm_and_yarn/moment-2.30.1
  • c92519a chore: update generated content
  • 3b4179d chore(deps): Bump moment from 2.29.4 to 2.30.1
  • 0784993 Merge pull request #371 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • Additional commits viewable in compare view


Updates docker/login-action from 1 to 3

Release notes

Sourced from docker/login-action's releases.

v3.0.0

Full Changelog: https://github.com/docker/login-action/compare/v2.2.0...v3.0.0

v2.2.0

Full Changelog: https://github.com/docker/login-action/compare/v2.1.0...v2.2.0

v2.1.0

  • Ensure AWS temp credentials are redacted in workflow logs by @​crazy-max (#275)
  • Bump @​actions/core from 1.6.0 to 1.10.0 (#252 #292)
  • Bump @​aws-sdk/client-ecr from 3.53.0 to 3.186.0 (#298)
  • Bump @​aws-sdk/client-ecr-public from 3.53.0 to 3.186.0 (#299)

Full Changelog: https://github.com/docker/login-action/compare/v2.0.0...v2.1.0

v2.0.0

  • Node 16 as default runtime by @​crazy-max (#161)
    • This requires a minimum Actions Runner version of v2.285.0, which is by default available in GHES 3.4 or later.
  • chore: update dev dependencies and workflow by @​crazy-max (#170)
  • Bump @​actions/exec from 1.1.0 to 1.1.1 (#167)
  • Bump @​actions/io from 1.1.1 to 1.1.2 (#168)
  • Bump minimist from 1.2.5 to 1.2.6 (#176)
  • Bump https-proxy-agent from 5.0.0 to 5.0.1 (#182)

Full Changelog: https://github.com/docker/login-action/compare/v1.14.1...v2.0.0

v1.14.1

  • Revert to Node 12 as default runtime to fix issue for GHE users (#160)

v1.14.0

  • Update to node 16 (#158)
  • Bump @​aws-sdk/client-ecr from 3.45.0 to 3.53.0 (#157)
  • Bump @​aws-sdk/client-ecr-public from 3.45.0 to 3.53.0 (#156)

v1.13.0

  • Handle proxy settings for aws-sdk (#152)
  • Workload identity based authentication docs for GCR and GAR (#112)
  • Test login against ACR (#49)

... (truncated)

Commits
  • 9780b0c Merge pull request #741 from docker/dependabot/npm_and_yarn/proxy-agent-depen...
  • 2fa130c chore: update generated content
  • 5e87b2a build(deps): bump https-proxy-agent
  • e039495 Merge pull request #754 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 9af18aa chore: update generated content
  • 668190a switch to Docker exec
  • be5150d build(deps): bump @​docker/actions-toolkit from 0.24.0 to 0.35.0
  • e80ebca Merge pull request #730 from docker/dependabot/npm_and_yarn/braces-3.0.3
  • 75ee3ea Merge pull request #733 from docker/dependabot/github_actions/docker/bake-act...
  • 793c19c build(deps): bump docker/bake-action from 4 to 5
  • Additional commits viewable in compare view


Updates docker/build-push-action from 2 to 6

Release notes

Sourced from docker/build-push-action's releases.

v6.0.0

[!NOTE] This major release adds support for generating Build summary and exporting build record for your build. You can disable this feature by setting DOCKER_BUILD_NO_SUMMARY: true environment variable in your workflow.

Full Changelog: https://github.com/docker/build-push-action/compare/v5.4.0...v6.0.0

v5.4.0

Full Changelog: https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0

v5.3.0

Full Changelog: https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0

v5.2.0

Full Changelog: https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0

v5.1.0

Full Changelog: https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0

v5.0.0

Full Changelog: https://github.com/docker/build-push-action/compare/v4.2.1...v5.0.0

v4.2.1

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

... (truncated)

Commits
  • 5cd11c3 Merge pull request #1211 from crazy-max/summary-info-message
  • 0aba704 chore: update generated content
  • 23c657a print info message for build summary support checks
  • 16ebe77 Merge pull request #1205 from docker/dependabot/npm_and_yarn/docker/actions-t...
  • 646a62b chore: update generated content
  • d92ab13 chore(deps): Bump @​docker/actions-toolkit from 0.37.0 to 0.37.1
  • 4f7cdeb Merge pull request #1198 from docker/dependabot/npm_and_yarn/docker/actions-t...
  • ad3cd77 chore: update generated content
  • 3efbc13 chore(deps): Bump @​docker/actions-toolkit from 0.36.0 to 0.37.0
  • 2dbe91d Merge pull request #1197 from crazy-max/build-checks
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions