search

openimsdk / oimws

A websocket and tcp framework for openim
MIT License
21 stars 18 forks source link

chore(deps): bump the github-actions group with 10 updates #75

Closed dependabot[bot] closed 9 months ago

dependabot[bot] commented 9 months ago

Bumps the github-actions group with 10 updates:

Package From To
actions/github-script 6 7
github/codeql-action 2 3
actions/setup-go 4 5
actions/first-interaction 1.2.0 1.3.0
dessant/lock-threads 4 5
alex-page/github-project-automation-plus 0.8.3 0.9.0
sigstore/cosign-installer 3.1.2 3.3.0
anchore/sbom-action 0.14.3 0.15.2
cachix/install-nix-action 23 24
actions/stale 8 9

Updates actions/github-script from 6 to 7

Release notes

Sourced from actions/github-script's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/github-script/compare/v6.4.1...v7.0.0

v6.4.1

What's Changed

New Contributors

Full Changelog: https://github.com/actions/github-script/compare/v6.4.0...v6.4.1

v6.4.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/github-script/compare/v6.3.3...v6.4.0

v6.3.3

What's Changed

New Contributors

Full Changelog: https://github.com/actions/github-script/compare/v6.3.2...v6.3.3

v6.3.2

What's Changed

... (truncated)

Commits
  • 60a0d83 Merge pull request #440 from actions/joshmgross/v7.0.1
  • b7fb200 Update version to 7.0.1
  • 12e22ed Merge pull request #439 from actions/joshmgross/avoid-setting-base-url
  • d319f8f Avoid setting baseUrl to undefined when input is not provided
  • e69ef54 Merge pull request #425 from actions/joshmgross/node-20
  • ee0914b Update licenses
  • d6fc56f Use @types/node for Node 20
  • 384d6cf Fix quotations in tests
  • 8472492 Only validate GraphQL previews
  • 84903f5 Remove node-fetch from type
  • Additional commits viewable in compare view


Updates github/codeql-action from 2 to 3

Release notes

Sourced from github/codeql-action's releases.

CodeQL Bundle v2.15.5

Bundles CodeQL CLI v2.15.5

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.15.5:

CodeQL Bundle v2.15.4

Bundles CodeQL CLI v2.15.4

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.15.4:

CodeQL Bundle

Bundles CodeQL CLI v2.15.3

Includes the following CodeQL language packs from github/codeql@codeql-cli/v2.15.3:

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

Commits
  • e0c2b0a change version numbers inside processing function as well
  • 8e4a6c7 improve handling of changelog processing for backports
  • 511f073 Merge pull request #2033 from github/dependabot/npm_and_yarn/npm-0a98872b3d
  • ebf5a83 Merge pull request #2035 from github/mergeback/v3.22.11-to-main-b374143c
  • 7813bda Update checked-in dependencies
  • 2b2fb6b Update changelog and version after v3.22.11
  • b374143 Merge pull request #2034 from github/update-v3.22.11-64e61baea
  • 95591ba Merge branch 'main' into dependabot/npm_and_yarn/npm-0a98872b3d
  • e2b5cc7 Update changelog for v3.22.11
  • See full diff in compare view


Updates actions/setup-go from 4 to 5

Release notes

Sourced from actions/setup-go's releases.

v5.0.0

What's Changed

In scope of this release, we change Nodejs runtime from node16 to node20 (actions/setup-go#421). Moreover, we update some dependencies to the latest versions (actions/setup-go#445).

Besides, this release contains such changes as:

New Contributors

Full Changelog: https://github.com/actions/setup-go/compare/v4...v5.0.0

v4.1.0

What's Changed

In scope of this release, slow installation on Windows was fixed by @​dsame in actions/setup-go#393 and OS version was added to primaryKey for Ubuntu runners to avoid conflicts (actions/setup-go#383)

This release also includes the following changes:

New Contributors

Full Changelog: https://github.com/actions/setup-go/compare/v4...v4.1.0

v4.0.1

What's Changed

New Contributors

Full Changelog: https://github.com/actions/setup-go/compare/v4...v4.0.1

Commits
  • 0c52d54 Update dependencies for node20 (#445)
  • bfd2fb3 Merge pull request #421 from chenrui333/node20-runtime
  • 3d65fa5 feat: bump to use actions/checkout@v4
  • 8a505c9 feat: bump to use node20 runtime
  • 883490d Merge pull request #417 from artemgavrilov/main
  • d45ebba Rephrase sentence
  • 317c661 Replace wildcards term with globs.
  • f90673a Merge pull request #1 from artemgavrilov/caching-docs-improvement
  • 8018234 Improve documentation regarding dependencies cachin
  • d085b4f Merge pull request #411 from galargh/fix/windows-hostedtoolcache
  • Additional commits viewable in compare view


Updates actions/first-interaction from 1.2.0 to 1.3.0

Release notes

Sourced from actions/first-interaction's releases.

v1.3.0

Upgrade our base image from node v14 -> v20

Add dependency on @octokit/rest and @actions/http-client.

👉 See the PR for details: actions/first-interaction#287

Commits


Updates dessant/lock-threads from 4 to 5

Release notes

Sourced from dessant/lock-threads's releases.

v5.0.0

Learn more about this release from the changelog.

v4.0.1

Learn more about this release from the changelog.

Changelog

Sourced from dessant/lock-threads's changelog.

5.0.0 (2023-11-14)

⚠ BREAKING CHANGES

  • Discussions are also processed by default, set the process-only input parameter to preserve the old behavior
    steps:
      - uses: dessant/lock-threads@v5
        with:
          process-only: 'issues, prs'
  • the action now requires Node.js 20

Features

Bug Fixes

4.0.1 (2023-06-12)

Bug Fixes

  • retry and throttle GitHub API requests (1618e91), closes #35

4.0.0 (2022-12-04)

⚠ BREAKING CHANGES

  • the action now requires Node.js 16

Bug Fixes

3.0.0 (2021-09-27)

⚠ BREAKING CHANGES

  • input parameter names have changed

... (truncated)

Commits


Updates alex-page/github-project-automation-plus from 0.8.3 to 0.9.0

Release notes

Sourced from alex-page/github-project-automation-plus's releases.

v0.9.0

  • Update the NodeJS version of the action runner to Node 20. Thanks @​lkostrowski for the contribution.
Commits


Updates sigstore/cosign-installer from 3.1.2 to 3.3.0

Release notes

Sourced from sigstore/cosign-installer's releases.

v3.3.0

What's Changed

Full Changelog: https://github.com/sigstore/cosign-installer/compare/v3.2.0...v3.3.0

v3.2.0

Note: This release comes with a fix for CVE-2023-46737 described in this Github Security Advisory. Please upgrade to this release ASAP

see https://github.com/sigstore/cosign/releases/tag/v2.2.1

What's Changed

New Contributors

Full Changelog: https://github.com/sigstore/cosign-installer/compare/v3...v3.2.0

Commits


Updates anchore/sbom-action from 0.14.3 to 0.15.2

Release notes

Sourced from anchore/sbom-action's releases.

v0.15.2

Changes in v0.15.2

v0.15.1

Changes in v0.15.1

v0.15.0

Changes in v0.14.4

Breaking Changes

  • Previously, running on Windows required WSL. Now, running on Windows expects to be run on native windows (#426) [willmurphyscode].

Other Changes

Commits


Updates cachix/install-nix-action from 23 to 24

Release notes

Sourced from cachix/install-nix-action's releases.

install-nix-action-v24

  • Nix 2.19.1
  • enables KVM on linux
  • set TMPDIR to avoid potential disk space issues
  • don't use the default GitHub token for Enterprise
Commits
  • 7ac1ec2 Nix 2.19.1
  • dc33a21 Merge pull request #200 from cachix/fix/196
  • 2b90cd3 Merge pull request #202 from cachix/feature/kvm
  • fe19c91 feat: enable KVM on Linux if available
  • a56e3a8 Merge pull request #199 from jalaziz/tempdir
  • 81eb746 Update install-nix.sh
  • 97a1be3 fix: don't use the default GitHub token for Enterprise
  • 2cce1fd fix: Set TMPDIR to avoid disk space issues
  • 300721f Merge pull request #193 from cachix/dependabot/github_actions/actions/checkout-4
  • fe6788c chore(deps): bump actions/checkout from 3 to 4
  • See full diff in compare view


Updates actions/stale from 8 to 9

Release notes

Sourced from actions/stale's releases.

v9.0.0

Breaking Changes

  1. Action is now stateful: If the action ends because of operations-per-run then the next run will start from the first unprocessed issue skipping the issues processed during the previous run(s). The state is reset when all the issues are processed. This should be considered for scheduling workflow runs.
  2. Version 9 of this action updated the runtime to Node.js 20. All scripts are now run with Node.js 20 instead of Node.js 16 and are affected by any breaking changes between Node.js 16 and 20.

What Else Changed

  1. Performance optimization that removes unnecessary API calls by @​dsame #1033 fixes #792
  2. Logs displaying current github API rate limit by @​dsame #1032 addresses #1029

For more information, please read the action documentation and its section about statefulness

New Contributors

Full Changelog: https://github.com/actions/stale/compare/v8...v9.0.0

Changelog

Sourced from actions/stale's changelog.

Changelog

[7.0.0]

:warning: Breaking change :warning:

[6.0.1]

Update @​actions/core to v1.10.0 (#839)

[6.0.0]

:warning: Breaking change :warning:

Issues/PRs default close-issue-reason is now not_planned(#789)

[5.1.0]

Don't process stale issues right after they're marked stale [Add close-issue-reason option]#764#772 Various dependabot/dependency updates

4.1.0 (2021-07-14)

Features

4.0.0 (2021-07-14)

Features

Bug Fixes

  • dry-run: forbid mutations in dry-run (#500) (f1017f3), closes #499
  • logs: coloured logs (#465) (5fbbfba)
  • operations: fail fast the current batch to respect the operations limit (#474) (5f6f311), closes #466
  • label comparison: make label comparison case insensitive #517, closes #516
  • filtering comments by actor could have strange behavior: "stale" comments are now detected based on if the message is the stale message not who made the comment(#519), fixes #441, #509, #518

Breaking Changes

... (truncated)

Commits
  • 28ca103 Upgrade Node to v20 (#1110)
  • b69b346 build(deps-dev): bump @​types/node from 18.16.18 to 20.5.1 (#1079)
  • 88a6f4f build(deps-dev): bump typescript from 5.1.3 to 5.2.2 (#1083)
  • 796531a Merge pull request #1080 from akv-platform/fix-delete-cache
  • 8986f62 Don not try to delete cache if it does not exists
  • cab99b3 fix typo proceeded/processed
  • 184e7af Merge pull request #1064 from actions/dependabot/npm_and_yarn/typescript-esli...
  • 523885c chore: update eslint-plugin, parser and eslint-plugin-jest
  • 2487a1d build(deps-dev): bump @​typescript-eslint/eslint-plugin
  • 60c722e Merge pull request #1063 from actions/dependabot/npm_and_yarn/jest-29.6.2
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
dependabot[bot] commented 9 months ago

Looks like these dependencies are updatable in another way, so this is no longer needed.