Closed dependabot[bot] closed 5 months ago
@dependabot unignore actions/download-artifact
No dependency name (actions/download-artifact) or ignore conditions found to unignore.
@dependabot recreate
Looks like these dependencies are updatable in another way, so this is no longer needed.
Bumps the github-actions group with 3 updates in the / directory: actions/checkout, actions/upload-artifact and slsa-framework/slsa-github-generator.
Updates
actions/checkout
from 4.1.2 to 4.1.3Release notes
Sourced from actions/checkout's releases.
Commits
1d96c77
Add SSH user parameter (#1685)cd7d8d6
Check git version before attempting to disablesparse-checkout
(#1656)8410ad0
Updateactions/checkout
version inupdate-main-version.yml
(#1650)Updates
actions/upload-artifact
from 3.1.3 to 4.3.3Release notes
Sourced from actions/upload-artifact's releases.
... (truncated)
Commits
6546280
updating package versionc004fb4
Merge branch 'main' into eggyhead/use-artifact-v2.1.690aba49
updating toolkit artifact dependency to 2.1.6b06cde3
Merge pull request #563 from actions/eggyhead/release-4.3.21746f4a
Revert "updating to release 4.3.2"31685d0
updating to release 4.3.218bf333
Merge pull request #562 from actions/eggyhead/update-artifact-v215dac413b
update package lock versionbb3b4a3
updating package version3e3da83
updating artifact and core dependenciesUpdates
slsa-framework/slsa-github-generator
from 1.10.0 to 2.0.0Release notes
Sourced from slsa-framework/slsa-github-generator's releases.
Changelog
Sourced from slsa-framework/slsa-github-generator's changelog.
Commits
5a775b3
chore: v2.0.0: update tags (#3583)41733f7
chore: v2.0.0-rc.0: update tags (#3578)3789345
docs: v.2.0.0: finalize CHANGELOG.md (#3577)02fc78b
fix: deadlock and improve debugging experience (#3570)4534a0b
break: Revert "chore: Revert "fix: upload-artifact and download-artifact v4""...e8c2dcf
fix(deps): Update Sigstore Dep to Sigstore 2.2.2 (#3491)2512315
feat(breaking): remove attestation-name input and output (#3456)4fbc6a9
chore: add ramonpetgrave64 to CODEOWNERS (#3490)8869c8a
fix: Switch to newer DSSE rekor type (#3299)9d81ca7
chore: Update slsa-verifier version (#3454)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show