search

rapidfuzz / RapidFuzz

Rapid fuzzy string matching in Python using various string metrics
https://rapidfuzz.github.io/RapidFuzz/
MIT License
2.61k stars 116 forks source link

Bump the github-actions group with 7 updates #362

Closed dependabot[bot] closed 6 months ago

dependabot[bot] commented 6 months ago

Bumps the github-actions group with 7 updates:

Package From To
actions/checkout 3 4
actions/setup-python 4 5
codecov/codecov-action 3 4
actions/upload-pages-artifact 1 3
actions/deploy-pages 2 4
docker/setup-qemu-action 2 3
pypa/gh-action-pypi-publish 1.8.11 1.8.12

Updates actions/checkout from 3 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v3...v4.0.0

v3.6.0

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v3.5.3...v3.6.0

v3.5.3

What's Changed

New Contributors

Full Changelog: https://github.com/actions/checkout/compare/v3...v3.5.3

v3.5.2

What's Changed

Full Changelog: https://github.com/actions/checkout/compare/v3.5.1...v3.5.2

v3.5.1

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.0

v4.0.0

v3.6.0

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.0

v3.3.0

v3.2.0

v3.1.0

v3.0.2

... (truncated)

Commits


Updates actions/setup-python from 4 to 5

Release notes

Sourced from actions/setup-python's releases.

v5.0.0

What's Changed

In scope of this release, we update node version runtime from node16 to node20 (actions/setup-python#772). Besides, we update dependencies to the latest versions.

Full Changelog: https://github.com/actions/setup-python/compare/v4.8.0...v5.0.0

v4.8.0

What's Changed

In scope of this release we added support for GraalPy (actions/setup-python#694). You can use this snippet to set up GraalPy:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4 
  with:
    python-version: 'graalpy-22.3' 
- run: python my_script.py

Besides, the release contains such changes as:

New Contributors

Full Changelog: https://github.com/actions/setup-python/compare/v4...v4.8.0

v4.7.1

What's Changed

Full Changelog: https://github.com/actions/setup-python/compare/v4...v4.7.1

v4.7.0

In scope of this release, the support for reading python version from pyproject.toml was added (actions/setup-python#669).

      - name: Setup Python
        uses: actions/setup-python@v4
</tr></table>

... (truncated)

Commits


Updates codecov/codecov-action from 3 to 4

Release notes

Sourced from codecov/codecov-action's releases.

v4.0.0

v4 of the Codecov Action uses the CLI as the underlying upload. The CLI has helped to power new features including local upload, the global upload token, and new upcoming features.

Breaking Changes

  • The Codecov Action runs as a node20 action due to node16 deprecation. See this post from GitHub on how to migrate.
  • Tokenless uploading is unsupported. However, PRs made from forks to the upstream public repos will support tokenless (e.g. contributors to OS projects do not need the upstream repo's Codecov token). This doc shows instructions on how to add the Codecov token.
  • OS platforms have been added, though some may not be automatically detected. To see a list of platforms, see our CLI download page
  • Various arguments to the Action have been changed. Please be aware that the arguments match with the CLI's needs

v3 versions and below will not have access to CLI features (e.g. global upload token, ATS).

What's Changed

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

4.0.0-beta.2

Fixes

  • #1085 not adding -n if empty to do-upload command

4.0.0-beta.1

v4 represents a move from the universal uploader to the Codecov CLI. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.

Breaking Changes

  • No current support for aarch64 and alpine architectures.
  • Tokenless uploading is unsuported
  • Various arguments to the Action have been removed

3.1.4

Fixes

  • #967 Fix typo in README.md
  • #971 fix: add back in working dir
  • #969 fix: CLI option names for uploader

Dependencies

  • #970 build(deps-dev): bump @​types/node from 18.15.12 to 18.16.3
  • #979 build(deps-dev): bump @​types/node from 20.1.0 to 20.1.2
  • #981 build(deps-dev): bump @​types/node from 20.1.2 to 20.1.4

3.1.3

Fixes

  • #960 fix: allow for aarch64 build

Dependencies

  • #957 build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0
  • #958 build(deps): bump openpgp from 5.7.0 to 5.8.0
  • #959 build(deps-dev): bump @​types/node from 18.15.10 to 18.15.12

3.1.2

Fixes

  • #718 Update README.md
  • #851 Remove unsupported path_to_write_report argument
  • #898 codeql-analysis.yml
  • #901 Update README to contain correct information - inputs and negate feature
  • #955 fix: add in all the extra arguments for uploader

Dependencies

  • #819 build(deps): bump openpgp from 5.4.0 to 5.5.0
  • #835 build(deps): bump node-fetch from 3.2.4 to 3.2.10
  • #840 build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4
  • #841 build(deps): bump @​actions/core from 1.9.1 to 1.10.0
  • #843 build(deps): bump @​actions/github from 5.0.3 to 5.1.1
  • #869 build(deps): bump node-fetch from 3.2.10 to 3.3.0
  • #872 build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0
  • #879 build(deps): bump decode-uri-component from 0.2.0 to 0.2.2

... (truncated)

Commits
  • 54bcd87 chore(release): v4.1.0 (#1307)
  • 8ba77ef build(deps-dev): bump eslint from 8.56.0 to 8.57.0 (#1305)
  • c60aa80 build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 (#1306)
  • 2fc4847 fix: set safe directory (#1304)
  • 0cfda1d chore(release): bump to 4.0.2 (#1302)
  • 7d3a55e build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 (#1286)
  • fe84a0b build(deps-dev): bump @​typescript-eslint/eslint-plugin from 6.21.0 to 7.0.0 (...
  • e12c940 Use updated syntax for GitHub Markdown notes (#1300)
  • ef7f8a5 build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 (#1298)
  • b8a1d6a build(deps-dev): bump @​typescript-eslint/eslint-plugin from 6.20.0 to 6.21.0 ...
  • Additional commits viewable in compare view


Updates actions/upload-pages-artifact from 1 to 3

Release notes

Sourced from actions/upload-pages-artifact's releases.

v3.0.0

Changelog

To deploy a GitHub Pages site which has been uploaded with this version of actions/upload-pages-artifact, you must also use actions/deploy-pages@v4 or newer.

See details of all code changes since previous release.

v2.0.0

Changelog

See details of all code changes since previous release.

v1.0.10

Changelog

See details of all code changes since previous release.

v1.0.9

Removed chmod as we moved towards trusting correct file permissions have been set. In the event this isn't the case then we raise an error in the action related to the file permissions.

v1.0.8

Changelog

See details of all code changes since previous release.

v1.0.7

Changelog

See details of all code changes since previous release.

v1.0.6

Changelog

... (truncated)

Commits
  • 56afc60 Merge pull request #94 from SilverRainZ/main
  • d12fdfb Merge branch 'main' into main
  • aef5542 Merge pull request #88 from uiolee/patch-1
  • 29cedd7 Merge branch 'main' into patch-1
  • a69c22e Merge pull request #92 from actions/dependabot/github_actions/non-breaking-ch...
  • 794e304 Group tar's output to prevent it from messing up logs
  • 14007f6 Bump the non-breaking-changes group with 1 update
  • 0191170 Merge pull request #91 from actions/dependabot-grouping
  • 0e7832d Update Dependabot config to group non-breaking changes
  • 1a6d9fa Update README.md
  • Additional commits viewable in compare view


Updates actions/deploy-pages from 2 to 4

Release notes

Sourced from actions/deploy-pages's releases.

v4.0.0

Changelog

  • Deploy pages using artifact IDs @​konradpabjan (#251)
  • This version requires the permission actions: read in the workflows which use it.

ℹ️ This version of actions/deploy-pages is ONLY compatible with artifacts uploaded by either:

See details of all code changes since previous release.

:warning: For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

v3.0.1

Changelog

🧰 Maintenance

See details of all code changes since previous release.

:warning: For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

v3.0.0

Changelog

See details of all code changes since previous release.

:warning: For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

v2.0.5

Changelog

... (truncated)

Commits
  • decdde0 Merge pull request #295 from lmammino/patch-1
  • 0b3be6b Update distributables
  • c2c861c Update tests
  • 294fbcd Merge branch 'main' into patch-1
  • 2a4b535 Merge pull request #298 from SimonSiefke/fix/typo
  • 4825f57 Merge branch 'main' into fix/typo
  • fa29843 Merge pull request #310 from actions/dependabot/npm_and_yarn/actions/artifact...
  • d005625 Update distributables after Dependabot 🤖
  • 636701b Bump @​actions/artifact from 2.0.1 to 2.1.1
  • 25b8009 Merge pull request #307 from actions/dependabot-grouping
  • Additional commits viewable in compare view


Updates docker/setup-qemu-action from 2 to 3

Release notes

Sourced from docker/setup-qemu-action's releases.

v3.0.0

Full Changelog: https://github.com/docker/setup-qemu-action/compare/v2.2.0...v3.0.0

v2.2.0

Full Changelog: https://github.com/docker/setup-qemu-action/compare/v2.1.0...v2.2.0

v2.1.0

Full Changelog: https://github.com/docker/setup-qemu-action/compare/v2.0.0...v2.1.0

Commits
  • 6882732 Merge pull request #103 from docker/dependabot/npm_and_yarn/actions/core-1.10.1
  • 183f4af chore: update generated content
  • f174935 build(deps): bump @​actions/core from 1.10.0 to 1.10.1
  • 2e423eb Merge pull request #89 from docker/dependabot/npm_and_yarn/semver-6.3.1
  • ecc406a Bump semver from 6.3.0 to 6.3.1
  • 12dec5e Merge pull request #102 from crazy-max/update-node20
  • c29b312 chore: node 20 as default runtime
  • 34ae628 chore: update generated content
  • 1f3d2e1 chore: fix author in package.json
  • 277dbe8 vendor: bump @​docker/actions-toolkit from 0.3.0 to 0.12.0
  • Additional commits viewable in compare view


Updates pypa/gh-action-pypi-publish from 1.8.11 to 1.8.12

Release notes

Sourced from pypa/gh-action-pypi-publish's releases.

v1.8.12

💅 Cosmetic Output Improvements

@​woodruffw💰 replaced the notice annotations with simplified debug messages related to authentication methanism selection via #196. The also improved the error clarity during OIDC exchange on PRs from forks via #203.

📝 What's Documented

@​virtuald💰 updated the docs and pointer messages were updated to mention that reusable workflows aren't supported right now in #186 and @​xuanzhi33💰 later corrected the markdown syntax there via #216.

🛠️ Internal Dependencies

  • pre-commit linters got autoupdated @ #204
  • Cryptography was bumped from 41.0.6 to 42.0.4 @ #210, #213 and #214

⚙️ Secret Stuff

@​woodruffw proactively updated the OIDC minting API endpoint used during the exchange via #206. Nothing you should be too concerned about, promise!

💪 New Contributors

🪞 Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.11...v1.8.12

:man_beard: Release Manager: @​webknjaz 🇺🇦

Commits
  • e53eb8b Clarify the error during OIDC exchange on PRs from forks
  • edfa8f3 Merge pull request #216 from xuanzhi33/unstable/v1
  • aeff019 docs(fix): Fix a markdown alert
  • 24c5d5c Merge pull request #214 from pypa/dependabot/pip/requirements/cryptography-42...
  • c13b4aa build(deps): bump cryptography from 42.0.2 to 42.0.4 in /requirements
  • 72a79c8 Merge pull request #213 from pypa/dependabot/pip/requirements/cryptography-42...
  • 751e5b8 build(deps): bump cryptography from 42.0.0 to 42.0.2 in /requirements
  • 0580fcb Merge pull request #210 from pypa/dependabot/pip/requirements/cryptography-42...
  • a524841 build(deps): bump cryptography from 41.0.6 to 42.0.0 in /requirements
  • 3f824c7 Merge pull request #204 from pypa/pre-commit-ci-update-config
  • Additional commits viewable in compare view


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions