Skip to content

Commit fae11b5

Browse files
dependabot[bot]Skarlso
dependabot[bot]
and
Skarlso
authored
chore(deps): bump the ci group across 1 directory with 8 updates (#557)
Bumps the ci group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [helm/kind-action](https://github.com/helm/kind-action) | `1.9.0` | `1.10.0` | | [yokawasa/action-setup-kube-tools](https://github.com/yokawasa/action-setup-kube-tools) | `0.11.0` | `0.11.2` | | [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) | `1.25.0` | `2.0.0` | | [dcarbone/install-jq-action](https://github.com/dcarbone/install-jq-action) | `2.1.0` | `3.0.1` | | [thollander/actions-comment-pull-request](https://github.com/thollander/actions-comment-pull-request) | `2.5.0` | `3.0.1` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.15.11` | `0.17.7` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.5.0` | `3.7.0` | | [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `5` | `6` | Updates `helm/kind-action` from 1.9.0 to 1.10.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/helm/kind-action/releases">helm/kind-action's releases</a>.</em></p> <blockquote> <h2>v1.10.0</h2> <h2>Requirements</h2> <p>We changed to use <code>wget</code> instead of <code>curl</code></p> <h2>What's Changed</h2> <ul> <li>Update kind to release v0.21.0 by <a href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a href="https://redirect.github.com/helm/kind-action/pull/104">helm/kind-action#104</a></li> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/helm/kind-action/pull/106">helm/kind-action#106</a></li> <li>Bump actions/checkout from 4.1.2 to 4.1.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/helm/kind-action/pull/108">helm/kind-action#108</a></li> <li>bump kind to 0.22.0 / kubectl and general housekeeping by <a href="https://github.com/cpanato"><code>@​cpanato</code></a> in <a href="https://redirect.github.com/helm/kind-action/pull/107">helm/kind-action#107</a></li> <li>Bump actions/checkout from 4.1.2 to 4.1.3 in the actions group by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/helm/kind-action/pull/109">helm/kind-action#109</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/helm/kind-action/compare/v1.9.0...v1.10.0">https://github.com/helm/kind-action/compare/v1.9.0...v1.10.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/helm/kind-action/commit/0025e74a8c7512023d06dc019c617aa3cf561fde"><code>0025e74</code></a> Bump actions/checkout from 4.1.2 to 4.1.3 in the actions group (<a href="https://redirect.github.com/helm/kind-action/issues/109">#109</a>)</li> <li><a href="https://github.com/helm/kind-action/commit/2a7d25fbd929f7bf3312a796d30d5c8fecddfafd"><code>2a7d25f</code></a> bump kind to 0.22.0 / kubectl and general housekeeping (<a href="https://redirect.github.com/helm/kind-action/issues/107">#107</a>)</li> <li><a href="https://github.com/helm/kind-action/commit/d8213862f9c8d913253e67ea3b83482b5d826d30"><code>d821386</code></a> Bump actions/checkout from 4.1.2 to 4.1.3 (<a href="https://redirect.github.com/helm/kind-action/issues/108">#108</a>)</li> <li><a href="https://github.com/helm/kind-action/commit/e89fbc4770626936aff83e4c6d7cbb45dd44ec90"><code>e89fbc4</code></a> Bump actions/checkout from 4.1.1 to 4.1.2 (<a href="https://redirect.github.com/helm/kind-action/issues/106">#106</a>)</li> <li><a href="https://github.com/helm/kind-action/commit/8300bd06573c6f1881ff7a3261ed38b7f05d202f"><code>8300bd0</code></a> Update kind to release v0.21.0 (<a href="https://redirect.github.com/helm/kind-action/issues/104">#104</a>)</li> <li>See full diff in <a href="https://github.com/helm/kind-action/compare/v1.9.0...v1.10.0">compare view</a></li> </ul> </details> <br /> Updates `yokawasa/action-setup-kube-tools` from 0.11.0 to 0.11.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/yokawasa/action-setup-kube-tools/releases">yokawasa/action-setup-kube-tools's releases</a>.</em></p> <blockquote> <h2>v0.11.2</h2> <h2>What's Changed</h2> <ul> <li>Change kubectl download url, update README by <a href="https://github.com/mmalyska"><code>@​mmalyska</code></a> in <a href="https://redirect.github.com/yokawasa/action-setup-kube-tools/pull/63">yokawasa/action-setup-kube-tools#63</a></li> <li>Bump braces from 3.0.2 to 3.0.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/yokawasa/action-setup-kube-tools/pull/58">yokawasa/action-setup-kube-tools#58</a></li> <li>Bump ws from 8.7.0 to 8.17.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/yokawasa/action-setup-kube-tools/pull/59">yokawasa/action-setup-kube-tools#59</a></li> <li>Bump dset from 3.1.2 to 3.1.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/yokawasa/action-setup-kube-tools/pull/61">yokawasa/action-setup-kube-tools#61</a></li> <li>v0.11.2 release by <a href="https://github.com/yokawasa"><code>@​yokawasa</code></a> in <a href="https://redirect.github.com/yokawasa/action-setup-kube-tools/pull/64">yokawasa/action-setup-kube-tools#64</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/mmalyska"><code>@​mmalyska</code></a> made their first contribution in <a href="https://redirect.github.com/yokawasa/action-setup-kube-tools/pull/63">yokawasa/action-setup-kube-tools#63</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/yokawasa/action-setup-kube-tools/compare/v0.11.1...v0.11.2">https://github.com/yokawasa/action-setup-kube-tools/compare/v0.11.1...v0.11.2</a></p> <h2>v0.11.1</h2> <h2>What's Changed</h2> <ul> <li>updated sample tool versions in README by <a href="https://github.com/yokawasa"><code>@​yokawasa</code></a> in <a href="https://redirect.github.com/yokawasa/action-setup-kube-tools/pull/55">yokawasa/action-setup-kube-tools#55</a></li> <li>Bump undici from 5.28.3 to 5.28.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/yokawasa/action-setup-kube-tools/pull/56">yokawasa/action-setup-kube-tools#56</a></li> <li>Release v0.11.1 by <a href="https://github.com/yokawasa"><code>@​yokawasa</code></a> in <a href="https://redirect.github.com/yokawasa/action-setup-kube-tools/pull/57">yokawasa/action-setup-kube-tools#57</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/yokawasa/action-setup-kube-tools/compare/v0.11.0...v0.11.1">https://github.com/yokawasa/action-setup-kube-tools/compare/v0.11.0...v0.11.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/yokawasa/action-setup-kube-tools/commit/9e25a4277af127b60011c95b6ed2da7e3b3613b1"><code>9e25a42</code></a> Merge pull request <a href="https://redirect.github.com/yokawasa/action-setup-kube-tools/issues/64">#64</a> from yokawasa/v0.11.2</li> <li><a href="https://github.com/yokawasa/action-setup-kube-tools/commit/25e4c6f6195a1bd43ac24d4b099e7f995bf78398"><code>25e4c6f</code></a> v0.11.2 release</li> <li><a href="https://github.com/yokawasa/action-setup-kube-tools/commit/95a279b60a0598bea098165e82c5bd8713db9c0c"><code>95a279b</code></a> Merge pull request <a href="https://redirect.github.com/yokawasa/action-setup-kube-tools/issues/61">#61</a> from yokawasa/dependabot/npm_and_yarn/dset-3.1.4</li> <li><a href="https://github.com/yokawasa/action-setup-kube-tools/commit/a9fba302f8256fddfa6e810851146c623962f0bd"><code>a9fba30</code></a> Merge pull request <a href="https://redirect.github.com/yokawasa/action-setup-kube-tools/issues/59">#59</a> from yokawasa/dependabot/npm_and_yarn/ws-8.17.1</li> <li><a href="https://github.com/yokawasa/action-setup-kube-tools/commit/cfc65736b7f1b908ea413ee1d5441e3bd7ddc1c7"><code>cfc6573</code></a> Merge pull request <a href="https://redirect.github.com/yokawasa/action-setup-kube-tools/issues/58">#58</a> from yokawasa/dependabot/npm_and_yarn/braces-3.0.3</li> <li><a href="https://github.com/yokawasa/action-setup-kube-tools/commit/c1bf253d99579084dfc269422627323e9e30e289"><code>c1bf253</code></a> Merge pull request <a href="https://redirect.github.com/yokawasa/action-setup-kube-tools/issues/63">#63</a> from mmalyska/releases/v0.12.0</li> <li><a href="https://github.com/yokawasa/action-setup-kube-tools/commit/02d934bdc9246de8e57484d670ab10479ae9a904"><code>02d934b</code></a> rollback version change</li> <li><a href="https://github.com/yokawasa/action-setup-kube-tools/commit/d692acff463ffbe868d1542da15e6e255433e58b"><code>d692acf</code></a> change kubectl download url, update README</li> <li><a href="https://github.com/yokawasa/action-setup-kube-tools/commit/f553a0eba9914d8b2a1a568510ef687a9baf970c"><code>f553a0e</code></a> Bump dset from 3.1.2 to 3.1.4</li> <li><a href="https://github.com/yokawasa/action-setup-kube-tools/commit/d577ac8c741882663caca49a3b70ea035e380e05"><code>d577ac8</code></a> Bump ws from 8.7.0 to 8.17.1</li> <li>Additional commits viewable in <a href="https://github.com/yokawasa/action-setup-kube-tools/compare/v0.11.0...v0.11.2">compare view</a></li> </ul> </details> <br /> Updates `slackapi/slack-github-action` from 1.25.0 to 2.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/slackapi/slack-github-action/releases">slackapi/slack-github-action's releases</a>.</em></p> <blockquote> <h2>Slack Send v2.0.0</h2> <p><strong>YAML! And more API methods! With improved erroring! And more!</strong></p> <p>Sending data to Slack can now be done with the YAML format, and that data can be sent to [a Slack API method][methods] or <a href="https://github.com/slackapi/slack-github-action/tree/main#sending-techniques">technique of choice</a> with the provided payload. And additional configurations can improve error handling or customize values between steps.</p> <p>Breaking changes happen with this update and recommended migration strategies are detailed below. Adding this step to new workflows might prefer to follow the <a href="https://github.com/slackapi/slack-github-action/tree/main#slack-send-github-action"><code>README</code></a> instead :books:</p> <h2>What's changed</h2> <p>Both inputs of payload variables, techniques for sending the payload, additional configurations, and expected outputs were changed:</p> <ul> <li><strong>Sending variables</strong> <ul> <li>Breaking changes <ul> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#only-one-payload-input-can-be-provided">Only one payload input can be provided</a></li> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#only-one-technique-to-send-can-be-provided">Only one technique to send can be provided</a></li> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#variable-replacements-no-longer-happen-by-default">Variable replacements no longer happen by default</a></li> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#payload-file-path-parsed-option-was-removed">Payload file path parsed option was removed</a></li> </ul> </li> <li>Enhancements <ul> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#payloads-can-now-be-written-in-yaml">Payloads can now be written in YAML</a></li> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#payload-can-now-be-written-in-unwrapped-json">Payload can now be written in unwrapped JSON</a></li> </ul> </li> </ul> </li> <li><strong>Sending techniques</strong> <ul> <li>Technique 1: Slack Workflow Builder <ul> <li>Breaking changes <ul> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#the-webhook-type-must-be-specified-in-webhook-inputs">The webhook type must be specified in webhook inputs</a></li> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#payload-flattening-no-longer-happens-by-default">Payload flattening no longer happens by default</a></li> </ul> </li> <li>Enhancements <ul> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#the-webhook-url-can-be-specified-in-webhook-inputs">The webhook URL can be specified in webhook inputs</a></li> </ul> </li> </ul> </li> <li>Technique 2: Slack API method <ul> <li>Breaking changes <ul> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#the-slack-api-method-now-must-be-specified-in-inputs">The Slack API method now must be specified in inputs</a></li> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#a-token-must-be-provided-with-other-inputs">A token must be provided with other inputs</a></li> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#inputs-to-the-slack-api-method-must-be-provided-in-payloads">Inputs to the Slack API method must be provided in payloads</a></li> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#messages-cannot-be-sent-to-multiple-channels-in-one-step">Messages cannot be sent to multiple channels in one step</a></li> </ul> </li> </ul> </li> <li>Technique 3: Slack incoming webhook <ul> <li>Breaking changes <ul> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#the-webhook-type-must-be-specified-for-incoming-webhooks">The webhook type must be specified for incoming webhooks</a></li> </ul> </li> <li>Enhancements <ul> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#the-webhook-url-can-be-specified-for-incoming-webhooks">The webhook URL can be specified for incoming webhook</a></li> </ul> </li> </ul> </li> </ul> </li> <li><strong>Additional configurations</strong> <ul> <li>Enhancements <ul> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#steps-can-exit-with-an-error-after-a-failed-slack-api-call">Steps can exit with an error after a failed Slack API call</a></li> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#failed-requests-can-be-retried-various-amounts-of-times">Failed requests can be retried various amounts of times</a></li> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#provided-payloads-can-be-flattened-with-a-delimiter">Provided payloads can be flattened with a delimiter</a></li> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#provided-payloads-can-have-templated-variables-replaced">Provided payloads can have templated variables replaced</a></li> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#proxying-https-requests-can-be-done-within-inputs">Proxying HTTPS requests can be done within inputs</a></li> </ul> </li> </ul> </li> <li><strong>Expected outputs</strong> <ul> <li>Breaking changes <ul> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#the-time-value-is-now-returned-as-the-unix-epoch-time">The time value is now returned as the Unix epoch time</a></li> </ul> </li> <li>Enhancements <ul> <li><a href="https://github.com/slackapi/slack-github-action/blob/HEAD/#an-ok-value-is-added-to-represent-response-success">An ok value is added to represent response success</a></li> </ul> </li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/slackapi/slack-github-action/commit/485a9d42d3a73031f12ec201c457e2162c45d02d"><code>485a9d4</code></a> Release</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/e598089eaef53883a2d9b325e044899548518a03"><code>e598089</code></a> chore(release): tag version 2.0.0</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/e9b3a6beef047e819b8fb417da538f97a93a2ec8"><code>e9b3a6b</code></a> feat!: wrap payloads to send to a &quot;method&quot; with &quot;token&quot; or &quot;webhook&quot; (<a href="https://redirect.github.com/slackapi/slack-github-action/issues/333">#333</a>)</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/74ae656892e6e68e5168be5fb5fc1368a5569b3b"><code>74ae656</code></a> chore(release): tag version 1.27.1</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/bd0e2818bf5e26dd18c03ce249d01eceb8e1cb04"><code>bd0e281</code></a> build(deps): bump codecov/codecov-action from 4.5.0 to 4.6.0 (<a href="https://redirect.github.com/slackapi/slack-github-action/issues/355">#355</a>)</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/e1275295793d6d76cbc729c451b2e81dbf52ecaa"><code>e127529</code></a> build(deps): bump <code>@​actions/core</code> from 1.10.1 to 1.11.1 (<a href="https://redirect.github.com/slackapi/slack-github-action/issues/354">#354</a>)</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/6b51022aeafdaaaccae849ca0a1b963ed597bf1f"><code>6b51022</code></a> build(deps-dev): bump eslint-plugin-jsdoc from 50.3.1 to 50.4.3 (<a href="https://redirect.github.com/slackapi/slack-github-action/issues/353">#353</a>)</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/555e4ad8ef03a28151a2332aeba97ed5e3aeea37"><code>555e4ad</code></a> build(deps-dev): bump eslint-plugin-import from 2.30.0 to 2.31.0 (<a href="https://redirect.github.com/slackapi/slack-github-action/issues/352">#352</a>)</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/8d4500e89ea2d0c66975b82ebffbca9da18ecefc"><code>8d4500e</code></a> build(deps): bump <code>@​slack/web-api</code> from 7.5.0 to 7.7.0 (<a href="https://redirect.github.com/slackapi/slack-github-action/issues/351">#351</a>)</li> <li><a href="https://github.com/slackapi/slack-github-action/commit/d0dece60f0be2ec50f76b5de480d355c020cd2e1"><code>d0dece6</code></a> build(deps-dev): bump mocha from 10.7.3 to 10.8.2 (<a href="https://redirect.github.com/slackapi/slack-github-action/issues/350">#350</a>)</li> <li>Additional commits viewable in <a href="https://github.com/slackapi/slack-github-action/compare/v1.25.0...v2.0.0">compare view</a></li> </ul> </details> <br /> Updates `dcarbone/install-jq-action` from 2.1.0 to 3.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dcarbone/install-jq-action/releases">dcarbone/install-jq-action's releases</a>.</em></p> <blockquote> <h2>v3.0.1</h2> <h2>What's Changed</h2> <ul> <li>Use sh in action by <a href="https://github.com/dcarbone"><code>@​dcarbone</code></a> in <a href="https://redirect.github.com/dcarbone/install-jq-action/pull/15">dcarbone/install-jq-action#15</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dcarbone/install-jq-action/compare/v3.0.0...v3.0.1">https://github.com/dcarbone/install-jq-action/compare/v3.0.0...v3.0.1</a></p> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li>updating matrix versions by <a href="https://github.com/dcarbone"><code>@​dcarbone</code></a> in <a href="https://redirect.github.com/dcarbone/install-jq-action/pull/12">dcarbone/install-jq-action#12</a></li> <li>trying out posix sh by <a href="https://github.com/dcarbone"><code>@​dcarbone</code></a> in <a href="https://redirect.github.com/dcarbone/install-jq-action/pull/14">dcarbone/install-jq-action#14</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dcarbone/install-jq-action/compare/v2...v3.0.0">https://github.com/dcarbone/install-jq-action/compare/v2...v3.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dcarbone/install-jq-action/commit/e397bd87438d72198f81efd21f876461183d383a"><code>e397bd8</code></a> Use sh in action (<a href="https://redirect.github.com/dcarbone/install-jq-action/issues/15">#15</a>)</li> <li><a href="https://github.com/dcarbone/install-jq-action/commit/36b228ee6879b890e4bc77cc0ea54088123cbeae"><code>36b228e</code></a> Add dependabot for github-actions</li> <li><a href="https://github.com/dcarbone/install-jq-action/commit/d5935278d56788e7396d2d27839c694a40a7c3fe"><code>d593527</code></a> updating examples</li> <li><a href="https://github.com/dcarbone/install-jq-action/commit/ca8101273e9ffb8cb037cc65ce892866697a9927"><code>ca81012</code></a> trying out posix sh (<a href="https://redirect.github.com/dcarbone/install-jq-action/issues/14">#14</a>)</li> <li><a href="https://github.com/dcarbone/install-jq-action/commit/de7c0d1fb1eceb8465fec70cf4c5c72ef43055f9"><code>de7c0d1</code></a> updating matrix versions (<a href="https://redirect.github.com/dcarbone/install-jq-action/issues/12">#12</a>)</li> <li>See full diff in <a href="https://github.com/dcarbone/install-jq-action/compare/v2.1.0...v3.0.1">compare view</a></li> </ul> </details> <br /> Updates `thollander/actions-comment-pull-request` from 2.5.0 to 3.0.1 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/thollander/actions-comment-pull-request/releases">thollander/actions-comment-pull-request's releases</a>.</em></p> <blockquote> <h2>v3.0.1</h2> <h2>What's Changed</h2> <ul> <li>chore(deps-dev): bump <code>@​vercel/ncc</code> from 0.38.1 to 0.38.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/thollander/actions-comment-pull-request/pull/392">thollander/actions-comment-pull-request#392</a></li> <li>chore(deps): bump <code>@​actions/core</code> from 1.10.1 to 1.11.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/thollander/actions-comment-pull-request/pull/394">thollander/actions-comment-pull-request#394</a></li> <li>chore(deps-dev): bump prettier from 3.2.5 to 3.3.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/thollander/actions-comment-pull-request/pull/393">thollander/actions-comment-pull-request#393</a></li> <li>chore(deps): bump <code>@​actions/github</code> from 5.1.1 to 6.0.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/thollander/actions-comment-pull-request/pull/300">thollander/actions-comment-pull-request#300</a></li> <li>fix: some wrong variables renaming by <a href="https://github.com/thollander"><code>@​thollander</code></a> in <a href="https://redirect.github.com/thollander/actions-comment-pull-request/pull/409">thollander/actions-comment-pull-request#409</a></li> <li>chore: release 3.0.1 by <a href="https://github.com/thollander"><code>@​thollander</code></a> in <a href="https://redirect.github.com/thollander/actions-comment-pull-request/pull/410">thollander/actions-comment-pull-request#410</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/thollander/actions-comment-pull-request/compare/v3.0.0...v3.0.1">https://github.com/thollander/actions-comment-pull-request/compare/v3.0.0...v3.0.1</a></p> <h2>v3.0.0</h2> <h2>What's Changed</h2> <ul> <li>chore(deps-dev): bump typescript from 5.2.2 to 5.3.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/thollander/actions-comment-pull-request/pull/326">thollander/actions-comment-pull-request#326</a></li> <li>chore(deps-dev): bump prettier from 3.0.3 to 3.2.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/thollander/actions-comment-pull-request/pull/350">thollander/actions-comment-pull-request#350</a></li> <li>chore(deps-dev): bump <code>@​tsconfig/node20</code> from 20.1.2 to 20.1.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/thollander/actions-comment-pull-request/pull/367">thollander/actions-comment-pull-request#367</a></li> <li>chore(deps-dev): bump typescript from 5.3.3 to 5.6.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/thollander/actions-comment-pull-request/pull/390">thollander/actions-comment-pull-request#390</a></li> <li>chore(deps-dev): bump <code>@​types/node</code> from 20.8.7 to 22.7.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/thollander/actions-comment-pull-request/pull/389">thollander/actions-comment-pull-request#389</a></li> <li>feat: manage delete modes in a better way + consistent input naming by <a href="https://github.com/thollander"><code>@​thollander</code></a> in <a href="https://redirect.github.com/thollander/actions-comment-pull-request/pull/391">thollander/actions-comment-pull-request#391</a></li> </ul> <h2>Breaking changes</h2> <h3>Parameters</h3> <ul> <li>From <code>filePath</code> to <code>file-path</code></li> <li>From <code>GITHUB_TOKEN</code> to <code>github-token</code></li> <li>From <code>pr_number</code> to <code>pr-number</code></li> <li>From <code>comment_tag</code> to <code>comment-tag</code></li> <li>From <code>create_if_not_exists</code> to <code>create-if-not-exists</code></li> </ul> <h3>Mode</h3> <p><code>delete</code> now deletes a comment immediately. To delete the comment at the end of the job, use <code>delete-on-completion</code> mode.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/thollander/actions-comment-pull-request/compare/v2...v3.0.0">https://github.com/thollander/actions-comment-pull-request/compare/v2...v3.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/thollander/actions-comment-pull-request/commit/24bffb9b452ba05a4f3f77933840a6a841d1b32b"><code>24bffb9</code></a> Merge pull request <a href="https://redirect.github.com/thollander/actions-comment-pull-request/issues/410">#410</a> from thollander/chore/release-3.0.1</li> <li><a href="https://github.com/thollander/actions-comment-pull-request/commit/5fd7012952da104579abe39cd42e00b6c20d7d3b"><code>5fd7012</code></a> chore: release 3.0.1</li> <li><a href="https://github.com/thollander/actions-comment-pull-request/commit/a38b001579b2bd89ff01c9927793b8a8196f9ab9"><code>a38b001</code></a> Merge pull request <a href="https://redirect.github.com/thollander/actions-comment-pull-request/issues/409">#409</a> from thollander/fix/wrong-var-renaming</li> <li><a href="https://github.com/thollander/actions-comment-pull-request/commit/a11fbfe707d47a1bcbee412b88496301f7837330"><code>a11fbfe</code></a> fix: some wrong variables renaming</li> <li><a href="https://github.com/thollander/actions-comment-pull-request/commit/cb135190947de59b3e3a861db25ab140810b8699"><code>cb13519</code></a> Merge pull request <a href="https://redirect.github.com/thollander/actions-comment-pull-request/issues/300">#300</a> from thollander/dependabot/npm_and_yarn/actions/githu...</li> <li><a href="https://github.com/thollander/actions-comment-pull-request/commit/38af97b455a6a00de2272df200ed101b2a787df9"><code>38af97b</code></a> chore(deps): bump <code>@​actions/github</code> from 5.1.1 to 6.0.0</li> <li><a href="https://github.com/thollander/actions-comment-pull-request/commit/301a80eb13307b4e21ba654dd8eaf36598076566"><code>301a80e</code></a> Merge pull request <a href="https://redirect.github.com/thollander/actions-comment-pull-request/issues/393">#393</a> from thollander/dependabot/npm_and_yarn/prettier-3.3.3</li> <li><a href="https://github.com/thollander/actions-comment-pull-request/commit/64dcac73643bc871b4b765d2d661096107a9e134"><code>64dcac7</code></a> chore(deps-dev): bump prettier from 3.2.5 to 3.3.3</li> <li><a href="https://github.com/thollander/actions-comment-pull-request/commit/0a327d55ba7f1ca53cc16321616b224f89d63f05"><code>0a327d5</code></a> Merge pull request <a href="https://redirect.github.com/thollander/actions-comment-pull-request/issues/394">#394</a> from thollander/dependabot/npm_and_yarn/actions/core-...</li> <li><a href="https://github.com/thollander/actions-comment-pull-request/commit/ece12bad81130dfb55ace22819e69921d4557c42"><code>ece12ba</code></a> Merge pull request <a href="https://redirect.github.com/thollander/actions-comment-pull-request/issues/392">#392</a> from thollander/dependabot/npm_and_yarn/vercel/ncc-0....</li> <li>Additional commits viewable in <a href="https://github.com/thollander/actions-comment-pull-request/compare/v2.5.0...v3.0.1">compare view</a></li> </ul> </details> <br /> Updates `anchore/sbom-action` from 0.15.11 to 0.17.7 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's releases</a>.</em></p> <blockquote> <h2>v0.17.7</h2> <h2>Changes in v0.17.7</h2> <ul> <li>chore(deps): update Syft to v1.16.0 (<a href="https://redirect.github.com/anchore/sbom-action/issues/506">#506</a>) [<a href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li> </ul> <h2>v0.17.6</h2> <h2>Changes in v0.17.6</h2> <ul> <li>chore(deps): update Syft to v1.15.0 (<a href="https://redirect.github.com/anchore/sbom-action/issues/505">#505</a>) [<a href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li> <li>chore(deps): bump actions/checkout from 4.2.1 to 4.2.2 (<a href="https://redirect.github.com/anchore/sbom-action/issues/504">#504</a>) [<a href="https://github.com/dependabot">dependabot</a>]</li> </ul> <h2>v0.17.5</h2> <h2>Changes in v0.17.5</h2> <ul> <li>chore(deps): update Syft to v1.14.2 (<a href="https://redirect.github.com/anchore/sbom-action/issues/503">#503</a>) [<a href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li> </ul> <h2>v0.17.4</h2> <h2>Changes in v0.17.4</h2> <ul> <li>chore(deps): update Syft to v1.14.1 (<a href="https://redirect.github.com/anchore/sbom-action/issues/502">#502</a>) [<a href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li> </ul> <h2>v0.17.3</h2> <h2>Changes in v0.17.3</h2> <ul> <li>chore(deps): update Syft to v1.14.0 (<a href="https://redirect.github.com/anchore/sbom-action/issues/498">#498</a>) [<a href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li> </ul> <h2>v0.17.2</h2> <h2>Changes in v0.17.2</h2> <ul> <li>Update Syft to v1.11.1 (<a href="https://redirect.github.com/anchore/sbom-action/issues/485">#485</a>) [<a href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li> </ul> <h2>v0.17.1</h2> <h2>Changes in v0.17.1</h2> <ul> <li>chore(deps): update Syft to v1.11.0 (<a href="https://redirect.github.com/anchore/sbom-action/issues/483">#483</a>) [<a href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li> </ul> <h2>v0.17.0</h2> <h2>Changes in v0.17.0</h2> <ul> <li>chore(deps): update Syft to v1.9.0 (<a href="https://redirect.github.com/anchore/sbom-action/issues/479">#479</a>) [<a href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li> </ul> <h2>v0.16.1</h2> <h2>Changes in v0.16.1</h2> <ul> <li>fix: workaround windows install issue (<a href="https://redirect.github.com/anchore/sbom-action/issues/477">#477</a>) [<a href="https://github.com/willmurphyscode">willmurphyscode</a>]</li> <li>fix: allow users to properly use the file input over the default path value (<a href="https://redirect.github.com/anchore/sbom-action/issues/471">#471</a>) [<a href="https://github.com/komish">komish</a>]</li> <li>chore(deps): update Syft to v1.5.0 (<a href="https://redirect.github.com/anchore/sbom-action/issues/470">#470</a>) [<a href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li> <li>docs: notes for matrix and required permissions (<a href="https://redirect.github.com/anchore/sbom-action/issues/469">#469</a>) [<a href="https://github.com/kzantow">kzantow</a>]</li> <li>chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 (<a href="https://redirect.github.com/anchore/sbom-action/issues/466">#466</a>) [<a href="https://github.com/dependabot">dependabot</a>]</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/anchore/sbom-action/commit/fc46e51fd3cb168ffb36c6d1915723c47db58abb"><code>fc46e51</code></a> chore(deps): update Syft to v1.16.0 (<a href="https://redirect.github.com/anchore/sbom-action/issues/506">#506</a>)</li> <li><a href="https://github.com/anchore/sbom-action/commit/251a468eed47e5082b105c3ba6ee500c0e65a764"><code>251a468</code></a> chore(deps): update Syft to v1.15.0 (<a href="https://redirect.github.com/anchore/sbom-action/issues/505">#505</a>)</li> <li><a href="https://github.com/anchore/sbom-action/commit/6bb446c6c5646f03d9d673ff1ce55918bff19aa6"><code>6bb446c</code></a> chore(deps): bump actions/checkout from 4.2.1 to 4.2.2 (<a href="https://redirect.github.com/anchore/sbom-action/issues/504">#504</a>)</li> <li><a href="https://github.com/anchore/sbom-action/commit/1ca97d9028b51809cf6d3c934c3e160716e1b605"><code>1ca97d9</code></a> chore(deps): update Syft to v1.14.2 (<a href="https://redirect.github.com/anchore/sbom-action/issues/503">#503</a>)</li> <li><a href="https://github.com/anchore/sbom-action/commit/8d0a6505bf28ced3e85154d13dc6af83299e13f1"><code>8d0a650</code></a> chore(deps): update Syft to v1.14.1 (<a href="https://redirect.github.com/anchore/sbom-action/issues/502">#502</a>)</li> <li><a href="https://github.com/anchore/sbom-action/commit/f5e124a5e5e1d497a692818ae907d3c45829d033"><code>f5e124a</code></a> chore(deps): bump peter-evans/create-pull-request from 6.1.0 to 7.0.5 (<a href="https://redirect.github.com/anchore/sbom-action/issues/493">#493</a>)</li> <li><a href="https://github.com/anchore/sbom-action/commit/eff08d02ac5d0e2422e16dcd015d6e38fc0c4271"><code>eff08d0</code></a> chore: configure changelog-ignore label (<a href="https://redirect.github.com/anchore/sbom-action/issues/499">#499</a>)</li> <li><a href="https://github.com/anchore/sbom-action/commit/18f9bdeed73d2077650049195c23cc2837e584ad"><code>18f9bde</code></a> chore: remove snapshot tests; fix deprecation errors for outdated packages (#...</li> <li><a href="https://github.com/anchore/sbom-action/commit/2e8723687bef46234761baa3b3043f07b02b584b"><code>2e87236</code></a> add release docs (<a href="https://redirect.github.com/anchore/sbom-action/issues/500">#500</a>)</li> <li><a href="https://github.com/anchore/sbom-action/commit/4a914bc36a0527cbd2155e1f4665d7cc1e41615b"><code>4a914bc</code></a> chore(deps): bump actions/checkout from 4.2.0 to 4.2.1 (<a href="https://redirect.github.com/anchore/sbom-action/issues/497">#497</a>)</li> <li>Additional commits viewable in <a href="https://github.com/anchore/sbom-action/compare/7ccf588e3cf3cc2611714c2eeae48550fbc17552...fc46e51fd3cb168ffb36c6d1915723c47db58abb">compare view</a></li> </ul> </details> <br /> Updates `sigstore/cosign-installer` from 3.5.0 to 3.7.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v3.7.0</h2> <h2>What's Changed</h2> <ul> <li>Bump actions/checkout from 4.1.7 to 4.2.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/172">sigstore/cosign-installer#172</a></li> <li>bump for latest cosign v2.4.1 release by <a href="https://github.com/bobcallaway"><code>@​bobcallaway</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/173">sigstore/cosign-installer#173</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v3.6.0...v3.7.0">https://github.com/sigstore/cosign-installer/compare/v3.6.0...v3.7.0</a></p> <h2>v3.6.0</h2> <h2>What's Changed</h2> <ul> <li>Bump actions/checkout from 4.1.2 to 4.1.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/161">sigstore/cosign-installer#161</a></li> <li>Bump actions/checkout from 4.1.3 to 4.1.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/162">sigstore/cosign-installer#162</a></li> <li>Bump actions/setup-go from 5.0.0 to 5.0.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/163">sigstore/cosign-installer#163</a></li> <li>Bump actions/checkout from 4.1.4 to 4.1.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/164">sigstore/cosign-installer#164</a></li> <li>Bump actions/checkout from 4.1.5 to 4.1.6 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/165">sigstore/cosign-installer#165</a></li> <li>Bump actions/checkout from 4.1.6 to 4.1.7 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/166">sigstore/cosign-installer#166</a></li> <li>Bump actions/setup-go from 5.0.1 to 5.0.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/167">sigstore/cosign-installer#167</a></li> <li>pin public key used for verification by <a href="https://github.com/bobcallaway"><code>@​bobcallaway</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/169">sigstore/cosign-installer#169</a></li> <li>bump default version to v2.4.0 release by <a href="https://github.com/bobcallaway"><code>@​bobcallaway</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/168">sigstore/cosign-installer#168</a></li> <li>update readme for new release by <a href="https://github.com/bobcallaway"><code>@​bobcallaway</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/170">sigstore/cosign-installer#170</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v3...v3.6.0">https://github.com/sigstore/cosign-installer/compare/v3...v3.6.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/cosign-installer/commit/dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da"><code>dc72c7d</code></a> bump for latest cosign v2.4.1 release (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/173">#173</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/08bb361e01a71697a353a4d79b633cccf31f5530"><code>08bb361</code></a> Bump actions/checkout from 4.1.7 to 4.2.0 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/172">#172</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/4959ce089c160fddf62f7b42464195ba1a56d382"><code>4959ce0</code></a> update readme for new release (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/170">#170</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/45ffe83c0bb0b269973afccc717a6a81ee8e78c8"><code>45ffe83</code></a> bump default version to v2.4.0 release (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/168">#168</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/7e1d9c13192a1847221480cd6151d15e960669d9"><code>7e1d9c1</code></a> pin public key used for verification (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/169">#169</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/cc23fe1cf04164ea4c208611cf647a013c6f8cc5"><code>cc23fe1</code></a> Bump actions/setup-go from 5.0.1 to 5.0.2 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/167">#167</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/b235ed95bef2a3cf9f8641bc537bc22c7cb9a3a8"><code>b235ed9</code></a> Bump actions/checkout from 4.1.6 to 4.1.7 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/166">#166</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/b49ef6b125b98c2708965eeb167d89e86aa73ef6"><code>b49ef6b</code></a> Bump actions/checkout from 4.1.5 to 4.1.6 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/165">#165</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/7a59e5acc8f2930fee8c2ed75a4f2faae6c329ce"><code>7a59e5a</code></a> Bump actions/checkout from 4.1.4 to 4.1.5 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/164">#164</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/8d927bd1a9539c7d4b1d943b3e2c3404f69e6f48"><code>8d927bd</code></a> Bump actions/setup-go from 5.0.0 to 5.0.1 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/163">#163</a>)</li> <li>Additional commits viewable in <a href="https://github.com/sigstore/cosign-installer/compare/v3.5.0...v3.7.0">compare view</a></li> </ul> </details> <br /> Updates `goreleaser/goreleaser-action` from 5 to 6 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/goreleaser/goreleaser-action/releases">goreleaser/goreleaser-action's releases</a>.</em></p> <blockquote> <h2>v6.0.0</h2> <blockquote> <p>[!WARNING] <strong>This is a breaking change!</strong></p> <p>Follow the instructions <a href="https://goreleaser.com/blog/goreleaser-v2/#upgrading">here</a> to upgrade!</p> </blockquote> <h2>What's Changed</h2> <ul> <li>feat!: use &quot;~&gt; v2&quot; as default by <a href="https://github.com/caarlos0"><code>@​caarlos0</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/463">goreleaser/goreleaser-action#463</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/goreleaser/goreleaser-action/compare/v5...v6.0.0">https://github.com/goreleaser/goreleaser-action/compare/v5...v6.0.0</a></p> <h2>v5.1.0</h2> <h2>Important</h2> <p>This version changes the default behavior of <code>latest</code> to <code>~&gt; v1</code>.</p> <p>The next major of this action (v6), will change this to <code>~&gt; v2</code>, and will be launched together with GoReleaser v2.</p> <h2>What's Changed</h2> <ul> <li>docs: bump actions to latest major by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/435">goreleaser/goreleaser-action#435</a></li> <li>chore(deps): bump docker/bake-action from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/436">goreleaser/goreleaser-action#436</a></li> <li>chore(deps): bump codecov/codecov-action from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/437">goreleaser/goreleaser-action#437</a></li> <li>chore(deps): bump actions/setup-go from 4 to 5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/443">goreleaser/goreleaser-action#443</a></li> <li>chore(deps): bump actions/upload-artifact from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/444">goreleaser/goreleaser-action#444</a></li> <li>Delete .kodiak.toml by <a href="https://github.com/vedantmgoyal9"><code>@​vedantmgoyal9</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/446">goreleaser/goreleaser-action#446</a></li> <li>chore(deps): bump codecov/codecov-action from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/448">goreleaser/goreleaser-action#448</a></li> <li>chore(deps): bump ip from 2.0.0 to 2.0.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/450">goreleaser/goreleaser-action#450</a></li> <li>Upgrade setup-go action version in README by <a href="https://github.com/kishaningithub"><code>@​kishaningithub</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/455">goreleaser/goreleaser-action#455</a></li> <li>chore(deps): bump tar from 6.1.14 to 6.2.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/456">goreleaser/goreleaser-action#456</a></li> <li>chore: use corepack to install yarn by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/458">goreleaser/goreleaser-action#458</a></li> <li>feat: lock this major version of the action to use '~&gt; v1' as 'latest' by <a href="https://github.com/caarlos0"><code>@​caarlos0</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/461">goreleaser/goreleaser-action#461</a></li> <li>chore(deps): bump semver from 7.6.0 to 7.6.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/462">goreleaser/goreleaser-action#462</a></li> <li>chore(deps): bump <code>@​actions/http-client</code> from 2.2.0 to 2.2.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/451">goreleaser/goreleaser-action#451</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/vedantmgoyal9"><code>@​vedantmgoyal9</code></a> made their first contribution in <a href="https://redirect.github.com/goreleaser/goreleaser-action/pull/446">goreleaser/goreleaser-action#446</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0">https://github.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/9ed2f89a662bf1735a48bc8557fd212fa902bebf"><code>9ed2f89</code></a> chore: update generated content (<a href="https://redirect.github.com/goreleaser/goreleaser-action/issues/480">#480</a>)</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/cf63508052510ef52d8a6e569ae83b3e102ac7d9"><code>cf63508</code></a> docs: bump upload-artifact version (<a href="https://redirect.github.com/goreleaser/goreleaser-action/issues/479">#479</a>)</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/f7623f3e7168fa800ac616fe8d03643abbc6edda"><code>f7623f3</code></a> chore(deps): bump <code>@​actions/core</code> from 1.10.1 to 1.11.1 (<a href="https://redirect.github.com/goreleaser/goreleaser-action/issues/478">#478</a>)</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/006a7a4111c6a1b44a25a1f3d23f0c8d940ad847"><code>006a7a4</code></a> chore: update</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/e4066e695cdb24c1c44011f9006702e4d0fd79dd"><code>e4066e6</code></a> chore(deps): bump micromatch from 4.0.5 to 4.0.8 (<a href="https://redirect.github.com/goreleaser/goreleaser-action/issues/475">#475</a>)</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/22f558e822a647406e88af9722c1abfb028738e1"><code>22f558e</code></a> chore(deps): bump <code>@​actions/http-client</code> from 2.2.2 to 2.2.3 (<a href="https://redirect.github.com/goreleaser/goreleaser-action/issues/474">#474</a>)</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/6e33108d10f0e3d58519ebdc94c540dfe6d8d40a"><code>6e33108</code></a> chore(deps): bump <code>@​actions/http-client</code> from 2.2.1 to 2.2.2 (<a href="https://redirect.github.com/goreleaser/goreleaser-action/issues/473">#473</a>)</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/7ca645047c0a9c3e89a425a2ebd03d607f139eb2"><code>7ca6450</code></a> chore(deps): bump semver from 7.6.2 to 7.6.3 (<a href="https://redirect.github.com/goreleaser/goreleaser-action/issues/470">#470</a>)</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/d33b6f6aeabd7fed8bb3fbf32c4d890d29f48545"><code>d33b6f6</code></a> chore(deps): bump docker/bake-action from 4 to 5 (<a href="https://redirect.github.com/goreleaser/goreleaser-action/issues/468">#468</a>)</li> <li><a href="https://github.com/goreleaser/goreleaser-action/commit/85d0b9d4cdd011f0bad65fe06a1f5282b0a20269"><code>85d0b9d</code></a> chore(deps): bump braces from 3.0.2 to 3.0.3 (<a href="https://redirect.github.com/goreleaser/goreleaser-action/issues/467">#467</a>)</li> <li>Additional commits viewable in <a href="https://github.com/goreleaser/goreleaser-action/compare/v5...v6">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Gergely Brautigam <[email protected]>
1 parent ce45efc commit fae11b5

File tree

3 files changed

+8
-8
lines changed

3 files changed

+8
-8
lines changed

.github/workflows/e2e.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -36,10 +36,10 @@ jobs:
3636
restore-keys: |
3737
${{ runner.os }}-go-
3838
- name: Setup Kubernetes
39-
uses: helm/kind-action@v1.9.0
39+
uses: helm/kind-action@v1.10.0
4040
with:
4141
install_only: true
42-
- uses: yokawasa/[email protected].0
42+
- uses: yokawasa/[email protected].2
4343
with:
4444
kustomize: '5.0.1'
4545
tilt: '0.32.2'
@@ -48,7 +48,7 @@ jobs:
4848
run: make e2e-verbose
4949
- name: Notify on Failure
5050
id: slack-notification
51-
uses: slackapi/slack-github-action@v1.25.0
51+
uses: slackapi/slack-github-action@v2.0.0
5252
if: ${{ github.ref_name == 'main' && github.event_name == 'schedule' && always() }}
5353
with:
5454
# Slack channel id, channel name, or user id to post message.

.github/workflows/mend_scan.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ jobs:
4242
go-version-file: '${{ github.workspace }}/go.mod'
4343

4444
- name: 'Setup jq'
45-
uses: dcarbone/install-jq-action@v2.1.0
45+
uses: dcarbone/install-jq-action@v3.0.1
4646
with:
4747
version: '1.7'
4848

@@ -178,7 +178,7 @@ jobs:
178178
sha: ${{ github.event.pull_request.head.sha }}
179179
- name: Comment Mend Status on PR
180180
if: ${{ github.event_name != 'schedule' && steps.pr_exists.outputs.pr_found == 'true' }}
181-
uses: thollander/actions-comment-pull-request@v2.5.0
181+
uses: thollander/actions-comment-pull-request@v3.0.1
182182
with:
183183
message: |
184184
## Mend Scan Summary: :${{ steps.report.outputs.status }}:

.github/workflows/release.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -97,11 +97,11 @@ jobs:
9797
mkdir -p output
9898
helm template ./deploy --namespace ocm-system --set "manager.image.tag=${{ env.RELEASE_VERSION }}" --include-crds > ./output/install.yaml
9999
- name: Setup Syft
100-
uses: anchore/sbom-action/download-syft@7ccf588e3cf3cc2611714c2eeae48550fbc17552 # v0.15.11
100+
uses: anchore/sbom-action/download-syft@fc46e51fd3cb168ffb36c6d1915723c47db58abb # v0.17.7
101101
- name: Setup Cosign
102-
uses: sigstore/cosign-installer@v3.5.0
102+
uses: sigstore/cosign-installer@v3.7.0
103103
- name: Run goreleaser
104-
uses: goreleaser/goreleaser-action@v5
104+
uses: goreleaser/goreleaser-action@v6
105105
with:
106106
distribution: goreleaser
107107
version: latest

0 commit comments

Comments
 (0)