Starter/samples
1
0
Fork 0
mirror of https://github.com/flutter/samples.git synced 2026-03-22 04:17:50 +00:00
Code Issues Releases Wiki Activity
1,869 Commits 18 Branches 0 Tags
dependabot/github_actions/actions/create-github-app-token-3.0.0
Commit Graph

242 Commits

Author SHA1 Message Date
dependabot[bot]
6f4507773a Bump actions/create-github-app-token from 2.1.4 to 3.0.0 
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 2.1.4 to 3.0.0.
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](6701853927...f8d387b68d)

---
updated-dependencies:
- dependency-name: actions/create-github-app-token
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-03-16 06:32:41 +00:00
dependabot[bot]
b4ccabb44a Bump actions/checkout from 6.0.1 to 6.0.2 (#2778) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 6.0.1
to 6.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID
is set by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2355">actions/checkout#2355</a></li>
<li>Fix tag handling: preserve annotations and explicit fetch-tags by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v6.0.1...v6.0.2">https://github.com/actions/checkout/compare/v6.0.1...v6.0.2</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v6.0.2</h2>
<ul>
<li>Fix tag handling: preserve annotations and explicit fetch-tags by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li>
</ul>
<h2>v6.0.1</h2>
<ul>
<li>Add worktree support for persist-credentials includeIf by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li>
</ul>
<h2>v6.0.0</h2>
<ul>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li>
</ul>
<h2>v5.0.1</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li>
</ul>
<h2>v5.0.0</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
</ul>
<h2>v4.3.1</h2>
<ul>
<li>Port v6 cleanup to v4 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li>
</ul>
<h2>v4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>- <a
href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>,
<a
href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="de0fac2e45"><code>de0fac2</code></a>
Fix tag handling: preserve annotations and explicit fetch-tags (<a
href="https://redirect.github.com/actions/checkout/issues/2356">#2356</a>)</li>
<li><a
href="064fe7f331"><code>064fe7f</code></a>
Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is
set (...</li>
<li>See full diff in <a
href="8e8c483db8...de0fac2e45">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=6.0.1&new-version=6.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-27 14:04:33 +08:00
dependabot[bot]
45e22460bf Bump actions/setup-java from 5.1.0 to 5.2.0 (#2776) 
Bumps [actions/setup-java](https://github.com/actions/setup-java) from
5.1.0 to 5.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-java/releases">actions/setup-java's
releases</a>.</em></p>
<blockquote>
<h2>v5.2.0</h2>
<h2>What's Changed</h2>
<h3>Enhancement</h3>
<ul>
<li>Retry on HTTP 522 Connection timed out by <a
href="https://github.com/findepi"><code>@​findepi</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/964">actions/setup-java#964</a></li>
</ul>
<h3>Documentation Changes</h3>
<ul>
<li>Update gradle caching by <a
href="https://github.com/priya-kinthali"><code>@​priya-kinthali</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/972">actions/setup-java#972</a></li>
<li>Update checkout to v6 by <a
href="https://github.com/mahabaleshwars"><code>@​mahabaleshwars</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/973">actions/setup-java#973</a></li>
</ul>
<h3>Dependency Updates</h3>
<ul>
<li>Upgrade <code>@​actions/cache</code> to v5 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/968">actions/setup-java#968</a></li>
<li>Upgrade actions/checkout from 5 to 6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/961">actions/setup-java#961</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/findepi"><code>@​findepi</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-java/pull/964">actions/setup-java#964</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-java/compare/v5...v5.2.0">https://github.com/actions/setup-java/compare/v5...v5.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="be666c2fcd"><code>be666c2</code></a>
Chore: Version Update and Checkout Update to v6 (<a
href="https://redirect.github.com/actions/setup-java/issues/973">#973</a>)</li>
<li><a
href="f7a6fefba9"><code>f7a6fef</code></a>
Bump actions/checkout from 5 to 6 (<a
href="https://redirect.github.com/actions/setup-java/issues/961">#961</a>)</li>
<li><a
href="d81c4e45f3"><code>d81c4e4</code></a>
Upgrade <code>@​actions/cache</code> to v5 (<a
href="https://redirect.github.com/actions/setup-java/issues/968">#968</a>)</li>
<li><a
href="1b1bbe1085"><code>1b1bbe1</code></a>
readme update (<a
href="https://redirect.github.com/actions/setup-java/issues/972">#972</a>)</li>
<li><a
href="5d7b214633"><code>5d7b214</code></a>
Retry on HTTP 522 Connection timed out (<a
href="https://redirect.github.com/actions/setup-java/issues/964">#964</a>)</li>
<li>See full diff in <a
href="f2beeb24e1...be666c2fcd">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=5.1.0&new-version=5.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-27 13:27:18 +08:00
dependabot[bot]
ebdd823c3f Bump actions/setup-java from 5.0.0 to 5.1.0 (#2755) 
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 5.0.0 to 5.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p>
<blockquote>
<h2>v5.1.0</h2>
<h2>What's Changed</h2>
<h3>New Features</h3>
<ul>
<li>Add support for <code>.sdkmanrc</code> file in <code>java-version-file</code> parameter by <a href="https://github.com/guicamest"><code>@​guicamest</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/736">actions/setup-java#736</a></li>
<li>Add support for Microsoft OpenJDK 25 builds by <a href="https://github.com/the-mod"><code>@​the-mod</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/927">actions/setup-java#927</a></li>
</ul>
<h3>Bug Fixes &amp; Improvements</h3>
<ul>
<li>Update Regex to Support All ASDF Versions for the supported distributions in tool-versions File by <a href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/767">actions/setup-java#767</a></li>
<li>Enhance error logging for network failures to include endpoint/IP details, add retry mechanism and update workflows to use macos-15-intel by <a href="https://github.com/priya-kinthali"><code>@​priya-kinthali</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/946">actions/setup-java#946</a></li>
<li>Update SapMachine URLs by <a href="https://github.com/RealCLanger"><code>@​RealCLanger</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/955">actions/setup-java#955</a></li>
<li>Add GitHub Token Support for GraalVM and Refactor Code by <a href="https://github.com/mahabaleshwars"><code>@​mahabaleshwars</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/849">actions/setup-java#849</a></li>
</ul>
<h3>Documentation changes</h3>
<ul>
<li>Update documentation to use checkout and Java v5 by <a href="https://github.com/lmvysakh"><code>@​lmvysakh</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/903">actions/setup-java#903</a></li>
<li>Clarify JAVA_HOME and PATH setup in README by <a href="https://github.com/chiranjib-swain"><code>@​chiranjib-swain</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/841">actions/setup-java#841</a></li>
</ul>
<h3>Dependency updates</h3>
<ul>
<li>Upgrade prettier from 2.8.8 to 3.6.2 and document breaking changes in v5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/873">actions/setup-java#873</a></li>
<li>Upgrade actions/publish-action from 0.3.0 to 0.4.0  by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/912">actions/setup-java#912</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/lmvysakh"><code>@​lmvysakh</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/903">actions/setup-java#903</a></li>
<li><a href="https://github.com/chiranjib-swain"><code>@​chiranjib-swain</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/841">actions/setup-java#841</a></li>
<li><a href="https://github.com/the-mod"><code>@​the-mod</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/927">actions/setup-java#927</a></li>
<li><a href="https://github.com/priya-kinthali"><code>@​priya-kinthali</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/946">actions/setup-java#946</a></li>
<li><a href="https://github.com/guicamest"><code>@​guicamest</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/736">actions/setup-java#736</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v5...v5.1.0">https://github.com/actions/setup-java/compare/v5...v5.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="f2beeb24e1"><code>f2beeb2</code></a> Bump actions/publish-action from 0.3.0 to 0.4.0 (<a href="https://redirect.github.com/actions/setup-java/issues/912">#912</a>)</li>
<li><a href="4e7e684fbb"><code>4e7e684</code></a> feat: Add support for <code>.sdkmanrc</code> file in <code>java-version-file</code> parameter (<a href="https://redirect.github.com/actions/setup-java/issues/736">#736</a>)</li>
<li><a href="46c56d6f92"><code>46c56d6</code></a> Add GitHub Token Support for GraalVM and Refactor Code (<a href="https://redirect.github.com/actions/setup-java/issues/849">#849</a>)</li>
<li><a href="66b945764b"><code>66b9457</code></a> Update SapMachine URLs (<a href="https://redirect.github.com/actions/setup-java/issues/955">#955</a>)</li>
<li><a href="6ba5449b7d"><code>6ba5449</code></a> Enhance error logging for network failures to include endpoint/IP details, ad...</li>
<li><a href="de5a937a1d"><code>de5a937</code></a> adds microsoft openjdk25 builds (<a href="https://redirect.github.com/actions/setup-java/issues/927">#927</a>)</li>
<li><a href="ead9eaa3cf"><code>ead9eaa</code></a> Update Regex to Support All ASDF Versions for the supported distributions in ...</li>
<li><a href="8c57fa3627"><code>8c57fa3</code></a> Clarify JAVA_HOME and PATH setup in README (<a href="https://redirect.github.com/actions/setup-java/issues/841">#841</a>)</li>
<li><a href="a7ab372554"><code>a7ab372</code></a> Bump prettier from 2.8.8 to 3.6.2 (<a href="https://redirect.github.com/actions/setup-java/issues/873">#873</a>)</li>
<li><a href="d0351b4837"><code>d0351b4</code></a> Update documentation to use checkout and Java v5 (<a href="https://redirect.github.com/actions/setup-java/issues/903">#903</a>)</li>
<li>See full diff in <a href="dded088883...f2beeb24e1">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=5.0.0&new-version=5.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2025-12-04 09:57:26 +00:00
dependabot[bot]
12d7d143c1 Bump actions/checkout from 5.0.1 to 6.0.1 (#2754) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5.0.1
to 6.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update all references from v5 and v4 to v6 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2314">actions/checkout#2314</a></li>
<li>Add worktree support for persist-credentials includeIf by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li>
<li>Clarify v6 README by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2328">actions/checkout#2328</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v6...v6.0.1">https://github.com/actions/checkout/compare/v6...v6.0.1</a></p>
<h2>v6.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li>
<li>v6-beta by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2298">actions/checkout#2298</a></li>
<li>update readme/changelog for v6 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2311">actions/checkout#2311</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v5.0.0...v6.0.0">https://github.com/actions/checkout/compare/v5.0.0...v6.0.0</a></p>
<h2>v6-beta</h2>
<h2>What's Changed</h2>
<p>Updated persist-credentials to store the credentials under
<code>$RUNNER_TEMP</code> instead of directly in the local git
config.</p>
<p>This requires a minimum Actions Runner version of <a
href="https://github.com/actions/runner/releases/tag/v2.329.0">v2.329.0</a>
to access the persisted credentials for <a
href="https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action">Docker
container action</a> scenarios.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v6.0.0</h2>
<ul>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li>
</ul>
<h2>v5.0.1</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li>
</ul>
<h2>v5.0.0</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
</ul>
<h2>v4.3.1</h2>
<ul>
<li>Port v6 cleanup to v4 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li>
</ul>
<h2>v4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>- <a
href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>,
<a
href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<h2>v4.1.5</h2>
<ul>
<li>Update NPM dependencies by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="8e8c483db8"><code>8e8c483</code></a>
Clarify v6 README (<a
href="https://redirect.github.com/actions/checkout/issues/2328">#2328</a>)</li>
<li><a
href="033fa0dc0b"><code>033fa0d</code></a>
Add worktree support for persist-credentials includeIf (<a
href="https://redirect.github.com/actions/checkout/issues/2327">#2327</a>)</li>
<li><a
href="c2d88d3ecc"><code>c2d88d3</code></a>
Update all references from v5 and v4 to v6 (<a
href="https://redirect.github.com/actions/checkout/issues/2314">#2314</a>)</li>
<li><a
href="1af3b93b68"><code>1af3b93</code></a>
update readme/changelog for v6 (<a
href="https://redirect.github.com/actions/checkout/issues/2311">#2311</a>)</li>
<li><a
href="71cf2267d8"><code>71cf226</code></a>
v6-beta (<a
href="https://redirect.github.com/actions/checkout/issues/2298">#2298</a>)</li>
<li><a
href="069c695914"><code>069c695</code></a>
Persist creds to a separate file (<a
href="https://redirect.github.com/actions/checkout/issues/2286">#2286</a>)</li>
<li><a
href="ff7abcd0c3"><code>ff7abcd</code></a>
Update README to include Node.js 24 support details and requirements (<a
href="https://redirect.github.com/actions/checkout/issues/2248">#2248</a>)</li>
<li>See full diff in <a
href="93cb6efe18...8e8c483db8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=5.0.1&new-version=6.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-12-04 10:21:10 +01:00
dependabot[bot]
460d6f9b08 Bump actions/checkout from 4.2.2 to 5.0.1 (#2744) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2
to 5.0.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v5...v5.0.1">https://github.com/actions/checkout/compare/v5...v5.0.1</a></p>
<h2>v5.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
<li>Prepare v5.0.0 release by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2238">actions/checkout#2238</a></li>
</ul>
<h2>⚠️ Minimum Compatible Runner Version</h2>
<p><strong>v2.327.1</strong><br />
<a
href="https://github.com/actions/runner/releases/tag/v2.327.1">Release
Notes</a></p>
<p>Make sure your runner is updated to this version or newer to use this
release.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4...v5.0.0">https://github.com/actions/checkout/compare/v4...v5.0.0</a></p>
<h2>v4.3.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Port v6 cleanup to v4 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4...v4.3.1">https://github.com/actions/checkout/compare/v4...v4.3.1</a></p>
<h2>v4.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
<li>Prepare release v4.3.0 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2237">actions/checkout#2237</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/motss"><code>@​motss</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li><a href="https://github.com/mouismail"><code>@​mouismail</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li><a href="https://github.com/benwells"><code>@​benwells</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li><a href="https://github.com/nebuk89"><code>@​nebuk89</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4...v4.3.0">https://github.com/actions/checkout/compare/v4...v4.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>V5.0.0</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
</ul>
<h2>V4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>- <a
href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>,
<a
href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<h2>v4.1.5</h2>
<ul>
<li>Update NPM dependencies by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
<li>README: Suggest <code>user.email</code> to be
<code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li>
</ul>
<h2>v4.1.4</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling
<code>sparse-checkout</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
</ul>
<h2>v4.1.3</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="93cb6efe18"><code>93cb6ef</code></a>
Cleanup actions/checkout@v6 auth style (<a
href="https://redirect.github.com/actions/checkout/issues/2301">#2301</a>)</li>
<li><a
href="08c6903cd8"><code>08c6903</code></a>
Prepare v5.0.0 release (<a
href="https://redirect.github.com/actions/checkout/issues/2238">#2238</a>)</li>
<li><a
href="9f265659d3"><code>9f26565</code></a>
Update actions checkout to use node 24 (<a
href="https://redirect.github.com/actions/checkout/issues/2226">#2226</a>)</li>
<li><a
href="08eba0b27e"><code>08eba0b</code></a>
Prepare release v4.3.0 (<a
href="https://redirect.github.com/actions/checkout/issues/2237">#2237</a>)</li>
<li><a
href="631c7dc4f8"><code>631c7dc</code></a>
Update package dependencies (<a
href="https://redirect.github.com/actions/checkout/issues/2236">#2236</a>)</li>
<li><a
href="8edcb1bdb4"><code>8edcb1b</code></a>
Update CODEOWNERS for actions (<a
href="https://redirect.github.com/actions/checkout/issues/2224">#2224</a>)</li>
<li><a
href="09d2acae67"><code>09d2aca</code></a>
Update README.md (<a
href="https://redirect.github.com/actions/checkout/issues/2194">#2194</a>)</li>
<li><a
href="85e6279cec"><code>85e6279</code></a>
Adjust positioning of user email note and permissions heading (<a
href="https://redirect.github.com/actions/checkout/issues/2044">#2044</a>)</li>
<li><a
href="009b9ae9e4"><code>009b9ae</code></a>
Documentation update - add recommended permissions to Readme (<a
href="https://redirect.github.com/actions/checkout/issues/2043">#2043</a>)</li>
<li><a
href="cbb722410c"><code>cbb7224</code></a>
Update README.md (<a
href="https://redirect.github.com/actions/checkout/issues/1977">#1977</a>)</li>
<li>Additional commits viewable in <a
href="11bd71901b...93cb6efe18">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.2.2&new-version=5.0.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-11-19 19:20:56 +01:00
dependabot[bot]
38e3539484 Bump actions/github-script from 7.0.1 to 8.0.0 (#2734) 
Bumps [actions/github-script](https://github.com/actions/github-script)
from 7.0.1 to 8.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/github-script/releases">actions/github-script's
releases</a>.</em></p>
<blockquote>
<h2>v8.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update Node.js version support to 24.x by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/637">actions/github-script#637</a></li>
<li>README for updating actions/github-script from v7 to v8 by <a
href="https://github.com/sneha-krip"><code>@​sneha-krip</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/653">actions/github-script#653</a></li>
</ul>
<h2>⚠️ Minimum Compatible Runner Version</h2>
<p><strong>v2.327.1</strong><br />
<a
href="https://github.com/actions/runner/releases/tag/v2.327.1">Release
Notes</a></p>
<p>Make sure your runner is updated to this version or newer to use this
release.</p>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/637">actions/github-script#637</a></li>
<li><a
href="https://github.com/sneha-krip"><code>@​sneha-krip</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/653">actions/github-script#653</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/github-script/compare/v7.1.0...v8.0.0">https://github.com/actions/github-script/compare/v7.1.0...v8.0.0</a></p>
<h2>v7.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgrade husky to v9 by <a
href="https://github.com/benelan"><code>@​benelan</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/482">actions/github-script#482</a></li>
<li>Add workflow file for publishing releases to immutable action
package by <a
href="https://github.com/Jcambass"><code>@​Jcambass</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/485">actions/github-script#485</a></li>
<li>Upgrade IA Publish by <a
href="https://github.com/Jcambass"><code>@​Jcambass</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/486">actions/github-script#486</a></li>
<li>Fix workflow status badges by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/497">actions/github-script#497</a></li>
<li>Update usage of <code>actions/upload-artifact</code> by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/512">actions/github-script#512</a></li>
<li>Clear up package name confusion by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/514">actions/github-script#514</a></li>
<li>Update dependencies with <code>npm audit fix</code> by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/515">actions/github-script#515</a></li>
<li>Specify that the used script is JavaScript by <a
href="https://github.com/timotk"><code>@​timotk</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/478">actions/github-script#478</a></li>
<li>chore: Add Dependabot for NPM and Actions by <a
href="https://github.com/nschonni"><code>@​nschonni</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/472">actions/github-script#472</a></li>
<li>Define <code>permissions</code> in workflows and update actions by
<a href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in
<a
href="https://redirect.github.com/actions/github-script/pull/531">actions/github-script#531</a></li>
<li>chore: Add Dependabot for .github/actions/install-dependencies by <a
href="https://github.com/nschonni"><code>@​nschonni</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/532">actions/github-script#532</a></li>
<li>chore: Remove .vscode settings by <a
href="https://github.com/nschonni"><code>@​nschonni</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/533">actions/github-script#533</a></li>
<li>ci: Use github/setup-licensed by <a
href="https://github.com/nschonni"><code>@​nschonni</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/473">actions/github-script#473</a></li>
<li>make octokit instance available as octokit on top of github, to make
it easier to seamlessly copy examples from GitHub rest api or octokit
documentations by <a
href="https://github.com/iamstarkov"><code>@​iamstarkov</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/508">actions/github-script#508</a></li>
<li>Remove <code>octokit</code> README updates for v7 by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/557">actions/github-script#557</a></li>
<li>docs: add &quot;exec&quot; usage examples by <a
href="https://github.com/neilime"><code>@​neilime</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/546">actions/github-script#546</a></li>
<li>Bump ruby/setup-ruby from 1.213.0 to 1.222.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/github-script/pull/563">actions/github-script#563</a></li>
<li>Bump ruby/setup-ruby from 1.222.0 to 1.229.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/github-script/pull/575">actions/github-script#575</a></li>
<li>Clearly document passing inputs to the <code>script</code> by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/603">actions/github-script#603</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/610">actions/github-script#610</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/benelan"><code>@​benelan</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/482">actions/github-script#482</a></li>
<li><a href="https://github.com/Jcambass"><code>@​Jcambass</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/485">actions/github-script#485</a></li>
<li><a href="https://github.com/timotk"><code>@​timotk</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/478">actions/github-script#478</a></li>
<li><a
href="https://github.com/iamstarkov"><code>@​iamstarkov</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/508">actions/github-script#508</a></li>
<li><a href="https://github.com/neilime"><code>@​neilime</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/546">actions/github-script#546</a></li>
<li><a href="https://github.com/nebuk89"><code>@​nebuk89</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/610">actions/github-script#610</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/github-script/compare/v7...v7.1.0">https://github.com/actions/github-script/compare/v7...v7.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ed597411d8"><code>ed59741</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/github-script/issues/653">#653</a>
from actions/sneha-krip/readme-for-v8</li>
<li><a
href="2dc352e4ba"><code>2dc352e</code></a>
Bold minimum Actions Runner version in README</li>
<li><a
href="01e118c8d0"><code>01e118c</code></a>
Update README for Node 24 runtime requirements</li>
<li><a
href="8b222ac82e"><code>8b222ac</code></a>
Apply suggestion from <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a></li>
<li><a
href="adc0eeac99"><code>adc0eea</code></a>
README for updating actions/github-script from v7 to v8</li>
<li><a
href="20fe497b3f"><code>20fe497</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/github-script/issues/637">#637</a>
from actions/node24</li>
<li><a
href="e7b7f222b1"><code>e7b7f22</code></a>
update licenses</li>
<li><a
href="2c81ba05f3"><code>2c81ba0</code></a>
Update Node.js version support to 24.x</li>
<li><a
href="f28e40c7f3"><code>f28e40c</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/github-script/issues/610">#610</a>
from actions/nebuk89-patch-1</li>
<li><a
href="1ae9958572"><code>1ae9958</code></a>
Update README.md</li>
<li>Additional commits viewable in <a
href="60a0d83039...ed597411d8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/github-script&package-manager=github_actions&previous-version=7.0.1&new-version=8.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-28 11:10:40 +01:00
dependabot[bot]
81be02196d Bump actions/create-github-app-token from 2.0.6 to 2.1.4 (#2735) 
Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 2.0.6 to 2.1.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.4</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v2.1.3...v2.1.4">2.1.4</a>
(2025-09-13)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@​octokit/auth-app</code> from
7.2.1 to 8.0.1 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/257">#257</a>)
(<a
href="bef1eaf1c0">bef1eaf</a>)</li>
</ul>
<h2>v2.1.3</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v2.1.2...v2.1.3">2.1.3</a>
(2025-09-13)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump undici from 7.8.0 to 7.10.0 in the
production-dependencies group (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/254">#254</a>)
(<a
href="f3d5ec2073">f3d5ec2</a>)</li>
</ul>
<h2>v2.1.2</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v2.1.1...v2.1.2">2.1.2</a>
(2025-09-12)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@​octokit/request</code> from
9.2.3 to 10.0.2 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/256">#256</a>)
(<a
href="5d7307be63">5d7307b</a>)</li>
</ul>
<h2>v2.1.1</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v2.1.0...v2.1.1">2.1.1</a>
(2025-08-11)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>revert &quot;use <code>node24</code> as runner&quot; (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/278">#278</a>)
(<a
href="5204204e81">5204204</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/267">actions/create-github-app-token#267</a></li>
</ul>
<h2>v2.1.0</h2>
<h1><a
href="https://github.com/actions/create-github-app-token/compare/v2.0.6...v2.1.0">2.1.0</a>
(2025-08-08)</h1>
<h3>Features</h3>
<ul>
<li>use <code>node24</code> as runner (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/267">#267</a>)
(<a
href="a1cbe0fa3c">a1cbe0f</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6701853927"><code>6701853</code></a>
build(release): 2.1.4 [skip ci]</li>
<li><a
href="bef1eaf1c0"><code>bef1eaf</code></a>
fix(deps): bump <code>@​octokit/auth-app</code> from 7.2.1 to 8.0.1 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/257">#257</a>)</li>
<li><a
href="1526738aa4"><code>1526738</code></a>
build(release): 2.1.3 [skip ci]</li>
<li><a
href="f3d5ec2073"><code>f3d5ec2</code></a>
fix(deps): bump undici from 7.8.0 to 7.10.0 in the
production-dependencies gr...</li>
<li><a
href="def152b8a7"><code>def152b</code></a>
build(release): 2.1.2 [skip ci]</li>
<li><a
href="5d7307be63"><code>5d7307b</code></a>
fix(deps): bump <code>@​octokit/request</code> from 9.2.3 to 10.0.2 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/256">#256</a>)</li>
<li><a
href="525760a53f"><code>525760a</code></a>
build(deps): bump stefanzweifel/git-auto-commit-action from 5.2.0 to
6.0.1 (#...</li>
<li><a
href="8ab05a8a84"><code>8ab05a8</code></a>
Add beta branch support for releases (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/282">#282</a>)</li>
<li><a
href="d00315e88c"><code>d00315e</code></a>
build(deps): bump actions/checkout from 4 to 5 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/279">#279</a>)</li>
<li><a
href="fcc6c288e5"><code>fcc6c28</code></a>
build(deps-dev): bump dotenv from 16.5.0 to 17.2.1 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/269">#269</a>)</li>
<li>Additional commits viewable in <a
href="df432ceedc...6701853927">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=2.0.6&new-version=2.1.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-28 11:10:08 +01:00
Eric Windmill
bbc6e1f98a Adds Gemini CLI to Github Actions (#2718) 
## Pre-launch Checklist

- [x] I read the [Flutter Style Guide] _recently_, and have followed its
advice.
- [x] I signed the [CLA].
- [x] I read the [Contributors Guide].
- [x] I have added sample code updates to the [changelog].
- [x] I updated/added relevant documentation (doc comments with `///`).
 2025-09-30 13:05:21 -07:00
Eric Windmill
d5184b5647 Retire VeggieSeasons (really this time) (#2724) 
Removes VeggieSeaons 

## Pre-launch Checklist

- [x] I read the [Flutter Style Guide] _recently_, and have followed its
advice.
- [x] I signed the [CLA].
- [x] I read the [Contributors Guide].
- [x] I have added sample code updates to the [changelog].
- [x] I updated/added relevant documentation (doc comments with `///`).

---------

Co-authored-by: Loïc Sharma <737941+loic-sharma@users.noreply.github.com>
 2025-08-21 10:42:11 -07:00
dependabot[bot]
0b9ad5b568 Bump actions/setup-java from 4.7.1 to 5.0.0 (#2726) 
Bumps [actions/setup-java](https://github.com/actions/setup-java) from
4.7.1 to 5.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-java/releases">actions/setup-java's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<h2>What's Changed</h2>
<h3>Breaking Changes</h3>
<ul>
<li>Upgrade to node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/888">actions/setup-java#888</a></li>
</ul>
<p>Make sure your runner is updated to this version or newer to use this
release. v2.327.1 <a
href="https://github.com/actions/runner/releases/tag/v2.327.1">Release
Notes</a></p>
<h3>Dependency Upgrades</h3>
<ul>
<li>Upgrade Publish Immutable Action by <a
href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/798">actions/setup-java#798</a></li>
<li>Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-java/pull/730">actions/setup-java#730</a></li>
<li>Upgrade undici from 5.28.5 to 5.29.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-java/pull/833">actions/setup-java#833</a></li>
<li>Upgrade form-data to bring in fix for critical vulnerability by <a
href="https://github.com/gowridurgad"><code>@​gowridurgad</code></a> in
<a
href="https://redirect.github.com/actions/setup-java/pull/887">actions/setup-java#887</a></li>
<li>Upgrade actions/checkout from 4 to 5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/setup-java/pull/896">actions/setup-java#896</a></li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li>Prevent default installation of JetBrains pre-releases by <a
href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/859">actions/setup-java#859</a></li>
<li>Improve Error Handling for Setup-Java Action to Help Debug
Intermittent Failures by <a
href="https://github.com/gowridurgad"><code>@​gowridurgad</code></a> in
<a
href="https://redirect.github.com/actions/setup-java/pull/848">actions/setup-java#848</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/gowridurgad"><code>@​gowridurgad</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-java/pull/848">actions/setup-java#848</a></li>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-java/pull/888">actions/setup-java#888</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-java/compare/v4...v5.0.0">https://github.com/actions/setup-java/compare/v4...v5.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="dded088883"><code>dded088</code></a>
Bump actions/checkout from 4 to 5 (<a
href="https://redirect.github.com/actions/setup-java/issues/896">#896</a>)</li>
<li><a
href="0913e9a06e"><code>0913e9a</code></a>
Upgrade to node 24 (<a
href="https://redirect.github.com/actions/setup-java/issues/888">#888</a>)</li>
<li><a
href="e9343db97e"><code>e9343db</code></a>
Bumps form-data (<a
href="https://redirect.github.com/actions/setup-java/issues/887">#887</a>)</li>
<li><a
href="ae2b61dbc6"><code>ae2b61d</code></a>
Bump undici from 5.28.5 to 5.29.0 (<a
href="https://redirect.github.com/actions/setup-java/issues/833">#833</a>)</li>
<li><a
href="c190c18feb"><code>c190c18</code></a>
Bump eslint-plugin-jest from 27.9.0 to 29.0.1 (<a
href="https://redirect.github.com/actions/setup-java/issues/730">#730</a>)</li>
<li><a
href="67aec007b3"><code>67aec00</code></a>
Fix: prevent default installation of JetBrains pre-releases (<a
href="https://redirect.github.com/actions/setup-java/issues/859">#859</a>)</li>
<li><a
href="ebb356cc4e"><code>ebb356c</code></a>
Improve Error Handling for Setup-Java Action to Help Debug Intermittent
Failu...</li>
<li><a
href="f4f1212c88"><code>f4f1212</code></a>
Update publish-immutable-actions.yml (<a
href="https://redirect.github.com/actions/setup-java/issues/798">#798</a>)</li>
<li>See full diff in <a
href="c5195efecf...dded088883">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=4.7.1&new-version=5.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-08-21 18:32:10 +08:00
Eric Windmill
2999d738b8 Dart 3.9 / Flutter 3.35 [first LLM release] (#2714) 
I got carried away with Gemini and basically rewrote CI and the release
process for the new LLM reality. This work was largely completed by
Gemini.

- Bump all SDK versions to the current beta (3.9.0-0)
- Run `flutter channel beta`
- Wrote `ci_script.dart` to replace the bash scripts
- Converted repository to pub workspace #2499 
- Added llm.md and release.md
- Added redirect for deprecated Samples Index

## Pre-launch Checklist

- [x] I read the [Flutter Style Guide] _recently_, and have followed its
advice.
- [x] I signed the [CLA].
- [x] I read the [Contributors Guide].
- [x] I have added sample code updates to the [changelog].
- [x] I updated/added relevant documentation (doc comments with `///`).
 2025-08-14 12:26:24 -07:00
Brett Morgan
74d7916e7a Revert "Bump subosito/flutter-action from 2.19.0 to 2.20.0" again (#2655) 
Reverts flutter/samples#2642
 2025-06-19 11:29:48 +10:00
dependabot[bot]
63e5161477 Bump subosito/flutter-action from 2.19.0 to 2.20.0 (#2642) 
Bumps [subosito/flutter-action](https://github.com/subosito/flutter-action) from 2.19.0 to 2.20.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/subosito/flutter-action/releases">subosito/flutter-action's releases</a>.</em></p>
<blockquote>
<h2>v2.20.0</h2>
<h2>What's Changed</h2>
<ul>
<li>perf: Only install yq on Windows if used by <a href="https://github.com/christerswahn"><code>@​christerswahn</code></a> in <a href="https://redirect.github.com/subosito/flutter-action/pull/362">subosito/flutter-action#362</a></li>
<li>use env if it existed by <a href="https://github.com/atishoo"><code>@​atishoo</code></a> in <a href="https://redirect.github.com/subosito/flutter-action/pull/360">subosito/flutter-action#360</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/christerswahn"><code>@​christerswahn</code></a> made their first contribution in <a href="https://redirect.github.com/subosito/flutter-action/pull/362">subosito/flutter-action#362</a></li>
<li><a href="https://github.com/atishoo"><code>@​atishoo</code></a> made their first contribution in <a href="https://redirect.github.com/subosito/flutter-action/pull/360">subosito/flutter-action#360</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/subosito/flutter-action/compare/v2...v2.20.0">https://github.com/subosito/flutter-action/compare/v2...v2.20.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="395322a6cd"><code>395322a</code></a> use env if it existed (<a href="https://redirect.github.com/subosito/flutter-action/issues/360">#360</a>)</li>
<li><a href="02d6ac3427"><code>02d6ac3</code></a> perf: Only install yq on Windows if used (<a href="https://redirect.github.com/subosito/flutter-action/issues/362">#362</a>)</li>
<li>See full diff in <a href="e938fdf565...395322a6cd">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=subosito/flutter-action&package-manager=github_actions&previous-version=2.19.0&new-version=2.20.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2025-06-12 06:18:04 +00:00
Brett Morgan
6926e550f9 Revert "Bump subosito/flutter-action from 2.19.0 to 2.20.0" (#2641) 2025-06-12 10:28:29 +10:00
dependabot[bot]
e0a88f4f1b Bump subosito/flutter-action from 2.19.0 to 2.20.0 (#2640) 
Bumps [subosito/flutter-action](https://github.com/subosito/flutter-action) from 2.19.0 to 2.20.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/subosito/flutter-action/releases">subosito/flutter-action's releases</a>.</em></p>
<blockquote>
<h2>v2.20.0</h2>
<h2>What's Changed</h2>
<ul>
<li>perf: Only install yq on Windows if used by <a href="https://github.com/christerswahn"><code>@​christerswahn</code></a> in <a href="https://redirect.github.com/subosito/flutter-action/pull/362">subosito/flutter-action#362</a></li>
<li>use env if it existed by <a href="https://github.com/atishoo"><code>@​atishoo</code></a> in <a href="https://redirect.github.com/subosito/flutter-action/pull/360">subosito/flutter-action#360</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/christerswahn"><code>@​christerswahn</code></a> made their first contribution in <a href="https://redirect.github.com/subosito/flutter-action/pull/362">subosito/flutter-action#362</a></li>
<li><a href="https://github.com/atishoo"><code>@​atishoo</code></a> made their first contribution in <a href="https://redirect.github.com/subosito/flutter-action/pull/360">subosito/flutter-action#360</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/subosito/flutter-action/compare/v2...v2.20.0">https://github.com/subosito/flutter-action/compare/v2...v2.20.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="395322a6cd"><code>395322a</code></a> use env if it existed (<a href="https://redirect.github.com/subosito/flutter-action/issues/360">#360</a>)</li>
<li><a href="02d6ac3427"><code>02d6ac3</code></a> perf: Only install yq on Windows if used (<a href="https://redirect.github.com/subosito/flutter-action/issues/362">#362</a>)</li>
<li>See full diff in <a href="e938fdf565...395322a6cd">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=subosito/flutter-action&package-manager=github_actions&previous-version=2.19.0&new-version=2.20.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2025-06-11 06:07:57 +00:00
Eric Windmill
dd21cee9c1 Remove visual samples index (#2607) 
Removes VSI and all related infra. It has been replaced by [an index
page on
flutter.dev](https://docs.flutter.dev/reference/learning-resources)

Fixes:

#2582 
#2507 

## Pre-launch Checklist

- [x] I read the [Flutter Style Guide] _recently_, and have followed its
advice.
- [x] I signed the [CLA].
- [x] I read the [Contributors Guide].
- [x] I have added sample code updates to the [changelog].
- [x] I updated/added relevant documentation (doc comments with `///`).
 2025-04-30 10:31:44 -07:00
dependabot[bot]
7441fdc302 Bump actions/setup-java from 4.6.0 to 4.7.1 (#2606) 
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 4.6.0 to 4.7.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p>
<blockquote>
<h2>v4.7.1</h2>
<h2>What's Changed</h2>
<h3>Documentation changes</h3>
<ul>
<li>Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12 to Align with GFTC License Terms by <a href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/704">actions/setup-java#704</a></li>
<li>Remove duplicated GraalVM section in documentation by <a href="https://github.com/Marcono1234"><code>@​Marcono1234</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/716">actions/setup-java#716</a></li>
</ul>
<h3>Dependency updates:</h3>
<ul>
<li>Upgrade <code>@​action/cache</code> from 4.0.0 to 4.0.2 by <a href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/766">actions/setup-java#766</a></li>
<li>Upgrade <code>@​actions/glob</code> from 0.4.0 to 0.5.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/744">actions/setup-java#744</a></li>
<li>Upgrade ts-jest from 29.1.2 to 29.2.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/743">actions/setup-java#743</a></li>
<li>Upgrade <code>@​action/cache</code> to 4.0.3 by <a href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/773">actions/setup-java#773</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v4.7.1">https://github.com/actions/setup-java/compare/v4...v4.7.1</a></p>
<h2>v4.7.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Configure Dependabot settings by <a href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/722">actions/setup-java#722</a></li>
<li>README Update: Added a permissions section by <a href="https://github.com/benwells"><code>@​benwells</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li>
<li>Upgrade <code>cache</code> from version 3.2.4 to 4.0.0 by <a href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/724">actions/setup-java#724</a></li>
<li>Upgrade <code>@actions/http-client</code> from 2.2.1 to 2.2.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/728">actions/setup-java#728</a></li>
<li>Upgrade <code>actions/publish-immutable-action</code> from 0.0.3 to 0.0.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/727">actions/setup-java#727</a></li>
<li>Upgrade <code>@types/jest</code> from 29.5.12 to 29.5.14 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/729">actions/setup-java#729</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/benwells"><code>@​benwells</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v4.7.0">https://github.com/actions/setup-java/compare/v4...v4.7.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="c5195efecf"><code>c5195ef</code></a> actions/cache upgrade to 4.0.3 (<a href="https://redirect.github.com/actions/setup-java/issues/773">#773</a>)</li>
<li><a href="dd38875f93"><code>dd38875</code></a> Bump ts-jest from 29.1.2 to 29.2.5 (<a href="https://redirect.github.com/actions/setup-java/issues/743">#743</a>)</li>
<li><a href="148017a9b0"><code>148017a</code></a> Bump <code>@​actions/glob</code> from 0.4.0 to 0.5.0 (<a href="https://redirect.github.com/actions/setup-java/issues/744">#744</a>)</li>
<li><a href="3b6c050358"><code>3b6c050</code></a> Remove duplicated GraalVM section in documentation (<a href="https://redirect.github.com/actions/setup-java/issues/716">#716</a>)</li>
<li><a href="b8ebb8ba1d"><code>b8ebb8b</code></a> upgrade <code>@​action/cache</code> from 4.0.0 to 4.0.2 (<a href="https://redirect.github.com/actions/setup-java/issues/766">#766</a>)</li>
<li><a href="799ee7c97e"><code>799ee7c</code></a> Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12 to Ali...</li>
<li><a href="3a4f6e1af5"><code>3a4f6e1</code></a> Bump <code>@​types/jest</code> from 29.5.12 to 29.5.14 (<a href="https://redirect.github.com/actions/setup-java/issues/729">#729</a>)</li>
<li><a href="25f376e348"><code>25f376e</code></a> Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (<a href="https://redirect.github.com/actions/setup-java/issues/727">#727</a>)</li>
<li><a href="d4e4b6bbc1"><code>d4e4b6b</code></a> Bump <code>@​actions/http-client</code> from 2.2.1 to 2.2.3 (<a href="https://redirect.github.com/actions/setup-java/issues/728">#728</a>)</li>
<li><a href="28b532bcb3"><code>28b532b</code></a> Create dependabot.yml (<a href="https://redirect.github.com/actions/setup-java/issues/722">#722</a>)</li>
<li>Additional commits viewable in <a href="7a6d8a8234...c5195efecf">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=4.6.0&new-version=4.7.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2025-04-09 07:15:12 +00:00
dependabot[bot]
fddf2e3b01 Bump subosito/flutter-action from 2.18.0 to 2.19.0 (#2597) 
Bumps [subosito/flutter-action](https://github.com/subosito/flutter-action) from 2.18.0 to 2.19.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/subosito/flutter-action/releases">subosito/flutter-action's releases</a>.</em></p>
<blockquote>
<h2>v2.19.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Split test cases by architecture by <a href="https://github.com/koji-1009"><code>@​koji-1009</code></a> in <a href="https://redirect.github.com/subosito/flutter-action/pull/305">subosito/flutter-action#305</a></li>
<li>Remove restore-keys from caching by <a href="https://github.com/lbonsey1"><code>@​lbonsey1</code></a> in <a href="https://redirect.github.com/subosito/flutter-action/pull/349">subosito/flutter-action#349</a></li>
<li>Fix <code>PUB-CACHE-PATH</code> output different from <code>PUB_CACHE</code> env variable by <a href="https://github.com/kuhnroyal"><code>@​kuhnroyal</code></a> in <a href="https://redirect.github.com/subosito/flutter-action/pull/348">subosito/flutter-action#348</a></li>
<li>Update Flock's git URL in README by <a href="https://github.com/victoreronmosele"><code>@​victoreronmosele</code></a> in <a href="https://redirect.github.com/subosito/flutter-action/pull/347">subosito/flutter-action#347</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/lbonsey1"><code>@​lbonsey1</code></a> made their first contribution in <a href="https://redirect.github.com/subosito/flutter-action/pull/349">subosito/flutter-action#349</a></li>
<li><a href="https://github.com/victoreronmosele"><code>@​victoreronmosele</code></a> made their first contribution in <a href="https://redirect.github.com/subosito/flutter-action/pull/347">subosito/flutter-action#347</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/subosito/flutter-action/compare/v2.18.0...v2.19.0">https://github.com/subosito/flutter-action/compare/v2.18.0...v2.19.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="e938fdf565"><code>e938fdf</code></a> Update Flock's git URL in README (<a href="https://redirect.github.com/subosito/flutter-action/issues/347">#347</a>)</li>
<li><a href="bcafcd664b"><code>bcafcd6</code></a> Fix PUB-CACHE-PATH output different to PUB_CACHE env variable (<a href="https://redirect.github.com/subosito/flutter-action/issues/348">#348</a>)</li>
<li><a href="1177d931c8"><code>1177d93</code></a> fix: remove restore keys (<a href="https://redirect.github.com/subosito/flutter-action/issues/349">#349</a>)</li>
<li><a href="ce3cf2160d"><code>ce3cf21</code></a> test: Split test cases by architecture (<a href="https://redirect.github.com/subosito/flutter-action/issues/305">#305</a>)</li>
<li>See full diff in <a href="f2c4f6686c...e938fdf565">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=subosito/flutter-action&package-manager=github_actions&previous-version=2.18.0&new-version=2.19.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2025-03-25 07:31:58 +00:00
Matan Lurey
285fb52f80 Do not update patch versions for dependabot/github-actions. (#2591) 
Towards #158350.
 2025-02-25 09:46:57 -05:00
dependabot[bot]
80968f803d Bump actions/setup-java from 4.5.0 to 4.6.0 (#2555) 
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 4.5.0 to 4.6.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p>
<blockquote>
<h2>v4.6.0</h2>
<h2>What's Changed</h2>
<p><strong>Add-ons:</strong></p>
<ul>
<li>Add Support for JetBrains Runtime by <a href="https://github.com/gmitch215"><code>@​gmitch215</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/637">actions/setup-java#637</a></li>
</ul>
<pre lang="steps:"><code> - name: Checkout
   uses: actions/checkout@v4
 - name: Setup-java
   uses: actions/setup-java@v4
   with:
     distribution: ‘jetbrains’
     java-version: '21'
</code></pre>
<p><strong>Bug fixes:</strong></p>
<ul>
<li>Fix Ubuntu-latest CI failures by <a href="https://github.com/mahabaleshwars"><code>@​mahabaleshwars</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/693">actions/setup-java#693</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/gmitch215"><code>@​gmitch215</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/637">actions/setup-java#637</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v4.6.0">https://github.com/actions/setup-java/compare/v4...v4.6.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="7a6d8a8234"><code>7a6d8a8</code></a> Add Support for JetBrains Runtime (<a href="https://redirect.github.com/actions/setup-java/issues/637">#637</a>)</li>
<li><a href="7136edc5e8"><code>7136edc</code></a> Fix sbt and x86 CI failures on Ubuntu-24 (<a href="https://redirect.github.com/actions/setup-java/issues/693">#693</a>)</li>
<li>See full diff in <a href="8df1039502...7a6d8a8234">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=4.5.0&new-version=4.6.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-12-18 06:54:06 +00:00
dependabot[bot]
33701ce1c5 Bump subosito/flutter-action from 2.17.0 to 2.18.0 (#2537) 
Bumps [subosito/flutter-action](https://github.com/subosito/flutter-action) from 2.17.0 to 2.18.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/subosito/flutter-action/releases">subosito/flutter-action's releases</a>.</em></p>
<blockquote>
<h2>v2.18.0</h2>
<h2>What's Changed</h2>
<ul>
<li>README updates by <a href="https://github.com/bartekpacia"><code>@​bartekpacia</code></a></li>
<li>Automatically install <code>yq</code> on Windows runners by <a href="https://github.com/penkzhou"><code>@​penkzhou</code></a> in <a href="https://redirect.github.com/subosito/flutter-action/pull/336">subosito/flutter-action#336</a></li>
<li>feat: add git source support by <a href="https://github.com/ErBWs"><code>@​ErBWs</code></a> in <a href="https://redirect.github.com/subosito/flutter-action/pull/334">subosito/flutter-action#334</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/ErBWs"><code>@​ErBWs</code></a> made their first contribution in <a href="https://redirect.github.com/subosito/flutter-action/pull/334">subosito/flutter-action#334</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/subosito/flutter-action/compare/v2.17.0...v2.18.0">https://github.com/subosito/flutter-action/compare/v2.17.0...v2.18.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="f2c4f6686c"><code>f2c4f66</code></a> fix syntax mistake in readme (<a href="https://redirect.github.com/subosito/flutter-action/issues/338">#338</a>)</li>
<li><a href="fd476281dd"><code>fd47628</code></a> improve readme (<a href="https://redirect.github.com/subosito/flutter-action/issues/337">#337</a>)</li>
<li><a href="799318a131"><code>799318a</code></a> feat: add git source support (<a href="https://redirect.github.com/subosito/flutter-action/issues/334">#334</a>)</li>
<li><a href="8535a80ce0"><code>8535a80</code></a> Feature/yq on windows (<a href="https://redirect.github.com/subosito/flutter-action/issues/336">#336</a>)</li>
<li><a href="7642db7052"><code>7642db7</code></a> update readme (<a href="https://redirect.github.com/subosito/flutter-action/issues/335">#335</a>)</li>
<li>See full diff in <a href="74af56c5ed...f2c4f6686c">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=subosito/flutter-action&package-manager=github_actions&previous-version=2.17.0&new-version=2.18.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-12-04 07:25:14 +00:00
Eric Windmill
c5925c407d Update readme, add changelog (#2535) 
Adds sample index to readme.

Completes #2497 
Completes #2536 

## Pre-launch Checklist

- [x] I read the [Flutter Style Guide] _recently_, and have followed its
advice.
- [x] I signed the [CLA].
- [x] I read the [Contributors Guide].
- [x] I updated/added relevant documentation (doc comments with `///`).
- [x] All existing and new tests are passing.
 2024-12-03 13:07:36 -05:00
dependabot[bot]
07b0156299 Bump subosito/flutter-action from 2.16.0 to 2.17.0 (#2491) 
Bumps [subosito/flutter-action](https://github.com/subosito/flutter-action) from 2.16.0 to 2.17.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/subosito/flutter-action/releases">subosito/flutter-action's releases</a>.</em></p>
<blockquote>
<h2>v2.17.0</h2>
<p>This release adds support for older <code>yq</code> versions, as added in PR <a href="https://redirect.github.com/subosito/flutter-action/issues/329">#329</a>. Thanks for contributing, <a href="https://github.com/ThomasAunvik"><code>@​ThomasAunvik</code></a>!</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="74af56c5ed"><code>74af56c</code></a> Support older yq versions (<a href="https://redirect.github.com/subosito/flutter-action/issues/329">#329</a>)</li>
<li><a href="9bc1d83fda"><code>9bc1d83</code></a> Remove macos-14 from matrix (<a href="https://redirect.github.com/subosito/flutter-action/issues/304">#304</a>)</li>
<li><a href="bcec24ecf7"><code>bcec24e</code></a> Fix failing tests (<a href="https://redirect.github.com/subosito/flutter-action/issues/327">#327</a>)</li>
<li><a href="94b32dd006"><code>94b32dd</code></a> test action: allow to run manually (<a href="https://redirect.github.com/subosito/flutter-action/issues/325">#325</a>)</li>
<li>See full diff in <a href="44ac965b96...74af56c5ed">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=subosito/flutter-action&package-manager=github_actions&previous-version=2.16.0&new-version=2.17.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-11-25 06:59:47 +00:00
dependabot[bot]
9a01200cf8 Bump actions/setup-java from 4.4.0 to 4.5.0 (#2482) 
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 4.4.0 to 4.5.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p>
<blockquote>
<h2>v4.5.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgrade IA Publish by <a href="https://github.com/Jcambass"><code>@​Jcambass</code></a> in <a href="https://redirect.github.com/actions/setup-java/issues/686">#686</a></li>
</ul>
<h3>Bug fixes:</h3>
<ul>
<li>Improve archive extraction on windows runners without powershell core and Update micromatch dependency by <a href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a> in <a href="https://redirect.github.com/actions/setup-java/issues/689">#689</a></li>
<li>Update workflows for GraalVM and Version Enhancements by <a href="https://github.com/mahabaleshwars"><code>@​mahabaleshwars</code></a> in <a href="https://redirect.github.com/actions/setup-java/issues/699">#699</a></li>
<li>Refine <code>isGhes</code> logic by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/setup-java/issues/697">#697</a></li>
</ul>
<h3>New Contributors:</h3>
<ul>
<li><a href="https://github.com/priyagupta108"><code>@​priyagupta108</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/689">actions/setup-java#689</a></li>
<li><a href="https://github.com/jww3"><code>@​jww3</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/697">actions/setup-java#697</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v4.5.0">https://github.com/actions/setup-java/compare/v4...v4.5.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="8df1039502"><code>8df1039</code></a> Refine <code>isGhes</code> logic (<a href="https://redirect.github.com/actions/setup-java/issues/697">#697</a>)</li>
<li><a href="870c199c48"><code>870c199</code></a> Update workflows for GraalVM and Version Enhancements (<a href="https://redirect.github.com/actions/setup-java/issues/699">#699</a>)</li>
<li><a href="83a06ff9d9"><code>83a06ff</code></a> Fix Windows archives extraction issue (<a href="https://redirect.github.com/actions/setup-java/issues/689">#689</a>)</li>
<li><a href="292cc14be8"><code>292cc14</code></a> Merge pull request <a href="https://redirect.github.com/actions/setup-java/issues/686">#686</a> from actions/Jcambass-patch-1</li>
<li><a href="68b1d5a3da"><code>68b1d5a</code></a> Upgrade IA Publish</li>
<li>See full diff in <a href="b36c23c0d9...8df1039502">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=4.4.0&new-version=4.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-10-25 06:46:02 +00:00
dependabot[bot]
93eb030f3c Bump actions/checkout from 4.2.1 to 4.2.2 (#2480) 2024-10-24 17:43:34 +11:00
Parker Lougheed
3c90705715 Retire linting_tool desktop sample (#2472) 
Adds a README as a breadcrumb with the history of the sample as well as links to some relevant resources.

Part of https://github.com/dart-lang/sdk/issues/56835
Contributes to https://github.com/flutter/samples/issues/2409
 2024-10-12 00:32:26 +00:00
dependabot[bot]
8ecb09f126 Bump actions/checkout from 4.2.0 to 4.2.1 (#2469) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.0 to 4.2.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v4.2.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Jcambass"><code>@​Jcambass</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1919">actions/checkout#1919</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.2.0...v4.2.1">https://github.com/actions/checkout/compare/v4.2.0...v4.2.1</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependency updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<h2>v4.1.5</h2>
<ul>
<li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
<li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li>
</ul>
<h2>v4.1.4</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
</ul>
<h2>v4.1.3</h2>
<ul>
<li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li>
<li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li>
<li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li>
</ul>
<h2>v4.1.2</h2>
<ul>
<li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@​dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li>
</ul>
<h2>v4.1.1</h2>
<ul>
<li>Correct link to GitHub Docs by <a href="https://github.com/peterbe"><code>@​peterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li>
<li>Link to release page from what's new section by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li>
</ul>
<h2>v4.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li>
</ul>
<h2>v4.0.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1067">Support fetching without the --progress option</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1436">Update to node20</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="eef61447b9"><code>eef6144</code></a> Prepare 4.2.1 release (<a href="https://redirect.github.com/actions/checkout/issues/1925">#1925</a>)</li>
<li><a href="6b42224f41"><code>6b42224</code></a> Add workflow file for publishing releases to immutable action package (<a href="https://redirect.github.com/actions/checkout/issues/1919">#1919</a>)</li>
<li><a href="de5a000abf"><code>de5a000</code></a> Check out other refs/* by commit if provided, fall back to ref (<a href="https://redirect.github.com/actions/checkout/issues/1924">#1924</a>)</li>
<li>See full diff in <a href="d632683dd7...eef61447b9">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.2.0&new-version=4.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-10-08 07:10:23 +00:00
dependabot[bot]
f45a3aa0c4 Bump actions/checkout from 4.1.7 to 4.2.0 (#2455) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.7 to 4.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v4.2.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependabot updates in <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a> &amp; <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/yasonk"><code>@​yasonk</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1869">actions/checkout#1869</a></li>
<li><a href="https://github.com/lucacome"><code>@​lucacome</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.7...v4.2.0">https://github.com/actions/checkout/compare/v4.1.7...v4.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependency updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<h2>v4.1.5</h2>
<ul>
<li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
<li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li>
</ul>
<h2>v4.1.4</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
</ul>
<h2>v4.1.3</h2>
<ul>
<li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li>
<li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li>
<li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@​jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li>
</ul>
<h2>v4.1.2</h2>
<ul>
<li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@​dscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li>
</ul>
<h2>v4.1.1</h2>
<ul>
<li>Correct link to GitHub Docs by <a href="https://github.com/peterbe"><code>@​peterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li>
<li>Link to release page from what's new section by <a href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li>
</ul>
<h2>v4.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li>
</ul>
<h2>v4.0.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1067">Support fetching without the --progress option</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1436">Update to node20</a></li>
</ul>
<h2>v3.6.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark test scripts with Bash'isms to be run via Bash</a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="d632683dd7"><code>d632683</code></a> Prepare 4.2.0 release (<a href="https://redirect.github.com/actions/checkout/issues/1878">#1878</a>)</li>
<li><a href="6d193bf280"><code>6d193bf</code></a> Bump braces from 3.0.2 to 3.0.3 (<a href="https://redirect.github.com/actions/checkout/issues/1777">#1777</a>)</li>
<li><a href="db0cee9a51"><code>db0cee9</code></a> Bump the minor-npm-dependencies group across 1 directory with 4 updates (<a href="https://redirect.github.com/actions/checkout/issues/1872">#1872</a>)</li>
<li><a href="b684943689"><code>b684943</code></a> Add Ref and Commit outputs (<a href="https://redirect.github.com/actions/checkout/issues/1180">#1180</a>)</li>
<li><a href="2d7d9f7ff5"><code>2d7d9f7</code></a> Provide explanation for where user email came from (<a href="https://redirect.github.com/actions/checkout/issues/1869">#1869</a>)</li>
<li><a href="9a9194f871"><code>9a9194f</code></a> Bump docker/build-push-action from 5.3.0 to 6.5.0 (<a href="https://redirect.github.com/actions/checkout/issues/1832">#1832</a>)</li>
<li><a href="dd960bd3c3"><code>dd960bd</code></a> Bump docker/login-action in the minor-actions-dependencies group (<a href="https://redirect.github.com/actions/checkout/issues/1831">#1831</a>)</li>
<li>See full diff in <a href="692973e3d9...d632683dd7">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.7&new-version=4.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-09-26 06:55:37 +00:00
dependabot[bot]
eb47a728ce Bump actions/setup-java from 4.3.0 to 4.4.0 (#2448) 
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 4.3.0 to 4.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p>
<blockquote>
<h2>v4.4.0</h2>
<h2>What's Changed</h2>
<p><strong>Add-ons :</strong></p>
<ul>
<li>Add support for Oracle GraalVM by <a href="https://github.com/fniephaus"><code>@​fniephaus</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/501">actions/setup-java#501</a></li>
</ul>
<pre><code>steps:
 - name: Checkout
   uses: actions/checkout@v4
 - name: Setup-java
   uses: actions/setup-java@v4
   with:
     distribution: 'graalvm'
     java-version: '21'
</code></pre>
<ul>
<li>Add workflow file for publishing releases to immutable action package by <a href="https://github.com/Jcambass"><code>@​Jcambass</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/684">actions/setup-java#684</a></li>
</ul>
<p><strong>Bug fixes :</strong></p>
<ul>
<li>Add architecture to cache key by <a href="https://github.com/Zxilly"><code>@​Zxilly</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/664">actions/setup-java#664</a>
This addresses issues with caching by adding the architecture (arch) to the cache key, ensuring that cache keys are accurate to prevent conflicts.
Note: This change may break previous cache keys as they will no longer be compatible with the new format.</li>
<li>Resolve check failures by <a href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/687">actions/setup-java#687</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Jcambass"><code>@​Jcambass</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/684">actions/setup-java#684</a></li>
<li><a href="https://github.com/Zxilly"><code>@​Zxilly</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/664">actions/setup-java#664</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v4.4.0">https://github.com/actions/setup-java/compare/v4...v4.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="b36c23c0d9"><code>b36c23c</code></a> check-dist-failure-fix (<a href="https://redirect.github.com/actions/setup-java/issues/687">#687</a>)</li>
<li><a href="40b9536ce5"><code>40b9536</code></a> fix: add arch to cache key (<a href="https://redirect.github.com/actions/setup-java/issues/664">#664</a>)</li>
<li><a href="0a40ce6f61"><code>0a40ce6</code></a> Add support for Oracle GraalVM (<a href="https://redirect.github.com/actions/setup-java/issues/501">#501</a>)</li>
<li><a href="bcfbca5b71"><code>bcfbca5</code></a> Merge pull request <a href="https://redirect.github.com/actions/setup-java/issues/684">#684</a> from actions/Jcambass-patch-1</li>
<li><a href="78eae7945c"><code>78eae79</code></a> Add workflow file for publishing releases to immutable action package</li>
<li>See full diff in <a href="2dfa2011c5...b36c23c0d9">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=4.3.0&new-version=4.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-09-25 07:11:23 +00:00
dependabot[bot]
578477a329 Bump actions/setup-java from 4.2.2 to 4.3.0 (#2434) 
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 4.2.2 to 4.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<p>What's Changed</p>
<ul>
<li>Add support for SapMachine JDK/JRE by <a href="https://github.com/Shegox"><code>@​Shegox</code></a> in <a href="https://redirect.github.com/actions/setup-java/issues/614">#614</a></li>
</ul>
<pre lang="yaml"><code>steps:
 - name: Checkout
   uses: actions/checkout@v4
 - name: Setup-java
   uses: actions/setup-java@v4
   with:
     distribution: ‘sapmachine’
     java-version: ’21’
</code></pre>
<p>Bug fixes :</p>
<ul>
<li>
<pre><code>Fix typos on Corretto by @johnshajiang in [#666](https://github.com/actions/setup-java/issues/666)
</code></pre>
</li>
<li>
<pre><code>IBM Semeru Enhancement on arm64 by @mahabaleshwars in [#677](https://github.com/actions/setup-java/issues/677) 
</code></pre>
</li>
<li>
<pre><code>Resolve Basic Validation Check Failures by @aparnajyothi-y
 in [#682](https://github.com/actions/setup-java/issues/682) 
</code></pre>
</li>
</ul>
<p>New Contributors :</p>
<ul>
<li>
<pre><code>@johnshajiang made their first contribution in [#666](https://github.com/actions/setup-java/issues/666) 
</code></pre>
</li>
<li>
<pre><code>@Shegox made their first contribution in [#614](https://github.com/actions/setup-java/issues/614)
</code></pre>
</li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v4.3.0">https://github.com/actions/setup-java/compare/v4...v4.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="2dfa2011c5"><code>2dfa201</code></a> basic validation failure fix (<a href="https://redirect.github.com/actions/setup-java/issues/682">#682</a>)</li>
<li><a href="7467385c61"><code>7467385</code></a> feat: add support for SapMachine JDK/JRE (<a href="https://redirect.github.com/actions/setup-java/issues/614">#614</a>)</li>
<li><a href="8e04ddff28"><code>8e04ddf</code></a> Update Error Messages and Fix Architecture Detection for IBM Semeru (<a href="https://redirect.github.com/actions/setup-java/issues/677">#677</a>)</li>
<li><a href="67fbd726da"><code>67fbd72</code></a> Fix typos on Corretto (<a href="https://redirect.github.com/actions/setup-java/issues/665">#665</a>) (<a href="https://redirect.github.com/actions/setup-java/issues/666">#666</a>)</li>
<li>See full diff in <a href="6a0805fcef...2dfa2011c5">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=4.2.2&new-version=4.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-09-10 07:29:21 +00:00
Eric Windmill
4d67572868 Disable scorecard analysis (#2430) 
Removes scorecard analysis workflow, as it requires maintenance that the
EngProd team was doing, and it isn't being used in the README anyway.
 2024-09-05 10:49:36 -04:00
dependabot[bot]
70db1348e9 Bump actions/upload-artifact from 4.3.6 to 4.4.0 (#2427) 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.6 to 4.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p>
<blockquote>
<h2>v4.4.0</h2>
<h2>Notice: Breaking Changes ⚠️</h2>
<p>We will no longer include hidden files and folders by default in the <code>upload-artifact</code> action of this version. This reduces the risk that credentials are accidentally uploaded into artifacts. Customers who need to continue to upload these files can use a new option, <code>include-hidden-files</code>, to continue to do so.</p>
<p>See <a href="https://github.blog/changelog/2024-08-19-notice-of-upcoming-deprecations-and-breaking-changes-in-github-actions-runners/">&quot;Notice of upcoming deprecations and breaking changes in GitHub Actions runners&quot;</a> changelog and <a href="https://redirect.github.com/actions/upload-artifact/issues/602">this issue</a> for more details.</p>
<h2>What's Changed</h2>
<ul>
<li>Exclude hidden files by default by <a href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/598">actions/upload-artifact#598</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4.3.6...v4.4.0">https://github.com/actions/upload-artifact/compare/v4.3.6...v4.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="50769540e7"><code>5076954</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/598">#598</a> from actions/joshmgross/exclude-hidden-files</li>
<li><a href="d52396ac5d"><code>d52396a</code></a> Add a warning about enabling <code>include-hidden-files</code></li>
<li><a href="710f362075"><code>710f362</code></a> Remove &quot;merged&quot; from <code>include-hidden-files</code> input description</li>
<li><a href="3b315f26f6"><code>3b315f2</code></a> <code>npm run release</code> again 🙂</li>
<li><a href="3be2180eb7"><code>3be2180</code></a> Remove another trailing comma</li>
<li><a href="453e8d0a40"><code>453e8d0</code></a> Update glob license</li>
<li><a href="0a398c1480"><code>0a398c1</code></a> <code>npm run release</code></li>
<li><a href="a0c40cf602"><code>a0c40cf</code></a> Update to latest <code>@actions/glob</code> and fix tests</li>
<li><a href="acb59e4776"><code>acb59e4</code></a> <code>lint</code></li>
<li><a href="cb6558bb10"><code>cb6558b</code></a> Exclude hidden files by default</li>
<li>See full diff in <a href="834a144ee9...50769540e7">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=4.3.6&new-version=4.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
 2024-09-02 07:01:05 +00:00
Brett Morgan
8d208d7fd4 CI Fix, part #2 (#2423) 2024-09-01 17:25:33 +10:00
dependabot[bot]
61fed76690 Bump github/codeql-action from 3.26.5 to 3.26.6 (#2417) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.26.5 to 3.26.6.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<p>Note that the only difference between <code>v2</code> and
<code>v3</code> of the CodeQL Action is the node version they support,
with <code>v3</code> running on node 20 while we continue to release
<code>v2</code> to support running on node 16. For example
<code>3.22.11</code> was the first <code>v3</code> release and is
functionally identical to <code>2.22.11</code>. This approach ensures an
easy way to track exactly which features are included in different
versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.26.6 - 29 Aug 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.18.3. <a
href="https://redirect.github.com/github/codeql-action/pull/2449">#2449</a></li>
</ul>
<h2>3.26.5 - 23 Aug 2024</h2>
<ul>
<li>Fix an issue where the <code>csrutil</code> system call used for
telemetry would fail on MacOS ARM machines with System Integrity
Protection disabled. <a
href="https://redirect.github.com/github/codeql-action/pull/2441">#2441</a></li>
</ul>
<h2>3.26.4 - 21 Aug 2024</h2>
<ul>
<li><em>Deprecation:</em> The <code>add-snippets</code> input on the
<code>analyze</code> Action is deprecated and will be removed in the
first release in August 2025. <a
href="https://redirect.github.com/github/codeql-action/pull/2436">#2436</a></li>
<li>Fix an issue where the disk usage system call used for telemetry
would fail on MacOS ARM machines with System Integrity Protection
disabled, and then surface a warning. The system call is now disabled
for these machines. <a
href="https://redirect.github.com/github/codeql-action/pull/2434">#2434</a></li>
</ul>
<h2>3.26.3 - 19 Aug 2024</h2>
<ul>
<li>Fix an issue where the CodeQL Action could not write diagnostic
messages on Windows. This issue did not impact analysis quality. <a
href="https://redirect.github.com/github/codeql-action/pull/2430">#2430</a></li>
</ul>
<h2>3.26.2 - 14 Aug 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.18.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2417">#2417</a></li>
</ul>
<h2>3.26.1 - 13 Aug 2024</h2>
<p>No user facing changes.</p>
<h2>3.26.0 - 06 Aug 2024</h2>
<ul>
<li><em>Deprecation:</em> Swift analysis on Ubuntu runner images is no
longer supported. Please migrate to a macOS runner if this affects you.
<a
href="https://redirect.github.com/github/codeql-action/pull/2403">#2403</a></li>
<li>Bump the minimum CodeQL bundle version to 2.13.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2408">#2408</a></li>
</ul>
<h2>3.25.15 - 26 Jul 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.18.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2385">#2385</a></li>
</ul>
<h2>3.25.14 - 25 Jul 2024</h2>
<ul>
<li>Experimental: add a new <code>start-proxy</code> action which starts
the same HTTP proxy as used by <a
href="https://github.com/github/dependabot-action"><code>github/dependabot-action</code></a>.
Do not use this in production as it is part of an internal experiment
and subject to change at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2376">#2376</a></li>
</ul>
<h2>3.25.13 - 19 Jul 2024</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4dd16135b6"><code>4dd1613</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2452">#2452</a>
from github/update-v3.26.6-7233ec5e6</li>
<li><a
href="dd9dd2d538"><code>dd9dd2d</code></a>
Update changelog for v3.26.6</li>
<li><a
href="7233ec5e6b"><code>7233ec5</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2449">#2449</a>
from github/update-bundle/codeql-bundle-v2.18.3</li>
<li><a
href="a32c44dba1"><code>a32c44d</code></a>
Add changelog note</li>
<li><a
href="2966897c67"><code>2966897</code></a>
Update default bundle to codeql-bundle-v2.18.3</li>
<li><a
href="b8efe4dc6a"><code>b8efe4d</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2435">#2435</a>
from github/update-supported-enterprise-server-versions</li>
<li><a
href="ab408a875b"><code>ab408a8</code></a>
Merge branch 'main' into
update-supported-enterprise-server-versions</li>
<li><a
href="864b979bc3"><code>864b979</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2443">#2443</a>
from github/dbartol/config-file-telemetry</li>
<li><a
href="d36c7aaf6a"><code>d36c7aa</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2448">#2448</a>
from github/dependabot/npm_and_yarn/npm-09b7c43f6b</li>
<li><a
href="b3bf514df4"><code>b3bf514</code></a>
Update checked-in dependencies</li>
<li>Additional commits viewable in <a
href="2c779ab0d0...4dd16135b6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.26.5&new-version=3.26.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-30 17:14:19 +10:00
dependabot[bot]
cd5956dd5d Bump github/codeql-action from 3.26.4 to 3.26.5 (#2395) 2024-08-26 11:25:09 +02:00
dependabot[bot]
31d3120d95 Bump actions/setup-java from 4.2.1 to 4.2.2 (#2378) 
Bumps [actions/setup-java](https://github.com/actions/setup-java) from
4.2.1 to 4.2.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-java/releases">actions/setup-java's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.2</h2>
<h2>What's Changed</h2>
<h3>

Bug fixes:</h3>
<ul>
<li>Fix macos latest check failures by <a
href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/634">actions/setup-java#634</a></li>
<li>Fix dragonwell distribution parsing issues by <a
href="https://github.com/Accelerator1996"><code>@​Accelerator1996</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/643">actions/setup-java#643</a></li>
</ul>
<h3>Documentation changes</h3>
<ul>
<li>Update advanced documentation for java-version-file by <a
href="https://github.com/mahabaleshwars"><code>@​mahabaleshwars</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/622">actions/setup-java#622</a></li>
</ul>
<h3>Dependency updates:</h3>
<ul>
<li>Bump undici from 5.28.3 to 5.28.4 and other dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/616">actions/setup-java#616</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-java/compare/v4...v4.2.2">https://github.com/actions/setup-java/compare/v4...v4.2.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6a0805fcef"><code>6a0805f</code></a>
Fix the bug about parsing dragonwell version (<a
href="https://redirect.github.com/actions/setup-java/issues/642">#642</a>)
(<a
href="https://redirect.github.com/actions/setup-java/issues/643">#643</a>)</li>
<li><a
href="fd08b9c8dc"><code>fd08b9c</code></a>
Bump undici from 5.28.3 to 5.28.4 (<a
href="https://redirect.github.com/actions/setup-java/issues/616">#616</a>)</li>
<li><a
href="2e74cbce18"><code>2e74cbc</code></a>
Fix versions check failures (<a
href="https://redirect.github.com/actions/setup-java/issues/634">#634</a>)</li>
<li><a
href="a1c6c9c867"><code>a1c6c9c</code></a>
Updated advanced-usage.md (<a
href="https://redirect.github.com/actions/setup-java/issues/622">#622</a>)</li>
<li>See full diff in <a
href="99b8673ff6...6a0805fcef">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=4.2.1&new-version=4.2.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-23 10:22:44 -04:00
dependabot[bot]
27fe553880 Bump github/codeql-action from 3.26.3 to 3.26.4 (#2393) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.26.3 to 3.26.4.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<p>Note that the only difference between <code>v2</code> and
<code>v3</code> of the CodeQL Action is the node version they support,
with <code>v3</code> running on node 20 while we continue to release
<code>v2</code> to support running on node 16. For example
<code>3.22.11</code> was the first <code>v3</code> release and is
functionally identical to <code>2.22.11</code>. This approach ensures an
easy way to track exactly which features are included in different
versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.26.4 - 21 Aug 2024</h2>
<ul>
<li><em>Deprecation:</em> The <code>add-snippets</code> input on the
<code>analyze</code> Action is deprecated and will be removed in the
first release in August 2025. <a
href="https://redirect.github.com/github/codeql-action/pull/2436">#2436</a></li>
<li>Fix an issue where the disk usage system call used for telemetry
would fail on MacOS ARM machines with System Integrity Protection
disabled, and then surface a warning. The system call is now disabled
for these machines. <a
href="https://redirect.github.com/github/codeql-action/pull/2434">#2434</a></li>
</ul>
<h2>3.26.3 - 19 Aug 2024</h2>
<ul>
<li>Fix an issue where the CodeQL Action could not write diagnostic
messages on Windows. This issue did not impact analysis quality. <a
href="https://redirect.github.com/github/codeql-action/pull/2430">#2430</a></li>
</ul>
<h2>3.26.2 - 14 Aug 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.18.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2417">#2417</a></li>
</ul>
<h2>3.26.1 - 13 Aug 2024</h2>
<p>No user facing changes.</p>
<h2>3.26.0 - 06 Aug 2024</h2>
<ul>
<li><em>Deprecation:</em> Swift analysis on Ubuntu runner images is no
longer supported. Please migrate to a macOS runner if this affects you.
<a
href="https://redirect.github.com/github/codeql-action/pull/2403">#2403</a></li>
<li>Bump the minimum CodeQL bundle version to 2.13.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2408">#2408</a></li>
</ul>
<h2>3.25.15 - 26 Jul 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.18.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2385">#2385</a></li>
</ul>
<h2>3.25.14 - 25 Jul 2024</h2>
<ul>
<li>Experimental: add a new <code>start-proxy</code> action which starts
the same HTTP proxy as used by <a
href="https://github.com/github/dependabot-action"><code>github/dependabot-action</code></a>.
Do not use this in production as it is part of an internal experiment
and subject to change at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2376">#2376</a></li>
</ul>
<h2>3.25.13 - 19 Jul 2024</h2>
<ul>
<li>Add <code>codeql-version</code> to outputs. <a
href="https://redirect.github.com/github/codeql-action/pull/2368">#2368</a></li>
<li>Add a deprecation warning for customers using CodeQL version 2.13.4
and earlier. These versions of CodeQL were discontinued on 9 July 2024
alongside GitHub Enterprise Server 3.9, and will be unsupported by
CodeQL Action versions 3.26.0 and later and versions 2.26.0 and later.
<a
href="https://redirect.github.com/github/codeql-action/pull/2375">#2375</a>
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI
version 2.13.5 or later. For instance, if you have specified a custom
version of the CLI using the 'tools' input to the 'init' Action, you can
remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL
CLI between 2.12.6 and 2.13.4, you can replace
<code>github/codeql-action/*@v3</code> by
<code>github/codeql-action/*@v3.25.13</code> and
<code>github/codeql-action/*@v2</code> by
<code>github/codeql-action/*@v2.25.13</code> in your code scanning
workflow to ensure you continue using this version of the CodeQL
Action.</li>
</ul>
</li>
</ul>
<h2>3.25.12 - 12 Jul 2024</h2>
<ul>
<li>Improve the reliability and performance of analyzing code when
analyzing a compiled language with the <code>autobuild</code> <a
href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build
mode</a> on GitHub Enterprise Server. This feature is already available
to GitHub.com users. <a
href="https://redirect.github.com/github/codeql-action/pull/2353">#2353</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f0f3afee80"><code>f0f3afe</code></a>
Merge main into releases/v3 (<a
href="https://redirect.github.com/github/codeql-action/issues/2437">#2437</a>)</li>
<li><a
href="e3543591a5"><code>e354359</code></a>
Update changelog for v3.26.4</li>
<li><a
href="ae01f807ca"><code>ae01f80</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2436">#2436</a>
from rvermeulen/rvermeulen/deprecate-add-snippets</li>
<li><a
href="72bc3f7f61"><code>72bc3f7</code></a>
Address incorrect changelog location</li>
<li><a
href="7388c476ae"><code>7388c47</code></a>
Merge branch 'main' into rvermeulen/deprecate-add-snippets</li>
<li><a
href="d7c48ef5a8"><code>d7c48ef</code></a>
Add link to PR deprecating <code>add-snippets</code> to
CHANGELOG.md</li>
<li><a
href="ec21b8f8a4"><code>ec21b8f</code></a>
Update changelog with deprecation.</li>
<li><a
href="4067cdab78"><code>4067cda</code></a>
Add deprecation message to <code>add-snippets</code> input.</li>
<li><a
href="202b3b97bf"><code>202b3b9</code></a>
Stop checking disk usage for MacOS ARM with SIP disabled (<a
href="https://redirect.github.com/github/codeql-action/issues/2434">#2434</a>)</li>
<li><a
href="512e3066dd"><code>512e306</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2404">#2404</a>
from github/marcogario/proxy_64</li>
<li>Additional commits viewable in <a
href="883d8588e5...f0f3afee80">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.26.3&new-version=3.26.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-23 10:22:31 -04:00
dependabot[bot]
020ba09fe4 Bump github/codeql-action from 3.26.2 to 3.26.3 (#2391) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.26.2 to 3.26.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<p>Note that the only difference between <code>v2</code> and
<code>v3</code> of the CodeQL Action is the node version they support,
with <code>v3</code> running on node 20 while we continue to release
<code>v2</code> to support running on node 16. For example
<code>3.22.11</code> was the first <code>v3</code> release and is
functionally identical to <code>2.22.11</code>. This approach ensures an
easy way to track exactly which features are included in different
versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.26.3 - 19 Aug 2024</h2>
<ul>
<li>Fix an issue where the CodeQL Action could not write diagnostic
messages on Windows. This issue did not impact analysis quality. <a
href="https://redirect.github.com/github/codeql-action/pull/2430">#2430</a></li>
</ul>
<h2>3.26.2 - 14 Aug 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.18.2. <a
href="https://redirect.github.com/github/codeql-action/pull/2417">#2417</a></li>
</ul>
<h2>3.26.1 - 13 Aug 2024</h2>
<p>No user facing changes.</p>
<h2>3.26.0 - 06 Aug 2024</h2>
<ul>
<li><em>Deprecation:</em> Swift analysis on Ubuntu runner images is no
longer supported. Please migrate to a macOS runner if this affects you.
<a
href="https://redirect.github.com/github/codeql-action/pull/2403">#2403</a></li>
<li>Bump the minimum CodeQL bundle version to 2.13.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2408">#2408</a></li>
</ul>
<h2>3.25.15 - 26 Jul 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.18.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2385">#2385</a></li>
</ul>
<h2>3.25.14 - 25 Jul 2024</h2>
<ul>
<li>Experimental: add a new <code>start-proxy</code> action which starts
the same HTTP proxy as used by <a
href="https://github.com/github/dependabot-action"><code>github/dependabot-action</code></a>.
Do not use this in production as it is part of an internal experiment
and subject to change at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2376">#2376</a></li>
</ul>
<h2>3.25.13 - 19 Jul 2024</h2>
<ul>
<li>Add <code>codeql-version</code> to outputs. <a
href="https://redirect.github.com/github/codeql-action/pull/2368">#2368</a></li>
<li>Add a deprecation warning for customers using CodeQL version 2.13.4
and earlier. These versions of CodeQL were discontinued on 9 July 2024
alongside GitHub Enterprise Server 3.9, and will be unsupported by
CodeQL Action versions 3.26.0 and later and versions 2.26.0 and later.
<a
href="https://redirect.github.com/github/codeql-action/pull/2375">#2375</a>
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI
version 2.13.5 or later. For instance, if you have specified a custom
version of the CLI using the 'tools' input to the 'init' Action, you can
remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL
CLI between 2.12.6 and 2.13.4, you can replace
<code>github/codeql-action/*@v3</code> by
<code>github/codeql-action/*@v3.25.13</code> and
<code>github/codeql-action/*@v2</code> by
<code>github/codeql-action/*@v2.25.13</code> in your code scanning
workflow to ensure you continue using this version of the CodeQL
Action.</li>
</ul>
</li>
</ul>
<h2>3.25.12 - 12 Jul 2024</h2>
<ul>
<li>Improve the reliability and performance of analyzing code when
analyzing a compiled language with the <code>autobuild</code> <a
href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build
mode</a> on GitHub Enterprise Server. This feature is already available
to GitHub.com users. <a
href="https://redirect.github.com/github/codeql-action/pull/2353">#2353</a></li>
<li>Update default CodeQL bundle version to 2.18.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2364">#2364</a></li>
</ul>
<h2>3.25.11 - 28 Jun 2024</h2>
<ul>
<li>Avoid failing the workflow run if there is an error while uploading
debug artifacts. <a
href="https://redirect.github.com/github/codeql-action/pull/2349">#2349</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="883d8588e5"><code>883d858</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2431">#2431</a>
from github/update-v3.26.3-b187c86ce</li>
<li><a
href="e100cebbec"><code>e100ceb</code></a>
Update changelog for v3.26.3</li>
<li><a
href="b187c86ce5"><code>b187c86</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2430">#2430</a>
from github/henrymercer/windows-diagnostics-fix</li>
<li><a
href="e2bb5a2777"><code>e2bb5a2</code></a>
Add changelog note</li>
<li><a
href="e5a65875f9"><code>e5a6587</code></a>
Fix writing diagnostics on Windows</li>
<li><a
href="5c681efc3f"><code>5c681ef</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2426">#2426</a>
from github/mergeback/v3.26.2-to-main-429e1977</li>
<li><a
href="676519a882"><code>676519a</code></a>
Update checked-in dependencies</li>
<li><a
href="25a5b8f08c"><code>25a5b8f</code></a>
Update changelog and version after v3.26.2</li>
<li>See full diff in <a
href="429e197704...883d8588e5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.26.2&new-version=3.26.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-20 17:13:05 +10:00
dependabot[bot]
891d7895dc Bump github/codeql-action from 3.26.1 to 3.26.2 (#2387) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.26.1 to 3.26.2.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="429e197704"><code>429e197</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2425">#2425</a>
from github/update-v3.26.2-a93f8c2fd</li>
<li><a
href="9eec338902"><code>9eec338</code></a>
Update changelog for v3.26.2</li>
<li><a
href="a93f8c2fd1"><code>a93f8c2</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2423">#2423</a>
from github/mergeback/v3.26.1-to-main-29d86d22</li>
<li><a
href="af1f2e89e3"><code>af1f2e8</code></a>
Address incorrect CHANGELOG.md</li>
<li><a
href="2bc3b8381e"><code>2bc3b83</code></a>
Update checked-in dependencies</li>
<li><a
href="dd9700c166"><code>dd9700c</code></a>
Reapply &quot;Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2417">#2417</a>
from github/update-bundle/codeql-bundle-v2....</li>
<li><a
href="ece28a826b"><code>ece28a8</code></a>
Update changelog and version after v3.26.1</li>
<li>See full diff in <a
href="29d86d22a3...429e197704">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.26.1&new-version=3.26.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-15 17:36:19 +10:00
dependabot[bot]
72e3aca410 Bump github/codeql-action from 3.26.0 to 3.26.1 (#2384) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.26.0 to 3.26.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="29d86d22a3"><code>29d86d2</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2422">#2422</a>
from github/update-v3.26.1-0d5982aa3</li>
<li><a
href="5b15b9edeb"><code>5b15b9e</code></a>
Revert &quot;Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2417">#2417</a>
from github/update-bundle/codeql-bundle-v2.1...</li>
<li><a
href="18ac79e766"><code>18ac79e</code></a>
Update changelog for v3.26.1</li>
<li><a
href="0d5982aa33"><code>0d5982a</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2416">#2416</a>
from github/henrymercer/ghes-3.14-compat-info</li>
<li><a
href="da9ecb0f40"><code>da9ecb0</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2421">#2421</a>
from github/henrymercer/log-job-run-uuid</li>
<li><a
href="c4c3c4421f"><code>c4c3c44</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2417">#2417</a>
from github/update-bundle/codeql-bundle-v2.18.2</li>
<li><a
href="41833c77c6"><code>41833c7</code></a>
Log job run UUID</li>
<li><a
href="d620faa0b4"><code>d620faa</code></a>
Bump the npm group with 4 updates (<a
href="https://redirect.github.com/github/codeql-action/issues/2419">#2419</a>)</li>
<li><a
href="25ad3c8e40"><code>25ad3c8</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2418">#2418</a>
from github/henrymercer/extraction-time-telemetry</li>
<li><a
href="44ecae4896"><code>44ecae4</code></a>
Fix matrixing of &quot;submit SARIF after failure&quot; check</li>
<li>Additional commits viewable in <a
href="eb055d739a...29d86d22a3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.26.0&new-version=3.26.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-15 10:39:21 +10:00
dependabot[bot]
6b6104c9c9 Bump actions/upload-artifact from 4.3.5 to 4.3.6 (#2381) 
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact)
from 4.3.5 to 4.3.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.6</h2>
<h2>What's Changed</h2>
<ul>
<li>Revert to <code>@​actions/artifact</code> 2.1.8 by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/594">actions/upload-artifact#594</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4...v4.3.6">https://github.com/actions/upload-artifact/compare/v4...v4.3.6</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="834a144ee9"><code>834a144</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/594">#594</a>
from actions/robherley/4.3.6</li>
<li><a
href="134dcf33c0"><code>134dcf3</code></a>
v4.3.6</li>
<li><a
href="73a0b9c954"><code>73a0b9c</code></a>
revert back to <code>@​actions/artifact</code> 2.1.8</li>
<li>See full diff in <a
href="89ef406dd8...834a144ee9">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=4.3.5&new-version=4.3.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-07 17:48:18 +10:00
dependabot[bot]
8c916d7598 Bump github/codeql-action from 3.25.15 to 3.26.0 (#2382) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 3.25.15 to 3.26.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<p>Note that the only difference between <code>v2</code> and
<code>v3</code> of the CodeQL Action is the node version they support,
with <code>v3</code> running on node 20 while we continue to release
<code>v2</code> to support running on node 16. For example
<code>3.22.11</code> was the first <code>v3</code> release and is
functionally identical to <code>2.22.11</code>. This approach ensures an
easy way to track exactly which features are included in different
versions, indicated by the minor and patch version numbers.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>3.26.0 - 06 Aug 2024</h2>
<ul>
<li><em>Deprecation:</em> Swift analysis on Ubuntu runner images is no
longer supported. Please migrate to a macOS runner if this affects you.
<a
href="https://redirect.github.com/github/codeql-action/pull/2403">#2403</a></li>
<li>Bump the minimum CodeQL bundle version to 2.13.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2408">#2408</a></li>
</ul>
<h2>3.25.15 - 26 Jul 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.18.1. <a
href="https://redirect.github.com/github/codeql-action/pull/2385">#2385</a></li>
</ul>
<h2>3.25.14 - 25 Jul 2024</h2>
<ul>
<li>Experimental: add a new <code>start-proxy</code> action which starts
the same HTTP proxy as used by <a
href="https://github.com/github/dependabot-action"><code>github/dependabot-action</code></a>.
Do not use this in production as it is part of an internal experiment
and subject to change at any time. <a
href="https://redirect.github.com/github/codeql-action/pull/2376">#2376</a></li>
</ul>
<h2>3.25.13 - 19 Jul 2024</h2>
<ul>
<li>Add <code>codeql-version</code> to outputs. <a
href="https://redirect.github.com/github/codeql-action/pull/2368">#2368</a></li>
<li>Add a deprecation warning for customers using CodeQL version 2.13.4
and earlier. These versions of CodeQL were discontinued on 9 July 2024
alongside GitHub Enterprise Server 3.9, and will be unsupported by
CodeQL Action versions 3.26.0 and later and versions 2.26.0 and later.
<a
href="https://redirect.github.com/github/codeql-action/pull/2375">#2375</a>
<ul>
<li>If you are using one of these versions, please update to CodeQL CLI
version 2.13.5 or later. For instance, if you have specified a custom
version of the CLI using the 'tools' input to the 'init' Action, you can
remove this input to use the default version.</li>
<li>Alternatively, if you want to continue using a version of the CodeQL
CLI between 2.12.6 and 2.13.4, you can replace
<code>github/codeql-action/*@v3</code> by
<code>github/codeql-action/*@v3.25.13</code> and
<code>github/codeql-action/*@v2</code> by
<code>github/codeql-action/*@v2.25.13</code> in your code scanning
workflow to ensure you continue using this version of the CodeQL
Action.</li>
</ul>
</li>
</ul>
<h2>3.25.12 - 12 Jul 2024</h2>
<ul>
<li>Improve the reliability and performance of analyzing code when
analyzing a compiled language with the <code>autobuild</code> <a
href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build
mode</a> on GitHub Enterprise Server. This feature is already available
to GitHub.com users. <a
href="https://redirect.github.com/github/codeql-action/pull/2353">#2353</a></li>
<li>Update default CodeQL bundle version to 2.18.0. <a
href="https://redirect.github.com/github/codeql-action/pull/2364">#2364</a></li>
</ul>
<h2>3.25.11 - 28 Jun 2024</h2>
<ul>
<li>Avoid failing the workflow run if there is an error while uploading
debug artifacts. <a
href="https://redirect.github.com/github/codeql-action/pull/2349">#2349</a></li>
<li>Update default CodeQL bundle version to 2.17.6. <a
href="https://redirect.github.com/github/codeql-action/pull/2352">#2352</a></li>
</ul>
<h2>3.25.10 - 13 Jun 2024</h2>
<ul>
<li>Update default CodeQL bundle version to 2.17.5. <a
href="https://redirect.github.com/github/codeql-action/pull/2327">#2327</a></li>
</ul>
<h2>3.25.9 - 12 Jun 2024</h2>
<ul>
<li>Avoid failing database creation if the database folder already
exists and contains some unexpected files. Requires CodeQL 2.18.0 or
higher. <a
href="https://redirect.github.com/github/codeql-action/pull/2330">#2330</a></li>
<li>The init Action will attempt to clean up the database cluster
directory before creating a new database and at the end of the job. This
will help to avoid issues where the database cluster directory is left
in an inconsistent state. <a
href="https://redirect.github.com/github/codeql-action/pull/2332">#2332</a></li>
</ul>
<h2>3.25.8 - 04 Jun 2024</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="eb055d739a"><code>eb055d7</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2410">#2410</a>
from github/update-v3.26.0-c24926b73</li>
<li><a
href="3884d04c11"><code>3884d04</code></a>
Update changelog for v3.26.0</li>
<li><a
href="c24926b734"><code>c24926b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2407">#2407</a>
from github/dependabot/npm_and_yarn/npm-7954a73ad2</li>
<li><a
href="68ba39bacf"><code>68ba39b</code></a>
Merge branch 'main' into dependabot/npm_and_yarn/npm-7954a73ad2</li>
<li><a
href="8dd1773467"><code>8dd1773</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2408">#2408</a>
from github/henrymercer/deprecate-codeql-2.13.4</li>
<li><a
href="441c9d90e4"><code>441c9d9</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2409">#2409</a>
from github/henrymercer/fix-required-checks</li>
<li><a
href="f03da13454"><code>f03da13</code></a>
Exclude push-only unit tests job from required PR checks script</li>
<li><a
href="29a5cfc75d"><code>29a5cfc</code></a>
Bump version to 3.26.0</li>
<li><a
href="9e440ad4c7"><code>9e440ad</code></a>
Add changelog note</li>
<li><a
href="136f5a589b"><code>136f5a5</code></a>
Add CodeQL v2.17.6 to default test versions</li>
<li>Additional commits viewable in <a
href="afb54ba388...eb055d739a">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=3.25.15&new-version=3.26.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-07 17:48:00 +10:00
dependabot[bot]
d2812bf898 Bump actions/upload-artifact from 4.3.4 to 4.3.5 (#2376) 2024-08-05 14:43:45 +05:30
dependabot[bot]
b6065c409e Bump github/codeql-action from 3.25.14 to 3.25.15 (#2369) 2024-07-29 14:31:39 +05:30
dependabot[bot]
e566321bc2 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (#2370) 2024-07-29 14:26:15 +05:30
dependabot[bot]
8f61fafa03 Bump github/codeql-action from 3.25.12 to 3.25.14 (#2367) 2024-07-26 08:27:26 -05:00
dependabot[bot]
89d5c287d1 Bump github/codeql-action from 3.25.11 to 3.25.12 (#2354) 2024-07-15 05:42:56 -05:00
dependabot[bot]
aed59c4e2d Bump actions/upload-artifact from 4.3.3 to 4.3.4 (#2348) 2024-07-08 14:02:42 -05:00
dependabot[bot]
48bd40d129 Bump github/codeql-action from 3.25.10 to 3.25.11 (#2341) 2024-07-01 02:06:30 -05:00