otp icon indicating copy to clipboard operation
otp copied to clipboard

Published 20 hours ago verified publisher icon erlang

chore(deps): update github-actions (maint-28)

Open renovate-bot opened this issue 5 months ago • 2 comments

This PR contains the following updates:

Package Type Update Change
EnricoMi/publish-unit-test-result-action action minor v2.19.0 -> v2.20.0
actions/attest-sbom action digest 115c3be -> bd218ad
erlef/setup-beam action minor v1.18.2 -> v1.20.1
github/codeql-action action minor v3.28.17 -> v3.29.1
google/osv-scanner-action action patch v2.0.2 -> v2.0.3
softprops/action-gh-release action minor v2.2.2 -> v2.3.2
vmactions/freebsd-vm action digest c3ae29a -> 966989c

Release Notes

EnricoMi/publish-unit-test-result-action (EnricoMi/publish-unit-test-result-action)

v2.20.0

Compare Source

Adds the following improvements:

  • Add action typing #​653
  • Isolate PIP cache used by composite actions #​668
  • Fix for empty <system-out> and <system-err> #​667
  • Deprecate github_token_actor option, auto-detect actor #​661
  • Use and recommend !cancelled() instead of always() #​659
  • Add deprecationMessage to action.yml for deprecated inputs (#​654)
  • Resolve regex library warnings #​660

Full Changelog: https://github.com/EnricoMi/publish-unit-test-result-action/compare/v2.19.0...v2.20.0

erlef/setup-beam (erlef/setup-beam)

v1.20.1

Compare Source

What's Changed

Full Changelog: https://github.com/erlef/setup-beam/compare/v1...v1.20.1

v1.20.0

Compare Source

What's Changed
@​dependabot
New Contributors

Full Changelog: https://github.com/erlef/setup-beam/compare/v1...v1.20.0

v1.19.0

Compare Source

What's Changed
New Contributors

Full Changelog: https://github.com/erlef/setup-beam/compare/v1.18.2...v1.19.0

github/codeql-action (github/codeql-action)

v3.29.1

Compare Source

v3.29.0

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.29.0 - 11 Jun 2025

  • Update default CodeQL bundle version to 2.22.0. #​2925
  • Bump minimum CodeQL bundle version to 2.16.6. #​2912

See the full CHANGELOG.md for more information.

v3.28.19

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.19 - 03 Jun 2025
  • The CodeQL Action no longer includes its own copy of the extractor for the actions language, which is currently in public preview. The actions extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the actions language and you have pinned your tools: property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable actions analysis.
  • Update default CodeQL bundle version to 2.21.4. #​2910

See the full CHANGELOG.md for more information.

v3.28.18

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.18 - 16 May 2025
  • Update default CodeQL bundle version to 2.21.3. #​2893
  • Skip validating SARIF produced by CodeQL for improved performance. #​2894
  • The number of threads and amount of RAM used by CodeQL can now be set via the CODEQL_THREADS and CODEQL_RAM runner environment variables. If set, these environment variables override the threads and ram inputs respectively. #​2891

See the full CHANGELOG.md for more information.

google/osv-scanner-action (google/osv-scanner-action)

v2.0.3

Compare Source

Update to use osv-scanner v2.0.3

Notable changes:

  • There's now a flag --allow-no-lockfiles you can pass to osv-scanner to avoid getting an error when running against a repo with no lockfiles.
  • We no longer ignore general errors when they occur on osv-scanner-action, and will fail the workflow (e.g. invalid flags passed in)
softprops/action-gh-release (softprops/action-gh-release)

v2.3.2

Compare Source

  • fix: revert fs readableWebStream change

v2.3.1

Compare Source

What's Changed

Bug fixes 🐛

New Contributors

Full Changelog: https://github.com/softprops/action-gh-release/compare/v2.3.0...v2.3.1

v2.3.0

Compare Source

  • Migrate from jest to vitest
  • Replace mime with mime-types
  • Bump to use node 24
  • Dependency updates

Full Changelog: https://github.com/softprops/action-gh-release/compare/v2.2.2...v2.3.0

Configuration

📅 Schedule: Branch creation - "after 2am on monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • [ ] If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

renovate-bot avatar Jun 17 '25 09:06 renovate-bot

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

CLAassistant avatar Jun 17 '25 09:06 CLAassistant

CT Test Results

  1 files   11 suites   3m 13s ⏱️  95 tests  91 ✅ 4 💤 0 ❌ 111 runs  107 ✅ 4 💤 0 ❌

Results for commit af5c446e.

:recycle: This comment has been updated with latest results.

To speed up review, make sure that you have read Contributing to Erlang/OTP and that all checks pass.

See the TESTING and DEVELOPMENT HowTo guides for details about how to run test locally.

Artifacts

// Erlang/OTP Github Action Bot

github-actions[bot] avatar Jun 17 '25 09:06 github-actions[bot]