Automattic
Bump ramsey/composer-install from 2.2.0 to 3.0.0
Bumps ramsey/composer-install from 2.2.0 to 3.0.0.
Release notes
Sourced from ramsey/composer-install's releases.
3.0.0
Changed
Update actions/cache to v4 to avoid deprecation notices.
This requires a new major version because actions/cache requires Node.js 20, which could cause backwards-compatibility breaks for any projects that require earlier versions of Node.js.
For more details, see the discussion on #252.
2.3.1
Fixed
- Removed upgrade to cache action runner v4 to avoid potential backwards-compatibility issues that might arise when using self-hosted runners that use Node.js 16 instead of version 20. For more details, see the discussion here: #252.
To avoid the actions/cache deprecation notices, upgrade to
@v3or@3.0.0.2.3.0
Added
- Add new
require-lock-fileinput that forces a build failure if acomposer.lockfile is not present. (#251)Fixed
- Add
--working-dirwhen looking up Composer's cache directory. This fixes "Filecomposer.jsoncould not be found in the current directory" errors when runningcomposer installin sub-directories or other non-standard locations. (#225, #233, #246, #247)- Update cache action runner to v4 to avoid deprecation notices. (#252, #253, #254)
Commits
57532f8Update cache action runner (#252)1919f6cRevert "Update cache action runner (#252)"338f10edocs: bump versions for example (#255)c58cccfchore: Bump codecov/codecov-action from 3 to 4 (#256)b231af5Add require lock file input parameter (#251)c8eb880chore: Bump actions/checkout from 3 to 4 (#248)0b4a7feUpdate cache action runner (#252)c49029aFix finding composer cache dir (#233)12e7194chore: update Ruby version for code coverage job3bbf937fix: build status badge (#243)- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}
Quality Gate passed
Issues
0 New issues
0 Accepted issues
Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code
See analysis details on SonarCloud
![sonarqubecloud[bot] avatar](https://avatars.githubusercontent.com/in/12526?v=4 "Published by a pub.dev verified publisher"){kind=small}