apm-agent-php icon indicating copy to clipboard operation
apm-agent-php copied to clipboard
verified publisher icon elastic

Bump the github-actions group with 4 updates

Open dependabot[bot] opened this issue 1 year ago • 1 comments

Bumps the github-actions group with 4 updates: actions/download-artifact, hashicorp/vault-action, google-github-actions/auth and google-github-actions/upload-cloud-storage.

Updates actions/download-artifact from 3 to 4

Release notes

Sourced from actions/download-artifact's releases.

v4.0.0

What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.

ℹ️ However, this is a major update that includes breaking changes. Artifacts created with versions v3 and below are not compatible with the v4 actions. Uploads and downloads must use the same major actions versions. There are also key differences from previous versions that may require updates to your workflows.

For more information, please see:

  1. The changelog post.
  2. The README.
  3. The migration documentation.
  4. As well as the underlying npm package, @​actions/artifact documentation.

New Contributors

Full Changelog: https://github.com/actions/download-artifact/compare/v3...v4.0.0

v3.0.2

  • Bump @actions/artifact to v1.1.1 - actions/download-artifact#195
  • Fixed a bug in Node16 where if an HTTP download finished too quickly (<1ms, e.g. when it's mocked) we attempt to delete a temp file that has not been created yet actions/toolkit#1278

v3.0.1

Commits
  • eaceaf8 Merge pull request #291 from actions/eggyhead/update-artifact-v2.1.1
  • 81eafdc update artifact license
  • 9ac5cad updating artifact dependency to version 2.1.1
  • 3ad8411 Merge pull request #287 from actions/robherley/sync-migration-docs
  • 1de4643 Sync migration docs with upload-artifact
  • bb3fa7f Merge pull request #275 from actions/robherley/better-log-msgs
  • a244de5 ncc
  • 355659b clarify log messages when using pattern/merge-multiple params
  • 6b208ae Merge pull request #274 from actions/vmjoseph/timeout-patch
  • 6c5b580 only adding updated license
  • Additional commits viewable in compare view

Updates hashicorp/vault-action from 2.7.4 to 3.0.0

Release notes

Sourced from hashicorp/vault-action's releases.

v3.0.0

3.0.0 (February 15, 2024)

Improvements:

  • Bump node runtime from node16 to node20 GH-528

v2.8.1

2.8.1 (February 15, 2024)

Bugs:

  • Revert GH-509 which made a backwards incompatible bump of the node runtime from node16 to node20 GH-527

v2.8.0

2.8.0 (February 1, 2024)

Features:

  • Add ignoreNotFound input (default: false) to prevent the action from failing when a secret does not exist GH-518

Improvements:

  • bump jsrsasign from 10.8.6 to 11.0.0 GH-513
  • bump @​actions/core from 1.10.0 to 1.10.1 GH-489
  • bump jest-when from 3.5.2 to 3.6.0 GH-484
  • bump jest from 29.5.0 to 29.7.0 GH-490
  • bump @​vercel/ncc from 0.36.1 to 0.38.1 GH-503

v2.7.5

2.7.5 (January 30, 2024)

Improvements:

  • Bump node runtime from node16 to node20 GH-509
  • Bump got from 11.8.5 to 11.8.6 GH-492
Changelog

Sourced from hashicorp/vault-action's changelog.

3.0.0 (February 15, 2024)

Improvements:

  • Bump node runtime from node16 to node20 GH-529

2.8.1 (February 15, 2024)

Bugs:

  • Revert GH-509 which made a backwards incompatible bump of the node runtime from node16 to node20 GH-527

2.8.0 (February 1, 2024)

Features:

  • Add ignoreNotFound input (default: false) to prevent the action from failing when a secret does not exist GH-518

Improvements:

  • bump jsrsasign from 10.8.6 to 11.0.0 GH-513
  • bump @​actions/core from 1.10.0 to 1.10.1 GH-489
  • bump jest-when from 3.5.2 to 3.6.0 GH-484
  • bump jest from 29.5.0 to 29.7.0 GH-490
  • bump @​vercel/ncc from 0.36.1 to 0.38.1 GH-503

2.7.5 (January 30, 2024)

Improvements:

  • Bump node runtime from node16 to node20 GH-509
  • Bump got from 11.8.5 to 11.8.6 GH-492
Commits

Updates google-github-actions/auth from 1 to 2

Release notes

Sourced from google-github-actions/auth's releases.

v2

Floating v2 alias

v1.3.0

What's Changed

Full Changelog: https://github.com/google-github-actions/auth/compare/v1...v1.3.0

v1.2.0

⚠️ This version requires Node 20 or later on the runner! If you are using GitHub-managed runners, no action is needed. If you are using self-hosted runners, make sure the system version of Node is version 20 or higher. Reverted based on community feedback.

What's Changed

New Contributors

Full Changelog: https://github.com/google-github-actions/auth/compare/v1...v1.2.0

v1.1.1

What's Changed

Full Changelog: https://github.com/google-github-actions/auth/compare/v1.1.0...v1.1.1

v1.1.0

What's Changed

... (truncated)

Commits

Updates google-github-actions/upload-cloud-storage from 1 to 2

Release notes

Sourced from google-github-actions/upload-cloud-storage's releases.

v2

Floating v2 alias

v1.0.3

What's Changed

Full Changelog: https://github.com/google-github-actions/upload-cloud-storage/compare/v1.0.2...v1.0.3

v1.0.2

What's Changed

Full Changelog: https://github.com/google-github-actions/upload-cloud-storage/compare/v1.0.1...v1.0.2

v1.0.1

What's Changed

New Contributors

Full Changelog: https://github.com/google-github-actions/upload-cloud-storage/compare/v1.0.0...v1.0.1

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

dependabot[bot] avatar Feb 18 '24 22:02 dependabot[bot]

@dependabot ignore actions/download-artifact ignore major

v1v avatar Feb 19 '24 11:02 v1v

@dependabot ignore actions/upload-artifact major version

reakaleek avatar Mar 18 '24 12:03 reakaleek

@dependabot ignore actions/download-artifact major version

reakaleek avatar Mar 18 '24 12:03 reakaleek

OK, I won't notify you about version 4.x.x of actions/download-artifact again, unless you unignore it.

dependabot[bot] avatar Mar 18 '24 12:03 dependabot[bot]

OK, I won't notify you about version 4.x.x of actions/download-artifact again, unless you unignore it.

dependabot[bot] avatar Mar 18 '24 12:03 dependabot[bot]

@dependabot recreate

reakaleek avatar Mar 18 '24 12:03 reakaleek

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot[bot] avatar Mar 18 '24 12:03 dependabot[bot]