cloudflare-ddns
cloudflare-ddns copied to clipboard
build(deps): bump the github-actions group across 1 directory with 6 updates
Bumps the github-actions group with 6 updates in the / directory:
Package | From | To |
---|---|---|
step-security/harden-runner | 2.7.0 |
2.7.1 |
actions/checkout | 4.1.3 |
4.1.4 |
actions/dependency-review-action | 4.2.5 |
4.3.2 |
actions/setup-go | 5.0.0 |
5.0.1 |
golangci/golangci-lint-action | 4.0.0 |
5.3.0 |
codecov/codecov-action | 4.3.0 |
4.3.1 |
Updates step-security/harden-runner
from 2.7.0 to 2.7.1
Release notes
Sourced from step-security/harden-runner's releases.
v2.7.1
What's Changed
Release v2.7.1 by
@​varunsh-coder
,@​h0x0er
,@​ashishkurmi
in step-security/harden-runner#397 This release:
- Improves the capability to inspect outbound HTTPS traffic on GitHub-hosted and self-hosted VM runners
- Updates README to add link to case study video on how Harden-Runner detected a supply chain attack on a Google open-source project
- Addresses minor bugs
Full Changelog: https://github.com/step-security/harden-runner/compare/v2.7.0...v2.7.1
Commits
Updates actions/checkout
from 4.1.3 to 4.1.4
Release notes
Sourced from actions/checkout's releases.
v4.1.4
What's Changed
- Disable
extensions.worktreeConfig
when disablingsparse-checkout
by@​jww3
in actions/checkout#1692- Add dependabot config by
@​cory-miller
in actions/checkout#1688- Bump word-wrap from 1.2.3 to 1.2.5 by
@​dependabot
in actions/checkout#1643- Bump the minor-actions-dependencies group with 2 updates by
@​dependabot
in actions/checkout#1693Full Changelog: https://github.com/actions/checkout/compare/v4.1.3...v4.1.4
Changelog
Sourced from actions/checkout's changelog.
Changelog
v4.1.4
- Disable
extensions.worktreeConfig
when disablingsparse-checkout
by@​jww3
in actions/checkout#1692- Add dependabot config by
@​cory-miller
in actions/checkout#1688- Bump the minor-actions-dependencies group with 2 updates by
@​dependabot
in actions/checkout#1693- Bump word-wrap from 1.2.3 to 1.2.5 by
@​dependabot
in actions/checkout#1643v4.1.3
- Check git version before attempting to disable
sparse-checkout
by@​jww3
in actions/checkout#1656- Add SSH user parameter by
@​cory-miller
in actions/checkout#1685- Update
actions/checkout
version inupdate-main-version.yml
by@​jww3
in actions/checkout#1650v4.1.2
- Fix: Disable sparse checkout whenever
sparse-checkout
option is not present@​dscho
in actions/checkout#1598v4.1.1
- Correct link to GitHub Docs by
@​peterbe
in actions/checkout#1511- Link to release page from what's new section by
@​cory-miller
in actions/checkout#1514v4.1.0
v4.0.0
v3.6.0
- Fix: Mark test scripts with Bash'isms to be run via Bash
- Add option to fetch tags even if fetch-depth > 0
v3.5.3
- Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in
- Fix typos found by codespell
- Add support for sparse checkouts
v3.5.2
v3.5.1
v3.5.0
v3.4.0
... (truncated)
Commits
0ad4b8f
Prep Release v4.1.4 (#1704)43045ae
Disableextensions.worktreeConfig
when disablingsparse-checkout
(#1692)37b0821
Bump the minor-actions-dependencies group with 2 updates (#1693)9839dc1
Add dependabot config (#1688)9b4c13b
Bump word-wrap from 1.2.3 to 1.2.5 (#1643)- See full diff in compare view
Updates actions/dependency-review-action
from 4.2.5 to 4.3.2
Release notes
Sourced from actions/dependency-review-action's releases.
v4.3.2
What's Changed
- Fix package-url parsing for allow-dependencies-licenses by
@​juxtin
in actions/dependency-review-action#761Full Changelog: https://github.com/actions/dependency-review-action/compare/v4.3.1...v4.3.2
v4.3.1
What's Changed
This release fixes some bugs related to package-url parsing that were introduced in 4.3.0. See actions/dependency-review-action#753.
Full Changelog: https://github.com/actions/dependency-review-action/compare/V4.3.0...v4.3.1
v4.3.0
New Features
- The
deny-packages
option can now be used without a version number to exclude all versions of a package.What's Changed
- Fix action variable name for scorecard by
@​lukehinds
in actions/dependency-review-action#735- Fix extra https:// in summary by
@​jhutchings1
in actions/dependency-review-action#748- Bump typescript from 5.3.3 to 5.4.5 by
@​dependabot
in actions/dependency-review-action#744- Bump eslint-plugin-github from 4.10.1 to 4.10.2 by
@​dependabot
in actions/dependency-review-action#737- Show denied packages with red X by
@​juxtin
in actions/dependency-review-action#750- deny-packages configuration option can deny specified version or all packages by
@​febuiles
and@​bteng22
in actions/dependency-review-action#733New Contributors
@​bteng22
made their first contribution in actions/dependency-review-action#733@​lukehinds
made their first contribution in actions/dependency-review-action#735Full Changelog: https://github.com/actions/dependency-review-action/compare/v4.2.5...V4.3.0
Commits
0c155c5
Merge pull request #762 from actions/juxtin/prepare-4.3.2f3dac32
Merge pull request #761 from actions/juxtin/fix-allow-dependencies-licensesd0d5cc3
Update version number to 4.3.249fbbe0
Fix package-url parsing for allow-dependencies-licensese58c696
Merge pull request #758 from actions/juxtin/prepare-4.3.19b7c72d
Change version to 4.3.17dcfabf
Merge pull request #753 from actions/juxtin/debug-purl5f0808f
Validate that deny-packages purls are completefcc66c2
Refine purl parsing and tests1dd418b
Basic tests for PURL validation in config- Additional commits viewable in compare view
Updates actions/setup-go
from 5.0.0 to 5.0.1
Release notes
Sourced from actions/setup-go's releases.
v5.0.1
What's Changed
- Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by
@​dependabot
,@​HarithaVattikuti
in actions/setup-go#465- Update documentation with latest V5 release notes by
@​ab
in actions/setup-go#459- Update version documentation by
@​178inaba
in actions/setup-go#458- Documentation update of
actions/setup-go
to v5 by@​chenrui333
in actions/setup-go#449New Contributors
@​ab
made their first contribution in actions/setup-go#459Full Changelog: https://github.com/actions/setup-go/compare/v5.0.0...v5.0.1
Commits
Updates golangci/golangci-lint-action
from 4.0.0 to 5.3.0
Release notes
Sourced from golangci/golangci-lint-action's releases.
v5.3.0
What's Changed
Changes
- feat: uses 2 dots compare syntax for push diff by
@​ldez
in golangci/golangci-lint-action#1030- feat: add option to control cache invalidation interval by
@​ldez
in golangci/golangci-lint-action#1031- feat: use OS and working-directory as cache key by
@​ldez
in golangci/golangci-lint-action#1032- feat: improve log about pwd/cwd by
@​ldez
in golangci/golangci-lint-action#1033Full Changelog: https://github.com/golangci/golangci-lint-action/compare/v5.2.0...v5.3.0
v5.2.0
What's Changed
Changes
Full Changelog: https://github.com/golangci/golangci-lint-action/compare/v5.1.0...v5.2.0
v5.1.0
What's Changed
Changes
- feat: support for
pull
andmerge_group
events with the optiononly-new-issues
by@​ldez
in golangci/golangci-lint-action#1029Dependencies
- build(deps-dev): bump
@​typescript-eslint/parser
from 7.7.0 to 7.7.1 by@​dependabot
in golangci/golangci-lint-action#1027- build(deps-dev): bump
@​typescript-eslint/eslint-plugin
from 7.7.0 to 7.7.1 by@​dependabot
in golangci/golangci-lint-action#1028Full Changelog: https://github.com/golangci/golangci-lint-action/compare/v5.0.0...v5.1.0
v5.0.0
What's Changed
skip-pkg-cache
andskip-build-cache
have been removed because the cache related to Go itself is already handled byactions/setup-go
.Changes
- feat: add support for pull_request_target and only-new-issues by
@​kovetskiy
in golangci/golangci-lint-action#506- feat: add option to not save cache by
@​navijation
in golangci/golangci-lint-action#851- feat: remove Go cache management by
@​ldez
in golangci/golangci-lint-action#1024New Contributors
@​kovetskiy
made their first contribution in golangci/golangci-lint-action#506
... (truncated)
Commits
38e1018
feat: improve log about pwd/cwd (#1033)21e9e6b
feat: use OS and working-directory as cache key (#1032)dbe4fc2
chore: use getBooleanInputdbb7ebc
feat: add option to control cache invalidation interval (#1031)ecb3292
feat: uses 2 dots compare syntax for push diff (#1030)046435d
doc: improve options documentationca8befd
doc: improve options documentationd9c9b53
chore: improve marketplace styleaebff4b
feat: add option to enable/disable annotations2bff406
doc: improve options documentation- Additional commits viewable in compare view
Updates codecov/codecov-action
from 4.3.0 to 4.3.1
Release notes
Sourced from codecov/codecov-action's releases.
v4.3.1
What's Changed
- build(deps-dev): bump typescript from 5.4.4 to 5.4.5 by
@​dependabot
in codecov/codecov-action#1370- fix: more verbose log message when failing to import pgp key by
@​ReenigneArcher
in codecov/codecov-action#1371- build(deps-dev): bump
@​typescript-eslint/eslint-plugin
from 7.6.0 to 7.7.0 by@​dependabot
in codecov/codecov-action#1374- build(deps-dev): bump
@​typescript-eslint/parser
from 7.6.0 to 7.7.0 by@​dependabot
in codecov/codecov-action#1375- build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by
@​dependabot
in codecov/codecov-action#1382- build(deps): bump github/codeql-action from 3.24.10 to 3.25.1 by
@​dependabot
in codecov/codecov-action#1381- build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.2 by
@​dependabot
in codecov/codecov-action#1380- build(deps-dev): bump
@​typescript-eslint/parser
from 7.7.0 to 7.7.1 by@​dependabot
in codecov/codecov-action#1384- build(deps-dev): bump
@​typescript-eslint/eslint-plugin
from 7.7.0 to 7.7.1 by@​dependabot
in codecov/codecov-action#1383- Update README.md to point to docs about tokenless by
@​rohan-at-sentry
in codecov/codecov-action#1395- build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 by
@​dependabot
in codecov/codecov-action#1393- build(deps): bump actions/checkout from 4.1.3 to 4.1.4 by
@​dependabot
in codecov/codecov-action#1392- build(deps): bump github/codeql-action from 3.25.1 to 3.25.3 by
@​dependabot
in codecov/codecov-action#1391- style: Node Packages by
@​marcobiedermann
in codecov/codecov-action#1394- build(deps-dev): bump
@​typescript-eslint/eslint-plugin
from 7.7.1 to 7.8.0 by@​dependabot
in codecov/codecov-action#1402- build(deps-dev): bump
@​typescript-eslint/parser
from 7.7.1 to 7.8.0 by@​dependabot
in codecov/codecov-action#1401- docs: Type Annotations by
@​marcobiedermann
in codecov/codecov-action#1397- docs: main branch by
@​marcobiedermann
in codecov/codecov-action#1396- fix: bypass token checks for forks and OIDC by
@​thomasrockhu-codecov
in codecov/codecov-action#1404- chore(release): 4.3.1. by
@​thomasrockhu-codecov
in codecov/codecov-action#1405New Contributors
@​ReenigneArcher
made their first contribution in codecov/codecov-action#1371@​rohan-at-sentry
made their first contribution in codecov/codecov-action#1395@​marcobiedermann
made their first contribution in codecov/codecov-action#1394Full Changelog: https://github.com/codecov/codecov-action/compare/v4.3.0...v4.3.1
Commits
5ecb98a
chore(release): 4.3.1. (#1405)5a299d1
fix: bypass token checks for forks and OIDC (#1404)dad251d
docs: main branch (#1396)e8bbe5f
docs: Type Annotations (#1397)a6fd87f
build(deps-dev): bump@​typescript-eslint/parser
from 7.7.1 to 7.8.0 (#1401)76c8cd6
build(deps-dev): bump@​typescript-eslint/eslint-plugin
from 7.7.1 to 7.8.0 (#...1290bdd
style: Node Packages (#1394)951ef79
build(deps): bump github/codeql-action from 3.25.1 to 3.25.3 (#1391)bb71c1b
build(deps): bump actions/checkout from 4.1.3 to 4.1.4 (#1392)acc5d43
build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 (#1393)- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase
.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebase
will rebase this PR -
@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it -
@dependabot merge
will merge this PR after your CI passes on it -
@dependabot squash and merge
will squash and merge this PR after your CI passes on it -
@dependabot cancel merge
will cancel a previously requested merge and block automerging -
@dependabot reopen
will reopen this PR if it is closed -
@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency -
@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) -
@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) -
@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) -
@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency -
@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditions
Codecov Report
All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 88.49%. Comparing base (
d599a88
) to head (a49228b
).
Additional details and impacted files
@@ Coverage Diff @@
## main #742 +/- ##
=======================================
Coverage 88.49% 88.49%
=======================================
Files 48 48
Lines 1990 1990
=======================================
Hits 1761 1761
Misses 208 208
Partials 21 21
Flag | Coverage Δ | |
---|---|---|
unittests | 88.49% <ø> (ø) |
Flags with carried forward coverage won't be shown. Click here to find out more.
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
Looks like these dependencies are updatable in another way, so this is no longer needed.