fluxcd
build(deps): bump the ci group across 1 directory with 3 updates
Bumps the ci group with 3 updates in the / directory: actions/checkout, helm/kind-action and sigstore/cosign-installer.
Updates actions/checkout from 5 to 6
Release notes
Sourced from actions/checkout's releases.
v6.0.0
What's Changed
- Update README to include Node.js 24 support details and requirements by
@salmanmkcin actions/checkout#2248- Persist creds to a separate file by
@ericsciplein actions/checkout#2286- v6-beta by
@ericsciplein actions/checkout#2298- update readme/changelog for v6 by
@ericsciplein actions/checkout#2311Full Changelog: https://github.com/actions/checkout/compare/v5.0.0...v6.0.0
v6-beta
What's Changed
Updated persist-credentials to store the credentials under
$RUNNER_TEMPinstead of directly in the local git config.This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.
v5.0.1
What's Changed
- Port v6 cleanup to v5 by
@ericsciplein actions/checkout#2301Full Changelog: https://github.com/actions/checkout/compare/v5...v5.0.1
Changelog
Sourced from actions/checkout's changelog.
Changelog
V6.0.0
- Persist creds to a separate file by
@ericsciplein actions/checkout#2286- Update README to include Node.js 24 support details and requirements by
@salmanmkcin actions/checkout#2248V5.0.1
- Port v6 cleanup to v5 by
@ericsciplein actions/checkout#2301V5.0.0
- Update actions checkout to use node 24 by
@salmanmkcin actions/checkout#2226V4.3.1
- Port v6 cleanup to v4 by
@ericsciplein actions/checkout#2305V4.3.0
- docs: update README.md by
@motssin actions/checkout#1971- Add internal repos for checking out multiple repositories by
@mouismailin actions/checkout#1977- Documentation update - add recommended permissions to Readme by
@benwellsin actions/checkout#2043- Adjust positioning of user email note and permissions heading by
@joshmgrossin actions/checkout#2044- Update README.md by
@nebuk89in actions/checkout#2194- Update CODEOWNERS for actions by
@TingluoHuangin actions/checkout#2224- Update package dependencies by
@salmanmkcin actions/checkout#2236v4.2.2
url-helper.tsnow leverages well-known environment variables by@jww3in actions/checkout#1941- Expand unit test coverage for
isGhesby@jww3in actions/checkout#1946v4.2.1
- Check out other refs/* by commit if provided, fall back to ref by
@orhantoyin actions/checkout#1924v4.2.0
- Add Ref and Commit outputs by
@lucacomein actions/checkout#1180- Dependency updates by
@dependabot- actions/checkout#1777, actions/checkout#1872v4.1.7
- Bump the minor-npm-dependencies group across 1 directory with 4 updates by
@dependabotin actions/checkout#1739- Bump actions/checkout from 3 to 4 by
@dependabotin actions/checkout#1697- Check out other refs/* by commit by
@orhantoyin actions/checkout#1774- Pin actions/checkout's own workflows to a known, good, stable version. by
@jww3in actions/checkout#1776v4.1.6
- Check platform to set archive extension appropriately by
@cory-millerin actions/checkout#1732v4.1.5
- Update NPM dependencies by
@cory-millerin actions/checkout#1703- Bump github/codeql-action from 2 to 3 by
@dependabotin actions/checkout#1694- Bump actions/setup-node from 1 to 4 by
@dependabotin actions/checkout#1696- Bump actions/upload-artifact from 2 to 4 by
@dependabotin actions/checkout#1695
... (truncated)
Commits
Updates helm/kind-action from 1.12.0 to 1.13.0
Release notes
Sourced from helm/kind-action's releases.
v1.13.0
What's Changed
- chore: verify sha256sum of kubectl by
@felix-kaestnerin helm/kind-action#134- Load GITHUB_PATH in PATH to use correct binaries when creating registry by
@gothain helm/kind-action#133- feat: Add cloud provider by
@waltermityin helm/kind-action#135- chore: bump kind to v0.29.0 by
@pmalekin helm/kind-action#144- Bump actions/checkout from 4.2.2 to 5.0.0 by
@dependabot[bot] in helm/kind-action#145- bug: respect 'install_only' action input value by
@mszostokin helm/kind-action#147- bump kind and kubectl and also nodejs by
@cpanatoin helm/kind-action#150New Contributors
@felix-kaestnermade their first contribution in helm/kind-action#134@gothamade their first contribution in helm/kind-action#133@waltermitymade their first contribution in helm/kind-action#135@pmalekmade their first contribution in helm/kind-action#144@mszostokmade their first contribution in helm/kind-action#147Full Changelog: https://github.com/helm/kind-action/compare/v1...v1.13.0
Commits
92086f6bump kind and kubectl and also nodejs (#150)7cd7463bug: respect 'install_only' action input value (#147)50ea670Bump actions/checkout from 4.2.2 to 5.0.0 (#145)b72c923chore: bump kind to v0.29.0 (#144)d4887beAdd cloud provider (#135)d730aafLoad GITHUB_PATH in PATH to use correct binaries when creating registry (#133)a6dfd81chore: verify sha256sum of kubectl (#134)- See full diff in compare view
Updates sigstore/cosign-installer from 3.10.0 to 4.0.0
Release notes
Sourced from sigstore/cosign-installer's releases.
v4.0.0
What's Changed?
Note: You must upgrade to cosign-installer v4 if you want to install Cosign v3+. You may still install Cosign v2.x with cosign-installer v4.
In version v3+, using
cosign sign-blobrequires adding the--bundleflag which may require you to update your signing command.
- Add support for Cosign v3 releases (#201)
v3.10.1
What's Changed?
Note: cosign-installer v3.x cannot be used to install Cosign v3.x. You must upgrade to cosign-installer v4 in order to use Cosign v3.
Note: This is planned to be the final release of Cosign v2, though we will cut new releases for any critical security or bug fixes. We recommend transitioning to Cosign v3.
- Bump default Cosign to v2.6.1 (#203)
Commits
faadad0add support for cosign v3 releases (#201)- See full diff in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
-
@dependabot rebasewill rebase this PR -
@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it -
@dependabot mergewill merge this PR after your CI passes on it -
@dependabot squash and mergewill squash and merge this PR after your CI passes on it -
@dependabot cancel mergewill cancel a previously requested merge and block automerging -
@dependabot reopenwill reopen this PR if it is closed -
@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually -
@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency -
@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) -
@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) -
@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) -
@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency -
@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}