bufbuild/buf
1
0
Fork 0
mirror of https://github.com/bufbuild/buf.git synced 2026-04-07 20:58:42 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,037 Commits 49 Branches 186 Tags
protosourcepath
Commit Graph

245 Commits

Author SHA1 Message Date
Edward McFarlane
7adb2a0b58 Bump buf-action CI from 0.1 to 0.2 (#3134) 2024-07-06 13:25:24 -04:00
Edward McFarlane
0a636a040a Use buf-action in CI (#3071) 
This PR updates CI to use the new `buf-action` replacing `buf-setup`,
`buf-lint`, `buf-breaking` and `buf-push` unifying these tasks as one.
The new behaviour is as follows:
- On pull requests: run build, lint, format and breaking change
detection checks.
- On push: build and then push the changes of the latest commit with the
label of the current branch (e.g. main).
- On delete: archive the label associated with the delete (e.g. the
branch name of the PR).

Changes in behaviour:
- Checks no longer block pushes of commits to the BSR.
- Formatting check has been added in addition to lint and breaking.
 2024-06-27 14:58:26 -04:00
dependabot[bot]
9aca8b21a8 Bump docker/build-push-action from 5 to 6 (#3108) 
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 5 to 6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.0</h2>
<ul>
<li>Export build record and generate <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/">build
summary</a> by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1120">docker/build-push-action#1120</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.24.0 to 0.26.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1132">docker/build-push-action#1132</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1136">docker/build-push-action#1136</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1138">docker/build-push-action#1138</a></li>
<li>Bump braces from 3.0.2 to 3.0.3 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1137">docker/build-push-action#1137</a></li>
</ul>
<blockquote>
<p>[!NOTE]
This major release adds support for generating <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/">Build
summary</a> and exporting build record for your build. You can disable
this feature by setting <a
href="https://docs.docker.com/build/ci/github-actions/build-summary/#disable-job-summary">
<code>DOCKER_BUILD_NO_SUMMARY: true</code> environment variable in your
workflow</a>.</p>
</blockquote>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.4.0...v6.0.0">https://github.com/docker/build-push-action/compare/v5.4.0...v6.0.0</a></p>
<h2>v5.4.0</h2>
<ul>
<li>Show builder information before building by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1128">docker/build-push-action#1128</a></li>
<li>Handle attestations correctly with provenance and sbom inputs by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1086">docker/build-push-action#1086</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.19.0 to 0.24.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1088">docker/build-push-action#1088</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1105">docker/build-push-action#1105</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1121">docker/build-push-action#1121</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1127">docker/build-push-action#1127</a></li>
<li>Bump undici from 5.28.3 to 5.28.4 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1090">docker/build-push-action#1090</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0">https://github.com/docker/build-push-action/compare/v5.3.0...v5.4.0</a></p>
<h2>v5.3.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.18.0 to 0.19.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1080">docker/build-push-action#1080</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0">https://github.com/docker/build-push-action/compare/v5.2.0...v5.3.0</a></p>
<h2>v5.2.0</h2>
<ul>
<li>Disable quotes detection for <code>outputs</code> input by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1074">docker/build-push-action#1074</a></li>
<li>Warn about ignored inputs by <a
href="https://github.com/favonia"><code>@​favonia</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/1019">docker/build-push-action#1019</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.14.0 to 0.18.0 in
<a
href="https://redirect.github.com/docker/build-push-action/pull/1070">docker/build-push-action#1070</a></li>
<li>Bump undici from 5.26.3 to 5.28.3 in <a
href="https://redirect.github.com/docker/build-push-action/pull/1057">docker/build-push-action#1057</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0">https://github.com/docker/build-push-action/compare/v5.1.0...v5.2.0</a></p>
<h2>v5.1.0</h2>
<ul>
<li>Add <code>annotations</code> input by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/992">docker/build-push-action#992</a></li>
<li>Add <code>secret-envs</code> input by <a
href="https://github.com/elias-lundgren"><code>@​elias-lundgren</code></a>
in <a
href="https://redirect.github.com/docker/build-push-action/pull/980">docker/build-push-action#980</a></li>
<li>Bump <code>@​babel/traverse</code> from 7.17.3 to 7.23.2 in <a
href="https://redirect.github.com/docker/build-push-action/pull/991">docker/build-push-action#991</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.13.0-rc.1 to
0.14.0 in <a
href="https://redirect.github.com/docker/build-push-action/pull/990">docker/build-push-action#990</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/1006">docker/build-push-action#1006</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0">https://github.com/docker/build-push-action/compare/v5.0.0...v5.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="31159d49c0"><code>31159d4</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1149">#1149</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="07e1c3e148"><code>07e1c3e</code></a>
chore: update generated content</li>
<li><a
href="f7febd621d"><code>f7febd6</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.26.2 to
0.27.0</li>
<li><a
href="f6010ea701"><code>f6010ea</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1147">#1147</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="c0a6b9680f"><code>c0a6b96</code></a>
chore: update generated content</li>
<li><a
href="0dfe9c3d41"><code>0dfe9c3</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.26.1 to
0.26.2</li>
<li><a
href="94f8f8c2ee"><code>94f8f8c</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1142">#1142</a>
from docker/dependabot/npm_and_yarn/docker/actions-t...</li>
<li><a
href="22f4433c58"><code>22f4433</code></a>
chore: update generated content</li>
<li><a
href="6721c56015"><code>6721c56</code></a>
chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.26.0 to
0.26.1</li>
<li><a
href="4367da978b"><code>4367da9</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/1140">#1140</a>
from docker/dependabot/github_actions/docker/bake-ac...</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/build-push-action/compare/v5...v6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=5&new-version=6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-24 11:41:04 -04:00
dependabot[bot]
69fdbd54bc Bump bufbuild/buf-setup-action from 1.33.0 to 1.34.0 (#3109) 
Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.33.0 to 1.34.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.34.0</h2>
<p>Release v1.34.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="35c243d7f2"><code>35c243d</code></a>
Release v1.34.0 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/213">#213</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.33.0...v1.34.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.33.0&new-version=1.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-24 11:40:39 -04:00
dependabot[bot]
6cdc86055a Bump bufbuild/buf-setup-action from 1.32.2 to 1.33.0 (#3088) 
Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.32.2 to 1.33.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.33.0</h2>
<p>Release v1.33.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="59e8ac0671"><code>59e8ac0</code></a>
Release v1.33.0 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/212">#212</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.32.2...v1.33.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.32.2&new-version=1.33.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-18 13:24:25 -04:00
bufdev
fc8e51c70c Fix other issue template (#3097) 2024-06-18 12:35:41 -04:00
bufdev
f634e4c931 Add reproduction comments to other template (#3096) 2024-06-18 12:33:53 -04:00
bufdev
db212a0a90 Update GitHub issue templates (#3055) 2024-06-06 14:06:31 -04:00
bufdev
5c075aa689 More issue template updates (#3054) 2024-06-06 13:52:20 -04:00
bufdev
7f01bb993c Add GitHub issue templates (#3053) 2024-06-06 13:47:42 -04:00
dependabot[bot]
3afe8da7c3 Bump bufbuild/buf-setup-action from 1.32.1 to 1.32.2 (#3042) 2024-06-03 08:54:41 -04:00
dependabot[bot]
bf540233b9 Bump bufbuild/buf-setup-action from 1.32.0 to 1.32.1 (#3017) 
Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.32.0 to 1.32.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.32.1</h2>
<p>Release v1.32.1</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f0475db2e1"><code>f0475db</code></a>
Release v1.32.1 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/209">#209</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.32.0...v1.32.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.32.0&new-version=1.32.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-27 14:36:04 -04:00
dependabot[bot]
d6d4b9c75f Bump bufbuild/buf-setup-action from 1.32.0.pre.beta.1 to 1.32.0 (#2992) 
Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.32.0.pre.beta.1 to 1.32.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.32.0</h2>
<p>Release v1.32.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f1331ea1d3"><code>f1331ea</code></a>
Release v1.32.0 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/208">#208</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.32.0-beta.1...v1.32.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.32.0.pre.beta.1&new-version=1.32.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-22 12:16:21 -04:00
Philip K. Warren
ded6923b89 Update previous workflow to build 1.20.x (#2964) 
Ensure we run the previous build workflow on all supported older
versions of Go. Fix use of newer tls.VersionName function introduced in
Go 1.21 behind a build constraint.
 2024-05-10 13:15:06 -05:00
Sam Small
d34a269c5b Merge main into dev (#2959) 
Co-authored-by: buf-release-bot[bot] <116301919+buf-release-bot[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Stefan VanBuren <svanburen@buf.build>
 2024-05-08 16:14:03 -04:00
bufdev
cd7ea9a85b Merge the next generation of the Buf CLI into dev (#2907) 2024-04-23 09:38:14 -07:00
dependabot[bot]
e9aaa1b575 Bump bufbuild/buf-setup-action from 1.30.0 to 1.30.1 (#2878) 
Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.30.0 to 1.30.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.30.1</h2>
<p>Release v1.30.1</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9990c72db0"><code>9990c72</code></a>
Release v1.30.1 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/200">#200</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.30.0...v1.30.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.30.0&new-version=1.30.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-08 20:37:06 +02:00
dependabot[bot]
022aa2c353 Bump bufbuild/buf-breaking-action from 1.1.3 to 1.1.4 (#2856) 2024-04-01 15:39:46 +02:00
dependabot[bot]
1fe6332c79 Bump bufbuild/buf-lint-action from 1.1.0 to 1.1.1 (#2855) 2024-04-01 15:39:29 +02:00
Edward McFarlane
01904496c5 Create workflow for make upgrade (#2823) 2024-03-22 22:04:13 +01:00
dependabot[bot]
3067dcefb4 Bump bufbuild/buf-setup-action from 1.29.0 to 1.30.0 (#2811) 
Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.29.0 to 1.30.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.30.0</h2>
<p>Release v1.30.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="517ee23296"><code>517ee23</code></a>
Release v1.30.0 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/195">#195</a>)</li>
<li><a
href="5e2ef857fc"><code>5e2ef85</code></a>
Check action bundles buf correctly (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/190">#190</a>)</li>
<li><a
href="46a2967ea5"><code>46a2967</code></a>
Correct buf CLI version (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/189">#189</a>)</li>
<li><a
href="ba063e7e02"><code>ba063e7</code></a>
Release v1.29.0-1 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/187">#187</a>)</li>
<li><a
href="abf079cff7"><code>abf079c</code></a>
Upgrade dependencies and node v20 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/185">#185</a>)</li>
<li><a
href="71c62afa85"><code>71c62af</code></a>
Create add-to-project workflow (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/184">#184</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.29.0...v1.30.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.29.0&new-version=1.30.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-11 11:24:50 -04:00
Chris Pine
237e959467 Create add-to-project workflow (#2769) 
Creates GitHub workflow to add new issues/PRs to the project board,
using the existing shared workflow. We first tested this in
https://github.com/bufbuild/knit/pull/28
 2024-02-13 14:15:58 -08:00
bufdev
c1f813ce07 Update to use Golang 1.22 and drop Golang 1.19 support (#2754) 
Co-authored-by: John Chadwick <jchadwick@buf.build>
 2024-02-07 15:52:28 -05:00
Philip K. Warren
c1e364e0f1 Add standard opencontainers labels to Docker images (#2750) 2024-02-02 18:47:43 -05:00
jchadwick-buf
e69a37dd23 Improvements to Docker tagging set up (#2744) 2024-02-02 14:25:40 -05:00
bufdev
e8ea03bc93 Add make bufbinarysize and buf-binary-size GitHub Actions job (#2748) 2024-02-02 13:34:11 -05:00
dependabot[bot]
f36e27a888 Bump bufbuild/buf-setup-action from 1.28.1 to 1.29.0 (#2742) 
Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.28.1 to 1.29.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.29.0</h2>
<p>Release v1.29.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="88db93f5d7"><code>88db93f</code></a>
Release v1.29.0 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/181">#181</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.28.1...v1.29.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.28.1&new-version=1.29.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-02 11:16:56 -05:00
dependabot[bot]
79fb9fa7e0 Bump actions/cache from 3 to 4 (#2718) 
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update action to node20 by <a
href="https://github.com/takost"><code>@​takost</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1284">actions/cache#1284</a></li>
<li>feat: save-always flag by <a
href="https://github.com/to-s"><code>@​to-s</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1242">actions/cache#1242</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/takost"><code>@​takost</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1284">actions/cache#1284</a></li>
<li><a href="https://github.com/to-s"><code>@​to-s</code></a> made their
first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1242">actions/cache#1242</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v4.0.0">https://github.com/actions/cache/compare/v3...v4.0.0</a></p>
<h2>v3.3.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Cache v3.3.3 by <a
href="https://github.com/robherley"><code>@​robherley</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1302">actions/cache#1302</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/robherley"><code>@​robherley</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1302">actions/cache#1302</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v3.3.3">https://github.com/actions/cache/compare/v3...v3.3.3</a></p>
<h2>v3.3.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Fixed readme with new segment timeout values by <a
href="https://github.com/kotewar"><code>@​kotewar</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1133">actions/cache#1133</a></li>
<li>Readme fixes by <a
href="https://github.com/kotewar"><code>@​kotewar</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1134">actions/cache#1134</a></li>
<li>Updated description of the lookup-only input for main action by <a
href="https://github.com/kotewar"><code>@​kotewar</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1130">actions/cache#1130</a></li>
<li>Change two new actions mention as quoted text by <a
href="https://github.com/bishal-pdMSFT"><code>@​bishal-pdMSFT</code></a>
in <a
href="https://redirect.github.com/actions/cache/pull/1131">actions/cache#1131</a></li>
<li>Update Cross-OS Caching tips by <a
href="https://github.com/pdotl"><code>@​pdotl</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1122">actions/cache#1122</a></li>
<li>Bazel example (Take <a
href="https://redirect.github.com/actions/cache/issues/2">#2</a>️⃣) by
<a href="https://github.com/vorburger"><code>@​vorburger</code></a> in
<a
href="https://redirect.github.com/actions/cache/pull/1132">actions/cache#1132</a></li>
<li>Remove actions to add new PRs and issues to a project board by <a
href="https://github.com/jorendorff"><code>@​jorendorff</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1187">actions/cache#1187</a></li>
<li>Consume latest toolkit and fix dangling promise bug by <a
href="https://github.com/chkimes"><code>@​chkimes</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1217">actions/cache#1217</a></li>
<li>Bump action version to 3.3.2 by <a
href="https://github.com/bethanyj28"><code>@​bethanyj28</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1236">actions/cache#1236</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/vorburger"><code>@​vorburger</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1132">actions/cache#1132</a></li>
<li><a
href="https://github.com/jorendorff"><code>@​jorendorff</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1187">actions/cache#1187</a></li>
<li><a href="https://github.com/chkimes"><code>@​chkimes</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1217">actions/cache#1217</a></li>
<li><a
href="https://github.com/bethanyj28"><code>@​bethanyj28</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1236">actions/cache#1236</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v3.3.2">https://github.com/actions/cache/compare/v3...v3.3.2</a></p>
<h2>v3.3.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Reduced download segment size to 128 MB and timeout to 10 minutes by
<a href="https://github.com/kotewar"><code>@​kotewar</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1129">actions/cache#1129</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v3...v3.3.1">https://github.com/actions/cache/compare/v3...v3.3.1</a></p>
<h2>v3.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bug: Permission is missing in cache delete example by <a
href="https://github.com/kotokaze"><code>@​kotokaze</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1123">actions/cache#1123</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>3.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -&gt; node
16</li>
</ul>
<h3>3.0.1</h3>
<ul>
<li>Added support for caching from GHES 3.5.</li>
<li>Fixed download issue for files &gt; 2GB during restore.</li>
</ul>
<h3>3.0.2</h3>
<ul>
<li>Added support for dynamic cache size cap on GHES.</li>
</ul>
<h3>3.0.3</h3>
<ul>
<li>Fixed avoiding empty cache save when no files are available for
caching. (<a
href="https://redirect.github.com/actions/cache/issues/624">issue</a>)</li>
</ul>
<h3>3.0.4</h3>
<ul>
<li>Fixed tar creation error while trying to create tar with path as
<code>~/</code> home folder on <code>ubuntu-latest</code>. (<a
href="https://redirect.github.com/actions/cache/issues/689">issue</a>)</li>
</ul>
<h3>3.0.5</h3>
<ul>
<li>Removed error handling by consuming actions/cache 3.0 toolkit, Now
cache server error handling will be done by toolkit. (<a
href="https://redirect.github.com/actions/cache/pull/834">PR</a>)</li>
</ul>
<h3>3.0.6</h3>
<ul>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/809">#809</a> -
zstd -d: no such file or directory error</li>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/833">#833</a> -
cache doesn't work with github workspace directory</li>
</ul>
<h3>3.0.7</h3>
<ul>
<li>Fixed <a
href="https://redirect.github.com/actions/cache/issues/810">#810</a> -
download stuck issue. A new timeout is introduced in the download
process to abort the download if it gets stuck and doesn't finish within
an hour.</li>
</ul>
<h3>3.0.8</h3>
<ul>
<li>Fix zstd not working for windows on gnu tar in issues <a
href="https://redirect.github.com/actions/cache/issues/888">#888</a> and
<a
href="https://redirect.github.com/actions/cache/issues/891">#891</a>.</li>
<li>Allowing users to provide a custom timeout as input for aborting
download of a cache segment using an environment variable
<code>SEGMENT_DOWNLOAD_TIMEOUT_MINS</code>. Default is 60 minutes.</li>
</ul>
<h3>3.0.9</h3>
<ul>
<li>Enhanced the warning message for cache unavailablity in case of
GHES.</li>
</ul>
<h3>3.0.10</h3>
<ul>
<li>Fix a bug with sorting inputs.</li>
<li>Update definition for restore-keys in README.md</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="13aacd865c"><code>13aacd8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1242">#1242</a>
from to-s/main</li>
<li><a
href="53b35c5439"><code>53b35c5</code></a>
Merge branch 'main' into main</li>
<li><a
href="65b8989fab"><code>65b8989</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1284">#1284</a>
from takost/update-to-node-20</li>
<li><a
href="d0be34d544"><code>d0be34d</code></a>
Fix dist</li>
<li><a
href="66cf064d47"><code>66cf064</code></a>
Merge branch 'main' into update-to-node-20</li>
<li><a
href="1326563738"><code>1326563</code></a>
Merge branch 'main' into main</li>
<li><a
href="e71876755e"><code>e718767</code></a>
Fix format</li>
<li><a
href="01229828ff"><code>0122982</code></a>
Apply workaround for earlyExit</li>
<li><a
href="3185ecfd61"><code>3185ecf</code></a>
Update &quot;only-&quot; actions to node20</li>
<li><a
href="25618a0a67"><code>25618a0</code></a>
Bump version</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/cache/compare/v3...v4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=3&new-version=4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-23 11:24:25 -05:00
dependabot[bot]
ee8610865f Bump github/codeql-action from 2 to 3 (#2671) 
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 2 to 3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>CodeQL Bundle v2.15.4</h2>
<p>Bundles CodeQL CLI v2.15.4</p>
<ul>
<li>(<a
href="https://github.com/github/codeql-cli-binaries/blob/HEAD/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql-cli-binaries/releases/tag/v2.15.4">release</a>)</li>
</ul>
<p>Includes the following CodeQL language packs from <a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4"><code>github/codeql@codeql-cli/v2.15.4</code></a>:</p>
<ul>
<li><code>codeql/cpp-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/cpp/ql/src/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/cpp/ql/src">source</a>)</li>
<li><code>codeql/cpp-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/cpp/ql/lib/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/cpp/ql/lib">source</a>)</li>
<li><code>codeql/csharp-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/csharp/ql/src/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/csharp/ql/src">source</a>)</li>
<li><code>codeql/csharp-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/csharp/ql/lib/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/csharp/ql/lib">source</a>)</li>
<li><code>codeql/go-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/go/ql/src/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/go/ql/src">source</a>)</li>
<li><code>codeql/go-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/go/ql/lib/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/go/ql/lib">source</a>)</li>
<li><code>codeql/java-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/java/ql/src/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/java/ql/src">source</a>)</li>
<li><code>codeql/java-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/java/ql/lib/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/java/ql/lib">source</a>)</li>
<li><code>codeql/javascript-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/javascript/ql/src/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/javascript/ql/src">source</a>)</li>
<li><code>codeql/javascript-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/javascript/ql/lib/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/javascript/ql/lib">source</a>)</li>
<li><code>codeql/python-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/python/ql/src/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/python/ql/src">source</a>)</li>
<li><code>codeql/python-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/python/ql/lib/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/python/ql/lib">source</a>)</li>
<li><code>codeql/ruby-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/ruby/ql/src/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/ruby/ql/src">source</a>)</li>
<li><code>codeql/ruby-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/ruby/ql/lib/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/ruby/ql/lib">source</a>)</li>
<li><code>codeql/swift-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/swift/ql/src/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/swift/ql/src">source</a>)</li>
<li><code>codeql/swift-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/swift/ql/lib/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.4/swift/ql/lib">source</a>)</li>
</ul>
<h2>CodeQL Bundle</h2>
<p>Bundles CodeQL CLI v2.15.3</p>
<ul>
<li>(<a
href="https://github.com/github/codeql-cli-binaries/blob/HEAD/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql-cli-binaries/releases/tag/v2.15.3">release</a>)</li>
</ul>
<p>Includes the following CodeQL language packs from <a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3"><code>github/codeql@codeql-cli/v2.15.3</code></a>:</p>
<ul>
<li><code>codeql/cpp-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/cpp/ql/src/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/cpp/ql/src">source</a>)</li>
<li><code>codeql/cpp-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/cpp/ql/lib/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/cpp/ql/lib">source</a>)</li>
<li><code>codeql/csharp-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/csharp/ql/src/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/csharp/ql/src">source</a>)</li>
<li><code>codeql/csharp-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/csharp/ql/lib/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/csharp/ql/lib">source</a>)</li>
<li><code>codeql/go-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/go/ql/src/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/go/ql/src">source</a>)</li>
<li><code>codeql/go-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/go/ql/lib/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/go/ql/lib">source</a>)</li>
<li><code>codeql/java-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/java/ql/src/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/java/ql/src">source</a>)</li>
<li><code>codeql/java-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/java/ql/lib/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/java/ql/lib">source</a>)</li>
<li><code>codeql/javascript-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/javascript/ql/src/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/javascript/ql/src">source</a>)</li>
<li><code>codeql/javascript-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/javascript/ql/lib/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/javascript/ql/lib">source</a>)</li>
<li><code>codeql/python-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/python/ql/src/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/python/ql/src">source</a>)</li>
<li><code>codeql/python-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/python/ql/lib/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/python/ql/lib">source</a>)</li>
<li><code>codeql/ruby-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/ruby/ql/src/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/ruby/ql/src">source</a>)</li>
<li><code>codeql/ruby-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/ruby/ql/lib/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/ruby/ql/lib">source</a>)</li>
<li><code>codeql/swift-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/swift/ql/src/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/swift/ql/src">source</a>)</li>
<li><code>codeql/swift-all</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/swift/ql/lib/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.3/swift/ql/lib">source</a>)</li>
</ul>
<h2>CodeQL Bundle</h2>
<p>Bundles CodeQL CLI v2.15.2</p>
<ul>
<li>(<a
href="https://github.com/github/codeql-cli-binaries/blob/HEAD/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql-cli-binaries/releases/tag/v2.15.2">release</a>)</li>
</ul>
<p>Includes the following CodeQL language packs from <a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.2"><code>github/codeql@codeql-cli/v2.15.2</code></a>:</p>
<ul>
<li><code>codeql/cpp-queries</code> (<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.2/cpp/ql/src/CHANGELOG.md">changelog</a>,
<a
href="https://github.com/github/codeql/tree/codeql-cli/v2.15.2/cpp/ql/src">source</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3a9f6a89e0"><code>3a9f6a8</code></a>
update javascript files</li>
<li><a
href="cc4fead714"><code>cc4fead</code></a>
update version in various hardcoded locations</li>
<li><a
href="183559cea8"><code>183559c</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-v2.15.4</li>
<li><a
href="5b52b36d41"><code>5b52b36</code></a>
reintroduce PR check that confirm action can be still be compiled on
node16</li>
<li><a
href="5b19bef41e"><code>5b19bef</code></a>
change to node20 for all actions</li>
<li><a
href="f2d0c2e7ae"><code>f2d0c2e</code></a>
upgrade node type definitions</li>
<li><a
href="d651fbc494"><code>d651fbc</code></a>
change to node20 for all actions</li>
<li><a
href="382a50a028"><code>382a50a</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/2021">#2021</a>
from github/mergeback/v2.22.9-to-main-c0d1daa7</li>
<li><a
href="458b4226ad"><code>458b422</code></a>
Update checked-in dependencies</li>
<li><a
href="5e0f9dbc48"><code>5e0f9db</code></a>
Update changelog and version after v2.22.9</li>
<li>See full diff in <a
href="https://github.com/github/codeql-action/compare/v2...v3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=2&new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-27 01:00:26 -05:00
dependabot[bot]
b073326a71 Bump actions/setup-go from 4 to 5 (#2654) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to
5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-go/releases">actions/setup-go's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<h2>What's Changed</h2>
<p>In scope of this release, we change Nodejs runtime from node16 to
node20 (<a
href="https://redirect.github.com/actions/setup-go/pull/421">actions/setup-go#421</a>).
Moreover, we update some dependencies to the latest versions (<a
href="https://redirect.github.com/actions/setup-go/pull/445">actions/setup-go#445</a>).</p>
<p>Besides, this release contains such changes as:</p>
<ul>
<li>Fix hosted tool cache usage on windows by <a
href="https://github.com/galargh"><code>@​galargh</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/411">actions/setup-go#411</a></li>
<li>Improve documentation regarding dependencies caching by <a
href="https://github.com/artemgavrilov"><code>@​artemgavrilov</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/417">actions/setup-go#417</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/galargh"><code>@​galargh</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/411">actions/setup-go#411</a></li>
<li><a
href="https://github.com/artemgavrilov"><code>@​artemgavrilov</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/417">actions/setup-go#417</a></li>
<li><a
href="https://github.com/chenrui333"><code>@​chenrui333</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/421">actions/setup-go#421</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-go/compare/v4...v5.0.0">https://github.com/actions/setup-go/compare/v4...v5.0.0</a></p>
<h2>v4.1.0</h2>
<h2>What's Changed</h2>
<p>In scope of this release, slow installation on Windows was fixed by
<a href="https://github.com/dsame"><code>@​dsame</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/393">actions/setup-go#393</a>
and OS version was added to <code>primaryKey</code> for Ubuntu runners
to avoid conflicts (<a
href="https://redirect.github.com/actions/setup-go/pull/383">actions/setup-go#383</a>)</p>
<p>This release also includes the following changes:</p>
<ul>
<li>Remove implicit dependencies by <a
href="https://github.com/nikolai-laevskii"><code>@​nikolai-laevskii</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/378">actions/setup-go#378</a></li>
<li>Update action.yml by <a
href="https://github.com/mkelly"><code>@​mkelly</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/379">actions/setup-go#379</a></li>
<li>Added a description that go-version should be specified as a string
type by <a href="https://github.com/n3xem"><code>@​n3xem</code></a> in
<a
href="https://redirect.github.com/actions/setup-go/pull/367">actions/setup-go#367</a></li>
<li>Add note about YAML parsing versions by <a
href="https://github.com/dmitry-shibanov"><code>@​dmitry-shibanov</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/382">actions/setup-go#382</a></li>
<li>Automatic update of configuration files from 05/23/2023 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/377">actions/setup-go#377</a></li>
<li>Bump tough-cookie and <code>@​azure/ms-rest-js</code> by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/392">actions/setup-go#392</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/397">actions/setup-go#397</a></li>
<li>Bump semver from 6.3.0 to 6.3.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/396">actions/setup-go#396</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/mkelly"><code>@​mkelly</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/379">actions/setup-go#379</a></li>
<li><a href="https://github.com/n3xem"><code>@​n3xem</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/367">actions/setup-go#367</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-go/compare/v4...v4.1.0">https://github.com/actions/setup-go/compare/v4...v4.1.0</a></p>
<h2>v4.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update documentation for <code>v4</code> by <a
href="https://github.com/dsame"><code>@​dsame</code></a> in <a
href="https://redirect.github.com/actions/setup-go/pull/354">actions/setup-go#354</a></li>
<li>Fix glob bug in the package.json scripts section by <a
href="https://github.com/IvanZosimov"><code>@​IvanZosimov</code></a> in
<a
href="https://redirect.github.com/actions/setup-go/pull/359">actions/setup-go#359</a></li>
<li>Bump <code>xml2js</code> dependency by <a
href="https://github.com/dmitry-shibanov"><code>@​dmitry-shibanov</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/370">actions/setup-go#370</a></li>
<li>Bump <code>@actions/cache</code> dependency to v3.2.1 by <a
href="https://github.com/nikolai-laevskii"><code>@​nikolai-laevskii</code></a>
in <a
href="https://redirect.github.com/actions/setup-go/pull/374">actions/setup-go#374</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/nikolai-laevskii"><code>@​nikolai-laevskii</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-go/pull/374">actions/setup-go#374</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-go/compare/v4...v4.0.1">https://github.com/actions/setup-go/compare/v4...v4.0.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0c52d547c9"><code>0c52d54</code></a>
Update dependencies for node20 (<a
href="https://redirect.github.com/actions/setup-go/issues/445">#445</a>)</li>
<li><a
href="bfd2fb341f"><code>bfd2fb3</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-go/issues/421">#421</a>
from chenrui333/node20-runtime</li>
<li><a
href="3d65fa57fc"><code>3d65fa5</code></a>
feat: bump to use actions/checkout@v4</li>
<li><a
href="8a505c9cf2"><code>8a505c9</code></a>
feat: bump to use node20 runtime</li>
<li><a
href="883490dfd0"><code>883490d</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-go/issues/417">#417</a>
from artemgavrilov/main</li>
<li><a
href="d45ebba0ce"><code>d45ebba</code></a>
Rephrase sentence</li>
<li><a
href="317c6617fa"><code>317c661</code></a>
Replace <code>wildcards</code> term with <code>globs</code>.</li>
<li><a
href="f90673ad64"><code>f90673a</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-go/issues/1">#1</a> from
artemgavrilov/caching-docs-improvement</li>
<li><a
href="8018234347"><code>8018234</code></a>
Improve documentation regarding dependencies cachin</li>
<li><a
href="d085b4fe57"><code>d085b4f</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/setup-go/issues/411">#411</a>
from galargh/fix/windows-hostedtoolcache</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/setup-go/compare/v4...v5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-go&package-manager=github_actions&previous-version=4&new-version=5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-13 15:21:01 -05:00
dependabot[bot]
e3de867d40 Bump bufbuild/buf-push-action from 1.1.1 to 1.2.0 (#2604) 
Bumps
[bufbuild/buf-push-action](https://github.com/bufbuild/buf-push-action)
from 1.1.1 to 1.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-push-action/releases">bufbuild/buf-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.2.0</h2>
<ul>
<li>Add option <code>create_visibility</code> to create the repository
if it does not exist.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a654ff18ef"><code>a654ff1</code></a>
Fix broken yaml in example (<a
href="https://redirect.github.com/bufbuild/buf-push-action/issues/33">#33</a>)</li>
<li><a
href="342fc4cdcf"><code>342fc4c</code></a>
Support creating repos if not exist (<a
href="https://redirect.github.com/bufbuild/buf-push-action/issues/31">#31</a>)</li>
<li><a
href="455042d645"><code>455042d</code></a>
Update readme from draft commit to draft (<a
href="https://redirect.github.com/bufbuild/buf-push-action/issues/29">#29</a>)</li>
<li><a
href="ea7ac937df"><code>ea7ac93</code></a>
Add PR Title Linter (<a
href="https://redirect.github.com/bufbuild/buf-push-action/issues/28">#28</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-push-action/compare/v1.1.1...v1.2.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-push-action&package-manager=github_actions&previous-version=1.1.1&new-version=1.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-21 00:16:45 -05:00
dependabot[bot]
e5e9a9eeb4 Bump bufbuild/buf-setup-action from 1.28.0 to 1.28.1 (#2605) 
Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.28.0 to 1.28.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="382440cdb8"><code>382440c</code></a>
Release v1.28.1 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/179">#179</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.28.0...v1.28.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.28.0&new-version=1.28.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-21 00:16:20 -05:00
jchadwick-buf
11089b9585 Improve CI performance for Windows (#2600) 
Sometimes the existing workflow [runs
quickly](https://github.com/bufbuild/buf/actions/runs/6896243827/job/18761936996)
- sometimes it runs [incredibly
slowly](https://github.com/bufbuild/buf/actions/runs/6905941659/job/18789829770).

This seems to come down to a disk I/O issue. The cache tarball will get
downloaded very quickly, but then it will take minutes to untar. It's
unclear why. I suspect there is something in particular wrong with the
home directory in the Windows runner. In addition, `go test` itself
seems to have unreliable performance characteristics.

Merely just moving the Go cache and path into the GitHub Actions `_temp`
dir seems to vastly improve consistency. I ran the workflow multiple
times to collect some runs:

- [**Attempt
#1**](https://github.com/bufbuild/buf/actions/runs/6906720017/job/18792364497):
3m 2s, _no cache_
- [**Attempt
#2**](https://github.com/bufbuild/buf/actions/runs/6906720017/job/18792644471):
3m 1s, cached
- [**Attempt
#3**](https://github.com/bufbuild/buf/actions/runs/6906720017/job/18792750339):
2m 45s, cached
- [**Attempt
#4**](https://github.com/bufbuild/buf/actions/runs/6906720017/job/18792871341):
4m 1s, cached
- [**Attempt
#5**](https://github.com/bufbuild/buf/actions/runs/6906720017/job/18793063059):
2m 44s, cached
- [**Attempt
#6**](https://github.com/bufbuild/buf/actions/runs/6906720017/job/18793181885):
2m 45s, cached

The cache restore times are reliably counted in seconds. There is still
some run-to-run variance, but pathological behavior seems to have
disappeared, both for `go test` and cache restore. While this doesn't
bring performance quite up to par with the other workflows, it does seem
to help quite a bit.

I'm really hoping I didn't miss anything here. Any reason why I may have
tricked myself into thinking I solved the problem? :)
 2023-11-17 14:39:22 -05:00
dependabot[bot]
ec9eeeb5fc Bump bufbuild/buf-setup-action from 1.27.2 to 1.28.0 (#2573) 
Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.27.2 to 1.28.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-setup-action/releases">bufbuild/buf-setup-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.28.0</h2>
<p>Release v1.28.0</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c76da1c352"><code>c76da1c</code></a>
Use GitHub app token to draft release (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/178">#178</a>)</li>
<li><a
href="28ada537cb"><code>28ada53</code></a>
Release v1.28.0 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/177">#177</a>)</li>
<li><a
href="2b412ada04"><code>2b412ad</code></a>
Add token to checkout action (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/176">#176</a>)</li>
<li><a
href="81bf726e4a"><code>81bf726</code></a>
Update release workflow (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/175">#175</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.27.2...v1.28.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.27.2&new-version=1.28.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-11-13 10:08:54 -06:00
Oliver Sun
6aeec28934 Add App ID as Env Var in the Second Step of the Release Workflow (#2565) 2023-11-10 14:42:26 -05:00
Oliver Sun
94d7689076 Fix token usage in all release workflows (#2564) 
In `build-and-draft-release`, a GitHub App token is now used for
creating the release, to be consistent with the other steps.

Also use a token to checkout the repository in `back-to-development`.
 2023-11-10 14:28:10 -05:00
Oliver Sun
de2169f223 Fix permission issue from checkout action (#2558) 
The checkout action needs a token for `git push` to work.

Also reverts the `git config` change.
 2023-11-10 13:10:41 -05:00
Oliver Sun
e6c973448c Update Release Bot Git Config (#2555) 2023-11-10 12:27:28 -05:00
Oliver Sun
379cb60fca Update release workflow (#2552) 
This updates the CLI release workflow. Releasing CLI itself (not
including downstream repos) now has three separate actions, each
requiring some level of manual approval.
1. Manually trigger the 'Create Release PR' action and the action will
create a PR that updates the changelog and version in `bufcli.go`.
2. Once the the first PR is merged, the second action is triggered. This
action builds and signs the new CLI and creates a draft release.
3. Once the draft release is published (approved), the third action is
triggered and creates a go-back-to-development PR that updates the
version and changelog.

This also removes third party actions in the release workflow.
 2023-11-10 11:33:14 -05:00
dependabot[bot]
152cc5ed34 Bump bufbuild/buf-setup-action from 1.27.1 to 1.27.2 (#2521) 
Bumps
[bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action)
from 1.27.1 to 1.27.2.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1158f4fa81"><code>1158f4f</code></a>
Release v1.27.2 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/171">#171</a>)</li>
<li><a
href="a9cf7d0e41"><code>a9cf7d0</code></a>
Release v1.27.1-1 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/170">#170</a>)</li>
<li><a
href="6f83fc40e0"><code>6f83fc4</code></a>
Revert &quot;Release v1.27.2 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/168">#168</a>)&quot;
(<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/169">#169</a>)</li>
<li><a
href="8d2378b68f"><code>8d2378b</code></a>
Release v1.27.2 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/168">#168</a>)</li>
<li><a
href="e83a01e43a"><code>e83a01e</code></a>
Fix download location for Linux and arm64 (<a
href="https://redirect.github.com/bufbuild/buf-setup-action/issues/167">#167</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-setup-action/compare/v1.27.1...v1.27.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-setup-action&package-manager=github_actions&previous-version=1.27.1&new-version=1.27.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-30 14:04:55 -04:00
dependabot[bot]
66f4c6dd77 Bump bufbuild/buf-setup-action from 1.26.1 to 1.27.1 (#2508) 2023-10-23 09:41:34 -04:00
Saquib Mian
c1b5844462 Fix usage of tibdex/github-app-token in Release workflow (#2502) 
The argument needs to be JSON, so the string element in the array needs
to be wrapped in `"`. See the [Github
docs](https://docs.github.com/en/actions/learn-github-actions/variables),
but doing `"${{ github.repository }}"` is valid.
 2023-10-16 17:54:45 -04:00
dependabot[bot]
4f7c33b68d Bump docker/login-action from 2 to 3 (#2454) 
Bumps [docker/login-action](https://github.com/docker/login-action) from
2 to 3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/login-action/releases">docker/login-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<ul>
<li>Node 20 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions
Runner v2.308.0</a> or later) by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/593">docker/login-action#593</a></li>
<li>Bump <code>@​actions/core</code> from 1.10.0 to 1.10.1 in <a
href="https://redirect.github.com/docker/login-action/pull/598">docker/login-action#598</a></li>
<li>Bump <code>@​aws-sdk/client-ecr</code> and
<code>@​aws-sdk/client-ecr-public</code> to 3.410.0 in <a
href="https://redirect.github.com/docker/login-action/pull/555">docker/login-action#555</a>
<a
href="https://redirect.github.com/docker/login-action/pull/560">docker/login-action#560</a>
<a
href="https://redirect.github.com/docker/login-action/pull/582">docker/login-action#582</a>
<a
href="https://redirect.github.com/docker/login-action/pull/599">docker/login-action#599</a></li>
<li>Bump semver from 6.3.0 to 6.3.1 in <a
href="https://redirect.github.com/docker/login-action/pull/556">docker/login-action#556</a></li>
<li>Bump https-proxy-agent to 7.0.2 <a
href="https://redirect.github.com/docker/login-action/pull/561">docker/login-action#561</a>
<a
href="https://redirect.github.com/docker/login-action/pull/588">docker/login-action#588</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v2.2.0...v3.0.0">https://github.com/docker/login-action/compare/v2.2.0...v3.0.0</a></p>
<h2>v2.2.0</h2>
<ul>
<li>Switch to actions-toolkit implementation by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/409">docker/login-action#409</a>
<a
href="https://redirect.github.com/docker/login-action/pull/470">docker/login-action#470</a>
<a
href="https://redirect.github.com/docker/login-action/pull/476">docker/login-action#476</a></li>
<li>Bump <code>@​aws-sdk/client-ecr</code> and
<code>@​aws-sdk/client-ecr-public</code> to 3.347.1 in <a
href="https://redirect.github.com/docker/login-action/pull/524">docker/login-action#524</a>
<a
href="https://redirect.github.com/docker/login-action/pull/364">docker/login-action#364</a>
<a
href="https://redirect.github.com/docker/login-action/pull/363">docker/login-action#363</a></li>
<li>Bump minimatch from 3.0.4 to 3.1.2 in <a
href="https://redirect.github.com/docker/login-action/pull/354">docker/login-action#354</a></li>
<li>Bump json5 from 2.2.0 to 2.2.3 in <a
href="https://redirect.github.com/docker/login-action/pull/378">docker/login-action#378</a></li>
<li>Bump http-proxy-agent from 5.0.0 to 7.0.0 in <a
href="https://redirect.github.com/docker/login-action/pull/509">docker/login-action#509</a></li>
<li>Bump https-proxy-agent from 5.0.1 to 7.0.0 in <a
href="https://redirect.github.com/docker/login-action/pull/508">docker/login-action#508</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v2.1.0...v2.2.0">https://github.com/docker/login-action/compare/v2.1.0...v2.2.0</a></p>
<h2>v2.1.0</h2>
<ul>
<li>Ensure AWS temp credentials are redacted in workflow logs by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a
href="https://redirect.github.com/docker/login-action/issues/275">#275</a>)</li>
<li>Bump <code>@​actions/core</code> from 1.6.0 to 1.10.0 (<a
href="https://redirect.github.com/docker/login-action/issues/252">#252</a>
<a
href="https://redirect.github.com/docker/login-action/issues/292">#292</a>)</li>
<li>Bump <code>@​aws-sdk/client-ecr</code> from 3.53.0 to 3.186.0 (<a
href="https://redirect.github.com/docker/login-action/issues/298">#298</a>)</li>
<li>Bump <code>@​aws-sdk/client-ecr-public</code> from 3.53.0 to 3.186.0
(<a
href="https://redirect.github.com/docker/login-action/issues/299">#299</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v2.0.0...v2.1.0">https://github.com/docker/login-action/compare/v2.0.0...v2.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="343f7c4344"><code>343f7c4</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/599">#599</a>
from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li>
<li><a
href="aad0f974f2"><code>aad0f97</code></a>
chore: update generated content</li>
<li><a
href="2e0cd39144"><code>2e0cd39</code></a>
build(deps): bump the aws-sdk-dependencies group with 2 updates</li>
<li><a
href="203bc9c4ef"><code>203bc9c</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/588">#588</a>
from docker/dependabot/npm_and_yarn/proxy-agent-depen...</li>
<li><a
href="2199648fc8"><code>2199648</code></a>
chore: update generated content</li>
<li><a
href="b489376173"><code>b489376</code></a>
build(deps): bump the proxy-agent-dependencies group with 1 update</li>
<li><a
href="7c309e74e6"><code>7c309e7</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/598">#598</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.1</li>
<li><a
href="0ccf222961"><code>0ccf222</code></a>
chore: update generated content</li>
<li><a
href="56d703e106"><code>56d703e</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/597">#597</a>
from docker/dependabot/github_actions/aws-actions/con...</li>
<li><a
href="24d3b3519e"><code>24d3b35</code></a>
build(deps): bump <code>@​actions/core</code> from 1.10.0 to 1.10.1</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/login-action/compare/v2...v3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/login-action&package-manager=github_actions&previous-version=2&new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: bufdev <4228796+bufdev@users.noreply.github.com>
 2023-10-16 12:45:15 -04:00
dependabot[bot]
5dcdcb17ea Bump docker/build-push-action from 4 to 5 (#2453) 
Bumps
[docker/build-push-action](https://github.com/docker/build-push-action)
from 4 to 5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/build-push-action/releases">docker/build-push-action's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<ul>
<li>Node 20 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions
Runner v2.308.0</a> or later) by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/954">docker/build-push-action#954</a></li>
<li>Bump <code>@​actions/core</code> from 1.10.0 to 1.10.1 in <a
href="https://redirect.github.com/docker/build-push-action/pull/959">docker/build-push-action#959</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v4.2.1...v5.0.0">https://github.com/docker/build-push-action/compare/v4.2.1...v5.0.0</a></p>
<h2>v4.2.1</h2>
<blockquote>
<p><strong>Note</strong></p>
<p>Buildx v0.10 enables support for a minimal <a
href="https://slsa.dev/provenance/">SLSA Provenance</a> attestation,
which requires support for <a
href="https://github.com/opencontainers/image-spec">OCI-compliant</a>
multi-platform images. This may introduce issues with registry and
runtime support (e.g. <a
href="https://redirect.github.com/docker/buildx/issues/1533">Google
Cloud Run and AWS Lambda</a>). You can optionally disable the default
provenance attestation functionality using <code>provenance:
false</code>.</p>
</blockquote>
<ul>
<li>warn if docker config can't be parsed by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/957">docker/build-push-action#957</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v4.2.0...v4.2.1">https://github.com/docker/build-push-action/compare/v4.2.0...v4.2.1</a></p>
<h2>v4.2.0</h2>
<blockquote>
<p><strong>Note</strong></p>
<p>Buildx v0.10 enables support for a minimal <a
href="https://slsa.dev/provenance/">SLSA Provenance</a> attestation,
which requires support for <a
href="https://github.com/opencontainers/image-spec">OCI-compliant</a>
multi-platform images. This may introduce issues with registry and
runtime support (e.g. <a
href="https://redirect.github.com/docker/buildx/issues/1533">Google
Cloud Run and AWS Lambda</a>). You can optionally disable the default
provenance attestation functionality using <code>provenance:
false</code>.</p>
</blockquote>
<ul>
<li>display proxy configuration by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/872">docker/build-push-action#872</a></li>
<li>chore(deps): Bump <code>@​docker/actions-toolkit</code> from 0.6.0
to 0.8.0 in <a
href="https://redirect.github.com/docker/build-push-action/pull/930">docker/build-push-action#930</a></li>
<li>chore(deps): Bump word-wrap from 1.2.3 to 1.2.5 in <a
href="https://redirect.github.com/docker/build-push-action/pull/925">docker/build-push-action#925</a></li>
<li>chore(deps): Bump semver from 6.3.0 to 6.3.1 in <a
href="https://redirect.github.com/docker/build-push-action/pull/902">docker/build-push-action#902</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v4.1.1...v4.2.0">https://github.com/docker/build-push-action/compare/v4.1.1...v4.2.0</a></p>
<h2>v4.1.1</h2>
<blockquote>
<p><strong>Note</strong></p>
<p>Buildx v0.10 enables support for a minimal <a
href="https://slsa.dev/provenance/">SLSA Provenance</a> attestation,
which requires support for <a
href="https://github.com/opencontainers/image-spec">OCI-compliant</a>
multi-platform images. This may introduce issues with registry and
runtime support (e.g. <a
href="https://redirect.github.com/docker/buildx/issues/1533">Google
Cloud Run and AWS Lambda</a>). You can optionally disable the default
provenance attestation functionality using <code>provenance:
false</code>.</p>
</blockquote>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.3.0 to 0.5.0 by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/880">docker/build-push-action#880</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v4.1.0...v4.1.1">https://github.com/docker/build-push-action/compare/v4.1.0...v4.1.1</a></p>
<h2>v4.1.0</h2>
<blockquote>
<p><strong>Note</strong></p>
<p>Buildx v0.10 enables support for a minimal <a
href="https://slsa.dev/provenance/">SLSA Provenance</a> attestation,
which requires support for <a
href="https://github.com/opencontainers/image-spec">OCI-compliant</a>
multi-platform images. This may introduce issues with registry and
runtime support (e.g. <a
href="https://redirect.github.com/docker/buildx/issues/1533">Google
Cloud Run and AWS Lambda</a>). You can optionally disable the default
provenance attestation functionality using <code>provenance:
false</code>.</p>
</blockquote>
<ul>
<li>Switch to actions-toolkit implementation by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/811">docker/build-push-action#811</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/838">docker/build-push-action#838</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/855">docker/build-push-action#855</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/860">docker/build-push-action#860</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/875">docker/build-push-action#875</a></li>
<li>e2e: quay.io by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/799">docker/build-push-action#799</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/805">docker/build-push-action#805</a></li>
<li>e2e: local harbor and nexus by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/800">docker/build-push-action#800</a></li>
<li>e2e: add artifactory container registry to test against by <a
href="https://github.com/jedevc"><code>@​jedevc</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/804">docker/build-push-action#804</a></li>
<li>e2e: add distribution tests by <a
href="https://github.com/jedevc"><code>@​jedevc</code></a> in <a
href="https://redirect.github.com/docker/build-push-action/pull/814">docker/build-push-action#814</a>
<a
href="https://redirect.github.com/docker/build-push-action/pull/815">docker/build-push-action#815</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/build-push-action/compare/v4.0.0...v4.1.0">https://github.com/docker/build-push-action/compare/v4.0.0...v4.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="0565240e2d"><code>0565240</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/959">#959</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.1</li>
<li><a
href="3ab07f8801"><code>3ab07f8</code></a>
chore: update generated content</li>
<li><a
href="b9e7e4daec"><code>b9e7e4d</code></a>
chore(deps): Bump <code>@​actions/core</code> from 1.10.0 to 1.10.1</li>
<li><a
href="04d1a3b049"><code>04d1a3b</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/build-push-action/issues/954">#954</a>
from crazy-max/update-node20</li>
<li><a
href="1a4d1a13fb"><code>1a4d1a1</code></a>
chore: node 20 as default runtime</li>
<li><a
href="675965c0e1"><code>675965c</code></a>
chore: update generated content</li>
<li><a
href="58ee34cb6b"><code>58ee34c</code></a>
chore: fix author in package.json</li>
<li><a
href="c97c4060bd"><code>c97c406</code></a>
fix ProxyConfig type when checking length</li>
<li><a
href="47d5369e0b"><code>47d5369</code></a>
vendor: bump <code>@​docker/actions-toolkit</code> from 0.8.0 to
0.12.0</li>
<li><a
href="8895c7468f"><code>8895c74</code></a>
chore: update dev dependencies</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/build-push-action/compare/v4...v5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/build-push-action&package-manager=github_actions&previous-version=4&new-version=5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: bufdev <4228796+bufdev@users.noreply.github.com>
 2023-10-16 12:44:56 -04:00
dependabot[bot]
d5d1fe6114 Bump bufbuild/buf-lint-action from 1.0.3 to 1.1.0 (#2497) 
Bumps
[bufbuild/buf-lint-action](https://github.com/bufbuild/buf-lint-action)
from 1.0.3 to 1.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/bufbuild/buf-lint-action/releases">bufbuild/buf-lint-action's
releases</a>.</em></p>
<blockquote>
<h2>v1.1.0</h2>
<ul>
<li>Use BUF_TOKEN instead of .netrc</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="044d13acb1"><code>044d13a</code></a>
Use BUF_TOKEN instead of .netrc (<a
href="https://redirect.github.com/bufbuild/buf-lint-action/issues/99">#99</a>)</li>
<li><a
href="eb3d81d31c"><code>eb3d81d</code></a>
Add PR Title Linter (<a
href="https://redirect.github.com/bufbuild/buf-lint-action/issues/60">#60</a>)</li>
<li><a
href="5ce20f3806"><code>5ce20f3</code></a>
Update dependencies and rebuild (<a
href="https://redirect.github.com/bufbuild/buf-lint-action/issues/59">#59</a>)</li>
<li><a
href="e847e92216"><code>e847e92</code></a>
Update all dependencies (<a
href="https://redirect.github.com/bufbuild/buf-lint-action/issues/57">#57</a>)</li>
<li><a
href="680795b983"><code>680795b</code></a>
Update bypass approval github workflow (<a
href="https://redirect.github.com/bufbuild/buf-lint-action/issues/51">#51</a>)</li>
<li>See full diff in <a
href="https://github.com/bufbuild/buf-lint-action/compare/v1.0.3...v1.1.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bufbuild/buf-lint-action&package-manager=github_actions&previous-version=1.0.3&new-version=1.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-16 11:53:53 -04:00
dependabot[bot]
ef489bed96 Bump docker/setup-qemu-action from 2 to 3 (#2455) 
Bumps
[docker/setup-qemu-action](https://github.com/docker/setup-qemu-action)
from 2 to 3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-qemu-action/releases">docker/setup-qemu-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<ul>
<li>Node 20 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions
Runner v2.308.0</a> or later) by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/102">docker/setup-qemu-action#102</a></li>
<li>Bump <code>@​actions/core</code> from 1.10.0 to 1.10.1 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/103">docker/setup-qemu-action#103</a></li>
<li>Bump semver from 6.3.0 to 6.3.1 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/89">docker/setup-qemu-action#89</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-qemu-action/compare/v2.2.0...v3.0.0">https://github.com/docker/setup-qemu-action/compare/v2.2.0...v3.0.0</a></p>
<h2>v2.2.0</h2>
<ul>
<li>Trim off spaces in <code>platforms</code> input by <a
href="https://github.com/Chocobo1"><code>@​Chocobo1</code></a> in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/64">docker/setup-qemu-action#64</a></li>
<li>Switch to actions-toolkit implementation by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/70">docker/setup-qemu-action#70</a>
<a
href="https://redirect.github.com/docker/setup-qemu-action/pull/80">docker/setup-qemu-action#80</a>
<a
href="https://redirect.github.com/docker/setup-qemu-action/pull/83">docker/setup-qemu-action#83</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-qemu-action/compare/v2.1.0...v2.2.0">https://github.com/docker/setup-qemu-action/compare/v2.1.0...v2.2.0</a></p>
<h2>v2.1.0</h2>
<ul>
<li>Use context for inputs by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a
href="https://redirect.github.com/docker/setup-qemu-action/issues/62">#62</a>)</li>
<li>Use built-in <code>getExecOutput</code> by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a
href="https://redirect.github.com/docker/setup-qemu-action/issues/61">#61</a>)</li>
<li>Remove workaround for <code>setOutput</code> by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> (<a
href="https://redirect.github.com/docker/setup-qemu-action/issues/63">#63</a>)</li>
<li>Bump <code>@​actions/core</code> from 1.6.0 to 1.10.0 (<a
href="https://redirect.github.com/docker/setup-qemu-action/issues/54">#54</a>
<a
href="https://redirect.github.com/docker/setup-qemu-action/issues/58">#58</a>
<a
href="https://redirect.github.com/docker/setup-qemu-action/issues/59">#59</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-qemu-action/compare/v2.0.0...v2.1.0">https://github.com/docker/setup-qemu-action/compare/v2.0.0...v2.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="68827325e0"><code>6882732</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/103">#103</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.1</li>
<li><a
href="183f4af504"><code>183f4af</code></a>
chore: update generated content</li>
<li><a
href="f17493529e"><code>f174935</code></a>
build(deps): bump <code>@​actions/core</code> from 1.10.0 to 1.10.1</li>
<li><a
href="2e423eb500"><code>2e423eb</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/89">#89</a>
from docker/dependabot/npm_and_yarn/semver-6.3.1</li>
<li><a
href="ecc406afa7"><code>ecc406a</code></a>
Bump semver from 6.3.0 to 6.3.1</li>
<li><a
href="12dec5e201"><code>12dec5e</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/102">#102</a>
from crazy-max/update-node20</li>
<li><a
href="c29b312130"><code>c29b312</code></a>
chore: node 20 as default runtime</li>
<li><a
href="34ae628c8f"><code>34ae628</code></a>
chore: update generated content</li>
<li><a
href="1f3d2e1ac0"><code>1f3d2e1</code></a>
chore: fix author in package.json</li>
<li><a
href="277dbe8c9c"><code>277dbe8</code></a>
vendor: bump <code>@​docker/actions-toolkit</code> from 0.3.0 to
0.12.0</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/setup-qemu-action/compare/v2...v3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-qemu-action&package-manager=github_actions&previous-version=2&new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-13 15:15:26 -04:00
dependabot[bot]
21db11c148 Bump tibdex/github-app-token from 2.0.0 to 2.1.0 (#2461) 
Bumps
[tibdex/github-app-token](https://github.com/tibdex/github-app-token)
from 2.0.0 to 2.1.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tibdex/github-app-token/releases">tibdex/github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v2.1.0</h2>
<p>Projects willing to keep the token alive after the end of the job can
pass <code>revoke: false</code> as an input.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3beb63f4bd"><code>3beb63f</code></a>
release v2.1.0</li>
<li><a
href="3eb77c7243"><code>3eb77c7</code></a>
Add option to not revoke token (<a
href="https://redirect.github.com/tibdex/github-app-token/issues/95">#95</a>)</li>
<li>See full diff in <a
href="0914d50df7...3beb63f4bd">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=tibdex/github-app-token&package-manager=github_actions&previous-version=2.0.0&new-version=2.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-13 15:15:06 -04:00
dependabot[bot]
365479a649 Bump docker/setup-buildx-action from 2 to 3 (#2452) 
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 2 to 3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.0.0</h2>
<ul>
<li>Node 20 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.308.0">Actions
Runner v2.308.0</a> or later) by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/264">docker/setup-buildx-action#264</a></li>
<li>Bump <code>@​actions/core</code> from 1.10.0 to 1.10.1 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/267">docker/setup-buildx-action#267</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.10.0...v3.0.0">https://github.com/docker/setup-buildx-action/compare/v2.10.0...v3.0.0</a></p>
<h2>v2.10.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.7.1 to 0.10.0 by
<a href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/258">docker/setup-buildx-action#258</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/253">docker/setup-buildx-action#253</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.9.1...v2.10.0">https://github.com/docker/setup-buildx-action/compare/v2.9.1...v2.10.0</a></p>
<h2>v2.9.1</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.7.0 to 0.7.1 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/248">docker/setup-buildx-action#248</a>
<ul>
<li>Fixes an issue where building Buildx does not match the local
platform (<a
href="https://redirect.github.com/docker/actions-toolkit/pull/135">docker/actions-toolkit#135</a>)</li>
</ul>
</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.9.0...v2.9.1">https://github.com/docker/setup-buildx-action/compare/v2.9.0...v2.9.1</a></p>
<h2>v2.9.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.6.0 to 0.7.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/246">docker/setup-buildx-action#246</a>
<ul>
<li>Adds support to cache Buildx binary to hosted tool cache and GHA
cache backend</li>
</ul>
</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.8.0...v2.9.0">https://github.com/docker/setup-buildx-action/compare/v2.8.0...v2.9.0</a></p>
<h2>v2.8.0</h2>
<ul>
<li>Only set specific flags for drivers supporting them by <a
href="https://github.com/nicks"><code>@​nicks</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/241">docker/setup-buildx-action#241</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.5.0 to 0.6.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/242">docker/setup-buildx-action#242</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.7.0...v2.8.0">https://github.com/docker/setup-buildx-action/compare/v2.7.0...v2.8.0</a></p>
<h2>v2.7.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.3.0 to 0.5.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/237">docker/setup-buildx-action#237</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/238">docker/setup-buildx-action#238</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.6.0...v2.7.0">https://github.com/docker/setup-buildx-action/compare/v2.6.0...v2.7.0</a></p>
<h2>v2.6.0</h2>
<ul>
<li>Set node name for k8s driver when appending nodes by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/219">docker/setup-buildx-action#219</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.1.0-beta.18 to
0.3.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/220">docker/setup-buildx-action#220</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/229">docker/setup-buildx-action#229</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/231">docker/setup-buildx-action#231</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/236">docker/setup-buildx-action#236</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.5.0...v2.6.0">https://github.com/docker/setup-buildx-action/compare/v2.5.0...v2.6.0</a></p>
<h2>v2.5.0</h2>
<ul>
<li><code>cleanup</code> input to remove builder and temp files by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/213">docker/setup-buildx-action#213</a></li>
<li>do not remove builder using the <code>docker</code> driver by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/218">docker/setup-buildx-action#218</a></li>
<li>fix current context as builder name for <code>docker</code> driver
by <a href="https://github.com/crazy-max"><code>@​crazy-max</code></a>
in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/209">docker/setup-buildx-action#209</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v2.4.1...v2.5.0">https://github.com/docker/setup-buildx-action/compare/v2.4.1...v2.5.0</a></p>
<h2>v2.4.1</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f95db51fdd"><code>f95db51</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/267">#267</a>
from docker/dependabot/npm_and_yarn/actions/core-1.10.1</li>
<li><a
href="998a87c2c1"><code>998a87c</code></a>
chore: update generated content</li>
<li><a
href="28bae59336"><code>28bae59</code></a>
build(deps): bump <code>@​actions/core</code> from 1.10.0 to 1.10.1</li>
<li><a
href="c215341715"><code>c215341</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/264">#264</a>
from crazy-max/update-node20</li>
<li><a
href="02e9319239"><code>02e9319</code></a>
chore: node 20 as default runtime</li>
<li><a
href="5c9160effc"><code>5c9160e</code></a>
chore: update generated content</li>
<li><a
href="1283140f57"><code>1283140</code></a>
chore: fix author in package.json</li>
<li><a
href="c6afe06e4a"><code>c6afe06</code></a>
vendor: bump <code>@​docker/actions-toolkit</code> from 0.10.0 to
0.12.0</li>
<li><a
href="f35e0d5a04"><code>f35e0d5</code></a>
chore: update dev dependencies</li>
<li><a
href="baeb468fb2"><code>baeb468</code></a>
dev: remove unneeded binaries</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/setup-buildx-action/compare/v2...v3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-buildx-action&package-manager=github_actions&previous-version=2&new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-10-13 15:14:44 -04:00
Doria Keung
25d01ef755 Use YAML multiline string for release workflow yaml (#2487) 2023-10-10 15:21:21 -06:00
Doria Keung
cd711d8eb6 Fix release workflow yaml (#2486) 
This fixes the formatting on the release workflow.
 2023-10-10 14:32:38 -06:00