build(deps): Bump the all group with 4 updates #2232

dependabot · 2024-10-07T11:40:06Z

Bumps the all group with 4 updates: sigstore/cosign-installer, google-github-actions/auth, codecov/codecov-action and golangci/golangci-lint-action.

Updates sigstore/cosign-installer from 3.6.0 to 3.7.0

Release notes

Sourced from sigstore/cosign-installer's releases.

v3.7.0

What's Changed

Bump actions/checkout from 4.1.7 to 4.2.0 by @dependabot in sigstore/cosign-installer#172

bump for latest cosign v2.4.1 release by @bobcallaway in sigstore/cosign-installer#173

Full Changelog: sigstore/cosign-installer@v3.6.0...v3.7.0

Commits

dc72c7d bump for latest cosign v2.4.1 release (#173)
08bb361 Bump actions/checkout from 4.1.7 to 4.2.0 (#172)
See full diff in compare view

Updates google-github-actions/auth from 2.1.5 to 2.1.6

Release notes

Sourced from google-github-actions/auth's releases.

v2.1.6

What's Changed

Recommend gcloud storage over gsutil by @sethvargo in google-github-actions/auth#438

Add missing log line by @sethvargo in google-github-actions/auth#448

Release: v2.1.6 by @google-github-actions-bot in google-github-actions/auth#449

Full Changelog: google-github-actions/auth@v2.1.5...v2.1.6

Commits

8254fb7 Release: v2.1.6 (#449)
d1b27fe Add missing log line (#448)
c8788cc Recommend gcloud storage over gsutil (#438)
See full diff in compare view

Updates codecov/codecov-action from 4.5.0 to 4.6.0

Release notes

Sourced from codecov/codecov-action's releases.

v4.6.0

What's Changed

build(deps): bump github/codeql-action from 3.25.8 to 3.25.10 by @dependabot in codecov/codecov-action#1481

build(deps): bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in codecov/codecov-action#1480

build(deps-dev): bump ts-jest from 29.1.4 to 29.1.5 by @dependabot in codecov/codecov-action#1479

build(deps-dev): bump @typescript-eslint/parser from 7.13.0 to 7.13.1 by @dependabot in codecov/codecov-action#1485

build(deps-dev): bump @typescript-eslint/eslint-plugin from 7.13.0 to 7.13.1 by @dependabot in codecov/codecov-action#1484

build(deps-dev): bump typescript from 5.4.5 to 5.5.2 by @dependabot in codecov/codecov-action#1490

build(deps-dev): bump @typescript-eslint/parser from 7.13.1 to 7.14.1 by @dependabot in codecov/codecov-action#1493

build(deps-dev): bump @typescript-eslint/eslint-plugin from 7.13.1 to 7.14.1 by @dependabot in codecov/codecov-action#1492

build(deps): bump github/codeql-action from 3.25.10 to 3.25.11 by @dependabot in codecov/codecov-action#1496

build(deps-dev): bump @typescript-eslint/eslint-plugin from 7.14.1 to 7.15.0 by @dependabot in codecov/codecov-action#1501

build(deps-dev): bump typescript from 5.5.2 to 5.5.3 by @dependabot in codecov/codecov-action#1500

build(deps-dev): bump @typescript-eslint/parser from 7.14.1 to 7.15.0 by @dependabot in codecov/codecov-action#1499

build(deps): bump actions/upload-artifact from 4.3.3 to 4.3.4 by @dependabot in codecov/codecov-action#1502

build(deps-dev): bump ts-jest from 29.1.5 to 29.2.0 by @dependabot in codecov/codecov-action#1504

build(deps-dev): bump @typescript-eslint/eslint-plugin from 7.15.0 to 7.16.0 by @dependabot in codecov/codecov-action#1503

build(deps-dev): bump ts-jest from 29.2.0 to 29.2.2 by @dependabot in codecov/codecov-action#1507

build(deps-dev): bump @typescript-eslint/parser from 7.15.0 to 7.16.0 by @dependabot in codecov/codecov-action#1505

build(deps): bump github/codeql-action from 3.25.11 to 3.25.12 by @dependabot in codecov/codecov-action#1509

chore(ci): restrict scorecards to codecov/codecov-action by @thomasrockhu-codecov in codecov/codecov-action#1512

build(deps-dev): bump @typescript-eslint/eslint-plugin from 7.16.0 to 7.16.1 by @dependabot in codecov/codecov-action#1514

build(deps-dev): bump @typescript-eslint/parser from 7.16.0 to 7.16.1 by @dependabot in codecov/codecov-action#1513

test: versionInfo by @marcobiedermann in codecov/codecov-action#1407

build(deps-dev): bump ts-jest from 29.2.2 to 29.2.3 by @dependabot in codecov/codecov-action#1515

build(deps): bump github/codeql-action from 3.25.12 to 3.25.13 by @dependabot in codecov/codecov-action#1516

build(deps-dev): bump typescript from 5.5.3 to 5.5.4 by @dependabot in codecov/codecov-action#1521

build(deps-dev): bump @typescript-eslint/parser from 7.16.1 to 7.17.0 by @dependabot in codecov/codecov-action#1520

build(deps-dev): bump @typescript-eslint/parser from 7.17.0 to 7.18.0 by @dependabot in codecov/codecov-action#1528

build(deps): bump github/codeql-action from 3.25.13 to 3.25.15 by @dependabot in codecov/codecov-action#1526

build(deps): bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @dependabot in codecov/codecov-action#1525

build(deps-dev): bump ts-jest from 29.2.3 to 29.2.4 by @dependabot in codecov/codecov-action#1532

build(deps): bump actions/upload-artifact from 4.3.4 to 4.3.5 by @dependabot in codecov/codecov-action#1534

build(deps): bump github/codeql-action from 3.25.15 to 3.26.0 by @dependabot in codecov/codecov-action#1542

build(deps): bump actions/upload-artifact from 4.3.5 to 4.3.6 by @dependabot in codecov/codecov-action#1541

ref: Tidy up types and remove string coercion by @nicholas-codecov in codecov/codecov-action#1536

build(deps-dev): bump @octokit/webhooks-types from 3.77.1 to 7.5.1 by @dependabot in codecov/codecov-action#1545

build(deps): bump github/codeql-action from 3.26.0 to 3.26.2 by @dependabot in codecov/codecov-action#1551

feat: pass tokenless value as branch override by @joseph-sentry in codecov/codecov-action#1511

build(deps): bump actions/upload-artifact from 4.3.6 to 4.4.0 by @dependabot in codecov/codecov-action#1563

Create makefile.yml by @Hawthorne001 in codecov/codecov-action#1555

build(deps): bump github/codeql-action from 3.26.2 to 3.26.6 by @dependabot in codecov/codecov-action#1562

build(deps-dev): bump ts-jest from 29.2.4 to 29.2.5 by @dependabot in codecov/codecov-action#1557

Spell evenName in the logs correctly by @webknjaz in codecov/codecov-action#1560

build(deps-dev): bump typescript from 5.5.4 to 5.6.2 by @dependabot in codecov/codecov-action#1566

build(deps-dev): bump @types/jest from 29.5.12 to 29.5.13 by @dependabot in codecov/codecov-action#1567

build(deps): bump github/codeql-action from 3.26.6 to 3.26.7 by @dependabot in codecov/codecov-action#1569

build(deps-dev): bump eslint from 8.57.0 to 8.57.1 by @dependabot in codecov/codecov-action#1571

build(deps): bump github/codeql-action from 3.26.7 to 3.26.8 by @dependabot in codecov/codecov-action#1575

build(deps-dev): bump @vercel/ncc from 0.38.1 to 0.38.2 by @dependabot in codecov/codecov-action#1577

... (truncated)

Commits

b9fd7d1 chore(release):4.6.0 (#1587)
6f7612c fix: bump eslint parser deps (#1586)
26c7e28 build(deps): bump actions/checkout from 4.1.7 to 4.2.0 (#1583)
6f744f7 build(deps): bump github/codeql-action from 3.26.8 to 3.26.9 (#1584)
543c3d4 chore: fix typo of OSS (#1578)
e379426 build(deps-dev): bump @vercel/ncc from 0.38.1 to 0.38.2 (#1577)
42656e4 build(deps): bump github/codeql-action from 3.26.7 to 3.26.8 (#1575)
2296b6b build(deps-dev): bump eslint from 8.57.0 to 8.57.1 (#1571)
bd77bc3 build(deps): bump github/codeql-action from 3.26.6 to 3.26.7 (#1569)
180b964 build(deps-dev): bump @types/jest from 29.5.12 to 29.5.13 (#1567)
Additional commits viewable in compare view

Updates golangci/golangci-lint-action from 6.1.0 to 6.1.1

Release notes

Sourced from golangci/golangci-lint-action's releases.

v6.1.1

What's Changed

Changes

fix: clean go install output by @ldez in golangci/golangci-lint-action#1102

Documentation

docs: update README.md to use golangci-lint v1.60 by @dunglas in golangci/golangci-lint-action#1087

Dependencies

build(deps-dev): bump the dev-dependencies group with 2 updates by @dependabot in golangci/golangci-lint-action#1082

build(deps): bump @types/node from 22.0.0 to 22.1.0 in the dependencies group by @dependabot in golangci/golangci-lint-action#1083

build(deps-dev): bump the dev-dependencies group with 2 updates by @dependabot in golangci/golangci-lint-action#1084

build(deps): bump @types/node from 22.1.0 to 22.2.0 in the dependencies group by @dependabot in golangci/golangci-lint-action#1085

build(deps-dev): bump the dev-dependencies group with 2 updates by @dependabot in golangci/golangci-lint-action#1088

build(deps-dev): bump the dev-dependencies group with 2 updates by @dependabot in golangci/golangci-lint-action#1093

build(deps): bump the dependencies group with 2 updates by @dependabot in golangci/golangci-lint-action#1089

build(deps): bump the dependencies group across 1 directory with 2 updates by @dependabot in golangci/golangci-lint-action#1096

build(deps-dev): bump the dev-dependencies group with 2 updates by @dependabot in golangci/golangci-lint-action#1097

build(deps): bump @types/node from 22.5.1 to 22.5.2 in the dependencies group by @dependabot in golangci/golangci-lint-action#1098

build(deps): bump @types/node from 22.5.2 to 22.5.4 in the dependencies group by @dependabot in golangci/golangci-lint-action#1100

build(deps-dev): bump the dev-dependencies group with 3 updates by @dependabot in golangci/golangci-lint-action#1099

build(deps-dev): bump the dev-dependencies group with 3 updates by @dependabot in golangci/golangci-lint-action#1103

build(deps): bump @types/node from 22.5.4 to 22.5.5 in the dependencies group by @dependabot in golangci/golangci-lint-action#1104

build(deps-dev): bump the dev-dependencies group with 3 updates by @dependabot in golangci/golangci-lint-action#1105

build(deps): bump @types/node from 22.5.5 to 22.7.4 in the dependencies group by @dependabot in golangci/golangci-lint-action#1109

build(deps-dev): bump the dev-dependencies group with 3 updates by @dependabot in golangci/golangci-lint-action#1108

New Contributors

@dunglas made their first contribution in golangci/golangci-lint-action#1087

Full Changelog: golangci/golangci-lint-action@v6.1.0...v6.1.1

Commits

971e284 build(deps-dev): bump the dev-dependencies group with 3 updates (#1108)
bbe7eb5 build(deps): bump @types/node from 22.5.5 to 22.7.4 in the dependencies group...
ebae5ce build(deps-dev): bump the dev-dependencies group with 3 updates (#1105)
06c3f3a build(deps): bump @types/node from 22.5.4 to 22.5.5 in the dependencies group...
56689d8 build(deps-dev): bump the dev-dependencies group with 3 updates (#1103)
c7bab6f fix: clean go install output (#1102)
33f56cc build(deps-dev): bump the dev-dependencies group with 3 updates (#1099)
e954224 build(deps): bump @types/node from 22.5.2 to 22.5.4 in the dependencies group...
68de804 build(deps): bump @types/node from 22.5.1 to 22.5.2 in the dependencies group...
22a3756 build(deps-dev): bump the dev-dependencies group with 2 updates (#1097)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the all group with 4 updates: [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer), [google-github-actions/auth](https://github.com/google-github-actions/auth), [codecov/codecov-action](https://github.com/codecov/codecov-action) and [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action). Updates `sigstore/cosign-installer` from 3.6.0 to 3.7.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@4959ce0...dc72c7d) Updates `google-github-actions/auth` from 2.1.5 to 2.1.6 - [Release notes](https://github.com/google-github-actions/auth/releases) - [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md) - [Commits](google-github-actions/auth@62cf5bd...8254fb7) Updates `codecov/codecov-action` from 4.5.0 to 4.6.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@e28ff12...b9fd7d1) Updates `golangci/golangci-lint-action` from 6.1.0 to 6.1.1 - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@aaa42aa...971e284) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: google-github-actions/auth dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot requested a review from a team as a code owner October 7, 2024 11:40

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code labels Oct 7, 2024

cpanato approved these changes Oct 7, 2024

View reviewed changes

cpanato merged commit e748043 into main Oct 7, 2024
15 checks passed

cpanato deleted the dependabot/github_actions/all-660ac9f89f branch October 7, 2024 12:02

github-actions bot added this to the v1.2.2 milestone Oct 7, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): Bump the all group with 4 updates #2232

build(deps): Bump the all group with 4 updates #2232

dependabot bot commented on behalf of github Oct 7, 2024

build(deps): Bump the all group with 4 updates #2232

build(deps): Bump the all group with 4 updates #2232

Conversation

dependabot bot commented on behalf of github Oct 7, 2024

v3.7.0

What's Changed

v2.1.6

What's Changed

v4.6.0

What's Changed

v6.1.1

What's Changed

Changes

Documentation

Dependencies

New Contributors