Bump the actions group with 2 updates #69

dependabot · 2024-06-24T07:05:46Z

Bumps the actions group with 2 updates: dependabot/fetch-metadata and docker/build-push-action.

Updates dependabot/fetch-metadata from 1 to 2

Release notes

Sourced from dependabot/fetch-metadata's releases.

v2.0.0 - Switch to node20

What's Changed

Upgrade from node16 to node20 by @Nishnha in dependabot/fetch-metadata#443 👈 this is a potentially breaking change for some workflows

v2 is the new tracking tag by @jeffwidman in dependabot/fetch-metadata#506

v2.0.0 by @fetch-metadata-action-automation in dependabot/fetch-metadata#508

Full Changelog: dependabot/fetch-metadata@v1.7.0...v2.0.0

v1.7.0

What's Changed

Bump dotenv from 16.0.3 to 16.3.1 by @dependabot in dependabot/fetch-metadata#404

Bump @types/node from 20.2.3 to 20.3.3 by @dependabot in dependabot/fetch-metadata#407

Bump the eslint-dependencies group with 4 updates by @dependabot in dependabot/fetch-metadata#409

Update dependabot.yml by @bdragon in dependabot/fetch-metadata#410

Bump @types/node from 20.3.3 to 20.4.0 by @dependabot in dependabot/fetch-metadata#411

Bump yaml from 2.2.1 to 2.3.1 by @dependabot in dependabot/fetch-metadata#390

Bump tough-cookie from 4.0.0 to 4.1.3 by @dependabot in dependabot/fetch-metadata#412

Bump @types/node from 20.4.0 to 20.4.1 by @dependabot in dependabot/fetch-metadata#413

Generate Dependabot PRs on Sundays weekly by @abdulapopoola in dependabot/fetch-metadata#417

Aggressively group prod and dev dependencies for NPM by @abdulapopoola in dependabot/fetch-metadata#420

Update .nvmrc to latest node 16 LTS version by @abdulapopoola in dependabot/fetch-metadata#422

Bump the dev-dependencies group with 9 updates by @dependabot in dependabot/fetch-metadata#421

Bump the dev-dependencies group with 1 update by @dependabot in dependabot/fetch-metadata#423

Check for uncommitted files beyond the diff directory by @jeffwidman in dependabot/fetch-metadata#278

Bump the dev-dependencies group with 6 updates by @dependabot in dependabot/fetch-metadata#424

Bump the dev-dependencies group with 3 updates by @dependabot in dependabot/fetch-metadata#425

Bump the dev-dependencies group with 6 updates by @dependabot in dependabot/fetch-metadata#428

Bump the dev-dependencies group with 7 updates by @dependabot in dependabot/fetch-metadata#429

Bump tibdex/github-app-token from 1.8.0 to 1.8.2 by @dependabot in dependabot/fetch-metadata#430

Bump the dev-dependencies group with 4 updates by @dependabot in dependabot/fetch-metadata#432

Bump actions/checkout from 3 to 4 by @dependabot in dependabot/fetch-metadata#436

Bump the dev-dependencies group with 6 updates by @dependabot in dependabot/fetch-metadata#440

Change actions/checkout@v3 to v4 in readme by @Nishnha in dependabot/fetch-metadata#444

Bump the dev-dependencies group with 4 updates by @dependabot in dependabot/fetch-metadata#445

Bump @vercel/ncc from 0.36.1 to 0.38.0 by @dependabot in dependabot/fetch-metadata#435

Bump the dev-dependencies group with 4 updates by @dependabot in dependabot/fetch-metadata#447

Bump the dev-dependencies group with 3 updates by @dependabot in dependabot/fetch-metadata#448

Bump @babel/traverse from 7.22.8 to 7.23.2 by @dependabot in dependabot/fetch-metadata#457

Add blurbs about using a PAT to the readme by @Nishnha in dependabot/fetch-metadata#466

Bump @vercel/ncc from 0.38.0 to 0.38.1 by @dependabot in dependabot/fetch-metadata#462

Bump actions/setup-node from 3 to 4 by @dependabot in dependabot/fetch-metadata#461

Bump the dev-dependencies group with 13 updates by @dependabot in dependabot/fetch-metadata#497

Bump tibdex/github-app-token from 1.8.2 to 2.1.0 by @dependabot in dependabot/fetch-metadata#442

Scope app token to only this repo for security by @jeffwidman in dependabot/fetch-metadata#501

Switch to the official action for managing app tokens by @jeffwidman in dependabot/fetch-metadata#504

v1.7.0 by @fetch-metadata-action-automation in dependabot/fetch-metadata#505

New Contributors

@bdragon made their first contribution in dependabot/fetch-metadata#410

... (truncated)

Commits

5e5f996 Merge pull request #518 from dependabot/bump-to-v2.1.0
63415e5 v2.1.0
76b7fe9 Merge pull request #509 from dependabot/switch-to-monthly-release-cadence
7c323d5 Switch to monthly release cadence
5c7b450 Merge pull request #450 from HealthengineAU/handle-branches-with-hyphens
a44a9df Handle branch names containing hyphen separators
518993c Relax engine-strict=true (#510)
0fb2170 v2.0.0 (#508)
dc2c459 v2 is the new tracking tag (#506)
f2f0ad1 Upgrade from node16 to node20 (#443)
See full diff in compare view

Updates docker/build-push-action from 5 to 6

Release notes

Sourced from docker/build-push-action's releases.

v6.0.0

Export build record and generate build summary by @crazy-max in docker/build-push-action#1120

Bump @docker/actions-toolkit from 0.24.0 to 0.26.0 in docker/build-push-action#1132 docker/build-push-action#1136 docker/build-push-action#1138

Bump braces from 3.0.2 to 3.0.3 in docker/build-push-action#1137

[!NOTE] This major release adds support for generating Build summary and exporting build record for your build. You can disable this feature by setting DOCKER_BUILD_NO_SUMMARY: true environment variable in your workflow.

Full Changelog: docker/build-push-action@v5.4.0...v6.0.0

v5.4.0

Show builder information before building by @crazy-max in docker/build-push-action#1128

Handle attestations correctly with provenance and sbom inputs by @crazy-max in docker/build-push-action#1086

Bump @docker/actions-toolkit from 0.19.0 to 0.24.0 in docker/build-push-action#1088 docker/build-push-action#1105 docker/build-push-action#1121 docker/build-push-action#1127

Bump undici from 5.28.3 to 5.28.4 in docker/build-push-action#1090

Full Changelog: docker/build-push-action@v5.3.0...v5.4.0

v5.3.0

Bump @docker/actions-toolkit from 0.18.0 to 0.19.0 in docker/build-push-action#1080

Full Changelog: docker/build-push-action@v5.2.0...v5.3.0

v5.2.0

Disable quotes detection for outputs input by @crazy-max in docker/build-push-action#1074

Warn about ignored inputs by @favonia in docker/build-push-action#1019

Bump @docker/actions-toolkit from 0.14.0 to 0.18.0 in docker/build-push-action#1070

Bump undici from 5.26.3 to 5.28.3 in docker/build-push-action#1057

Full Changelog: docker/build-push-action@v5.1.0...v5.2.0

v5.1.0

Add annotations input by @crazy-max in docker/build-push-action#992

Add secret-envs input by @elias-lundgren in docker/build-push-action#980

Bump @babel/traverse from 7.17.3 to 7.23.2 in docker/build-push-action#991

Bump @docker/actions-toolkit from 0.13.0-rc.1 to 0.14.0 in docker/build-push-action#990 docker/build-push-action#1006

Full Changelog: docker/build-push-action@v5.0.0...v5.1.0

Commits

31159d4 Merge pull request #1149 from docker/dependabot/npm_and_yarn/docker/actions-t...
07e1c3e chore: update generated content
f7febd6 chore(deps): Bump @docker/actions-toolkit from 0.26.2 to 0.27.0
f6010ea Merge pull request #1147 from docker/dependabot/npm_and_yarn/docker/actions-t...
c0a6b96 chore: update generated content
0dfe9c3 chore(deps): Bump @docker/actions-toolkit from 0.26.1 to 0.26.2
94f8f8c Merge pull request #1142 from docker/dependabot/npm_and_yarn/docker/actions-t...
22f4433 chore: update generated content
6721c56 chore(deps): Bump @docker/actions-toolkit from 0.26.0 to 0.26.1
4367da9 Merge pull request #1140 from docker/dependabot/github_actions/docker/bake-ac...
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the actions group with 2 updates: [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) and [docker/build-push-action](https://github.com/docker/build-push-action). Updates `dependabot/fetch-metadata` from 1 to 2 - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](dependabot/fetch-metadata@v1...v2) Updates `docker/build-push-action` from 5 to 6 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@v5...v6) --- updated-dependencies: - dependency-name: dependabot/fetch-metadata dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 24, 2024

dependabot bot force-pushed the dependabot/github_actions/actions-34b77fdf31 branch from 613fc6c to 2e484b4 Compare July 15, 2024 07:38

dependabot bot force-pushed the dependabot/github_actions/actions-34b77fdf31 branch from 2e484b4 to c282eb5 Compare August 26, 2024 07:13

dependabot bot force-pushed the dependabot/github_actions/actions-34b77fdf31 branch 2 times, most recently from 8674106 to a8f048b Compare September 9, 2024 07:26

dependabot bot force-pushed the dependabot/github_actions/actions-34b77fdf31 branch from a8f048b to 8bd5998 Compare September 23, 2024 07:10

dependabot bot force-pushed the dependabot/github_actions/actions-34b77fdf31 branch 2 times, most recently from 7dab175 to dae9431 Compare October 21, 2024 07:40

dependabot bot force-pushed the dependabot/github_actions/actions-34b77fdf31 branch from dae9431 to 9029015 Compare November 4, 2024 08:23

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the actions group with 2 updates #69

Bump the actions group with 2 updates #69

dependabot bot commented on behalf of github Jun 24, 2024 •

edited

Loading

Bump the actions group with 2 updates #69

Are you sure you want to change the base?

Bump the actions group with 2 updates #69

Conversation

dependabot bot commented on behalf of github Jun 24, 2024 • edited Loading

v2.0.0 - Switch to node20

What's Changed

v1.7.0

What's Changed

New Contributors

v6.0.0

v5.4.0

v5.3.0

v5.2.0

v5.1.0

dependabot bot commented on behalf of github Jun 24, 2024 •

edited

Loading

v2.0.0 - Switch to `node20`