Bump the all-actions group across 1 directory with 7 updates #10628
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the all-actions group with 7 updates in the / directory:
1.187.0
1.193.0
3.25.13
3.26.7
2.0
2.1
1.10.3
1.11.0
3.5.0
3.6.0
2.3.3
2.4.0
4.3.4
4.4.0
Updates
ruby/setup-ruby
from 1.187.0 to 1.193.0Release notes
Sourced from ruby/setup-ruby's releases.
Commits
f321cf5
Add truffleruby-24.1.0,truffleruby+graalvm-24.1.06af8267
README.md - Windows - clarify installed packages, 2022 vs 2019a6b46b8
Update CRuby releases on Windows52753b7
Add ruby-3.3.5a6e6f86
Update CRuby releases on Windowsbc2ba92
Add ruby-3.2.53715447
docs: update ruby-version comment50ba338
Add truffleruby-24.0.2,truffleruby+graalvm-24.0.2Updates
github/codeql-action
from 3.25.13 to 3.26.7Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
8214744
Merge pull request #2478 from github/update-v3.26.7-4a01ec798a3b3e07
Update changelog for v3.26.74a01ec7
Merge pull request #2474 from github/aeisenberg/always-upload-eslint-sarif762dbae
Merge pull request #2471 from github/update-bundle/codeql-bundle-v2.18.40d0f998
Always upload eslint.sarife817992
Merge pull request #2469 from github/aeisenberg/upload-eslint-sarif49021ad
Merge pull request #2472 from rvermeulen/rvermeulen/update-release-branch-authz56b8418
Ignore suppressed alertsf824adb
Merge branch 'main' into rvermeulen/update-release-branch-authz8d9ed0b
Add changelog noteUpdates
codespell-project/actions-codespell
from 2.0 to 2.1Release notes
Sourced from codespell-project/actions-codespell's releases.
Commits
406322e
[pre-commit.ci] pre-commit autoupdate (#76)3174815
feat: bump to use node20 runtime (#71)8edd9f2
Bump actions/setup-python from 4 to 5 (#74)8dc8168
Bump actions/checkout from 3 to 4 (#72)41170f1
Use v2 in README (#69)Updates
actions/create-github-app-token
from 1.10.3 to 1.11.0Release notes
Sourced from actions/create-github-app-token's releases.
Commits
5d869da
build(release): 1.11.0 [skip ci]796b88d
feat: allow repositories input to be comma or newline-separated (#169)3378cda
build(release): 1.10.4 [skip ci]e177c20
fix(deps): bump the production-dependencies group across 1 directory with 3 u...961c228
build(deps-dev): bump the development-dependencies group across 1 directory w...15db037
test: fix test file extensions and inputs for repositories (#161)9ccc6db
ci(test): addworkflow_dispatch
trigger000e2a0
docs(readme): document how a Base64 private key could be decoded (#155)d0ac2ad
docs(README): fix thegit committer string
andConfigure git CLI
examples...040c259
build(deps-dev): bump the development-dependencies group with 4 updates (#150)Updates
sigstore/cosign-installer
from 3.5.0 to 3.6.0Release notes
Sourced from sigstore/cosign-installer's releases.
Commits
4959ce0
update readme for new release (#170)45ffe83
bump default version to v2.4.0 release (#168)7e1d9c1
pin public key used for verification (#169)cc23fe1
Bump actions/setup-go from 5.0.1 to 5.0.2 (#167)b235ed9
Bump actions/checkout from 4.1.6 to 4.1.7 (#166)b49ef6b
Bump actions/checkout from 4.1.5 to 4.1.6 (#165)7a59e5a
Bump actions/checkout from 4.1.4 to 4.1.5 (#164)8d927bd
Bump actions/setup-go from 5.0.0 to 5.0.1 (#163)8c9caa0
Bump actions/checkout from 4.1.3 to 4.1.4 (#162)19351d0
Bump actions/checkout from 4.1.2 to 4.1.3 (#161)Updates
ossf/scorecard-action
from 2.3.3 to 2.4.0Release notes
Sourced from ossf/scorecard-action's releases.
Commits
62b2cac
bump docker tag to v2.4.0 for release (#1414)c09630c
lower license score alert threshold to 9 (#1411)cf8594c
🌱 Bump github.com/sigstore/cosign/v2 from 2.2.4 to 2.3.0 (#1413)de5fcb9
🌱 Bump the github-actions group with 2 updates (#1412)a46b90b
bump scorecard to v5.0.0 release (#1410)9fc518d
🌱 Bump golang in the docker-images group (#1407)a8eaa1b
🌱 Bump the github-actions group with 2 updates (#1408)873d5fd
🌱 Bump the github-actions group across 1 directory with 2 updates (#...54cc1fe
🌱 Bump the docker-images group with 2 updates (#1401)82bcb91
🌱 Bump golang.org/x/net from 0.26.0 to 0.27.0 (#1400)Updates
actions/upload-artifact
from 4.3.4 to 4.4.0Release notes
Sourced from actions/upload-artifact's releases.
Commits
5076954
Merge pull request #598 from actions/joshmgross/exclude-hidden-filesd52396a
Add a warning about enablinginclude-hidden-files
710f362
Remove "merged" frominclude-hidden-files
input description3b315f2
npm run release
again 🙂3be2180
Remove another trailing comma453e8d0
Update glob license0a398c1
npm run release
a0c40cf
Update to latest@actions/glob
and fix testsacb59e4
lint
cb6558b
Exclude hidden files by defaultDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditions