🌱 Bump actions/checkout from 3.4.0 to 3.5.0 #2800
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
dependabot
bot
requested review from
azeemshaikh38,
justaugustus,
laurentsimon,
naveensrinivasan,
spencerschrock and
raghavkaul
as code owners
dependabot
bot
added
dependencies
|
@dependabot rebase |
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.4.0 to 3.5.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@24cb908...8f4b7f8) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
force-pushed
the
dependabot/github_actions/actions/checkout-3.5.0
branch
from
f53c133
to
abf7649
Compare
spencerschrock
approved these changes
Mar 30, 2023
|
@dependabot squash and merge |
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## main #2800 +/- ##
=======================================
Coverage 49.21% 49.21%
=======================================
Files 158 158
Lines 11967 11967
=======================================
Hits 5889 5889
Misses 5709 5709
Partials 369 369 |
dependabot
bot
deleted the
dependabot/github_actions/actions/checkout-3.5.0
branch
balteravishay
pushed a commit
to balteravishay/scorecard
that referenced
this pull request
Apr 13, 2023
Signed-off-by: Avishay <avishay.balter@gmail.com>
balteravishay
pushed a commit
to balteravishay/scorecard
that referenced
this pull request
Apr 14, 2023
Signed-off-by: Avishay <avishay.balter@gmail.com>
laurentsimon
added a commit
that referenced
this pull request
Apr 17, 2023
…dency checks (#2779) * add nuget pinned dependency checks Signed-off-by: Avishay <avishay.balter@gmail.com> * checks.yaml Signed-off-by: Avishay <avishay.balter@gmail.com> * ✨ GitLab: Security Policy check (#2754) * Add tarballHandler for GitLab, enabling repo download Signed-off-by: Raghav Kaul <raghavkaul@google.com> * Abstract OrgSecurityPolicy details to RepoClient instead of checker Signed-off-by: Raghav Kaul <raghavkaul@google.com> * Remove Org() from RepoClient Signed-off-by: Raghav Kaul <raghavkaul@google.com> * Rename Signed-off-by: Raghav Kaul <raghavkaul@google.com> * Don't run as part of CI tests that depend on external sites Signed-off-by: Raghav Kaul <raghavkaul@google.com> --------- Signed-off-by: Raghav Kaul <raghavkaul@google.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump gocloud.dev from 0.26.0 to 0.29.0 (#2722) * 🌱 Bump gocloud.dev from 0.26.0 to 0.29.0 Bumps [gocloud.dev](https://github.com/google/go-cloud) from 0.26.0 to 0.29.0. - [Release notes](https://github.com/google/go-cloud/releases) - [Commits](google/go-cloud@v0.26.0...v0.29.0) --- updated-dependencies: - dependency-name: gocloud.dev dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Switch pubsubpb import path. See https://github.com/googleapis/google-cloud-go/blob/cf7063dc4d81c2c33e31724db518c24d8a344f6e/migration.md for more details. Signed-off-by: Spencer Schrock <sschrock@google.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Spencer Schrock <sschrock@google.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Spencer Schrock <sschrock@google.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github/codeql-action from 2.2.6 to 2.2.7 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.6 to 2.2.7. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@16964e9...168b99b) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * Remove unused code from changeset creation (#2776) Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🐛 Pass proper commit depth to github checkrun handler. (#2777) Signed-off-by: Spencer Schrock <sschrock@google.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * pr fixes Signed-off-by: Avishay <avishay.balter@gmail.com> * ✨ Support for GitHub's internal integration (#2773) * update Signed-off-by: laurentsimon <laurentsimon@google.com> * update Signed-off-by: laurentsimon <laurentsimon@google.com> * update Signed-off-by: laurentsimon <laurentsimon@google.com> * update Signed-off-by: laurentsimon <laurentsimon@google.com> * update Signed-off-by: laurentsimon <laurentsimon@google.com> * update Signed-off-by: laurentsimon <laurentsimon@google.com> --------- Signed-off-by: laurentsimon <laurentsimon@google.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🐛 Add tie breaker when sorting changesets by RevisionID in tests. (#2781) * Remove duplicate RevisionID collision from changeset tests. The map iteration order isn't deterministic and sorting the slices isn't good enough when the revision IDs are equal. Signed-off-by: Spencer Schrock <sschrock@google.com> * remove any potential sha collisions Signed-off-by: Spencer Schrock <sschrock@google.com> * Revert deduplications. Signed-off-by: Spencer Schrock <sschrock@google.com> * Use ReviewPlatform as tie breaker. Signed-off-by: Spencer Schrock <sschrock@google.com> --------- Signed-off-by: Spencer Schrock <sschrock@google.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 enable fuzzing check in cron. (#2780) Signed-off-by: Spencer Schrock <sschrock@google.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump tj-actions/changed-files from 35.7.0 to 35.7.6 (#2782) Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 35.7.0 to 35.7.6. - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](tj-actions/changed-files@bd376fb...07f86bc) --- updated-dependencies: - dependency-name: tj-actions/changed-files dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump actions/checkout from 3.3.0 to 3.4.0 (#2767) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0 to 3.4.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@ac59398...24cb908) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump golangci-lint and fix configuration file. (#2783) * Bump golangci-lint to v1.52.1 Signed-off-by: Spencer Schrock <sschrock@google.com> * Remove deprecated linters. Signed-off-by: Spencer Schrock <sschrock@google.com> * Configure errorlint to ignore wrapping multiple errors. We don't use golang 1.20 yet. Signed-off-by: Spencer Schrock <sschrock@google.com> * extra go mod tidy to hide linter. Signed-off-by: Spencer Schrock <sschrock@google.com> --------- Signed-off-by: Spencer Schrock <sschrock@google.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github.com/onsi/ginkgo/v2 from 2.9.0 to 2.9.2 in /tools (#2787) Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo) from 2.9.0 to 2.9.2. - [Release notes](https://github.com/onsi/ginkgo/releases) - [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md) - [Commits](onsi/ginkgo@v2.9.0...v2.9.2) --- updated-dependencies: - dependency-name: github.com/onsi/ginkgo/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github/codeql-action from 2.2.7 to 2.2.8 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.7 to 2.2.8. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@168b99b...67a35a0) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump actions/dependency-review-action from 3.0.3 to 3.0.4 (#2785) Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 3.0.3 to 3.0.4. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@c090f4e...f46c48e) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🐛 Restore upload of existing raw result Big Query data (#2795) Signed-off-by: Spencer Schrock <sschrock@google.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump tj-actions/changed-files from 35.7.6 to 35.7.7 (#2797) Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 35.7.6 to 35.7.7. - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](tj-actions/changed-files@07f86bc...db5dd7c) --- updated-dependencies: - dependency-name: tj-actions/changed-files dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Restore API quota metrics for the weekly cron job. (#2799) Signed-off-by: Spencer Schrock <sschrock@google.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github.com/golangci/golangci-lint in /tools (#2794) Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint) from 1.52.1 to 1.52.2. - [Release notes](https://github.com/golangci/golangci-lint/releases) - [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md) - [Commits](golangci/golangci-lint@v1.52.1...v1.52.2) --- updated-dependencies: - dependency-name: github.com/golangci/golangci-lint dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump google.golang.org/protobuf in /tools (#2759) Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump golang.org/x/tools from 0.6.0 to 0.7.0 (#2769) Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github.com/xanzy/go-gitlab from 0.78.0 to 0.81.0 (#2737) * 🌱 Bump github.com/xanzy/go-gitlab from 0.78.0 to 0.81.0 Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.78.0 to 0.81.0. - [Release notes](https://github.com/xanzy/go-gitlab/releases) - [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go) - [Commits](xanzy/go-gitlab@v0.78.0...v0.81.0) --- updated-dependencies: - dependency-name: github.com/xanzy/go-gitlab dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Bump google.golang.org/protobuf to v1.30.0 to satisfy dependency analysis. Signed-off-by: Spencer Schrock <sschrock@google.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Spencer Schrock <sschrock@google.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Spencer Schrock <sschrock@google.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump actions/stale from 6.0.1 to 8.0.0 (#2793) Bumps [actions/stale](https://github.com/actions/stale) from 6.0.1 to 8.0.0. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@5ebf00e...1160a22) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump actions/setup-go from 3.5.0 to 4.0.0 (#2757) Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.5.0 to 4.0.0. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@6edd440...4d34df0) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump goreleaser/goreleaser-action from 4.1.0 to 4.2.0 (#2628) Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) from 4.1.0 to 4.2.0. - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](goreleaser/goreleaser-action@8f67e59...f82d6c1) --- updated-dependencies: - dependency-name: goreleaser/goreleaser-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github.com/google/osv-scanner (#2803) Bumps [github.com/google/osv-scanner](https://github.com/google/osv-scanner) from 1.2.1-0.20230302232134-592acbc2539b to 1.3.0. - [Release notes](https://github.com/google/osv-scanner/releases) - [Changelog](https://github.com/google/osv-scanner/blob/main/CHANGELOG.md) - [Commits](https://github.com/google/osv-scanner/commits/v1.3.0) --- updated-dependencies: - dependency-name: github.com/google/osv-scanner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github.com/bradleyfalzon/ghinstallation/v2 (#2805) Bumps [github.com/bradleyfalzon/ghinstallation/v2](https://github.com/bradleyfalzon/ghinstallation) from 2.1.0 to 2.2.0. - [Release notes](https://github.com/bradleyfalzon/ghinstallation/releases) - [Commits](bradleyfalzon/ghinstallation@v2.1.0...v2.2.0) --- updated-dependencies: - dependency-name: github.com/bradleyfalzon/ghinstallation/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump cloud.google.com/go/pubsub from 1.28.0 to 1.30.0 (#2804) Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go) from 1.28.0 to 1.30.0. - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@pubsub/v1.28.0...pubsub/v1.30.0) --- updated-dependencies: - dependency-name: cloud.google.com/go/pubsub dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github.com/goreleaser/goreleaser in /tools (#2770) Bumps [github.com/goreleaser/goreleaser](https://github.com/goreleaser/goreleaser) from 1.14.1 to 1.16.2. - [Release notes](https://github.com/goreleaser/goreleaser/releases) - [Changelog](https://github.com/goreleaser/goreleaser/blob/main/.goreleaser.yaml) - [Commits](goreleaser/goreleaser@v1.14.1...v1.16.2) --- updated-dependencies: - dependency-name: github.com/goreleaser/goreleaser dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump actions/checkout from 3.4.0 to 3.5.0 (#2800) Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github/codeql-action from 2.2.8 to 2.2.9 (#2802) Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump tj-actions/changed-files from 35.7.7 to 35.7.8 (#2801) Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github.com/moby/buildkit from 0.11.4 to 0.11.5 (#2809) Bumps [github.com/moby/buildkit](https://github.com/moby/buildkit) from 0.11.4 to 0.11.5. - [Release notes](https://github.com/moby/buildkit/releases) - [Commits](moby/buildkit@v0.11.4...v0.11.5) --- updated-dependencies: - dependency-name: github.com/moby/buildkit dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump ossf/scorecard-action from 2.1.2 to 2.1.3 (#2806) Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.2 to 2.1.3. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@e38b190...80e868c) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github.com/google/osv-scanner from 1.3.0 to 1.3.1 (#2810) Bumps [github.com/google/osv-scanner](https://github.com/google/osv-scanner) from 1.3.0 to 1.3.1. - [Release notes](https://github.com/google/osv-scanner/releases) - [Changelog](https://github.com/google/osv-scanner/blob/main/CHANGELOG.md) - [Commits](google/osv-scanner@v1.3.0...v1.3.1) --- updated-dependencies: - dependency-name: github.com/google/osv-scanner dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github.com/onsi/gomega from 1.27.0 to 1.27.6 (#2807) Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump cloud.google.com/go/bigquery from 1.48.0 to 1.49.0 Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go) from 1.48.0 to 1.49.0. - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@bigquery/v1.48.0...bigquery/v1.49.0) --- updated-dependencies: - dependency-name: cloud.google.com/go/bigquery dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github.com/go-logr/logr from 1.2.3 to 1.2.4 (#2813) Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr) from 1.2.3 to 1.2.4. - [Release notes](https://github.com/go-logr/logr/releases) - [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md) - [Commits](go-logr/logr@v1.2.3...v1.2.4) --- updated-dependencies: - dependency-name: github.com/go-logr/logr dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump cloud.google.com/go/bigquery from 1.49.0 to 1.50.0 (#2818) Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go) from 1.49.0 to 1.50.0. - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@bigquery/v1.49.0...bigquery/v1.50.0) --- updated-dependencies: - dependency-name: cloud.google.com/go/bigquery dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump step-security/harden-runner from 2.2.1 to 2.3.0 (#2823) Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.2.1 to 2.3.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@1f99358...03bee39) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github.com/docker/docker in /tools (#2825) Bumps [github.com/docker/docker](https://github.com/docker/docker) from 23.0.1+incompatible to 23.0.3+incompatible. - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v23.0.1...v23.0.3) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github/codeql-action from 2.2.9 to 2.2.11 (#2836) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.9 to 2.2.11. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@04df126...d186a2a) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump tj-actions/changed-files from 35.7.8 to 35.7.12 Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 35.7.8 to 35.7.12. - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](tj-actions/changed-files@e9b5807...b109d83) --- updated-dependencies: - dependency-name: tj-actions/changed-files dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump sigstore/cosign-installer from 3.0.1 to 3.0.2 (#2842) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.0.1 to 3.0.2. - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@c3667d9...9e9de22) --- updated-dependencies: - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github.com/xeipuuv/gojsonschema Bumps [github.com/xeipuuv/gojsonschema](https://github.com/xeipuuv/gojsonschema) from 0.0.0-20180618132009-1d523034197f to 1.2.0. - [Release notes](https://github.com/xeipuuv/gojsonschema/releases) - [Commits](https://github.com/xeipuuv/gojsonschema/commits/v1.2.0) --- updated-dependencies: - dependency-name: github.com/xeipuuv/gojsonschema dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Unit tests for checker result and request (#2844) Included tests for checker result and request Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * ✨ Consider haskell-actions/hlint-scan a code scanning action (#2846) * Add haskell-actions/hlint-scan as one of know GitHub actions which upload SARIF. Signed-off-by: Yoo Chung <chungyc@google.com> * Test security-events permissions with actions known to upload SARIF. Signed-off-by: Yoo Chung <chungyc@google.com> --------- Signed-off-by: Yoo Chung <chungyc@google.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github.com/bradleyfalzon/ghinstallation/v2 (#2847) Bumps [github.com/bradleyfalzon/ghinstallation/v2](https://github.com/bradleyfalzon/ghinstallation) from 2.2.0 to 2.3.0. - [Release notes](https://github.com/bradleyfalzon/ghinstallation/releases) - [Commits](bradleyfalzon/ghinstallation@v2.2.0...v2.3.0) --- updated-dependencies: - dependency-name: github.com/bradleyfalzon/ghinstallation/v2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: Avishay <avishay.balter@gmail.com> * 🌱 Bump github.com/otiai10/copy from 1.9.0 to 1.10.0 Bumps [github.com/otiai10/copy](https://github.com/otiai10/copy) from 1.9.0 to 1.10.0. - [Release notes](https://github.com/otiai10/copy/releases) - [Commits](otiai10/copy@v1.9.0...v1.10.0) --- updated-dependen
Bumps actions/checkout from 3.4.0 to 3.5.0.
Release notes
Sourced from actions/checkout's releases.
Commits
8f4b7f8Add new public key for known_hosts (#1237)cd6a9fdUpdate update-main-version.ymlYou can trigger a rebase of this PR by commenting
@dependabot rebase.Dependabot will merge this PR once CI passes on it, as requested by @spencerschrock.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)