GitHub Actions(deps): Bump the third-party-actions group across 1 directory with 8 updates#234
Open
dependabot[bot] wants to merge 1 commit into
Open
Conversation
…ectory with 8 updates Bumps the third-party-actions group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [shivammathur/setup-php](https://github.com/shivammathur/setup-php) | `2.37.0` | `2.37.2` | | [cloudflare/wrangler-action](https://github.com/cloudflare/wrangler-action) | `3.14.1` | `4.0.0` | | [mshick/add-pr-comment](https://github.com/mshick/add-pr-comment) | `3.9.1` | `3.12.0` | | [calibreapp/image-actions](https://github.com/calibreapp/image-actions) | `1.4.1` | `1.5.0` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `8.1.0` | `8.1.1` | | [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) | `4.35.1` | `4.36.2` | | [boostsecurityio/poutine-action](https://github.com/boostsecurityio/poutine-action) | `0.15.2` | `1.1.4` | | [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.5.2` | `0.5.7` | Updates `shivammathur/setup-php` from 2.37.0 to 2.37.2 - [Release notes](https://github.com/shivammathur/setup-php/releases) - [Commits](shivammathur/setup-php@accd612...f3e473d) Updates `cloudflare/wrangler-action` from 3.14.1 to 4.0.0 - [Release notes](https://github.com/cloudflare/wrangler-action/releases) - [Changelog](https://github.com/cloudflare/wrangler-action/blob/main/CHANGELOG.md) - [Commits](cloudflare/wrangler-action@da0e0df...ebbaa15) Updates `mshick/add-pr-comment` from 3.9.1 to 3.12.0 - [Release notes](https://github.com/mshick/add-pr-comment/releases) - [Changelog](https://github.com/mshick/add-pr-comment/blob/main/CHANGELOG.md) - [Commits](mshick/add-pr-comment@f102bb3...ec328af) Updates `calibreapp/image-actions` from 1.4.1 to 1.5.0 - [Release notes](https://github.com/calibreapp/image-actions/releases) - [Commits](calibreapp/image-actions@f325757...9d037c0) Updates `peter-evans/create-pull-request` from 8.1.0 to 8.1.1 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@c0f553f...5f6978f) Updates `github/codeql-action/upload-sarif` from 4.35.1 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c10b806...8aad20d) Updates `boostsecurityio/poutine-action` from 0.15.2 to 1.1.4 - [Release notes](https://github.com/boostsecurityio/poutine-action/releases) - [Commits](boostsecurityio/poutine-action@84c0a0d...e240ebd) Updates `zizmorcore/zizmor-action` from 0.5.2 to 0.5.7 - [Release notes](https://github.com/zizmorcore/zizmor-action/releases) - [Commits](zizmorcore/zizmor-action@71321a2...192e21d) --- updated-dependencies: - dependency-name: shivammathur/setup-php dependency-version: 2.37.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: third-party-actions - dependency-name: cloudflare/wrangler-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: third-party-actions - dependency-name: mshick/add-pr-comment dependency-version: 3.12.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: third-party-actions - dependency-name: calibreapp/image-actions dependency-version: 1.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: third-party-actions - dependency-name: peter-evans/create-pull-request dependency-version: 8.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: third-party-actions - dependency-name: github/codeql-action/upload-sarif dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: third-party-actions - dependency-name: boostsecurityio/poutine-action dependency-version: 1.1.4 dependency-type: direct:production update-type: version-update:semver-major dependency-group: third-party-actions - dependency-name: zizmorcore/zizmor-action dependency-version: 0.5.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: third-party-actions ... Signed-off-by: dependabot[bot] <support@github.com>
|
|
||
| - name: Set Up PHP | ||
| uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 | ||
| uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 |
|
|
||
| - name: Setup PHP | ||
| uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 | ||
| uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 |
|
|
||
| - name: Setup PHP | ||
| uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 | ||
| uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 |
|
|
||
| - name: Install PHP | ||
| uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 | ||
| uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 |
|
|
||
| - name: Add coverage PR comment | ||
| uses: mshick/add-pr-comment@f102bb3ebc97eedd4e2a98a9e71e462cc257fe80 # v3.9.1 | ||
| uses: mshick/add-pr-comment@ec328af66588ab8f77cdeb2c264f14aba45bbf59 # v3.12.0 |
|
|
||
| - name: Setup PHP | ||
| uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 | ||
| uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 |
|
|
||
| - name: Setup PHP | ||
| uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 | ||
| uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 |
| - name: Set up PHP | ||
| id: setup_php | ||
| uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 | ||
| uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 |
| - name: Set Up PHP | ||
| id: setup_php | ||
| uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 | ||
| uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 |
|
|
||
| - name: Run zizmor | ||
| uses: zizmorcore/zizmor-action@71321a20a9ded102f6e9ce5718a2fcec2c4f70d8 # v0.5.2 | ||
| uses: zizmorcore/zizmor-action@192e21d79ab29983730a13d1382995c2307fbcaa # v0.5.7 |
|
|
||
| - name: Set Up PHP | ||
| uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 | ||
| uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 |
|
|
||
| - name: Setup PHP | ||
| uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 | ||
| uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 |
|
|
||
| - name: Setup PHP | ||
| uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 | ||
| uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 |
|
|
||
| - name: Install PHP | ||
| uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 | ||
| uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 |
|
|
||
| - name: Setup PHP | ||
| uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 | ||
| uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 |
| env: | ||
| GITHUB_EVENT_NAME: ${{ inputs.trigger-event }} | ||
| uses: calibreapp/image-actions@f32575787d333b0579f0b7d506ff03be63a669d1 # v1.4.1 | ||
| uses: calibreapp/image-actions@9d037c06280028c110ff61c433ad4dc7d33c3c43 # v1.5.0 |
|
|
||
| - name: Setup PHP | ||
| uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 | ||
| uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 |
|
|
||
| - name: Setup PHP | ||
| uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 | ||
| uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 |
| - name: Set up PHP | ||
| id: setup_php | ||
| uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 | ||
| uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 |
| - name: Set Up PHP | ||
| id: setup_php | ||
| uses: shivammathur/setup-php@accd6127cb78bee3e8082180cb391013d204ef9f # v2.37.0 | ||
| uses: shivammathur/setup-php@f3e473d116dcccaddc5834248c87452386958240 # v2.37.2 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the third-party-actions group with 8 updates in the / directory:
2.37.02.37.23.14.14.0.03.9.13.12.01.4.11.5.08.1.08.1.14.35.14.36.20.15.21.1.40.5.20.5.7Updates
shivammathur/setup-phpfrom 2.37.0 to 2.37.2Release notes
Sourced from shivammathur/setup-php's releases.
... (truncated)
Commits
f3e473dBump version to 2.37.28be473cTrust brew taps083d523Bump the github-actions group with 2 updates (#1085)a919ff5Update FUNDING.ymldeb2299Harden GitHub Actions workflows5825be4Harden environment lookup8d45593Add CODEOWNERSba8d163Update PHP versions in SECURITY.md7c071dfBump version to 2.37.1eeef37eGHSA-pqwm-q9pv-ph8r - Fix CWE-78 [skip ci]Updates
cloudflare/wrangler-actionfrom 3.14.1 to 4.0.0Release notes
Sourced from cloudflare/wrangler-action's releases.
Changelog
Sourced from cloudflare/wrangler-action's changelog.
... (truncated)
Commits
ebbaa15Automatic compilationa61fbeaMerge pull request #429 from cloudflare/changeset-release/maine804ea3Version Packages8d0324afix: update release workflow to v5 actions and regenerate lockfile2f18b18Merge pull request #431 from cloudflare/fix/semgrep-blocking-findings622ff0dfix: upgrade checkout and setup-node to v5 for Node 24 runtimef501f05fix: force GitHub actions to run on Node 24 via env varf990691fix: resolve npm audit vulnerabilities via undici override and vitest v3652762dfix: migrate action runtime from node20 to node24bd3f4f0fix: add retry support to worker health check using better-resultUpdates
mshick/add-pr-commentfrom 3.9.1 to 3.12.0Release notes
Sourced from mshick/add-pr-comment's releases.
Changelog
Sourced from mshick/add-pr-comment's changelog.
... (truncated)
Commits
ec328afchore(main): release 3.12.0 (#200)6a876dbfeat: support minimizing (hiding) comments (#201)4361959fix: handle delete-on-status in proxy comment path (#199)dbaea9fchore(deps): bump the npm_and_yarn group across 1 directory with 2 updates (#...3f6e586chore(deps): bump fast-xml-builder from 1.1.5 to 1.2.0 in the npm_and_yarn gr...8e49278chore(main): release 3.11.0 (#194)87fe9effeat: add NOW template variable with configurable date format (#193)be5d48dchore(main): release 3.10.1 (#191)14d916echore(deps): bump fast-xml-parser from 5.5.9 to 5.7.1 in the npm_and_yarn gro...f160ebafix: skip comment creation whendeleteOnStatusmatchesstatus(#187)Updates
calibreapp/image-actionsfrom 1.4.1 to 1.5.0Release notes
Sourced from calibreapp/image-actions's releases.
Commits
9d037c0Merge pull request #442 from calibreapp/dependabot/npm_and_yarn/postcss-8.5.14b5a9b14Merge pull request #440 from calibreapp/dependabot/npm_and_yarn/typescript-es...784e1fcMerge pull request #435 from calibreapp/dependabot/npm_and_yarn/typescript-6.0.36cd231bMerge pull request #441 from calibreapp/dependabot/npm_and_yarn/picomatch-4.0.40e66657Bump typescript from 6.0.2 to 6.0.3f12f4ebBump@typescript-eslint/eslint-pluginfrom 8.58.1 to 8.59.3d61aaddBump postcss from 8.5.6 to 8.5.14f752a5bBump picomatch from 4.0.3 to 4.0.4f76383cMerge pull request #438 from calibreapp/dependabot/npm_and_yarn/typescript-es...1b23302Merge pull request #437 from calibreapp/dependabot/npm_and_yarn/types/node-25...Updates
peter-evans/create-pull-requestfrom 8.1.0 to 8.1.1Release notes
Sourced from peter-evans/create-pull-request's releases.
Commits
5f6978ffix: retry post-creation API calls on 422 eventual consistency errors (#4356)d32e88dbuild(deps-dev): bump the npm group with 3 updates (#4349)8170bccbuild(deps-dev): bump handlebars from 4.7.8 to 4.7.9 (#4344)0041819build(deps): bump picomatch (#4339)b993918build(deps-dev): bump flatted from 3.3.1 to 3.4.2 (#4334)36d7c84build(deps-dev): bump undici from 6.23.0 to 6.24.0 (#4328)a45d1fbbuild(deps): bump@tootallnate/onceand jest-environment-jsdom (#4323)3499eb6build(deps): bump the github-actions group with 2 updates (#4316)3f3b473build(deps): bump minimatch (#4311)6699836build(deps-dev): bump the npm group with 2 updates (#4305)Updates
github/codeql-action/upload-sariffrom 4.35.1 to 4.36.2Release notes
Sourced from github/codeql-action/upload-sarif's releases.
Changelog
Sourced from github/codeql-action/upload-sarif's changelog.
... (truncated)
Commits
8aad20dMerge pull request #3949 from github/update-v4.36.2-dcb947ce1f521b08Add additional changelog notes8aeff0fUpdate changelog for v4.36.2dcb947cMerge pull request #3948 from github/update-bundle/codeql-bundle-v2.25.6c251bceAdd changelog note62953c1Update default bundle to codeql-bundle-v2.25.6423b570Merge pull request #3946 from github/dependabot/npm_and_yarn/npm-minor-5d507a...c35d1b1Merge pull request #3947 from github/dependabot/github_actions/dot-github/wor...cb1a588Merge pull request #3937 from github/robertbrignull/waitForProcessing_backoffba47406Merge pull request #3943 from github/henrymercer/cache-cli-version-infoUpdates
boostsecurityio/poutine-actionfrom 0.15.2 to 1.1.4Release notes
Sourced from boostsecurityio/poutine-action's releases.
Commits
e240ebdUpdated to poutine v1.1.4 (#26)4b920f7Updated to poutine v1.1.3 (#25)a563bfaUpdated to poutine v1.1.2 (#24)2182d43Bump boostsecurityio/poutine from 1.0.4 to 1.0.5 (#23)61bf001Bump boostsecurityio/poutine from 1.0.3 to 1.0.4 (#22)95504a3Bump boostsecurityio/poutine from 1.0.1 to 1.0.3 (#21)d10ad56Bump boostsecurityio/poutine from 0.17.0 to 1.0.1 (#19)c83aa63Bump boostsecurityio/poutine from 0.15.2 to 0.17.0 (#17)Updates
zizmorcore/zizmor-actionfrom 0.5.2 to 0.5.7Release notes
Sourced from zizmorcore/zizmor-action's releases.
Commits
192e21dSync zizmor versions (#127)2720f26Update README.md with new actions/checkout version (#126)40b41b8chore(deps): bump the github-actions group with 2 updates (#123)a687b25chore(deps): bump github/codeql-action from 4.35.5 to 4.36.0 in the github-ac...64a6900add note to explain that the default value foronline-checksis different t...14050abchore(deps): bump the github-actions group with 2 updates (#118)ee9b419chore(deps): bump github/codeql-action in the github-actions group (#116)fddf2b4Bump pins in README (#115)5f14fd0Sync zizmor versions (#114)a16621bBump pins in README (#112)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions