Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update all non-major github action dependencies #160

Merged
merged 1 commit into from Dec 29, 2022
Merged

chore(deps): update all non-major github action dependencies #160

merged 1 commit into from Dec 29, 2022

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Dec 17, 2022
edited

Mend Renovate

This PR contains the following updates:

Package Type Update Change
actions/checkout action minor v2 -> v2.6.0
actions/setup-node action minor v2 -> v2.5.1
actions/setup-python action minor v2 -> v2.3.3
aws-actions/amazon-ecr-login action minor v1 -> v1.5.3
aws-actions/configure-aws-credentials action minor v1 -> v1.7.0
cds-snc/security-tools action minor v1 -> v1.1.7
dorny/paths-filter action minor v2.2.1 -> v2.11.1
dorny/paths-filter action minor v2 -> v2.11.1
hashicorp/setup-terraform action minor v1.2.1 -> v1.4.0

Review

  • Updates have been tested and work
  • If updates are AWS related, versions match the infrastructure (e.g. Lambda runtime, database, etc.)

Release Notes

actions/checkout

v2.6.0

Compare Source

What's Changed

Full Changelog: actions/checkout@v2.5.0...v2.6.0

v2.5.0

Compare Source

What's Changed

Full Changelog: actions/checkout@v2...v2.5.0

v2.4.2

Compare Source

What's Changed

Full Changelog: actions/checkout@v2...v2.4.2

v2.4.1

Compare Source

  • Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory

v2.4.0

Compare Source

  • Convert SSH URLs like org-<ORG_ID>@&#8203;github.com: to https://github.com/ - pr

v2.3.5

Compare Source

Update dependencies

v2.3.4

Compare Source

v2.3.3

Compare Source

v2.3.2

Compare Source

Add Third Party License Information to Dist Files

v2.3.1

Compare Source

v2.3.0

Compare Source

v2.2.0

Compare Source

v2.1.1

Compare Source

  • Changes to support GHES (here and here)

v2.1.0

Compare Source

actions/setup-node

v2.5.1: Fix logic of error handling for npm warning and uncaught exception

Compare Source

In scope of this release we fix logic of error handling related to caching (https://github.com/actions/setup-node/pull/358) and (https://github.com/actions/setup-node/pull/359).

In the previous behaviour we relied on stderr output to throw error. The warning messages from package managers can be written to the stderr's output. For now the action will throw an error only if exit code differs from zero. Besides, we add logic to сatch and log unhandled exceptions.

v2.5.0: Adding Node.js version file support

Compare Source

In scope of this release we add the node-version-file input and update actions/cache dependency to the latest version.

Adding Node.js version file support

The new input (node-version-file) provides functionality to specify the path to the file containing Node.js's version with such behaviour:

  • If the file does not exist the action will throw an error.
  • If you specify both node-version and node-version-file inputs, the action will use value from the node-version input and throw the following warning: Both node-version and node-version-file inputs are specified, only node-version will be used.
  • For now the action does not support all of the variety of values for Node.js version files. The action can handle values according to the documentation and values with v prefix (v14)
steps:
  - uses: actions/checkout@v2
  - name: Setup node from node version file
    uses: actions/setup-node@v2
    with:
      node-version-file: '.nvmrc'
  - run: npm install
  - run: npm test
Update actions/cache dependency to 1.0.8 version.

We updated actions/cache dependency to the latest version (1.0.8). For more information please refer to the toolkit/cache.

v2.4.1: Add "cache-hit" output

Compare Source

This release introduces a new output: cache-hit (#​327).

The cache-hit output contains boolean value indicating that an exact match was found for the key. It shows that the action uses already existing cache or not. The output is available only if cache is enabled.

v2.4.0: Support caching for mono repos and repositories with complex structure

Compare Source

This release introduces dependency caching support for mono repos and repositories with complex structure (#​305).

By default, the action searches for the dependency file (package-lock.json or yarn.lock) in the repository root. Use the cache-dependency-path input for cases when multiple dependency files are used, or they are located in different subdirectories. This input supports wildcards or a list of file names for caching multiple dependencies.

Yaml example:

steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
  with:
    node-version: 14
    cache: npm
    cache-dependency-path: 'sub-project/package-lock.json'

For more examples of using cache-dependency-path input, see the Advanced usage guide.

v2.3.2: Revert temporary fix

Compare Source

We had to disable pre-cached Node.js usage in the previous version due to the broken image cache. Now cache is fixed, so we can safely enable its usage again.
Thank you for understanding.

v2.3.1: Temporary maintenance fix.

Compare Source

Temporarily disabled usage of pre-cached Node.js.

v2.3.0: Support caching pnpm dependencies

Compare Source

This release introduces dependency caching support for the pnpm package manager (#​278).

Caching pnpm dependencies:

### This workflow uses actions that are not certified by GitHub.
### They are provided by a third-party and are governed by

### separate terms of service, privacy policy, and support
### documentation.

steps:
- uses: actions/checkout@v2
- uses: pnpm/action-setup@646cdf48217256a3d0b80361c5a50727664284f2
  with:
    version: 6.10.0
- uses: actions/setup-node@v2
  with:
    node-version: '14'
    cache: 'pnpm'
- run: pnpm install
- run: pnpm test

NOTE: pnpm caching support requires pnpm version >= 6.10.0

v2.2.0: Support caching dependencies and LTS aliases

Compare Source

This release brings two major features:

Supported version syntax

The node-version input supports the following syntax:

major versions: 12, 14, 16
more specific versions: 10.15, 14.2.0, 16.3.0
nvm LTS syntax: lts/erbium, lts/fermium, lts/*

Caching dependencies

The action has a built-in functionality for caching and restoring npm/yarn dependencies. Supported package managers are npm, yarn. The cache input is optional, and caching is turned off by default.

Caching npm dependencies:

steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
  with:
    node-version: '14'
    cache: 'npm'
- run: npm install
- run: npm test

Caching yarn dependencies:

steps:
- uses: actions/checkout@v2
- uses: actions/setup-node@v2
  with:
    node-version: '14'
    cache: 'yarn'
- run: yarn install
- run: yarn test

Yarn caching handles both yarn versions: 1 or 2.

At the moment, only lock files in the project root are supported.

v2.1.5: Release

Compare Source

Improve error and warning line number handling (problem matcher regex)

v2.1.4

Compare Source

The first stable release of actions/setup-node V2

v2.1.3: (beta)

Compare Source

  • Add support for specifying architecture of Node.JS

v2.1.2: (beta)

Compare Source

  • Updated communication with runner to use environment files rather then workflow commands

v2.1.1: (beta)

Compare Source

Switch to main branch of node-versions repository to consume latest added versions.

v2.1.0: (beta)

Compare Source

Added check-latest input option to query the versions manifest for latest version before checking for semver match in local VM cache first (the default). That's useful for ensuring you get latest as soon as it's released to the cache but at the cost of perf / reliability (much more likely to incur and download and extract).

actions/setup-python

v2.3.3: Update actions/core to 1.10.0 for v2

Compare Source

In scope of this release we update actions/core to 1.10.0 for v2 major tag: https://github.com/actions/setup-python/pull/533.

v2.3.2: Update primary and restore keys for pip

Compare Source

In scope of this release we include a version of python in restore and primary cache keys for pip. Besides, we add temporary fix for Windows caching issue, that the pip cache dir command returns non zero exit code or writes to stderr. Moreover we updated node-fetch dependency.

v2.3.1: Update actions/cache version to 1.0.8

Compare Source

We have updated actions/cache dependency version to 1.0.8 to support 10GB cache upload

v2.3.0: Support caching dependencies

Compare Source

This release introduces dependency caching support (https://github.com/actions/setup-python/pull/266)

Caching dependencies.

The action has a built-in functionality for caching and restoring pip/pipenv dependencies. The cache input is optional, and caching is turned off by default.

Besides, this release introduces dependency caching support for mono repos and repositories with complex structure.

By default, the action searches for the dependency file (requirements.txt for pip or Pipfile.lock for pipenv) in the whole repository. Use the cache-dependency-path input for cases when you want to override current behaviour and use different file for hash generation (for example requirements-dev.txt). This input supports wildcards or a list of file names for caching multiple dependencies.

Caching pip dependencies:
steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
  with:
    python-version: '3.9'
    cache: 'pip'
- run: pip install -r requirements.txt
- run: pip test
Caching pipenv dependencies:
steps:
- uses: actions/checkout@v2
- name: Install pipenv
  run: pipx install pipenv
- uses: actions/setup-python@v2
  with:
    python-version: '3.9'
    cache: 'pipenv'
- run: pipenv install
- run: pipenv test
Change dependency file:
steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
  with:
    python-version: '3.9'
    cache: 'pip'
    cache-dependency-path: '**/requirements-dev.txt'
- run: pip install -r subdirectory/requirements-dev.txt
- run: pip test

v2.2.2

Compare Source

Address PyPy installation issues on Windows: https://github.com/actions/setup-python/issues/196

v2.2.1

Compare Source

  • Fix PyPy3 issues with Windows

v2.2.0

Compare Source

  • Support for PyPy 3.7 in addition to the current 3.6 support
  • Support for Pre-Release distributions of PyPy
  • Support for PyPy Nighly

v2.1.4

Compare Source

  • Improvements for more reliable setup on self-hosted runners

v2.1.3

Compare Source

  • Updates to NPM dependencies
  • Updates to licenses

v2.1.2

Compare Source

  • Add Third Party License Information

v2.1.1

Compare Source

Fix installation logic to prevent leaving files in GITHUB_WORKSPACE
Related issue: https://github.com/actions/setup-python/issues/101

v2.1.0

Compare Source

  • Support for pre-release Python distributions

v2.0.2

Compare Source

  • Improved logs & output when downloading and setting up Python versions
  • Improvements and updates to downloading Python versions from actions/python-versions

v2.0.1

Compare Source

aws-actions/amazon-ecr-login

v1.5.3

Compare Source

See the changelog for details about the changes included in this release.

v1.5.2

Compare Source

See the changelog for details about the changes included in this release.

v1.5.1

Compare Source

See the changelog for details about the changes included in this release.

v1.5.0

Compare Source

See the changelog for details about the changes included in this release.

v1.4.0

Compare Source

See the changelog for details about the changes included in this release.

v1.3.3

Compare Source

See the changelog for details about the changes included in this release.

v1.3.2

Compare Source

See the changelog for details about the changes included in this release.

v1.3.1

Compare Source

See the changelog for details about the changes included in this release.

v1.3.0

Compare Source

See the changelog for details about the changes included in this release.

v1.2.2

Compare Source

See the changelog for details about the changes included in this release.

v1.2.1

Compare Source

See the changelog for details about the changes included in this release.

v1.2.0

Compare Source

See the changelog for details about the changes included in this release.

v1.1.4

Compare Source

See the changelog for details about the changes included in this release.

v1.1.3

Compare Source

See the changelog for details about the changes included in this release.

v1.1.2

Compare Source

See the changelog for details about the changes included in this release.

v1.1.1

Compare Source

See the changelog for details about the changes included in this release.

v1.1.0

Compare Source

See the changelog for details about the changes included in this release.

v1.0.7

Compare Source

See the changelog for details about the changes included in this release.

v1.0.6

Compare Source

See the changelog for details about the changes included in this release.

v1.0.5

Compare Source

See the changelog for details about the changes included in this release.

v1.0.4

Compare Source

See the changelog for details about the changes included in this release.

v1.0.3

Compare Source

See the changelog for details about the changes included in this release.

v1.0.2

Compare Source

See the changelog for details about the changes included in this release.

v1.0.1

Compare Source

Change summary:

  • Fix action input name
  • Dependency upgrades
aws-actions/configure-aws-credentials

v1.7.0

Compare Source

See the changelog for details about the changes included in this release.

v1.6.1

Compare Source

See the changelog for details about the changes included in this release.

v1.6.0

Compare Source

See the changelog for details about the changes included in this release.

v1.5.11

Compare Source

See the changelog for details about the changes included in this release.

v1.5.10

Compare Source

See the changelog for details about the changes included in this release.

v1.5.9

Compare Source

See the changelog for details about the changes included in this release.

v1.5.8

Compare Source

See the changelog for details about the changes included in this release.

v1.5.7

Compare Source

See the changelog for details about the changes included in this release.

v1.5.6

Compare Source

See the changelog for details about the changes included in this release.

v1.5.5

Compare Source

See the changelog for details about the changes included in this release.

v1.5.4

Compare Source

See the changelog for details about the changes included in this release.

v1.5.3

Compare Source

See the changelog for details about the changes included in this release.

v1.5.2

Compare Source

See the changelog for details about the changes included in this release.

v1.5.1

Compare Source

See the changelog for details about the changes included in this release.

v1.5.0

Compare Source

See the changelog for details about the changes included in this release.

v1.4.4

Compare Source

See the changelog for details about the changes included in this release.

v1.4.3

Compare Source

See the changelog for details about the changes included in this release.

v1.4.2

Compare Source

See the changelog for details about the changes included in this release.

v1.4.1

Compare Source

See the changelog for details about the changes included in this release.

v1.4.0

Compare Source

See the changelog for details about the changes included in this release.

v1.3.5

Compare Source

See the changelog for details about the changes included in this release.

v1.3.4

Compare Source

See the changelog for details about the changes included in this release.

v1.3.3

Compare Source

See the changelog for details about the changes included in this release.

v1.3.2

Compare Source

See the changelog for details about the changes included in this release.

v1.3.1

Compare Source

See the changelog for details about the changes included in this release.

v1.3.0

Compare Source

See the changelog for details about the changes included in this release.

v1.2.0

Compare Source

See the changelog for details about the changes included in this release.

v1.1.2

Compare Source

See the changelog for details about the changes included in this release.

v1.1.1

Compare Source

See the changelog for details about the changes included in this release.

v1.1.0

Compare Source

See the changelog for details about the changes included in this release.

v1.0.1

Compare Source

Change summary:

  • Dependency upgrades
cds-snc/security-tools

v1.1.7

Compare Source

What's Changed

Full Changelog: cds-snc/security-tools@v1.1.6...v1.1.7

v1.1.6

Compare Source

What's Changed

Full Changelog: cds-snc/security-tools@v1...v1.1.6

v1.1.5

Compare Source

What's Changed

New Contributors

Full Changelog: cds-snc/security-tools@v1...v1.1.5

v1.1.4

Compare Source

What's Changed

Full Changelog: cds-snc/security-tools@v1...v1.1.4

v1.1.3

Compare Source

What's Changed

Full Changelog: cds-snc/security-tools@v1...v1.1.3

v1.1.2

Compare Source

What's Changed

Full Changelog: cds-snc/security-tools@v1...v1.1.2

v1.1.1

Compare Source

What's Changed

Full Changelog: cds-snc/security-tools@v1...v1.1.1

v1.1.0: Docker dependency scan

Compare Source

Summary

GitHub action that uses aquasecurity/trivy to generate and publish a Docker images dependencies and vulnerabilities to GitHub Security and Dependency Graph.

dorny/paths-filter

v2.11.1

Compare Source

v2.11.0

Compare Source

v2.10.2

Compare Source

v2.10.1

Compare Source

v2.10.0

Compare Source

v2.9.3

Compare Source

v2.9.2

Compare Source

v2.9.1

Compare Source

v2.9.0

Compare Source

v2.8.0

Compare Source

v2.7.0

Compare Source

v2.6.0

Compare Source

v2.5.3

Compare Source

v2.5.2

Compare Source

v2.5.1

Compare Source

v2.5.0

Compare Source

v2.4.2

Compare Source

v2.4.1

Compare Source

  • Changed action name to 'Paths Changes Filter' for better discoverability in action marketplace
  • Add minimal example to the top part of README to not scary potential users with too long usage section

v2.4.0

Compare Source

v2.3.0

Compare Source

hashicorp/setup-terraform

v1.4.0

Compare Source

What's Changed

NOTES
ENHANCEMENTS
INTERNAL

Configuration

📅 Schedule: Branch creation - "every weekend" in timezone America/Montreal, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot force-pushed the renovate/all-non-major-github-action branch 2 times, most recently from 9e1bc89 to a1f11a1 Compare December 20, 2022 16:40
@renovate renovate bot force-pushed the renovate/all-non-major-github-action branch from a1f11a1 to 54b7cd0 Compare December 26, 2022 22:54
@jeberhardt jeberhardt merged commit 78ca5dc into main Dec 29, 2022
@jeberhardt jeberhardt deleted the renovate/all-non-major-github-action branch December 29, 2022 15:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jeberhardt jeberhardt jeberhardt approved these changes

Assignees
No one assigned
Labels
Dependencies Renovate
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@jeberhardt