Skip to content

build(deps): Bump the github-actions-dependencies group across 5 directories with 4 updates#71

Merged
neilime merged 1 commit intomainfrom
dependabot/github_actions/github-actions-dependencies-63c8bd7244
Mar 18, 2025
Merged

build(deps): Bump the github-actions-dependencies group across 5 directories with 4 updates#71
neilime merged 1 commit intomainfrom
dependabot/github_actions/github-actions-dependencies-63c8bd7244

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 18, 2025

Bumps the github-actions-dependencies group with 3 updates in the / directory: hoverkraft-tech/ci-github-common, hoverkraft-tech/ci-github-container and tj-actions/changed-files.
Bumps the github-actions-dependencies group with 1 update in the /actions/deploy/get-environment directory: hoverkraft-tech/ci-github-common.
Bumps the github-actions-dependencies group with 1 update in the /actions/deploy/jampack directory: actions/setup-node.
Bumps the github-actions-dependencies group with 1 update in the /actions/deploy/report directory: hoverkraft-tech/ci-github-common.
Bumps the github-actions-dependencies group with 1 update in the /actions/release/create directory: hoverkraft-tech/ci-github-common.

Updates hoverkraft-tech/ci-github-common from 0.16.0 to 0.18.0

Release notes

Sourced from hoverkraft-tech/ci-github-common's releases.

0.18.0

Release Summary

This release introduces support for Kubernetes custom resources in the linter, enhancing flexibility in configuration validation. Additionally, dependencies for GitHub Actions have been updated to improve stability and security. Documentation has been refreshed to reflect recent workflow changes.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.17.0...0.18.0

0.17.0

Release Summary

This release introduces an optional token for checkout and comment-pr, enhancing flexibility in authentication workflows. Documentation for actions and workflows has been updated for improved clarity. Additionally, dependencies for hoverkraft-tech/ci-github-publish have been upgraded from 0.1.1 to 0.2.0.

No breaking changes were introduced in this release.

What's Changed

New Contributors

Full Changelog: hoverkraft-tech/ci-github-common@0.16.1...0.17.0

0.16.1

Release Summary

This release includes updated documentation for actions and workflows, improving clarity and usability. Additionally, dependencies have been updated with a version bump for hoverkraft-tech/ci-github-publish from 0.1.0 to 0.1.1, ensuring compatibility and stability across the affected directory.

No breaking changes are introduced in this release.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.16.0...0.16.1

Commits
  • 5ace530 feat(linter): add support for Kubernetes custom resources
  • 7b3b29d chore(deps): bump peter-evans/create-pull-request
  • 6a31c8d docs: update actions and workflows documentation
  • 21d9d2f chore(deps): bump peter-evans/create-pull-request
  • 366ad47 docs: update actions and workflows documentation
  • ba4d18c style: disable MD013 instead of add newline for badges
  • 9a29c6a style: fix lint errors
  • fff9053 feat(create-or-update-comment): optional token
  • cb2b3de feat(checkout): optional token instead of default GITHUB_TOKEN
  • 35e17db chore(deps): bump hoverkraft-tech/ci-github-publish
  • Additional commits viewable in compare view

Updates hoverkraft-tech/ci-github-container from 0.20.2 to 0.24.0

Release notes

Sourced from hoverkraft-tech/ci-github-container's releases.

0.24.0

Release Summary

  • New Feature: Upgraded Buildx in the build image for improved container build performance and compatibility.
  • Documentation: Updated actions and workflows documentation to reflect the latest changes.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-container@0.23.1...0.24.0

0.23.1

Release summary

Fix helm/test-chart action by passing properly the helm-set argument

What's Changed

Full Changelog: hoverkraft-tech/ci-github-container@0.23.0...0.23.1

0.23.0

Release Summary

This release introduces multiple improvements and new features, particularly in Helm and Docker workflows. Notably, new inputs have been added to the Helm test chart for enabling linting and testing, as well as forcing chart lint and installation. The Helm release chart now supports updating versioning for umbrella chart children while also preventing dependency updates on release. The Docker build process benefits from upgraded builder dependencies. Additionally, extensive documentation updates enhance clarity on actions and workflows.

Breaking changes

What's Changed

... (truncated)

Commits
  • 69b03e7 docs: update actions and workflows documentation
  • b8a3408 feat(build-image): upgrade buildx
  • 7b2b699 docs: fix broken link
  • d7675c1 fix(helm/test-chart): pass helm-set properly
  • 2b67370 docs: update actions and workflows documentation
  • 5fbed5d feat(helm): add parse-chart-uri action
  • 57d529d chore(deps): bump the github-actions-dependencies group across 6 directories ...
  • 4936a3f feat(docker/build-image): upgrade builder dependencies
  • 2a1bc98 feat!(helm/release-chart): do not update dependencies on release
  • 79b29fc docs: update actions and workflows documentation
  • Additional commits viewable in compare view

Updates tj-actions/changed-files from 45.0.8 to 46.0.1

Release notes

Sourced from tj-actions/changed-files's releases.

v46.0.1

[!WARNING]
Security Alert: A critical security issue was identified in this action due to a compromised commit.

This commit has been removed from all tags and branches, and necessary measures have been implemented to prevent similar issues in the future.

Action Required:

  • Review your workflows executed between March 14 and March 15. If you notice unexpected output under the changed-files section, decode it using the following command: echo 'xxx' | base64 -d | base64 -d
    If the output contains sensitive information (e.g., tokens or secrets), revoke and rotate those secrets immediately.
  • If your workflows reference this commit directly by its SHA, you must update them immediately to avoid using the compromised version.
  • If you are using tagged versions (e.g., v35, v44.5.1), no action is required as these tags have been updated and are now safe to use.

Additionally, as a precaution, we recommend rotating any secrets that may have been exposed during this timeframe to ensure the continued security of your workflows.

What's Changed

Full Changelog: tj-actions/changed-files@v46...v46.0.1

v46

[!WARNING]
Security Alert: A critical security issue was identified in this action due to a compromised commit.

This commit has been removed from all tags and branches, and necessary measures have been implemented to prevent similar issues in the future.

Action Required:

  • Review your workflows executed between March 14 and March 15. If you notice unexpected output under the changed-files section, decode it using the following command: echo 'xxx' | base64 -d | base64 -d
    If the output contains sensitive information (e.g., tokens or secrets), revoke and rotate those secrets immediately.
  • If your workflows reference this commit directly by its SHA, you must update them immediately to avoid using the compromised version.
  • If you are using tagged versions (e.g., v35, v44.5.1), no action is required as these tags have been updated and are now safe to use.

Additionally, as a precaution, we recommend rotating any secrets that may have been exposed during this timeframe to ensure the continued security of your workflows.

Changes in v46.0.1

What's Changed

Full Changelog: tj-actions/changed-files@v46...v46.0.1

Changes in v46.0.0

What's Changed

... (truncated)

Changelog

Sourced from tj-actions/changed-files's changelog.

46.0.1 - (2025-03-16)

🔄 Update

  • Updated README.md (#2473)

Co-authored-by: github-actions[bot] (2f7c5bf) - (github-actions[bot])

  • Sync-release-version.yml to use signed commits (#2472) (4189ec6) - (Tonye Jack)

46.0.0 - (2025-03-16)

🐛 Bug Fixes

  • Update update-readme.yml to sign-commits (#2468) (0f1ffe6) - (Tonye Jack)
  • Update permission in update-readme.yml workflow (#2467) (ddef03e) - (Tonye Jack)
  • Update github workflow update-readme.yml (#2466) (9c2df0d) - (Tonye Jack)

➖ Remove

  • Deleted renovate.json (e37e952) - (Tonye Jack)

🔄 Update

  • Sync-release-version.yml (#2471) (4cd184a) - (Tonye Jack)
  • Updated README.md (#2469)

Co-authored-by: github-actions[bot] (5cbf220) - (github-actions[bot])

📚 Documentation

  • Update docs to highlight security issues (#2465) (6525332) - (Tonye Jack)

45.0.9 - (2025-03-15)

🐛 Bug Fixes

  • deps: Update dependency @​octokit/rest to v21.1.1 (#2435) (fb8dcda) - (renovate[bot])
  • deps: Update dependency @​octokit/rest to v21.1.0 (#2394) (7b72c97) - (renovate[bot])
  • deps: Update dependency yaml to v2.7.0 (#2383) (5f974c2) - (renovate[bot])

⚙️ Miscellaneous Tasks

  • deps: Lock file maintenance (#2460) (9200e69) - (renovate[bot])
  • deps: Update dependency @​types/node to v22.13.10 (#2459) (e650cfd) - (renovate[bot])
  • deps: Update dependency eslint-config-prettier to v10.1.1 (#2458) (82af21f) - (renovate[bot])
  • deps: Update dependency eslint-config-prettier to v10.1.0 (#2457) (82fa4a6) - (renovate[bot])
  • deps: Update peter-evans/create-pull-request action to v7.0.8 (#2455) (315505a) - (renovate[bot])
  • deps: Update dependency @​types/node to v22.13.9 (#2454) (c8e1cdb) - (renovate[bot])
  • deps: Update dependency prettier to v3.5.3 (#2453) (bb6d1aa) - (renovate[bot])
  • deps: Lock file maintenance (#2451) (1f74fc9) - (renovate[bot])

... (truncated)

Commits

Updates hoverkraft-tech/ci-github-common from 0.16.1 to 0.18.0

Release notes

Sourced from hoverkraft-tech/ci-github-common's releases.

0.18.0

Release Summary

This release introduces support for Kubernetes custom resources in the linter, enhancing flexibility in configuration validation. Additionally, dependencies for GitHub Actions have been updated to improve stability and security. Documentation has been refreshed to reflect recent workflow changes.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.17.0...0.18.0

0.17.0

Release Summary

This release introduces an optional token for checkout and comment-pr, enhancing flexibility in authentication workflows. Documentation for actions and workflows has been updated for improved clarity. Additionally, dependencies for hoverkraft-tech/ci-github-publish have been upgraded from 0.1.1 to 0.2.0.

No breaking changes were introduced in this release.

What's Changed

New Contributors

Full Changelog: hoverkraft-tech/ci-github-common@0.16.1...0.17.0

0.16.1

Release Summary

This release includes updated documentation for actions and workflows, improving clarity and usability. Additionally, dependencies have been updated with a version bump for hoverkraft-tech/ci-github-publish from 0.1.0 to 0.1.1, ensuring compatibility and stability across the affected directory.

No breaking changes are introduced in this release.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.16.0...0.16.1

Commits
  • 5ace530 feat(linter): add support for Kubernetes custom resources
  • 7b3b29d chore(deps): bump peter-evans/create-pull-request
  • 6a31c8d docs: update actions and workflows documentation
  • 21d9d2f chore(deps): bump peter-evans/create-pull-request
  • 366ad47 docs: update actions and workflows documentation
  • ba4d18c style: disable MD013 instead of add newline for badges
  • 9a29c6a style: fix lint errors
  • fff9053 feat(create-or-update-comment): optional token
  • cb2b3de feat(checkout): optional token instead of default GITHUB_TOKEN
  • 35e17db chore(deps): bump hoverkraft-tech/ci-github-publish
  • Additional commits viewable in compare view

Updates actions/setup-node from 4.2.0 to 4.3.0

Release notes

Sourced from actions/setup-node's releases.

v4.3.0

What's Changed

Dependency updates

New Contributors

Full Changelog: actions/setup-node@v4...v4.3.0

Commits

Updates hoverkraft-tech/ci-github-common from 0.16.1 to 0.18.0

Release notes

Sourced from hoverkraft-tech/ci-github-common's releases.

0.18.0

Release Summary

This release introduces support for Kubernetes custom resources in the linter, enhancing flexibility in configuration validation. Additionally, dependencies for GitHub Actions have been updated to improve stability and security. Documentation has been refreshed to reflect recent workflow changes.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.17.0...0.18.0

0.17.0

Release Summary

This release introduces an optional token for checkout and comment-pr, enhancing flexibility in authentication workflows. Documentation for actions and workflows has been updated for improved clarity. Additionally, dependencies for hoverkraft-tech/ci-github-publish have been upgraded from 0.1.1 to 0.2.0.

No breaking changes were introduced in this release.

What's Changed

New Contributors

Full Changelog: hoverkraft-tech/ci-github-common@0.16.1...0.17.0

0.16.1

Release Summary

This release includes updated documentation for actions and workflows, improving clarity and usability. Additionally, dependencies have been updated with a version bump for hoverkraft-tech/ci-github-publish from 0.1.0 to 0.1.1, ensuring compatibility and stability across the affected directory.

No breaking changes are introduced in this release.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.16.0...0.16.1

Commits
  • 5ace530 feat(linter): add support for Kubernetes custom resources
  • 7b3b29d chore(deps): bump peter-evans/create-pull-request
  • 6a31c8d docs: update actions and workflows documentation
  • 21d9d2f chore(deps): bump peter-evans/create-pull-request
  • 366ad47 docs: update actions and workflows documentation
  • ba4d18c style: disable MD013 instead of add newline for badges
  • 9a29c6a style: fix lint errors
  • fff9053 feat(create-or-update-comment): optional token
  • cb2b3de feat(checkout): optional token instead of default GITHUB_TOKEN
  • 35e17db chore(deps): bump hoverkraft-tech/ci-github-publish
  • Additional commits viewable in compare view

Updates hoverkraft-tech/ci-github-common from 0.17.0 to 0.18.0

Release notes

Sourced from hoverkraft-tech/ci-github-common's releases.

0.18.0

Release Summary

This release introduces support for Kubernetes custom resources in the linter, enhancing flexibility in configuration validation. Additionally, dependencies for GitHub Actions have been updated to improve stability and security. Documentation has been refreshed to reflect recent workflow changes.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.17.0...0.18.0

0.17.0

Release Summary

This release introduces an optional token for checkout and comment-pr, enhancing flexibility in authentication workflows. Documentation for actions and workflows has been updated for improved clarity. Additionally, dependencies for hoverkraft-tech/ci-github-publish have been upgraded from 0.1.1 to 0.2.0.

No breaking changes were introduced in this release.

What's Changed

New Contributors

Full Changelog: hoverkraft-tech/ci-github-common@0.16.1...0.17.0

0.16.1

Release Summary

This release includes updated documentation for actions and workflows, improving clarity and usability. Additionally, dependencies have been updated with a version bump for hoverkraft-tech/ci-github-publish from 0.1.0 to 0.1.1, ensuring compatibility and stability across the affected directory.

No breaking changes are introduced in this release.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.16.0...0.16.1

Commits
  • 5ace530 feat(linter): add support for Kubernetes custom resources
  • 7b3b29d chore(deps): bump peter-evans/create-pull-request
  • 6a31c8d docs: update actions and workflows documentation
  • 21d9d2f chore(deps): bump peter-evans/create-pull-request
  • 366ad47 docs: update actions and workflows documentation
  • ba4d18c style: disable MD013 instead of add newline for badges
  • 9a29c6a style: fix lint errors
  • fff9053 feat(create-or-update-comment): optional token
  • cb2b3de feat(checkout): optional token instead of default GITHUB_TOKEN
  • 35e17db chore(deps): bump hoverkraft-tech/ci-github-publish
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): Bump the github-actions-dependencies group across 5 dire…
4c9ded1 
…ctories with 4 updates

Bumps the github-actions-dependencies group with 3 updates in the / directory: [hoverkraft-tech/ci-github-common](https://github.com/hoverkraft-tech/ci-github-common), [hoverkraft-tech/ci-github-container](https://github.com/hoverkraft-tech/ci-github-container) and [tj-actions/changed-files](https://github.com/tj-actions/changed-files).
Bumps the github-actions-dependencies group with 1 update in the /actions/deploy/get-environment directory: [hoverkraft-tech/ci-github-common](https://github.com/hoverkraft-tech/ci-github-common).
Bumps the github-actions-dependencies group with 1 update in the /actions/deploy/jampack directory: [actions/setup-node](https://github.com/actions/setup-node).
Bumps the github-actions-dependencies group with 1 update in the /actions/deploy/report directory: [hoverkraft-tech/ci-github-common](https://github.com/hoverkraft-tech/ci-github-common).
Bumps the github-actions-dependencies group with 1 update in the /actions/release/create directory: [hoverkraft-tech/ci-github-common](https://github.com/hoverkraft-tech/ci-github-common).


Updates `hoverkraft-tech/ci-github-common` from 0.16.0 to 0.18.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases)
- [Commits](hoverkraft-tech/ci-github-common@0.16.0...0.18.0)

Updates `hoverkraft-tech/ci-github-container` from 0.20.2 to 0.24.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-container/releases)
- [Commits](hoverkraft-tech/ci-github-container@0.20.2...0.24.0)

Updates `tj-actions/changed-files` from 45.0.8 to 46.0.1
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](tj-actions/changed-files@v45.0.8...v46.0.1)

Updates `hoverkraft-tech/ci-github-common` from 0.16.1 to 0.18.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases)
- [Commits](hoverkraft-tech/ci-github-common@0.16.0...0.18.0)

Updates `actions/setup-node` from 4.2.0 to 4.3.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@v4.2.0...v4.3.0)

Updates `hoverkraft-tech/ci-github-common` from 0.16.1 to 0.18.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases)
- [Commits](hoverkraft-tech/ci-github-common@0.16.0...0.18.0)

Updates `hoverkraft-tech/ci-github-common` from 0.17.0 to 0.18.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases)
- [Commits](hoverkraft-tech/ci-github-common@0.16.0...0.18.0)

---
updated-dependencies:
- dependency-name: hoverkraft-tech/ci-github-common
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-container
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-common
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-common
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-common
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 18, 2025
@neilime neilime merged commit 02c32c6 into main Mar 18, 2025
10 checks passed
@neilime neilime deleted the dependabot/github_actions/github-actions-dependencies-63c8bd7244 branch March 18, 2025 20:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@neilime