Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump the github-actions group with 9 updates #29

Merged
merged 3 commits into from
Feb 15, 2024
Merged

Bump the github-actions group with 9 updates #29

merged 3 commits into from
Feb 15, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 15, 2024
edited by kaitj
Loading

Bumps the github-actions group with 9 updates:

Package From To
kentaro-m/auto-assign-action 1.2.5 2.0.0
easimon/maximize-build-space 8 10
actions/checkout 3 4
docker/login-action 2 3
docker/metadata-action 4 5
docker/build-push-action 4 5
actions/setup-python 4 5
khanlab/actions 0.3.1 0.3.5
release-drafter/release-drafter 5 6

Updates kentaro-m/auto-assign-action from 1.2.5 to 2.0.0

Release notes

Sourced from kentaro-m/auto-assign-action's releases.

v2.0.0

What's Changed

Full Changelog: kentaro-m/auto-assign-action@v1.2.6...v2.0.0

v1.2.6

Changes

Commits
  • f4648c0 Release v2.0.0
  • 91af90e fix: update @​types/node version to 20.11.13 (#171)
  • 6dcb652 fix: update Node.js version and action configuration (#170)
  • f940c5b chore(deps): update dependency prettier to v3.2.4
  • ed73f90 Release v1.2.6
  • d9cefc3 fix: fix security issue (#165)
  • 065886b chore(deps): update dependency prettier to v3.1.1 (#163)
  • 32cd12a chore(deps): update actions/setup-node action to v4 (#158)
  • 6fa192f chore(deps): update actions/checkout action to v4 (#152)
  • 2e506e3 chore(deps): update dependency typescript to v5.3.3
  • Additional commits viewable in compare view

Updates easimon/maximize-build-space from 8 to 10

Release notes

Sourced from easimon/maximize-build-space's releases.

Fix: Build Mount folder Ownership

What's Changed

  • fix: if the build mount "deleted" / shadowed the GITHUB_WORKSPACE, do not only recreate it, but also ensure it belongs to the correct owner (runner) again

Full Changelog: easimon/maximize-build-space@v9...v10

Allow build mount path to be a parent of $GITHUB_WORKSPACE

This release adds support for mounting the build volume over a parent folder of $GITHUB_WORKSPACE.

Previously, doing so would remove/shadow the current working directory, and make any later actions/steps fail.

New features:

  • Warn about $BUILD_MOUNT_PATH not being empty and list contents in that case
  • Recreate $GITHUB_WORKSPACE afterwards if missing, so following actions have a working directory to start from.
Changelog

Sourced from easimon/maximize-build-space's changelog.

Changelog

[v4] - 2021-03-25: Do not overprovision space by default

Added

  • Configuration option of overprovisioning the build volume (overprovision-lvm), defaulting to 'false'.
  • Configurable temp volume reserve (temp-reserve-mb), defaulting to '100'.

Changed

  • (potentially breaking) The LVM image files are not created sparsely anymore. Previously, free disk space appeared free on both the build volume and the hosting volume, until actually allocated by writing to the build volume. Now, the space is actually consumed on volume creation -- meaning, that after creating the build volume, the root and temp volume do not have or show more space available than configured in root-reserve-mb and temp-reserve-mb. This can be reverted by setting overprovision-lvm to 'true', but surprising out-of-disk space situations might be the result.
  • Temp volume reserve was fixed to 1024 KB, this defaults to a more cautious 100 MB now, and is configurable.

[v3] - 2021-02-15: Fix running on Ubuntu 20.04

Changed

  • Includes a workaround for the temp disk being locked on Ubuntu 20.04. Instead of formatting the temp disk, the LVM volume is now created ontop of loop-mounted files on both / and /mnt, leaving the original file systems intact.

[v2] - 2021-01-05: Fix file system permissions on logical volume

Changed

  • Change the owner of the logical volume to the runner user recursively, fixing permission issues when e.g. checking out code to the root of the logical volume. (Actually, the problem is the lost+found folder in the ext4 root, and chowning it breaks its purpose. But since the volume is temporary anyway, lost+found functionality is not really needed).

[v1] - 2020-08-20: Initial release

Commits
  • fc881a6 Merge pull request #36 from easimon/fix/ownership-of-github-workspace
  • fadc013 fix: recreate GITHUB_WORKSPACE with correct owner when deleted
  • cd652e0 fix: test build mount set to parent of current workspace
  • bb67daa Merge pull request #35 from easimon/fix/find-with-sudo
  • fe0431d fix: run free space reports with sudo as well
  • 557cb00 test: add test for root-owned build path
  • aed41c1 fix: run find with root permissions
  • 89c6c4b fix: remove duplicate mkdir
  • 69e8e45 Merge pull request #33 from easimon/fix/allow-removal-of-workspace-directory
  • 62d379b feat: show directory contents of build mount path if not empty
  • Additional commits viewable in compare view

Updates actions/checkout from 3 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v4.0.0

v3.6.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v3.5.3...v3.6.0

v3.5.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v3...v3.5.3

v3.5.2

What's Changed

Full Changelog: actions/checkout@v3.5.1...v3.5.2

v3.5.1

What's Changed

New Contributors

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.0

v4.0.0

v3.6.0

v3.5.3

v3.5.2

v3.5.1

v3.5.0

v3.4.0

v3.3.0

v3.2.0

v3.1.0

v3.0.2

... (truncated)

Commits

Updates docker/login-action from 2 to 3

Release notes

Sourced from docker/login-action's releases.

v3.0.0

Full Changelog: docker/login-action@v2.2.0...v3.0.0

v2.2.0

Full Changelog: docker/login-action@v2.1.0...v2.2.0

v2.1.0

  • Ensure AWS temp credentials are redacted in workflow logs by @​crazy-max (#275)
  • Bump @​actions/core from 1.6.0 to 1.10.0 (#252 #292)
  • Bump @​aws-sdk/client-ecr from 3.53.0 to 3.186.0 (#298)
  • Bump @​aws-sdk/client-ecr-public from 3.53.0 to 3.186.0 (#299)

Full Changelog: docker/login-action@v2.0.0...v2.1.0

Commits
  • 343f7c4 Merge pull request #599 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
  • aad0f97 chore: update generated content
  • 2e0cd39 build(deps): bump the aws-sdk-dependencies group with 2 updates
  • 203bc9c Merge pull request #588 from docker/dependabot/npm_and_yarn/proxy-agent-depen...
  • 2199648 chore: update generated content
  • b489376 build(deps): bump the proxy-agent-dependencies group with 1 update
  • 7c309e7 Merge pull request #598 from docker/dependabot/npm_and_yarn/actions/core-1.10.1
  • 0ccf222 chore: update generated content
  • 56d703e Merge pull request #597 from docker/dependabot/github_actions/aws-actions/con...
  • 24d3b35 build(deps): bump @​actions/core from 1.10.0 to 1.10.1
  • Additional commits viewable in compare view

Updates docker/metadata-action from 4 to 5

Release notes

Sourced from docker/metadata-action's releases.

v5.0.0

Full Changelog: docker/metadata-action@v4.6.0...v5.0.0

v4.6.0

Full Changelog: docker/metadata-action@v4.5.0...v4.6.0

v4.5.0

Full Changelog: docker/metadata-action@v4.4.0...v4.5.0

v4.4.0

Full Changelog: docker/metadata-action@v4.3.0...v4.4.0

v4.3.0

Full Changelog: docker/metadata-action@v4.2.0...v4.3.0

v4.2.0

  • Add tz attribute to handlebar date function by @​chroju (#251)
  • Bump minimatch from 3.0.4 to 3.1.2 (#242)
  • Bump csv-parse from 5.3.1 to 5.3.3 (#245)
  • Bump json5 from 2.2.0 to 2.2.3 (#252)

Full Changelog: docker/metadata-action@v4.1.1...v4.2.0

v4.1.1

  • Revert changes to set associated head sha on pull request event by @​crazy-max (#239)
    • User can still set associated head sha on PR by setting the env var DOCKER_METADATA_PR_HEAD_SHA=true
  • Bump csv-parse from 5.3.0 to 5.3.1 (#237)

Full Changelog: docker/metadata-action@v4.1.0...v4.1.1

... (truncated)

Upgrade guide

Sourced from docker/metadata-action's upgrade guide.

Upgrade notes

v2 to v3

  • Repository has been moved to docker org. Replace crazy-max/ghaction-docker-meta@v2 with docker/metadata-action@v5
  • The default bake target has been changed: ghaction-docker-meta > docker-metadata-action

v1 to v2

inputs

New Unchanged Removed
tags images tag-sha
flavor sep-tags tag-edge
labels sep-labels tag-edge-branch
tag-semver
tag-match
tag-match-group
tag-latest
tag-schedule
tag-custom
tag-custom-only
label-custom

tag-sha

tags: |
  type=sha

tag-edge / tag-edge-branch

tags: |
  # default branch
</tr></table>

... (truncated)

Commits
  • 8e5442c Merge pull request #382 from crazy-max/dont-set-cwd-prefix
  • eda41b7 chore: update generated content
  • 388c08f don't set cwd:// prefix for local bake files
  • dbef880 Merge pull request #374 from docker/dependabot/npm_and_yarn/moment-timezone-0...
  • b73e7a7 chore: update generated content
  • b9fba69 chore(deps): Bump moment-timezone from 0.5.43 to 0.5.44
  • ac82374 Merge pull request #373 from docker/dependabot/npm_and_yarn/moment-2.30.1
  • c92519a chore: update generated content
  • 3b4179d chore(deps): Bump moment from 2.29.4 to 2.30.1
  • 0784993 Merge pull request #371 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • Additional commits viewable in compare view

Updates docker/build-push-action from 4 to 5

Release notes

Sourced from docker/build-push-action's releases.

v5.0.0

Full Changelog: docker/build-push-action@v4.2.1...v5.0.0

v4.2.1

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

Full Changelog: docker/build-push-action@v4.2.0...v4.2.1

v4.2.0

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

Full Changelog: docker/build-push-action@v4.1.1...v4.2.0

v4.1.1

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

Full Changelog: docker/build-push-action@v4.1.0...v4.1.1

v4.1.0

Note

Buildx v0.10 enables support for a minimal SLSA Provenance attestation, which requires support for OCI-compliant multi-platform images. This may introduce issues with registry and runtime support (e.g. Google Cloud Run and AWS Lambda). You can optionally disable the default provenance attestation functionality using provenance: false.

Full Changelog: docker/build-push-action@v4.0.0...v4.1.0

Commits
  • 4a13e50 Merge pull request #1006 from docker/dependabot/npm_and_yarn/docker/actions-t...
  • 7416668 chore: update generated content
  • b4f76a5 chore(deps): Bump @​docker/actions-toolkit from 0.13.0 to 0.14.0
  • b7feb76 Merge pull request #1005 from crazy-max/ci-inspect
  • fae8018 ci: inspect sbom and provenance
  • b625868 Merge pull request #1004 from crazy-max/ci-update-buildx
  • 5193ef1 ci: update buildx to latest
  • d3afd77 Merge pull request #991 from docker/dependabot/npm_and_yarn/babel/traverse-7....
  • 7a786bb Merge pull request #992 from crazy-max/annotations
  • c66ae3a chore: update generated content
  • Additional commits viewable in compare view

Updates actions/setup-python from 4 to 5

Release notes

Sourced from actions/setup-python's releases.

v5.0.0

What's Changed

In scope of this release, we update node version runtime from node16 to node20 (actions/setup-python#772). Besides, we update dependencies to the latest versions.

Full Changelog: actions/setup-python@v4.8.0...v5.0.0

v4.8.0

What's Changed

In scope of this release we added support for GraalPy (actions/setup-python#694). You can use this snippet to set up GraalPy:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4 
  with:
    python-version: 'graalpy-22.3' 
- run: python my_script.py

Besides, the release contains such changes as:

New Contributors

Full Changelog: actions/setup-python@v4...v4.8.0

v4.7.1

What's Changed

Full Changelog: actions/setup-python@v4...v4.7.1

v4.7.0

In scope of this release, the support for reading python version from pyproject.toml was added (actions/setup-python#669).

      - name: Setup Python
        uses: actions/setup-python@v4
</tr></table>

... (truncated)

Commits

@dependabot
Bump the github-actions group with 9 updates
ea70535 
Bumps the github-actions group with 9 updates:

| Package | From | To |
| --- | --- | --- |
| [kentaro-m/auto-assign-action](https://github.com/kentaro-m/auto-assign-action) | `1.2.5` | `2.0.0` |
| [easimon/maximize-build-space](https://github.com/easimon/maximize-build-space) | `8` | `10` |
| [actions/checkout](https://github.com/actions/checkout) | `3` | `4` |
| [docker/login-action](https://github.com/docker/login-action) | `2` | `3` |
| [docker/metadata-action](https://github.com/docker/metadata-action) | `4` | `5` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `4` | `5` |
| [actions/setup-python](https://github.com/actions/setup-python) | `4` | `5` |
| [khanlab/actions](https://github.com/khanlab/actions) | `0.3.1` | `0.3.4` |
| [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) | `5` | `6` |


Updates `kentaro-m/auto-assign-action` from 1.2.5 to 2.0.0
- [Release notes](https://github.com/kentaro-m/auto-assign-action/releases)
- [Commits](kentaro-m/auto-assign-action@v1.2.5...v2.0.0)

Updates `easimon/maximize-build-space` from 8 to 10
- [Release notes](https://github.com/easimon/maximize-build-space/releases)
- [Changelog](https://github.com/easimon/maximize-build-space/blob/master/CHANGELOG.md)
- [Commits](easimon/maximize-build-space@v8...v10)

Updates `actions/checkout` from 3 to 4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3...v4)

Updates `docker/login-action` from 2 to 3
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@v2...v3)

Updates `docker/metadata-action` from 4 to 5
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](docker/metadata-action@v4...v5)

Updates `docker/build-push-action` from 4 to 5
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@v4...v5)

Updates `actions/setup-python` from 4 to 5
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@v4...v5)

Updates `khanlab/actions` from 0.3.1 to 0.3.4
- [Release notes](https://github.com/khanlab/actions/releases)
- [Commits](v0.3.1...v0.3.4)

Updates `release-drafter/release-drafter` from 5 to 6
- [Release notes](https://github.com/release-drafter/release-drafter/releases)
- [Commits](release-drafter/release-drafter@v5...v6)

---
updated-dependencies:
- dependency-name: kentaro-m/auto-assign-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: easimon/maximize-build-space
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: khanlab/actions
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: release-drafter/release-drafter
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Feb 15, 2024
@kaitj kaitj mentioned this pull request Feb 15, 2024
Closed
10 tasks
@kaitj kaitj added the maintenance Updates or improvements that do not change functionality of the code label Feb 15, 2024
@kaitj kaitj merged commit b6310d8 into main Feb 15, 2024
@kaitj kaitj deleted the dependabot/github_actions/github-actions-7c00e8391d branch February 15, 2024 16:37
@kaitj kaitj mentioned this pull request Feb 15, 2024
Closed
@kaitj
Copy link
Collaborator

kaitj commented Feb 15, 2024

@pvandyken - new version of khanlab/actions (v0.3.5)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kaitj kaitj kaitj approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file maintenance Updates or improvements that do not change functionality of the code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@kaitj