Bump the gha-deps group with 3 updates #292

dependabot · 2025-02-04T04:16:26Z

Bumps the gha-deps group with 3 updates: artichoke/generate_third_party, artichoke/setup-rust and crazy-max/ghaction-github-labeler.

Updates artichoke/generate_third_party from 1.14.0 to 1.15.0

Release notes

Sourced from artichoke/generate_third_party's releases.

v1.15.0

What's Changed

Bump the gha-deps group with 2 updates by @dependabot in artichoke/generate_third_party#160

Bump the bundler-deps group with 4 updates by @dependabot in artichoke/generate_third_party#161

Bump the bundler-deps group with 4 updates by @dependabot in artichoke/generate_third_party#163

Bump mheap/github-action-required-labels from 5.4.1 to 5.4.2 in the gha-deps group by @dependabot in artichoke/generate_third_party#164

Bump the gha-deps group with 3 updates by @dependabot in artichoke/generate_third_party#165

Bump the bundler-deps group with 3 updates by @dependabot in artichoke/generate_third_party#166

Bump the bundler-deps group with 4 updates by @dependabot in artichoke/generate_third_party#168

Bump the gha-deps group with 4 updates by @dependabot in artichoke/generate_third_party#167

Bump the bundler-deps group with 4 updates by @dependabot in artichoke/generate_third_party#170

Bump prettier from 3.2.5 to 3.4.1 in the npm-deps group by @dependabot in artichoke/generate_third_party#169

Bump ruby/setup-ruby from 1.199.0 to 1.202.0 in the gha-deps group by @dependabot in artichoke/generate_third_party#171

Remove markdown link check by @lopopolo in artichoke/generate_third_party#172

Purge vestigial eslint config from package.json by @lopopolo in artichoke/generate_third_party#174

Bump prettier from 3.4.1 to 3.4.2 in the npm-deps group by @dependabot in artichoke/generate_third_party#177

Bump the bundler-deps group with 3 updates by @dependabot in artichoke/generate_third_party#176

Bump the gha-deps group with 2 updates by @dependabot in artichoke/generate_third_party#175

Bump the gha-deps group with 2 updates by @dependabot in artichoke/generate_third_party#178

Update permitted Unicode license by @lopopolo in artichoke/generate_third_party#179

Address zizmor lint violations by @lopopolo in artichoke/generate_third_party#180

Pin all GitHub actions by commit hash by @lopopolo in artichoke/generate_third_party#181

Prepare for v1.15.0 release by @lopopolo in artichoke/generate_third_party#182

Full Changelog: artichoke/generate_third_party@v1...v1.15.0

Changelog

Sourced from artichoke/generate_third_party's changelog.

1.15.0

Released 2025-02-03.

Action Changes

Permit Unicode-3.0 license. #179

Revoke Unicode-DFS-2016 license. #179

Rework action to defend against template injection. #180

Pin all dependencies by Git hash. #181

#179: artichoke/generate_third_party#179 #180: artichoke/generate_third_party#180 #181: artichoke/generate_third_party#181

Internal Changes

Upgrade Ruby dependencies. #161, #163, #166, #168, #171, #176, #155, #158.

Upgrade GitHub Actions dependencies. #160, #164, #165, #167, #170, #175, #178.

Upgrade npm dependencies. #169, #177.

Purge unused CI jobs and configuration. #172, #173.

#161: artichoke/generate_third_party#161 #163: artichoke/generate_third_party#163 #164: artichoke/generate_third_party#164 #165: artichoke/generate_third_party#165 #166: artichoke/generate_third_party#166 #167: artichoke/generate_third_party#167 #168: artichoke/generate_third_party#168 #169: artichoke/generate_third_party#169 #170: artichoke/generate_third_party#170 #171: artichoke/generate_third_party#171 #172: artichoke/generate_third_party#172 #173: artichoke/generate_third_party#173 #174: artichoke/generate_third_party#174 #175: artichoke/generate_third_party#175 #176: artichoke/generate_third_party#176 #177: artichoke/generate_third_party#177 #178: artichoke/generate_third_party#178

Commits

4da01ed Merge pull request #182 from artichoke/dev/lopopolo-release
759b878 Prepare for v1.15.0 release
c97b02a Merge pull request #181 from artichoke/dev/lopopolo-zizmor-pedantic
c7aafa7 Pin all GitHub actions by commit hash
464f184 Merge pull request #180 from artichoke/dev/lopopolo-zizmor
fe18671 Address zizmor lint violations
d1ee8ae Merge pull request #179 from artichoke/dev/lopopolo-unicode-3.0-license
4fb84b8 Update permitted Unicode license
26930c6 Merge pull request #178 from artichoke/dependabot/github_actions/gha-deps-2b1...
cc4b33a Bump the gha-deps group with 2 updates
Additional commits viewable in compare view

Updates artichoke/setup-rust from 1.12.1 to 2.0.1

Release notes

Sourced from artichoke/setup-rust's releases.

v2.0.1

What's Changed

Install llvm-tools-preview in code coverage action by @lopopolo in artichoke/setup-rust#122

Full Changelog: artichoke/setup-rust@v2.0.0...v2.0.1

v2.0.0

What's Changed

Bump rubocop from 1.64.1 to 1.65.1 in the bundler-deps group by @dependabot in artichoke/setup-rust#97

Bump ruby/setup-ruby from 1.183.0 to 1.190.0 in the gha-deps group by @dependabot in artichoke/setup-rust#98

Bump rexml from 3.3.4 to 3.3.6 by @dependabot in artichoke/setup-rust#99

Bump mheap/github-action-required-labels from 5.4.1 to 5.4.2 in the gha-deps group by @dependabot in artichoke/setup-rust#101

Bump the bundler-deps group with 2 updates by @dependabot in artichoke/setup-rust#100

Bump rubocop from 1.66.0 to 1.66.1 in the bundler-deps group by @dependabot in artichoke/setup-rust#103

Bump the gha-deps group with 2 updates by @dependabot in artichoke/setup-rust#102

Bump Swatinem/rust-cache from 2.7.3 to 2.7.5 in /lint-and-format in the gha-deps group by @dependabot in artichoke/setup-rust#108

Bump the gha-deps group with 3 updates by @dependabot in artichoke/setup-rust#107

Bump rubocop from 1.66.1 to 1.68.0 in the bundler-deps group by @dependabot in artichoke/setup-rust#106

Bump Swatinem/rust-cache from 2.7.3 to 2.7.5 in /build-and-test in the gha-deps group by @dependabot in artichoke/setup-rust#105

Bump Swatinem/rust-cache from 2.7.3 to 2.7.5 in /check-minimal-versions in the gha-deps group by @dependabot in artichoke/setup-rust#104

chore(deps): Bump rubocop from 1.68.0 to 1.69.0 in the bundler-deps group by @dependabot in artichoke/setup-rust#110

chore(deps): Bump ruby/setup-ruby from 1.199.0 to 1.202.0 in the gha-deps group by @dependabot in artichoke/setup-rust#109

Remove markdown link check by @lopopolo in artichoke/setup-rust#111

Update Ruby, Bundler to latest by @lopopolo in artichoke/setup-rust#112

chore(deps): Bump rubocop from 1.69.0 to 1.69.2 in the bundler-deps group by @dependabot in artichoke/setup-rust#115

chore(deps): Bump the gha-deps group with 2 updates by @dependabot in artichoke/setup-rust#113

chore(deps): Bump rubocop from 1.69.2 to 1.71.1 in the bundler-deps group by @dependabot in artichoke/setup-rust#119

chore(deps): Bump Swatinem/rust-cache from 2.7.5 to 2.7.7 in /lint-and-format in the gha-deps group by @dependabot in artichoke/setup-rust#117

chore(deps): Bump Swatinem/rust-cache from 2.7.5 to 2.7.7 in /build-and-test in the gha-deps group by @dependabot in artichoke/setup-rust#114

chore(deps): Bump ruby/setup-ruby from 1.207.0 to 1.215.0 in the gha-deps group by @dependabot in artichoke/setup-rust#118

chore(deps): Bump Swatinem/rust-cache from 2.7.5 to 2.7.7 in /check-minimal-versions in the gha-deps group by @dependabot in artichoke/setup-rust#116

Update dependabot.yml by @lopopolo in artichoke/setup-rust#120

Address zizmor security issues in GitHub Actions setup by @lopopolo in artichoke/setup-rust#121

Full Changelog: artichoke/setup-rust@v1...v2.0.0

Commits

68e0ebb Merge pull request #122 from artichoke/lopopolo-patch-1
ec58d0b Install llvm-tools-preview in code coverage action
a6c04c3 Merge pull request #121 from artichoke/dev/lopopolo-zizmor-green
900d5e7 Fix env propagation
0349bff Address zizmor security issues in GitHub Actions setup
740c081 Merge pull request #120 from artichoke/lopopolo-patch-1
c8d3099 Update dependabot.yml
b165aba Merge pull request #116 from artichoke/dependabot/github_actions/check-minima...
8a5fe1a Merge pull request #118 from artichoke/dependabot/github_actions/gha-deps-bca...
a0c634a Merge pull request #114 from artichoke/dependabot/github_actions/build-and-te...
Additional commits viewable in compare view

Updates crazy-max/ghaction-github-labeler from 5.1.0 to 5.2.0

Release notes

Sourced from crazy-max/ghaction-github-labeler's releases.

v5.2.0

Load yaml files using the failsafe schema option by @pjpires in crazy-max/ghaction-github-labeler#226

Bump cross-spawn from 7.0.3 to 7.0.6 in crazy-max/ghaction-github-labeler#223

Bump undici from 5.28.4 to 5.28.5 in crazy-max/ghaction-github-labeler#225

Full Changelog: crazy-max/ghaction-github-labeler@v5.1.0...v5.2.0

Commits

31674a3 Merge pull request #225 from crazy-max/dependabot/npm_and_yarn/undici-5.28.5
0f4f1ec chore: update generated content
44d83ee Merge pull request #227 from crazy-max/bake-v6
758a909 ci: update bake-action to v6
1c66a35 chore(deps): bump undici from 5.28.4 to 5.28.5
989e392 Merge pull request #222 from crazy-max/dependabot/github_actions/codecov/code...
ec65374 ci: fix deprecated input for codecov-action
765a634 Merge pull request #223 from crazy-max/dependabot/npm_and_yarn/cross-spawn-7.0.6
98f4f2b Merge pull request #226 from pjpires/yaml-failsafe-schema
c0910be Update generated content
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the gha-deps group with 3 updates: [artichoke/generate_third_party](https://github.com/artichoke/generate_third_party), [artichoke/setup-rust](https://github.com/artichoke/setup-rust) and [crazy-max/ghaction-github-labeler](https://github.com/crazy-max/ghaction-github-labeler). Updates `artichoke/generate_third_party` from 1.14.0 to 1.15.0 - [Release notes](https://github.com/artichoke/generate_third_party/releases) - [Changelog](https://github.com/artichoke/generate_third_party/blob/trunk/CHANGELOG.md) - [Commits](artichoke/generate_third_party@v1.14.0...v1.15.0) Updates `artichoke/setup-rust` from 1.12.1 to 2.0.1 - [Release notes](https://github.com/artichoke/setup-rust/releases) - [Commits](artichoke/setup-rust@v1.12.1...v2.0.1) Updates `crazy-max/ghaction-github-labeler` from 5.1.0 to 5.2.0 - [Release notes](https://github.com/crazy-max/ghaction-github-labeler/releases) - [Commits](crazy-max/ghaction-github-labeler@b54af0c...31674a3) --- updated-dependencies: - dependency-name: artichoke/generate_third_party dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha-deps - dependency-name: artichoke/setup-rust dependency-type: direct:production update-type: version-update:semver-major dependency-group: gha-deps - dependency-name: crazy-max/ghaction-github-labeler dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha-deps ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added the A-deps Area: Source and library dependencies. label Feb 4, 2025

dependabot bot assigned lopopolo Feb 4, 2025

lopopolo added 2 commits February 3, 2025 20:53

trigger ci

13ea200

Mark timeout errors from notary tool as retryable

37ef16e

lopopolo merged commit 694b405 into trunk Feb 4, 2025
8 checks passed

lopopolo deleted the dependabot/github_actions/gha-deps-16221030a2 branch February 4, 2025 05:04

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the gha-deps group with 3 updates #292

Bump the gha-deps group with 3 updates #292

dependabot bot commented on behalf of github Feb 4, 2025

Bump the gha-deps group with 3 updates #292

Bump the gha-deps group with 3 updates #292

Conversation

dependabot bot commented on behalf of github Feb 4, 2025

v1.15.0

What's Changed

1.15.0

Action Changes

Internal Changes

v2.0.1

What's Changed

v2.0.0

What's Changed

v5.2.0