Bump fastlane from 2.216.0 to 2.219.0 in /macos , and register Dependabot secrets

[dependabot]

Bumps fastlane from 2.216.0 to 2.219.0.

Release notes

Sourced from fastlane's releases.

2.219.0 Improvements

• [fastlane][ci] Lock google-cloud-env < 2.0.0 for Ruby 2.6 and fix CI to use specified ruby versions (#21777) via Josh Holtz (@​joshdholtz)
• [sigh] prevent crashes in fetch_profiles when profiles have no bundle_id (#21758) via jonas2808 (@​jonas2808)
• [scan] Fix device selection issue fallback scenario (#21772) via arc-v2 (@​arc-v2)
• [sigh] fix cache parameters validation (#21766) via Vitalii Budnik (@​nekrich)
• [match] fix cache issues in read-only mode (#21767) via Vitalii Budnik (@​nekrich)

2.218.0 Improvements

Auto-generated by fastlane 🤖

Changes since release '2.217.0':

• [action][sonar] replace deprecated sonar.login parameter with sonar.token (#21736) via Panajev (@​Panajev)
• [action][spm] add simulator flag for swift compiler (#21707) via Mohammad Gharari (@​gharary)
• [security] update sinatra dev dependency to resolve dependabot alert (#21709) via Jerome Lacoste (@​lacostej)
• [fastlane-core] recommends to retry uploading when AltoolTransporterExecutor crashes (#21536) via Jason Hagglund (@​TheMetalCode)
• [Fastlane.swift] fix Unexpected duplicate tasks error message in Fastlane Swift (#21621) via Daniel Jankowski (@​mollyIV)
• [scan] Filter simulators with version greater than SDK version of active Xcode installation when choosing default (#21677) via wuaar1003 (@​wuaar1003)
• [plugin_generator] move development dependencies from *.gemspec.erb to Gemfile.erb (#21726) via Roger Oba (@​rogerluan)
• [match] add caching layer to significantly improve performance by up to 100x (#21694) via Vitalii Budnik (@​nekrich)
• [fastlane_core] add support to Ruby 3.3 (#21683) via Jerome Lacoste (@​lacostej)
• [fastlane] remove some unused method parameters (#21722) via Jerome Lacoste (@​lacostej)
• [action][spm] deprecate build_path option in favor of scratch_path, as recommended by Swift CLI (#20814) via Victor Carvalho Tavernari (@​Tavernari)
• [match] git storage: allow simultaneous usage of clone_branch_directly and shallow_clone (#21716) via Vitalii Budnik (@​nekrich)
• [action][spm] add parallel option (#21665) via Bram Schulting (@​bramschulting)
• [fastlane_core] remove expired WWDR G1 certificate from cert_checker (#21098) via janwiebe-jump (@​janwiebe-jump)
• [action][upload_symbols_to_crashlytics] allow '~' in binary path (#21032) via GevaZeichner (@​GevaZeichner)
• [scan] replace the simctl boot command with simctl bootstatus, potentially fixing signal kill before running tests (#21026) via Alexey Alter-Pesotskiy (@​testableapple)
• [spaceship] add Spaceship::ConnectAPI::AppPreviewSet::PreviewType::IPHONE_67 (#21710) via Sergei Sevkovich (@​drcreazy)
• [action][ensure_no_debug_code] detect binding.irb in ensure_no_debug_code during build. (#21635) via Takuma Homma (@​mataku)
• CONTRIBUTING.md: remove Google CLA section (#21646) via Jay Soffian (@​jaysoffian)
• [fastlane_core] hide xcodebuild stderr to solve #21672 (#21673) via Jerome Lacoste (@​lacostej)
• [scan] fix misleading error message when no devices are found (#21650) via Miles Thompson (@​MagnificentMiles)
• [deliver][spaceship][scan] fix build warnings in rspec (#21660) via Jerome Lacoste (@​lacostej)
• [deliver] fix regression where changes made to the privacy URL fail to upload (#21657) via Owen Hart (@​owjsub)
• [fastlane_core] let FastlanePty detect when externally invoked programs crash, harden it when using popen, and expose process statuses. (#21618) via Jerome Lacoste (@​lacostej)

2.217.0 Improvements

• [spaceship] work around deliver issue #21105 (#21633) via Jerome Lacoste (@​lacostej)
• [action][slather] add support for slather's new --ymlfile option (#21613) via jarrodlombardo-EventBase (@​jarrodlombardo-EventBase)
• [action][notarize] printing log on error (#21609) via Csaba Szigeti (@​szigetics)
• [tests] fix test being potentially muddied by local ENV (#21586) via Olivier Halligon (@​AliSoftware)
• [match] remove redundant fetching of profile devices and certificates (#21409) via Vitalii Budnik (@​nekrich)
• [match] hide sensitive information in match output (#21603) via Duncan MacDonald (@​oct0f1sh)
• [supple] fix issue with releases containing retained versions (#20997) (#20998) via Mariano Miani (@​mmiani)
• [action][git_branch] add FL_GIT_BRANCH_DONT_USE_ENV_VARS env var to git_branch (#21597) via Oguz Kocer (@​oguzkocer)
• [tests] Make error message expectation more flexible in runner_spec.rb to support Ruby 2.6 error message format (#21591) via Olivier Halligon (@​AliSoftware)
• [docs] fix typo practies → practices based on feedback from fastlane/docs (#21589) via Roger Oba (@​rogerluan)
• [fastlane] add support for keyword arguments for lanes in Ruby 3 (#21587) via Olivier Halligon (@​AliSoftware)
• [tests] update fakefs to fix test failures on Ruby 3.2.2 (#21588) via Olivier Halligon (@​AliSoftware)

... (truncated)

Commits

• ebd6daf Version bump to 2.219.0 (#21778)
• d6a2c74 [fastlane][ci] Lock google-cloud-env < 2.0.0 for Ruby 2.6 and fix CI to use s...
• 7970e41 Update runner.rb (#21758)
• 0b50ec8 [ci] fix homebrew bump url (#21761)
• 1a5a140 Remove 'nil' from array before returning (#21772)
• 5ca4eb7 [sigh] fix cache parameters validation (#21766)
• 2ccb64c fix: match cache in read-only mode (#21767)
• d8d9d94 Version bump to 2.218.0 (#21760)
• e4296f1 [docs] fix typos, grammar issues and improve wording across the codebase, doc...
• 445c51e [action][sonar] replace deprecated sonar.login parameter with sonar.token (#2...
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 94.02%. Comparing base (7477bc5) to head (e8fa9de).

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #1681   +/-   ##
=======================================
  Coverage   94.02%   94.02%           
=======================================
  Files          52       52           
  Lines        1506     1506           
=======================================
  Hits         1416     1416           
  Misses         90       90           

Flag	Coverage Δ
integration_test	70.91% <ø> (ø)
macos	93.09% <ø> (ø)
ubuntu	93.49% <ø> (ø)
widget_test	90.43% <ø> (ø)
windows	93.49% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

[sensuikan1973]

[21:37:24]: Cloning remote git repo...
[21:37:24]: If cloning the repo takes too long, you can use the `clone_branch_directly` option in match.
Cloning into '/var/folders/qv/pdh5wsgn0lq3dp77zj602b5c0000gn/T/d20240104-13443-zol4mt'...
fatal: could not read Username for 'https://github.com/': terminal prompts disabled
[21:37:25]: Exit status: 128
[21:37:25]: Error cloning certificates repo, please make sure you have read access to the repository you want to use
[21:37:25]: Run the following command manually to make sure you're properly authenticated:
[21:37:25]: $ git clone https://github.com/sensuikan1973/apple_certificates.git /var/folders/qv/pdh5wsgn0lq3dp77zj602b5c0000gn/T/d20240104-13443-zol4mt -c http.extraheader='Authorization: Basic '
+---------------------------------------------------------------------------------+
|                                  Lane Context                                   |
+---------------------------+-----------------------------------------------------+
| DEFAULT_PLATFORM          | mac                                                 |
| PLATFORM_NAME             | mac                                                 |
| LANE_NAME                 | mac deploy_app_store                                |
| KEYCHAIN_PATH             | ~/Library/Keychains/fastlane_tmp_keychain           |
| ORIGINAL_DEFAULT_KEYCHAIN | "/Users/runner/Library/Keychains/login.keychain-db" |
+---------------------------+-----------------------------------------------------+
[21:37:25]: Error cloning certificates git repo, please make sure you have access to the repository - see instructions above

+------------------------------------------------+
|                fastlane summary                |
+------+---------------------------+-------------+
| Step | Action                    | Time (in s) |
+------+---------------------------+-------------+
| 1    | default_platform          | 0           |
| 2    | setup_ci                  | 0           |
| 3    | app_store_connect_api_key | 0           |
| 💥   | match                     | 0           |
+------+---------------------------+-------------+


[!] Error cloning certificates git repo, please make sure you have access to the repository - see instructions above
[21:37:25]: fastlane finished with errors

[sensuikan1973]

ref: fastlane/fastlane#21754 (comment)

[sensuikan1973]

@dependabot rebase

[sensuikan1973]

@dependabot rebase

[sensuikan1973]

@dependabot rebase

[sensuikan1973]

[23:51:10]: Cloning remote git repo...
[23:51:10]: If cloning the repo takes too long, you can use the `clone_branch_directly` option in match.

Cloning into '/var/folders/qv/pdh5wsgn0lq3dp77zj602b5c0000gn/T/d20240128-15537-p07nyn'...
fatal: could not read Username for 'https://github.com/': terminal prompts disabled
[!] Error cloning certificates git repo, please make sure you have access to the repository - see instructions above
[23:51:10]: Exit status: 128
[23:51:10]: Error cloning certificates repo, please make sure you have read access to the repository you want to use
[23:51:10]: Run the following command manually to make sure you're properly authenticated:
[23:51:10]: $ git clone https://github.com/sensuikan1973/apple_certificates.git /var/folders/qv/pdh5wsgn0lq3dp77zj602b5c0000gn/T/d20240128-1[553](https://github.com/sensuikan1973/pedax/actions/runs/7689180391/job/20951265901?pr=1681#step:9:554)7-p07nyn -c http.extraheader='Authorization: Basic '
+---------------------------------------------------------------------------------+
|                                  Lane Context                                   |
+---------------------------+-----------------------------------------------------+
| DEFAULT_PLATFORM          | mac                                                 |
| PLATFORM_NAME             | mac                                                 |
| LANE_NAME                 | mac deploy_app_store                                |
| KEYCHAIN_PATH             | ~/Library/Keychains/fastlane_tmp_keychain           |
| ORIGINAL_DEFAULT_KEYCHAIN | "/Users/runner/Library/Keychains/login.keychain-db" |
+---------------------------+-----------------------------------------------------+
[23:51:10]: Error cloning certificates git repo, please make sure you have access to the repository - see instructions above

+------------------------------------------------+
|                fastlane summary                |
+------+---------------------------+-------------+
| Step | Action                    | Time (in s) |
+------+---------------------------+-------------+
| 1    | default_platform          | 0           |
| 2    | setup_ci                  | 0           |
| 3    | app_store_connect_api_key | 0           |
| 💥   | match                     | 0           |
+------+---------------------------+-------------+

[23:51:10]: fastlane finished with errors

[sensuikan1973]

fastlane/fastlane#18066

and

https://docs.github.com/en/code-security/dependabot/working-with-dependabot/automating-dependabot-with-github-actions#accessing-secrets

When a Dependabot event triggers a workflow, the only secrets available to the workflow are Dependabot secrets. GitHub Actions secrets are not available. Consequently, you must store any secrets that are used by a workflow triggered by Dependabot events as Dependabot secrets. For more information, see "Configuring access to private registries for Dependabot."

Dependabot secrets are added to the secrets context and referenced using exactly the same syntax as secrets for GitHub Actions. For more information, see "Using secrets in GitHub Actions."