Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update all github action dependencies (main) (minor) #30394

Merged
merged 1 commit into from
Jan 26, 2024
Merged

chore(deps): update all github action dependencies (main) (minor) #30394

merged 1 commit into from
Jan 26, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jan 24, 2024
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Type Update Change
anchore/scan-action action minor v3.3.8 -> v3.6.1
azure/login action minor v1.5.1 -> v1.6.1
dorny/paths-filter action minor v2.11.1 -> v2.12.0
eksctl-io/eksctl minor v0.167.0 -> v0.169.0
github/codeql-action action minor v2.22.12 -> v2.23.1
google-github-actions/auth action minor v2.0.1 -> v2.1.0
google-github-actions/setup-gcloud action minor v2.0.1 -> v2.1.0
kubernetes-sigs/bom minor v0.5.1 -> v0.6.0

Release Notes

anchore/scan-action (anchore/scan-action)

v3.6.1

Compare Source

New in scan-action v3.6.1

v3.6.0

Compare Source

New in scan-action v3.6.0

v3.5.0

Compare Source

New in scan-action v3.5.0

v3.4.0

Compare Source

New in scan-action v3.4.0
azure/login (azure/login)

v1.6.1: Azure Login Action v1.6.1

Compare Source

  • Fix #​403: Do not break the workflow if az is not installed in pre and post steps

v1.6.0

Compare Source

dorny/paths-filter (dorny/paths-filter)

v2.12.0

Compare Source

eksctl-io/eksctl (eksctl-io/eksctl)

v0.169.0: eksctl 0.169.0 (permalink)

Compare Source

Release v0.169.0
🚀 Features
🎯 Improvements
  • Fix coredns pdb preventing cluster deletion in integration tests (#​7496)
  • Update well-known policy for ebsCSIController (#​7451)
  • Handle unordered public endpoint CIDRs from EKS in endpoint updates (#​7483)
🧰 Maintenance
  • Fix coredns pdb preventing cluster deletion in integration tests (#​7496)
📝 Documentation
Acknowledgments

Weaveworks would like to sincerely thank:
@​Emberwalker, @​guessi, and @​teraflik

v0.168.0: eksctl 0.168.0 (permalink)

Compare Source

Release v0.168.0
🎯 Improvements
  • Safely access/mutate fargate coredns pod annotations (#​7480)
🐛 Bug Fixes
  • Fix generating presigned URL for K8s authentication (#​7487)
  • Ignore unsupported zone types when creating a zone mapping (#​7204)
github/codeql-action (github/codeql-action)

v2.23.1

Compare Source

v2.23.0

Compare Source

google-github-actions/auth (google-github-actions/auth)

v2.1.0

Compare Source

What's Changed

Full Changelog: google-github-actions/auth@v2...v2.1.0

google-github-actions/setup-gcloud (google-github-actions/setup-gcloud)

v2.1.0

Compare Source

What's Changed

Full Changelog: google-github-actions/setup-gcloud@v2...v2.1.0

kubernetes-sigs/bom (kubernetes-sigs/bom)

v0.6.0

Compare Source

Changes by Kind
Feature
  • Add attestation in the release job (#​271, @​cpanato)
  • Added support for scanning images with RPM package managers (#​342, @​micahhausler)
  • Bom now ships with the SPDX license list version v3.21 embedded. (#​307, @​puerco)
  • Improved the query help output, most importantly there is now help for the purl matcher
    • New flag --purl to output purls instead of names
    • The name matching filter now supports full regexes and not just substring matching
    • New pluggable printer interface to output in more formats
    • bom document query now can output in JSON and CSV in addition to the usual line printer using --format
    • New --fields flag controls which fields of the sbom will be printed on the query output
    • Piped data on STDIN is now autodetected, you can now pipe an SBOM to bom document query and skip the filename (#​291, @​puerco)
  • OS Packages now can include an auto-generated download location. Initially supports Debian and Wolfi. (#​270, @​puerco)
  • The bom json parser now supports top-level elements specified with a DESCRIBES relationship to the document. documentDescribes is, of course, still suppoirted
    • License printing in query results has better NOASSERTION detection when choosing which license to print. (#​304, @​puerco)
  • Update license-data to v3.22 (#​357, @​cpanato)
  • bom now supports scanning OS packages from images based on distroless.
    • Fixed a bug where bom would drop the last package read from the debian database
    • Fixed an encoding bug in oci-typed purls where the version had an unescaped colon. (#​345, @​puerco)
  • bom will now autodetect when STDIN is open to outline an SBOM to avoid specifying it with a dash (#​260, @​puerco)
Bug or Regression
  • Bom will now read the SBOM until it detects the SBOM encoding data, enabling it to parse SBOMs with the document data defined at the end of the file.
    • When trying to ingest a CycloneDX document, bom will now print a more useful warning (#​259, @​puerco)
  • Fixed a race condition where concurrent files canning processes could clash and cause a segfault (thanks to @​howardjohn for reporting) (#​312, @​puerco)
  • JSON-encoded files now include supplier and originator data. (#​269, @​puerco)
Other (Cleanup or Flake)
  • Go.mod: Update github.com/uwu-tools/magex to v0.10.0 (#​275, @​cpanato)
  • SPDX packages representing container images are now named using their full reference and digest: registry.com/repository/image@sha256:digest (#​289, @​puerco)
Dependencies
Added
  • dario.cat/mergo: v1.0.0
  • github.com/MakeNowJust/heredoc/v2: v2.0.1
  • github.com/cyphar/filepath-securejoin: v0.2.4
  • github.com/dustin/go-humanize: v1.0.1
  • github.com/elazarl/goproxy: 2592e75
  • github.com/glebarez/go-sqlite: v1.22.0
  • github.com/go-jose/go-jose/v3: v3.0.0
  • github.com/golang/groupcache: 41bb18b
  • github.com/google/pprof: e6195bd
  • github.com/hashicorp/errwrap: v1.0.0
  • github.com/hashicorp/go-multierror: v1.1.1
  • github.com/kballard/go-shellquote: 95032a8
  • github.com/klauspost/cpuid/v2: v2.2.3
  • github.com/knqyf263/go-rpmdb: 067d98b
  • github.com/mattn/go-isatty: v0.0.20
  • github.com/mattn/go-sqlite3: v1.14.16
  • github.com/remyoudompheng/bigfft: 24d4a6f
  • github.com/uwu-tools/magex: v0.10.0
  • golang.org/x/exp: d852ddb
  • golang.org/x/tools/go/vcs: v0.1.0-deprecated
  • lukechampine.com/uint128: v1.3.0
  • modernc.org/cc/v3: v3.41.0
  • modernc.org/ccgo/v3: v3.16.15
  • modernc.org/httpfs: v1.0.6
  • modernc.org/libc: v1.37.6
  • modernc.org/mathutil: v1.6.0
  • modernc.org/memory: v1.7.2
  • modernc.org/opt: v0.1.3
  • modernc.org/sqlite: v1.28.0
  • modernc.org/strutil: v1.2.0
  • modernc.org/tcl: v1.15.2
  • modernc.org/token: v1.1.0
  • modernc.org/z: v1.7.3
Changed
Removed
  • github.com/MakeNowJust/heredoc: v1.0.0
  • github.com/acomagu/bufpipe: v1.0.4
  • github.com/bwesterb/go-ristretto: v1.2.0
  • github.com/carolynvs/magex: v0.9.0
  • github.com/creack/pty: v1.1.17
  • github.com/frankban/quicktest: v1.14.0
  • github.com/google/renameio: v1.0.1
  • github.com/imdario/mergo: v0.3.13
  • github.com/jessevdk/go-flags: v1.5.0
  • github.com/matryer/is: v1.2.0
  • github.com/mmcloughlin/avo: v0.5.0
  • github.com/niemeyer/pretty: a10e7ca
  • github.com/pkg/diff: 20ebb0f
  • github.com/shurcooL/sanitized_anchor_name: v1.0.0
  • golang.org/x/arch: v0.1.0
  • gopkg.in/errgo.v2: v2.1.0
  • gopkg.in/square/go-jose.v2: v2.6.0
  • mvdan.cc/editorconfig: v0.2.0
  • rsc.io/pdf: v0.1.1

Configuration

📅 Schedule: Branch creation - "on monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Never, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot requested review from a team as code owners January 24, 2024 09:11
@renovate renovate bot added kind/enhancement This would improve or streamline existing functionality. release-note/misc This PR makes changes that have no direct user impact. renovate/stop-updating Tell Renovate to stop updating PR labels Jan 24, 2024
@github-actions github-actions bot added the kind/community-contribution This was a contribution made by a community member. label Jan 24, 2024
@aanm
Copy link
Member

aanm commented Jan 24, 2024

/test

@aanm aanm enabled auto-merge January 24, 2024 09:16
@aanm aanm added this pull request to the merge queue Jan 25, 2024
@github-merge-queue github-merge-queue bot removed this pull request from the merge queue due to a conflict with the base branch Jan 25, 2024
@renovate renovate bot force-pushed the renovate/main-all-github-action branch from 7d1ab44 to fc887a6 Compare January 26, 2024 09:19
@aanm
Copy link
Member

aanm commented Jan 26, 2024

/test

@aanm aanm enabled auto-merge January 26, 2024 10:35
@aanm aanm added this pull request to the merge queue Jan 26, 2024
Merged via the queue into main with commit 0994ddc Jan 26, 2024
205 checks passed
@aanm aanm deleted the renovate/main-all-github-action branch January 26, 2024 20:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aanm aanm aanm approved these changes

@christarazi christarazi christarazi approved these changes

@marseel marseel marseel approved these changes

@YutaroHayakawa YutaroHayakawa Awaiting requested review from YutaroHayakawa YutaroHayakawa is a code owner automatically assigned from cilium/sig-clustermesh

Assignees
No one assigned
Labels
kind/community-contribution This was a contribution made by a community member. kind/enhancement This would improve or streamline existing functionality. release-note/misc This PR makes changes that have no direct user impact. renovate/stop-updating Tell Renovate to stop updating PR
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@aanm @marseel @christarazi