Release GCM 2.5 #1587
Merged
Release GCM 2.5 #1587
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This lack of space breaks the script on some less featured shells. This commit fixes it
Bumps [azure/azure-code-signing-action](https://github.com/azure/azure-code-signing-action) from 0.2.21 to 0.2.22. - [Release notes](https://github.com/azure/azure-code-signing-action/releases) - [Commits](https://github.com/azure/azure-code-signing-action/compare/v0.2.21...v0.2.22) --- updated-dependencies: - dependency-name: azure/azure-code-signing-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [actions/github-script](https://github.com/actions/github-script) from 6 to 7. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@v6...v7) --- updated-dependencies: - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 13.0.0 to 14.0.0. - [Release notes](https://github.com/davidanson/markdownlint-cli2-action/releases) - [Commits](DavidAnson/markdownlint-cli2-action@ed4dec6...455b661) --- updated-dependencies: - dependency-name: DavidAnson/markdownlint-cli2-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 3.2.0 to 4.0.0. - [Release notes](https://github.com/actions/setup-dotnet/releases) - [Commits](actions/setup-dotnet@v3.2.0...v4.0.0) --- updated-dependencies: - dependency-name: actions/setup-dotnet dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Avalonia 11 automatically generates some view codes. - Properties for controls with `x:Name` or `Name`. - `InitializeComponent()` method to initialize such properties. - DevTools for debug builds. This change uses such generated codes in views and reduces manual efforts. The names of the controls are changed to start with underscore, so that the generated property names align with the naming style in this project.
…22 (#1471) Bumps [azure/azure-code-signing-action](https://github.com/azure/azure-code-signing-action) from 0.2.21 to 0.2.22.
…14.0.0 (#1480) Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 13.0.0 to 14.0.0.
Bumps [actions/github-script](https://github.com/actions/github-script) from 6 to 7.
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 3.2.0 to 4.0.0.
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v2...v3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 4. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v3...v4) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [azure/azure-code-signing-action](https://github.com/azure/azure-code-signing-action) from 0.2.22 to 0.3.0. - [Release notes](https://github.com/azure/azure-code-signing-action/releases) - [Commits](https://github.com/azure/azure-code-signing-action/compare/v0.2.22...v0.3.0) --- updated-dependencies: - dependency-name: azure/azure-code-signing-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
#1518) Bumps [azure/azure-code-signing-action](https://github.com/azure/azure-code-signing-action) from 0.2.22 to 0.3.0.
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 4.
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
Fix a bug in the Azure Repos host provider that prevented the Azure DevOps organisation name from being pulled from the userinfo part of the remote URL. When creating the remote URL from Git input in multiple places we had not been preserving the userinfo part that was subsequently passed to the `CreateOrganizationUri` helper method to extract the org URL. Also add an additional test for PAT mode to cover this use case.
Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 14.0.0 to 15.0.0. - [Release notes](https://github.com/davidanson/markdownlint-cli2-action/releases) - [Commits](DavidAnson/markdownlint-cli2-action@455b661...510b996) --- updated-dependencies: - dependency-name: DavidAnson/markdownlint-cli2-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) from 1.8.0 to 1.9.3. - [Release notes](https://github.com/lycheeverse/lychee-action/releases) - [Commits](lycheeverse/lychee-action@ec3ed11...c053181) --- updated-dependencies: - dependency-name: lycheeverse/lychee-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v3...v4) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <h2>What's Changed</h2> <p>The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.</p> <p>For more information, see the <a href="https://github.com/actions/toolkit/tree/main/packages/artifact"><code>@actions/artifact</code></a> documentation.</p> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/vmjoseph"><code>@vmjoseph</code></a> made their first contribution in <a href="https://github.com/actions/upload-artifact/pull/464">actions/upload-artifact#464</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v3...v4.0.0">https://github.com/actions/upload-artifact/compare/v3...v4.0.0</a></p> <h2>v3.1.3</h2> <h2>What's Changed</h2> <ul> <li>chore(github): remove trailing whitespaces by <a href="https://github.com/ljmf00"><code>@ljmf00</code></a> in <a href="https://github.com/actions/upload-artifact/pull/313">actions/upload-artifact#313</a></li> <li>Bump <code>@actions/artifact</code> version to v1.1.2 by <a href="https://github.com/bethanyj28"><code>@bethanyj28</code></a> in <a href="https://github.com/actions/upload-artifact/pull/436">actions/upload-artifact#436</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v3...v3.1.3">https://github.com/actions/upload-artifact/compare/v3...v3.1.3</a></p> <h2>v3.1.2</h2> <ul> <li>Update all <code>@actions/*</code> NPM packages to their latest versions- <a href="https://github.com/actions/upload-artifact/issues/374">#374</a></li> <li>Update all dev dependencies to their most recent versions - <a href="https://github.com/actions/upload-artifact/issues/375">#375</a></li> </ul> <h2>v3.1.1</h2> <ul> <li>Update actions/core package to latest version to remove <code>set-output</code> deprecation warning <a href="https://github.com/actions/upload-artifact/issues/351">#351</a></li> </ul> <h2>v3.1.0</h2> <h2>What's Changed</h2> <ul> <li>Bump <code>@actions/artifact</code> to v1.1.0 (<a href="https://github.com/actions/upload-artifact/pull/327">actions/upload-artifact#327</a>) <ul> <li>Adds checksum headers on artifact upload (<a href="https://github.com/actions/toolkit/pull/1095">actions/toolkit#1095</a>) (<a href="https://github.com/actions/toolkit/pull/1063">actions/toolkit#1063</a>)</li> </ul> </li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/c7d193f32edcb7bfad88892161225aeda64e9392"><code>c7d193f</code></a> Merge pull request <a href="https://github.com/actions/upload-artifact/issues/466">#466</a> from actions/v4-beta</li> <li><a href="https://github.com/actions/upload-artifact/commit/13131bb095770b4070a7477c3cd2d96e1c16d9f4"><code>13131bb</code></a> licensed cache</li> <li><a href="https://github.com/actions/upload-artifact/commit/4a6c273b9834f66a1d05c170dc3f80f9cdb9def1"><code>4a6c273</code></a> Merge branch 'main' into v4-beta</li> <li><a href="https://github.com/actions/upload-artifact/commit/f391bb91a3d3118aeca171c365bb319ece276b37"><code>f391bb9</code></a> Merge pull request <a href="https://github.com/actions/upload-artifact/issues/465">#465</a> from actions/robherley/v4-documentation</li> <li><a href="https://github.com/actions/upload-artifact/commit/9653d03c4b74c32144e02dae644fea70e079d4b3"><code>9653d03</code></a> Apply suggestions from code review</li> <li><a href="https://github.com/actions/upload-artifact/commit/875b63076402f25ef9d52c294c86ba4f97810575"><code>875b630</code></a> add limitations section</li> <li><a href="https://github.com/actions/upload-artifact/commit/ecb21463e93740a6be75c3116242169bfdbcb15a"><code>ecb2146</code></a> add compression example</li> <li><a href="https://github.com/actions/upload-artifact/commit/5e7604f84a055838f64ed68bb9904751523081ae"><code>5e7604f</code></a> trim some repeated info</li> <li><a href="https://github.com/actions/upload-artifact/commit/d6437d07581fe318a364512e6cf6b1dca6b4f92c"><code>d6437d0</code></a> naming</li> <li><a href="https://github.com/actions/upload-artifact/commit/1b561557037b4957d7d184e9aac02bec86c771eb"><code>1b56155</code></a> s/v4-beta/v4/g</li> <li>Additional commits viewable in <a href="https://github.com/actions/upload-artifact/compare/v3...v4">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) You can trigger a rebase of this PR by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> > **Note** > Automatic rebases have been disabled on this pull request as it has been open for over 30 days.
Bumps [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) from 1.8.0 to 1.9.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lycheeverse/lychee-action/releases">lycheeverse/lychee-action's releases</a>.</em></p> <blockquote> <h2>Version 1.9.3</h2> <h2>What's Changed</h2> <ul> <li>Bugfix: Pass custom <code>token</code> as input argument to action by <a href="https://github.com/mre"><code>@mre</code></a> in <a href="https://github.com/lycheeverse/lychee-action/pull/222">lycheeverse/lychee-action#222</a> Previously, the name of the token was incorrect, leading to no token being used if the user specified <code>with: [token: ...]</code>. Thanks to <a href="https://github.com/tobon4"><code>@tobon4</code></a> for pointing this out.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/lycheeverse/lychee-action/compare/v1...v1.9.3">https://github.com/lycheeverse/lychee-action/compare/v1...v1.9.3</a></p> <h2>Version 1.9.2</h2> <h2>What's Changed</h2> <ul> <li>Bump actions/cache from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github.com/lycheeverse/lychee-action/pull/221">lycheeverse/lychee-action#221</a></li> <li>Bump peter-evans/create-issue-from-file from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github.com/lycheeverse/lychee-action/pull/223">lycheeverse/lychee-action#223</a></li> <li>Bump to lychee 0.14.2 in <a href="https://github.com/lycheeverse/lychee-action/commit/eeb9cb63fe093e4d17e5853314dbf862bb35f28d">https://github.com/lycheeverse/lychee-action/commit/eeb9cb63fe093e4d17e5853314dbf862bb35f28d</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/lycheeverse/lychee-action/compare/v1...v1.9.2">https://github.com/lycheeverse/lychee-action/compare/v1...v1.9.2</a></p> <h2>Version 1.9.1</h2> <p>This is a hotfix release which restores the behavior of the <code>accept</code> config parameter. Integers are accepted again as status codes.</p> <pre lang="toml"><code>accept = [200, 201, 202, 203, 429] </code></pre> <p>is equivalent to</p> <pre lang="toml"><code>accept = ["200..=203", 429] </code></pre> <p>Integers and strings (e.g. for ranges) can be mixed.</p> <h2>Version 1.9.0</h2> <h2>What's Changed</h2> <ul> <li>Document the current directory for the cache argument example by <a href="https://github.com/theredfish"><code>@theredfish</code></a> in <a href="https://github.com/lycheeverse/lychee-action/pull/193">lycheeverse/lychee-action#193</a></li> <li>Add <code>*.rst</code> glob pattern to defaults by <a href="https://github.com/kdeldycke"><code>@kdeldycke</code></a> in <a href="https://github.com/lycheeverse/lychee-action/pull/197">lycheeverse/lychee-action#197</a></li> <li>Automatically pass Github token by <a href="https://github.com/mre"><code>@mre</code></a> in <a href="https://github.com/lycheeverse/lychee-action/pull/196">lycheeverse/lychee-action#196</a></li> <li>Always create output file; not only on error by <a href="https://github.com/mre"><code>@mre</code></a> in <a href="https://github.com/lycheeverse/lychee-action/pull/199">lycheeverse/lychee-action#199</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://github.com/lycheeverse/lychee-action/pull/208">lycheeverse/lychee-action#208</a></li> <li>add documentation on using the param when testing local files (as in… by <a href="https://github.com/tgaff"><code>@tgaff</code></a> in <a href="https://github.com/lycheeverse/lychee-action/pull/211">lycheeverse/lychee-action#211</a></li> <li>fix: Lychee output to file (fixes <a href="https://github.com/lycheeverse/lychee-action/issues/214">#214</a>) by <a href="https://github.com/LilDrunkenSmurf"><code>@LilDrunkenSmurf</code></a> in <a href="https://github.com/lycheeverse/lychee-action/pull/215">lycheeverse/lychee-action#215</a></li> <li>Add integration test for custom output paths (<a href="https://github.com/lycheeverse/lychee-action/issues/215">#215</a>) by <a href="https://github.com/mre"><code>@mre</code></a> in <a href="https://github.com/lycheeverse/lychee-action/pull/217">lycheeverse/lychee-action#217</a></li> <li>Add integration tests for absolute output path and <code>--dump</code> by <a href="https://github.com/mre"><code>@mre</code></a> in <a href="https://github.com/lycheeverse/lychee-action/pull/218">lycheeverse/lychee-action#218</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/theredfish"><code>@theredfish</code></a> made their first contribution in <a href="https://github.com/lycheeverse/lychee-action/pull/193">lycheeverse/lychee-action#193</a></li> <li><a href="https://github.com/kdeldycke"><code>@kdeldycke</code></a> made their first contribution in <a href="https://github.com/lycheeverse/lychee-action/pull/197">lycheeverse/lychee-action#197</a></li> <li><a href="https://github.com/tgaff"><code>@tgaff</code></a> made their first contribution in <a href="https://github.com/lycheeverse/lychee-action/pull/211">lycheeverse/lychee-action#211</a></li> <li><a href="https://github.com/LilDrunkenSmurf"><code>@LilDrunkenSmurf</code></a> made their first contribution in <a href="https://github.com/lycheeverse/lychee-action/pull/215">lycheeverse/lychee-action#215</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lycheeverse/lychee-action/commit/c053181aa0c3d17606addfe97a9075a32723548a"><code>c053181</code></a> Pass custom <code>token</code> as input argument to action (<a href="https://github.com/lycheeverse/lychee-action/issues/222">#222</a>)</li> <li><a href="https://github.com/lycheeverse/lychee-action/commit/eeb9cb63fe093e4d17e5853314dbf862bb35f28d"><code>eeb9cb6</code></a> Bump to lychee 0.14.2</li> <li><a href="https://github.com/lycheeverse/lychee-action/commit/0fa791a2a1cef2fdc22f703bb81fac6ccaa9ee06"><code>0fa791a</code></a> Bump peter-evans/create-issue-from-file from 4 to 5 (<a href="https://github.com/lycheeverse/lychee-action/issues/223">#223</a>)</li> <li><a href="https://github.com/lycheeverse/lychee-action/commit/8c9a282bef269f1ba1f727d1f79c5b8139bf3a5a"><code>8c9a282</code></a> Bump actions/cache from 3 to 4 (<a href="https://github.com/lycheeverse/lychee-action/issues/221">#221</a>)</li> <li><a href="https://github.com/lycheeverse/lychee-action/commit/c3089c702fbb949e3f7a8122be0c33c017904f9b"><code>c3089c7</code></a> Bump to lychee 0.14.1</li> <li><a href="https://github.com/lycheeverse/lychee-action/commit/fdea7032675810093199f485fe075f057cc37b3e"><code>fdea703</code></a> Update secure git hash for 1.9.0</li> <li><a href="https://github.com/lycheeverse/lychee-action/commit/22134d37a1fff6c2974df9c92a7c7e1e86a08f9c"><code>22134d3</code></a> Bump version to 1.9.0</li> <li><a href="https://github.com/lycheeverse/lychee-action/commit/ebd95ebde89b46eaf3567432efb0b52bad2187d7"><code>ebd95eb</code></a> Update to latest lychee 0.14.0</li> <li><a href="https://github.com/lycheeverse/lychee-action/commit/37d79d3b6eda9990480a57eed21c847792dec37a"><code>37d79d3</code></a> Add integration tests for absolute output path and <code>--dump</code> (<a href="https://github.com/lycheeverse/lychee-action/issues/218">#218</a>)</li> <li><a href="https://github.com/lycheeverse/lychee-action/commit/57219e4f1d23b32484889db3dbd73f6b814c9bfa"><code>57219e4</code></a> Add integration test for custom output paths (<a href="https://github.com/lycheeverse/lychee-action/issues/1309">#1309</a>) (<a href="https://github.com/lycheeverse/lychee-action/issues/217">#217</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lycheeverse/lychee-action/compare/ec3ed119d4f44ad2673a7232460dc7dff59d2421...c053181aa0c3d17606addfe97a9075a32723548a">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
…15.0.0 (#1523) Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 14.0.0 to 15.0.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/DavidAnson/markdownlint-cli2-action/commit/510b996878fc0d1a46c8a04ec86b06dbfba09de7"><code>510b996</code></a> Update to version 15.0.0.</li> <li><a href="https://github.com/DavidAnson/markdownlint-cli2-action/commit/635569d70651006739be51df26560aa722d62e43"><code>635569d</code></a> Freshen generated index.js file.</li> <li><a href="https://github.com/DavidAnson/markdownlint-cli2-action/commit/f8bd042d35a6ec08336a079bf275e7cacfce356a"><code>f8bd042</code></a> Bump markdownlint-cli2 from 0.12.0 to 0.12.1</li> <li><a href="https://github.com/DavidAnson/markdownlint-cli2-action/commit/b90bac0a902c4fe9786864731c97ff63c544dca0"><code>b90bac0</code></a> Add link-image-style and table-pipe-style to .markdownlint.json.</li> <li><a href="https://github.com/DavidAnson/markdownlint-cli2-action/commit/a07066f4d1d125c1ee98d6d0d1484a98a896a9ec"><code>a07066f</code></a> Freshen generated index.js file.</li> <li><a href="https://github.com/DavidAnson/markdownlint-cli2-action/commit/29dc4b72f28e7ade472ac509ab4b24e5d868fb56"><code>29dc4b7</code></a> Bump markdownlint-cli2 from 0.11.0 to 0.12.0</li> <li><a href="https://github.com/DavidAnson/markdownlint-cli2-action/commit/94c45f37606280f22da042c89b0e6806a8937e87"><code>94c45f3</code></a> Bump tj-actions/changed-files from 40 to 41</li> <li><a href="https://github.com/DavidAnson/markdownlint-cli2-action/commit/00d80759aa407bb344fadb244159b5e5abf66faa"><code>00d8075</code></a> Bump eslint-plugin-unicorn from 49.0.0 to 50.0.1</li> <li><a href="https://github.com/DavidAnson/markdownlint-cli2-action/commit/29ea9956222f639909853ca51ec4601c3cc9c749"><code>29ea995</code></a> Update generated file due to transitive dependency change.</li> <li><a href="https://github.com/DavidAnson/markdownlint-cli2-action/commit/569c2e311de07466c9e295c3a7cd66024892fedf"><code>569c2e3</code></a> Bump eslint from 8.55.0 to 8.56.0</li> <li>Additional commits viewable in <a href="https://github.com/davidanson/markdownlint-cli2-action/compare/455b6612a7b7a80f28be9e019b70abdd11696e4e...510b996878fc0d1a46c8a04ec86b06dbfba09de7">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details>
Fix a bug in the Azure Repos host provider that prevented the Azure DevOps organisation name from being pulled from the userinfo part of the remote URL. When creating the remote URL from Git input in multiple places we had not been preserving the userinfo part that was subsequently passed to the `CreateOrganizationUri` helper method to extract the org URL. Also add an additional test for PAT mode to cover this use case. Fixes #1520
Bumps [azure/login](https://github.com/azure/login) from 1 to 2. - [Release notes](https://github.com/azure/login/releases) - [Commits](Azure/login@v1...v2) --- updated-dependencies: - dependency-name: azure/login dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Add documentation about Managed Identities and Service Principals for Azure Repos; how to configure them and use them with GCM. This will be useful for those that wish to adopt them as alternatives to PATs or other automated auth systems.
Add documentation about Managed Identities and Service Principals for Azure Repos; how to configure them and use them with GCM. This will be useful for those that wish to adopt them as alternatives to PATs or other automated auth systems. [Rendered version](https://github.com/git-ecosystem/git-credential-manager/blob/8b93d631e315ca0d2563f28ce582439e19c0ac46/docs/azrepos-misp.md)
Do not attempt to query for an organisation/user binding in the local repository configuration if we're not currently inside of a repository! This will prevent the warning message from Git's standard error stream from flowing to our caller's stderr stream when GCM tries to use the `--local` option in a `git config` call.
Do not attempt to query for an organisation/user binding in the local repository configuration if we're not currently inside of a repository! This will prevent the warning message from Git's standard error stream from flowing to our caller's stderr stream when GCM tries to use the `--local` option in a `git config` call. cc @markphip
Bumps [azure/azure-code-signing-action](https://github.com/azure/azure-code-signing-action) from 0.3.0 to 0.3.1. - [Release notes](https://github.com/azure/azure-code-signing-action/releases) - [Commits](https://github.com/azure/azure-code-signing-action/compare/v0.3.0...v0.3.1) --- updated-dependencies: - dependency-name: azure/azure-code-signing-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Migrate .NET tool from using ESRP to using the Sign CLI tool for signing. This tool is a fork of [1] that was set up to support Trusted Signing (previously known as Azure Code Signing). 1: https://github.com/dotnet/sign
Remove ESRP-related scripts, as we are no longer using this tool for signing.
# Summary This PR updates .NET tool payload/package signing to use the Sign CLI tool instead of ESRP. The most significant changes include the addition of a new step to download/extract the Sign CLI tool from Azure Blob Storage, the modification of signing steps to use the downloaded tool, and the removal of ESRP-related scripts. # Benefits Migrating away from ESRP comes with the following major benefits: 1. ESRP was designed for signing large-scale applications like Windows and Office, not lightweight OSS like GCM. Thus, we were somewhat abusing the ESRP service to make it work for our use case. Azure Trusted Signing (previously known as Azure Code Signing) fully supports our needs out of the box. 0. Speed - the end-to-end test runs I have completed have been running in about half the time of the workflow that was using ESRP (~10 minutes instead of ~20 minutes 🎉). # Testing I have successfully completed two end-to-end runs of the `release` workflow with these updates [in my fork](https://github.com/ldennington/git-credential-manager). # Details Changes to the release workflow: * [`.github/workflows/release.yml`](diffhunk://#diff-87db21a973eed4fef5f32b267aa60fcee5cbdf03c67fafdc2a9b553bb0b15f34L334): Zipping/unzipping steps for the unsigned payload and package were removed. The setup and running of the ESRP client were replaced with the downloading and extraction of the Sign CLI tool and the signing of the payload and package using this tool. Scripts removed: * [`.github/run_esrp_signing.py`](diffhunk://#diff-f60e53cf3706460a8d644a811df8197038395559c28d2a1bb2cc56dd235552b3L1-L135): The entire Python script for running the ESRP client has been removed. * [`.github/set_up_esrp.ps1`](diffhunk://#diff-14487115d5ba1dd214217419b4826e1789f7a917789eb0fccd90965a6510f5a0L1-L12): The PowerShell script for setting up the ESRP client has been removed.
Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 15.0.0 to 16.0.0. - [Release notes](https://github.com/davidanson/markdownlint-cli2-action/releases) - [Commits](DavidAnson/markdownlint-cli2-action@510b996...b4c9fea) --- updated-dependencies: - dependency-name: DavidAnson/markdownlint-cli2-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Update the target framework version for Mac and Linux to .NET 8, which is the latest LTS. .NET 7 is [leaving support on 2024-05-14](https://dotnet.microsoft.com/en-us/platform/support/policy/dotnet-core) so we need to do this. Windows is not being updated at this time due our courtesy to Visual Studio (that bundle the same GCM version across all their versions) who need Windows 8.x support until.. 2029... 😢 and Windows 10 is required for .NET (Core) 8. I plan to revisit the .NET Framework to Core on Windows effort after a discussion with the VS team at Microsoft.
Update the install from source script on Linux to install the .NET 8 SDK.
Update the install from source script on Linux to install the .NET 8 SDK. Verified this fix in manual run of https://github.com/git-ecosystem/git-credential-manager/actions/runs/8697380253 Note the Alpine issue is to be fixed in a separate PR: #1574
The version of libssl available in the Alpine package feeds changed with version 3.15. The latest libssl package is 1.1 in 3.14.x and earlier, but newer versions only have libssl3. Add a check for the Alpine version in the install from source script and switch between installing libssl3 and libssl1.1 depending on the distro version. Also add another entry to the test matrix of distributions to include a 3.14.x Alpine version.
Suppress the standard error stream from Git when checking if we're inside a repository or not, because the failure message is otherwise printed to the user's console when we are not (which is what we're trying to decide!). Note that we normally don't suppress or redirect the standard error stream for Git commands as the user may have enabled Git tracing (v1 or v2) to the stderr file and we don't want to mute these for all calls.
Suppress the standard error stream from Git when checking if we're inside a repository or not, because the failure message is otherwise printed to the user's console when we are not (which is what we're trying to decide!). Note that we normally don't suppress or redirect the standard error stream for Git commands as the user may have enabled Git tracing (v1 or v2) to the stderr file and we don't want to mute these for all calls. Example before: ```shell % pwd /Users/mjcheetham % gcm azure-repos list fatal: not a git repository (or any of the parent directories): .git devdiv: (global) -> USER@DOMAIN ``` Example now: ```shell % pwd /Users/mjcheetham % gcm azure-repos list devdiv: (global) -> USER@DOMAIN ```
The version of libssl available in the Alpine package feeds changed with version 3.15. The latest libssl package is 1.1 in 3.14.x and earlier, but newer versions only have libssl3. Add a check for the Alpine version in the install from source script and switch between installing libssl3 and libssl1.1 depending on the distro version. Also add another entry to the test matrix of distributions to include a 3.14.x Alpine version. This replaces the two other PRs that aimed to address this issue: - #1535 - #1574 Tested the updated workflow here: https://github.com/git-ecosystem/git-credential-manager/actions/runs/8698286553/job/23855027830
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 3.2.0 to 4.0.0. - [Release notes](https://github.com/actions/setup-dotnet/releases) - [Commits](actions/setup-dotnet@v3.2.0...v4.0.0) --- updated-dependencies: - dependency-name: actions/setup-dotnet dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Preparing for 2.5 release; update the version number.
vdye
approved these changes
Apr 16, 2024
This was referenced Sep 18, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Changes: