Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update all dependencies #375

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Update all dependencies #375

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Dec 12, 2024
edited
Loading

This PR contains the following updates:

Package Type Update Change Age Adoption Passing Confidence
actions/upload-artifact action digest b4b15b8 -> 65c4c4a
cgr.dev/chainguard/glibc-dynamic final digest a2ecbc3 -> c907cf5
cgr.dev/chainguard/go stage digest d4eca27 -> 708fc74
github.com/gofiber/fiber/v2 require patch v2.52.5 -> v2.52.6 age adoption passing confidence
github.com/gofiber/swagger require patch v1.1.0 -> v1.1.1 age adoption passing confidence
github/codeql-action action minor v3.27.7 -> v3.28.9 age adoption passing confidence
oxsecurity/megalinter action digest 1fc052d -> ec124f7
peter-evans/create-pull-request action digest 5e91468 -> 67ccf78
stefanzweifel/git-auto-commit-action action digest 8621497 -> e348103
step-security/harden-runner action patch v2.10.2 -> v2.10.4 age adoption passing confidence

Release Notes

gofiber/fiber (github.com/gofiber/fiber/v2)

v2.52.6

Compare Source

🐛 Bug Fixes

📚 Documentation

🛠️ Maintenance

Full Changelog: gofiber/fiber@v2.52.5...v2.52.6

gofiber/swagger (github.com/gofiber/swagger)

v1.1.1

Compare Source

🧹 Updates

  • build(deps): bump github.com/gofiber/fiber/v2 from 2.52.5 to 2.52.6 (#​107)
  • build(deps): bump github.com/swaggo/files/v2 from 2.0.1 to 2.0.2 (#​108)
  • build(deps): bump github.com/swaggo/swag from 1.16.3 to 1.16.4 (#​101)
  • build(deps): bump dependabot/fetch-metadata from 2.1.0 to 2.2.0 (#​98)
  • build(deps): bump github.com/swaggo/files/v2 from 2.0.0 to 2.0.1 (#​97)

Full Changelog: gofiber/swagger@v1.1.0...v1.1.1

github/codeql-action (github/codeql-action)

v3.28.9

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.9 - 07 Feb 2025
  • Update default CodeQL bundle version to 2.20.4. #​2753

See the full CHANGELOG.md for more information.

v3.28.8

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.8 - 29 Jan 2025
  • Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #​2744

See the full CHANGELOG.md for more information.

v3.28.7

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.7 - 29 Jan 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.6

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.6 - 27 Jan 2025

  • Re-enable debug artifact upload for CLI versions 2.20.3 or greater. #​2726

See the full CHANGELOG.md for more information.

v3.28.5

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.5 - 24 Jan 2025

  • Update default CodeQL bundle version to 2.20.3. #​2717

See the full CHANGELOG.md for more information.

v3.28.4

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.4 - 23 Jan 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.3

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.3 - 22 Jan 2025
  • Update default CodeQL bundle version to 2.20.2. #​2707
  • Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the CodeQL Action sync tool and the Actions runner did not have Zstandard installed. #​2710
  • Uploading debug artifacts for CodeQL analysis is temporarily disabled. #​2712

See the full CHANGELOG.md for more information.

v3.28.2

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.2 - 21 Jan 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.1

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.1 - 10 Jan 2025
  • CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see this changelog post. #​2677
  • Update default CodeQL bundle version to 2.20.1. #​2678

See the full CHANGELOG.md for more information.

v3.28.0

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.28.0 - 20 Dec 2024
  • Bump the minimum CodeQL bundle version to 2.15.5. #​2655
  • Don't fail in the unusual case that a file is on the search path. #​2660.

See the full CHANGELOG.md for more information.

v3.27.9

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.9 - 12 Dec 2024

No user facing changes.

See the full CHANGELOG.md for more information.

v3.27.8

Compare Source

step-security/harden-runner (step-security/harden-runner)

v2.10.4

Compare Source

What's Changed

Fixed a potential Harden-Runner post step failure that could occur when printing agent service logs. The fix gracefully handles failures without failing the post step.

Full Changelog: step-security/harden-runner@v2...v2.10.4

v2.10.3

Compare Source

What's Changed

Fixed an issue where DNS requests using uppercase characters (e.g., EXAMPLE.com) were blocked even when the domain was present in the allowed list. This update standardizes domain names to lowercase for consistent comparison.

Full Changelog: step-security/harden-runner@v2...v2.10.3

Configuration

📅 Schedule: Branch creation - "every 1 hours every weekday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot changed the title Update github/codeql-action action to v3.27.9 Update all dependencies Dec 13, 2024
@renovate renovate bot force-pushed the renovate/all branch 4 times, most recently from 0c0deae to 855baf3 Compare December 18, 2024 01:14
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 131a6a2 to 3a0f852 Compare December 21, 2024 03:24
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 43b4d76 to 4dab47d Compare December 31, 2024 19:33
@renovate Renovate
Copy link
Contributor Author

renovate bot commented Dec 31, 2024
edited
Loading

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

  • 2 additional dependencies were updated

Details:

Package Change
github.com/swaggo/files/v2 v2.0.1 -> v2.0.2
golang.org/x/sys v0.27.0 -> v0.28.0

@renovate renovate bot force-pushed the renovate/all branch 5 times, most recently from f976dba to 16a609f Compare January 7, 2025 00:31
@renovate renovate bot force-pushed the renovate/all branch 10 times, most recently from 7a33930 to 2540ef1 Compare January 14, 2025 20:36
@renovate renovate bot force-pushed the renovate/all branch 3 times, most recently from 35e70d7 to dea96d3 Compare January 20, 2025 00:50
@renovate renovate bot force-pushed the renovate/all branch 10 times, most recently from 88ceed4 to 788ce6f Compare January 28, 2025 00:26
@renovate renovate bot force-pushed the renovate/all branch 8 times, most recently from 0b632be to e1577f2 Compare February 4, 2025 20:58
@renovate renovate bot force-pushed the renovate/all branch 6 times, most recently from 196c52a to 3e681f6 Compare February 11, 2025 18:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants