Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update all dependencies - autoclosed #19

Closed
wants to merge 1 commit into from
Closed

chore(deps): update all dependencies - autoclosed #19

wants to merge 1 commit into from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Feb 2, 2024
edited
Loading

Mend Renovate

This PR contains the following updates:

Package Type Update Change
actions/checkout action major v3.6.0 -> v4.1.1
actions/dependency-review-action action major v2.5.1 -> v4.2.3
actions/upload-artifact action minor v4.0.0 -> v4.3.1
defenseunicorns/uds-common action digest 442bae7 -> e2ad99f
defenseunicorns/uds-common-tasks minor v0.2.1 -> v0.3.3
defenseunicorns/uds-common-tasks minor v0.2.2 -> v0.3.3
defenseunicorns/zarf minor v0.29.1 -> v0.32.5
docker/login-action action digest 343f7c4 -> e92390c
ghcr.io/defenseunicorns/packages/uds/dev-minio patch 0.0.1 -> 0.0.2
ghcr.io/defenseunicorns/packages/uds/dev-postgres patch 0.0.1 -> 0.0.2
github/codeql-action action minor v3.22.12 -> v3.24.8
github/codeql-action action major v2.24.5 -> v3.24.8
golangci/golangci-lint repository minor v1.55.2 -> v1.57.1
google-github-actions/release-please-action action minor v4.0.2 -> v4.1.0
mattermost/mattermost-enterprise-edition major 9.4.2 -> 9995379
mattermost/mattermost-enterprise-edition minor 9.4.2 -> 9.6.0
python-jsonschema/check-jsonschema repository minor 0.27.4 -> 0.28.0
registry1.dso.mil/ironbank/opensource/mattermost/mattermost (source) minor 9.4.2 -> 9.6.0
renovatebot/pre-commit-hooks repository minor 37.165.5 -> 37.264.0

Note: The pre-commit manager in Renovate is not supported by the pre-commit maintainers or community. Please do not report any problems there, instead create a Discussion in the Renovate repository if you have any questions.

Release Notes

actions/checkout (actions/checkout)

v4.1.1

Compare Source

What's Changed
New Contributors

Full Changelog: actions/checkout@v4.1.0...v4.1.1

v4.1.0

Compare Source

v4.0.0

Compare Source

actions/dependency-review-action (actions/dependency-review-action)

v4.2.3: 4.2.3

Compare Source

What's Changed

New Contributors

Full Changelog: actions/dependency-review-action@v4.1.3...v4.2.3

v4.1.3: 4.1.3

Compare Source

Fixes a bug in 4.1.2 that would introduce comments in every pull request, regardless of the user's configuration (see https://github.com/actions/dependency-review-action/issues/697).

Full Changelog: actions/dependency-review-action@v4.1.2...v4.1.3

v4.1.2: 4.1.2

Compare Source

What's Changed

Full Changelog: actions/dependency-review-action@v4.1.1...v4.1.2

v4.1.1: 4.1.1

Compare Source

What's Changed

Full Changelog: actions/dependency-review-action@v4.1.0...v4.1.1

v4.1.0: 4.1.0

Compare Source

What's Changed

Added a new configuration option (warn-only, boolean) that makes the action always succeed while still displaying found vulnerabilities in the log.

New Contributors

Full Changelog: actions/dependency-review-action@v4...v4.1.0

v4.0.0

Compare Source

New Contributors

Full Changelog: actions/dependency-review-action@v3.1.5...v4.0.0

v3.1.5: 3.1.5

Compare Source

What's Changed

Full Changelog: actions/dependency-review-action@v3.1.4...v3.1.5

v3.1.4: 3.1.4

Compare Source

What's Changed

Full Changelog: actions/dependency-review-action@v3...v3.1.4

v3.1.3: 3.1.3

Compare Source

What's Changed

Full Changelog: actions/dependency-review-action@v3...v3.1.3

v3.1.2: 3.1.2

Compare Source

What's Changed

Full Changelog: actions/dependency-review-action@v3...v3.1.2

v3.1.1: 3.1.1

Compare Source

What's Changed

  • Update a bunch of dependencies, including major version upgrades for octokit, @actions/github and typescript.

Full Changelog: actions/dependency-review-action@v3.1.0...v3.1.1

v3.1.0: 3.1.0

Compare Source

What's New

Added support for dependencies submitted through the dependency submission API. This includes two new configuration parameters: retry-on-snapshot-warnings and retry-on-snapshot-warnings-timeout.

What's Changed

New Contributors

Full Changelog: actions/dependency-review-action@v3...v3.1.0

v3.0.8: 3.0.8

Compare Source

What's Changed

Added on-failure option to comment-summary-in-pr setting by @​sgmurphy in https://github.com/actions/dependency-review-action/pull/540

Previous configuration files using true/false for comment-summary-in-pr will be mapped automatically to the new values, but we encourage you to update to always/on-failure/never.

New Contributors

Full Changelog: actions/dependency-review-action@v3...v3.0.8

v3.0.7: 3.0.7

Compare Source

What's Changed

New Contributors

Full Changelog: actions/dependency-review-action@v3...v3.0.7

v3.0.6: 3.0.6

Compare Source

Fixes a bug introduced in 3.0.5 where we raised PURL errors when Dependency Graph returns an empty package_url.

v3.0.5: 3.0.5

Compare Source

What's Changed

Thanks to @​theztefan, we now have a new allow-dependencies-licenses option that takes a list of dependencies that will be excluded from license checks. See the configuration options for more information on how to use it.

New Contributors

Full Changelog: actions/dependency-review-action@v3...v3.0.5

v3.0.4: 3.0.4

Compare Source

What's New?

The Action can now publish a comment in the pull request if the comment-summary-in-pr option is set. More information can be found in the README.

New Contributors

Changelog

Full Changelog: actions/dependency-review-action@v3...v3.0.4

v3.0.3: 3.0.3

Compare Source

What's Changed

New Contributors

Full Changelog: actions/dependency-review-action@v3...v3.0.3

v3.0.2: 3.0.2

Compare Source

This release fixes spelling errors https://github.com/actions/dependency-review-action/pull/348 and upgrades dependencies to fix known vulnerabilities

Full Changelog: actions/dependency-review-action@v3...v3.0.2

v3.0.1: 3.0.1

Compare Source

This release contains the following bugfixes:

Full Changelog: actions/dependency-review-action@v3...v3.0.1

v3.0.0: 3.0.0

Compare Source

Breaking Changes

By default the action now expects SPDX-compliant licenses everywhere. If you were previously using license names in the allow or deny lists make sure they're valid!

What's Changed

Support for external configuration files

You can now specify a configuration file external to your repository. This allows organizations to have a single configuration file for all their repos.

Broader license support

We've added support for a much broader set of project licenses by using GitHub's Licenses API.

SPDX Compliance

All of our license-related code now expects SPDX-compliant licenses or expressions. This allows us to standardize on a license naming scheme that already supports OR/AND expressions.

Disable individual checks

You can now use the boolean options license-check and vulnerability-check to disable either one of the checks. More information in our configuration options.

Thanks

Contributors for this release include:

Thanks everyone!
Full Changelog: actions/dependency-review-action@v2...v3.0.0

actions/upload-artifact (actions/upload-artifact)

v4.3.1

Compare Source

v4.3.0

Compare Source

What's Changed

Full Changelog: actions/upload-artifact@v4...v4.3.0

v4.2.0

Compare Source

What's Changed

Full Changelog: actions/upload-artifact@v4...v4.2.0

v4.1.0

Compare Source

What's Changed

New Contributors

Full Changelog: actions/upload-artifact@v4...v4.1.0

defenseunicorns/uds-common-tasks (defenseunicorns/uds-common-tasks)

v0.3.3

Compare Source

Miscellaneous

v0.3.2

Compare Source

Miscellaneous

v0.3.1

Compare Source

⚠ BREAKING CHANGES
  • improve how tests are called (#​71)
Bug Fixes
Miscellaneous
  • add a pull task to get the latest package release (#​70) (e534793)
  • deps: update dependency defenseunicorns/uds-core to v0.15.1 (#​66) (3ab4e04)
  • improve how tests are called (#​71) (043b297)

v0.3.0

Compare Source

Features
  • update uds-core to 14.5 (a7d9b06)
Miscellaneous
  • hotfix the renovate config to properly pickup git chart versions and registry 1 images (3f7d5ec)

v0.2.2

Compare Source

Miscellaneous
  • deps: update dependency defenseunicorns/uds-cli to v0.9.3 (e9757e8)
  • deps: update dependency defenseunicorns/uds-core to v0.14.3 (e3461fb)
  • deps: update githubactions (9f357db)
defenseunicorns/zarf (defenseunicorns/zarf)

v0.32.5

Compare Source

[0.32.5] - 2024-03-11

trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~@​Noxsios

🚀 Features
🐛 Bug Fixes
📚 Documentation
⚙️ Miscellaneous Tasks
🛡️ Security
First Time Contributors

Full Changelog: zarf-dev/zarf@v0.32.4...v0.32.5

v0.32.4

Compare Source

What's Changed
Fixes
Dependencies
Docs
Development
New Contributors

Full Changelog: zarf-dev/zarf@v0.32.3...v0.32.4

v0.32.3

Compare Source

What's Changed
Fixes
Docs
Dependencies
Development
New Contributors

Full Changelog: zarf-dev/zarf@v0.32.2...v0.32.3

v0.32.2

Compare Source

What's Changed

Features

Fixes

Docs

Dependencies

Development

New Contributors

Full Changelog: zarf-dev/zarf@v0.32.1...v0.32.2

v0.32.1

Compare Source

What's Changed

Fixes

Docs

Dependencies

Full Changelog: zarf-dev/zarf@v0.32.0...v0.32.1

v0.32.0

Compare Source

What's Changed

⚠️ Breaking Changes

  • Gitea has been updated from the 8.x series chart (app version 1.19.3) to the 10.x series chart (app version 1.21.2) - this update contains breaking changes and should be tested if you are using this component - default Zarf installs will upgrade automatically but more advanced configurations / use cases should be reviewed. Gitea Release Notes
  • Zarf package OCI references now use OCI indexes / platforms to handle architecture - packages published to OCI with this version of Zarf will be placed within an index and won't be able to be pulled with older versions - old packages will still be able to be pulled however.
  • Component and package names can no longer start with a leading - as this is used within the deselect syntax introduced for --components

Features

    

Rollup From v0.31 Patch Releases

Fixes

Rollup From v0.31 Patch Releases

Configuration

📅 Schedule: Branch creation - "after 7am and before 9am every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@renovate renovate bot requested a review from a team as a code owner February 2, 2024 03:34
@renovate renovate bot changed the title chore(deps): update pre-commit hook renovatebot/pre-commit-hooks to v37.165.6 chore(deps): update pre-commit hook renovatebot/pre-commit-hooks to v37.165.7 Feb 2, 2024
@renovate renovate bot changed the title chore(deps): update pre-commit hook renovatebot/pre-commit-hooks to v37.165.7 chore(deps): update pre-commit hook renovatebot/pre-commit-hooks to v37.167.0 Feb 2, 2024
@renovate renovate bot changed the title chore(deps): update pre-commit hook renovatebot/pre-commit-hooks to v37.167.0 chore(deps): update pre-commit hook renovatebot/pre-commit-hooks to v37.168.0 Feb 2, 2024
@renovate renovate bot force-pushed the renovate/all branch 2 times, most recently from e0d3448 to f869015 Compare February 2, 2024 15:22
@renovate renovate bot changed the title chore(deps): update pre-commit hook renovatebot/pre-commit-hooks to v37.168.0 chore(deps): update pre-commit hook renovatebot/pre-commit-hooks to v37.168.1 Feb 2, 2024
@renovate renovate bot changed the title chore(deps): update pre-commit hook renovatebot/pre-commit-hooks to v37.168.1 chore(deps): update all dependencies Feb 2, 2024
@renovate renovate bot force-pushed the renovate/all branch 20 times, most recently from 67e9fe5 to e6e5561 Compare February 8, 2024 07:27
@renovate renovate bot force-pushed the renovate/all branch 7 times, most recently from 3720ad4 to b30cc80 Compare March 18, 2024 14:32
@oates
Copy link
Contributor

oates commented Mar 18, 2024

Crucial part of this issue for SWF team is the Mattermost update per @zachariahmiller in 18 March backlog meeting

@oates
Copy link
Contributor

oates commented Mar 18, 2024

Split supporting into actual deps within the renovate config.

@zachariahmiller
Copy link
Contributor

Split supporting into actual deps within the renovate config.

example of this working https://github.com/defenseunicorns/uds-package-gitlab/blob/06d44d8b2add8ec3a481129b9948f4fe2fff8818/renovate.json#L10

@renovate renovate bot force-pushed the renovate/all branch 6 times, most recently from 80276af to c9476bb Compare March 19, 2024 16:14
@renovate renovate bot requested a review from a team as a code owner March 19, 2024 16:14
@renovate renovate bot force-pushed the renovate/all branch 8 times, most recently from 29b8d5e to 82389ca Compare March 21, 2024 07:48
@renovate
chore(deps): update all dependencies
a208605 
| datasource  | package                                                     | from     | to       |
| ----------- | ----------------------------------------------------------- | -------- | -------- |
| github-tags | actions/checkout                                            | v3.6.0   | v4.1.1   |
| github-tags | actions/dependency-review-action                            | v2.5.1   | v4.2.3   |
| github-tags | actions/upload-artifact                                     | v4.0.0   | v4.3.1   |
| github-tags | defenseunicorns/uds-common-tasks                            | v0.2.1   | v0.3.3   |
| github-tags | defenseunicorns/uds-common-tasks                            | v0.2.2   | v0.3.3   |
| github-tags | defenseunicorns/zarf                                        | v0.29.1  | v0.32.5  |
| docker      | ghcr.io/defenseunicorns/packages/uds/dev-minio              | 0.0.1    | 0.0.2    |
| docker      | ghcr.io/defenseunicorns/packages/uds/dev-postgres           | 0.0.1    | 0.0.2    |
| github-tags | github/codeql-action                                        | v3.22.12 | v3.24.8  |
| github-tags | github/codeql-action                                        | v2.24.5  | v3.24.8  |
| github-tags | golangci/golangci-lint                                      | v1.55.2  | v1.57.1  |
| github-tags | google-github-actions/release-please-action                 | v4.0.2   | v4.1.0   |
| docker      | mattermost/mattermost-enterprise-edition                    | 9.4.2    | 9995379  |
| docker      | mattermost/mattermost-enterprise-edition                    | 9.4.2    | 9.6.0    |
| github-tags | python-jsonschema/check-jsonschema                          | 0.27.4   | 0.28.0   |
| docker      | registry1.dso.mil/ironbank/opensource/mattermost/mattermost | 9.4.2    | 9.6.0    |
| github-tags | renovatebot/pre-commit-hooks                                | 37.165.5 | 37.264.0 |
@renovate renovate bot changed the title chore(deps): update all dependencies chore(deps): update all dependencies - autoclosed Mar 21, 2024
@renovate renovate bot closed this Mar 21, 2024
@renovate renovate bot deleted the renovate/all branch March 21, 2024 21:37
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@oates @zachariahmiller