Skip to content

build(deps): Bump the github-actions-dependencies group with 2 updates#38

Closed
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/github-actions-dependencies-fb1a7e581c
Closed

build(deps): Bump the github-actions-dependencies group with 2 updates#38
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/github-actions-dependencies-fb1a7e581c

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 28, 2025
edited
Loading

Bumps the github-actions-dependencies group with 2 updates: hoverkraft-tech/ci-github-nodejs and hoverkraft-tech/ci-github-common.

Updates hoverkraft-tech/ci-github-nodejs from 0.9.0 to 0.10.0

Release notes

Sourced from hoverkraft-tech/ci-github-nodejs's releases.

0.10.0

Release Summary

This release introduces scheduled weekly CI runs on the main branch to ensure continuous validation of the codebase. Documentation has been updated to improve the clarity of actions and workflows. Multiple dependencies, including GitHub Actions and npm packages, have been bumped for enhanced compatibility and security.

No breaking changes were introduced in this release.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-nodejs@0.9.0...0.10.0

Commits
  • 0c281f4 ci: use linter for Github Actions
  • 455fe77 docs: update actions and workflows documentation
  • 1f2b234 chore(deps): bump the github-actions-dependencies group across 1 directory wi...
  • 162ad39 chore(deps): bump the npm-dependencies group with 2 updates
  • bb5ef71 chore(deps): bump hoverkraft-tech/ci-github-publish
  • 0dcb688 docs: update actions and workflows documentation
  • See full diff in compare view

Updates hoverkraft-tech/ci-github-common from 0.18.0 to 0.22.0

Release notes

Sourced from hoverkraft-tech/ci-github-common's releases.

0.22.0

Release Summary

This release improves the linter by upgrading the Ratchet dependency and ensures it checks out the default branch when necessary. Documentation for actions and workflows has also been updated to reflect recent changes. These enhancements aim to streamline CI processes and maintain up-to-date developer guidance.

No breaking changes were introduced in this release.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.21.0...0.22.0

0.21.0

Release Summary

This release introduces an enhancement to the linter that adds annotations for action pinning errors, improving clarity and feedback during CI runs. Documentation has been updated to reflect the current actions and workflows. Additionally, dependencies for GitHub publish actions were upgraded to version 0.4.0 for improved stability and features.

No breaking changes were introduced in this release.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.20.0...0.21.0

0.20.0

Release Summary

This release introduces two new features: signed commits for the create-and-merge-pull-request action and a merged configuration for linter-related actions under a unified linter scope. Documentation has been updated to reflect recent changes in actions and workflows. Dependency versions managed by GitHub Actions have been bumped to ensure compatibility and security improvements.

There are no breaking changes in this release.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.19.0...0.20.0

0.19.0

Release Summary

... (truncated)

Commits
  • 198d391 feat(linter): upgrade ratchet
  • 1934091 docs: update actions and workflows documentation
  • da8b10e fix(linter): checkout default branch if needed
  • 5f35e05 feat(linter): add annotation from action pinning errors
  • d0360be docs: update actions and workflows documentation
  • 2b07612 chore(deps): bump hoverkraft-tech/ci-github-publish
  • 1488db3 docs: add jekyll theme for pages
  • edc1e53 feat(linter): merge linter-actions into linter
  • a4b9ab9 docs: update actions and workflows documentation
  • 7711647 feat(create-and-merge-pull-request): sign commit
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
build(deps): Bump the github-actions-dependencies group with 2 updates
4aa9463 
Bumps the github-actions-dependencies group with 2 updates: [hoverkraft-tech/ci-github-nodejs](https://github.com/hoverkraft-tech/ci-github-nodejs) and [hoverkraft-tech/ci-github-common](https://github.com/hoverkraft-tech/ci-github-common).


Updates `hoverkraft-tech/ci-github-nodejs` from 0.9.0 to 0.10.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-nodejs/releases)
- [Commits](hoverkraft-tech/ci-github-nodejs@0.9.0...0.10.0)

Updates `hoverkraft-tech/ci-github-common` from 0.18.0 to 0.22.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases)
- [Commits](hoverkraft-tech/ci-github-common@0.18.0...0.22.0)

---
updated-dependencies:
- dependency-name: hoverkraft-tech/ci-github-nodejs
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-common
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 28, 2025
@github-advanced-security
Copy link
Copy Markdown

github-advanced-security AI commented Mar 28, 2025

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Apr 4, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Apr 4, 2025
@dependabot dependabot bot deleted the dependabot/github_actions/github-actions-dependencies-fb1a7e581c branch April 4, 2025 04:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@github-advanced-security