From 1815a44553a2f37b6ae4bd388fe0911589d66510 Mon Sep 17 00:00:00 2001 From: Johannes Schindelin Date: Tue, 6 Feb 2024 18:45:35 +0100 Subject: [PATCH 1/3] dependabot: help keeping GitHub Actions versions up to date See https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot#enabling-dependabot-version-updates-for-actions for details. Signed-off-by: Johannes Schindelin --- .github/dependabot.yml | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000000000..22d5376407abf1 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,13 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file +# especially +# https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot#enabling-dependabot-version-updates-for-actions + +version: 2 +updates: + - package-ecosystem: "github-actions" # See documentation for possible values + directory: "/" # Location of package manifests + schedule: + interval: "weekly" From 0ef6bd8bac73d11f6540de844ac5cd95570dd536 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Feb 2024 19:42:17 +0000 Subject: [PATCH 2/3] build(deps): bump mshick/add-pr-comment from 1 to 2 Bumps [mshick/add-pr-comment](https://github.com/mshick/add-pr-comment) from 1 to 2. - [Release notes](https://github.com/mshick/add-pr-comment/releases) - [Commits](https://github.com/mshick/add-pr-comment/compare/v1...v2) --- updated-dependencies: - dependency-name: mshick/add-pr-comment dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/l10n.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/l10n.yml b/.github/workflows/l10n.yml index 6c3849658aa061..007a61a0bcfe78 100644 --- a/.github/workflows/l10n.yml +++ b/.github/workflows/l10n.yml @@ -91,7 +91,7 @@ jobs: cat git-po-helper.out exit $exit_code - name: Create comment in pull request for report - uses: mshick/add-pr-comment@v1 + uses: mshick/add-pr-comment@v2 if: >- always() && github.event_name == 'pull_request_target' && From 320471af8ab3e656aa609ecdfd935e0d50576abc Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Feb 2024 19:42:11 +0000 Subject: [PATCH 3/3] build(deps): bump actions/setup-go from 2 to 5 Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2 to 5. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v2...v5) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/l10n.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/l10n.yml b/.github/workflows/l10n.yml index 007a61a0bcfe78..3d89758981fe46 100644 --- a/.github/workflows/l10n.yml +++ b/.github/workflows/l10n.yml @@ -63,7 +63,7 @@ jobs: origin \ ${{ github.ref }} \ $args - - uses: actions/setup-go@v2 + - uses: actions/setup-go@v5 with: go-version: '>=1.16' - name: Install git-po-helper