Skip to content

Bump the actions group with 4 updates #2046

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 4 commits into from
Closed

Bump the actions group with 4 updates #2046

dependabot wants to merge 4 commits into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 18, 2023
edited
Loading

Bumps the actions group with 4 updates: actions/setup-python, actions/upload-artifact, actions/setup-go and actions/download-artifact.

Updates actions/setup-python from 4 to 5

Release notes

Sourced from actions/setup-python's releases.

v5.0.0

What's Changed

In scope of this release, we update node version runtime from node16 to node20 (actions/setup-python#772). Besides, we update dependencies to the latest versions.

Full Changelog: actions/setup-python@v4.8.0...v5.0.0

v4.8.0

What's Changed

In scope of this release we added support for GraalPy (actions/setup-python#694). You can use this snippet to set up GraalPy:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4 
  with:
    python-version: 'graalpy-22.3' 
- run: python my_script.py

Besides, the release contains such changes as:

New Contributors

Full Changelog: actions/setup-python@v4...v4.8.0

v4.7.1

What's Changed

Full Changelog: actions/setup-python@v4...v4.7.1

v4.7.0

In scope of this release, the support for reading python version from pyproject.toml was added (actions/setup-python#669).

      - name: Setup Python
        uses: actions/setup-python@v4
</tr></table>

... (truncated)

Commits

Updates actions/upload-artifact from 3 to 4

Release notes

Sourced from actions/upload-artifact's releases.

v4.0.0

What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.

For more information, see the @​actions/artifact documentation.

New Contributors

Full Changelog: actions/upload-artifact@v3...v4.0.0

v3.1.3

What's Changed

Full Changelog: actions/upload-artifact@v3...v3.1.3

v3.1.2

  • Update all @actions/* NPM packages to their latest versions- #374
  • Update all dev dependencies to their most recent versions - #375

v3.1.1

  • Update actions/core package to latest version to remove set-output deprecation warning #351

v3.1.0

What's Changed

Commits

Updates actions/setup-go from 4 to 5

Release notes

Sourced from actions/setup-go's releases.

v5.0.0

What's Changed

In scope of this release, we change Nodejs runtime from node16 to node20 (actions/setup-go#421). Moreover, we update some dependencies to the latest versions (actions/setup-go#445).

Besides, this release contains such changes as:

New Contributors

Full Changelog: actions/setup-go@v4...v5.0.0

v4.1.0

What's Changed

In scope of this release, slow installation on Windows was fixed by @​dsame in actions/setup-go#393 and OS version was added to primaryKey for Ubuntu runners to avoid conflicts (actions/setup-go#383)

This release also includes the following changes:

New Contributors

Full Changelog: actions/setup-go@v4...v4.1.0

v4.0.1

What's Changed

New Contributors

Full Changelog: actions/setup-go@v4...v4.0.1

Commits
  • 0c52d54 Update dependencies for node20 (#445)
  • bfd2fb3 Merge pull request #421 from chenrui333/node20-runtime
  • 3d65fa5 feat: bump to use actions/checkout@v4
  • 8a505c9 feat: bump to use node20 runtime
  • 883490d Merge pull request #417 from artemgavrilov/main
  • d45ebba Rephrase sentence
  • 317c661 Replace wildcards term with globs.
  • f90673a Merge pull request #1 from artemgavrilov/caching-docs-improvement
  • 8018234 Improve documentation regarding dependencies cachin
  • d085b4f Merge pull request #411 from galargh/fix/windows-hostedtoolcache
  • Additional commits viewable in compare view

Updates actions/download-artifact from 3 to 4

Release notes

Sourced from actions/download-artifact's releases.

v4.0.0

What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.

For more information, see the @​actions/artifact documentation.

New Contributors

Full Changelog: actions/download-artifact@v3...v4.0.0

v3.0.2

v3.0.1

Commits
  • 7a1cd32 Merge pull request #246 from actions/v4-beta
  • 8f32874 licensed cache
  • b5ff844 Merge pull request #245 from actions/robherley/v4-documentation
  • f07a0f7 Update README.md
  • 7226129 update test workflow to use different artifact names for matrix
  • ada9446 update docs and bump @​actions/artifact
  • 7eafc8b Merge pull request #244 from actions/robherley/bump-toolkit
  • 3132d12 consume latest toolkit
  • 5be1d38 Merge pull request #243 from actions/robherley/v4-beta-updates
  • 465b526 consume latest @​actions/toolkit
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the actions group with 4 updates
d401be2 
Bumps the actions group with 4 updates: [actions/setup-python](https://github.com/actions/setup-python), [actions/upload-artifact](https://github.com/actions/upload-artifact), [actions/setup-go](https://github.com/actions/setup-go) and [actions/download-artifact](https://github.com/actions/download-artifact).


Updates `actions/setup-python` from 4 to 5
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@v4...v5)

Updates `actions/upload-artifact` from 3 to 4
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v3...v4)

Updates `actions/setup-go` from 4 to 5
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v4...v5)

Updates `actions/download-artifact` from 3 to 4
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from a team as a code owner December 18, 2023 17:57
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Dec 18, 2023
@angelapwen angelapwen enabled auto-merge (squash) December 18, 2023 18:17
@angelapwen angelapwen disabled auto-merge December 18, 2023 18:17
@angelapwen angelapwen added the Rebuild Re-transpile JS & re-generate workflows label Dec 18, 2023
angelapwen
angelapwen suggested changes Dec 18, 2023
View reviewed changes
Copy link
Contributor

@angelapwen angelapwen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Didn't see that I needed to rebuild — blocking merge until fixed

@github-actions github-actions bot removed the Rebuild Re-transpile JS & re-generate workflows label Dec 18, 2023
@github-actions
Copy link
Contributor

github-actions bot commented Dec 18, 2023

Pushed a commit to rebuild the Action. Please mark the PR as ready for review to trigger PR checks.

@github-actions github-actions bot marked this pull request as draft December 18, 2023 18:19
@angelapwen angelapwen marked this pull request as ready for review December 18, 2023 18:43
@angelapwen
Copy link
Contributor

angelapwen commented Dec 18, 2023

Hm.. this looks like a genuine problem with the bumped download-artifact Action. We're getting errors indicating there are no artifacts to be found:

Unable to download artifact(s): No artifacts found for run '7252648770' in 'github/codeql-action'

even though this run does have debug artifacts uploaded via the summary page of the run: https://github.com/github/codeql-action/actions/runs/7252648770?pr=2046.

It seems like there are a few other issues with v4 of this action filed in its repository, so I will open an issue there reporting this as well.

@angelapwen angelapwen mentioned this pull request Dec 18, 2023
Closed
@angelapwen
Copy link
Contributor

angelapwen commented Dec 18, 2023

We will not be able to make the upload-artifacts@v4, download-artifacts@v4, or @actions/artifact@v2 client upgrades until they are supported for GHES (currently unsupported: https://www.npmjs.com/package/@actions/artifact#v2---whats-new).

@angelapwen
Copy link
Contributor

angelapwen commented Dec 18, 2023
edited
Loading

@dependabot ignore actions/upload-artifact major version

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 18, 2023

OK, I won't notify you about version 4.x.x of actions/upload-artifact again, unless you unignore it.

@angelapwen
Copy link
Contributor

angelapwen commented Dec 18, 2023

https://github.com/dependabot ignore actions/download-artifact major version

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 18, 2023

OK, I won't notify you about version 4.x.x of actions/download-artifact again, unless you unignore it.

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 18, 2023

OK, I won't notify you about version 4.x.x of actions/upload-artifact again, unless you unignore it.

@angelapwen
Copy link
Contributor

angelapwen commented Dec 18, 2023

@dependabot recreate

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Dec 18, 2023

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Dec 18, 2023
@dependabot dependabot bot deleted the dependabot/github_actions/actions-4f071894b9 branch December 18, 2023 20:49
@jsoref jsoref mentioned this pull request Nov 7, 2024
Closed
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@angelapwen angelapwen angelapwen requested changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@angelapwen