Commit Graph
55 Commits
Author SHA1 Message Date
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
58ca41e5c5 build(deps): bump actions/checkout from 4.3.0 to 5.0.0 (#4194)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.3.0
to 5.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
<li>Prepare v5.0.0 release by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2238">actions/checkout#2238</a></li>
</ul>
<h2>⚠️ Minimum Compatible Runner Version</h2>
<p><strong>v2.327.1</strong><br />
<a
href="https://github.com/actions/runner/releases/tag/v2.327.1">Release
Notes</a></p>
<p>Make sure your runner is updated to this version or newer to use this
release.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4...v5.0.0">https://github.com/actions/checkout/compare/v4...v5.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>V5.0.0</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
</ul>
<h2>V4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>- <a
href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>,
<a
href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<h2>v4.1.5</h2>
<ul>
<li>Update NPM dependencies by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
<li>README: Suggest <code>user.email</code> to be
<code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li>
</ul>
<h2>v4.1.4</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling
<code>sparse-checkout</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
</ul>
<h2>v4.1.3</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8"><code>08c6903</code></a>
Prepare v5.0.0 release (<a
href="https://redirect.github.com/actions/checkout/issues/2238">#2238</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/9f265659d3bb64ab1440b03b12f4d47a24320917"><code>9f26565</code></a>
Update actions checkout to use node 24 (<a
href="https://redirect.github.com/actions/checkout/issues/2226">#2226</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/checkout/compare/08eba0b27e820071cde6df949e0beb9ba4906955...08c6903cd8c0fde910a37f88322edcfb5dd907a8">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.3.0&new-version=5.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-04 12:27:59 +01:00
LudyandGitHub 97132c28a4 build(gradle): include all subprojects in license report generation (#4170)
# Description of Changes

- Updated `build.gradle` to ensure the `licenseReport` task processes
both the root project and all subprojects.
- Introduced `allProjects` variable that merges `subprojects` with the
current project into a single set.
- This change ensures license reporting covers the full multi-module
project rather than only the root module.


---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
2025-08-24 21:44:50 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1dd5e9c649 build(deps): bump actions/checkout from 4.2.2 to 4.3.0 (#4180)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2
to 4.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<h2>What's Changed</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
<li>Prepare release v4.3.0 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2237">actions/checkout#2237</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/motss"><code>@​motss</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li><a href="https://github.com/mouismail"><code>@​mouismail</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li><a href="https://github.com/benwells"><code>@​benwells</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li><a href="https://github.com/nebuk89"><code>@​nebuk89</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4...v4.3.0">https://github.com/actions/checkout/compare/v4...v4.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>V4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>- <a
href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>,
<a
href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<h2>v4.1.5</h2>
<ul>
<li>Update NPM dependencies by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li>
<li>Bump actions/setup-node from 1 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li>
<li>Bump actions/upload-artifact from 2 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li>
<li>README: Suggest <code>user.email</code> to be
<code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li>
</ul>
<h2>v4.1.4</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling
<code>sparse-checkout</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
</ul>
<h2>v4.1.3</h2>
<ul>
<li>Check git version before attempting to disable
<code>sparse-checkout</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li>
<li>Add SSH user parameter by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li>
<li>Update <code>actions/checkout</code> version in
<code>update-main-version.yml</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/checkout/commit/08eba0b27e820071cde6df949e0beb9ba4906955"><code>08eba0b</code></a>
Prepare release v4.3.0 (<a
href="https://redirect.github.com/actions/checkout/issues/2237">#2237</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/631c7dc4f80f88219c5ee78fee08c6b62fac8da1"><code>631c7dc</code></a>
Update package dependencies (<a
href="https://redirect.github.com/actions/checkout/issues/2236">#2236</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/8edcb1bdb4e267140fa742c62e395cd74f332709"><code>8edcb1b</code></a>
Update CODEOWNERS for actions (<a
href="https://redirect.github.com/actions/checkout/issues/2224">#2224</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/09d2acae674a48949e3602304ab46fd20ae0c42f"><code>09d2aca</code></a>
Update README.md (<a
href="https://redirect.github.com/actions/checkout/issues/2194">#2194</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/85e6279cec87321a52edac9c87bce653a07cf6c2"><code>85e6279</code></a>
Adjust positioning of user email note and permissions heading (<a
href="https://redirect.github.com/actions/checkout/issues/2044">#2044</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/009b9ae9e446ad8d9b8c809870b0fbcc5e03573e"><code>009b9ae</code></a>
Documentation update - add recommended permissions to Readme (<a
href="https://redirect.github.com/actions/checkout/issues/2043">#2043</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/cbb722410c2e876e24abbe8de2cc27693e501dcb"><code>cbb7224</code></a>
Update README.md (<a
href="https://redirect.github.com/actions/checkout/issues/1977">#1977</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/3b9b8c884f6b4bb4d5be2779c26374abadae0871"><code>3b9b8c8</code></a>
docs: update README.md (<a
href="https://redirect.github.com/actions/checkout/issues/1971">#1971</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...08eba0b27e820071cde6df949e0beb9ba4906955">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.2.2&new-version=4.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-11 14:09:30 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
bb07eced6e build(deps): bump gradle/actions from 4.4.1 to 4.4.2 (#4177)
Bumps [gradle/actions](https://github.com/gradle/actions) from 4.4.1 to
4.4.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/actions/releases">gradle/actions's
releases</a>.</em></p>
<blockquote>
<h2>v4.4.2</h2>
<p>This patch release updates a bunch of dependency versions</p>
<h2>What's Changed</h2>
<ul>
<li>Bump github/codeql-action from 3.29.4 to 3.29.5 in the
github-actions group across 1 directory (<a
href="https://redirect.github.com/gradle/actions/pull/703">gradle/actions#703</a>)</li>
<li>Bumps the npm-dependencies group in /sources with 4 updates (<a
href="https://redirect.github.com/gradle/actions/pull/702">gradle/actions#702</a>)</li>
<li>Upgrade to gradle 9 in workflows and tests (<a
href="https://redirect.github.com/gradle/actions/pull/704">gradle/actions#704</a>)</li>
<li>Update known wrapper checksums (<a
href="https://redirect.github.com/gradle/actions/pull/701">gradle/actions#701</a>)</li>
<li>Bump Gradle Wrapper from 8.14.3 to 9.0.0 in
/.github/workflow-samples/gradle-plugin (<a
href="https://redirect.github.com/gradle/actions/pull/695">gradle/actions#695</a>)</li>
<li>Bump Gradle Wrapper from 8.14.3 to 9.0.0 in
/.github/workflow-samples/groovy-dsl (<a
href="https://redirect.github.com/gradle/actions/pull/696">gradle/actions#696</a>)</li>
<li>Bump Gradle Wrapper from 8.14.3 to 9.0.0 in
/.github/workflow-samples/java-toolchain (<a
href="https://redirect.github.com/gradle/actions/pull/697">gradle/actions#697</a>)</li>
<li>Bump com.fasterxml.jackson.dataformat:jackson-dataformat-smile from
2.19.1 to 2.19.2 in /sources/test/init-scripts in the gradle group
across 1 directory (<a
href="https://redirect.github.com/gradle/actions/pull/693">gradle/actions#693</a>)</li>
<li>Bump github/codeql-action from 3.29.0 to 3.29.4 in the
github-actions group across 1 directory (<a
href="https://redirect.github.com/gradle/actions/pull/691">gradle/actions#691</a>)</li>
<li>Bump the npm-dependencies group in /sources with 5 updates (<a
href="https://redirect.github.com/gradle/actions/pull/692">gradle/actions#692</a>)</li>
<li>Bump references to Develocity Gradle plugin from 4.0.2 to 4.1 (<a
href="https://redirect.github.com/gradle/actions/pull/685">gradle/actions#685</a>)</li>
<li>Bump the npm-dependencies group across 1 directory with 8 updates
(<a
href="https://redirect.github.com/gradle/actions/pull/684">gradle/actions#684</a>)</li>
<li>Run Gradle release candidate tests with JDK 17 (<a
href="https://redirect.github.com/gradle/actions/pull/690">gradle/actions#690</a>)</li>
<li>Update Develocity npm agent to version 1.0.1 (<a
href="https://redirect.github.com/gradle/actions/pull/687">gradle/actions#687</a>)</li>
<li>Update known wrapper checksums (<a
href="https://redirect.github.com/gradle/actions/pull/688">gradle/actions#688</a>)</li>
<li>Bump Gradle Wrapper from 8.14.2 to 8.14.3 in
/.github/workflow-samples/kotlin-dsl (<a
href="https://redirect.github.com/gradle/actions/pull/683">gradle/actions#683</a></li>
<li>Bump the github-actions group across 1 directory with 3 updates (<a
href="https://redirect.github.com/gradle/actions/pull/675">gradle/actions#675</a>)</li>
<li>Bump the gradle group across 3 directories with 2 updates (<a
href="https://redirect.github.com/gradle/actions/pull/674">gradle/actions#674</a>)</li>
<li>Bump Gradle Wrapper from 8.14.2 to 8.14.3 in
/sources/test/init-scripts (<a
href="https://redirect.github.com/gradle/actions/pull/679">gradle/actions#679</a>)</li>
<li>Bump Gradle Wrapper from 8.14.2 to 8.14.3 in
/.github/workflow-samples/java-toolchain (<a
href="https://redirect.github.com/gradle/actions/pull/682">gradle/actions#682</a>)</li>
<li>Bump Gradle Wrapper from 8.14.2 to 8.14.3 in
/.github/workflow-samples/groovy-dsl (<a
href="https://redirect.github.com/gradle/actions/pull/681">gradle/actions#681</a>)</li>
<li>Bump Gradle Wrapper from 8.14.2 to 8.14.3 in
/.github/workflow-samples/gradle-plugin (<a
href="https://redirect.github.com/gradle/actions/pull/680">gradle/actions#680</a>)</li>
<li>Update known wrapper checksums (<a
href="https://redirect.github.com/gradle/actions/pull/676">gradle/actions#676</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/actions/compare/v4.4.1...v4.4.2">https://github.com/gradle/actions/compare/v4.4.1...v4.4.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gradle/actions/commit/017a9effdb900e5b5b2fddfb590a105619dca3c3"><code>017a9ef</code></a>
Bump github/codeql-action from 3.29.4 to 3.29.5 in the github-actions
group a...</li>
<li><a
href="https://github.com/gradle/actions/commit/d5397cf4c822cff29ba7b79b2c9ed29917bbe84a"><code>d5397cf</code></a>
Merge branch 'main' into
dependabot/github_actions/github-actions-12d2e1d0cf</li>
<li><a
href="https://github.com/gradle/actions/commit/559dfbd266963f24dd17a76f3ce0f009a6c020ef"><code>559dfbd</code></a>
Bump the npm-dependencies group in /sources with 4 updates (<a
href="https://redirect.github.com/gradle/actions/issues/702">#702</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/075ee283cc5fba335ac5184eb48b40672919612a"><code>075ee28</code></a>
Merge branch 'main' into
dependabot/npm_and_yarn/sources/npm-dependencies-fda...</li>
<li><a
href="https://github.com/gradle/actions/commit/c3e68c5c72468b5662b0e325d727b1c1e6a14c16"><code>c3e68c5</code></a>
Upgrade to gradle 9 in workflows and tests (<a
href="https://redirect.github.com/gradle/actions/issues/704">#704</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/d7e674f97b03ec86a7d6f688bd66c45269b35bf1"><code>d7e674f</code></a>
Fix init script tests dependencies</li>
<li><a
href="https://github.com/gradle/actions/commit/3e6512898620556ad8848c4073e8279051eaf7db"><code>3e65128</code></a>
Upgrade init script tests to Gradle 9</li>
<li><a
href="https://github.com/gradle/actions/commit/896b9fa30994e16abfabdffea39f9bbffa8ade46"><code>896b9fa</code></a>
Run tests on Gradle release candidate and current with JDK 17 as
required sin...</li>
<li><a
href="https://github.com/gradle/actions/commit/431b3e39ba5839847f90c3917165b1f0b5b2d0fa"><code>431b3e3</code></a>
Bump github/codeql-action in the github-actions group across 1
directory</li>
<li><a
href="https://github.com/gradle/actions/commit/44c3664945acba910b91b10f41602a5caceb57df"><code>44c3664</code></a>
Bump the npm-dependencies group in /sources with 4 updates</li>
<li>Additional commits viewable in <a
href="https://github.com/gradle/actions/compare/ac638b010cf58a27ee6c972d7336334ccaf61c96...017a9effdb900e5b5b2fddfb590a105619dca3c3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/actions&package-manager=github_actions&previous-version=4.4.1&new-version=4.4.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-08-11 14:08:52 +01:00
LudyandGitHub 054bf15b24 ci(workflows): add concurrency cancellation to CI workflows (#4034)
# Description of Changes

- **What was changed**  
Added a `concurrency` block to all GitHub Actions workflow files
(`build.yml`, `check_properties.yml`, `licenses-update.yml`,
`push-docker.yml`, `sonarqube.yml`, `swagger.yml`, `sync_files.yml`,
`testdriver.yml`) to group jobs by workflow name, event name, and
branch, with `cancel-in-progress: true`.

- **Why the change was made**  
To prevent redundant runs of long-running CI jobs on the same branch
when new commits or PR updates occur, saving compute resources and
reducing queue times.


---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
2025-07-26 16:46:25 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
b1bbad53bc build(deps): bump step-security/harden-runner from 2.12.2 to 2.13.0 (#4007)
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.12.2 to 2.13.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.13.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Improved job markdown summary</li>
<li>Https monitoring for all domains (included with the enterprise
tier)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.13.0">https://github.com/step-security/harden-runner/compare/v2...v2.13.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/ec9f2d5744a09debf3a187a3f4f675c53b671911"><code>ec9f2d5</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/565">#565</a>
from step-security/rc-24</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/04bcbc31cfcefe0cf4720832008735021cec5ec4"><code>04bcbc3</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/7c7a56fcaa124ab72fff1cc3e81257f264fd7317"><code>7c7a56f</code></a>
feat: get job summary from API</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49...ec9f2d5744a09debf3a187a3f4f675c53b671911">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.12.2&new-version=2.13.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-22 10:10:45 +01:00
LudyandGitHub d1b9cfd1a4 fix(ci): disable Gradle caching in GitHub workflows to resolve cache conflicts (#3986)
# Description of Changes

- **What was changed**  
In all affected GitHub Actions workflow files under
`.github/workflows/`, the `cache: gradle` setting was replaced with
`cache: false # Disable Gradle caching for this job`.
- **Why the change was made**  
Gradle’s cache was causing intermittent build conflicts; disabling it
ensures each job starts from a clean state and avoids cache corruption.

#3980

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
2025-07-20 21:37:04 +01:00
LudyandGitHub fc9551a332 ci: enhance GitHub Actions workflows with Gradle setup, caching improvements, and Docker image testing (#3956)
# Description of Changes

- **What was changed**:  
- Added a new path filter configuration file at
`.github/config/.files.yaml` to centralize filter groups (`build`,
`app`, `openapi`, `project`).
  - Updated `.github/workflows/build.yml` to:  
- Rename the workflow to “Build and Test Workflow” and add a manual
`workflow_dispatch` trigger.
- Integrate the path-filter step and conditionally run jobs
(`check-generateOpenApiDocs`, `check-licence`, `docker-compose-tests`)
based on changed files.
    - Standardize Gradle setup to version 8.14.  
- Introduce a new `test-build-docker-images` job that builds Docker
images for each `Dockerfile*` in PRs.
- Updated `.github/workflows/pre_commit.yml` to cache pre-commit
dependencies via `cache-dependency-path:
./.github/scripts/requirements_pre_commit.txt`.
- Updated `.github/workflows/testdriver.yml` to add dedicated Gradle
(`gradle-version: 8.14`) and Node/npm setup steps with caching.

- **Why the change was made**:  
To optimize CI performance by only running relevant jobs when specific
files change, improve maintainability through a single source of truth
for path filters, enable manual workflow dispatch, ensure consistent
environments (Gradle, Node), and speed up runs with better caching.


---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
2025-07-16 17:17:11 +01:00
LudyandGitHub 299d52c517 refactor: move modules under app/ directory and update file paths (#3938)
# Description of Changes

- **What was changed:**  
- Renamed top-level directories: `stirling-pdf` → `app/core`, `common` →
`app/common`, `proprietary` → `app/proprietary`.
- Updated all path references in `.gitattributes`, GitHub workflows
(`.github/workflows/*`), scripts (`.github/scripts/*`), `.gitignore`,
Dockerfiles, license files, and template settings to reflect the new
structure.
- Added a new CI job `check-generateOpenApiDocs` to generate and upload
OpenAPI documentation.
- Removed redundant `@Autowired` annotations from `TempFileShutdownHook`
and `UnlockPDFFormsController`.
- Minor formatting and comment adjustments in YAML templates and
resource files.

- **Why the change was made:**  
- To introduce a clear `app/` directory hierarchy for core, common, and
proprietary modules, improving organization and maintainability.
- To ensure continuous integration and Docker builds continue to work
seamlessly with the reorganized structure.
- To automate OpenAPI documentation generation as part of the CI
pipeline.

---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
2025-07-14 20:53:11 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
e7ac4b7b20 chore(deps): bump step-security/harden-runner from 2.12.1 to 2.12.2 (#3849)
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.12.1 to 2.12.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.2</h2>
<h2>What's Changed</h2>
<p>Added HTTPS Monitoring for additional destinations -
*.githubusercontent.com
Bug fixes:</p>
<ul>
<li>Implicitly allow local multicast, local unicast and broadcast IP
addresses in block mode</li>
<li>Increased policy map size for block mode</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.12.2">https://github.com/step-security/harden-runner/compare/v2...v2.12.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49"><code>6c439dc</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/562">#562</a>
from step-security/rc-22</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/bf5688696d0b2cf8221eadb38e4232386015763a"><code>bf56886</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/5436dac7b5fa76a1a179168f5f4de86c00e22c84"><code>5436dac</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/88d305a3530acfa6d1939000baaa571e520df9c8"><code>88d305a</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b976878278dbe3bc16039f7165b8faf809c50297"><code>b976878</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/875cc92db280a03598e7492a3e6c165c689f7af6"><code>875cc92</code></a>
Update agent</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/002fdce3c6a235733a90a27c80493a3241e56863...6c439dc8bdf85cadbbce9ed30d1c7b959517bc49">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.12.1&new-version=2.12.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-07-01 15:39:12 +01:00
LudyandGitHub bbaadc1822 chore: improve label matching rules in labeler config (#3779)
# Description of Changes

- Improved file pattern matching by replacing glob (`**/*`) with
regex-style (`.*`) to ensure better compatibility and matching in
GitHub's `labeler` action.
- Added a missing `Documentation` label rule based on PR titles
(`^docs:.*`).
- Aligned `Documentation` file-matching rule to use regex pattern
(`.*.md`).
- Fixed capitalization inconsistency in the auto-labeler workflow:
`licenses` → `Licenses`.

---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.
2025-06-19 18:44:01 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
d98ebddf49 Bump gradle/actions from 4.4.0 to 4.4.1 (#3727)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [gradle/actions](https://github.com/gradle/actions) from 4.4.0 to
4.4.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/actions/releases">gradle/actions's
releases</a>.</em></p>
<blockquote>
<h2>v4.4.1</h2>
<p>This patch release fixes a bug in Develocity Injection with a custom
plugin repository.
The <code>gradle-plugin-repository-*</code> action parameters were not
being correctly mapped to environment variables that are read by the
Develocity Injection init script.</p>
<p>This issue has been fixed by setting the correct environment
variables:</p>
<ul>
<li><code>gradle-plugin-repository-url</code> is mapped to
<code>DEVELOCITY_INJECTION_PLUGIN_REPOSITORY_URL</code></li>
<li><code>gradle-plugin-repository-username</code> is mapped to
<code>DEVELOCITY_INJECTION_PLUGIN_REPOSITORY_USERNAME</code></li>
<li><code>gradle-plugin-repository-password</code> is mapped to
<code>DEVELOCITY_INJECTION_PLUGIN_REPOSITORY_PASSWORD</code></li>
</ul>
<p>Additionally, these parameters can now be used to configure a custom
plugin repository for the GitHub Dependency Graph Gradle Plugin,
required for dependency submission.</p>
<h2>What's Changed</h2>
<ul>
<li>Dependency updates by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/667">gradle/actions#667</a></li>
<li>Fix plugin repository env vars by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/669">gradle/actions#669</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/actions/compare/v4.4.0...v4.4.1">https://github.com/gradle/actions/compare/v4.4.0...v4.4.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gradle/actions/commit/ac638b010cf58a27ee6c972d7336334ccaf61c96"><code>ac638b0</code></a>
[bot] Update dist directory</li>
<li><a
href="https://github.com/gradle/actions/commit/fd888822a4035f0e380d519857d6ae2db1e4a528"><code>fd88882</code></a>
Fix setting env vars for plugin repository (<a
href="https://redirect.github.com/gradle/actions/issues/669">#669</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/3af3dd3475d8ff0c4ffc9d6e0e9d01e35cd9b2a4"><code>3af3dd3</code></a>
[bot] Update dist directory</li>
<li><a
href="https://github.com/gradle/actions/commit/bf78bf9f1057e343a1b2c7b1a2c14085b266741b"><code>bf78bf9</code></a>
Dependency updates (<a
href="https://redirect.github.com/gradle/actions/issues/667">#667</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/ca92106195d5992eceef4f1486b9971b53e3bea4"><code>ca92106</code></a>
Use Java 17 for toolchain build</li>
<li><a
href="https://github.com/gradle/actions/commit/f7d1903e6cff0d1d471cfb73b6f8726850accda9"><code>f7d1903</code></a>
Update known wrapper checksums</li>
<li><a
href="https://github.com/gradle/actions/commit/eb0816ba445e18a1e7ac1a49bd5ca8bc8f465d16"><code>eb0816b</code></a>
Fix update-wrapper-checksums workflow</li>
<li><a
href="https://github.com/gradle/actions/commit/d408d6219d6bf78e0cd2e1435cc427c3cbaa6baf"><code>d408d62</code></a>
Bump the npm-dependencies group across 1 directory with 5 updates</li>
<li><a
href="https://github.com/gradle/actions/commit/306df22de372eb96231a49348dab96fc2591fc58"><code>306df22</code></a>
Bump the github-actions group across 1 directory with 3 updates</li>
<li><a
href="https://github.com/gradle/actions/commit/05baf32a7fe2ca8e9ccbfb97563526b6ea10749b"><code>05baf32</code></a>
Bump org.gradle.toolchains.foojay-resolver-convention</li>
<li>Additional commits viewable in <a
href="https://github.com/gradle/actions/compare/8379f6a1328ee0e06e2bb424dadb7b159856a326...ac638b010cf58a27ee6c972d7336334ccaf61c96">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/actions&package-manager=github_actions&previous-version=4.4.0&new-version=4.4.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-06-16 23:32:01 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
406695e167 Bump step-security/harden-runner from 2.12.0 to 2.12.1 (#3728)
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.12.0 to 2.12.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Detection capabilities have been upgraded to better recognize
attempts at runner tampering. These improvements are informed by
real-world incident learnings, including analysis of anomalous behaviors
observed in the tj-actions and reviewdog supply chain attack.</li>
<li>Resolved an issue where the block policy was not enforced correctly
when the GitHub Actions job was running inside a container on a
self-hosted VM runner.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.12.1">https://github.com/step-security/harden-runner/compare/v2...v2.12.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/002fdce3c6a235733a90a27c80493a3241e56863"><code>002fdce</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/544">#544</a>
from step-security/rc-21</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/2489e3fcb3d00eac3cb27c9b490431a4d26eac58"><code>2489e3f</code></a>
Merge branch 'main' into rc-21</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/75dd441a816c3c7ea21313ec8ff21d9f7b69f534"><code>75dd441</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/555">#555</a>
from step-security/dependabot/github_actions/step-sec...</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4381ace9c4db180c9cc8ff9a6dd4220f17a95690"><code>4381ace</code></a>
Bump step-security/publish-unit-test-result-action from 2.19.0 to
2.20.0</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/a9da90b635b492e68edb2a24949fcab1e313e9eb"><code>a9da90b</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/553">#553</a>
from h0x0er/feat/container-workflows</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/a60ef21c0c1f49c7ac6c8d65b6f4d16d419789c1"><code>a60ef21</code></a>
update</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4ad512f16553ff1c022684cc96be0329a7618db8"><code>4ad512f</code></a>
Merge branch 'rc-21' into feat/container-workflows</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/6b41a3923518db2abe77790e47793760b5c47c28"><code>6b41a39</code></a>
fixed test case</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/fa70c45ca9a73bcef023a3e6afac49ffa3007480"><code>fa70c45</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/eb47845632e48a7532e7e363ba78b9bc48c09264"><code>eb47845</code></a>
self-hosted: refactored block-policy apply logic</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/0634a2670c59f64b4a01f0f96f84700a4088b9f0...002fdce3c6a235733a90a27c80493a3241e56863">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.12.0&new-version=2.12.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-06-16 23:31:27 +01:00
Dario Ghunney WareandGitHub c7d6a063d7 Multi module refactor (#3640)
# Description of Changes

Migrated Stirling PDF to a multi-module structure:

* Introduced new `:stirling-pdf` module
* Moved all the core logic and features of Stirling PDF into
`:stirling-pdf`
* Updated paths of jobs and scripts

---

## Checklist

### General

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [ ] I have performed a self-review of my own code
- [ ] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.
2025-06-09 12:51:41 +01:00
LudyandGitHub be1a9cc8da Standardize GitHub App Bot Authentication Across Workflows (#3582)
# Description of Changes

Please provide a summary of the changes, including:

- **What was changed**  
- Removed individual `actions/create-github-app-token` steps and
replaced them with a centralized `setup-bot` custom action across all
workflows.
- Updated steps to use `steps.setup-bot.outputs` instead of
`steps.generate-token.outputs`.
- Standardized step names and ordering (e.g. checkout before bot setup).
- Simplified `sync_files.yml` by eliminating the `read_bot_entries` job
and directly using `setup-bot` outputs.
- Added or adjusted permissions where required (e.g.
`repository-projects: write` in `licenses-update.yml`).

- **Why the change was made**  
- To centralize and standardize GitHub App authentication logic, reduce
duplication, and improve maintainability of CI workflows.
- To ensure a consistent bot identity (app slug, token,
committer/author) across all actions and PR automation.
- To streamline workflow configurations and make future updates easier.

---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.
2025-05-27 12:36:41 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1f56ccfc99 Bump gradle/actions from 4.3.1 to 4.4.0 (#3544)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [gradle/actions](https://github.com/gradle/actions) from 4.3.1 to
4.4.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/actions/releases">gradle/actions's
releases</a>.</em></p>
<blockquote>
<h2>v4.4.0</h2>
<p>This release updates 2 downstream components:</p>
<ul>
<li>Develocity injection has been updated to <a
href="https://github.com/gradle/develocity-ci-injection/releases/tag/v2.0">v2.0</a>
<ul>
<li>Some environment variables related to Develocity injection have been
renamed. All vars now being with <code>DEVELOCITY_INJECTION_</code>.
Check <a
href="https://github.com/gradle/actions/blob/main/docs/setup-gradle.md#configuring-develocity-injection">the
docs</a> for more details.</li>
</ul>
</li>
<li>Dependency-graph plugin has been updated to <a
href="https://github.com/gradle/github-dependency-graph-gradle-plugin/releases/tag/v1.4.0">v1.4.0</a>
<ul>
<li>The 'detector' values included in the generated graph can now be
configured via environment variables.</li>
</ul>
</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Update develocity-injection init script to v1.3 by <a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/592">gradle/actions#592</a></li>
<li>Update develocity-injection init script to v2.0 by <a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/593">gradle/actions#593</a></li>
<li>[StepSecurity] ci: Harden GitHub Actions by <a
href="https://github.com/step-security-bot"><code>@​step-security-bot</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/597">gradle/actions#597</a></li>
<li>Use v1.4.0 of dependency graph plugin by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/638">gradle/actions#638</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/step-security-bot"><code>@​step-security-bot</code></a>
made their first contribution in <a
href="https://redirect.github.com/gradle/actions/pull/597">gradle/actions#597</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/actions/compare/v4.3.1...v4.4.0">https://github.com/gradle/actions/compare/v4.3.1...v4.4.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gradle/actions/commit/8379f6a1328ee0e06e2bb424dadb7b159856a326"><code>8379f6a</code></a>
Use v1.4.0 of dependency graph plugin (<a
href="https://redirect.github.com/gradle/actions/issues/638">#638</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/9f79b5fa2c0d6f1157051630d2fb45b9f10ca6a5"><code>9f79b5f</code></a>
[bot] Update dist directory</li>
<li><a
href="https://github.com/gradle/actions/commit/e093fac84ca6df405f28ca0317458de1a4c7ad65"><code>e093fac</code></a>
Bump the npm-dependencies group in /sources with 5 updates (<a
href="https://redirect.github.com/gradle/actions/issues/636">#636</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/768a17f3488dc3fe0155ff431553e1f53d57e22e"><code>768a17f</code></a>
Bump the npm-dependencies group in /sources with 2 updates (<a
href="https://redirect.github.com/gradle/actions/issues/635">#635</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/36541137722dacf3739105e1b760c6856d5369e4"><code>3654113</code></a>
[bot] Update dist directory</li>
<li><a
href="https://github.com/gradle/actions/commit/2ad385cb2aee647fa33b18e52b479ae14fed4c6c"><code>2ad385c</code></a>
Replace use of typed-rest-client with <code>@​actions/http-client</code>
(<a
href="https://redirect.github.com/gradle/actions/issues/634">#634</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/95dcf96b0d6e55b48ba036a7d7480ce25a00e6ef"><code>95dcf96</code></a>
[bot] Update dist directory</li>
<li><a
href="https://github.com/gradle/actions/commit/2e3238a6642725202f6a5656922bbe434f25b03e"><code>2e3238a</code></a>
Bump actions/download-artifact from 4.2.1 to 4.3.0 in
/.github/actions/init-i...</li>
<li><a
href="https://github.com/gradle/actions/commit/39dddb8ae7ff59c7416189aac27a8980abd89bd0"><code>39dddb8</code></a>
Remove direct use of octokit/request-error (<a
href="https://redirect.github.com/gradle/actions/issues/632">#632</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/755ed7db09daddecb584fd9d200146c632f1af98"><code>755ed7d</code></a>
[bot] Update dist directory</li>
<li>Additional commits viewable in <a
href="https://github.com/gradle/actions/compare/06832c7b30a0129d7fb559bcc6e43d26f6374244...8379f6a1328ee0e06e2bb424dadb7b159856a326">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/actions&package-manager=github_actions&previous-version=4.3.1&new-version=4.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-20 11:51:52 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3a615360a0 Bump actions/create-github-app-token from 2.0.5 to 2.0.6 (#3475)
Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 2.0.5 to 2.0.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v2.0.6</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v2.0.5...v2.0.6">2.0.6</a>
(2025-05-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>replace <code>-</code> with <code>_</code> (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/246">#246</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/333678481b1f02ee31fa1443aba4f1f7cb5b08b5">3336784</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/df432ceedc7162793a195dd1713ff69aefc7379e"><code>df432ce</code></a>
build(release): 2.0.6 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/333678481b1f02ee31fa1443aba4f1f7cb5b08b5"><code>3336784</code></a>
fix: replace <code>-</code> with <code>_</code> (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/246">#246</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/create-github-app-token/compare/db3cdf40984fe6fd25ae19ac2bf2f4886ae8d959...df432ceedc7162793a195dd1713ff69aefc7379e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=2.0.5&new-version=2.0.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-05 23:23:16 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
561d3f4eed Bump actions/create-github-app-token from 2.0.2 to 2.0.5 (#3466)
Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 2.0.2 to 2.0.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v2.0.5</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v2.0.4...v2.0.5">2.0.5</a>
(2025-05-02)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump the production-dependencies group with 3
updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/240">#240</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/d64d7d73555d3f2cb08ce64bdd812e49308a2905">d64d7d7</a>)</li>
</ul>
<h2>v2.0.4</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v2.0.3...v2.0.4">2.0.4</a>
(2025-05-02)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>permission input handling (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/243">#243</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/2950cbc446a8d3030ea17d3f7cbdd3c0fce4b0f5">2950cbc</a>)</li>
</ul>
<h2>v2.0.3</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v2.0.2...v2.0.3">2.0.3</a>
(2025-05-01)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>README:</strong> use <code>v2</code> in examples (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/234">#234</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/9ba274d954c9af64fbf4cec63082d0e3f57e9b5f">9ba274d</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/232">#232</a></li>
<li>use <code>core.getBooleanInput()</code> to retrieve boolean input
values (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/223">#223</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/c3c17c79ccedec31f588e88d6ad5ff9036afe580">c3c17c7</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/db3cdf40984fe6fd25ae19ac2bf2f4886ae8d959"><code>db3cdf4</code></a>
build(release): 2.0.5 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/d64d7d73555d3f2cb08ce64bdd812e49308a2905"><code>d64d7d7</code></a>
fix(deps): bump the production-dependencies group with 3 updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/240">#240</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/1b6f53e48e3bd5e9fbd610599fc41fca986c51e9"><code>1b6f53e</code></a>
build(deps-dev): bump the development-dependencies group across 1
directory w...</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/061a84d5f55008a6dfb441735e1568fcb8da8b50"><code>061a84d</code></a>
build(deps-dev): bump <code>@​octokit/openapi</code> from 18.2.0 to
19.0.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/242">#242</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/c8f34a61a85667dfbbbc74c5468935fc8a369720"><code>c8f34a6</code></a>
build(deps): bump stefanzweifel/git-auto-commit-action from 5.1.0 to
5.2.0 in...</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/4821f52fa7a8e45784f1d99cdb1c27bec9f00720"><code>4821f52</code></a>
build(release): 2.0.4 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/2950cbc446a8d3030ea17d3f7cbdd3c0fce4b0f5"><code>2950cbc</code></a>
fix: permission input handling (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/243">#243</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/30bf6253fa41bdc8d1501d202ad15287582246b4"><code>30bf625</code></a>
build(release): 2.0.3 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/c3c17c79ccedec31f588e88d6ad5ff9036afe580"><code>c3c17c7</code></a>
fix: use <code>core.getBooleanInput()</code> to retrieve boolean input
values (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/223">#223</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/9ba274d954c9af64fbf4cec63082d0e3f57e9b5f"><code>9ba274d</code></a>
fix(README): use <code>v2</code> in examples (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/234">#234</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/create-github-app-token/compare/3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5...db3cdf40984fe6fd25ae19ac2bf2f4886ae8d959">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=2.0.2&new-version=2.0.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-03 14:31:49 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
62ec512dda Bump step-security/harden-runner from 2.11.1 to 2.12.0 (#3394)
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.11.1 to 2.12.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.12.0</h2>
<h2>What's Changed</h2>
<ol>
<li>
<p>A new option, <code>disable-sudo-and-containers</code>, is now
available to replace the <code>disable-sudo policy</code>, addressing
Docker-based privilege escalation (<a
href="https://github.com/step-security/harden-runner/security/advisories/GHSA-mxr3-8whj-j74r">CVE-2025-32955</a>).
More details can be found in this <a
href="https://www.stepsecurity.io/blog/evolving-harden-runners-disable-sudo-policy-for-improved-runner-security">blog
post</a>.</p>
</li>
<li>
<p>New detections have been added based on insights from the tj-actions
and reviewdog actions incidents.</p>
</li>
</ol>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.12.0">https://github.com/step-security/harden-runner/compare/v2...v2.12.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/0634a2670c59f64b4a01f0f96f84700a4088b9f0"><code>0634a26</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/541">#541</a>
from step-security/rc-20</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/2e3c5113419044c10e6826351ff7cf7d56cbebe4"><code>2e3c511</code></a>
Update action.yml</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/40873e6a41e9ae4f46268f8ee038b3561bb88504"><code>40873e6</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/484c2799ec63f20b4acc41bcf649dd4003718616"><code>484c279</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4c8582f45544ce2dafb2cfae82cfbebf0f41bde2"><code>4c8582f</code></a>
Update agent versions</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/e8d595cd66544d43aca8ac7e42a212a5a83b41f8"><code>e8d595c</code></a>
fix disable_sudo_and_containers bug</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/5d277fc8734baba8746d0c18cb0a2594d4692c66"><code>5d277fc</code></a>
fix journalctl related bug</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/ff2ab228bdb9f0c9129169d47dbb2bdf4b8f9b0e"><code>ff2ab22</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/536">#536</a>
from rohan-stepsecurity/feat/flag/disable-sudo-and-co...</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b81d650d0e627a80d0d73d192b33d729507e0ef5"><code>b81d650</code></a>
fix: run sudo command only when both disable-sudo and
disable-sudo-and-docker...</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/769df4ef5d6336b33b11e5b0d43934309cf439f6"><code>769df4e</code></a>
Update agent</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/c6295a65d1254861815972266d5933fd6e532bdf...0634a2670c59f64b4a01f0f96f84700a4088b9f0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.11.1&new-version=2.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-24 10:43:08 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
fd34782bcc Bump actions/setup-java from 4.7.0 to 4.7.1 (#3339)
Bumps [actions/setup-java](https://github.com/actions/setup-java) from
4.7.0 to 4.7.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-java/releases">actions/setup-java's
releases</a>.</em></p>
<blockquote>
<h2>v4.7.1</h2>
<h2>What's Changed</h2>
<h3>Documentation changes</h3>
<ul>
<li>Add Documentation to Recommend Using GraalVM JDK 17 Version to
17.0.12 to Align with GFTC License Terms by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/704">actions/setup-java#704</a></li>
<li>Remove duplicated GraalVM section in documentation by <a
href="https://github.com/Marcono1234"><code>@​Marcono1234</code></a> in
<a
href="https://redirect.github.com/actions/setup-java/pull/716">actions/setup-java#716</a></li>
</ul>
<h3>Dependency updates:</h3>
<ul>
<li>Upgrade <code>@​action/cache</code> from 4.0.0 to 4.0.2 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/766">actions/setup-java#766</a></li>
<li>Upgrade <code>@​actions/glob</code> from 0.4.0 to 0.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/744">actions/setup-java#744</a></li>
<li>Upgrade ts-jest from 29.1.2 to 29.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/743">actions/setup-java#743</a></li>
<li>Upgrade <code>@​action/cache</code> to 4.0.3 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/773">actions/setup-java#773</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-java/compare/v4...v4.7.1">https://github.com/actions/setup-java/compare/v4...v4.7.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-java/commit/c5195efecf7bdfc987ee8bae7a71cb8b11521c00"><code>c5195ef</code></a>
actions/cache upgrade to 4.0.3 (<a
href="https://redirect.github.com/actions/setup-java/issues/773">#773</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/dd38875f930accc291b5816356a21f72056c0b70"><code>dd38875</code></a>
Bump ts-jest from 29.1.2 to 29.2.5 (<a
href="https://redirect.github.com/actions/setup-java/issues/743">#743</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/148017a9b0c6af80330bcc5db11d1c670d2e7074"><code>148017a</code></a>
Bump <code>@​actions/glob</code> from 0.4.0 to 0.5.0 (<a
href="https://redirect.github.com/actions/setup-java/issues/744">#744</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/3b6c050358614dd082e53cdbc55580431fc4e437"><code>3b6c050</code></a>
Remove duplicated GraalVM section in documentation (<a
href="https://redirect.github.com/actions/setup-java/issues/716">#716</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/b8ebb8ba1d9655f7f159c0a8b8135606ae11b5c9"><code>b8ebb8b</code></a>
upgrade <code>@​action/cache</code> from 4.0.0 to 4.0.2 (<a
href="https://redirect.github.com/actions/setup-java/issues/766">#766</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/799ee7c97e9721ef38d1a7e8486c39753b9d6102"><code>799ee7c</code></a>
Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12
to Ali...</li>
<li>See full diff in <a
href="https://github.com/actions/setup-java/compare/3a4f6e1af504cf6a31855fa899c6aa5355ba6c12...c5195efecf7bdfc987ee8bae7a71cb8b11521c00">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=4.7.0&new-version=4.7.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-12 17:03:17 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
076a2d5e6a Bump actions/create-github-app-token from 1.12.0 to 2.0.2 (#3304)
Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 1.12.0 to 2.0.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v2.0.2</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v2.0.1...v2.0.2">2.0.2</a>
(2025-04-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>improve log messages for token creation (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/226">#226</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/eaef29498fbc63724aabd0a6e832efd41baf2cc7">eaef294</a>)</li>
</ul>
<h2>v2.0.1</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v2.0.0...v2.0.1">2.0.1</a>
(2025-04-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump the production-dependencies group across
1 directory with 2 updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/228">#228</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/2411bfc7923448badb7a1faf23017f382e0fb895">2411bfc</a>)</li>
</ul>
<h2>v2.0.0</h2>
<h1><a
href="https://github.com/actions/create-github-app-token/compare/v1.12.0...v2.0.0">2.0.0</a>
(2025-04-03)</h1>
<ul>
<li>feat!: remove deprecated inputs (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/213">#213</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/5cc811bc40176329bb642bff9e5d9e356099ad2a">5cc811b</a>)</li>
</ul>
<h3>BREAKING CHANGES</h3>
<ul>
<li>Removed deprecated inputs (<code>app_id</code>,
<code>private_key</code>, <code>skip_token_revoke</code>) and made
<code>app-id</code> and <code>private-key</code> required in the action
configuration.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5"><code>3ff1caa</code></a>
build(release): 2.0.2 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/eaef29498fbc63724aabd0a6e832efd41baf2cc7"><code>eaef294</code></a>
fix: improve log messages for token creation (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/226">#226</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/86e24964d68ec4c8b52e8e73e2592920edeef469"><code>86e2496</code></a>
build(release): 2.0.1 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/2411bfc7923448badb7a1faf23017f382e0fb895"><code>2411bfc</code></a>
fix(deps): bump the production-dependencies group across 1 directory
with 2 u...</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/f17d09a7b5793a4b0dc1a459bbf5edf546efc2a6"><code>f17d09a</code></a>
build(deps-dev): bump the development-dependencies group with 3 updates
(<a
href="https://redirect.github.com/actions/create-github-app-token/issues/225">#225</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/e250d17c7aa1d7a66d86612292ee003805805f23"><code>e250d17</code></a>
ci(update-permission-inputs): add permissions (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/230">#230</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/ed258b491a44c74d929fca53dd9bdda60715a176"><code>ed258b4</code></a>
Rename workflow</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/5c652ca715a5ee7310cdd4924fdad2fa34e49f85"><code>5c652ca</code></a>
Update update-inputs.yml</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/60ee75db786fa4aab3e3f79d4f9a89671e5c05cc"><code>60ee75d</code></a>
ci(update-inputs): create initial version (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/229">#229</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/064492a9a1762067169d50c792a7dc02bc3d1254"><code>064492a</code></a>
build(release): 2.0.0 [skip ci]</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/create-github-app-token/compare/d72941d797fd3113feb6b93fd0dec494b13a2547...3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=1.12.0&new-version=2.0.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-09 09:54:33 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2938fcc044 Bump step-security/harden-runner from 2.11.0 to 2.11.1 (#3285)
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.11.0 to 2.11.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.11.1</h2>
<h2>What's Changed</h2>
<ul>
<li>cache: add support for GitHub Actions cache v2 by <a
href="https://github.com/h0x0er"><code>@​h0x0er</code></a> in <a
href="https://redirect.github.com/step-security/harden-runner/pull/529">step-security/harden-runner#529</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.11.1">https://github.com/step-security/harden-runner/compare/v2...v2.11.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/c6295a65d1254861815972266d5933fd6e532bdf"><code>c6295a6</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/530">#530</a>
from step-security/rc-19</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/3e118b145bd13a08b2e465cf3a216df0f6c7746e"><code>3e118b1</code></a>
Improve error handling</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b38e918ba8cf8d08113e53089af0d89429dcc51a"><code>b38e918</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/529">#529</a>
from h0x0er/jatin/cache-fix</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/0664d30cda4109be234d326b54ac1cc6385597a2"><code>0664d30</code></a>
cache: added support for cache v2</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b131ca5ebfca4930fe6d4a3e82d1e386b4873c94"><code>b131ca5</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/524">#524</a>
from step-security/fix/security/GHSA-968p-4wvh-cqc8</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/2dc9579753e01c4033425fcc7b74e652b583ca50"><code>2dc9579</code></a>
Address vulnerabilities</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/f054d811b5b89fde2f954d54dc8622ec3aaab9ab"><code>f054d81</code></a>
Update README (<a
href="https://redirect.github.com/step-security/harden-runner/issues/522">#522</a>)</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/8a09271fed8277ab7fb02dbb5917c8d0e78323b4"><code>8a09271</code></a>
Update Readme (<a
href="https://redirect.github.com/step-security/harden-runner/issues/520">#520</a>)</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/6ec6af7d622602bd852df48848f3cae95c760a48"><code>6ec6af7</code></a>
Update readme (<a
href="https://redirect.github.com/step-security/harden-runner/issues/518">#518</a>)</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/539365ba33fd040cf8c4db243b6f0ed3b32c3283"><code>539365b</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/516">#516</a>
from vorburger/patch-1</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/4d991eb9b905ef189e4c376166672c3f2f230481...c6295a65d1254861815972266d5933fd6e532bdf">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.11.0&new-version=2.11.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-02 16:53:13 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
30d7053150 Bump actions/create-github-app-token from 1.11.7 to 1.12.0 (#3279)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 1.11.7 to 1.12.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v1.12.0</h2>
<h1><a
href="https://github.com/actions/create-github-app-token/compare/v1.11.7...v1.12.0">1.12.0</a>
(2025-03-27)</h1>
<h3>Features</h3>
<ul>
<li>permissions (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/168">#168</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/0e0aa99a86bd82ec98421533ae985fef61554361">0e0aa99</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/d72941d797fd3113feb6b93fd0dec494b13a2547"><code>d72941d</code></a>
build(release): 1.12.0 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/0e0aa99a86bd82ec98421533ae985fef61554361"><code>0e0aa99</code></a>
feat: permissions (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/168">#168</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/f5779415062400dd18cb017a69efddabff4ac24c"><code>f577941</code></a>
Remove individuals form CODEOWNERS (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/215">#215</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/create-github-app-token/compare/af35edadc00be37caa72ed9f3e6d5f7801bfdf09...d72941d797fd3113feb6b93fd0dec494b13a2547">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=1.11.7&new-version=1.12.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-02 13:41:56 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
472d0b14db Bump gradle/actions from 4.3.0 to 4.3.1 (#3276)
Bumps [gradle/actions](https://github.com/gradle/actions) from 4.3.0 to
4.3.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/actions/releases">gradle/actions's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.1</h2>
<p>This release fixes a couple of minor issues, as well as keeping
dependencies up to date.</p>
<h2>Fixed issues</h2>
<ul>
<li>The develocity-allow-untrusted-server parameter should be honoured
when fetching short-lived access tokens <a
href="https://redirect.github.com/gradle/actions/issues/583">#583</a></li>
<li>Build summary may incorrectly report build success <a
href="https://redirect.github.com/gradle/actions/issues/415">#415</a></li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Update develocity-injection init script to v1.1.1 by <a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/545">gradle/actions#545</a></li>
<li>Bump the github-actions group across 2 directories with 3 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/547">gradle/actions#547</a></li>
<li>Bump the npm-dependencies group in /sources with 2 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/548">gradle/actions#548</a></li>
<li>Update develocity-injection init script to v1.2 by <a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/550">gradle/actions#550</a></li>
<li>Bump the github-actions group across 1 directory with 2 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/552">gradle/actions#552</a></li>
<li>Bump the npm-dependencies group across 1 directory with 5 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/558">gradle/actions#558</a></li>
<li>Update known wrapper checksums by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/560">gradle/actions#560</a></li>
<li>Bump references to Develocity Gradle plugin from 3.19.1 to 3.19.2 by
<a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/561">gradle/actions#561</a></li>
<li>Catch more build failures in job summary by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/571">gradle/actions#571</a></li>
<li>Scope captured build failures by <a
href="https://github.com/erichaagdev"><code>@​erichaagdev</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/574">gradle/actions#574</a></li>
<li>Ignore SSL certificate validation when fetching Develocity
short-lived access token if
<code>develocity-allow-untrusted-server</code> is enabled by <a
href="https://github.com/remcomokveld"><code>@​remcomokveld</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/575">gradle/actions#575</a></li>
<li>Dependency updates by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/579">gradle/actions#579</a></li>
<li>Bump com.google.guava:guava from 33.4.5-jre to 33.4.6-jre in
/.github/workflow-samples/kotlin-dsl in the gradle group across 1
directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/580">gradle/actions#580</a></li>
<li>Bump the github-actions group across 2 directories with 2 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/582">gradle/actions#582</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/erichaagdev"><code>@​erichaagdev</code></a>
made their first contribution in <a
href="https://redirect.github.com/gradle/actions/pull/574">gradle/actions#574</a></li>
<li><a
href="https://github.com/remcomokveld"><code>@​remcomokveld</code></a>
made their first contribution in <a
href="https://redirect.github.com/gradle/actions/pull/575">gradle/actions#575</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/actions/compare/v4.3.0...v4.3.1">https://github.com/gradle/actions/compare/v4.3.0...v4.3.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gradle/actions/commit/06832c7b30a0129d7fb559bcc6e43d26f6374244"><code>06832c7</code></a>
Bump the github-actions group across 2 directories with 2 updates</li>
<li><a
href="https://github.com/gradle/actions/commit/b7b029e5c461bcd4187e3922253a207372ea1d04"><code>b7b029e</code></a>
Bump com.google.guava:guava from 33.4.5-jre to 33.4.6-jre in
/.github/workflo...</li>
<li><a
href="https://github.com/gradle/actions/commit/a0bd2ca5cbf6404f68a1a02c2e2741218f894b90"><code>a0bd2ca</code></a>
[bot] Update dist directory</li>
<li><a
href="https://github.com/gradle/actions/commit/7974541d55b5d4265df89850a40d5063d2d3036e"><code>7974541</code></a>
Dependency updates (<a
href="https://redirect.github.com/gradle/actions/issues/579">#579</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/a58163930329ccce0ace4389791c82734e52204b"><code>a581639</code></a>
Update DSL samples to use test suites</li>
<li><a
href="https://github.com/gradle/actions/commit/acd2925667ac1dae317b3b2de03ce2d3b5da2205"><code>acd2925</code></a>
Update java-toolchain sample to use Kotlin DSL</li>
<li><a
href="https://github.com/gradle/actions/commit/aa88309fbde788037cd53df497543c8c40e5e2ae"><code>aa88309</code></a>
Update gradle-plugin sample to use Kotlin DSL</li>
<li><a
href="https://github.com/gradle/actions/commit/086c9e4b25c544ef148c374d34a7a844517c740b"><code>086c9e4</code></a>
Revert update to eslint-plugin-github</li>
<li><a
href="https://github.com/gradle/actions/commit/d31b81842d0028028432bad95773235ec859b85c"><code>d31b818</code></a>
Update patch file for actions/[email protected]</li>
<li><a
href="https://github.com/gradle/actions/commit/2778b4a120e9ad2ed71a81933fa2e09c33c15a72"><code>2778b4a</code></a>
Bump the npm-dependencies group across 1 directory with 8 updates</li>
<li>Additional commits viewable in <a
href="https://github.com/gradle/actions/compare/94baf225fe0a508e581a564467443d0e2379123b...06832c7b30a0129d7fb559bcc6e43d26f6374244">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/actions&package-manager=github_actions&previous-version=4.3.0&new-version=4.3.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-02 13:40:34 +01:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1f8b5ce41e Bump actions/create-github-app-token from 1.11.6 to 1.11.7 (#3227)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 1.11.6 to 1.11.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v1.11.7</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v1.11.6...v1.11.7">1.11.7</a>
(2025-03-20)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump undici from 5.28.4 to 7.5.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/214">#214</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/a24b46a4626bf0f67abb297b82d863218920d5e2">a24b46a</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/af35edadc00be37caa72ed9f3e6d5f7801bfdf09"><code>af35eda</code></a>
build(release): 1.11.7 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/a24b46a4626bf0f67abb297b82d863218920d5e2"><code>a24b46a</code></a>
fix(deps): bump undici from 5.28.4 to 7.5.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/214">#214</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/create-github-app-token/compare/21cfef2b496dd8ef5b904c159339626a10ad380e...af35edadc00be37caa72ed9f3e6d5f7801bfdf09">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=1.11.6&new-version=1.11.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-24 10:37:23 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
b2ca702301 Bump actions/upload-artifact from 4.6.1 to 4.6.2 (#3223)
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact)
from 4.6.1 to 4.6.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.6.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Update to use artifact 2.3.2 package &amp; prepare for new
upload-artifact release by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4...v4.6.2">https://github.com/actions/upload-artifact/compare/v4...v4.6.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/ea165f8d65b6e75b540449e92b4886f43607fa02"><code>ea165f8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/685">#685</a>
from salmanmkc/salmanmkc/3-new-upload-artifacts-release</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/08396203c179e13c71b9754ce3472ed71842eec0"><code>0839620</code></a>
Prepare for new release of actions/upload-artifact with new toolkit
cache ver...</li>
<li>See full diff in <a
href="https://github.com/actions/upload-artifact/compare/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1...ea165f8d65b6e75b540449e92b4886f43607fa02">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=4.6.1&new-version=4.6.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-24 10:21:36 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
d65974a7e1 Bump peter-evans/create-pull-request from 7.0.7 to 7.0.8 (#3145)
Bumps
[peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request)
from 7.0.7 to 7.0.8.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's
releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v7.0.8</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump ts-jest from 29.2.5 to 29.2.6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3751">peter-evans/create-pull-request#3751</a></li>
<li>build(deps-dev): bump eslint-import-resolver-typescript from 3.8.1
to 3.8.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3752">peter-evans/create-pull-request#3752</a></li>
<li>build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from
11.4.2 to 11.4.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3753">peter-evans/create-pull-request#3753</a></li>
<li>build(deps-dev): bump prettier from 3.5.1 to 3.5.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3754">peter-evans/create-pull-request#3754</a></li>
<li>fix: suppress output for some git operations by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3776">peter-evans/create-pull-request#3776</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/create-pull-request/compare/v7.0.7...v7.0.8">https://github.com/peter-evans/create-pull-request/compare/v7.0.7...v7.0.8</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/271a8d0340265f705b14b6d32b9829c1cb33d45e"><code>271a8d0</code></a>
fix: suppress output for some git operations (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3776">#3776</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/6f7efd1c24d02e0d947dd3f6f9618019afb36781"><code>6f7efd1</code></a>
test: update cpr-example-command</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/13c47c574799c8eb0a033eba252619135e70f392"><code>13c47c5</code></a>
build(deps-dev): bump prettier from 3.5.1 to 3.5.2 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3754">#3754</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/63e58290d72e889603c931363c5169ba1bbe3fed"><code>63e5829</code></a>
build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from
11.4.2 to 11.4.3 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3753">#3753</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/a92c90fcab983421cc9bc736a06daea58c68d0db"><code>a92c90f</code></a>
build(deps-dev): bump eslint-import-resolver-typescript (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3752">#3752</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/b23b62d48799ec46790610dd74b29cb9ba2eef30"><code>b23b62d</code></a>
build(deps-dev): bump ts-jest from 29.2.5 to 29.2.6 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3751">#3751</a>)</li>
<li>See full diff in <a
href="https://github.com/peter-evans/create-pull-request/compare/dd2324fc52d5d43c699a5636bcf19fceaa70c284...271a8d0340265f705b14b6d32b9829c1cb33d45e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=7.0.7&new-version=7.0.8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-10 08:21:15 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
58edc777c0 Bump actions/create-github-app-token from 1.11.5 to 1.11.6 (#3109)
Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 1.11.5 to 1.11.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v1.11.6</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v1.11.5...v1.11.6">1.11.6</a>
(2025-03-03)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump the production-dependencies group with 2
updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/210">#210</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/1ff1dea6a9d1de5b4795e5314291e04acc63c38b">1ff1dea</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/21cfef2b496dd8ef5b904c159339626a10ad380e"><code>21cfef2</code></a>
build(release): 1.11.6 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/1ff1dea6a9d1de5b4795e5314291e04acc63c38b"><code>1ff1dea</code></a>
fix(deps): bump the production-dependencies group with 2 updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/210">#210</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/create-github-app-token/compare/0d564482f06ca65fa9e77e2510873638c82206f2...21cfef2b496dd8ef5b904c159339626a10ad380e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=1.11.5&new-version=1.11.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-03-05 08:39:41 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
f64d7d42d9 Bump peter-evans/create-pull-request from 7.0.6 to 7.0.7 (#3051)
Bumps
[peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request)
from 7.0.6 to 7.0.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's
releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v7.0.7</h2>
<p>⚙️ Fixes an issue with commit signing where modifications to the same
file in multiple commits squash into the first commit.</p>
<h2>What's Changed</h2>
<ul>
<li>build(deps): bump <code>@​octokit/core</code> from 6.1.2 to 6.1.3 by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3593">peter-evans/create-pull-request#3593</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.68 to
18.19.70 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3594">peter-evans/create-pull-request#3594</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3603">peter-evans/create-pull-request#3603</a></li>
<li>build(deps-dev): bump typescript from 5.7.2 to 5.7.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3610">peter-evans/create-pull-request#3610</a></li>
<li>build(deps): bump octokit dependencies by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3618">peter-evans/create-pull-request#3618</a></li>
<li>docs: add workflow tip for showing message via workflow command by
<a href="https://github.com/ybiquitous"><code>@​ybiquitous</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3626">peter-evans/create-pull-request#3626</a></li>
<li>build(deps-dev): bump eslint-plugin-prettier from 5.2.1 to 5.2.3 by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3628">peter-evans/create-pull-request#3628</a></li>
<li>build(deps): bump node-fetch-native from 1.6.4 to 1.6.6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3627">peter-evans/create-pull-request#3627</a></li>
<li>build(deps-dev): bump undici from 6.21.0 to 6.21.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3630">peter-evans/create-pull-request#3630</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.70 to
18.19.71 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3629">peter-evans/create-pull-request#3629</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3647">peter-evans/create-pull-request#3647</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.71 to
18.19.74 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3657">peter-evans/create-pull-request#3657</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.74 to
18.19.75 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3663">peter-evans/create-pull-request#3663</a></li>
<li>build(deps): bump
<code>@​octokit/plugin-rest-endpoint-methods</code> from 13.3.0 to
13.3.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3670">peter-evans/create-pull-request#3670</a></li>
<li>build(deps-dev): bump prettier from 3.4.2 to 3.5.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3671">peter-evans/create-pull-request#3671</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3680">peter-evans/create-pull-request#3680</a></li>
<li>build(deps): bump <code>@​octokit/request-error</code> from 6.1.6 to
6.1.7 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3685">peter-evans/create-pull-request#3685</a></li>
<li>build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from
11.4.0 to 11.4.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3688">peter-evans/create-pull-request#3688</a></li>
<li>build(deps): bump <code>@​octokit/endpoint</code> from 10.1.2 to
10.1.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3700">peter-evans/create-pull-request#3700</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3691">peter-evans/create-pull-request#3691</a></li>
<li>build(deps-dev): bump prettier from 3.5.0 to 3.5.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3709">peter-evans/create-pull-request#3709</a></li>
<li>build(deps-dev): bump eslint-import-resolver-typescript from 3.7.0
to 3.8.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3710">peter-evans/create-pull-request#3710</a></li>
<li>build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from
11.4.1 to 11.4.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3713">peter-evans/create-pull-request#3713</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.75 to
18.19.76 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3712">peter-evans/create-pull-request#3712</a></li>
<li>build(deps): bump <code>@​octokit/core</code> from 6.1.3 to 6.1.4 by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3711">peter-evans/create-pull-request#3711</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3736">peter-evans/create-pull-request#3736</a></li>
<li>Use showFileAtRefBase64 to read per-commit file contents by <a
href="https://github.com/grahamc"><code>@​grahamc</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3744">peter-evans/create-pull-request#3744</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/ybiquitous"><code>@​ybiquitous</code></a> made
their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3626">peter-evans/create-pull-request#3626</a></li>
<li><a href="https://github.com/grahamc"><code>@​grahamc</code></a> made
their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3744">peter-evans/create-pull-request#3744</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/create-pull-request/compare/v7.0.6...v7.0.7">https://github.com/peter-evans/create-pull-request/compare/v7.0.6...v7.0.7</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/dd2324fc52d5d43c699a5636bcf19fceaa70c284"><code>dd2324f</code></a>
fix: use showFileAtRefBase64 to read per-commit file contents (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3744">#3744</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/367180cbdfa0448fc1ca9136e4adb020658cf4e5"><code>367180c</code></a>
ci: remove testv5 cmd</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/25575a12f382fb9c68692ffce1174138b61417d7"><code>25575a1</code></a>
build: update distribution (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3736">#3736</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/a56e7a56e9186132269996d8937494f12ff51f77"><code>a56e7a5</code></a>
build(deps): bump <code>@​octokit/core</code> from 6.1.3 to 6.1.4 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3711">#3711</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/eac17dc6a391b3ae789deacc22d4d36f5e62ef6b"><code>eac17dc</code></a>
build(deps-dev): bump <code>@​types/node</code> from 18.19.75 to
18.19.76 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3712">#3712</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/a2e685f8147c673583a881447134a26d6fa3d0f7"><code>a2e685f</code></a>
build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from
11.4.1 to 11.4.2 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3713">#3713</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/6cfd146ec94d1142c1ea0bd8b540622c50f3a34b"><code>6cfd146</code></a>
build(deps-dev): bump eslint-import-resolver-typescript (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3710">#3710</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/b38e8d38a18a291242f9072a0d9843d4c0ed6792"><code>b38e8d3</code></a>
build(deps-dev): bump prettier from 3.5.0 to 3.5.1 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3709">#3709</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/8a41570d993b6f7de42d9533f6b785fc151c96e6"><code>8a41570</code></a>
build: update distribution (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3691">#3691</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/2e9b4cc10ed4becca3a04f63d54db8baf010d424"><code>2e9b4cc</code></a>
build(deps): bump <code>@​octokit/endpoint</code> from 10.1.2 to 10.1.3
(<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3700">#3700</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/peter-evans/create-pull-request/compare/67ccf781d68cd99b580ae25a5c18a1cc84ffff1f...dd2324fc52d5d43c699a5636bcf19fceaa70c284">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=7.0.6&new-version=7.0.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-25 21:29:06 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
6aad45fcec Bump actions/upload-artifact from 4.6.0 to 4.6.1 (#3034)
Bumps
[actions/upload-artifact](https://github.com/actions/upload-artifact)
from 4.6.0 to 4.6.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.6.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update to use artifact 2.2.2 package by <a
href="https://github.com/yacaovsnc"><code>@​yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/673">actions/upload-artifact#673</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v4...v4.6.1">https://github.com/actions/upload-artifact/compare/v4...v4.6.1</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1"><code>4cec3d8</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/673">#673</a>
from actions/yacaovsnc/artifact_2.2.2</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/e9fad966ccdffceea5de0445882c9455934bcf8e"><code>e9fad96</code></a>
license cache update for artifact</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/b26fd06e9da88a61ada55f23d7863325b1f115d3"><code>b26fd06</code></a>
Update to use artifact 2.2.2 package</li>
<li>See full diff in <a
href="https://github.com/actions/upload-artifact/compare/65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08...4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/upload-artifact&package-manager=github_actions&previous-version=4.6.0&new-version=4.6.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-23 19:55:08 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Ludy
880ca6af7f Bump actions/create-github-app-token from 1.11.3 to 1.11.5 (#3008)
Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 1.11.3 to 1.11.5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v1.11.5</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v1.11.4...v1.11.5">1.11.5</a>
(2025-02-15)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@​octokit/request</code> from
9.2.0 to 9.2.2 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/209">#209</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/8cedd97af185a345311c6ff53158738940cfef67">8cedd97</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/740">#740</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/738">#738</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/740">#740</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/737">#737</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/738">#738</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/736">#736</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/735">#735</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/734">#734</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/733">#733</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/732">#732</a></li>
<li><strong>deps:</strong> bump <code>@​octokit/request-error</code>
from 6.1.6 to 6.1.7 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/208">#208</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/415f6a523daf7072d0ea81f3cdc20426287bd566">415f6a5</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/494">#494</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/491">#491</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/490">#490</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/488">#488</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/486">#486</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/487">#487</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/485">#485</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/484">#484</a></li>
</ul>
<h2>v1.11.4</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v1.11.3...v1.11.4">1.11.4</a>
(2025-02-15)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@​octokit/endpoint</code> from
10.1.1 to 10.1.3 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/207">#207</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/d30def842e4992ac18a35cd1108d776944ab7535">d30def8</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/507">#507</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/514">#514</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/512">#512</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/511">#511</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/509">#509</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/508">#508</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/507">#507</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/506">#506</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/505">#505</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/504">#504</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/0d564482f06ca65fa9e77e2510873638c82206f2"><code>0d56448</code></a>
build(release): 1.11.5 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/8cedd97af185a345311c6ff53158738940cfef67"><code>8cedd97</code></a>
fix(deps): bump <code>@​octokit/request</code> from 9.2.0 to 9.2.2 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/209">#209</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/415f6a523daf7072d0ea81f3cdc20426287bd566"><code>415f6a5</code></a>
fix(deps): bump <code>@​octokit/request-error</code> from 6.1.6 to 6.1.7
(<a
href="https://redirect.github.com/actions/create-github-app-token/issues/208">#208</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/c14f92a8f9fd9aff60349b9d5bb2f2d9933926bd"><code>c14f92a</code></a>
build(release): 1.11.4 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/d30def842e4992ac18a35cd1108d776944ab7535"><code>d30def8</code></a>
fix(deps): bump <code>@​octokit/endpoint</code> from 10.1.1 to 10.1.3
(<a
href="https://redirect.github.com/actions/create-github-app-token/issues/207">#207</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/a5be4722a6091c4e20293de271822a5532f23326"><code>a5be472</code></a>
build(deps-dev): bump esbuild from 0.24.2 to 0.25.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/206">#206</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/create-github-app-token/compare/67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7...0d564482f06ca65fa9e77e2510873638c82206f2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=1.11.3&new-version=1.11.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ludy <[email protected]>
2025-02-22 22:55:09 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony StirlingLudy
11a5b2e79f Bump actions/create-github-app-token from 1.11.2 to 1.11.3 (#2878)
Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 1.11.2 to 1.11.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v1.11.3</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v1.11.2...v1.11.3">1.11.3</a>
(2025-02-04)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump the production-dependencies group with 3
updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/203">#203</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/8e85a3cf1418b864b528ed9c756cd9c84932d442">8e85a3c</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/665">#665</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/665">#665</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/663">#663</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/662">#662</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/661">#661</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/659">#659</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/660">#660</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/658">#658</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/656">#656</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/657">#657</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/655">#655</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/731">#731</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4016">nodejs/undici#4016</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4017">nodejs/undici#4017</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4018">nodejs/undici#4018</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4008">nodejs/undici#4008</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3991">nodejs/undici#3991</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4001">nodejs/undici#4001</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3980">nodejs/undici#3980</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4003">nodejs/undici#4003</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3965">nodejs/undici#3965</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4002">nodejs/undici#4002</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/4006">nodejs/undici#4006</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3956">nodejs/undici#3956</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3964">nodejs/undici#3964</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3447">nodejs/undici#3447</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3966">#3966</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3967">nodejs/undici#3967</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3971">nodejs/undici#3971</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3954">nodejs/undici#3954</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3972">nodejs/undici#3972</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3974">nodejs/undici#3974</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3976">nodejs/undici#3976</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3975">#3975</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3977">nodejs/undici#3977</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3978">nodejs/undici#3978</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3981">nodejs/undici#3981</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3983">nodejs/undici#3983</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3986">nodejs/undici#3986</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4021">#4021</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4018">#4018</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4017">#4017</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4016">#4016</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4008">#4008</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4007">#4007</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/4006">#4006</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3965">#3965</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7"><code>67e27a7</code></a>
build(release): 1.11.3 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/8e85a3cf1418b864b528ed9c756cd9c84932d442"><code>8e85a3c</code></a>
fix(deps): bump the production-dependencies group with 3 updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/203">#203</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/create-github-app-token/compare/136412a57a7081aa63c935a2cc2918f76c34f514...67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=1.11.2&new-version=1.11.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
Co-authored-by: Ludy <[email protected]>
2025-02-19 22:17:42 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
554c112a94 Bump step-security/harden-runner from 2.10.4 to 2.11.0 (#2980)
Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.10.4 to 2.11.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.11.0</h2>
<h2>What's Changed</h2>
<p>Release v2.11.0 in <a
href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a>
Harden-Runner Enterprise tier now supports the use of eBPF for DNS
resolution and network call monitoring</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.11.0">https://github.com/step-security/harden-runner/compare/v2...v2.11.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/4d991eb9b905ef189e4c376166672c3f2f230481"><code>4d991eb</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a>
from step-security/rc-18</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4ea872f89714b83576609e6f89476dfb114a6246"><code>4ea872f</code></a>
Update README.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/65d6f6e4ee070283fc8739e8d8295eb6c554029a"><code>65d6f6e</code></a>
Add workflows</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/1034c9a80544b55a7706ed377ea64ded8b0c7ea4"><code>1034c9a</code></a>
Update package-lock.json</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/ab221e2d7a450f54fde8ccb211cea73c5bcf1e2a"><code>ab221e2</code></a>
Update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/7cb6c2fb524eafc78ce834c51af420c289690789"><code>7cb6c2f</code></a>
Update agent</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/cb605e52c26070c328afc4562f0b4ada7618a84e...4d991eb9b905ef189e4c376166672c3f2f230481">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.10.4&new-version=2.11.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-18 12:07:08 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>Anthony Stirling
b9bfcd59cd Bump gradle/actions from 4.2.2 to 4.3.0 (#2870)
Bumps [gradle/actions](https://github.com/gradle/actions) from 4.2.2 to
4.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gradle/actions/releases">gradle/actions's
releases</a>.</em></p>
<blockquote>
<h2>v4.3.0</h2>
<p>This release brings some significant improvements to cache-cleanup
and dependency-submission:</p>
<ul>
<li>Cleanup cache entries written by newly released Gradle versions (<a
href="https://redirect.github.com/gradle/actions/issues/436">#436</a>)</li>
<li>Use existing Gradle wrapper distribution for cache-cleanup where
possible (<a
href="https://redirect.github.com/gradle/actions/issues/515">#515</a>)</li>
<li>Automatically save each dependency-graph that is submitted by
<code>dependency-submission</code> (<a
href="https://redirect.github.com/gradle/actions/issues/519">#519</a>)</li>
<li>Fix deprecation warnings emitted by Gradle 8.12+ when:
<ul>
<li>Using <code>build-scan-publish: true</code> or Develocity injection
(<a
href="https://redirect.github.com/gradle/actions/issues/543">#543</a>)</li>
<li>Using dependency-submission with an authenticated plugin repository
with Gradle (<a
href="https://redirect.github.com/gradle/actions/issues/541">#541</a>)</li>
</ul>
</li>
<li>Fix warning when using toolchain support with Gradle 7.x (<a
href="https://redirect.github.com/gradle/actions/issues/511">#511</a>)</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Update known wrapper checksums by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/493">gradle/actions#493</a></li>
<li>Fix typo in <code>cache-reporting.ts</code> by <a
href="https://github.com/SimonMarquis"><code>@​SimonMarquis</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/492">gradle/actions#492</a></li>
<li>Bump Gradle Wrappers by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/499">gradle/actions#499</a></li>
<li>Bump the github-actions group across 3 directories with 7 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/510">gradle/actions#510</a></li>
<li>Bump the npm-dependencies group across 1 directory with 6 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/512">gradle/actions#512</a></li>
<li>Clean-up missing imports for tests by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/513">gradle/actions#513</a></li>
<li>Bump the npm-dependencies group in /sources with 3 updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/521">gradle/actions#521</a></li>
<li>Add npm build scans by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/517">gradle/actions#517</a></li>
<li>Avoid env-var interpolation in toolchains.xml by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/518">gradle/actions#518</a></li>
<li>Avoid saving build-results for cache cleanup by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/520">gradle/actions#520</a></li>
<li>Save dependency graph as workflow artifact by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/522">gradle/actions#522</a></li>
<li>Update to CCUDGP 2.1 by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/524">gradle/actions#524</a></li>
<li>Bump references to Develocity Gradle plugin from 3.19 to 3.19.1 by
<a
href="https://github.com/bot-githubaction"><code>@​bot-githubaction</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/527">gradle/actions#527</a></li>
<li>Choose best Gradle version to use for cache cleanup by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/526">gradle/actions#526</a></li>
<li>Uppercase cache-encryption-key by <a
href="https://github.com/Goooler"><code>@​Goooler</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/528">gradle/actions#528</a></li>
<li>Attempt to use gradle wrapper for cache cleanup by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/525">gradle/actions#525</a></li>
<li>Document GRADLE_ACTIONS_SKIP_BUILD_RESULT_CAPTURE by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/529">gradle/actions#529</a></li>
<li>Update known wrapper checksums by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/509">gradle/actions#509</a></li>
<li>Bump Gradle Wrappers by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/gradle/actions/pull/535">gradle/actions#535</a></li>
<li>Bump the github-actions group across 2 directories with 2 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/538">gradle/actions#538</a></li>
<li>Update undici to resolve vulnerability by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/536">gradle/actions#536</a></li>
<li>Bump the npm-dependencies group across 1 directory with 2 updates by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/gradle/actions/pull/539">gradle/actions#539</a></li>
<li>Update docs for dependency review by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/540">gradle/actions#540</a></li>
<li>Fix space assignment deprecations in init-scripts by <a
href="https://github.com/bigdaz"><code>@​bigdaz</code></a> in <a
href="https://redirect.github.com/gradle/actions/pull/542">gradle/actions#542</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/SimonMarquis"><code>@​SimonMarquis</code></a>
made their first contribution in <a
href="https://redirect.github.com/gradle/actions/pull/492">gradle/actions#492</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gradle/actions/compare/v4.2.2...v4.3.0">https://github.com/gradle/actions/compare/v4.2.2...v4.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gradle/actions/commit/94baf225fe0a508e581a564467443d0e2379123b"><code>94baf22</code></a>
Fix space assignment deprecations in init-scripts (<a
href="https://redirect.github.com/gradle/actions/issues/542">#542</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/6f10c21ec5f599a0b89667926d38072802b3d6fc"><code>6f10c21</code></a>
Make it easier to produce 'prerelease' versions</li>
<li><a
href="https://github.com/gradle/actions/commit/0b492c475f504e36ead18a16150445eff0744fbc"><code>0b492c4</code></a>
Fix deprecation warnings in develocity init-script</li>
<li><a
href="https://github.com/gradle/actions/commit/79bad900c08bc46eaf2277d99d548b968994ebbe"><code>79bad90</code></a>
Fix deprecation warnings in dependency-graph init-script</li>
<li><a
href="https://github.com/gradle/actions/commit/986922f6a6cae731e74a1101cfb48c1928f94d64"><code>986922f</code></a>
Update docs for dependency review (<a
href="https://redirect.github.com/gradle/actions/issues/540">#540</a>)</li>
<li><a
href="https://github.com/gradle/actions/commit/65a3beb9413b5a43f94e1eea10a51c507e62b78f"><code>65a3beb</code></a>
[bot] Update dist directory</li>
<li><a
href="https://github.com/gradle/actions/commit/0e67f6d83b0113c903ae9b9cf26c587076a01d82"><code>0e67f6d</code></a>
Bump the npm-dependencies group across 1 directory with 2 updates</li>
<li><a
href="https://github.com/gradle/actions/commit/b6ac71fd86906618fa352cfa92ab29a0b53daa81"><code>b6ac71f</code></a>
[bot] Update dist directory</li>
<li><a
href="https://github.com/gradle/actions/commit/9053a599ae356ff00d824e690d556ddbec068864"><code>9053a59</code></a>
Update undici to resolve vulnerability</li>
<li><a
href="https://github.com/gradle/actions/commit/7560c304a61cfac10bf3a196e0769a30d4ecd4aa"><code>7560c30</code></a>
Bump the github-actions group across 2 directories with 2 updates</li>
<li>Additional commits viewable in <a
href="https://github.com/gradle/actions/compare/0bdd871935719febd78681f197cd39af5b6e16a6...94baf225fe0a508e581a564467443d0e2379123b">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=gradle/actions&package-manager=github_actions&previous-version=4.2.2&new-version=4.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Anthony Stirling <[email protected]>
2025-02-04 10:42:29 +00:00
LudyandGitHub 9e8c16f313 checks the compatibility of the licenses (#2844)
# Description of Changes

### What was changed
- An **automated license check** was integrated into the CI/CD workflow
(`build.yml` and `licenses-update.yml`).
- A new file, `allowed-licenses.json`, was added to explicitly define
the permitted licenses.
- The **Gradle build process** was updated to run `checkLicense` and
detect any non-compliant licenses.

### Why the change was made
- **Improved license compliance** to ensure only compatible licenses are
used.
- **Automated license validation** within the CI/CD workflow to detect
potential incompatibilities early.
- **Legal risk mitigation** by excluding problematic licenses like
**GPL-2.0 (without Classpath Exception)**.

### Any challenges encountered
- The **allowed license list had to be manually curated** to ensure all
relevant open-source libraries were covered.
- Some dependencies use **slightly different license names** (e.g.,
`"Apache License, Version 2.0"` vs. `"Apache-2.0"`), which needed to be
handled in the validation process.

---

## Checklist

### General

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md)
(if applicable)
- [x] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings

### Documentation

- [x] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)

### UI Changes (if applicable)

- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)

### Testing (if applicable)

- [x] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing)
for more details.
2025-02-03 10:13:02 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
637446fab8 Bump actions/setup-java from 4.6.0 to 4.7.0 (#2855)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps [actions/setup-java](https://github.com/actions/setup-java) from
4.6.0 to 4.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/setup-java/releases">actions/setup-java's
releases</a>.</em></p>
<blockquote>
<h2>v4.7.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Configure Dependabot settings by <a
href="https://github.com/HarithaVattikuti"><code>@​HarithaVattikuti</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/722">actions/setup-java#722</a></li>
<li>README Update: Added a permissions section by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li>
<li>Upgrade <code>cache</code> from version 3.2.4 to 4.0.0 by <a
href="https://github.com/aparnajyothi-y"><code>@​aparnajyothi-y</code></a>
in <a
href="https://redirect.github.com/actions/setup-java/pull/724">actions/setup-java#724</a></li>
<li>Upgrade <code>@actions/http-client</code> from 2.2.1 to 2.2.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/728">actions/setup-java#728</a></li>
<li>Upgrade <code>actions/publish-immutable-action</code> from 0.0.3 to
0.0.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/727">actions/setup-java#727</a></li>
<li>Upgrade <code>@types/jest</code> from 29.5.12 to 29.5.14 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/setup-java/pull/729">actions/setup-java#729</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/benwells"><code>@​benwells</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/setup-java/pull/723">actions/setup-java#723</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/setup-java/compare/v4...v4.7.0">https://github.com/actions/setup-java/compare/v4...v4.7.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/setup-java/commit/3a4f6e1af504cf6a31855fa899c6aa5355ba6c12"><code>3a4f6e1</code></a>
Bump <code>@​types/jest</code> from 29.5.12 to 29.5.14 (<a
href="https://redirect.github.com/actions/setup-java/issues/729">#729</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/25f376e3482f0dca3da72062bdab5082495705ff"><code>25f376e</code></a>
Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (<a
href="https://redirect.github.com/actions/setup-java/issues/727">#727</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/d4e4b6bbc1a6e93198eade3e6adfedd3c01f79c4"><code>d4e4b6b</code></a>
Bump <code>@​actions/http-client</code> from 2.2.1 to 2.2.3 (<a
href="https://redirect.github.com/actions/setup-java/issues/728">#728</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/28b532bcb39ad928b00bc3cbce25c94d11654854"><code>28b532b</code></a>
Create dependabot.yml (<a
href="https://redirect.github.com/actions/setup-java/issues/722">#722</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/51ab6d2e3070fda1eac8cfaab8ffd90e6019d7e1"><code>51ab6d2</code></a>
Update cache from 3.2.4 to 4.0.0 (<a
href="https://redirect.github.com/actions/setup-java/issues/724">#724</a>)</li>
<li><a
href="https://github.com/actions/setup-java/commit/99d3141d9ba96520552bfd7a9545bc1d74da9251"><code>99d3141</code></a>
Update README.md (<a
href="https://redirect.github.com/actions/setup-java/issues/723">#723</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/setup-java/compare/7a6d8a8234af8eb26422e24e3006232cccaa061b...3a4f6e1af504cf6a31855fa899c6aa5355ba6c12">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/setup-java&package-manager=github_actions&previous-version=4.6.0&new-version=4.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-03 10:08:34 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
f9b92eec71 Bump actions/create-github-app-token from 1.11.1 to 1.11.2 (#2853)
Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 1.11.1 to 1.11.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v1.11.2</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v1.11.1...v1.11.2">1.11.2</a>
(2025-01-30)</h2>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump <code>@​octokit/request</code> from
9.1.3 to 9.1.4 in the production-dependencies group (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/196">#196</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/b4192a5b3659c0e5875f868c44727ef4ecc5d579">b4192a5</a>),
closes <a
href="https://redirect.github.com/actions/create-github-app-token/issues/730">#730</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/730">#730</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/729">#729</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/727">#727</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/726">#726</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/723">#723</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/724">#724</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/722">#722</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/721">#721</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/720">#720</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/719">#719</a></li>
<li><strong>deps:</strong> bump undici from 6.19.8 to 7.2.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/198">#198</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/29aa0514a79f3b4aa8b1547173a41455949e4bf6">29aa051</a>),
closes <a
href="https://redirect.github.com/nodejs/undici/issues/3958">nodejs/undici#3958</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3955">nodejs/undici#3955</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3962">nodejs/undici#3962</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3921">nodejs/undici#3921</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3923">nodejs/undici#3923</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3925">nodejs/undici#3925</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3926">nodejs/undici#3926</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3924">nodejs/undici#3924</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3933">nodejs/undici#3933</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3916">nodejs/undici#3916</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3930">nodejs/undici#3930</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3938">nodejs/undici#3938</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3937">#3937</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3940">nodejs/undici#3940</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3931">nodejs/undici#3931</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3941">nodejs/undici#3941</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3911">nodejs/undici#3911</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3888">nodejs/undici#3888</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3939">nodejs/undici#3939</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3947">nodejs/undici#3947</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3945">nodejs/undici#3945</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3916">nodejs/undici#3916</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3893">nodejs/undici#3893</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3902">nodejs/undici#3902</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3901">#3901</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3903">nodejs/undici#3903</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3905">nodejs/undici#3905</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3900">nodejs/undici#3900</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3913">nodejs/undici#3913</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3910">nodejs/undici#3910</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3909">nodejs/undici#3909</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3906">nodejs/undici#3906</a>
<a
href="https://redirect.github.com/nodejs/undici/issues/3922">nodejs/undici#3922</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3962">#3962</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3955">#3955</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3958">#3958</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3945">#3945</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3947">#3947</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3939">#3939</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3888">#3888</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3911">#3911</a>
<a
href="https://redirect.github.com/actions/create-github-app-token/issues/3941">#3941</a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/136412a57a7081aa63c935a2cc2918f76c34f514"><code>136412a</code></a>
build(release): 1.11.2 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/b4192a5b3659c0e5875f868c44727ef4ecc5d579"><code>b4192a5</code></a>
fix(deps): bump <code>@​octokit/request</code> from 9.1.3 to 9.1.4 in
the production-depend...</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/29aa0514a79f3b4aa8b1547173a41455949e4bf6"><code>29aa051</code></a>
fix(deps): bump undici from 6.19.8 to 7.2.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/198">#198</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/a5f8600f5881d59ee9299dfd57605d0ccbd561f5"><code>a5f8600</code></a>
build(deps-dev): bump <code>@​sinonjs/fake-timers</code> from 13.0.2 to
14.0.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/199">#199</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/0edddd70c80d313f6d5fac3b29df92440abb9e33"><code>0edddd7</code></a>
build(deps-dev): bump the development-dependencies group with 2 updates
(<a
href="https://redirect.github.com/actions/create-github-app-token/issues/197">#197</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/bb3ca765afdde129dbde9599979c21f6d97e9b0a"><code>bb3ca76</code></a>
docs(README): remove extra space in variable syntax in README example
(<a
href="https://redirect.github.com/actions/create-github-app-token/issues/201">#201</a>)</li>
<li>See full diff in <a
href="https://github.com/actions/create-github-app-token/compare/c1a285145b9d317df6ced56c09f525b5c2b6f755...136412a57a7081aa63c935a2cc2918f76c34f514">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=1.11.1&new-version=1.11.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-02-03 10:07:37 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
c5ae576541 Bump step-security/harden-runner from 2.10.3 to 2.10.4 (#2761)
[//]: # (dependabot-start)
⚠️  **Dependabot is rebasing this PR** ⚠️ 

Rebasing might not happen immediately, so don't worry if this takes some
time.

Note: if you make any changes to this PR yourself, they will take
precedence over the rebase.

---

[//]: # (dependabot-end)

Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.10.3 to 2.10.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.10.4</h2>
<h2>What's Changed</h2>
<p>Fixed a potential Harden-Runner post step failure that could occur
when printing agent service logs. The fix gracefully handles failures
without failing the post step.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2...v2.10.4">https://github.com/step-security/harden-runner/compare/v2...v2.10.4</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/cb605e52c26070c328afc4562f0b4ada7618a84e"><code>cb605e5</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/496">#496</a>
from step-security/fix-enobufs</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/61144dda3ba7a45a4e879e99c548ff785b492364"><code>61144dd</code></a>
Update log statement</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/b8be370ff4fa3a7b5d97afe5cbb1921a734fffcc"><code>b8be370</code></a>
Add try catch block</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/6f6fa07e47155133e69ca8a751aad4ff01a292b1"><code>6f6fa07</code></a>
Fix ENOBUFS issue</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/18f6947f131da60743dc12d2a22ff28c2b4ea87f"><code>18f6947</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/495">#495</a>
from AkhigbeEromo/Update-README</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/81f844e74365cf557ddf3715c247f745a115a5b2"><code>81f844e</code></a>
Edit docs</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4c766de2db7a0b0a47e5728947c16e113c64f377"><code>4c766de</code></a>
Merge branch 'Update-README' of <a
href="https://github.com/AkhigbeEromo/harden-runner">https://github.com/AkhigbeEromo/harden-runner</a>...</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/c9c5f3273c74d0365949a3aa120e85977f51d1ef"><code>c9c5f32</code></a>
Handle Ashish reviews</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/2877824267faf8efc084b00de71c0fe737ff0a76"><code>2877824</code></a>
Merge branch 'main' into Update-README</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/be87de076dd7a9aa9a9220dc9488dea2f8775db0"><code>be87de0</code></a>
Clean up</li>
<li>Additional commits viewable in <a
href="https://github.com/step-security/harden-runner/compare/c95a14d0e5bab51a9f56296a4eb0e416910cd350...cb605e52c26070c328afc4562f0b4ada7618a84e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.10.3&new-version=2.10.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-21 11:11:01 +00:00
Anthony StirlingandGitHub 1de33cf36c quick fix var to secret (#2707)
# Description

Please provide a summary of the changes, including relevant motivation
and context.

Closes #(issue_number)

## Checklist

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have performed a self-review of my own code
- [ ] I have attached images of the change if it is UI based
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] If my code has heavily changed functionality I have updated
relevant docs on [Stirling-PDFs doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
- [ ] My changes generate no new warnings
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
2025-01-15 19:50:06 +00:00
Anthony StirlingandGitHub fcb3d48a1f Auto merge test (#2706)
# Description

Please provide a summary of the changes, including relevant motivation
and context.

Closes #(issue_number)

## Checklist

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have performed a self-review of my own code
- [ ] I have attached images of the change if it is UI based
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] If my code has heavily changed functionality I have updated
relevant docs on [Stirling-PDFs doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
- [ ] My changes generate no new warnings
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
2025-01-15 19:43:14 +00:00
LudyandGitHub 888ef104a2 Bump: Harden Runner from v2.10.2 to v2.10.3 (#2686)
# Description


https://github.com/Stirling-Tools/Stirling-PDF/security/code-scanning/197

https://github.com/Stirling-Tools/Stirling-PDF/security/code-scanning/198

https://github.com/Stirling-Tools/Stirling-PDF/security/code-scanning/199

## Checklist

- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have performed a self-review of my own code
- [ ] I have attached images of the change if it is UI based
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] If my code has heavily changed functionality I have updated
relevant docs on [Stirling-PDFs doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
- [x] My changes generate no new warnings
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
2025-01-13 22:26:05 +00:00
LudyandGitHub 875f5a85ef Token-Permissions & Pinned-Dependencies (#2586)
# Description

Please provide a summary of the changes, including relevant motivation
and context.

Closes #(issue_number)

## Checklist

- [ ] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [ ] I have performed a self-review of my own code
- [ ] I have attached images of the change if it is UI based
- [ ] I have commented my code, particularly in hard-to-understand areas
- [ ] If my code has heavily changed functionality I have updated
relevant docs on [Stirling-PDFs doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
- [ ] My changes generate no new warnings
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
2025-01-02 18:22:14 +00:00
dependabot[bot]GitHubdependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
5e173b92d4 Bump peter-evans/create-pull-request from 7.0.5 to 7.0.6 (#2574)
Bumps
[peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request)
from 7.0.5 to 7.0.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/peter-evans/create-pull-request/releases">peter-evans/create-pull-request's
releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v7.0.6</h2>
<p>⚙️ Fixes an issue with commit signing where unicode characters in
file paths were not preserved.</p>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump <code>@​vercel/ncc</code> from 0.38.1 to
0.38.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3365">peter-evans/create-pull-request#3365</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3370">peter-evans/create-pull-request#3370</a></li>
<li>build(deps): bump
<code>@​octokit/plugin-rest-endpoint-methods</code> from 13.2.4 to
13.2.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3375">peter-evans/create-pull-request#3375</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.50 to
18.19.54 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3376">peter-evans/create-pull-request#3376</a></li>
<li>build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from
11.3.3 to 11.3.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3377">peter-evans/create-pull-request#3377</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3388">peter-evans/create-pull-request#3388</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.54 to
18.19.55 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3400">peter-evans/create-pull-request#3400</a></li>
<li>build(deps): bump <code>@​actions/core</code> from 1.10.1 to 1.11.1
by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3401">peter-evans/create-pull-request#3401</a></li>
<li>build(deps): bump
<code>@​octokit/plugin-rest-endpoint-methods</code> from 13.2.5 to
13.2.6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3403">peter-evans/create-pull-request#3403</a></li>
<li>build(deps-dev): bump eslint-plugin-import from 2.30.0 to 2.31.0 by
<a href="https://github.com/dependabot"><code>@​dependabot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3402">peter-evans/create-pull-request#3402</a></li>
<li>build(deps): bump <code>@​octokit/plugin-throttling</code> from
9.3.1 to 9.3.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3404">peter-evans/create-pull-request#3404</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3423">peter-evans/create-pull-request#3423</a></li>
<li>build(deps-dev): bump typescript from 5.6.2 to 5.6.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3441">peter-evans/create-pull-request#3441</a></li>
<li>build(deps): bump undici from 6.19.8 to 6.20.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3442">peter-evans/create-pull-request#3442</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3451">peter-evans/create-pull-request#3451</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.55 to
18.19.58 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3457">peter-evans/create-pull-request#3457</a></li>
<li>build(deps-dev): bump <code>@​types/jest</code> from 29.5.13 to
29.5.14 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3462">peter-evans/create-pull-request#3462</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.58 to
18.19.60 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3463">peter-evans/create-pull-request#3463</a></li>
<li>chore: don't bundle undici by <a
href="https://github.com/benmccann"><code>@​benmccann</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3475">peter-evans/create-pull-request#3475</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3478">peter-evans/create-pull-request#3478</a></li>
<li>chore: use node-fetch-native support for proxy env vars by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3483">peter-evans/create-pull-request#3483</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.60 to
18.19.64 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3488">peter-evans/create-pull-request#3488</a></li>
<li>build(deps-dev): bump undici from 6.20.1 to 6.21.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3499">peter-evans/create-pull-request#3499</a></li>
<li>build(deps-dev): bump <code>@​vercel/ncc</code> from 0.38.2 to
0.38.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3500">peter-evans/create-pull-request#3500</a></li>
<li>docs: note <code>push-to-repo</code> classic PAT
<code>workflow</code> scope requirement by <a
href="https://github.com/scop"><code>@​scop</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3511">peter-evans/create-pull-request#3511</a></li>
<li>docs: spelling fixes by <a
href="https://github.com/scop"><code>@​scop</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3512">peter-evans/create-pull-request#3512</a></li>
<li>build(deps-dev): bump typescript from 5.6.3 to 5.7.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3516">peter-evans/create-pull-request#3516</a></li>
<li>build(deps-dev): bump prettier from 3.3.3 to 3.4.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3517">peter-evans/create-pull-request#3517</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.64 to
18.19.66 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3518">peter-evans/create-pull-request#3518</a></li>
<li>docs(README): clarify that an existing open PR is managed by <a
href="https://github.com/caugner"><code>@​caugner</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3498">peter-evans/create-pull-request#3498</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3529">peter-evans/create-pull-request#3529</a></li>
<li>build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from
11.3.5 to 11.3.6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3542">peter-evans/create-pull-request#3542</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.66 to
18.19.67 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3543">peter-evans/create-pull-request#3543</a></li>
<li>build(deps-dev): bump prettier from 3.4.0 to 3.4.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3544">peter-evans/create-pull-request#3544</a></li>
<li>build(deps-dev): bump eslint-import-resolver-typescript from 3.6.3
to 3.7.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3559">peter-evans/create-pull-request#3559</a></li>
<li>build(deps-dev): bump prettier from 3.4.1 to 3.4.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3560">peter-evans/create-pull-request#3560</a></li>
<li>build(deps-dev): bump <code>@​types/node</code> from 18.19.67 to
18.19.68 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3570">peter-evans/create-pull-request#3570</a></li>
<li>build(deps): bump p-limit from 6.1.0 to 6.2.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3578">peter-evans/create-pull-request#3578</a></li>
<li>Update distribution by <a
href="https://github.com/actions-bot"><code>@​actions-bot</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3583">peter-evans/create-pull-request#3583</a></li>
<li>fix: preserve unicode in filepaths when commit signing by <a
href="https://github.com/peter-evans"><code>@​peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3588">peter-evans/create-pull-request#3588</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/benmccann"><code>@​benmccann</code></a>
made their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3475">peter-evans/create-pull-request#3475</a></li>
<li><a href="https://github.com/scop"><code>@​scop</code></a> made their
first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3511">peter-evans/create-pull-request#3511</a></li>
<li><a href="https://github.com/caugner"><code>@​caugner</code></a> made
their first contribution in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/3498">peter-evans/create-pull-request#3498</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/67ccf781d68cd99b580ae25a5c18a1cc84ffff1f"><code>67ccf78</code></a>
fix: preserve unicode in filepaths when commit signing (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3588">#3588</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/bb88e27d3f9cc69c8bc689eba126096c6fe3dded"><code>bb88e27</code></a>
build: update distribution (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3583">#3583</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/b378ed537a3374cbb7642141277ace10488f9318"><code>b378ed5</code></a>
build(deps): bump p-limit from 6.1.0 to 6.2.0 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3578">#3578</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/fa9200e5b4f0d3fe4adc6d4a980fdb27ca333ed2"><code>fa9200e</code></a>
build(deps-dev): bump <code>@​types/node</code> from 18.19.67 to
18.19.68 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3570">#3570</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/16e0059bfd236716f0191bfcfa63d9ded4cf325f"><code>16e0059</code></a>
build(deps-dev): bump prettier from 3.4.1 to 3.4.2 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3560">#3560</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/5bffd5ae80c9e3cdce3fdaba74ba437193643add"><code>5bffd5a</code></a>
build(deps-dev): bump eslint-import-resolver-typescript (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3559">#3559</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/a22a0ddc2127a4161a9f144623d1e51be98d81aa"><code>a22a0dd</code></a>
build(deps-dev): bump prettier from 3.4.0 to 3.4.1 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3544">#3544</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/b27ce378c8a71596550fb729c05c9a998f8ff26f"><code>b27ce37</code></a>
build(deps-dev): bump <code>@​types/node</code> from 18.19.66 to
18.19.67 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3543">#3543</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/4e0cc19e22f9071762b3542aa9fa90a1d682dd32"><code>4e0cc19</code></a>
build(deps): bump <code>@​octokit/plugin-paginate-rest</code> from
11.3.5 to 11.3.6 (<a
href="https://redirect.github.com/peter-evans/create-pull-request/issues/3542">#3542</a>)</li>
<li><a
href="https://github.com/peter-evans/create-pull-request/commit/25b6871a4ebe4c3585f47c7a687ac6fd0ec0e32d"><code>25b6871</code></a>
docs: update scopes for push-to-fork</li>
<li>Additional commits viewable in <a
href="https://github.com/peter-evans/create-pull-request/compare/5e914681df9dc83aa4e4905692ca88beb2f9e91f...67ccf781d68cd99b580ae25a5c18a1cc84ffff1f">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peter-evans/create-pull-request&package-manager=github_actions&previous-version=7.0.5&new-version=7.0.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-02 14:24:04 +00:00
Ludy87 6697cccfa9 Bump peter-evans/create-pull-request from 6.1.0 to 7.0.5 2024-12-22 01:41:45 +01:00
Ludy87 f29d4db31e [Security] Token permissions no. 2 2024-12-22 00:33:41 +01:00
StepSecurity Bot dc5b214932 [StepSecurity] Apply security best practices
Signed-off-by: StepSecurity Bot <[email protected]>
2024-12-21 12:28:35 +00:00
LudyandGitHub 09e963b160 correction action bot (#1782) 2024-08-31 15:30:18 +02:00
LudyandGitHub 56a07bbf3a increases some versions in the workflows (#1707) 2024-08-18 13:07:14 +01:00
Anthony StirlingandGitHub ea2d755808 Update licenses-update.yml 2024-08-16 12:15:07 +01:00
Anthony StirlingandGitHub 09c93cebe3 PR changes (#1693)
* Update licenses-update.yml

* Update build.yml

* Update test.yml

* Delete .github/workflows/test.yml

* Update build.yml

* Update build.yml

* Update auto-labeler.yml

* Update build.yml

* Update auto-labeler.yml

* Update labeler-config.yml
2024-08-16 11:00:10 +01:00