mirror of
https://github.com/arsvendg/Stirling-PDF.git
synced 2026-07-14 18:44:05 +02:00
f4c9becce2d86751ac46d8edc7430ab237065514
76
Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
|
|
45c438d66d | Merge remote-tracking branch 'origin/V2' into mainToV2 | ||
|
|
1120f54cda |
build(deps): bump softprops/action-gh-release from 2.3.3 to 2.3.4 (#4602)
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.3.3 to 2.3.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/softprops/action-gh-release/releases">softprops/action-gh-release's releases</a>.</em></p> <blockquote> <h2>v2.3.4</h2> <!-- raw HTML omitted --> <h2>What's Changed</h2> <h3>Bug fixes 🐛</h3> <ul> <li>fix(action): handle 422 already_exists race condition by <a href="https://github.com/stephenway"><code>@stephenway</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/665">softprops/action-gh-release#665</a></li> </ul> <h3>Other Changes 🔄</h3> <ul> <li>chore(deps): bump actions/setup-node from 4.4.0 to 5.0.0 in the github-actions group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/softprops/action-gh-release/pull/656">softprops/action-gh-release#656</a></li> <li>chore(deps): bump <code>@types/node</code> from 20.19.11 to 20.19.13 in the npm group by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/softprops/action-gh-release/pull/655">softprops/action-gh-release#655</a></li> <li>chore(deps): bump vite from 7.0.0 to 7.1.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/softprops/action-gh-release/pull/657">softprops/action-gh-release#657</a></li> <li>chore(deps): bump the npm group across 1 directory with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/softprops/action-gh-release/pull/662">softprops/action-gh-release#662</a></li> <li>chore(deps): bump the npm group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/softprops/action-gh-release/pull/666">softprops/action-gh-release#666</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/softprops/action-gh-release/compare/v2...v2.3.4">https://github.com/softprops/action-gh-release/compare/v2...v2.3.4</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md">softprops/action-gh-release's changelog</a>.</em></p> <blockquote> <h2>2.3.4</h2> <h2>What's Changed</h2> <h3>Bug fixes 🐛</h3> <ul> <li>fix(action): handle 422 already_exists race condition by <a href="https://github.com/stephenway"><code>@stephenway</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/665">softprops/action-gh-release#665</a></li> </ul> <h3>Other Changes 🔄</h3> <ul> <li>dependency updates</li> </ul> <h2>2.3.3</h2> <h2>What's Changed</h2> <h3>Exciting New Features 🎉</h3> <ul> <li>feat: add input option <code>overwrite_files</code> by <a href="https://github.com/asfernandes"><code>@asfernandes</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/343">softprops/action-gh-release#343</a></li> </ul> <h3>Other Changes 🔄</h3> <ul> <li>dependency updates</li> </ul> <h2>2.3.2</h2> <ul> <li>fix: revert fs <code>readableWebStream</code> change</li> </ul> <h2>2.3.1</h2> <h3>Bug fixes 🐛</h3> <ul> <li>fix: fix file closing issue by <a href="https://github.com/WailGree"><code>@WailGree</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/629">softprops/action-gh-release#629</a></li> </ul> <h2>2.3.0</h2> <ul> <li>Migrate from jest to vitest</li> <li>Replace <code>mime</code> with <code>mime-types</code></li> <li>Bump to use node 24</li> <li>Dependency updates</li> </ul> <h2>2.2.2</h2> <h2>What's Changed</h2> <h3>Bug fixes 🐛</h3> <ul> <li>fix: updating release draft status from true to false by <a href="https://github.com/galargh"><code>@galargh</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/316">softprops/action-gh-release#316</a></li> </ul> <h3>Other Changes 🔄</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/softprops/action-gh-release/commit/62c96d0c4e8a889135c1f3a25910db8dbe0e85f7"><code>62c96d0</code></a> release 2.3.4</li> <li><a href="https://github.com/softprops/action-gh-release/commit/7dc9b8ac0f2368b3a87cf0705832afc474fc7cd8"><code>7dc9b8a</code></a> fix(action): handle 422 already_exists race condition (<a href="https://redirect.github.com/softprops/action-gh-release/issues/665">#665</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/0f0e0b98e953d8219f04f51a8608dd41c902f012"><code>0f0e0b9</code></a> chore(deps): bump the npm group with 3 updates (<a href="https://redirect.github.com/softprops/action-gh-release/issues/666">#666</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/97d42c1b50f585f357413698aa1b779307aa0d52"><code>97d42c1</code></a> chore(deps): bump the npm group across 1 directory with 2 updates (<a href="https://redirect.github.com/softprops/action-gh-release/issues/662">#662</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/19cd0bcd2b95a5f9e0aab8377b3cae33e51c2234"><code>19cd0bc</code></a> chore(deps): bump vite from 7.0.0 to 7.1.5 (<a href="https://redirect.github.com/softprops/action-gh-release/issues/657">#657</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/5d1b0b11643723aa24b0a5f8cef9618f9c2ed69b"><code>5d1b0b1</code></a> chore(deps): bump <code>@types/node</code> from 20.19.11 to 20.19.13 in the npm group (<a href="https://redirect.github.com/softprops/action-gh-release/issues/655">#655</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/f6021cf9a4e291961602215a20006a3bcfb743c1"><code>f6021cf</code></a> chore(deps): bump actions/setup-node in the github-actions group (<a href="https://redirect.github.com/softprops/action-gh-release/issues/656">#656</a>)</li> <li>See full diff in <a href="https://github.com/softprops/action-gh-release/compare/6cbd405e2c4e67a21c47fa9e383d020e4e28b836...62c96d0c4e8a889135c1f3a25910db8dbe0e85f7">compare view</a></li> </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> | Dependency Name | Ignore Conditions | | --- | --- | | softprops/action-gh-release | [>= 2.2.a, < 2.3] | </details> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
612c7e06e7 |
build(deps): bump gradle/actions from 4.4.4 to 5.0.0 (#4605)
Bumps [gradle/actions](https://github.com/gradle/actions) from 4.4.4 to 5.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gradle/actions/releases">gradle/actions's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <h3>Breaking Changes</h3> <ul> <li>Upgrade to node 24 by <a href="https://github.com/amyu"><code>@amyu</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/721">gradle/actions#721</a></li> </ul> <p>Make sure your runner is updated to this version or newer to use this release. v2.327.1 <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <h3>Dependency upgrades</h3> <ul> <li>Bump the github-actions group across 1 directory with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/748">gradle/actions#748</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/gradle/actions/compare/v4...v5.0.0">https://github.com/gradle/actions/compare/v4...v5.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gradle/actions/commit/4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2"><code>4d9f0ba</code></a> Bump the github-actions group across 1 directory with 2 updates (<a href="https://redirect.github.com/gradle/actions/issues/748">#748</a>)</li> <li><a href="https://github.com/gradle/actions/commit/4b530e369bfef1ac8fc2160ec97b9fda1ccd9901"><code>4b530e3</code></a> Bump the github-actions group across 1 directory with 2 updates</li> <li><a href="https://github.com/gradle/actions/commit/e60655a8a03bf3b9a7ff400dc5ef49bed725bec8"><code>e60655a</code></a> Upgrade to node 24 (<a href="https://redirect.github.com/gradle/actions/issues/721">#721</a>)</li> <li>See full diff in <a href="https://github.com/gradle/actions/compare/748248ddd2a24f49513d8f472f81c3a07d4d50e1...4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
f337c8485e |
build(deps): bump sigstore/cosign-installer from 3.9.2 to 3.10.0 (#4547)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.9.2 to 3.10.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v3.10.0</h2> <h2>What's Changed</h2> <ul> <li>Bump default Cosign to v2.6.0 in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/200">sigstore/cosign-installer#200</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v3.9.2...v3.10.0">https://github.com/sigstore/cosign-installer/compare/v3.9.2...v3.10.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/cosign-installer/commit/d7543c93d881b35a8faa02e8e3605f69b7a1ce62"><code>d7543c9</code></a> Bump default Cosign to v2.6.0 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/200">#200</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/920f20f8c1514a0b54f0557e19ff74bfeb5f413d"><code>920f20f</code></a> Bump actions/setup-go from 5.5.0 to 6.0.0 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/199">#199</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/bb9dfc10d272e67bed086b504aaf14f8fe455b05"><code>bb9dfc1</code></a> Bump actions/github-script from 7.0.1 to 8.0.0 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/198">#198</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/074636bf86584fb361059563d092a9cfb6560f80"><code>074636b</code></a> Bump actions/checkout from 4.2.2 to 5.0.0 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/197">#197</a>)</li> <li>See full diff in <a href="https://github.com/sigstore/cosign-installer/compare/d58896d6a1865668819e1d91763c7751a165e159...d7543c93d881b35a8faa02e8e3605f69b7a1ce62">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
bdb721a482 |
build(deps): bump gradle/actions from 4.4.2 to 4.4.4 (#4548)
Bumps [gradle/actions](https://github.com/gradle/actions) from 4.4.2 to 4.4.4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gradle/actions/releases">gradle/actions's releases</a>.</em></p> <blockquote> <h2>v4.4.4</h2> <h2>What's Changed</h2> <ul> <li>Bump the github-actions group across 2 directories with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/726">gradle/actions#726</a></li> <li>Regenerating package lock by <a href="https://github.com/cdsap"><code>@cdsap</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/729">gradle/actions#729</a></li> <li>Update known wrapper checksums by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/730">gradle/actions#730</a></li> <li>Bump the github-actions group across 1 directory with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/735">gradle/actions#735</a></li> <li>Bump the gradle group across 3 directories with 1 update by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/734">gradle/actions#734</a></li> <li>Bump the npm-dependencies group in /sources with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/733">gradle/actions#733</a></li> <li>Bump references to Develocity Gradle plugin from 4.1.1 to 4.2 by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/736">gradle/actions#736</a></li> <li>Handle gracefully parse errors in checksum file by <a href="https://github.com/jprinet"><code>@jprinet</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/737">gradle/actions#737</a></li> <li>Bump Gradle Wrapper from 9.0.0 to 9.1.0 in /.github/workflow-samples/kotlin-dsl by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/742">gradle/actions#742</a></li> <li>Bump Gradle Wrapper from 9.0.0 to 9.1.0 in /.github/workflow-samples/java-toolchain by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/741">gradle/actions#741</a></li> <li>Bump Gradle Wrapper from 9.0.0 to 9.1.0 in /.github/workflow-samples/groovy-dsl by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/740">gradle/actions#740</a></li> <li>Bump Gradle Wrapper from 9.0.0 to 9.1.0 in /.github/workflow-samples/gradle-plugin by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/739">gradle/actions#739</a></li> <li>Bump Gradle Wrapper from 9.0.0 to 9.1.0 in /sources/test/init-scripts by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/738">gradle/actions#738</a></li> <li>Update known wrapper checksums by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/743">gradle/actions#743</a></li> <li>Bump com.google.guava:guava from 33.4.8-jre to 33.5.0-jre in /.github/workflow-samples/kotlin-dsl in the gradle group across 1 directory by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/746">gradle/actions#746</a></li> <li>Bump the npm-dependencies group in /sources with 5 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/745">gradle/actions#745</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/gradle/actions/compare/v4...v4.4.4">https://github.com/gradle/actions/compare/v4...v4.4.4</a></p> <h2>v4.4.3</h2> <h2>What's Changed</h2> <ul> <li>Adapt tests to future new Build Scan publication message by <a href="https://github.com/alextu"><code>@alextu</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/708">gradle/actions#708</a></li> <li>Add missing Gradle version input to setup-gradle by <a href="https://github.com/jprinet"><code>@jprinet</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/713">gradle/actions#713</a></li> <li>Bump the github-actions group across 2 directories with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/710">gradle/actions#710</a></li> <li>Bump references to Develocity Gradle plugin from 4.1 to 4.1.1 by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/712">gradle/actions#712</a></li> <li>Update known wrapper checksums by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/709">gradle/actions#709</a></li> <li>Bump the npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/711">gradle/actions#711</a></li> <li>Do not run setup-gradle post action if workflow is cancelled by <a href="https://github.com/jprinet"><code>@jprinet</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/716">gradle/actions#716</a></li> <li>Bump the github-actions group across 2 directories with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/715">gradle/actions#715</a></li> <li>Bump the npm-dependencies group across 1 directory with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/720">gradle/actions#720</a></li> <li>Bump github/codeql-action from 3.29.11 to 3.30.0 in the github-actions group across 1 directory by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/719">gradle/actions#719</a></li> <li>Bump com.fasterxml.jackson.dataformat:jackson-dataformat-smile from 2.19.2 to 2.20.0 in /sources/test/init-scripts in the gradle group across 1 directory by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/718">gradle/actions#718</a></li> <li>Update known wrapper checksums by <a href="https://github.com/github-actions"><code>@github-actions</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/723">gradle/actions#723</a></li> <li>Bump the npm-dependencies group in /sources with 5 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/gradle/actions/pull/725">gradle/actions#725</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/gradle/actions/compare/v4.4.2...v4.4.3">https://github.com/gradle/actions/compare/v4.4.2...v4.4.3</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gradle/actions/commit/748248ddd2a24f49513d8f472f81c3a07d4d50e1"><code>748248d</code></a> Bump the npm-dependencies group in /sources with 5 updates (<a href="https://redirect.github.com/gradle/actions/issues/745">#745</a>)</li> <li><a href="https://github.com/gradle/actions/commit/81b68c9429570ef0a0bbd7f1898f1ddb06002c33"><code>81b68c9</code></a> Bump com.google.guava:guava from 33.4.8-jre to 33.5.0-jre in /.github/workflo...</li> <li><a href="https://github.com/gradle/actions/commit/13617309e3fe4d0361ccb3c9528a8d0d57ea2b2b"><code>1361730</code></a> Bump com.google.guava:guava</li> <li><a href="https://github.com/gradle/actions/commit/a86ac1167d7d23eea103a711871cddc6a0d88e70"><code>a86ac11</code></a> Bump the npm-dependencies group in /sources with 5 updates</li> <li><a href="https://github.com/gradle/actions/commit/182e4d39a69c621df8047e4504c7be47bacfd8d6"><code>182e4d3</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/a48a0fa47fcef8e9b77628e176ac1e207c2e07c5"><code>a48a0fa</code></a> Update known wrapper checksums (<a href="https://redirect.github.com/gradle/actions/issues/743">#743</a>)</li> <li><a href="https://github.com/gradle/actions/commit/6d7d019840e00d27b4af224d3e11fff785a4cbe1"><code>6d7d019</code></a> Update known wrapper checksums</li> <li><a href="https://github.com/gradle/actions/commit/0e052761e2b444a9db1681a00dc8730b80af3fc0"><code>0e05276</code></a> Bump Gradle Wrapper from 9.0.0 to 9.1.0 in /sources/test/init-scripts (<a href="https://redirect.github.com/gradle/actions/issues/738">#738</a>)</li> <li><a href="https://github.com/gradle/actions/commit/2e40f51ba36cdf7e19f8744141b58b714cfb10ad"><code>2e40f51</code></a> Bump Gradle Wrapper from 9.0.0 to 9.1.0 in /.github/workflow-samples/gradle-p...</li> <li><a href="https://github.com/gradle/actions/commit/ed3ef92603f04047856e47e53ebf0001f7bcbd80"><code>ed3ef92</code></a> Bump Gradle Wrapper from 9.0.0 to 9.1.0 in /.github/workflow-samples/groovy-d...</li> <li>Additional commits viewable in <a href="https://github.com/gradle/actions/compare/017a9effdb900e5b5b2fddfb590a105619dca3c3...748248ddd2a24f49513d8f472f81c3a07d4d50e1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
37877582e7 |
build(deps): bump step-security/harden-runner from 2.13.0 to 2.13.1 (#4538)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
cb583fb42f |
build(deps): bump softprops/action-gh-release from 2.3.2 to 2.3.3 (#4540)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
54c7b0e689 |
build(deps): bump actions/setup-java from 4.7.1 to 5.0.0 (#4269)
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 4.7.1 to 5.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <h3>Breaking Changes</h3> <ul> <li>Upgrade to node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/888">actions/setup-java#888</a></li> </ul> <p>Make sure your runner is updated to this version or newer to use this release. v2.327.1 <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <h3>Dependency Upgrades</h3> <ul> <li>Upgrade Publish Immutable Action by <a href="https://github.com/HarithaVattikuti"><code>@HarithaVattikuti</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/798">actions/setup-java#798</a></li> <li>Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-java/pull/730">actions/setup-java#730</a></li> <li>Upgrade undici from 5.28.5 to 5.29.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-java/pull/833">actions/setup-java#833</a></li> <li>Upgrade form-data to bring in fix for critical vulnerability by <a href="https://github.com/gowridurgad"><code>@gowridurgad</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/887">actions/setup-java#887</a></li> <li>Upgrade actions/checkout from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot] in <a href="https://redirect.github.com/actions/setup-java/pull/896">actions/setup-java#896</a></li> </ul> <h3>Bug Fixes</h3> <ul> <li>Prevent default installation of JetBrains pre-releases by <a href="https://github.com/priyagupta108"><code>@priyagupta108</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/859">actions/setup-java#859</a></li> <li>Improve Error Handling for Setup-Java Action to Help Debug Intermittent Failures by <a href="https://github.com/gowridurgad"><code>@gowridurgad</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/848">actions/setup-java#848</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/gowridurgad"><code>@gowridurgad</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/848">actions/setup-java#848</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/setup-java/pull/888">actions/setup-java#888</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v5.0.0">https://github.com/actions/setup-java/compare/v4...v5.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/dded0888837ed1f317902acf8a20df0ad188d165"><code>dded088</code></a> Bump actions/checkout from 4 to 5 (<a href="https://redirect.github.com/actions/setup-java/issues/896">#896</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/0913e9a06eb8b69c62db76aa61f580c2b3a5b4e0"><code>0913e9a</code></a> Upgrade to node 24 (<a href="https://redirect.github.com/actions/setup-java/issues/888">#888</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/e9343db97e09d87a3c50e544105d99fe912c204b"><code>e9343db</code></a> Bumps form-data (<a href="https://redirect.github.com/actions/setup-java/issues/887">#887</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/ae2b61dbc685e60e4427b2e8ed4f0135c6ea8597"><code>ae2b61d</code></a> Bump undici from 5.28.5 to 5.29.0 (<a href="https://redirect.github.com/actions/setup-java/issues/833">#833</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/c190c18febcf6c040d80b10ea201a05a2c320263"><code>c190c18</code></a> Bump eslint-plugin-jest from 27.9.0 to 29.0.1 (<a href="https://redirect.github.com/actions/setup-java/issues/730">#730</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/67aec007b3fcabe15ca665bfccc1e255dd52e30d"><code>67aec00</code></a> Fix: prevent default installation of JetBrains pre-releases (<a href="https://redirect.github.com/actions/setup-java/issues/859">#859</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/ebb356cc4e59bcf94f518203228485f5d40e4b58"><code>ebb356c</code></a> Improve Error Handling for Setup-Java Action to Help Debug Intermittent Failu...</li> <li><a href="https://github.com/actions/setup-java/commit/f4f1212c880fdec8162ea9a6493f4495191887b4"><code>f4f1212</code></a> Update publish-immutable-actions.yml (<a href="https://redirect.github.com/actions/setup-java/issues/798">#798</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-java/compare/c5195efecf7bdfc987ee8bae7a71cb8b11521c00...dded0888837ed1f317902acf8a20df0ad188d165">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
58ca41e5c5 |
build(deps): bump actions/checkout from 4.3.0 to 5.0.0 (#4194)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.3.0 to 5.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> <li>Prepare v5.0.0 release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2238">actions/checkout#2238</a></li> </ul> <h2>⚠️ Minimum Compatible Runner Version</h2> <p><strong>v2.327.1</strong><br /> <a href="https://github.com/actions/runner/releases/tag/v2.327.1">Release Notes</a></p> <p>Make sure your runner is updated to this version or newer to use this release.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v5.0.0">https://github.com/actions/checkout/compare/v4...v5.0.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>V5.0.0</h2> <ul> <li>Update actions checkout to use node 24 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li> </ul> <h2>V4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8"><code>08c6903</code></a> Prepare v5.0.0 release (<a href="https://redirect.github.com/actions/checkout/issues/2238">#2238</a>)</li> <li><a href="https://github.com/actions/checkout/commit/9f265659d3bb64ab1440b03b12f4d47a24320917"><code>9f26565</code></a> Update actions checkout to use node 24 (<a href="https://redirect.github.com/actions/checkout/issues/2226">#2226</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/08eba0b27e820071cde6df949e0beb9ba4906955...08c6903cd8c0fde910a37f88322edcfb5dd907a8">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
1468df3e21 |
JWT Auth into V2 (#4187)
Merging JWT feature from main into V2 ## Checklist ### General - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [ ] I have performed a self-review of my own code - [ ] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. --------- Signed-off-by: dependabot[bot] <[email protected]> Signed-off-by: stirlingbot[bot] <stirlingbot[bot]@users.noreply.github.com> Co-authored-by: Ludy <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: EthanHealy01 <[email protected]> Co-authored-by: Ethan <[email protected]> Co-authored-by: Anthony Stirling <[email protected]> Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com> Co-authored-by: albanobattistella <[email protected]> |
||
|
|
1dd5e9c649 |
build(deps): bump actions/checkout from 4.2.2 to 4.3.0 (#4180)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 4.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v4.3.0</h2> <h2>What's Changed</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> <li>Prepare release v4.3.0 by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2237">actions/checkout#2237</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/motss"><code>@motss</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li><a href="https://github.com/mouismail"><code>@mouismail</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li><a href="https://github.com/benwells"><code>@benwells</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li><a href="https://github.com/nebuk89"><code>@nebuk89</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4...v4.3.0">https://github.com/actions/checkout/compare/v4...v4.3.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>V4.3.0</h2> <ul> <li>docs: update README.md by <a href="https://github.com/motss"><code>@motss</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li> <li>Add internal repos for checking out multiple repositories by <a href="https://github.com/mouismail"><code>@mouismail</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li> <li>Documentation update - add recommended permissions to Readme by <a href="https://github.com/benwells"><code>@benwells</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li> <li>Adjust positioning of user email note and permissions heading by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li> <li>Update CODEOWNERS for actions by <a href="https://github.com/TingluoHuang"><code>@TingluoHuang</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li> <li>Update package dependencies by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li> </ul> <h2>v4.2.2</h2> <ul> <li><code>url-helper.ts</code> now leverages well-known environment variables by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li> <li>Expand unit test coverage for <code>isGhes</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li> </ul> <h2>v4.2.1</h2> <ul> <li>Check out other refs/* by commit if provided, fall back to ref by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li> </ul> <h2>v4.2.0</h2> <ul> <li>Add Ref and Commit outputs by <a href="https://github.com/lucacome"><code>@lucacome</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li> <li>Dependency updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a>- <a href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>, <a href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li> </ul> <h2>v4.1.7</h2> <ul> <li>Bump the minor-npm-dependencies group across 1 directory with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li> <li>Bump actions/checkout from 3 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li> <li>Check out other refs/* by commit by <a href="https://github.com/orhantoy"><code>@orhantoy</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li> <li>Pin actions/checkout's own workflows to a known, good, stable version. by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li> </ul> <h2>v4.1.6</h2> <ul> <li>Check platform to set archive extension appropriately by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li> </ul> <h2>v4.1.5</h2> <ul> <li>Update NPM dependencies by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1703">actions/checkout#1703</a></li> <li>Bump github/codeql-action from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1694">actions/checkout#1694</a></li> <li>Bump actions/setup-node from 1 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1696">actions/checkout#1696</a></li> <li>Bump actions/upload-artifact from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1695">actions/checkout#1695</a></li> <li>README: Suggest <code>user.email</code> to be <code>41898282+github-actions[bot]@users.noreply.github.com</code> by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1707">actions/checkout#1707</a></li> </ul> <h2>v4.1.4</h2> <ul> <li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li> <li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li> <li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li> <li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li> </ul> <h2>v4.1.3</h2> <ul> <li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li> <li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li> <li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@jww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/checkout/commit/08eba0b27e820071cde6df949e0beb9ba4906955"><code>08eba0b</code></a> Prepare release v4.3.0 (<a href="https://redirect.github.com/actions/checkout/issues/2237">#2237</a>)</li> <li><a href="https://github.com/actions/checkout/commit/631c7dc4f80f88219c5ee78fee08c6b62fac8da1"><code>631c7dc</code></a> Update package dependencies (<a href="https://redirect.github.com/actions/checkout/issues/2236">#2236</a>)</li> <li><a href="https://github.com/actions/checkout/commit/8edcb1bdb4e267140fa742c62e395cd74f332709"><code>8edcb1b</code></a> Update CODEOWNERS for actions (<a href="https://redirect.github.com/actions/checkout/issues/2224">#2224</a>)</li> <li><a href="https://github.com/actions/checkout/commit/09d2acae674a48949e3602304ab46fd20ae0c42f"><code>09d2aca</code></a> Update README.md (<a href="https://redirect.github.com/actions/checkout/issues/2194">#2194</a>)</li> <li><a href="https://github.com/actions/checkout/commit/85e6279cec87321a52edac9c87bce653a07cf6c2"><code>85e6279</code></a> Adjust positioning of user email note and permissions heading (<a href="https://redirect.github.com/actions/checkout/issues/2044">#2044</a>)</li> <li><a href="https://github.com/actions/checkout/commit/009b9ae9e446ad8d9b8c809870b0fbcc5e03573e"><code>009b9ae</code></a> Documentation update - add recommended permissions to Readme (<a href="https://redirect.github.com/actions/checkout/issues/2043">#2043</a>)</li> <li><a href="https://github.com/actions/checkout/commit/cbb722410c2e876e24abbe8de2cc27693e501dcb"><code>cbb7224</code></a> Update README.md (<a href="https://redirect.github.com/actions/checkout/issues/1977">#1977</a>)</li> <li><a href="https://github.com/actions/checkout/commit/3b9b8c884f6b4bb4d5be2779c26374abadae0871"><code>3b9b8c8</code></a> docs: update README.md (<a href="https://redirect.github.com/actions/checkout/issues/1971">#1971</a>)</li> <li>See full diff in <a href="https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...08eba0b27e820071cde6df949e0beb9ba4906955">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
2c293d2231 |
build(deps): bump actions/download-artifact from 4.3.0 to 5.0.0 (#4179)
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.3.0 to 5.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v5.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update README.md by <a href="https://github.com/nebuk89"><code>@nebuk89</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/407">actions/download-artifact#407</a></li> <li>BREAKING fix: inconsistent path behavior for single artifact downloads by ID by <a href="https://github.com/GrantBirki"><code>@GrantBirki</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/416">actions/download-artifact#416</a></li> </ul> <h2>v5.0.0</h2> <h3>🚨 Breaking Change</h3> <p>This release fixes an inconsistency in path behavior for single artifact downloads by ID. <strong>If you're downloading single artifacts by ID, the output path may change.</strong></p> <h4>What Changed</h4> <p>Previously, <strong>single artifact downloads</strong> behaved differently depending on how you specified the artifact:</p> <ul> <li><strong>By name</strong>: <code>name: my-artifact</code> → extracted to <code>path/</code> (direct)</li> <li><strong>By ID</strong>: <code>artifact-ids: 12345</code> → extracted to <code>path/my-artifact/</code> (nested)</li> </ul> <p>Now both methods are consistent:</p> <ul> <li><strong>By name</strong>: <code>name: my-artifact</code> → extracted to <code>path/</code> (unchanged)</li> <li><strong>By ID</strong>: <code>artifact-ids: 12345</code> → extracted to <code>path/</code> (fixed - now direct)</li> </ul> <h4>Migration Guide</h4> <h5>✅ No Action Needed If:</h5> <ul> <li>You download artifacts by <strong>name</strong></li> <li>You download <strong>multiple</strong> artifacts by ID</li> <li>You already use <code>merge-multiple: true</code> as a workaround</li> </ul> <h5>⚠️ Action Required If:</h5> <p>You download <strong>single artifacts by ID</strong> and your workflows expect the nested directory structure.</p> <p><strong>Before v5 (nested structure):</strong></p> <pre lang="yaml"><code>- uses: actions/download-artifact@v4 with: artifact-ids: 12345 path: dist # Files were in: dist/my-artifact/ </code></pre> <blockquote> <p>Where <code>my-artifact</code> is the name of the artifact you previously uploaded</p> </blockquote> <p><strong>To maintain old behavior (if needed):</strong></p> <pre lang="yaml"><code></tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/634f93cb2916e3fdff6788551b99b062d0335ce0"><code>634f93c</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/416">#416</a> from actions/single-artifact-id-download-path</li> <li><a href="https://github.com/actions/download-artifact/commit/b19ff4302770b82aa4694b63703b547756dacce6"><code>b19ff43</code></a> refactor: resolve download path correctly in artifact download tests (mainly ...</li> <li><a href="https://github.com/actions/download-artifact/commit/e262cbee4ab8c473c61c59a81ad8e9dc760e90db"><code>e262cbe</code></a> bundle dist</li> <li><a href="https://github.com/actions/download-artifact/commit/bff23f9308ceb2f06d673043ea6311519be6a87b"><code>bff23f9</code></a> update docs</li> <li><a href="https://github.com/actions/download-artifact/commit/fff8c148a8fdd56aa81fcb019f0b5f6c65700c4d"><code>fff8c14</code></a> fix download path logic when downloading a single artifact by id</li> <li><a href="https://github.com/actions/download-artifact/commit/448e3f862ab3ef47aa50ff917776823c9946035b"><code>448e3f8</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/407">#407</a> from actions/nebuk89-patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/47225c44b359a5155efdbbbc352041b3e249fb1b"><code>47225c4</code></a> Update README.md</li> <li>See full diff in <a href="https://github.com/actions/download-artifact/compare/d3f86a106a0bac45b974a628896c90dbdf5c8093...634f93cb2916e3fdff6788551b99b062d0335ce0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
bb07eced6e |
build(deps): bump gradle/actions from 4.4.1 to 4.4.2 (#4177)
Bumps [gradle/actions](https://github.com/gradle/actions) from 4.4.1 to 4.4.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gradle/actions/releases">gradle/actions's releases</a>.</em></p> <blockquote> <h2>v4.4.2</h2> <p>This patch release updates a bunch of dependency versions</p> <h2>What's Changed</h2> <ul> <li>Bump github/codeql-action from 3.29.4 to 3.29.5 in the github-actions group across 1 directory (<a href="https://redirect.github.com/gradle/actions/pull/703">gradle/actions#703</a>)</li> <li>Bumps the npm-dependencies group in /sources with 4 updates (<a href="https://redirect.github.com/gradle/actions/pull/702">gradle/actions#702</a>)</li> <li>Upgrade to gradle 9 in workflows and tests (<a href="https://redirect.github.com/gradle/actions/pull/704">gradle/actions#704</a>)</li> <li>Update known wrapper checksums (<a href="https://redirect.github.com/gradle/actions/pull/701">gradle/actions#701</a>)</li> <li>Bump Gradle Wrapper from 8.14.3 to 9.0.0 in /.github/workflow-samples/gradle-plugin (<a href="https://redirect.github.com/gradle/actions/pull/695">gradle/actions#695</a>)</li> <li>Bump Gradle Wrapper from 8.14.3 to 9.0.0 in /.github/workflow-samples/groovy-dsl (<a href="https://redirect.github.com/gradle/actions/pull/696">gradle/actions#696</a>)</li> <li>Bump Gradle Wrapper from 8.14.3 to 9.0.0 in /.github/workflow-samples/java-toolchain (<a href="https://redirect.github.com/gradle/actions/pull/697">gradle/actions#697</a>)</li> <li>Bump com.fasterxml.jackson.dataformat:jackson-dataformat-smile from 2.19.1 to 2.19.2 in /sources/test/init-scripts in the gradle group across 1 directory (<a href="https://redirect.github.com/gradle/actions/pull/693">gradle/actions#693</a>)</li> <li>Bump github/codeql-action from 3.29.0 to 3.29.4 in the github-actions group across 1 directory (<a href="https://redirect.github.com/gradle/actions/pull/691">gradle/actions#691</a>)</li> <li>Bump the npm-dependencies group in /sources with 5 updates (<a href="https://redirect.github.com/gradle/actions/pull/692">gradle/actions#692</a>)</li> <li>Bump references to Develocity Gradle plugin from 4.0.2 to 4.1 (<a href="https://redirect.github.com/gradle/actions/pull/685">gradle/actions#685</a>)</li> <li>Bump the npm-dependencies group across 1 directory with 8 updates (<a href="https://redirect.github.com/gradle/actions/pull/684">gradle/actions#684</a>)</li> <li>Run Gradle release candidate tests with JDK 17 (<a href="https://redirect.github.com/gradle/actions/pull/690">gradle/actions#690</a>)</li> <li>Update Develocity npm agent to version 1.0.1 (<a href="https://redirect.github.com/gradle/actions/pull/687">gradle/actions#687</a>)</li> <li>Update known wrapper checksums (<a href="https://redirect.github.com/gradle/actions/pull/688">gradle/actions#688</a>)</li> <li>Bump Gradle Wrapper from 8.14.2 to 8.14.3 in /.github/workflow-samples/kotlin-dsl (<a href="https://redirect.github.com/gradle/actions/pull/683">gradle/actions#683</a></li> <li>Bump the github-actions group across 1 directory with 3 updates (<a href="https://redirect.github.com/gradle/actions/pull/675">gradle/actions#675</a>)</li> <li>Bump the gradle group across 3 directories with 2 updates (<a href="https://redirect.github.com/gradle/actions/pull/674">gradle/actions#674</a>)</li> <li>Bump Gradle Wrapper from 8.14.2 to 8.14.3 in /sources/test/init-scripts (<a href="https://redirect.github.com/gradle/actions/pull/679">gradle/actions#679</a>)</li> <li>Bump Gradle Wrapper from 8.14.2 to 8.14.3 in /.github/workflow-samples/java-toolchain (<a href="https://redirect.github.com/gradle/actions/pull/682">gradle/actions#682</a>)</li> <li>Bump Gradle Wrapper from 8.14.2 to 8.14.3 in /.github/workflow-samples/groovy-dsl (<a href="https://redirect.github.com/gradle/actions/pull/681">gradle/actions#681</a>)</li> <li>Bump Gradle Wrapper from 8.14.2 to 8.14.3 in /.github/workflow-samples/gradle-plugin (<a href="https://redirect.github.com/gradle/actions/pull/680">gradle/actions#680</a>)</li> <li>Update known wrapper checksums (<a href="https://redirect.github.com/gradle/actions/pull/676">gradle/actions#676</a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/gradle/actions/compare/v4.4.1...v4.4.2">https://github.com/gradle/actions/compare/v4.4.1...v4.4.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gradle/actions/commit/017a9effdb900e5b5b2fddfb590a105619dca3c3"><code>017a9ef</code></a> Bump github/codeql-action from 3.29.4 to 3.29.5 in the github-actions group a...</li> <li><a href="https://github.com/gradle/actions/commit/d5397cf4c822cff29ba7b79b2c9ed29917bbe84a"><code>d5397cf</code></a> Merge branch 'main' into dependabot/github_actions/github-actions-12d2e1d0cf</li> <li><a href="https://github.com/gradle/actions/commit/559dfbd266963f24dd17a76f3ce0f009a6c020ef"><code>559dfbd</code></a> Bump the npm-dependencies group in /sources with 4 updates (<a href="https://redirect.github.com/gradle/actions/issues/702">#702</a>)</li> <li><a href="https://github.com/gradle/actions/commit/075ee283cc5fba335ac5184eb48b40672919612a"><code>075ee28</code></a> Merge branch 'main' into dependabot/npm_and_yarn/sources/npm-dependencies-fda...</li> <li><a href="https://github.com/gradle/actions/commit/c3e68c5c72468b5662b0e325d727b1c1e6a14c16"><code>c3e68c5</code></a> Upgrade to gradle 9 in workflows and tests (<a href="https://redirect.github.com/gradle/actions/issues/704">#704</a>)</li> <li><a href="https://github.com/gradle/actions/commit/d7e674f97b03ec86a7d6f688bd66c45269b35bf1"><code>d7e674f</code></a> Fix init script tests dependencies</li> <li><a href="https://github.com/gradle/actions/commit/3e6512898620556ad8848c4073e8279051eaf7db"><code>3e65128</code></a> Upgrade init script tests to Gradle 9</li> <li><a href="https://github.com/gradle/actions/commit/896b9fa30994e16abfabdffea39f9bbffa8ade46"><code>896b9fa</code></a> Run tests on Gradle release candidate and current with JDK 17 as required sin...</li> <li><a href="https://github.com/gradle/actions/commit/431b3e39ba5839847f90c3917165b1f0b5b2d0fa"><code>431b3e3</code></a> Bump github/codeql-action in the github-actions group across 1 directory</li> <li><a href="https://github.com/gradle/actions/commit/44c3664945acba910b91b10f41602a5caceb57df"><code>44c3664</code></a> Bump the npm-dependencies group in /sources with 4 updates</li> <li>Additional commits viewable in <a href="https://github.com/gradle/actions/compare/ac638b010cf58a27ee6c972d7336334ccaf61c96...017a9effdb900e5b5b2fddfb590a105619dca3c3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
d80c11dffa |
build(deps): bump sigstore/cosign-installer from 3.9.1 to 3.9.2 (#4009)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.9.1 to 3.9.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v3.9.2</h2> <h2>What's Changed</h2> <ul> <li>not fail fast and setup permissions in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/195">sigstore/cosign-installer#195</a></li> <li>drop old unsupported versions <v2.0.0 in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/192">sigstore/cosign-installer#192</a></li> <li>Update default to v2.5.3 in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/196">sigstore/cosign-installer#196</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v3.9.1...v3.9.2">https://github.com/sigstore/cosign-installer/compare/v3.9.1...v3.9.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/cosign-installer/commit/d58896d6a1865668819e1d91763c7751a165e159"><code>d58896d</code></a> Update default to v2.5.3 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/196">#196</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/e40248c492a99ad409432e2ea978d7a2811f2e1f"><code>e40248c</code></a> drop old unsupported versions <v2.0.0 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/192">#192</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/d9374b96fed791ab117111a9a307a92b68bf3145"><code>d9374b9</code></a> not fail fast and setup permissions (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/195">#195</a>)</li> <li>See full diff in <a href="https://github.com/sigstore/cosign-installer/compare/398d4b0eeef1380460a10c8013a76f728fb906ac...d58896d6a1865668819e1d91763c7751a165e159">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
b1bbad53bc |
build(deps): bump step-security/harden-runner from 2.12.2 to 2.13.0 (#4007)
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.2 to 2.13.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.13.0</h2> <h2>What's Changed</h2> <ul> <li>Improved job markdown summary</li> <li>Https monitoring for all domains (included with the enterprise tier)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.13.0">https://github.com/step-security/harden-runner/compare/v2...v2.13.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/ec9f2d5744a09debf3a187a3f4f675c53b671911"><code>ec9f2d5</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/565">#565</a> from step-security/rc-24</li> <li><a href="https://github.com/step-security/harden-runner/commit/04bcbc31cfcefe0cf4720832008735021cec5ec4"><code>04bcbc3</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/7c7a56fcaa124ab72fff1cc3e81257f264fd7317"><code>7c7a56f</code></a> feat: get job summary from API</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49...ec9f2d5744a09debf3a187a3f4f675c53b671911">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
d1b9cfd1a4 |
fix(ci): disable Gradle caching in GitHub workflows to resolve cache conflicts (#3986)
# Description of Changes - **What was changed** In all affected GitHub Actions workflow files under `.github/workflows/`, the `cache: gradle` setting was replaced with `cache: false # Disable Gradle caching for this job`. - **Why the change was made** Gradle’s cache was causing intermittent build conflicts; disabling it ensures each job starts from a clean state and avoids cache corruption. #3980 --- ## Checklist ### General - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [ ] I have performed a self-review of my own code - [ ] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. |
||
|
|
fc9551a332 |
ci: enhance GitHub Actions workflows with Gradle setup, caching improvements, and Docker image testing (#3956)
# Description of Changes
- **What was changed**:
- Added a new path filter configuration file at
`.github/config/.files.yaml` to centralize filter groups (`build`,
`app`, `openapi`, `project`).
- Updated `.github/workflows/build.yml` to:
- Rename the workflow to “Build and Test Workflow” and add a manual
`workflow_dispatch` trigger.
- Integrate the path-filter step and conditionally run jobs
(`check-generateOpenApiDocs`, `check-licence`, `docker-compose-tests`)
based on changed files.
- Standardize Gradle setup to version 8.14.
- Introduce a new `test-build-docker-images` job that builds Docker
images for each `Dockerfile*` in PRs.
- Updated `.github/workflows/pre_commit.yml` to cache pre-commit
dependencies via `cache-dependency-path:
./.github/scripts/requirements_pre_commit.txt`.
- Updated `.github/workflows/testdriver.yml` to add dedicated Gradle
(`gradle-version: 8.14`) and Node/npm setup steps with caching.
- **Why the change was made**:
To optimize CI performance by only running relevant jobs when specific
files change, improve maintainability through a single source of truth
for path filters, enable manual workflow dispatch, ensure consistent
environments (Gradle, Node), and speed up runs with better caching.
---
## Checklist
### General
- [x] I have read the [Contribution
Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md)
- [x] I have read the [Stirling-PDF Developer
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md)
(if applicable)
- [ ] I have read the [How to add new languages to
Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md)
(if applicable)
- [x] I have performed a self-review of my own code
- [x] My changes generate no new warnings
### Documentation
- [ ] I have updated relevant docs on [Stirling-PDF's doc
repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/)
(if functionality has heavily changed)
- [ ] I have read the section [Add New Translation
Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags)
(for new translation tags only)
### UI Changes (if applicable)
- [ ] Screenshots or videos demonstrating the UI changes are attached
(e.g., as comments or direct attachments in the PR)
### Testing (if applicable)
- [ ] I have tested my changes locally. Refer to the [Testing
Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing)
for more details.
|
||
|
|
299d52c517 |
refactor: move modules under app/ directory and update file paths (#3938)
# Description of Changes - **What was changed:** - Renamed top-level directories: `stirling-pdf` → `app/core`, `common` → `app/common`, `proprietary` → `app/proprietary`. - Updated all path references in `.gitattributes`, GitHub workflows (`.github/workflows/*`), scripts (`.github/scripts/*`), `.gitignore`, Dockerfiles, license files, and template settings to reflect the new structure. - Added a new CI job `check-generateOpenApiDocs` to generate and upload OpenAPI documentation. - Removed redundant `@Autowired` annotations from `TempFileShutdownHook` and `UnlockPDFFormsController`. - Minor formatting and comment adjustments in YAML templates and resource files. - **Why the change was made:** - To introduce a clear `app/` directory hierarchy for core, common, and proprietary modules, improving organization and maintainability. - To ensure continuous integration and Docker builds continue to work seamlessly with the reorganized structure. - To automate OpenAPI documentation generation as part of the CI pipeline. --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. |
||
|
|
6496015af7 |
[StepSecurity] ci: Harden GitHub Actions (#3901)
## Summary This pull request is created by [StepSecurity](https://app.stepsecurity.io/securerepo) at the request of @Ludy87. Please merge the Pull Request to incorporate the requested changes. Please tag @Ludy87 on your message if you have any questions related to the PR. ## Security Fixes ### Pinned Dependencies GitHub Action tags and Docker tags are mutable. This poses a security risk. GitHub's Security Hardening guide recommends pinning actions to full length commit. - [GitHub Security Guide](https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions) - [The Open Source Security Foundation (OpenSSF) Security Guide](https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies) ## Feedback For bug reports, feature requests, and general feedback; please email [email protected]. To create such PRs, please visit https://app.stepsecurity.io/securerepo. Signed-off-by: StepSecurity Bot <[email protected]> Signed-off-by: StepSecurity Bot <[email protected]> |
||
|
|
df4539dc35 |
Fix release generation issues (#3898)
# Description of Changes <!-- Please provide a summary of the changes, including: - What was changed - Why the change was made - Any challenges encountered Closes #(issue_number) --> --- ## Checklist ### General - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md) (if applicable) - [ ] I have performed a self-review of my own code - [ ] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/devGuide/DeveloperGuide.md#6-testing) for more details. |
||
|
|
0b342d463c |
chore(deps): bump sigstore/cosign-installer from 3.9.0 to 3.9.1 (#3801)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.9.0 to 3.9.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v3.9.1</h2> <h2>What's Changed</h2> <ul> <li>default action install to use release v2.5.1 by <a href="https://github.com/cpanato"><code>@cpanato</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/193">sigstore/cosign-installer#193</a></li> <li>default cosign to v2.5.2 by <a href="https://github.com/cpanato"><code>@cpanato</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/194">sigstore/cosign-installer#194</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v3.9.0...v3.9.1">https://github.com/sigstore/cosign-installer/compare/v3.9.0...v3.9.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/cosign-installer/commit/398d4b0eeef1380460a10c8013a76f728fb906ac"><code>398d4b0</code></a> default cosign to v2.5.2 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/194">#194</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/84f54a2bcd1ecf70e51a05388183dce4e1487230"><code>84f54a2</code></a> default action install to use release v2.5.1 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/193">#193</a>)</li> <li>See full diff in <a href="https://github.com/sigstore/cosign-installer/compare/fb28c2b6339dcd94da6e4cbcbc5e888961f6f8c3...398d4b0eeef1380460a10c8013a76f728fb906ac">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
e7ac4b7b20 |
chore(deps): bump step-security/harden-runner from 2.12.1 to 2.12.2 (#3849)
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.1 to 2.12.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.12.2</h2> <h2>What's Changed</h2> <p>Added HTTPS Monitoring for additional destinations - *.githubusercontent.com Bug fixes:</p> <ul> <li>Implicitly allow local multicast, local unicast and broadcast IP addresses in block mode</li> <li>Increased policy map size for block mode</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.12.2">https://github.com/step-security/harden-runner/compare/v2...v2.12.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/6c439dc8bdf85cadbbce9ed30d1c7b959517bc49"><code>6c439dc</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/562">#562</a> from step-security/rc-22</li> <li><a href="https://github.com/step-security/harden-runner/commit/bf5688696d0b2cf8221eadb38e4232386015763a"><code>bf56886</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/5436dac7b5fa76a1a179168f5f4de86c00e22c84"><code>5436dac</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/88d305a3530acfa6d1939000baaa571e520df9c8"><code>88d305a</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/b976878278dbe3bc16039f7165b8faf809c50297"><code>b976878</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/875cc92db280a03598e7492a3e6c165c689f7af6"><code>875cc92</code></a> Update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/002fdce3c6a235733a90a27c80493a3241e56863...6c439dc8bdf85cadbbce9ed30d1c7b959517bc49">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
96315ee76f |
Bump sigstore/cosign-installer from 3.8.2 to 3.9.0 (#3792)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.8.2 to 3.9.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v3.9.0</h2> <h2>What's Changed</h2> <ul> <li>Bump actions/setup-go from 5.4.0 to 5.5.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/189">sigstore/cosign-installer#189</a></li> <li>bump cosign install to use release v2.5.0 as default by <a href="https://github.com/cpanato"><code>@cpanato</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/191">sigstore/cosign-installer#191</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v3...v3.9.0">https://github.com/sigstore/cosign-installer/compare/v3...v3.9.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/cosign-installer/commit/fb28c2b6339dcd94da6e4cbcbc5e888961f6f8c3"><code>fb28c2b</code></a> bump cosign install to use release v2.5.0 as default (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/191">#191</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/e9a05e6d32d7ed22b5656cd874ef31af58d05bfa"><code>e9a05e6</code></a> Bump actions/setup-go from 5.4.0 to 5.5.0 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/189">#189</a>)</li> <li>See full diff in <a href="https://github.com/sigstore/cosign-installer/compare/3454372f43399081ed03b604cb2d021dabca52bb...fb28c2b6339dcd94da6e4cbcbc5e888961f6f8c3">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
d98ebddf49 |
Bump gradle/actions from 4.4.0 to 4.4.1 (#3727)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [gradle/actions](https://github.com/gradle/actions) from 4.4.0 to 4.4.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gradle/actions/releases">gradle/actions's releases</a>.</em></p> <blockquote> <h2>v4.4.1</h2> <p>This patch release fixes a bug in Develocity Injection with a custom plugin repository. The <code>gradle-plugin-repository-*</code> action parameters were not being correctly mapped to environment variables that are read by the Develocity Injection init script.</p> <p>This issue has been fixed by setting the correct environment variables:</p> <ul> <li><code>gradle-plugin-repository-url</code> is mapped to <code>DEVELOCITY_INJECTION_PLUGIN_REPOSITORY_URL</code></li> <li><code>gradle-plugin-repository-username</code> is mapped to <code>DEVELOCITY_INJECTION_PLUGIN_REPOSITORY_USERNAME</code></li> <li><code>gradle-plugin-repository-password</code> is mapped to <code>DEVELOCITY_INJECTION_PLUGIN_REPOSITORY_PASSWORD</code></li> </ul> <p>Additionally, these parameters can now be used to configure a custom plugin repository for the GitHub Dependency Graph Gradle Plugin, required for dependency submission.</p> <h2>What's Changed</h2> <ul> <li>Dependency updates by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/667">gradle/actions#667</a></li> <li>Fix plugin repository env vars by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/669">gradle/actions#669</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/gradle/actions/compare/v4.4.0...v4.4.1">https://github.com/gradle/actions/compare/v4.4.0...v4.4.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gradle/actions/commit/ac638b010cf58a27ee6c972d7336334ccaf61c96"><code>ac638b0</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/fd888822a4035f0e380d519857d6ae2db1e4a528"><code>fd88882</code></a> Fix setting env vars for plugin repository (<a href="https://redirect.github.com/gradle/actions/issues/669">#669</a>)</li> <li><a href="https://github.com/gradle/actions/commit/3af3dd3475d8ff0c4ffc9d6e0e9d01e35cd9b2a4"><code>3af3dd3</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/bf78bf9f1057e343a1b2c7b1a2c14085b266741b"><code>bf78bf9</code></a> Dependency updates (<a href="https://redirect.github.com/gradle/actions/issues/667">#667</a>)</li> <li><a href="https://github.com/gradle/actions/commit/ca92106195d5992eceef4f1486b9971b53e3bea4"><code>ca92106</code></a> Use Java 17 for toolchain build</li> <li><a href="https://github.com/gradle/actions/commit/f7d1903e6cff0d1d471cfb73b6f8726850accda9"><code>f7d1903</code></a> Update known wrapper checksums</li> <li><a href="https://github.com/gradle/actions/commit/eb0816ba445e18a1e7ac1a49bd5ca8bc8f465d16"><code>eb0816b</code></a> Fix update-wrapper-checksums workflow</li> <li><a href="https://github.com/gradle/actions/commit/d408d6219d6bf78e0cd2e1435cc427c3cbaa6baf"><code>d408d62</code></a> Bump the npm-dependencies group across 1 directory with 5 updates</li> <li><a href="https://github.com/gradle/actions/commit/306df22de372eb96231a49348dab96fc2591fc58"><code>306df22</code></a> Bump the github-actions group across 1 directory with 3 updates</li> <li><a href="https://github.com/gradle/actions/commit/05baf32a7fe2ca8e9ccbfb97563526b6ea10749b"><code>05baf32</code></a> Bump org.gradle.toolchains.foojay-resolver-convention</li> <li>Additional commits viewable in <a href="https://github.com/gradle/actions/compare/8379f6a1328ee0e06e2bb424dadb7b159856a326...ac638b010cf58a27ee6c972d7336334ccaf61c96">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
aaa11fd3e3 |
Bump softprops/action-gh-release from 2.1.0 to 2.3.2 (#3729)
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.1.0 to 2.3.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/softprops/action-gh-release/releases">softprops/action-gh-release's releases</a>.</em></p> <blockquote> <h2>v2.3.2</h2> <ul> <li>fix: revert fs <code>readableWebStream</code> change</li> </ul> <h2>v2.3.1</h2> <!-- raw HTML omitted --> <h2>What's Changed</h2> <h3>Bug fixes 🐛</h3> <ul> <li>fix: fix file closing issue by <a href="https://github.com/WailGree"><code>@WailGree</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/629">softprops/action-gh-release#629</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/WailGree"><code>@WailGree</code></a> made their first contribution in <a href="https://redirect.github.com/softprops/action-gh-release/pull/629">softprops/action-gh-release#629</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/softprops/action-gh-release/compare/v2.3.0...v2.3.1">https://github.com/softprops/action-gh-release/compare/v2.3.0...v2.3.1</a></p> <h2>v2.3.0</h2> <!-- raw HTML omitted --> <ul> <li>Migrate from jest to vitest</li> <li>Replace <code>mime</code> with <code>mime-types</code></li> <li>Bump to use node 24</li> <li>Dependency updates</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/softprops/action-gh-release/compare/v2.2.2...v2.3.0">https://github.com/softprops/action-gh-release/compare/v2.2.2...v2.3.0</a></p> <h2>v2.2.2</h2> <!-- raw HTML omitted --> <h2>What's Changed</h2> <h3>Bug fixes 🐛</h3> <ul> <li>fix: updating release draft status from true to false by <a href="https://github.com/galargh"><code>@galargh</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/316">softprops/action-gh-release#316</a></li> </ul> <h3>Other Changes 🔄</h3> <ul> <li>chore: simplify ref_type test by <a href="https://github.com/steinybot"><code>@steinybot</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/598">softprops/action-gh-release#598</a></li> <li>fix(docs): clarify the default for tag_name by <a href="https://github.com/muzimuzhi"><code>@muzimuzhi</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/599">softprops/action-gh-release#599</a></li> <li>test(release): add unit tests when searching for a release by <a href="https://github.com/rwaskiewicz"><code>@rwaskiewicz</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/603">softprops/action-gh-release#603</a></li> <li>dependency updates</li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/steinybot"><code>@steinybot</code></a> made their first contribution in <a href="https://redirect.github.com/softprops/action-gh-release/pull/598">softprops/action-gh-release#598</a></li> <li><a href="https://github.com/muzimuzhi"><code>@muzimuzhi</code></a> made their first contribution in <a href="https://redirect.github.com/softprops/action-gh-release/pull/599">softprops/action-gh-release#599</a></li> <li><a href="https://github.com/galargh"><code>@galargh</code></a> made their first contribution in <a href="https://redirect.github.com/softprops/action-gh-release/pull/316">softprops/action-gh-release#316</a></li> <li><a href="https://github.com/rwaskiewicz"><code>@rwaskiewicz</code></a> made their first contribution in <a href="https://redirect.github.com/softprops/action-gh-release/pull/603">softprops/action-gh-release#603</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/softprops/action-gh-release/compare/v2.2.1...v2.2.2">https://github.com/softprops/action-gh-release/compare/v2.2.1...v2.2.2</a></p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md">softprops/action-gh-release's changelog</a>.</em></p> <blockquote> <h2>2.3.2</h2> <ul> <li>fix: revert fs <code>readableWebStream</code> change</li> </ul> <h2>2.3.1</h2> <h3>Bug fixes 🐛</h3> <ul> <li>fix: fix file closing issue by <a href="https://github.com/WailGree"><code>@WailGree</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/629">softprops/action-gh-release#629</a></li> </ul> <h2>2.3.0</h2> <ul> <li>Migrate from jest to vitest</li> <li>Replace <code>mime</code> with <code>mime-types</code></li> <li>Bump to use node 24</li> <li>Dependency updates</li> </ul> <h2>2.2.2</h2> <h2>What's Changed</h2> <h3>Bug fixes 🐛</h3> <ul> <li>fix: updating release draft status from true to false by <a href="https://github.com/galargh"><code>@galargh</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/316">softprops/action-gh-release#316</a></li> </ul> <h3>Other Changes 🔄</h3> <ul> <li>chore: simplify ref_type test by <a href="https://github.com/steinybot"><code>@steinybot</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/598">softprops/action-gh-release#598</a></li> <li>fix(docs): clarify the default for tag_name by <a href="https://github.com/muzimuzhi"><code>@muzimuzhi</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/599">softprops/action-gh-release#599</a></li> <li>test(release): add unit tests when searching for a release by <a href="https://github.com/rwaskiewicz"><code>@rwaskiewicz</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/603">softprops/action-gh-release#603</a></li> <li>dependency updates</li> </ul> <h2>2.2.1</h2> <h2>What's Changed</h2> <h3>Bug fixes 🐛</h3> <ul> <li>fix: big file uploads by <a href="https://github.com/xen0n"><code>@xen0n</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/562">softprops/action-gh-release#562</a></li> </ul> <h3>Other Changes 🔄</h3> <ul> <li>chore(deps): bump <code>@types/node</code> from 22.10.1 to 22.10.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/559">softprops/action-gh-release#559</a></li> <li>chore(deps): bump <code>@types/node</code> from 22.10.2 to 22.10.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/569">softprops/action-gh-release#569</a></li> <li>chore: update error and warning messages for not matching files in files field by <a href="https://github.com/ytimocin"><code>@ytimocin</code></a> in <a href="https://redirect.github.com/softprops/action-gh-release/pull/568">softprops/action-gh-release#568</a></li> </ul> <h2>2.2.0</h2> <h2>What's Changed</h2> <h3>Exciting New Features 🎉</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/softprops/action-gh-release/commit/72f2c25fcb47643c292f7107632f7a47c1df5cd8"><code>72f2c25</code></a> release 2.3.2</li> <li><a href="https://github.com/softprops/action-gh-release/commit/552dc5524b6417594f5158c07f0c66c77d722321"><code>552dc55</code></a> fix: revert <code>fs:readableWebStream</code> change (<a href="https://redirect.github.com/softprops/action-gh-release/issues/632">#632</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/f3cad8bcbf209fe591aa1823e372c5d96b7fc800"><code>f3cad8b</code></a> release 2.3.1</li> <li><a href="https://github.com/softprops/action-gh-release/commit/07a22570031d9a32265642011cce81012b2147a9"><code>07a2257</code></a> fix: fix file closing issue (<a href="https://redirect.github.com/softprops/action-gh-release/issues/629">#629</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/d5382d3e6f2fa7bd53cb749d33091853d4985daf"><code>d5382d3</code></a> release 2.3.0</li> <li><a href="https://github.com/softprops/action-gh-release/commit/a0e2122208126237b9188c813878d8be13eebb6f"><code>a0e2122</code></a> feat: migrate from jest to vitest (<a href="https://redirect.github.com/softprops/action-gh-release/issues/626">#626</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/8836085300a2ae834cbd7afba966592f5f6db624"><code>8836085</code></a> chore: replace <code>mime</code> with <code>mime-types</code> (<a href="https://redirect.github.com/softprops/action-gh-release/issues/624">#624</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/86463358d88d57dec8e9c65bc1d9c9d2fe9ce180"><code>8646335</code></a> chore: bump node to 20.19.2</li> <li><a href="https://github.com/softprops/action-gh-release/commit/46b284799f564056ab627352b509055a106510fe"><code>46b2847</code></a> chore(deps): bump the npm group across 1 directory with 5 updates (<a href="https://redirect.github.com/softprops/action-gh-release/issues/623">#623</a>)</li> <li><a href="https://github.com/softprops/action-gh-release/commit/37fd9d0351a2df198244c8ef9f56d02d1f921e20"><code>37fd9d0</code></a> chore(deps): bump undici from 5.28.5 to 5.29.0 (<a href="https://redirect.github.com/softprops/action-gh-release/issues/621">#621</a>)</li> <li>Additional commits viewable in <a href="https://github.com/softprops/action-gh-release/compare/01570a1f39cb168c169c802c3bceb9e93fb10974...72f2c25fcb47643c292f7107632f7a47c1df5cd8">compare view</a></li> </ul> </details> <br /> <details> <summary>Most Recent Ignore Conditions Applied to This Pull Request</summary> | Dependency Name | Ignore Conditions | | --- | --- | | softprops/action-gh-release | [>= 2.2.a, < 2.3] | </details> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
406695e167 |
Bump step-security/harden-runner from 2.12.0 to 2.12.1 (#3728)
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.0 to 2.12.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.12.1</h2> <h2>What's Changed</h2> <ul> <li>Detection capabilities have been upgraded to better recognize attempts at runner tampering. These improvements are informed by real-world incident learnings, including analysis of anomalous behaviors observed in the tj-actions and reviewdog supply chain attack.</li> <li>Resolved an issue where the block policy was not enforced correctly when the GitHub Actions job was running inside a container on a self-hosted VM runner.</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.12.1">https://github.com/step-security/harden-runner/compare/v2...v2.12.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/002fdce3c6a235733a90a27c80493a3241e56863"><code>002fdce</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/544">#544</a> from step-security/rc-21</li> <li><a href="https://github.com/step-security/harden-runner/commit/2489e3fcb3d00eac3cb27c9b490431a4d26eac58"><code>2489e3f</code></a> Merge branch 'main' into rc-21</li> <li><a href="https://github.com/step-security/harden-runner/commit/75dd441a816c3c7ea21313ec8ff21d9f7b69f534"><code>75dd441</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/555">#555</a> from step-security/dependabot/github_actions/step-sec...</li> <li><a href="https://github.com/step-security/harden-runner/commit/4381ace9c4db180c9cc8ff9a6dd4220f17a95690"><code>4381ace</code></a> Bump step-security/publish-unit-test-result-action from 2.19.0 to 2.20.0</li> <li><a href="https://github.com/step-security/harden-runner/commit/a9da90b635b492e68edb2a24949fcab1e313e9eb"><code>a9da90b</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/553">#553</a> from h0x0er/feat/container-workflows</li> <li><a href="https://github.com/step-security/harden-runner/commit/a60ef21c0c1f49c7ac6c8d65b6f4d16d419789c1"><code>a60ef21</code></a> update</li> <li><a href="https://github.com/step-security/harden-runner/commit/4ad512f16553ff1c022684cc96be0329a7618db8"><code>4ad512f</code></a> Merge branch 'rc-21' into feat/container-workflows</li> <li><a href="https://github.com/step-security/harden-runner/commit/6b41a3923518db2abe77790e47793760b5c47c28"><code>6b41a39</code></a> fixed test case</li> <li><a href="https://github.com/step-security/harden-runner/commit/fa70c45ca9a73bcef023a3e6afac49ffa3007480"><code>fa70c45</code></a> update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/eb47845632e48a7532e7e363ba78b9bc48c09264"><code>eb47845</code></a> self-hosted: refactored block-policy apply logic</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/0634a2670c59f64b4a01f0f96f84700a4088b9f0...002fdce3c6a235733a90a27c80493a3241e56863">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
a0cb56ab0c |
correcting security logic
This Pull Request was automatically generated to synchronize updates to translation files and documentation. Below are the details of the changes made: - Updated translation files (`messages_*.properties`) to reflect changes in the reference file `messages_en_GB.properties`. - Ensured consistency and synchronization across all supported language files. - Highlighted any missing or incomplete translations. - Generated the translation progress table in `README.md`. - Added a summary of the current translation status for all supported languages. - Included up-to-date statistics on translation coverage. - Keeps translation files aligned with the latest reference updates. - Ensures the documentation reflects the current translation progress. --- Auto-generated by [create-pull-request][1]. [1]: https://github.com/peter-evans/create-pull-request Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com> Update messages_de_DE.properties (#3618) Please provide a summary of the changes, including: - What was changed - Why the change was made - Any challenges encountered Closes #(issue_number) --- - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing) for more details. --------- Co-authored-by: Copilot <[email protected]> Fix error display for Split by Chapter (#3621) - throw `IllegalArgumentException` when bookmark level is invalid or when a PDF has no outline - rely on global error handling so frontend shows the message - `./gradlew build` ------ https://chatgpt.com/codex/tasks/task_b_683dc51dd31083288be3f9892889fa59 🌐 Sync Translations + Update README Progress Table (#3638) This Pull Request was automatically generated to synchronize updates to translation files and documentation. Below are the details of the changes made: - Updated translation files (`messages_*.properties`) to reflect changes in the reference file `messages_en_GB.properties`. - Ensured consistency and synchronization across all supported language files. - Highlighted any missing or incomplete translations. - Generated the translation progress table in `README.md`. - Added a summary of the current translation status for all supported languages. - Included up-to-date statistics on translation coverage. - Keeps translation files aligned with the latest reference updates. - Ensures the documentation reflects the current translation progress. --- Auto-generated by [create-pull-request][1]. [1]: https://github.com/peter-evans/create-pull-request Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com> GetInfo summary #2388 (#3585) Please provide a summary of the changes, including: - What was changed - Why the change was made - Any challenges encountered Closes #(issue_number) --- - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md) (if applicable) - [ ] I have performed a self-review of my own code - [ ] My changes generate no new warnings - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing) for more details. Co-authored-by: a <a> 🌐 Sync Translations + Update README Progress Table (#3639) This Pull Request was automatically generated to synchronize updates to translation files and documentation. Below are the details of the changes made: - Updated translation files (`messages_*.properties`) to reflect changes in the reference file `messages_en_GB.properties`. - Ensured consistency and synchronization across all supported language files. - Highlighted any missing or incomplete translations. - Generated the translation progress table in `README.md`. - Added a summary of the current translation status for all supported languages. - Included up-to-date statistics on translation coverage. - Keeps translation files aligned with the latest reference updates. - Ensures the documentation reflects the current translation progress. --- Auto-generated by [create-pull-request][1]. [1]: https://github.com/peter-evans/create-pull-request --------- Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com> clean up 🌐 Sync Translations + Update README Progress Table (#3639) This Pull Request was automatically generated to synchronize updates to translation files and documentation. Below are the details of the changes made: - Updated translation files (`messages_*.properties`) to reflect changes in the reference file `messages_en_GB.properties`. - Ensured consistency and synchronization across all supported language files. - Highlighted any missing or incomplete translations. - Generated the translation progress table in `README.md`. - Added a summary of the current translation status for all supported languages. - Included up-to-date statistics on translation coverage. - Keeps translation files aligned with the latest reference updates. - Ensures the documentation reflects the current translation progress. --- Auto-generated by [create-pull-request][1]. [1]: https://github.com/peter-evans/create-pull-request --------- Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com> ADDITIONAL_FEATURES_OFF > ADDITIONAL_FEATURES renamed flag renamed flag in workflows |
||
|
|
41cd7d8f47 | removing DOCKER_ENABLE_SECURITY flag | ||
|
|
149fe8755d | DOCKER_ENABLE_SECURITY > ADDITIONAL_FEATURES_OFF | ||
|
|
1f56ccfc99 |
Bump gradle/actions from 4.3.1 to 4.4.0 (#3544)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [gradle/actions](https://github.com/gradle/actions) from 4.3.1 to 4.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gradle/actions/releases">gradle/actions's releases</a>.</em></p> <blockquote> <h2>v4.4.0</h2> <p>This release updates 2 downstream components:</p> <ul> <li>Develocity injection has been updated to <a href="https://github.com/gradle/develocity-ci-injection/releases/tag/v2.0">v2.0</a> <ul> <li>Some environment variables related to Develocity injection have been renamed. All vars now being with <code>DEVELOCITY_INJECTION_</code>. Check <a href="https://github.com/gradle/actions/blob/main/docs/setup-gradle.md#configuring-develocity-injection">the docs</a> for more details.</li> </ul> </li> <li>Dependency-graph plugin has been updated to <a href="https://github.com/gradle/github-dependency-graph-gradle-plugin/releases/tag/v1.4.0">v1.4.0</a> <ul> <li>The 'detector' values included in the generated graph can now be configured via environment variables.</li> </ul> </li> </ul> <h2>What's Changed</h2> <ul> <li>Update develocity-injection init script to v1.3 by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/592">gradle/actions#592</a></li> <li>Update develocity-injection init script to v2.0 by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/593">gradle/actions#593</a></li> <li>[StepSecurity] ci: Harden GitHub Actions by <a href="https://github.com/step-security-bot"><code>@step-security-bot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/597">gradle/actions#597</a></li> <li>Use v1.4.0 of dependency graph plugin by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/638">gradle/actions#638</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/step-security-bot"><code>@step-security-bot</code></a> made their first contribution in <a href="https://redirect.github.com/gradle/actions/pull/597">gradle/actions#597</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/gradle/actions/compare/v4.3.1...v4.4.0">https://github.com/gradle/actions/compare/v4.3.1...v4.4.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gradle/actions/commit/8379f6a1328ee0e06e2bb424dadb7b159856a326"><code>8379f6a</code></a> Use v1.4.0 of dependency graph plugin (<a href="https://redirect.github.com/gradle/actions/issues/638">#638</a>)</li> <li><a href="https://github.com/gradle/actions/commit/9f79b5fa2c0d6f1157051630d2fb45b9f10ca6a5"><code>9f79b5f</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/e093fac84ca6df405f28ca0317458de1a4c7ad65"><code>e093fac</code></a> Bump the npm-dependencies group in /sources with 5 updates (<a href="https://redirect.github.com/gradle/actions/issues/636">#636</a>)</li> <li><a href="https://github.com/gradle/actions/commit/768a17f3488dc3fe0155ff431553e1f53d57e22e"><code>768a17f</code></a> Bump the npm-dependencies group in /sources with 2 updates (<a href="https://redirect.github.com/gradle/actions/issues/635">#635</a>)</li> <li><a href="https://github.com/gradle/actions/commit/36541137722dacf3739105e1b760c6856d5369e4"><code>3654113</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/2ad385cb2aee647fa33b18e52b479ae14fed4c6c"><code>2ad385c</code></a> Replace use of typed-rest-client with <code>@actions/http-client</code> (<a href="https://redirect.github.com/gradle/actions/issues/634">#634</a>)</li> <li><a href="https://github.com/gradle/actions/commit/95dcf96b0d6e55b48ba036a7d7480ce25a00e6ef"><code>95dcf96</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/2e3238a6642725202f6a5656922bbe434f25b03e"><code>2e3238a</code></a> Bump actions/download-artifact from 4.2.1 to 4.3.0 in /.github/actions/init-i...</li> <li><a href="https://github.com/gradle/actions/commit/39dddb8ae7ff59c7416189aac27a8980abd89bd0"><code>39dddb8</code></a> Remove direct use of octokit/request-error (<a href="https://redirect.github.com/gradle/actions/issues/632">#632</a>)</li> <li><a href="https://github.com/gradle/actions/commit/755ed7db09daddecb584fd9d200146c632f1af98"><code>755ed7d</code></a> [bot] Update dist directory</li> <li>Additional commits viewable in <a href="https://github.com/gradle/actions/compare/06832c7b30a0129d7fb559bcc6e43d26f6374244...8379f6a1328ee0e06e2bb424dadb7b159856a326">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
5b34c00237 |
Bump actions/download-artifact from 4.2.1 to 4.3.0 (#3443)
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.2.1 to 4.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v4.3.0</h2> <h2>What's Changed</h2> <ul> <li>feat: implement new <code>artifact-ids</code> input by <a href="https://github.com/GrantBirki"><code>@GrantBirki</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/401">actions/download-artifact#401</a></li> <li>Fix workflow example for downloading by artifact ID by <a href="https://github.com/joshmgross"><code>@joshmgross</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/402">actions/download-artifact#402</a></li> <li>Prep for v4.3.0 release by <a href="https://github.com/robherley"><code>@robherley</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/404">actions/download-artifact#404</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/GrantBirki"><code>@GrantBirki</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/401">actions/download-artifact#401</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v4.2.1...v4.3.0">https://github.com/actions/download-artifact/compare/v4.2.1...v4.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/d3f86a106a0bac45b974a628896c90dbdf5c8093"><code>d3f86a1</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/404">#404</a> from actions/robherley/v4.3.0</li> <li><a href="https://github.com/actions/download-artifact/commit/fc02353415da80201a0da48ab47022efd7725d11"><code>fc02353</code></a> prep for v4.3.0 release</li> <li><a href="https://github.com/actions/download-artifact/commit/77454371a433f370a16d329ef7db197f700a7a8f"><code>7745437</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/402">#402</a> from actions/joshmgross/download-by-id-example</li> <li><a href="https://github.com/actions/download-artifact/commit/84fc7a0a358aabc7f97f7f590cbfc25f57e26c6a"><code>84fc7a0</code></a> Remove path filters from Check dist workflow</li> <li><a href="https://github.com/actions/download-artifact/commit/67f2bc382f6ba5ba75812a05909e8c25a366b5fb"><code>67f2bc3</code></a> Fix workflow example for downloading by artifact ID</li> <li><a href="https://github.com/actions/download-artifact/commit/8ea3c2c174f79a56792e9fdd9baad75d27c5d369"><code>8ea3c2c</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/401">#401</a> from actions/download-by-id</li> <li><a href="https://github.com/actions/download-artifact/commit/d219c630f65d8bd14366a9e2f731cbf854f62258"><code>d219c63</code></a> add supporting unit tests for artifact downloads with ids</li> <li><a href="https://github.com/actions/download-artifact/commit/54124fbd881f8ce794405a06896c93c49c17463e"><code>54124fb</code></a> revert <code>getArtifact()</code> changes - for now we have to list and filter by artifa...</li> <li><a href="https://github.com/actions/download-artifact/commit/b83057b90d3e218abf5c7b1906579eb6c598ae85"><code>b83057b</code></a> bundle</li> <li><a href="https://github.com/actions/download-artifact/commit/171183c7dce98c3cf8a1fc842429d0a38ed21d33"><code>171183c</code></a> use the same <code>artifactClient.getArtifact</code> structure as seen above in `isSingl...</li> <li>Additional commits viewable in <a href="https://github.com/actions/download-artifact/compare/95815c38cf2ff2164869cbab79da8d1f422bc89e...d3f86a106a0bac45b974a628896c90dbdf5c8093">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
0b81dfdf7c |
Upgrade Gradle to 8.14 in CI Workflows and Gradle Wrapper (#3425)
# Description of Changes This pull request upgrades the Gradle build system from version 8.12 to 8.14 across the Stirling-PDF project to enhance build stability, compatibility, and performance. The changes include: - **What was changed**: - Updated the Gradle wrapper version in `gradle/wrapper/gradle-wrapper.properties` from `8.12` to `8.14`. - Modified the `tasks.wrapper` configuration in `build.gradle` to specify `gradleVersion = "8.14"`. - Updated Gradle version references in GitHub Actions workflows (`multiOSReleases.yml`, `push-docker.yml`, `releaseArtifacts.yml`) from `8.12` to `8.14` to ensure consistent CI/CD builds. - **Why the change was made**: - Gradle 8.14 includes bug fixes, performance improvements, and enhanced compatibility with newer JDK versions (e.g., Java 17 and 21, as supported by Stirling-PDF). - Ensures alignment with the latest Gradle features and security patches, reducing potential build issues in development and CI/CD environments. - Supports the project's recommendation to use newer JDK versions (e.g., Java 21) and improves integration with the Foojay Toolchains Plugin. - **Challenges encountered**: - Verified compatibility of Gradle 8.14 with existing plugins (e.g., `org.springframework.boot`, `org.sonarqube`, `com.diffplug.spotless`) to ensure no breaking changes. - Tested CI/CD workflows to confirm that the updated Gradle version does not introduce failures in build, test, or deployment pipelines. - Ensured the Gradle wrapper distribution URL is correctly updated to avoid download issues. --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [x] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing) for more details. |
||
|
|
da70980be4 |
Bump sigstore/cosign-installer from 3.8.1 to 3.8.2 (#3411)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.8.1 to 3.8.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v3.8.2</h2> <h2>What's Changed</h2> <ul> <li>install cosign v2 from main in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/186">sigstore/cosign-installer#186</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v3...v3.8.2">https://github.com/sigstore/cosign-installer/compare/v3...v3.8.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/cosign-installer/commit/3454372f43399081ed03b604cb2d021dabca52bb"><code>3454372</code></a> install cosign v2 from main (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/186">#186</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/b6ee8f83b9a8b8ef7f46b5a8ff326f488b386693"><code>b6ee8f8</code></a> Bump actions/setup-go from 5.3.0 to 5.4.0 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/185">#185</a>)</li> <li>See full diff in <a href="https://github.com/sigstore/cosign-installer/compare/d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a...3454372f43399081ed03b604cb2d021dabca52bb">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
62ec512dda |
Bump step-security/harden-runner from 2.11.1 to 2.12.0 (#3394)
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.11.1 to 2.12.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.12.0</h2> <h2>What's Changed</h2> <ol> <li> <p>A new option, <code>disable-sudo-and-containers</code>, is now available to replace the <code>disable-sudo policy</code>, addressing Docker-based privilege escalation (<a href="https://github.com/step-security/harden-runner/security/advisories/GHSA-mxr3-8whj-j74r">CVE-2025-32955</a>). More details can be found in this <a href="https://www.stepsecurity.io/blog/evolving-harden-runners-disable-sudo-policy-for-improved-runner-security">blog post</a>.</p> </li> <li> <p>New detections have been added based on insights from the tj-actions and reviewdog actions incidents.</p> </li> </ol> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.12.0">https://github.com/step-security/harden-runner/compare/v2...v2.12.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/0634a2670c59f64b4a01f0f96f84700a4088b9f0"><code>0634a26</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/541">#541</a> from step-security/rc-20</li> <li><a href="https://github.com/step-security/harden-runner/commit/2e3c5113419044c10e6826351ff7cf7d56cbebe4"><code>2e3c511</code></a> Update action.yml</li> <li><a href="https://github.com/step-security/harden-runner/commit/40873e6a41e9ae4f46268f8ee038b3561bb88504"><code>40873e6</code></a> Update README.md</li> <li><a href="https://github.com/step-security/harden-runner/commit/484c2799ec63f20b4acc41bcf649dd4003718616"><code>484c279</code></a> Update README.md</li> <li><a href="https://github.com/step-security/harden-runner/commit/4c8582f45544ce2dafb2cfae82cfbebf0f41bde2"><code>4c8582f</code></a> Update agent versions</li> <li><a href="https://github.com/step-security/harden-runner/commit/e8d595cd66544d43aca8ac7e42a212a5a83b41f8"><code>e8d595c</code></a> fix disable_sudo_and_containers bug</li> <li><a href="https://github.com/step-security/harden-runner/commit/5d277fc8734baba8746d0c18cb0a2594d4692c66"><code>5d277fc</code></a> fix journalctl related bug</li> <li><a href="https://github.com/step-security/harden-runner/commit/ff2ab228bdb9f0c9129169d47dbb2bdf4b8f9b0e"><code>ff2ab22</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/536">#536</a> from rohan-stepsecurity/feat/flag/disable-sudo-and-co...</li> <li><a href="https://github.com/step-security/harden-runner/commit/b81d650d0e627a80d0d73d192b33d729507e0ef5"><code>b81d650</code></a> fix: run sudo command only when both disable-sudo and disable-sudo-and-docker...</li> <li><a href="https://github.com/step-security/harden-runner/commit/769df4ef5d6336b33b11e5b0d43934309cf439f6"><code>769df4e</code></a> Update agent</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/c6295a65d1254861815972266d5933fd6e532bdf...0634a2670c59f64b4a01f0f96f84700a4088b9f0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
2bb716da84 |
Mac x86_64 installer Hotfix (#3391)
😅 - Added java options to jpackage installer - Fixed trigger in OS release workflow --- ## Checklist ### General - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md) (if applicable) - [ ] I have performed a self-review of my own code - [ ] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing) for more details. --------- Co-authored-by: Anthony Stirling <[email protected]> |
||
|
|
fd34782bcc |
Bump actions/setup-java from 4.7.0 to 4.7.1 (#3339)
Bumps [actions/setup-java](https://github.com/actions/setup-java) from 4.7.0 to 4.7.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-java/releases">actions/setup-java's releases</a>.</em></p> <blockquote> <h2>v4.7.1</h2> <h2>What's Changed</h2> <h3>Documentation changes</h3> <ul> <li>Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12 to Align with GFTC License Terms by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/704">actions/setup-java#704</a></li> <li>Remove duplicated GraalVM section in documentation by <a href="https://github.com/Marcono1234"><code>@Marcono1234</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/716">actions/setup-java#716</a></li> </ul> <h3>Dependency updates:</h3> <ul> <li>Upgrade <code>@action/cache</code> from 4.0.0 to 4.0.2 by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/766">actions/setup-java#766</a></li> <li>Upgrade <code>@actions/glob</code> from 0.4.0 to 0.5.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/744">actions/setup-java#744</a></li> <li>Upgrade ts-jest from 29.1.2 to 29.2.5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/743">actions/setup-java#743</a></li> <li>Upgrade <code>@action/cache</code> to 4.0.3 by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-java/pull/773">actions/setup-java#773</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-java/compare/v4...v4.7.1">https://github.com/actions/setup-java/compare/v4...v4.7.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-java/commit/c5195efecf7bdfc987ee8bae7a71cb8b11521c00"><code>c5195ef</code></a> actions/cache upgrade to 4.0.3 (<a href="https://redirect.github.com/actions/setup-java/issues/773">#773</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/dd38875f930accc291b5816356a21f72056c0b70"><code>dd38875</code></a> Bump ts-jest from 29.1.2 to 29.2.5 (<a href="https://redirect.github.com/actions/setup-java/issues/743">#743</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/148017a9b0c6af80330bcc5db11d1c670d2e7074"><code>148017a</code></a> Bump <code>@actions/glob</code> from 0.4.0 to 0.5.0 (<a href="https://redirect.github.com/actions/setup-java/issues/744">#744</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/3b6c050358614dd082e53cdbc55580431fc4e437"><code>3b6c050</code></a> Remove duplicated GraalVM section in documentation (<a href="https://redirect.github.com/actions/setup-java/issues/716">#716</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/b8ebb8ba1d9655f7f159c0a8b8135606ae11b5c9"><code>b8ebb8b</code></a> upgrade <code>@action/cache</code> from 4.0.0 to 4.0.2 (<a href="https://redirect.github.com/actions/setup-java/issues/766">#766</a>)</li> <li><a href="https://github.com/actions/setup-java/commit/799ee7c97e9721ef38d1a7e8486c39753b9d6102"><code>799ee7c</code></a> Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12 to Ali...</li> <li>See full diff in <a href="https://github.com/actions/setup-java/compare/3a4f6e1af504cf6a31855fa899c6aa5355ba6c12...c5195efecf7bdfc987ee8bae7a71cb8b11521c00">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
4220a28276 |
MacOS x86_64 installer fix 🙏🏾 (#3333)
- Forced Gradle to build MacOS `x86_64` distribution with `x86_64` architecture in workflows - Corrected pathing for signed artefacts  --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md) (if applicable) - [x] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [x] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [x] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [x] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [x] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing) for more details. |
||
|
|
ad52806a5e |
Mac x86_64 installer fix (#3323)
# Description of Changes Added x86_64 distribution to `mac-signed` artifacts --- ## Checklist ### General - [ ] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [ ] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md) (if applicable) - [ ] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md) (if applicable) - [ ] I have performed a self-review of my own code - [ ] My changes generate no new warnings ### Documentation - [ ] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [ ] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [ ] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [ ] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing) for more details. --------- Co-authored-by: Anthony Stirling <[email protected]> |
||
|
|
c93722ec05 |
Fix for MacOS x86_64 Installer (#3314)
- Updated workflow step to log jpackage dir   --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md) (if applicable) - [x] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [x] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [x] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [x] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [x] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing) for more details. |
||
|
|
2938fcc044 |
Bump step-security/harden-runner from 2.11.0 to 2.11.1 (#3285)
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.11.0 to 2.11.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.11.1</h2> <h2>What's Changed</h2> <ul> <li>cache: add support for GitHub Actions cache v2 by <a href="https://github.com/h0x0er"><code>@h0x0er</code></a> in <a href="https://redirect.github.com/step-security/harden-runner/pull/529">step-security/harden-runner#529</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.11.1">https://github.com/step-security/harden-runner/compare/v2...v2.11.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/c6295a65d1254861815972266d5933fd6e532bdf"><code>c6295a6</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/530">#530</a> from step-security/rc-19</li> <li><a href="https://github.com/step-security/harden-runner/commit/3e118b145bd13a08b2e465cf3a216df0f6c7746e"><code>3e118b1</code></a> Improve error handling</li> <li><a href="https://github.com/step-security/harden-runner/commit/b38e918ba8cf8d08113e53089af0d89429dcc51a"><code>b38e918</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/529">#529</a> from h0x0er/jatin/cache-fix</li> <li><a href="https://github.com/step-security/harden-runner/commit/0664d30cda4109be234d326b54ac1cc6385597a2"><code>0664d30</code></a> cache: added support for cache v2</li> <li><a href="https://github.com/step-security/harden-runner/commit/b131ca5ebfca4930fe6d4a3e82d1e386b4873c94"><code>b131ca5</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/524">#524</a> from step-security/fix/security/GHSA-968p-4wvh-cqc8</li> <li><a href="https://github.com/step-security/harden-runner/commit/2dc9579753e01c4033425fcc7b74e652b583ca50"><code>2dc9579</code></a> Address vulnerabilities</li> <li><a href="https://github.com/step-security/harden-runner/commit/f054d811b5b89fde2f954d54dc8622ec3aaab9ab"><code>f054d81</code></a> Update README (<a href="https://redirect.github.com/step-security/harden-runner/issues/522">#522</a>)</li> <li><a href="https://github.com/step-security/harden-runner/commit/8a09271fed8277ab7fb02dbb5917c8d0e78323b4"><code>8a09271</code></a> Update Readme (<a href="https://redirect.github.com/step-security/harden-runner/issues/520">#520</a>)</li> <li><a href="https://github.com/step-security/harden-runner/commit/6ec6af7d622602bd852df48848f3cae95c760a48"><code>6ec6af7</code></a> Update readme (<a href="https://redirect.github.com/step-security/harden-runner/issues/518">#518</a>)</li> <li><a href="https://github.com/step-security/harden-runner/commit/539365ba33fd040cf8c4db243b6f0ed3b32c3283"><code>539365b</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/516">#516</a> from vorburger/patch-1</li> <li>Additional commits viewable in <a href="https://github.com/step-security/harden-runner/compare/4d991eb9b905ef189e4c376166672c3f2f230481...c6295a65d1254861815972266d5933fd6e532bdf">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
472d0b14db |
Bump gradle/actions from 4.3.0 to 4.3.1 (#3276)
Bumps [gradle/actions](https://github.com/gradle/actions) from 4.3.0 to 4.3.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gradle/actions/releases">gradle/actions's releases</a>.</em></p> <blockquote> <h2>v4.3.1</h2> <p>This release fixes a couple of minor issues, as well as keeping dependencies up to date.</p> <h2>Fixed issues</h2> <ul> <li>The develocity-allow-untrusted-server parameter should be honoured when fetching short-lived access tokens <a href="https://redirect.github.com/gradle/actions/issues/583">#583</a></li> <li>Build summary may incorrectly report build success <a href="https://redirect.github.com/gradle/actions/issues/415">#415</a></li> </ul> <h2>What's Changed</h2> <ul> <li>Update develocity-injection init script to v1.1.1 by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/545">gradle/actions#545</a></li> <li>Bump the github-actions group across 2 directories with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/547">gradle/actions#547</a></li> <li>Bump the npm-dependencies group in /sources with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/548">gradle/actions#548</a></li> <li>Update develocity-injection init script to v1.2 by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/550">gradle/actions#550</a></li> <li>Bump the github-actions group across 1 directory with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/552">gradle/actions#552</a></li> <li>Bump the npm-dependencies group across 1 directory with 5 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/558">gradle/actions#558</a></li> <li>Update known wrapper checksums by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/560">gradle/actions#560</a></li> <li>Bump references to Develocity Gradle plugin from 3.19.1 to 3.19.2 by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/561">gradle/actions#561</a></li> <li>Catch more build failures in job summary by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/571">gradle/actions#571</a></li> <li>Scope captured build failures by <a href="https://github.com/erichaagdev"><code>@erichaagdev</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/574">gradle/actions#574</a></li> <li>Ignore SSL certificate validation when fetching Develocity short-lived access token if <code>develocity-allow-untrusted-server</code> is enabled by <a href="https://github.com/remcomokveld"><code>@remcomokveld</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/575">gradle/actions#575</a></li> <li>Dependency updates by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/579">gradle/actions#579</a></li> <li>Bump com.google.guava:guava from 33.4.5-jre to 33.4.6-jre in /.github/workflow-samples/kotlin-dsl in the gradle group across 1 directory by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/580">gradle/actions#580</a></li> <li>Bump the github-actions group across 2 directories with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/582">gradle/actions#582</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/erichaagdev"><code>@erichaagdev</code></a> made their first contribution in <a href="https://redirect.github.com/gradle/actions/pull/574">gradle/actions#574</a></li> <li><a href="https://github.com/remcomokveld"><code>@remcomokveld</code></a> made their first contribution in <a href="https://redirect.github.com/gradle/actions/pull/575">gradle/actions#575</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/gradle/actions/compare/v4.3.0...v4.3.1">https://github.com/gradle/actions/compare/v4.3.0...v4.3.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gradle/actions/commit/06832c7b30a0129d7fb559bcc6e43d26f6374244"><code>06832c7</code></a> Bump the github-actions group across 2 directories with 2 updates</li> <li><a href="https://github.com/gradle/actions/commit/b7b029e5c461bcd4187e3922253a207372ea1d04"><code>b7b029e</code></a> Bump com.google.guava:guava from 33.4.5-jre to 33.4.6-jre in /.github/workflo...</li> <li><a href="https://github.com/gradle/actions/commit/a0bd2ca5cbf6404f68a1a02c2e2741218f894b90"><code>a0bd2ca</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/7974541d55b5d4265df89850a40d5063d2d3036e"><code>7974541</code></a> Dependency updates (<a href="https://redirect.github.com/gradle/actions/issues/579">#579</a>)</li> <li><a href="https://github.com/gradle/actions/commit/a58163930329ccce0ace4389791c82734e52204b"><code>a581639</code></a> Update DSL samples to use test suites</li> <li><a href="https://github.com/gradle/actions/commit/acd2925667ac1dae317b3b2de03ce2d3b5da2205"><code>acd2925</code></a> Update java-toolchain sample to use Kotlin DSL</li> <li><a href="https://github.com/gradle/actions/commit/aa88309fbde788037cd53df497543c8c40e5e2ae"><code>aa88309</code></a> Update gradle-plugin sample to use Kotlin DSL</li> <li><a href="https://github.com/gradle/actions/commit/086c9e4b25c544ef148c374d34a7a844517c740b"><code>086c9e4</code></a> Revert update to eslint-plugin-github</li> <li><a href="https://github.com/gradle/actions/commit/d31b81842d0028028432bad95773235ec859b85c"><code>d31b818</code></a> Update patch file for actions/[email protected]</li> <li><a href="https://github.com/gradle/actions/commit/2778b4a120e9ad2ed71a81933fa2e09c33c15a72"><code>2778b4a</code></a> Bump the npm-dependencies group across 1 directory with 8 updates</li> <li>Additional commits viewable in <a href="https://github.com/gradle/actions/compare/94baf225fe0a508e581a564467443d0e2379123b...06832c7b30a0129d7fb559bcc6e43d26f6374244">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
d55823ecb1 |
MacOS Installer for x86_64 Distributions (#3269)
- Updated `jpackage` task to create an additional installer for MacOS with Intel (x86_64) chips - Created tasks to download zulu-jre-17 to a temp folder to use when building x86_64 installer and then delete afterwards Closes #1531 --- ## Checklist ### General - [x] I have read the [Contribution Guidelines](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/CONTRIBUTING.md) - [x] I have read the [Stirling-PDF Developer Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md) (if applicable) - [x] I have read the [How to add new languages to Stirling-PDF](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md) (if applicable) - [x] I have performed a self-review of my own code - [x] My changes generate no new warnings ### Documentation - [x] I have updated relevant docs on [Stirling-PDF's doc repo](https://github.com/Stirling-Tools/Stirling-Tools.github.io/blob/main/docs/) (if functionality has heavily changed) - [x] I have read the section [Add New Translation Tags](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/HowToAddNewLanguage.md#add-new-translation-tags) (for new translation tags only) ### UI Changes (if applicable) - [x] Screenshots or videos demonstrating the UI changes are attached (e.g., as comments or direct attachments in the PR) ### Testing (if applicable) - [x] I have tested my changes locally. Refer to the [Testing Guide](https://github.com/Stirling-Tools/Stirling-PDF/blob/main/DeveloperGuide.md#6-testing) for more details. |
||
|
|
f159c62a36 |
Bump actions/download-artifact from 4.1.9 to 4.2.1 (#3225)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.9 to 4.2.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v4.2.1</h2> <h2>What's Changed</h2> <ul> <li>Add unit tests by <a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/392">actions/download-artifact#392</a></li> <li>Fix bug introduced in 4.2.0 by <a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/391">actions/download-artifact#391</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v4.2.0...v4.2.1">https://github.com/actions/download-artifact/compare/v4.2.0...v4.2.1</a></p> <h2>v4.2.0</h2> <h2>What's Changed</h2> <ul> <li>Update README.md by <a href="https://github.com/lkfortuna"><code>@lkfortuna</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/384">actions/download-artifact#384</a></li> <li>Bump artifact version, do digest check by <a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/383">actions/download-artifact#383</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/lkfortuna"><code>@lkfortuna</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/384">actions/download-artifact#384</a></li> <li><a href="https://github.com/GhadimiR"><code>@GhadimiR</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/383">actions/download-artifact#383</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v4.1.9...v4.2.0">https://github.com/actions/download-artifact/compare/v4.1.9...v4.2.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/95815c38cf2ff2164869cbab79da8d1f422bc89e"><code>95815c3</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/391">#391</a> from GhadimiR/main</li> <li><a href="https://github.com/actions/download-artifact/commit/278fca438a0f334c0505181835b4796f2785949b"><code>278fca4</code></a> Move log statements</li> <li><a href="https://github.com/actions/download-artifact/commit/68909842a1073010f1cf920ed7f153e2948f9c16"><code>6890984</code></a> Merge branch 'main' into main</li> <li><a href="https://github.com/actions/download-artifact/commit/f9415c0ec30f02c18e075f091cafcfe4159168d0"><code>f9415c0</code></a> Run unit tests in CI</li> <li><a href="https://github.com/actions/download-artifact/commit/76a6eb5cbca98dccb5e14c0116e53f5df13b220d"><code>76a6eb5</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/392">#392</a> from GhadimiR/add_unit_tests</li> <li><a href="https://github.com/actions/download-artifact/commit/a2426d7c4522072f4d5824c9508d7ea97107cb8e"><code>a2426d7</code></a> Merge branch 'main' into add_unit_tests</li> <li><a href="https://github.com/actions/download-artifact/commit/3ffa694f6f7e3d53f63807f78267796f57911dd4"><code>3ffa694</code></a> lint</li> <li><a href="https://github.com/actions/download-artifact/commit/53f6aa5f93b626e252398abac720a28f6eb048ed"><code>53f6aa5</code></a> Add extra assertion to download single artifact test</li> <li><a href="https://github.com/actions/download-artifact/commit/b456700053c87aa7d6b31d212292755e1e6eb923"><code>b456700</code></a> lint</li> <li><a href="https://github.com/actions/download-artifact/commit/9eab798a9885c1be58a1c4381da1109644016e98"><code>9eab798</code></a> Configure tsconfig</li> <li>Additional commits viewable in <a href="https://github.com/actions/download-artifact/compare/cc203385981b70ca67e1cc392babf9cc229d5806...95815c38cf2ff2164869cbab79da8d1f422bc89e">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
b2ca702301 |
Bump actions/upload-artifact from 4.6.1 to 4.6.2 (#3223)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.1 to 4.6.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.6.2</h2> <h2>What's Changed</h2> <ul> <li>Update to use artifact 2.3.2 package & prepare for new upload-artifact release by <a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/upload-artifact/pull/685">actions/upload-artifact#685</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4...v4.6.2">https://github.com/actions/upload-artifact/compare/v4...v4.6.2</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/ea165f8d65b6e75b540449e92b4886f43607fa02"><code>ea165f8</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/685">#685</a> from salmanmkc/salmanmkc/3-new-upload-artifacts-release</li> <li><a href="https://github.com/actions/upload-artifact/commit/08396203c179e13c71b9754ce3472ed71842eec0"><code>0839620</code></a> Prepare for new release of actions/upload-artifact with new toolkit cache ver...</li> <li>See full diff in <a href="https://github.com/actions/upload-artifact/compare/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1...ea165f8d65b6e75b540449e92b4886f43607fa02">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
ba7c949d1a |
Bump actions/download-artifact from 4.1.8 to 4.1.9 (#3090)
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4.1.8 to 4.1.9. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/download-artifact/releases">actions/download-artifact's releases</a>.</em></p> <blockquote> <h2>v4.1.9</h2> <h2>What's Changed</h2> <ul> <li>Add workflow file for publishing releases to immutable action package by <a href="https://github.com/Jcambass"><code>@Jcambass</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/354">actions/download-artifact#354</a></li> <li>docs: small migration fix by <a href="https://github.com/froblesmartin"><code>@froblesmartin</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/370">actions/download-artifact#370</a></li> <li>Update MIGRATION.md by <a href="https://github.com/andyfeller"><code>@andyfeller</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/372">actions/download-artifact#372</a></li> <li>Update artifact package to 2.2.2 by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/download-artifact/pull/380">actions/download-artifact#380</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Jcambass"><code>@Jcambass</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/354">actions/download-artifact#354</a></li> <li><a href="https://github.com/froblesmartin"><code>@froblesmartin</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/370">actions/download-artifact#370</a></li> <li><a href="https://github.com/andyfeller"><code>@andyfeller</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/372">actions/download-artifact#372</a></li> <li><a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> made their first contribution in <a href="https://redirect.github.com/actions/download-artifact/pull/380">actions/download-artifact#380</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/download-artifact/compare/v4...v4.1.9">https://github.com/actions/download-artifact/compare/v4...v4.1.9</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/download-artifact/commit/cc203385981b70ca67e1cc392babf9cc229d5806"><code>cc20338</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/380">#380</a> from actions/yacaovsnc/release_4_1_9</li> <li><a href="https://github.com/actions/download-artifact/commit/1fc0fee191f40422f502da571c0f01ff460afe53"><code>1fc0fee</code></a> Update artifact package to 2.2.2</li> <li><a href="https://github.com/actions/download-artifact/commit/7fba95161a0924506ed1ae69cdbae8371ee00b3f"><code>7fba951</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/372">#372</a> from andyfeller/patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/f9ceb7763ba1fdfd81b2e2f93aa1f6015ff6b35d"><code>f9ceb77</code></a> Update MIGRATION.md</li> <li><a href="https://github.com/actions/download-artifact/commit/533298bc57c27f112a2c04a74a04a4d43e2866fd"><code>533298b</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/370">#370</a> from froblesmartin/patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/d06289e120b300840a833b25db66cb8c19f5d274"><code>d06289e</code></a> docs: small migration fix</li> <li><a href="https://github.com/actions/download-artifact/commit/d0ce8fd1167ed839810201de977912a090ab10a7"><code>d0ce8fd</code></a> Merge pull request <a href="https://redirect.github.com/actions/download-artifact/issues/354">#354</a> from actions/Jcambass-patch-1</li> <li><a href="https://github.com/actions/download-artifact/commit/1ce0d91ace59dfbf6763107ee5aa8466ebbadf48"><code>1ce0d91</code></a> Add workflow file for publishing releases to immutable action package</li> <li>See full diff in <a href="https://github.com/actions/download-artifact/compare/fa0a91b85d4f404e444e00e005971372dc801d16...cc203385981b70ca67e1cc392babf9cc229d5806">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
6aad45fcec |
Bump actions/upload-artifact from 4.6.0 to 4.6.1 (#3034)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.0 to 4.6.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's releases</a>.</em></p> <blockquote> <h2>v4.6.1</h2> <h2>What's Changed</h2> <ul> <li>Update to use artifact 2.2.2 package by <a href="https://github.com/yacaovsnc"><code>@yacaovsnc</code></a> in <a href="https://redirect.github.com/actions/upload-artifact/pull/673">actions/upload-artifact#673</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/upload-artifact/compare/v4...v4.6.1">https://github.com/actions/upload-artifact/compare/v4...v4.6.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/upload-artifact/commit/4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1"><code>4cec3d8</code></a> Merge pull request <a href="https://redirect.github.com/actions/upload-artifact/issues/673">#673</a> from actions/yacaovsnc/artifact_2.2.2</li> <li><a href="https://github.com/actions/upload-artifact/commit/e9fad966ccdffceea5de0445882c9455934bcf8e"><code>e9fad96</code></a> license cache update for artifact</li> <li><a href="https://github.com/actions/upload-artifact/commit/b26fd06e9da88a61ada55f23d7863325b1f115d3"><code>b26fd06</code></a> Update to use artifact 2.2.2 package</li> <li>See full diff in <a href="https://github.com/actions/upload-artifact/compare/65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08...4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
0f5d95661c |
Bump sigstore/cosign-installer from 3.8.0 to 3.8.1 (#3010)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.8.0 to 3.8.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v3.8.1</h2> <h2>What's Changed</h2> <ul> <li>use cosign 2.4.3 and other updates by <a href="https://github.com/cpanato"><code>@cpanato</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/182">sigstore/cosign-installer#182</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v3...v3.8.1">https://github.com/sigstore/cosign-installer/compare/v3...v3.8.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/cosign-installer/commit/d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a"><code>d7d6bc7</code></a> use cosign 2.4.3 and other updates (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/182">#182</a>)</li> <li>See full diff in <a href="https://github.com/sigstore/cosign-installer/compare/c56c2d3e59e4281cc41dea2217323ba5694b171e...d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
554c112a94 |
Bump step-security/harden-runner from 2.10.4 to 2.11.0 (#2980)
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.10.4 to 2.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's releases</a>.</em></p> <blockquote> <h2>v2.11.0</h2> <h2>What's Changed</h2> <p>Release v2.11.0 in <a href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a> Harden-Runner Enterprise tier now supports the use of eBPF for DNS resolution and network call monitoring</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/step-security/harden-runner/compare/v2...v2.11.0">https://github.com/step-security/harden-runner/compare/v2...v2.11.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/step-security/harden-runner/commit/4d991eb9b905ef189e4c376166672c3f2f230481"><code>4d991eb</code></a> Merge pull request <a href="https://redirect.github.com/step-security/harden-runner/issues/498">#498</a> from step-security/rc-18</li> <li><a href="https://github.com/step-security/harden-runner/commit/4ea872f89714b83576609e6f89476dfb114a6246"><code>4ea872f</code></a> Update README.md</li> <li><a href="https://github.com/step-security/harden-runner/commit/65d6f6e4ee070283fc8739e8d8295eb6c554029a"><code>65d6f6e</code></a> Add workflows</li> <li><a href="https://github.com/step-security/harden-runner/commit/1034c9a80544b55a7706ed377ea64ded8b0c7ea4"><code>1034c9a</code></a> Update package-lock.json</li> <li><a href="https://github.com/step-security/harden-runner/commit/ab221e2d7a450f54fde8ccb211cea73c5bcf1e2a"><code>ab221e2</code></a> Update agent</li> <li><a href="https://github.com/step-security/harden-runner/commit/7cb6c2fb524eafc78ce834c51af420c289690789"><code>7cb6c2f</code></a> Update agent</li> <li>See full diff in <a href="https://github.com/step-security/harden-runner/compare/cb605e52c26070c328afc4562f0b4ada7618a84e...4d991eb9b905ef189e4c376166672c3f2f230481">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
|
c1d7217242 |
Bump sigstore/cosign-installer from 3.7.0 to 3.8.0 (#2901)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.7.0 to 3.8.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v3.8.0</h2> <h2>What's Changed</h2> <ul> <li>test action against all non-rc releases, verify entry in rekor log by <a href="https://github.com/bobcallaway"><code>@bobcallaway</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/179">sigstore/cosign-installer#179</a></li> <li>bump for cosign v2.4.2 release by <a href="https://github.com/bobcallaway"><code>@bobcallaway</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/181">sigstore/cosign-installer#181</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v3...v3.8.0">https://github.com/sigstore/cosign-installer/compare/v3...v3.8.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/cosign-installer/commit/c56c2d3e59e4281cc41dea2217323ba5694b171e"><code>c56c2d3</code></a> Bump actions/setup-go from 5.2.0 to 5.3.0 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/180">#180</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/02e36b8dc8964c61cece8f1014b0e71c92325430"><code>02e36b8</code></a> bump for cosign v2.4.2 release (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/181">#181</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/789d2886c082e8fb7b9710810b73c3f0840573ed"><code>789d288</code></a> test action against all non-rc releases, verify entry in rekor log (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/179">#179</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/e11c0892438d2c0a48e49dee376e4883f10f2e59"><code>e11c089</code></a> Bump actions/setup-go from 5.1.0 to 5.2.0 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/178">#178</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/718228a5f85f61170ad5c3ea6c0e9871cc92f1c5"><code>718228a</code></a> Bump actions/setup-go from 5.0.2 to 5.1.0 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/176">#176</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/325063e39f66c2e5225e4c88c8979af292c04829"><code>325063e</code></a> Bump actions/checkout from 4.2.1 to 4.2.2 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/177">#177</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/b929758a8661a1dc05fce750bdb02eef5acf2c37"><code>b929758</code></a> Bump actions/checkout from 4.2.0 to 4.2.1 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/175">#175</a>)</li> <li>See full diff in <a href="https://github.com/sigstore/cosign-installer/compare/dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da...c56c2d3e59e4281cc41dea2217323ba5694b171e">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Anthony Stirling <[email protected]> Co-authored-by: Ludy <[email protected]> |
||
|
|
b9bfcd59cd |
Bump gradle/actions from 4.2.2 to 4.3.0 (#2870)
Bumps [gradle/actions](https://github.com/gradle/actions) from 4.2.2 to 4.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/gradle/actions/releases">gradle/actions's releases</a>.</em></p> <blockquote> <h2>v4.3.0</h2> <p>This release brings some significant improvements to cache-cleanup and dependency-submission:</p> <ul> <li>Cleanup cache entries written by newly released Gradle versions (<a href="https://redirect.github.com/gradle/actions/issues/436">#436</a>)</li> <li>Use existing Gradle wrapper distribution for cache-cleanup where possible (<a href="https://redirect.github.com/gradle/actions/issues/515">#515</a>)</li> <li>Automatically save each dependency-graph that is submitted by <code>dependency-submission</code> (<a href="https://redirect.github.com/gradle/actions/issues/519">#519</a>)</li> <li>Fix deprecation warnings emitted by Gradle 8.12+ when: <ul> <li>Using <code>build-scan-publish: true</code> or Develocity injection (<a href="https://redirect.github.com/gradle/actions/issues/543">#543</a>)</li> <li>Using dependency-submission with an authenticated plugin repository with Gradle (<a href="https://redirect.github.com/gradle/actions/issues/541">#541</a>)</li> </ul> </li> <li>Fix warning when using toolchain support with Gradle 7.x (<a href="https://redirect.github.com/gradle/actions/issues/511">#511</a>)</li> </ul> <h2>What's Changed</h2> <ul> <li>Update known wrapper checksums by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/493">gradle/actions#493</a></li> <li>Fix typo in <code>cache-reporting.ts</code> by <a href="https://github.com/SimonMarquis"><code>@SimonMarquis</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/492">gradle/actions#492</a></li> <li>Bump Gradle Wrappers by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/499">gradle/actions#499</a></li> <li>Bump the github-actions group across 3 directories with 7 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/510">gradle/actions#510</a></li> <li>Bump the npm-dependencies group across 1 directory with 6 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/512">gradle/actions#512</a></li> <li>Clean-up missing imports for tests by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/513">gradle/actions#513</a></li> <li>Bump the npm-dependencies group in /sources with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/521">gradle/actions#521</a></li> <li>Add npm build scans by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/517">gradle/actions#517</a></li> <li>Avoid env-var interpolation in toolchains.xml by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/518">gradle/actions#518</a></li> <li>Avoid saving build-results for cache cleanup by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/520">gradle/actions#520</a></li> <li>Save dependency graph as workflow artifact by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/522">gradle/actions#522</a></li> <li>Update to CCUDGP 2.1 by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/524">gradle/actions#524</a></li> <li>Bump references to Develocity Gradle plugin from 3.19 to 3.19.1 by <a href="https://github.com/bot-githubaction"><code>@bot-githubaction</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/527">gradle/actions#527</a></li> <li>Choose best Gradle version to use for cache cleanup by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/526">gradle/actions#526</a></li> <li>Uppercase cache-encryption-key by <a href="https://github.com/Goooler"><code>@Goooler</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/528">gradle/actions#528</a></li> <li>Attempt to use gradle wrapper for cache cleanup by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/525">gradle/actions#525</a></li> <li>Document GRADLE_ACTIONS_SKIP_BUILD_RESULT_CAPTURE by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/529">gradle/actions#529</a></li> <li>Update known wrapper checksums by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/509">gradle/actions#509</a></li> <li>Bump Gradle Wrappers by <a href="https://github.com/github-actions"><code>@github-actions</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/535">gradle/actions#535</a></li> <li>Bump the github-actions group across 2 directories with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/538">gradle/actions#538</a></li> <li>Update undici to resolve vulnerability by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/536">gradle/actions#536</a></li> <li>Bump the npm-dependencies group across 1 directory with 2 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/539">gradle/actions#539</a></li> <li>Update docs for dependency review by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/540">gradle/actions#540</a></li> <li>Fix space assignment deprecations in init-scripts by <a href="https://github.com/bigdaz"><code>@bigdaz</code></a> in <a href="https://redirect.github.com/gradle/actions/pull/542">gradle/actions#542</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/SimonMarquis"><code>@SimonMarquis</code></a> made their first contribution in <a href="https://redirect.github.com/gradle/actions/pull/492">gradle/actions#492</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/gradle/actions/compare/v4.2.2...v4.3.0">https://github.com/gradle/actions/compare/v4.2.2...v4.3.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/gradle/actions/commit/94baf225fe0a508e581a564467443d0e2379123b"><code>94baf22</code></a> Fix space assignment deprecations in init-scripts (<a href="https://redirect.github.com/gradle/actions/issues/542">#542</a>)</li> <li><a href="https://github.com/gradle/actions/commit/6f10c21ec5f599a0b89667926d38072802b3d6fc"><code>6f10c21</code></a> Make it easier to produce 'prerelease' versions</li> <li><a href="https://github.com/gradle/actions/commit/0b492c475f504e36ead18a16150445eff0744fbc"><code>0b492c4</code></a> Fix deprecation warnings in develocity init-script</li> <li><a href="https://github.com/gradle/actions/commit/79bad900c08bc46eaf2277d99d548b968994ebbe"><code>79bad90</code></a> Fix deprecation warnings in dependency-graph init-script</li> <li><a href="https://github.com/gradle/actions/commit/986922f6a6cae731e74a1101cfb48c1928f94d64"><code>986922f</code></a> Update docs for dependency review (<a href="https://redirect.github.com/gradle/actions/issues/540">#540</a>)</li> <li><a href="https://github.com/gradle/actions/commit/65a3beb9413b5a43f94e1eea10a51c507e62b78f"><code>65a3beb</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/0e67f6d83b0113c903ae9b9cf26c587076a01d82"><code>0e67f6d</code></a> Bump the npm-dependencies group across 1 directory with 2 updates</li> <li><a href="https://github.com/gradle/actions/commit/b6ac71fd86906618fa352cfa92ab29a0b53daa81"><code>b6ac71f</code></a> [bot] Update dist directory</li> <li><a href="https://github.com/gradle/actions/commit/9053a599ae356ff00d824e690d556ddbec068864"><code>9053a59</code></a> Update undici to resolve vulnerability</li> <li><a href="https://github.com/gradle/actions/commit/7560c304a61cfac10bf3a196e0769a30d4ecd4aa"><code>7560c30</code></a> Bump the github-actions group across 2 directories with 2 updates</li> <li>Additional commits viewable in <a href="https://github.com/gradle/actions/compare/0bdd871935719febd78681f197cd39af5b6e16a6...94baf225fe0a508e581a564467443d0e2379123b">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Anthony Stirling <[email protected]> |