- Notifications
You must be signed in to change notification settings - Fork905
Commit9ef44e6
authored
ci: bump the github-actions group with 3 updates (#18177)
Bumps the github-actions group with 3 updates:[fluxcd/flux2](https://github.com/fluxcd/flux2),[tj-actions/changed-files](https://github.com/tj-actions/changed-files)and [ossf/scorecard-action](https://github.com/ossf/scorecard-action).Updates `fluxcd/flux2` from 2.5.1 to 2.6.1<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/fluxcd/flux2/releases">fluxcd/flux2'sreleases</a>.</em></p><blockquote><h2>v2.6.1</h2><h2>Highlights</h2><p>Flux v2.6.1 is a patch release that comes with various fixes. Usersare encouraged to upgrade for the best experience.</p><p>Fixes:</p><ul><li>Fix a bug introduced in image-reflector-controller v0.35.0 that wascausing spurious error events for policies during image repositoryreconciliation.</li><li>Fix excessive logging in image-reflector-controller after a restartwhen the image tags cache is empty.</li></ul><h2>Components changelog</h2><ul><li>image-reflector-controller <ahref="https://github.com/fluxcd/image-reflector-controller/blob/v0.35.1/CHANGELOG.md">v0.35.1</a></li></ul><h2>What's Changed</h2><ul><li>[release/v2.6.x] Update image-reflector-controller to v0.35.1 by <ahref="https://github.com/fluxcdbot"><code>@fluxcdbot</code></a> in <ahref="https://redirect.github.com/fluxcd/flux2/pull/5382">fluxcd/flux2#5382</a></li><li>[release/v2.6.x] Add digest pinning to image automation testing by<a href="https://github.com/fluxcdbot"><code>@fluxcdbot</code></a> in<ahref="https://redirect.github.com/fluxcd/flux2/pull/5384">fluxcd/flux2#5384</a></li></ul><p><strong>Full Changelog</strong>: <ahref="https://github.com/fluxcd/flux2/compare/v2.6.0...v2.6.1">https://github.com/fluxcd/flux2/compare/v2.6.0...v2.6.1</a></p><h2>v2.6.0</h2><h2>Highlights</h2><p>Flux v2.6.0 is a feature release. Users are encouraged to upgrade forthe best experience.</p><p>For a compressive overview of new features and API changes includedin this release, please refer to the <ahref="https://fluxcd.io/blog/2025/05/flux-v2.6.0/">Announcing Flux 2.6GA blog post</a>.</p><p>Overview of the new features:</p><ul><li>General availability release for the Flux OCI Artifacts APIs and<code>flux artifact</code> commands</li><li>Support for OCI digests pinning (ImagePolicy,ImageUpdateAutomation)</li><li>Object-level workload identity authentication (OCIRepository,ImageRepository, Kustomization, Alert Provider)</li><li>Cache registry credentials for cloud providers (OCIRepository,ImageRepository)</li><li>Git HTTP/S Mutual TLS authentication (GitRepository,ImageUpdateAutomation)</li><li>Support for sparse checkout (GitRepository)</li><li>Support for GitHub App authentication (Alert Provider)</li><li>Support for managed Identity authentication to Azure Event Hub(Alert Provider)</li><li>Customize the ID of the Git commit status with CEL expressions(Alert Provider)</li><li><code>WaitForTermination</code> deletion policy (Kustomization)</li><li><code>DisableChartDigestTracking</code> feature gate(HelmRelease)</li></ul><p>❤️ Big thanks to all the Flux contributors that helped us with thisrelease!</p><h3>Kubernetes compatibility</h3><p>This release is compatible with the following Kubernetesversions:</p><p>| Kubernetes version | Minimum required |</p><!-- raw HTML omitted --></blockquote><p>... (truncated)</p></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/fluxcd/flux2/commit/b73c7f7191086ca7629840e680e71873349787f8"><code>b73c7f7</code></a>Merge pull request <ahref="https://redirect.github.com/fluxcd/flux2/issues/5384">#5384</a>from fluxcd/backport-5383-to-release/v2.6.x</li><li><ahref="https://github.com/fluxcd/flux2/commit/7aff0327adc117c1501ee24d4983e3f6d06fc2ee"><code>7aff032</code></a>Add digest pinning to image automation testing</li><li><ahref="https://github.com/fluxcd/flux2/commit/3bb3ae361744e0d121f095829e44c5dede33dbb9"><code>3bb3ae3</code></a>Merge pull request <ahref="https://redirect.github.com/fluxcd/flux2/issues/5382">#5382</a>from fluxcd/backport-5381-to-release/v2.6.x</li><li><ahref="https://github.com/fluxcd/flux2/commit/bf1af3c12059ed11f51a6ff345ed15e5567a1e21"><code>bf1af3c</code></a>Update toolkit components</li><li><ahref="https://github.com/fluxcd/flux2/commit/4c66d375454b5841cc816e7728e8ae684cf70dc3"><code>4c66d37</code></a>Merge pull request <ahref="https://redirect.github.com/fluxcd/flux2/issues/5370">#5370</a>from fluxcd/update-components</li><li><ahref="https://github.com/fluxcd/flux2/commit/481c3c6e1e1c7056f0d1907ea39f22eee0c53473"><code>481c3c6</code></a>Update toolkit components</li><li><ahref="https://github.com/fluxcd/flux2/commit/1d1d96b4895115aa1bb092f7bb3de6611681ebae"><code>1d1d96b</code></a>Merge pull request <ahref="https://redirect.github.com/fluxcd/flux2/issues/5373">#5373</a>from fluxcd/dependabot-up</li><li><ahref="https://github.com/fluxcd/flux2/commit/0b972771fdcdd8cf290f16398fb0c09cd2ad128d"><code>0b97277</code></a>Update dependabot config</li><li><ahref="https://github.com/fluxcd/flux2/commit/650732109e1cef23fdf753e8caeb4efea984fe10"><code>6507321</code></a>Merge pull request <ahref="https://redirect.github.com/fluxcd/flux2/issues/5371">#5371</a>from fluxcd/oci-ga</li><li><ahref="https://github.com/fluxcd/flux2/commit/79fed691cafed9022fc37242e498cf108a0a1725"><code>79fed69</code></a>Update CLI to OCIRepository v1 (GA)</li><li>Additional commits viewable in <ahref="https://github.com/fluxcd/flux2/compare/8d5f40dca5aa5d3c0fc3414457dda15a0ac92fa4...b73c7f7191086ca7629840e680e71873349787f8">compareview</a></li></ul></details><br />Updates `tj-actions/changed-files` from3981e4f74104e7a4c67a835e1e5dd5d9eb0f0a57 to115870536a85eaf050e369291c7895748ff12aea<details><summary>Changelog</summary><p><em>Sourced from <ahref="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files'schangelog</a>.</em></p><blockquote><h1>Changelog</h1><h1><ahref="https://github.com/tj-actions/changed-files/compare/v46.0.4...v46.0.5">46.0.5</a>- (2025-04-09)</h1><h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2><ul><li><strong>deps:</strong> Bump yaml from 2.7.0 to 2.7.1 (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2520">#2520</a>)(<ahref="https://github.com/tj-actions/changed-files/commit/ed68ef82c095e0d48ec87eccea555d944a631a4c">ed68ef8</a>)- (dependabot[bot])</li><li><strong>deps-dev:</strong> Bump typescript from 5.8.2 to 5.8.3 (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2516">#2516</a>)(<ahref="https://github.com/tj-actions/changed-files/commit/a7bc14b808f23d3b467a4079c69a81f1a4500fd5">a7bc14b</a>)- (dependabot[bot])</li><li><strong>deps-dev:</strong> Bump <code>@types/node</code> from22.13.11 to 22.14.0 (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2517">#2517</a>)(<ahref="https://github.com/tj-actions/changed-files/commit/3d751f6b6d84071a17e1b9cf4ed79a80a27dd0ab">3d751f6</a>)- (dependabot[bot])</li><li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.2.3 to5.2.6 (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2519">#2519</a>)(<ahref="https://github.com/tj-actions/changed-files/commit/e2fda4ec3cb0bc2a353843cae823430b3124db8f">e2fda4e</a>)- (dependabot[bot])</li><li><strong>deps-dev:</strong> Bump ts-jest from 29.2.6 to 29.3.1 (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2518">#2518</a>)(<ahref="https://github.com/tj-actions/changed-files/commit/0bed1b1132ec4879a39a2d624cf82a00d0bcfa48">0bed1b1</a>)- (dependabot[bot])</li><li><strong>deps:</strong> Bump github/codeql-action from 3.28.12 to3.28.15 (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2530">#2530</a>)(<ahref="https://github.com/tj-actions/changed-files/commit/68024587dc36f49685c96d59d3f1081830f968bb">6802458</a>)- (dependabot[bot])</li><li><strong>deps:</strong> Bump tj-actions/branch-names from 8.0.1 to8.1.0 (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2521">#2521</a>)(<ahref="https://github.com/tj-actions/changed-files/commit/cf2e39e86bf842d1f9bc5bca56c0a6b207cca792">cf2e39e</a>)- (dependabot[bot])</li><li><strong>deps:</strong> Bump tj-actions/verify-changed-files from20.0.1 to 20.0.4 (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2523">#2523</a>)(<ahref="https://github.com/tj-actions/changed-files/commit/6abeaa506a419f85fa9e681260b443adbeebb3d4">6abeaa5</a>)- (dependabot[bot])</li></ul><h2><!-- raw HTML omitted -->⬆️ Upgrades</h2><ul><li>Upgraded to v46.0.4 (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2511">#2511</a>)</li></ul><p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<ahref="https://github.com/tj-actions/changed-files/commit/6f67ee9ac810f0192ea7b3d2086406f97847bcf9">6f67ee9</a>)- (github-actions[bot])</p><h1><ahref="https://github.com/tj-actions/changed-files/compare/v46.0.3...v46.0.4">46.0.4</a>- (2025-04-03)</h1><h2><!-- raw HTML omitted -->🐛 Bug Fixes</h2><ul><li>Bug modified_keys and changed_key outputs not set when no changesdetected (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2509">#2509</a>)(<ahref="https://github.com/tj-actions/changed-files/commit/6cb76d07bee4c9772c6882c06c37837bf82a04d3">6cb76d0</a>)- (Tonye Jack)</li></ul><h2><!-- raw HTML omitted -->📚 Documentation</h2><ul><li>Update readme (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2508">#2508</a>)(<ahref="https://github.com/tj-actions/changed-files/commit/b74df86ccb65173a8e33ba5492ac1a2ca6b216fd">b74df86</a>)- (Tonye Jack)</li></ul><h2><!-- raw HTML omitted -->⬆️ Upgrades</h2><ul><li>Upgraded to v46.0.3 (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2506">#2506</a>)</li></ul><p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted -->Co-authored-by: Tonye Jack <ahref="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<ahref="https://github.com/tj-actions/changed-files/commit/27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99">27ae6b3</a>)- (github-actions[bot])</p><h1><ahref="https://github.com/tj-actions/changed-files/compare/v46.0.2...v46.0.3">46.0.3</a>- (2025-03-23)</h1><h2><!-- raw HTML omitted -->🔄 Update</h2><ul><li>Updated README.md (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2501">#2501</a>)</li></ul><p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<ahref="https://github.com/tj-actions/changed-files/commit/41e0de576a0f2b64d9f06f2773f539109e55a70a">41e0de5</a>)- (github-actions[bot])</p><ul><li>Updated README.md (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2499">#2499</a>)</li></ul><p>Co-authored-by: github-actions[bot] <!-- raw HTML omitted --> (<ahref="https://github.com/tj-actions/changed-files/commit/945787811a795cd840a1157ac590dd7827a05c8e">9457878</a>)- (github-actions[bot])</p><h2><!-- raw HTML omitted -->📚 Documentation</h2><!-- raw HTML omitted --></blockquote><p>... (truncated)</p></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/tj-actions/changed-files/commit/115870536a85eaf050e369291c7895748ff12aea"><code>1158705</code></a>chore(deps-dev): bump eslint-plugin-jest from 28.11.0 to 28.12.0 (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2575">#2575</a>)</li><li><ahref="https://github.com/tj-actions/changed-files/commit/48aea2e1ab598202feb33bfd4df18f25cf0bf56a"><code>48aea2e</code></a>chore(deps-dev): bump <code>@types/node</code> from 22.15.24 to22.15.26 (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2576">#2576</a>)</li><li><ahref="https://github.com/tj-actions/changed-files/commit/050a3d3360d29711ee9d8210fc639d902d23ad07"><code>050a3d3</code></a>Updated README.md (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2574">#2574</a>)</li><li><ahref="https://github.com/tj-actions/changed-files/commit/f000a9b97f254f9590ff26f651cccde827ad36da"><code>f000a9b</code></a>docs: add Jellyfrog as a contributor for code, and doc (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2573">#2573</a>)</li><li><ahref="https://github.com/tj-actions/changed-files/commit/7a9a6d21056d4fc643159b536584c95a903da077"><code>7a9a6d2</code></a>chore(deps-dev): bump <code>@types/node</code> from 22.15.21 to22.15.24 (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2572">#2572</a>)</li><li><ahref="https://github.com/tj-actions/changed-files/commit/abda8aa2d055f53806b6d35f984ea80315fab52b"><code>abda8aa</code></a>chore: update build job to fail when there are uncommited changes (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2571">#2571</a>)</li><li><ahref="https://github.com/tj-actions/changed-files/commit/c6634ca281a9fc05b03bee224ba00910cb78ab6e"><code>c6634ca</code></a>chore(deps): bump github/codeql-action from 3.28.17 to 3.28.18 (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2564">#2564</a>)</li><li><ahref="https://github.com/tj-actions/changed-files/commit/860b02dbf9f4dfded5b31c3ef9eca758918910b2"><code>860b02d</code></a>chore(deps): bump <code>@octokit/rest</code> from 21.1.1 to 22.0.0 (<ahref="https://redirect.github.com/tj-actions/changed-files/issues/2568">#2568</a>)</li><li>See full diff in <ahref="https://github.com/tj-actions/changed-files/compare/3981e4f74104e7a4c67a835e1e5dd5d9eb0f0a57...115870536a85eaf050e369291c7895748ff12aea">compareview</a></li></ul></details><br />Updates `ossf/scorecard-action` from 2.4.1 to 2.4.2<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/ossf/scorecard-action/releases">ossf/scorecard-action'sreleases</a>.</em></p><blockquote><h2>v2.4.2</h2><h2>What's Changed</h2><p>This update bumps the Scorecard version to the v5.2.1 release. For acomplete list of changes, please refer to the Scorecard <ahref="https://github.com/ossf/scorecard/releases/tag/v5.2.0">v5.2.0</a>and <ahref="https://github.com/ossf/scorecard/releases/tag/v5.2.1">v5.2.1</a>release notes.</p><p><strong>Full Changelog</strong>: <ahref="https://github.com/ossf/scorecard-action/compare/v2.4.1...v2.4.2">https://github.com/ossf/scorecard-action/compare/v2.4.1...v2.4.2</a></p></blockquote></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/ossf/scorecard-action/commit/05b42c624433fc40578a4040d5cf5e36ddca8cde"><code>05b42c6</code></a>:seedling: bump docker to ghcr v2.4.2 (<ahref="https://redirect.github.com/ossf/scorecard-action/issues/1548">#1548</a>)</li><li><ahref="https://github.com/ossf/scorecard-action/commit/b225da6b2b97811a123bb34532642f3ad6a4f011"><code>b225da6</code></a>Bump github.com/ossf/scorecard/v5 from v5.2.0 to v5.2.1 (<ahref="https://redirect.github.com/ossf/scorecard-action/issues/1550">#1550</a>)</li><li><ahref="https://github.com/ossf/scorecard-action/commit/9399f6f42496e38fbb8dbcf85e17223226a5dafe"><code>9399f6f</code></a>:seedling: Bump the docker-images group across 1 directory with 2updates (<ahref="https://redirect.github.com/ossf/scorecard-action/issues/1">#1</a>...</li><li><ahref="https://github.com/ossf/scorecard-action/commit/e1daa8c5c7ed469dbb0167e261ed1c9fa673a9ae"><code>e1daa8c</code></a>:seedling: Bump the github-actions group across 1 directory with 5updates (#...</li><li><ahref="https://github.com/ossf/scorecard-action/commit/9fe6511b9b36af3b03200e49cf8fb09d261b5402"><code>9fe6511</code></a>:seedling: Bump golang.org/x/net from 0.39.0 to 0.40.0 (<ahref="https://redirect.github.com/ossf/scorecard-action/issues/1542">#1542</a>)</li><li><ahref="https://github.com/ossf/scorecard-action/commit/25b9cd9cd11610dcac11e59afed9910714b12129"><code>25b9cd9</code></a>:seedling: Bump github.com/ossf/scorecard/v5 from v5.1.1 to v5.2.0 (<ahref="https://redirect.github.com/ossf/scorecard-action/issues/1547">#1547</a>)</li><li><ahref="https://github.com/ossf/scorecard-action/commit/18cc9b81307fc5ab3c2cd7092955f06dcfdf8c42"><code>18cc9b8</code></a>:seedling: Bump golang.org/x/net from 0.38.0 to 0.39.0 (<ahref="https://redirect.github.com/ossf/scorecard-action/issues/1536">#1536</a>)</li><li><ahref="https://github.com/ossf/scorecard-action/commit/db7814227b097a902957aa24d989c6e473613a8e"><code>db78142</code></a>:seedling: Bump the github-actions group with 2 updates (<ahref="https://redirect.github.com/ossf/scorecard-action/issues/1538">#1538</a>)</li><li><ahref="https://github.com/ossf/scorecard-action/commit/de386ed459e2f85111697f50fe076d0ea617a32f"><code>de386ed</code></a>:seedling: Bump golang from 1.24.1 to 1.24.2 in the docker-images group(<ahref="https://redirect.github.com/ossf/scorecard-action/issues/1534">#1534</a>)</li><li><ahref="https://github.com/ossf/scorecard-action/commit/5b7cedba4eccfb66a6277e40cbe18d1d559ecc00"><code>5b7cedb</code></a>:seedling: Bump github.com/sigstore/cosign/v2 from 2.4.3 to 2.5.0 (<ahref="https://redirect.github.com/ossf/scorecard-action/issues/1537">#1537</a>)</li><li>Additional commits viewable in <ahref="https://github.com/ossf/scorecard-action/compare/f49aabe0b5af0936a0987cfb85d86b75731b0186...05b42c624433fc40578a4040d5cf5e36ddca8cde">compareview</a></li></ul></details><br />Dependabot will resolve any conflicts with this PR as long as you don'talter it yourself. You can also trigger a rebase manually by commenting`@dependabot rebase`.[//]: # (dependabot-automerge-start)[//]: # (dependabot-automerge-end)---<details><summary>Dependabot commands and options</summary><br />You can trigger Dependabot actions by commenting on this PR:- `@dependabot rebase` will rebase this PR- `@dependabot recreate` will recreate this PR, overwriting any editsthat have been made to it- `@dependabot merge` will merge this PR after your CI passes on it- `@dependabot squash and merge` will squash and merge this PR afteryour CI passes on it- `@dependabot cancel merge` will cancel a previously requested mergeand block automerging- `@dependabot reopen` will reopen this PR if it is closed- `@dependabot close` will close this PR and stop Dependabot recreatingit. You can achieve the same result by closing it manually- `@dependabot show <dependency name> ignore conditions` will show allof the ignore conditions of the specified dependency- `@dependabot ignore <dependency name> major version` will close thisgroup update PR and stop Dependabot creating any more for the specificdependency's major version (unless you unignore this specificdependency's major version or upgrade to it yourself)- `@dependabot ignore <dependency name> minor version` will close thisgroup update PR and stop Dependabot creating any more for the specificdependency's minor version (unless you unignore this specificdependency's minor version or upgrade to it yourself)- `@dependabot ignore <dependency name>` will close this group update PRand stop Dependabot creating any more for the specific dependency(unless you unignore this specific dependency or upgrade to it yourself)- `@dependabot unignore <dependency name>` will remove all of the ignoreconditions of the specified dependency- `@dependabot unignore <dependency name> <ignore condition>` willremove the ignore condition of the specified dependency and ignoreconditions</details>Signed-off-by: dependabot[bot] <support@github.com>Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>1 parent60927c7 commit9ef44e6
3 files changed
+3
-3
lines changedLines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1526 | 1526 | | |
1527 | 1527 | | |
1528 | 1528 | | |
1529 | | - | |
| 1529 | + | |
1530 | 1530 | | |
1531 | 1531 | | |
1532 | 1532 | | |
| |||
Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
28 | 28 | | |
29 | 29 | | |
30 | 30 | | |
31 | | - | |
| 31 | + | |
32 | 32 | | |
33 | 33 | | |
34 | 34 | | |
| |||
Lines changed: 1 addition & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
30 | 30 | | |
31 | 31 | | |
32 | 32 | | |
33 | | - | |
| 33 | + | |
34 | 34 | | |
35 | 35 | | |
36 | 36 | | |
| |||
0 commit comments
Comments
(0)