Skip to content

Bump the ci_dependencies group across 1 directory with 6 updates #8489

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Bump the ci_dependencies group across 1 directory with 6 updates #8489

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github May 12, 2025
edited
Loading

Bumps the ci_dependencies group with 6 updates in the / directory:

Package From To
actions/create-github-app-token 1 2
lycheeverse/lychee-action 2.3.0 2.4.1
Swatinem/rust-cache 2.7.7 2.7.8
actions-rust-lang/setup-rust-toolchain 1.11.0 1.12.0
aws-actions/configure-aws-credentials 4.1.0 4.2.0
actions/attest-build-provenance 2.2.3 2.3.0

Updates actions/create-github-app-token from 1 to 2

Release notes

Sourced from actions/create-github-app-token's releases.

v2.0.0

2.0.0 (2025-04-03)

BREAKING CHANGES

  • Removed deprecated inputs (app_id, private_key, skip_token_revoke) and made app-id and private-key required in the action configuration.

v1.12.0

1.12.0 (2025-03-27)

Features

v1.11.7

1.11.7 (2025-03-20)

Bug Fixes

  • deps: bump undici from 5.28.4 to 7.5.0 (#214) (a24b46a)

v1.11.6

1.11.6 (2025-03-03)

Bug Fixes

  • deps: bump the production-dependencies group with 2 updates (#210) (1ff1dea)

v1.11.5

1.11.5 (2025-02-15)

Bug Fixes

... (truncated)

Commits
  • df432ce build(release): 2.0.6 [skip ci]
  • 3336784 fix: replace - with _ (#246)
  • db3cdf4 build(release): 2.0.5 [skip ci]
  • d64d7d7 fix(deps): bump the production-dependencies group with 3 updates (#240)
  • 1b6f53e build(deps-dev): bump the development-dependencies group across 1 directory w...
  • 061a84d build(deps-dev): bump @​octokit/openapi from 18.2.0 to 19.0.0 (#242)
  • c8f34a6 build(deps): bump stefanzweifel/git-auto-commit-action from 5.1.0 to 5.2.0 in...
  • 4821f52 build(release): 2.0.4 [skip ci]
  • 2950cbc fix: permission input handling (#243)
  • 30bf625 build(release): 2.0.3 [skip ci]
  • Additional commits viewable in compare view

Updates lycheeverse/lychee-action from 2.3.0 to 2.4.1

Release notes

Sourced from lycheeverse/lychee-action's releases.

Version 2.4.1

What's Changed

Full Changelog: lycheeverse/lychee-action@v2...v2.4.1

Version 2.4.0

What's Changed

New Contributors

Full Changelog: lycheeverse/lychee-action@v2...v2.4.0

Commits

Updates Swatinem/rust-cache from 2.7.7 to 2.7.8

Release notes

Sourced from Swatinem/rust-cache's releases.

v2.7.8

What's Changed

Full Changelog: Swatinem/rust-cache@v2.7.7...v2.7.8

Changelog

Sourced from Swatinem/rust-cache's changelog.

Changelog

2.7.8

  • Include CPU arch in the cache key

2.7.7

  • Also cache cargo install metadata

2.7.6

  • Allow opting out of caching $CARGO_HOME/bin
  • Add runner OS in cache key
  • Adds an option to do lookup-only of the cache

2.7.5

  • Support Cargo.lock format cargo-lock v4
  • Only run macOsWorkaround() on macOS

2.7.3

  • Work around upstream problem that causes cache saving to hang for minutes.

2.7.2

  • Only key by Cargo.toml and Cargo.lock files of workspace members.

2.7.1

  • Update toml parser to fix parsing errors.

2.7.0

  • Properly cache trybuild tests.

2.6.2

  • Fix toml parsing.

2.6.1

  • Fix hash contributions of Cargo.lock/Cargo.toml files.

2.6.0

  • Add "buildjet" as a second cache-provider backend.
  • Clean up sparse registry index.
  • Do not clean up src of -sys crates.

... (truncated)

Commits

Updates actions-rust-lang/setup-rust-toolchain from 1.11.0 to 1.12.0

Release notes

Sourced from actions-rust-lang/setup-rust-toolchain's releases.

v1.12.0

What's Changed

New Contributors

Full Changelog: actions-rust-lang/setup-rust-toolchain@v1...v1.12.0

Changelog

Sourced from actions-rust-lang/setup-rust-toolchain's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

[1.12.0] - 2025-04-23

  • Add support for installing rustup on Windows (#58 by @​maennchen) This adds support for using Rust on the GitHub provided Windows ARM runners.

[1.11.0] - 2025-02-24

  • Add new parameter cache-bin that is propagated to Swatinem/rust-cache as cache-bin (#51 by @​enkhjile)
  • Add new parameter cache-shared-key that is propagated to Swatinem/rust-cache as shared-key (#52 by @​skanehira)

[1.10.1] - 2024-10-01

  • Fix problem matcher for rustfmt output. The format has changed since rust-lang/rustfmt#5971 and now follows the form "filename:line". Thanks to @​0xcypher02 for pointing out the problem.

[1.10.0] - 2024-09-23

  • Add new parameter cache-directories that is propagated to Swatinem/rust-cache (#44 by @​pranc1ngpegasus)
  • Add new parameter cache-key that is propagated to Swatinem/rust-cache as key (#41 by @​iainlane)
  • Make rustup toolchain installation more robust in light of planned changes rust-lang/rustup#3635 and rust-lang/rustup#3985
  • Allow installing multiple Rust toolchains by specifying multiple versions in the toolchain input parameter.
  • Configure the rustup override behavior via the new override input. (#38)

[1.9.0] - 2024-06-08

  • Add extra argument cache-on-failure and forward it to Swatinem/rust-cache. (#39 by @​samuelhnrq)
    Set the default the value to true. This will result in more caching than previously. This helps when large dependencies are compiled only for testing to fail.

[1.8.0] - 2024-01-13

  • Allow specifying subdirectories for cache.
  • Fix toolchain file overriding.

[1.7.0] - 2024-01-11

  • Allow overriding the toolchain file with explicit toolchain input. (#26)

[1.6.0] - 2023-12-04

... (truncated)

Commits
  • 9d7e65c Update changelog for windows support
  • 9988a3d Update the dependency section to mark the new windows rustup support
  • 0ddce9f Merge pull request #58 from maennchen/jm/windows-arm
  • d9c91b2 Support rustup installation for Windows
  • See full diff in compare view

Updates aws-actions/configure-aws-credentials from 4.1.0 to 4.2.0

Release notes

Sourced from aws-actions/configure-aws-credentials's releases.

v4.2.0

4.2.0 (2025-05-06)

Features

  • add Expiration field to Outputs (a4f3267)
  • Document role-duration-seconds range (5a0cf01)
  • support action inputs as environment variables (#1338) (2c168ad)

Bug Fixes

  • make sure action builds, also fix dependabot autoapprove (c401b8a)
  • role chaning on mulitple runs (#1340) (9e38641)
Changelog

Sourced from aws-actions/configure-aws-credentials's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

4.2.0 (2025-05-06)

Features

  • add Expiration field to Outputs (a4f3267)
  • Document role-duration-seconds range (5a0cf01)
  • support action inputs as environment variables (#1338) (2c168ad)

Bug Fixes

  • make sure action builds, also fix dependabot autoapprove (c401b8a)
  • role chaning on mulitple runs (#1340) (9e38641)

4.1.0 (2025-02-08)

Features

Bug Fixes

4.0.3 (2025-01-27)

Features

  • added release-please action config (0f88004)

Bug Fixes

  • add id-token permission to automerge (97834a4)
  • cpy syntax on npm package (#1195) (83b5a56)
  • force push packaged files to main (bfd2185)

Miscellaneous Chores

... (truncated)

Commits
  • f24d719 Merge pull request #1331 from aws-actions/release-please--branches--main--com...
  • f6095d9 Merge branch 'main' into release-please--branches--main--components--configur...
  • df1fa04 chore(deps-dev): bump memfs from 4.17.0 to 4.17.1 (#1348)
  • 1c39738 chore(deps-dev): bump @​types/node from 22.15.3 to 22.15.11 (#1345)
  • 21e0c4b chore(main): release 4.2.0
  • b0f2baf chore: Update dist
  • 4320d1b chore(deps): bump @​aws-sdk/client-sts from 3.798.0 to 3.803.0 (#1346)
  • 5d1959c chore(deps): bump vite from 6.3.2 to 6.3.4 (#1344)
  • 3ecfae8 chore: Update dist
  • 2f26d75 chore(deps): bump @​aws-sdk/client-sts from 3.787.0 to 3.798.0 (#1342)
  • Additional commits viewable in compare view

Updates actions/attest-build-provenance from 2.2.3 to 2.3.0

Release notes

Sourced from actions/attest-build-provenance's releases.

v2.3.0

What's Changed

Full Changelog: actions/attest-build-provenance@v2.2.3...v2.3.0

Commits
  • db473fd bump actions/attest from 2.2.1 to 2.3.0 (#615)
  • d3b713a Bump the actions-minor group with 2 updates (#566)
  • e042adb Bump the npm-development group with 4 updates (#567)
  • 9d3beef Bump the npm-development group with 4 updates (#554)
  • 877f50d Bump typescript-eslint in the npm-development group (#516)
  • b7ab740 Bump the npm-development group across 1 directory with 6 updates (#506)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added A1-insubstantial Pull request requires no code review (e.g., a sub-repository hash update). R0-silent The change does not warrant a re-release of the modified crates. labels May 12, 2025
@dependabot dependabot bot requested review from a team as code owners May 12, 2025 02:43
@dependabot dependabot bot added A1-insubstantial Pull request requires no code review (e.g., a sub-repository hash update). R0-silent The change does not warrant a re-release of the modified crates. labels May 12, 2025
@dependabot dependabot bot force-pushed the dependabot/github_actions/ci_dependencies-a049c85c37 branch from c71d4e8 to e3be985 Compare May 19, 2025 02:55
@dependabot dependabot bot force-pushed the dependabot/github_actions/ci_dependencies-a049c85c37 branch from e3be985 to 7b46d76 Compare May 26, 2025 02:56
@bkchr bkchr enabled auto-merge May 31, 2025 21:57
@dependabot
Bump the ci_dependencies group across 1 directory with 6 updates
3bd1878 
Bumps the ci_dependencies group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `1` | `2` |
| [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) | `2.3.0` | `2.4.1` |
| [Swatinem/rust-cache](https://github.com/swatinem/rust-cache) | `2.7.7` | `2.7.8` |
| [actions-rust-lang/setup-rust-toolchain](https://github.com/actions-rust-lang/setup-rust-toolchain) | `1.11.0` | `1.12.0` |
| [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | `4.1.0` | `4.2.0` |
| [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) | `2.2.3` | `2.3.0` |



Updates `actions/create-github-app-token` from 1 to 2
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](actions/create-github-app-token@v1...v2)

Updates `lycheeverse/lychee-action` from 2.3.0 to 2.4.1
- [Release notes](https://github.com/lycheeverse/lychee-action/releases)
- [Commits](lycheeverse/lychee-action@f613c4a...82202e5)

Updates `Swatinem/rust-cache` from 2.7.7 to 2.7.8
- [Release notes](https://github.com/swatinem/rust-cache/releases)
- [Changelog](https://github.com/Swatinem/rust-cache/blob/master/CHANGELOG.md)
- [Commits](Swatinem/rust-cache@f0deed1...9d47c6a)

Updates `actions-rust-lang/setup-rust-toolchain` from 1.11.0 to 1.12.0
- [Release notes](https://github.com/actions-rust-lang/setup-rust-toolchain/releases)
- [Changelog](https://github.com/actions-rust-lang/setup-rust-toolchain/blob/main/CHANGELOG.md)
- [Commits](actions-rust-lang/setup-rust-toolchain@9399c7b...9d7e65c)

Updates `aws-actions/configure-aws-credentials` from 4.1.0 to 4.2.0
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](aws-actions/configure-aws-credentials@ececac1...f24d719)

Updates `actions/attest-build-provenance` from 2.2.3 to 2.3.0
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](actions/attest-build-provenance@c074443...db473fd)

---
updated-dependencies:
- dependency-name: actions/create-github-app-token
  dependency-version: '2'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci_dependencies
- dependency-name: lycheeverse/lychee-action
  dependency-version: 2.4.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci_dependencies
- dependency-name: Swatinem/rust-cache
  dependency-version: 2.7.8
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci_dependencies
- dependency-name: actions-rust-lang/setup-rust-toolchain
  dependency-version: 1.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci_dependencies
- dependency-name: aws-actions/configure-aws-credentials
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci_dependencies
- dependency-name: actions/attest-build-provenance
  dependency-version: 2.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci_dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/github_actions/ci_dependencies-a049c85c37 branch from 7b46d76 to 3bd1878 Compare June 2, 2025 02:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bkchr bkchr bkchr approved these changes

@EgorPopelyaev EgorPopelyaev EgorPopelyaev approved these changes

Assignees
No one assigned
Labels
A1-insubstantial Pull request requires no code review (e.g., a sub-repository hash update). R0-silent The change does not warrant a re-release of the modified crates.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@bkchr @EgorPopelyaev