fix typo and remove unintentional(?) word by CyberFlameGO · Pull Request #518 · actions/setup-java (original) (raw)
ianlewis referenced this pull request in slsa-framework/slsa-github-generator
](https://renovatebot.comThis PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| actions/checkout | action | digest | 96f5310 -> b4ffde6 |
| actions/checkout | action | ||
| minor | v4.0.0 -> v4.1.1 |
||
| actions/setup-go | action | ||
| minor | v4.0.1 -> v4.1.0 |
||
| actions/setup-java | action | ||
| minor | v3.12.0 -> v3.13.0 |
||
| actions/setup-node | action | ||
| minor | v3.7.0 -> v3.8.1 |
||
| actions/setup-node | action | ||
| digest | e33196f -> 5e21ff4 |
||
| actions/upload-artifact | |||
| action | patch | v3.1.2 -> v3.1.3 |
|
| github/codeql-action | |||
| action | minor | v2.21.2 -> v2.22.4 |
|
| gradle/gradle-build-action | |||
| action | minor | v2.7.0 -> v2.9.0 |
|
| ossf/scorecard-action | |||
| action | minor | v2.2.0 -> v2.3.0 |
|
| sigstore/cosign-installer | |||
| action | patch | v3.1.1 -> v3.1.2 |
[!WARNING] Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
actions/checkout (actions/checkout)
What's Changed
- Update CODEOWNERS to Launch team by @joshmgross in https://github.com/actions/checkout/pull/1510
- Correct link to GitHub Docs by @peterbe in https://github.com/actions/checkout/pull/1511
- Link to release page from what's new section by @cory-miller in https://github.com/actions/checkout/pull/1514
New Contributors
- @joshmgross made their first contribution in https://github.com/actions/checkout/pull/1510
- @peterbe made their first contribution in https://github.com/actions/checkout/pull/1511
Full Changelog: actions/checkout@v4...v4.1.1
actions/setup-go (actions/setup-go)
What's Changed
In scope of this release, slow installation on Windows was fixed by
@dsame in
https://github.com/actions/setup-go/pull/393
and OS version was added to primaryKey for Ubuntu runners to avoid
conflicts
(https://github.com/actions/setup-go/pull/383)
This release also includes the following changes:
- Remove implicit dependencies by @nikolai-laevskii in https://github.com/actions/setup-go/pull/378
- Update action.yml by @mkelly in https://github.com/actions/setup-go/pull/379
- Added a description that go-version should be specified as a string type by @n3xem in https://github.com/actions/setup-go/pull/367
- Add note about YAML parsing versions by @dmitry-shibanov in https://github.com/actions/setup-go/pull/382
- Automatic update of configuration files from 05/23/2023 by @github-actions in https://github.com/actions/setup-go/pull/377
- Bump tough-cookie and @azure/ms-rest-js by @dependabot in https://github.com/actions/setup-go/pull/392
- Bump word-wrap from 1.2.3 to 1.2.4 by @dependabot in https://github.com/actions/setup-go/pull/397
- Bump semver from 6.3.0 to 6.3.1 by @dependabot in https://github.com/actions/setup-go/pull/396
New Contributors
- @mkelly made their first contribution in https://github.com/actions/setup-go/pull/379
- @n3xem made their first contribution in https://github.com/actions/setup-go/pull/367
Full Changelog: actions/setup-go@v4...v4.1.0
actions/setup-java (actions/setup-java)
What's changed
In the scope of this release, support for Dragonwell JDK was added by @Accelerator1996 in https://github.com/actions/setup-java/pull/532
steps:
- name: Checkout
uses: actions/checkout@v3
- name: Setup-java
uses: actions/setup-java@v3
with:
distribution: 'dragonwell'
java-version: '17'Several inaccuracies were also fixed:
- Fix XML namespaces wrongly using https by @gnodet in https://github.com/actions/setup-java/pull/503
- Fix typo and remove unintentional(?) word by @CyberFlameGO in https://github.com/actions/setup-java/pull/518
- Fix usage link within the README.md file by @dassiorleando in https://github.com/actions/setup-java/pull/525
New Contributors
- @CyberFlameGO made their first contribution in https://github.com/actions/setup-java/pull/518
- @dassiorleando made their first contribution in https://github.com/actions/setup-java/pull/525
- @gnodet made their first contribution in https://github.com/actions/setup-java/pull/503
- @Accelerator1996 made their first contribution in https://github.com/actions/setup-java/pull/532
Full Changelog: actions/setup-java@v3...v3.13.0
actions/setup-node (actions/setup-node)
What's Changed
In scope of this release, the filter was removed within the cache-save step by @dmitry-shibanov in https://github.com/actions/setup-node/pull/831. It is filtered and checked in the toolkit/cache library.
Full Changelog: actions/setup-node@v3...v3.8.1
What's Changed
Bug fixes:
- Add check for existing paths by @dmitry-shibanov in https://github.com/actions/setup-node/pull/803
- Resolve SymbolicLink by @dmitry-shibanov in https://github.com/actions/setup-node/pull/809
- Change passing logic for cache input by @dmitry-shibanov in https://github.com/actions/setup-node/pull/816
- Fix armv7 cache issue by @louislam in https://github.com/actions/setup-node/pull/794
- Update check-dist workflow name by @sinchang in https://github.com/actions/setup-node/pull/710
Feature implementations:
- feat: handling the case where "node" is used for tool-versions file. by @xytis in https://github.com/actions/setup-node/pull/812
Documentation changes:
- Refer to semver package name in README.md by @olleolleolle in https://github.com/actions/setup-node/pull/808
Update dependencies:
- Update toolkit cache to fix zstd by @dmitry-shibanov in https://github.com/actions/setup-node/pull/804
- Bump tough-cookie and @azure/ms-rest-js by @dependabot in https://github.com/actions/setup-node/pull/802
- Bump semver from 6.1.2 to 6.3.1 by @dependabot in https://github.com/actions/setup-node/pull/807
- Bump word-wrap from 1.2.3 to 1.2.4 by @dependabot in https://github.com/actions/setup-node/pull/815
New Contributors
- @olleolleolle made their first contribution in https://github.com/actions/setup-node/pull/808
- @louislam made their first contribution in https://github.com/actions/setup-node/pull/794
- @sinchang made their first contribution in https://github.com/actions/setup-node/pull/710
- @xytis made their first contribution in https://github.com/actions/setup-node/pull/812
Full Changelog: actions/setup-node@v3...v3.8.0
actions/upload-artifact (actions/upload-artifact)
What's Changed
- chore(github): remove trailing whitespaces by @ljmf00 in https://github.com/actions/upload-artifact/pull/313
- Bump @actions/artifact version to v1.1.2 by @bethanyj28 in https://github.com/actions/upload-artifact/pull/436
Full Changelog: actions/upload-artifact@v3...v3.1.3
github/codeql-action (github/codeql-action)
gradle/gradle-build-action (gradle/gradle-build-action)
The GitHub
dependency-review-action
helps you understand dependency changes (and the security impact of
these changes) for a pull request. This release updates the GItHub
Dependency Graph support to be compatible with the
dependency-review-action.
See the documentation for detailed examples.
Changelog
- [FIX] Use correct SHA for
pull-requestevents #882 - [FIX] Avoid generating dependency graph during cache cleanup #905
- [NEW] Improve warning on failure to submit dependency graph
- [NEW] Compatibility with GitHub
dependency-review-action#879
Full-changelog: gradle/gradle-build-action@v2.8.1...v2.9.0
Fixes an issue that prevented Dependency Graph submission when running on GitHub Enterprise Server.
Fixes
- Incorrect endpoint used to submit Dependency Graph on GitHub Enterprise #885
Changelog
The v2.8.0 release of the gradle-build-action introduces an easy
mechanism to connect to Gradle Enterprise, as well improved support for
self-hosted GitHub Actions runners.
Automatic injection of Gradle Enterprise connectivity
It is now possible to connect a Gradle build to Gradle Enterprise without changing any of the Gradle project sources. This is achieved through Gradle Enterprise injection, where an init-script will apply the Gradle Enterprise plugin and associated configuration.
This feature can be useful to easily trial Gradle Enterprise on a project, or to centralize Gradle Enterprise configuration for all GitHub Actions workflows in an organization.
See Gradle Enterprise injection in the README for more info.
Restore Gradle User Home when directory already exists
Previously, the Gradle User Home would not be restored if the directory already exists. This wasn't normally an issue with GitHub-hosted runners, but limited the usefulness of the action for persistent, self-hosted runners.
This behaviour has been improved in this release:
- The Job Summary now includes a useful error message when Gradle User Home was not restored because the directory already exists.
- The action can now be configured to restore the Gradle User Home when the directory already exists, overwriting existing content with content from the GitHub Actions cache. See https://github.com/gradle/gradle-build-action#overwriting-an-existing-gradle-user-home for more details.
Changes
Issues fixed: https://github.com/gradle/gradle-build-action/issues?q=milestone%3A2.8.0+is%3Aclosed Full changelog: gradle/gradle-build-action@v2.7.1...v2.8.0
This release contains no code changes, only dependency updates and documentation improvements.
Changelog
ossf/scorecard-action (ossf/scorecard-action)
What's Changed
- 🌱 Bump github.com/ossf/scorecard/v4 from v4.11.0 to v4.13.0 by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1270
- For a full changelist of what this includes, see the v4.12.0 and v4.13.0 release notes
- ✨ Send rekor tlog index to webapp when publishing results by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1169
- 🐛 Prevent url clipping for GHES instances by @rajbos in https://github.com/ossf/scorecard-action/pull/1225
Documentation
- 📖 Update access rights needed to see the results in code scanning by @rajbos in https://github.com/ossf/scorecard-action/pull/1229
- 📖 Add package comments. by @spencerschrock in https://github.com/ossf/scorecard-action/pull/1221
- 📖 Add SECURITY.md file by @david-a-wheeler in https://github.com/ossf/scorecard-action/pull/1250
- 📖 Fix typo in token input docs by @aabouzaid in https://github.com/ossf/scorecard-action/pull/1258
New Contributors
- @david-a-wheeler made their first contribution in https://github.com/ossf/scorecard-action/pull/1250
- @aabouzaid made their first contribution in https://github.com/ossf/scorecard-action/pull/1258
Full Changelog: ossf/scorecard-action@v2.2.0...v2.3.0
sigstore/cosign-installer (sigstore/cosign-installer)
What's Changed
- Fix build and push step Readme missing id by @hbenali in https://github.com/sigstore/cosign-installer/pull/138
- bump cosign to v2.2.0 by @cpanato in https://github.com/sigstore/cosign-installer/pull/142
New Contributors
- @hbenali made their first contribution in https://github.com/sigstore/cosign-installer/pull/138
Full Changelog: sigstore/cosign-installer@v3...v3.1.2
Configuration
📅 Schedule: Branch creation - "every weekend" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
- If you want to rebase/retry this PR, check this box
This PR has been generated by Mend Renovate. View repository job log here.
Signed-off-by: Mend Renovate bot@renovateapp.com