dependabot[bot]
06832c7b30
Bump the github-actions group across 2 directories with 2 updates
...
Bumps the github-actions group with 2 updates in the / directory: [github/codeql-action](https://github.com/github/codeql-action ) and [actions/upload-artifact](https://github.com/actions/upload-artifact ).
Bumps the github-actions group with 1 update in the /.github/actions/build-dist directory: [actions/upload-artifact](https://github.com/actions/upload-artifact ).
Updates `github/codeql-action` from 3.28.11 to 3.28.13
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](6bb031afdd...1b549b9259https://github.com/actions/upload-artifact/releases )
- [Commits](4cec3d8aa0...ea165f8d65https://github.com/actions/upload-artifact/releases )
- [Commits](4cec3d8aa0...ea165f8d65
2025-03-25 16:28:20 -06:00
dependabot[bot]
d2985e6cc7
Bump the github-actions group across 2 directories with 6 updates
...
Bumps the github-actions group with 6 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [actions/setup-node](https://github.com/actions/setup-node ) | `4.2.0` | `4.3.0` |
| [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) | `dcc7a0cba800f454d79fff4b993e8c3555bcc0a8` | `0fee5fb278312d962ff465bb38dc4cae9f446de2` |
| [github/codeql-action](https://github.com/github/codeql-action ) | `3.28.9` | `3.28.11` |
| [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) | `2.4.0` | `2.4.1` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact ) | `4.6.0` | `4.6.1` |
| [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) | `7.0.6` | `7.0.8` |
Bumps the github-actions group with 2 updates in the /.github/actions/build-dist directory: [actions/setup-node](https://github.com/actions/setup-node ) and [actions/upload-artifact](https://github.com/actions/upload-artifact ).
Updates `actions/setup-node` from 4.2.0 to 4.3.0
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](1d0ff469b7...cdca7365b2https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](dcc7a0cba8...0fee5fb278https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](9e8d0789d4...6bb031afddhttps://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](62b2cac7ed...f49aabe0b5https://github.com/actions/upload-artifact/releases )
- [Commits](65c4c4a1dd...4cec3d8aa0https://github.com/peter-evans/create-pull-request/releases )
- [Commits](67ccf781d6...271a8d0340https://github.com/actions/setup-node/releases )
- [Commits](1d0ff469b7...cdca7365b2https://github.com/actions/upload-artifact/releases )
- [Commits](65c4c4a1dd...4cec3d8aa0
2025-03-25 14:06:06 -06:00
dependabot[bot]
7f0ccac579
Bump the github-actions group across 1 directory with 2 updates
...
Bumps the github-actions group with 2 updates in the / directory: [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `tj-actions/changed-files` from 45.0.6 to 45.0.7
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](d6e91a2266...dcc7a0cba8https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](dd746615b3...9e8d0789d4
2025-02-18 13:21:46 -07:00
dependabot[bot]
70f4302913
Bump the github-actions group across 2 directories with 3 updates
...
Bumps the github-actions group with 3 updates in the / directory: [gradle/actions](https://github.com/gradle/actions ), [github/codeql-action](https://github.com/github/codeql-action ) and [actions/setup-java](https://github.com/actions/setup-java ).
Bumps the github-actions group with 1 update in the /.github/actions/init-integ-test directory: [actions/setup-java](https://github.com/actions/setup-java ).
Updates `gradle/actions` from 4.2.2 to 4.3.0
- [Release notes](https://github.com/gradle/actions/releases )
- [Commits](0bdd871935...94baf225fehttps://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](17a820bf2e...dd746615b3https://github.com/actions/setup-java/releases )
- [Commits](7a6d8a8234...3a4f6e1af5https://github.com/actions/setup-java/releases )
- [Commits](7a6d8a8234...3a4f6e1af5
2025-02-04 11:52:48 -07:00
dependabot[bot]
7560c304a6
Bump the github-actions group across 2 directories with 2 updates
...
Bumps the github-actions group with 2 updates in the / directory: [actions/setup-node](https://github.com/actions/setup-node ) and [github/codeql-action](https://github.com/github/codeql-action ).
Bumps the github-actions group with 1 update in the /.github/actions/build-dist directory: [actions/setup-node](https://github.com/actions/setup-node ).
Updates `actions/setup-node` from 4.1.0 to 4.2.0
- [Release notes](https://github.com/actions/setup-node/releases )
- [Commits](39370e3970...1d0ff469b7https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b6a472f63d...17a820bf2ehttps://github.com/actions/setup-node/releases )
- [Commits](39370e3970...1d0ff469b7
2025-01-28 08:18:31 -07:00
dependabot[bot]
bccddaec22
Bump the github-actions group across 3 directories with 7 updates
...
Bumps the github-actions group with 7 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [gradle/actions](https://github.com/gradle/actions ) | `4.2.1` | `4.2.2` |
| [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) | `45.0.5` | `45.0.6` |
| [github/codeql-action](https://github.com/github/codeql-action ) | `3.27.9` | `3.28.1` |
| [actions/setup-java](https://github.com/actions/setup-java ) | `4.5.0` | `4.6.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact ) | `4.4.3` | `4.6.0` |
| [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action ) | `5.0.1` | `5.1.0` |
| [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) | `7.0.5` | `7.0.6` |
Bumps the github-actions group with 1 update in the /.github/actions/build-dist directory: [actions/upload-artifact](https://github.com/actions/upload-artifact ).
Bumps the github-actions group with 1 update in the /.github/actions/init-integ-test directory: [actions/setup-java](https://github.com/actions/setup-java ).
Updates `gradle/actions` from 4.2.1 to 4.2.2
- [Release notes](https://github.com/gradle/actions/releases )
- [Commits](cc4fc85e6b...0bdd871935https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](bab30c2299...d6e91a2266https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](df409f7d92...b6a472f63dhttps://github.com/actions/setup-java/releases )
- [Commits](8df1039502...7a6d8a8234https://github.com/actions/upload-artifact/releases )
- [Commits](b4b15b8c7c...65c4c4a1ddhttps://github.com/stefanzweifel/git-auto-commit-action/releases )
- [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md )
- [Commits](8621497c8c...e348103e90https://github.com/peter-evans/create-pull-request/releases )
- [Commits](5e914681df...67ccf781d6https://github.com/actions/upload-artifact/releases )
- [Commits](b4b15b8c7c...65c4c4a1ddhttps://github.com/actions/setup-java/releases )
- [Commits](8df1039502...7a6d8a8234
2025-01-14 13:31:38 -07:00
dependabot[bot]
bc78598590
Bump github/codeql-action in the github-actions group across 1 directory
...
Bumps the github-actions group with 1 update in the / directory: [github/codeql-action](https://github.com/github/codeql-action ).
Updates `github/codeql-action` from 3.27.7 to 3.27.9
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](babb554ede...df409f7d92
2024-12-17 11:46:27 -07:00
dependabot[bot]
1c71d2134f
Bump the github-actions group across 1 directory with 2 updates
...
Bumps the github-actions group with 2 updates in the / directory: [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `tj-actions/changed-files` from 45.0.4 to 45.0.5
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](4edd678ac3...bab30c2299https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](ea9e4e3799...babb554ede
2024-12-11 14:52:10 +00:00
Daz DeBoer
52ee405746
Run CodeQL on all commits
2024-11-14 13:44:22 -07:00
daz
b12c3a65f2
Pin version of 3rd party actions
2024-11-14 12:35:29 -07:00
daz
d30cc9ecf2
Pin actions/checkout@v4
2024-11-14 12:19:48 -07:00
Daz DeBoer
07e0f1c008
Limit token permissions in GitHub workflows ( #440 )
...
See
ea7e27ed41/docs/checks.md (token-permissions)
2024-11-13 19:01:45 -07:00
daz
e3bc05f224
Run CodeQL on PRs
2024-06-13 13:15:23 -06:00
daz
485ea107b7
Run CodeQL on dev/* branches
2024-06-13 13:01:56 -06:00
daz
0325d99e52
Workflow fixes
...
- Fix typo in 'paths-ignore'
- Add back 'buildDistribution' to demo job summary
2024-04-12 10:34:50 -06:00
daz
7d97cfadb0
Avoid most workflows when only 'dist' has changed
2024-04-11 22:54:09 -06:00
daz
d37a479015
Use pull_request triggers primarily for workflows
...
Instead of relying on push triggers in general, we now use pull_request
and reserve push triggers for main and release branches.
This makes the behaviour more consistent for users contributing from
repository forks. However, we no longer have a quick-feedback loop
for development.
2024-04-10 16:48:14 -06:00
daz
22e5c984e7
Update workflows for move to 'sources'
2024-01-25 11:53:44 -07:00
daz
4dda5928c7
Update CodeQL config to latest default
2024-01-04 13:03:33 -07:00
dependabot[bot]
14b4921945
Bump the github-actions group with 3 updates
...
Bumps the github-actions group with 3 updates: [github/codeql-action](https://github.com/github/codeql-action ), [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action ) and [actions/upload-artifact](https://github.com/actions/upload-artifact ).
Updates `github/codeql-action` from 2 to 3
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2...v3 )
Updates `gradle/gradle-build-action` from 2.10.0 to 2.11.0
- [Release notes](https://github.com/gradle/gradle-build-action/releases )
- [Commits](https://github.com/gradle/gradle-build-action/compare/v2.10.0...v2.11.0 )
Updates `actions/upload-artifact` from 3 to 4
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: github-actions
- dependency-name: gradle/gradle-build-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-12-23 18:25:51 -07:00
dependabot[bot]
5e3952da92
Bump the github-actions group with 2 updates
...
Bumps the github-actions group with 2 updates: [actions/checkout](https://github.com/actions/checkout ) and [gradle/gradle-build-action](https://github.com/gradle/gradle-build-action ).
Updates `actions/checkout` from 3 to 4
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
Updates `gradle/gradle-build-action` from 2.7.1 to 2.8.0
- [Release notes](https://github.com/gradle/gradle-build-action/releases )
- [Commits](https://github.com/gradle/gradle-build-action/compare/v2.7.1...v2.8.0 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: github-actions
- dependency-name: gradle/gradle-build-action
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-09-21 16:35:57 +02:00
Daz DeBoer
9ab4abd18c
Update to latest version of all github actions
2022-06-04 09:26:11 -06:00
Daz DeBoer
e32d23f291
Capitalize to improve ordering
2022-05-29 15:04:12 -06:00
Daz DeBoer
a880eab216
More consistent names for workflow jobs
2022-05-29 15:04:11 -06:00
Daz DeBoer
bdb9f7fd28
Use shorter workflow names
2022-05-29 13:04:26 -06:00
