Fix problematic retransmission of authentication token (alternative solution) #438
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The retransmission of the authentication token to the server providing the artifact caused the following errors when using Artifacts v4: HTTPError: Response code 400 (Authentication information is not given in the correct format. Check the value of Authorization header.) It looks like the service serving the artifacts does not expect the authentication header, and therefore complaines about inproper use of the authentication header. Delegating the redirect-handling to the `got` library fixes the issue according to my tsts.
4eb1833 to
f763877
Compare
I just remove the second parameter, or is there another favored solution? |
jozefizso
approved these changes
May 8, 2024
|
Thanks @JojOatXGME for making this bugfix! |
This was referenced May 8, 2024
artemrys
referenced
this pull request
in splunk/addonfactory-workflow-addon-release
May 17, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/cache](https://togithub.com/actions/cache) | action | major | `v3` -> `v4` | | [actions/checkout](https://togithub.com/actions/checkout) | action | major | `v3` -> `v4` | | [actions/download-artifact](https://togithub.com/actions/download-artifact) | action | major | `v3` -> `v4` | | [actions/upload-artifact](https://togithub.com/actions/upload-artifact) | action | major | `v3` -> `v4` | | [amannn/action-semantic-pull-request](https://togithub.com/amannn/action-semantic-pull-request) | action | minor | `v5.4.0` -> `v5.5.2` | | [aws-actions/configure-aws-credentials](https://togithub.com/aws-actions/configure-aws-credentials) | action | major | `v3` -> `v4` | | [dorny/test-reporter](https://togithub.com/dorny/test-reporter) | action | minor | `v1.7.0` -> `v1.9.1` | | ghcr.io/splunk/workflow-engine-base | container | major | `2.0.12` -> `3.0.0` | --- ### Release Notes <details> <summary>actions/cache (actions/cache)</summary> ### [`v4`](https://togithub.com/actions/cache/compare/v3...v4) [Compare Source](https://togithub.com/actions/cache/compare/v3...v4) </details> <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v400) [Compare Source](https://togithub.com/actions/checkout/compare/v3...v4) - [Support fetching without the --progress option](https://togithub.com/actions/checkout/pull/1067) - [Update to node20](https://togithub.com/actions/checkout/pull/1436) </details> <details> <summary>actions/download-artifact (actions/download-artifact)</summary> ### [`v4`](https://togithub.com/actions/download-artifact/compare/v3...v4) [Compare Source](https://togithub.com/actions/download-artifact/compare/v3...v4) </details> <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v4`](https://togithub.com/actions/upload-artifact/compare/v3...v4) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v3...v4) </details> <details> <summary>amannn/action-semantic-pull-request (amannn/action-semantic-pull-request)</summary> ### [`v5.5.2`](https://togithub.com/amannn/action-semantic-pull-request/releases/tag/v5.5.2) [Compare Source](https://togithub.com/amannn/action-semantic-pull-request/compare/v5.5.1...v5.5.2) ##### Bug Fixes - Bump tar from 6.1.11 to 6.2.1 ([#​262](https://togithub.com/amannn/action-semantic-pull-request/issues/262) by [@​EelcoLos](https://togithub.com/EelcoLos)) ([9a90d5a](https://togithub.com/amannn/action-semantic-pull-request/commit/9a90d5a5ac979326e3bb9272750cdd4f192ce24a)) ### [`v5.5.1`](https://togithub.com/amannn/action-semantic-pull-request/releases/tag/v5.5.1) [Compare Source](https://togithub.com/amannn/action-semantic-pull-request/compare/v5.5.0...v5.5.1) ##### Bug Fixes - Bump ip from 2.0.0 to 2.0.1 ([#​263](https://togithub.com/amannn/action-semantic-pull-request/issues/263) by [@​EelcoLos](https://togithub.com/EelcoLos)) ([5e7e9ac](https://togithub.com/amannn/action-semantic-pull-request/commit/5e7e9acca3ddc6a9d7b640fe1f905c4fff131f4a)) ### [`v5.5.0`](https://togithub.com/amannn/action-semantic-pull-request/releases/tag/v5.5.0) [Compare Source](https://togithub.com/amannn/action-semantic-pull-request/compare/v5.4.0...v5.5.0) ##### Features - Add outputs for `type`, `scope` and `subject` ([#​261](https://togithub.com/amannn/action-semantic-pull-request/issues/261) by [@​bcaurel](https://togithub.com/bcaurel)) ([b05f5f6](https://togithub.com/amannn/action-semantic-pull-request/commit/b05f5f6423ef5cdfc7fdff00c4c10dd9a4f54aff)) </details> <details> <summary>aws-actions/configure-aws-credentials (aws-actions/configure-aws-credentials)</summary> ### [`v4`](https://togithub.com/aws-actions/configure-aws-credentials/releases/tag/v4) [Compare Source](https://togithub.com/aws-actions/configure-aws-credentials/compare/v3...v4) This tag tracks the latest v4.x.x release </details> <details> <summary>dorny/test-reporter (dorny/test-reporter)</summary> ### [`v1.9.1`](https://togithub.com/dorny/test-reporter/releases/tag/v1.9.1) [Compare Source](https://togithub.com/dorny/test-reporter/compare/v1.9.0...v1.9.1) #### What's Changed - fix: reporting wrong number of tests in Dart by [@​dominicmh](https://togithub.com/dominicmh) in [https://github.com/dorny/test-reporter/pull/426](https://togithub.com/dorny/test-reporter/pull/426) - Fix problematic retransmission of authentication token (alternative solution) by [@​JojOatXGME](https://togithub.com/JojOatXGME) in [https://github.com/dorny/test-reporter/pull/438](https://togithub.com/dorny/test-reporter/pull/438) - Update development dependencies by [@​jozefizso](https://togithub.com/jozefizso) in [https://github.com/dorny/test-reporter/pull/442](https://togithub.com/dorny/test-reporter/pull/442) #### New Contributors - [@​dominicmh](https://togithub.com/dominicmh) made their first contribution in [https://github.com/dorny/test-reporter/pull/426](https://togithub.com/dorny/test-reporter/pull/426) - [@​JojOatXGME](https://togithub.com/JojOatXGME) made their first contribution in [https://github.com/dorny/test-reporter/pull/438](https://togithub.com/dorny/test-reporter/pull/438) **Full Changelog**: dorny/test-reporter@v1.9.0...v1.9.1 ### [`v1.9.0`](https://togithub.com/dorny/test-reporter/releases/tag/v1.9.0) [Compare Source](https://togithub.com/dorny/test-reporter/compare/v1.8.0...v1.9.0) #### What's Changed ##### Features - Add support for the `rspec-json` format [#​398](https://togithub.com/dorny/test-reporter/issues/398) - Updated packages [#​405](https://togithub.com/dorny/test-reporter/issues/405) #### Contributors - [@​oscarmampel](https://togithub.com/oscarmampel) made their contribution in [#​398](https://togithub.com/dorny/test-reporter/issues/398) **Full Changelog**: dorny/test-reporter@v1.8.0...v1.9.0 ### [`v1.8.0`](https://togithub.com/dorny/test-reporter/releases/tag/v1.8.0) [Compare Source](https://togithub.com/dorny/test-reporter/compare/v1.7.0...v1.8.0) ##### What's Changed - CHANGELOG.md by [@​j-catania](https://togithub.com/j-catania) in [https://github.com/dorny/test-reporter/pull/297](https://togithub.com/dorny/test-reporter/pull/297) - Bump [@​babel/traverse](https://togithub.com/babel/traverse) from 7.12.1 to 7.23.2 in /reports/jest by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/dorny/test-reporter/pull/303](https://togithub.com/dorny/test-reporter/pull/303) - Bump [@​babel/traverse](https://togithub.com/babel/traverse) from 7.22.20 to 7.23.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/dorny/test-reporter/pull/304](https://togithub.com/dorny/test-reporter/pull/304) - Add `SwiftXunitParser` class based on `JavaJunitParser` for `swift-xunit` reporter by [@​jozefizso](https://togithub.com/jozefizso) in [https://github.com/dorny/test-reporter/pull/317](https://togithub.com/dorny/test-reporter/pull/317) - Update to Node20 by [@​j-catania](https://togithub.com/j-catania) in [https://github.com/dorny/test-reporter/pull/315](https://togithub.com/dorny/test-reporter/pull/315) - Fix build error by [@​dorny](https://togithub.com/dorny) in [https://github.com/dorny/test-reporter/pull/331](https://togithub.com/dorny/test-reporter/pull/331) - Use NodeJS 18 LTS as default runtime by [@​jozefizso](https://togithub.com/jozefizso) in [https://github.com/dorny/test-reporter/pull/332](https://togithub.com/dorny/test-reporter/pull/332) - Update all packages by [@​jozefizso](https://togithub.com/jozefizso) in [https://github.com/dorny/test-reporter/pull/333](https://togithub.com/dorny/test-reporter/pull/333) - Escape <> characters in suite name by [@​wingyplus](https://togithub.com/wingyplus) in [https://github.com/dorny/test-reporter/pull/236](https://togithub.com/dorny/test-reporter/pull/236) - Adding feature and bug template by [@​j-catania](https://togithub.com/j-catania) in [https://github.com/dorny/test-reporter/pull/341](https://togithub.com/dorny/test-reporter/pull/341) - Update check title and remove icon by [@​ldaneliukas](https://togithub.com/ldaneliukas) in [https://github.com/dorny/test-reporter/pull/144](https://togithub.com/dorny/test-reporter/pull/144) - `test-reporter` release v1.8.0 by [@​jozefizso](https://togithub.com/jozefizso) in [https://github.com/dorny/test-reporter/pull/370](https://togithub.com/dorny/test-reporter/pull/370) ##### New Contributors - [@​jozefizso](https://togithub.com/jozefizso) made their first contribution in [https://github.com/dorny/test-reporter/pull/317](https://togithub.com/dorny/test-reporter/pull/317) - [@​wingyplus](https://togithub.com/wingyplus) made their first contribution in [https://github.com/dorny/test-reporter/pull/236](https://togithub.com/dorny/test-reporter/pull/236) - [@​ldaneliukas](https://togithub.com/ldaneliukas) made their first contribution in [https://github.com/dorny/test-reporter/pull/144](https://togithub.com/dorny/test-reporter/pull/144) **Full Changelog**: dorny/test-reporter@v1.7.0...v1.8.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/splunk/addonfactory-workflow-addon-release). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMTMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjM2My41IiwidGFyZ2V0QnJhbmNoIjoiZGV2ZWxvcCIsImxhYmVscyI6W119--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
10 tasks
github-merge-queue bot
referenced
this pull request
in AmadeusITGroup/otter
Jun 5, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | Type | Update | |---|---|---|---|---|---|---|---| | [@microsoft/tsdoc](https://tsdoc.org/) ([source](https://togithub.com/microsoft/tsdoc/tree/HEAD/tsdoc)) | [`~0.14.1` -> `~0.15.0`](https://renovatebot.com/diffs/npm/@microsoft%2ftsdoc/0.14.2/0.15.0) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | dependencies | minor | | [@types/chrome](https://togithub.com/DefinitelyTyped/DefinitelyTyped/tree/master/types/chrome) ([source](https://togithub.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/chrome)) | [`^0.0.267` -> `^0.0.268`](https://renovatebot.com/diffs/npm/@types%2fchrome/0.0.267/0.0.268) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | devDependencies | patch | | [Azure/functions-action](https://togithub.com/Azure/functions-action) | `v1.5.1` -> `v1.5.2` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | action | patch | | [actions/checkout](https://togithub.com/actions/checkout) | `v4.1.4` -> `v4.1.6` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | action | patch | | [audit-types](https://togithub.com/quinnturner/audit-types) | [`~0.5.6` -> `~0.6.0`](https://renovatebot.com/diffs/npm/audit-types/0.5.6/0.6.2) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | devDependencies | minor | | [audit-types](https://togithub.com/quinnturner/audit-types) | [`~0.5.6` -> `~0.6.0`](https://renovatebot.com/diffs/npm/audit-types/0.5.6/0.6.2) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | dependencies | minor | | [dorny/test-reporter](https://togithub.com/dorny/test-reporter) | `v1.9.0` -> `v1.9.1` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | action | patch | | [esbuild](https://togithub.com/evanw/esbuild) | [`~0.20.0` -> `~0.21.0`](https://renovatebot.com/diffs/npm/esbuild/0.20.2/0.21.4) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | dependencies | minor | | [esbuild](https://togithub.com/evanw/esbuild) | [`~0.20.0` -> `~0.21.0`](https://renovatebot.com/diffs/npm/esbuild/0.20.2/0.21.4) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | devDependencies | minor | | [github/codeql-action](https://togithub.com/github/codeql-action) | `v2.25.3` -> `v2.25.8` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | action | patch | | [github/codeql-action](https://togithub.com/github/codeql-action) | `v3.25.3` -> `v3.25.8` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | action | patch | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | `v2.3.1` -> `v2.3.3` | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | action | patch | | [sass](https://togithub.com/sass/dart-sass) | [`~1.76.0` -> `~1.77.0`](https://renovatebot.com/diffs/npm/sass/1.76.0/1.77.4) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | peerDependencies | minor | | [sass](https://togithub.com/sass/dart-sass) | [`~1.76.0` -> `~1.77.0`](https://renovatebot.com/diffs/npm/sass/1.76.0/1.77.4) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | [](https://docs.renovatebot.com/merge-confidence/) | devDependencies | minor | --- ### Release Notes <details> <summary>microsoft/tsdoc (@​microsoft/tsdoc)</summary> ### [`v0.15.0`](https://togithub.com/microsoft/tsdoc/blob/HEAD/tsdoc/CHANGELOG.md#0150) Tue, 28 May 2024 21:34:19 GMT ##### Minor changes - Minor package cleanup. - Eliminate remaining const enums. ##### Patches - Update an image URL in the README.md file - Upgrade dev toolchain (Heft, Webpack, TypeScript) </details> <details> <summary>Azure/functions-action (Azure/functions-action)</summary> ### [`v1.5.2`](https://togithub.com/Azure/functions-action/releases/tag/v1.5.2) [Compare Source](https://togithub.com/Azure/functions-action/compare/v1.5.1...v1.5.2) - Updated from Node 16 to Node 20 - Added support for Flex Consumption plan </details> <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6) - Check platform to set archive extension appropriately by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1732](https://togithub.com/actions/checkout/pull/1732) ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703) - Bump github/codeql-action from 2 to 3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694) - Bump actions/setup-node from 1 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696) - Bump actions/upload-artifact from 2 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695) - README: Suggest `user.email` to be `41898282+github-actions[bot]@​users.noreply.github.com` by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707) **Full Changelog**: actions/checkout@v4.1.4...v4.1.5 </details> <details> <summary>quinnturner/audit-types (audit-types)</summary> ### [`v0.6.2`](https://togithub.com/quinnturner/audit-types/releases/tag/v0.6.2) [Compare Source](https://togithub.com/quinnturner/audit-types/compare/v0.6.1...v0.6.2) ##### What's Changed - fix: serialization of Yarn 4 by [@​quinnturner](https://togithub.com/quinnturner) in [https://github.com/quinnturner/audit-types/pull/9](https://togithub.com/quinnturner/audit-types/pull/9) **Full Changelog**: quinnturner/audit-types@v0.6.1...v0.6.2 ### [`v0.6.1`](https://togithub.com/quinnturner/audit-types/releases/tag/v0.6.1) [Compare Source](https://togithub.com/quinnturner/audit-types/compare/v0.6.0...v0.6.1) ##### What's Changed - Add support for Yarn NPM CLI types by [@​quinnturner](https://togithub.com/quinnturner) in [https://github.com/quinnturner/audit-types/pull/8](https://togithub.com/quinnturner/audit-types/pull/8) **Full Changelog**: quinnturner/audit-types@v0.6.0...v0.6.1 ### [`v0.6.0`](https://togithub.com/quinnturner/audit-types/releases/tag/v0.6.0) [Compare Source](https://togithub.com/quinnturner/audit-types/compare/v0.5.6...v0.6.0) ##### What's Changed - BREAKING: Change name of YarnBerry to Yarn2And3 by [@​quinnturner](https://togithub.com/quinnturner) in [https://github.com/quinnturner/audit-types/pull/7](https://togithub.com/quinnturner/audit-types/pull/7) **Full Changelog**: quinnturner/audit-types@v0.5.6...v0.6.0 </details> <details> <summary>dorny/test-reporter (dorny/test-reporter)</summary> ### [`v1.9.1`](https://togithub.com/dorny/test-reporter/releases/tag/v1.9.1) [Compare Source](https://togithub.com/dorny/test-reporter/compare/v1.9.0...v1.9.1) ##### What's Changed - fix: reporting wrong number of tests in Dart by [@​dominicmh](https://togithub.com/dominicmh) in [https://github.com/dorny/test-reporter/pull/426](https://togithub.com/dorny/test-reporter/pull/426) - Fix problematic retransmission of authentication token (alternative solution) by [@​JojOatXGME](https://togithub.com/JojOatXGME) in [https://github.com/dorny/test-reporter/pull/438](https://togithub.com/dorny/test-reporter/pull/438) - Update development dependencies by [@​jozefizso](https://togithub.com/jozefizso) in [https://github.com/dorny/test-reporter/pull/442](https://togithub.com/dorny/test-reporter/pull/442) ##### New Contributors - [@​dominicmh](https://togithub.com/dominicmh) made their first contribution in [https://github.com/dorny/test-reporter/pull/426](https://togithub.com/dorny/test-reporter/pull/426) - [@​JojOatXGME](https://togithub.com/JojOatXGME) made their first contribution in [https://github.com/dorny/test-reporter/pull/438](https://togithub.com/dorny/test-reporter/pull/438) **Full Changelog**: dorny/test-reporter@v1.9.0...v1.9.1 </details> <details> <summary>evanw/esbuild (esbuild)</summary> ### [`v0.21.4`](https://togithub.com/evanw/esbuild/blob/HEAD/CHANGELOG.md#0214) [Compare Source](https://togithub.com/evanw/esbuild/compare/v0.21.3...v0.21.4) - Update support for import assertions and import attributes in node ([#​3778](https://togithub.com/evanw/esbuild/issues/3778)) Import assertions (the `assert` keyword) have been removed from node starting in v22.0.0. So esbuild will now strip them and generate a warning with `--target=node22` or above: ▲ [WARNING] The "assert" keyword is not supported in the configured target environment ("node22") [assert-to-with] example.mjs:1:40: 1 │ import json from "esbuild/package.json" assert { type: "json" } │ ~~~~~~ ╵ with Did you mean to use "with" instead of "assert"? Import attributes (the `with` keyword) have been backported to node 18 starting in v18.20.0. So esbuild will no longer strip them with `--target=node18.N` if `N` is 20 or greater. - Fix `for await` transform when a label is present This release fixes a bug where the `for await` transform, which wraps the loop in a `try` statement, previously failed to also move the loop's label into the `try` statement. This bug only affects code that uses both of these features in combination. Here's an example of some affected code: ```js // Original code async function test() { outer: for await (const x of [Promise.resolve([0, 1])]) { for (const y of x) if (y) break outer throw 'fail' } } // Old output (with --target=es6) function test() { return __async(this, null, function* () { outer: try { for (var iter = __forAwait([Promise.resolve([0, 1])]), more, temp, error; more = !(temp = yield iter.next()).done; more = false) { const x = temp.value; for (const y of x) if (y) break outer; throw "fail"; } } catch (temp) { error = [temp]; } finally { try { more && (temp = iter.return) && (yield temp.call(iter)); } finally { if (error) throw error[0]; } } }); } // New output (with --target=es6) function test() { return __async(this, null, function* () { try { outer: for (var iter = __forAwait([Promise.resolve([0, 1])]), more, temp, error; more = !(temp = yield iter.next()).done; more = false) { const x = temp.value; for (const y of x) if (y) break outer; throw "fail"; } } catch (temp) { error = [temp]; } finally { try { more && (temp = iter.return) && (yield temp.call(iter)); } finally { if (error) throw error[0]; } } }); } ``` - Do additional constant folding after cross-module enum inlining ([#​3416](https://togithub.com/evanw/esbuild/issues/3416), [#​3425](https://togithub.com/evanw/esbuild/issues/3425)) This release adds a few more cases where esbuild does constant folding after cross-module enum inlining. ```ts // Original code: enum.ts export enum Platform { WINDOWS = 'windows', MACOS = 'macos', LINUX = 'linux', } // Original code: main.ts import { Platform } from './enum'; declare const PLATFORM: string; export function logPlatform() { if (PLATFORM == Platform.WINDOWS) console.log('Windows'); else if (PLATFORM == Platform.MACOS) console.log('macOS'); else if (PLATFORM == Platform.LINUX) console.log('Linux'); else console.log('Other'); } // Old output (with --bundle '--define:PLATFORM="macos"' --minify --format=esm) function n(){"windows"=="macos"?console.log("Windows"):"macos"=="macos"?console.log("macOS"):"linux"=="macos"?console.log("Linux"):console.log("Other")}export{n as logPlatform}; // New output (with --bundle '--define:PLATFORM="macos"' --minify --format=esm) function n(){console.log("macOS")}export{n as logPlatform}; ``` - Pass import attributes to on-resolve plugins ([#​3384](https://togithub.com/evanw/esbuild/issues/3384), [#​3639](https://togithub.com/evanw/esbuild/issues/3639), [#​3646](https://togithub.com/evanw/esbuild/issues/3646)) With this release, on-resolve plugins will now have access to the import attributes on the import via the `with` property of the arguments object. This mirrors the `with` property of the arguments object that's already passed to on-load plugins. In addition, you can now pass `with` to the `resolve()` API call which will then forward that value on to all relevant plugins. Here's an example of a plugin that can now be written: ```js const examplePlugin = { name: 'Example plugin', setup(build) { build.onResolve({ filter: /.*/ }, args => { if (args.with.type === 'external') return { external: true } }) } } require('esbuild').build({ stdin: { contents: ` import foo from "./foo" with { type: "external" } foo() `, }, bundle: true, format: 'esm', write: false, plugins: [examplePlugin], }).then(result => { console.log(result.outputFiles[0].text) }) ``` - Formatting support for the `@position-try` rule ([#​3773](https://togithub.com/evanw/esbuild/issues/3773)) Chrome shipped this new CSS at-rule in version 125 as part of the [CSS anchor positioning API](https://developer.chrome.com/blog/anchor-positioning-api). With this release, esbuild now knows to expect a declaration list inside of the `@position-try` body block and will format it appropriately. - Always allow internal string import and export aliases ([#​3343](https://togithub.com/evanw/esbuild/issues/3343)) Import and export names can be string literals in ES2022+. Previously esbuild forbid any usage of these aliases when the target was below ES2022. Starting with this release, esbuild will only forbid such usage when the alias would otherwise end up in output as a string literal. String literal aliases that are only used internally in the bundle and are "compiled away" are no longer errors. This makes it possible to use string literal aliases with esbuild's `inject` feature even when the target is earlier than ES2022. ### [`v0.21.3`](https://togithub.com/evanw/esbuild/blob/HEAD/CHANGELOG.md#0213) [Compare Source](https://togithub.com/evanw/esbuild/compare/v0.21.2...v0.21.3) - Implement the decorator metadata proposal ([#​3760](https://togithub.com/evanw/esbuild/issues/3760)) This release implements the [decorator metadata proposal](https://togithub.com/tc39/proposal-decorator-metadata), which is a sub-proposal of the [decorators proposal](https://togithub.com/tc39/proposal-decorators). Microsoft shipped the decorators proposal in [TypeScript 5.0](https://devblogs.microsoft.com/typescript/announcing-typescript-5-0/#decorators) and the decorator metadata proposal in [TypeScript 5.2](https://devblogs.microsoft.com/typescript/announcing-typescript-5-2/#decorator-metadata), so it's important that esbuild also supports both of these features. Here's a quick example: ```js // Shim the "Symbol.metadata" symbol Symbol.metadata ??= Symbol('Symbol.metadata') const track = (_, context) => { (context.metadata.names ||= []).push(context.name) } class Foo { @​track foo = 1 @​track bar = 2 } // Prints ["foo", "bar"] console.log(Foo[Symbol.metadata].names) ``` **⚠️ WARNING⚠️ ** This proposal has been marked as "stage 3" which means "recommended for implementation". However, it's still a work in progress and isn't a part of JavaScript yet, so keep in mind that any code that uses JavaScript decorator metadata may need to be updated as the feature continues to evolve. If/when that happens, I will update esbuild's implementation to match the specification. I will not be supporting old versions of the specification. - Fix bundled decorators in derived classes ([#​3768](https://togithub.com/evanw/esbuild/issues/3768)) In certain cases, bundling code that uses decorators in a derived class with a class body that references its own class name could previously generate code that crashes at run-time due to an incorrect variable name. This problem has been fixed. Here is an example of code that was compiled incorrectly before this fix: ```js class Foo extends Object { @​(x => x) foo() { return Foo } } console.log(new Foo().foo()) ``` - Fix `tsconfig.json` files inside symlinked directories ([#​3767](https://togithub.com/evanw/esbuild/issues/3767)) This release fixes an issue with a scenario involving a `tsconfig.json` file that `extends` another file from within a symlinked directory that uses the `paths` feature. In that case, the implicit `baseURL` value should be based on the real path (i.e. after expanding all symbolic links) instead of the original path. This was already done for other files that esbuild resolves but was not yet done for `tsconfig.json` because it's special-cased (the regular path resolver can't be used because the information inside `tsconfig.json` is involved in path resolution). Note that this fix no longer applies if the `--preserve-symlinks` setting is enabled. ### [`v0.21.2`](https://togithub.com/evanw/esbuild/blob/HEAD/CHANGELOG.md#0212) [Compare Source](https://togithub.com/evanw/esbuild/compare/v0.21.1...v0.21.2) - Correct `this` in field and accessor decorators ([#​3761](https://togithub.com/evanw/esbuild/issues/3761)) This release changes the value of `this` in initializers for class field and accessor decorators from the module-level `this` value to the appropriate `this` value for the decorated element (either the class or the instance). It was previously incorrect due to lack of test coverage. Here's an example of a decorator that doesn't work without this change: ```js const dec = () => function() { this.bar = true } class Foo { @​dec static foo } console.log(Foo.bar) // Should be "true" ``` - Allow `es2023` as a target environment ([#​3762](https://togithub.com/evanw/esbuild/issues/3762)) TypeScript recently [added `es2023`](https://togithub.com/microsoft/TypeScript/pull/58140) as a compilation target, so esbuild now supports this too. There is no difference between a target of `es2022` and `es2023` as far as esbuild is concerned since the 2023 edition of JavaScript doesn't introduce any new syntax features. ### [`v0.21.1`](https://togithub.com/evanw/esbuild/blob/HEAD/CHANGELOG.md#0211) [Compare Source](https://togithub.com/evanw/esbuild/compare/v0.21.0...v0.21.1) - Fix a regression with `--keep-names` ([#​3756](https://togithub.com/evanw/esbuild/issues/3756)) The previous release introduced a regression with the `--keep-names` setting and object literals with `get`/`set` accessor methods, in which case the generated code contained syntax errors. This release fixes the regression: ```js // Original code x = { get y() {} } // Output from version 0.21.0 (with --keep-names) x = { get y: /* @​__PURE__ */ __name(function() { }, "y") }; // Output from this version (with --keep-names) x = { get y() { } }; ``` ### [`v0.21.0`](https://togithub.com/evanw/esbuild/blob/HEAD/CHANGELOG.md#0210) [Compare Source](https://togithub.com/evanw/esbuild/compare/v0.20.2...v0.21.0) This release doesn't contain any deliberately-breaking changes. However, it contains a very complex new feature and while all of esbuild's tests pass, I would not be surprised if an important edge case turns out to be broken. So I'm releasing this as a breaking change release to avoid causing any trouble. As usual, make sure to test your code when you upgrade. - Implement the JavaScript decorators proposal ([#​104](https://togithub.com/evanw/esbuild/issues/104)) With this release, esbuild now contains an implementation of the upcoming [JavaScript decorators proposal](https://togithub.com/tc39/proposal-decorators). This is the same feature that shipped in [TypeScript 5.0](https://devblogs.microsoft.com/typescript/announcing-typescript-5-0/#decorators) and has been highly-requested on esbuild's issue tracker. You can read more about them in that blog post and in this other (now slightly outdated) extensive blog post here: https://2ality.com/2022/10/javascript-decorators.html. Here's a quick example: ```js const log = (fn, context) => function() { console.log(`before ${context.name}`) const it = fn.apply(this, arguments) console.log(`after ${context.name}`) return it } class Foo { @​log static foo() { console.log('in foo') } } // Logs "before foo", "in foo", "after foo" Foo.foo() ``` Note that this feature is different than the existing "TypeScript experimental decorators" feature that esbuild already implements. It uses similar syntax but behaves very differently, and the two are not compatible (although it's sometimes possible to write decorators that work with both). TypeScript experimental decorators will still be supported by esbuild going forward as they have been around for a long time, are very widely used, and let you do certain things that are not possible with JavaScript decorators (such as decorating function parameters). By default esbuild will parse and transform JavaScript decorators, but you can tell esbuild to parse and transform TypeScript experimental decorators instead by setting `"experimentalDecorators": true` in your `tsconfig.json` file. Probably at least half of the work for this feature went into creating a test suite that exercises many of the proposal's edge cases: https://github.com/evanw/decorator-tests. It has given me a reasonable level of confidence that esbuild's initial implementation is acceptable. However, I don't have access to a significant sample of real code that uses JavaScript decorators. If you're currently using JavaScript decorators in a real code base, please try out esbuild's implementation and let me know if anything seems off. **⚠️ WARNING⚠️ ** This proposal has been in the works for a very long time (work began around 10 years ago in 2014) and it is finally getting close to becoming part of the JavaScript language. However, it's still a work in progress and isn't a part of JavaScript yet, so keep in mind that any code that uses JavaScript decorators may need to be updated as the feature continues to evolve. The decorators proposal is pretty close to its final form but it can and likely will undergo some small behavioral adjustments before it ends up becoming a part of the standard. If/when that happens, I will update esbuild's implementation to match the specification. I will not be supporting old versions of the specification. - Optimize the generated code for private methods Previously when lowering private methods for old browsers, esbuild would generate one `WeakSet` for each private method. This mirrors similar logic for generating one `WeakSet` for each private field. Using a separate `WeakMap` for private fields is necessary as their assignment can be observable: ```js let it class Bar { constructor() { it = this } } class Foo extends Bar { #x = 1 #y = null.foo static check() { console.log(#x in it, #y in it) } } try { new Foo } catch {} Foo.check() ``` This prints `true false` because this partially-initialized instance has `#x` but not `#y`. In other words, it's not true that all class instances will always have all of their private fields. However, the assignment of private methods to a class instance is not observable. In other words, it's true that all class instances will always have all of their private methods. This means esbuild can lower private methods into code where all methods share a single `WeakSet`, which is smaller, faster, and uses less memory. Other JavaScript processing tools such as the TypeScript compiler already make this optimization. Here's what this change looks like: ```js // Original code class Foo { #x() { return this.#x() } #y() { return this.#y() } #z() { return this.#z() } } // Old output (--supported:class-private-method=false) var _x, x_fn, _y, y_fn, _z, z_fn; class Foo { constructor() { __privateAdd(this, _x); __privateAdd(this, _y); __privateAdd(this, _z); } } _x = new WeakSet(); x_fn = function() { return __privateMethod(this, _x, x_fn).call(this); }; _y = new WeakSet(); y_fn = function() { return __privateMethod(this, _y, y_fn).call(this); }; _z = new WeakSet(); z_fn = function() { return __privateMethod(this, _z, z_fn).call(this); }; // New output (--supported:class-private-method=false) var _Foo_instances, x_fn, y_fn, z_fn; class Foo { constructor() { __privateAdd(this, _Foo_instances); } } _Foo_instances = new WeakSet(); x_fn = function() { return __privateMethod(this, _Foo_instances, x_fn).call(this); }; y_fn = function() { return __privateMethod(this, _Foo_instances, y_fn).call(this); }; z_fn = function() { return __privateMethod(this, _Foo_instances, z_fn).call(this); }; ``` - Fix an obscure bug with lowering class members with computed property keys When class members that use newer syntax features are transformed for older target environments, they sometimes need to be relocated. However, care must be taken to not reorder any side effects caused by computed property keys. For example, the following code must evaluate `a()` then `b()` then `c()`: ```js class Foo { [a()]() {} [b()]; static { c() } } ``` Previously esbuild did this by shifting the computed property key *forward* to the next spot in the evaluation order. Classes evaluate all computed keys first and then all static class elements, so if the last computed key needs to be shifted, esbuild previously inserted a static block at start of the class body, ensuring it came before all other static class elements: ```js var _a; class Foo { constructor() { __publicField(this, _a); } static { _a = b(); } [a()]() { } static { c(); } } ``` However, this could cause esbuild to accidentally generate a syntax error if the computed property key contains code that isn't allowed in a static block, such as an `await` expression. With this release, esbuild fixes this problem by shifting the computed property key *backward* to the previous spot in the evaluation order instead, which may push it into the `extends` clause or even before the class itself: ```js // Original code class Foo { [a()]() {} [await b()]; static { c() } } // Old output (with --supported:class-field=false) var _a; class Foo { constructor() { __publicField(this, _a); } static { _a = await b(); } [a()]() { } static { c(); } } // New output (with --supported:class-field=false) var _a, _b; class Foo { constructor() { __publicField(this, _a); } [(_b = a(), _a = await b(), _b)]() { } static { c(); } } ``` - Fix some `--keep-names` edge cases The [`NamedEvaluation` syntax-directed operation](https://tc39.es/ecma262/#sec-runtime-semantics-namedevaluation) in the JavaScript specification gives certain anonymous expressions a `name` property depending on where they are in the syntax tree. For example, the following initializers convey a `name` value: ```js var foo = function() {} var bar = class {} console.log(foo.name, bar.name) ``` When you enable esbuild's `--keep-names` setting, esbuild generates additional code to represent this `NamedEvaluation` operation so that the value of the `name` property persists even when the identifiers are renamed (e.g. due to minification). However, I recently learned that esbuild's implementation of `NamedEvaluation` is missing a few cases. Specifically esbuild was missing property definitions, class initializers, logical-assignment operators. These cases should now all be handled: ```js var obj = { foo: function() {} } class Foo0 { foo = function() {} } class Foo1 { static foo = function() {} } class Foo2 { accessor foo = function() {} } class Foo3 { static accessor foo = function() {} } foo ||= function() {} foo &&= function() {} foo ??= function() {} ``` </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v2.25.8`](https://togithub.com/github/codeql-action/compare/v2.25.7...v2.25.8) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.25.7...v2.25.8) ### [`v2.25.7`](https://togithub.com/github/codeql-action/compare/v2.25.6...v2.25.7) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.25.6...v2.25.7) ### [`v2.25.6`](https://togithub.com/github/codeql-action/compare/v2.25.5...v2.25.6) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.25.5...v2.25.6) ### [`v2.25.5`](https://togithub.com/github/codeql-action/compare/v2.25.4...v2.25.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.25.4...v2.25.5) ### [`v2.25.4`](https://togithub.com/github/codeql-action/compare/v2.25.3...v2.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.25.3...v2.25.4) </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) > \[!NOTE]\ > There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag #### What's Changed - 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1366](https://togithub.com/ossf/scorecard-action/pull/1366) - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1374](https://togithub.com/ossf/scorecard-action/pull/1374) - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1377](https://togithub.com/ossf/scorecard-action/pull/1377) For a full changelist of what these include, see the [v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1) and [v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2) release notes. ##### Documentation - 📖 Move token discussion out of main README. by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1279](https://togithub.com/ossf/scorecard-action/pull/1279) - 📖 link to `ossf/scorecard` workflow instead of maintaining an example by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1352](https://togithub.com/ossf/scorecard-action/pull/1352) - 📖 update api links to new scorecard.dev site by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1376](https://togithub.com/ossf/scorecard-action/pull/1376) **Full Changelog**: ossf/scorecard-action@v2.3.1...v2.3.3 ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) </details> <details> <summary>sass/dart-sass (sass)</summary> ### [`v1.77.4`](https://togithub.com/sass/dart-sass/blob/HEAD/CHANGELOG.md#1774) [Compare Source](https://togithub.com/sass/dart-sass/compare/1.77.3...1.77.4) ##### Embedded Sass - Support passing `Version` input for `fatalDeprecations` as string over embedded protocol. - Fix a bug in the JS Embedded Host where `Version` could be incorrectly accepted as input for `silenceDeprecations` and `futureDeprecations` in pure JS. ### [`v1.77.3`](https://togithub.com/sass/dart-sass/blob/HEAD/CHANGELOG.md#1773) [Compare Source](https://togithub.com/sass/dart-sass/compare/1.77.2...1.77.3) ##### Dart API - `Deprecation.duplicateVariableFlags` has been deprecated and replaced with `Deprecation.duplicateVarFlags` to make it consistent with the `duplicate-var-flags` name used on the command line and in the JS API. ### [`v1.77.2`](https://togithub.com/sass/dart-sass/blob/HEAD/CHANGELOG.md#1772) [Compare Source](https://togithub.com/sass/dart-sass/compare/1.77.1...1.77.2) - Don't emit deprecation warnings for functions and mixins beginning with `__`. - Allow user-defined functions whose names begin with `_` and otherwise look like vendor-prefixed functions with special CSS syntax. ##### Command-Line Interface - Properly handle the `--silence-deprecation` flag. - Handle the `--fatal-deprecation` and `--future-deprecation` flags for `--interactive` mode. ### [`v1.77.1`](https://togithub.com/sass/dart-sass/blob/HEAD/CHANGELOG.md#1771) [Compare Source](https://togithub.com/sass/dart-sass/compare/1.77.0...1.77.1) - Fix a crash that could come up with importers in certain contexts. ### [`v1.77.0`](https://togithub.com/sass/dart-sass/blob/HEAD/CHANGELOG.md#1770) [Compare Source](https://togithub.com/sass/dart-sass/compare/1.76.0...1.77.0) - *Don't* throw errors for at-rules in keyframe blocks. </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/AmadeusITGroup/otter). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNzcuOCIsInVwZGF0ZWRJblZlciI6IjM3LjM4OC4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->
mergify bot
added a commit
to robfrank/linklift
that referenced
this pull request
Aug 15, 2025
…updates [skip ci] Bumps the github-actions group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/cache](https://github.com/actions/cache) | `4.2.3` | `4.2.4` | | [docker/login-action](https://github.com/docker/login-action) | `3.4.0` | `3.5.0` | | [graalvm/setup-graalvm](https://github.com/graalvm/setup-graalvm) | `1.3.4` | `1.3.5` | | [mikepenz/release-changelog-builder-action](https://github.com/mikepenz/release-changelog-builder-action) | `5.3.1` | `5.4.1` | | [dorny/test-reporter](https://github.com/dorny/test-reporter) | `2.1.0` | `2.1.1` | | [anchore/scan-action](https://github.com/anchore/scan-action) | `6.4.0` | `6.5.1` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.29.2` | `3.29.8` | | [ruby/setup-ruby](https://github.com/ruby/setup-ruby) | `1.245.0` | `1.254.0` | Updates `actions/cache` from 4.2.3 to 4.2.4 Release notes *Sourced from [actions/cache's releases](https://github.com/actions/cache/releases).* > v4.2.4 > ------ > > What's Changed > -------------- > > * Update README.md by [`@nebuk89`](https://github.com/nebuk89) in [actions/cache#1620](https://redirect.github.com/actions/cache/pull/1620) > * Upgrade `@actions/cache` to `4.0.5` and move `@protobuf-ts/plugin` to dev depdencies by [`@Link`](https://github.com/Link)- in [actions/cache#1634](https://redirect.github.com/actions/cache/pull/1634) > * Prepare release `4.2.4` by [`@Link`](https://github.com/Link)- in [actions/cache#1636](https://redirect.github.com/actions/cache/pull/1636) > > New Contributors > ---------------- > > * [`@nebuk89`](https://github.com/nebuk89) made their first contribution in [actions/cache#1620](https://redirect.github.com/actions/cache/pull/1620) > > **Full Changelog**: <actions/cache@v4...v4.2.4> Changelog *Sourced from [actions/cache's changelog](https://github.com/actions/cache/blob/main/RELEASES.md).* > Releases > ======== > > ### 4.2.4 > > * Bump `@actions/cache` to v4.0.5 > > ### 4.2.3 > > * Bump `@actions/cache` to v4.0.3 (obfuscates SAS token in debug logs for cache entries) > > ### 4.2.2 > > * Bump `@actions/cache` to v4.0.2 > > ### 4.2.1 > > * Bump `@actions/cache` to v4.0.1 > > ### 4.2.0 > > TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. [actions/cache](https://github.com/actions/cache) now integrates with the new cache service (v2) APIs. > > The new service will gradually roll out as of **February 1st, 2025**. The legacy service will also be sunset on the same date. Changes in these release are **fully backward compatible**. > > **We are deprecating some versions of this action**. We recommend upgrading to version `v4` or `v3` as soon as possible before **February 1st, 2025.** (Upgrade instructions below). > > If you are using pinned SHAs, please use the SHAs of versions `v4.2.0` or `v3.4.0` > > If you do not upgrade, all workflow runs using any of the deprecated [actions/cache](https://github.com/actions/cache) will fail. > > Upgrading to the recommended versions will not break your workflows. > > ### 4.1.2 > > * Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - [#1474](https://redirect.github.com/actions/cache/pull/1474) > * Security fix: Bump braces from 3.0.2 to 3.0.3 - [#1475](https://redirect.github.com/actions/cache/pull/1475) > > ### 4.1.1 > > * Restore original behavior of `cache-hit` output - [#1467](https://redirect.github.com/actions/cache/pull/1467) > > ### 4.1.0 > > * Ensure `cache-hit` output is set when a cache is missed - [#1404](https://redirect.github.com/actions/cache/pull/1404) > * Deprecate `save-always` input - [#1452](https://redirect.github.com/actions/cache/pull/1452) > > ### 4.0.2 > > * Fixed restore `fail-on-cache-miss` not working. ... (truncated) Commits * [`0400d5f`](actions/cache@0400d5f) Merge pull request [#1636](https://redirect.github.com/actions/cache/issues/1636) from actions/Link-/release-4.2.4 * [`374a27f`](actions/cache@374a27f) Prepare release 4.2.4 * [`358a730`](actions/cache@358a730) Merge pull request [#1634](https://redirect.github.com/actions/cache/issues/1634) from actions/Link-/optimise-deps * [`2ee706e`](actions/cache@2ee706e) Fix with another approach * [`94f7b5d`](actions/cache@94f7b5d) Fix bundle exec * [`c36116c`](actions/cache@c36116c) Fix the workflow to use licensed from source * [`320fe7d`](actions/cache@320fe7d) Update the licensed workflow to use the latest version * [`d81cc47`](actions/cache@d81cc47) Add licensed output * [`de24398`](actions/cache@de24398) Add licensed output * [`e7b6a9c`](actions/cache@e7b6a9c) `@protobuf-ts/plugin` to dev dependencies * Additional commits viewable in [compare view](actions/cache@5a3ec84...0400d5f) Updates `docker/login-action` from 3.4.0 to 3.5.0 Release notes *Sourced from [docker/login-action's releases](https://github.com/docker/login-action/releases).* > v3.5.0 > ------ > > * Support dual-stack endpoints for AWS ECR by [`@Spacefish`](https://github.com/Spacefish) [`@crazy-max`](https://github.com/crazy-max) in [docker/login-action#874](https://redirect.github.com/docker/login-action/pull/874) [docker/login-action#876](https://redirect.github.com/docker/login-action/pull/876) > * Bump `@aws-sdk/client-ecr` to 3.859.0 in [docker/login-action#860](https://redirect.github.com/docker/login-action/pull/860) [docker/login-action#878](https://redirect.github.com/docker/login-action/pull/878) > * Bump `@aws-sdk/client-ecr-public` to 3.859.0 in [docker/login-action#860](https://redirect.github.com/docker/login-action/pull/860) [docker/login-action#878](https://redirect.github.com/docker/login-action/pull/878) > * Bump `@docker/actions-toolkit` from 0.57.0 to 0.62.1 in [docker/login-action#870](https://redirect.github.com/docker/login-action/pull/870) > * Bump form-data from 2.5.1 to 2.5.5 in [docker/login-action#875](https://redirect.github.com/docker/login-action/pull/875) > > **Full Changelog**: <docker/login-action@v3.4.0...v3.5.0> Commits * [`184bdaa`](docker/login-action@184bdaa) Merge pull request [#878](https://redirect.github.com/docker/login-action/issues/878) from docker/dependabot/npm\_and\_yarn/aws-sdk-dependenc... * [`5c6bc94`](docker/login-action@5c6bc94) chore: update generated content * [`caf4058`](docker/login-action@caf4058) build(deps): bump the aws-sdk-dependencies group with 2 updates * [`ef38ec3`](docker/login-action@ef38ec3) Merge pull request [#860](https://redirect.github.com/docker/login-action/issues/860) from docker/dependabot/npm\_and\_yarn/aws-sdk-dependenc... * [`d52e8ef`](docker/login-action@d52e8ef) chore: update generated content * [`9644ab7`](docker/login-action@9644ab7) build(deps): bump the aws-sdk-dependencies group with 2 updates * [`7abd1d5`](docker/login-action@7abd1d5) Merge pull request [#875](https://redirect.github.com/docker/login-action/issues/875) from docker/dependabot/npm\_and\_yarn/form-data-2.5.5 * [`1a81202`](docker/login-action@1a81202) Merge pull request [#876](https://redirect.github.com/docker/login-action/issues/876) from crazy-max/aws-public-dual-stack * [`d1ab30d`](docker/login-action@d1ab30d) chore: update generated content * [`f25ff28`](docker/login-action@f25ff28) support dual-stack for aws public ecr * Additional commits viewable in [compare view](docker/login-action@74a5d14...184bdaa) Updates `graalvm/setup-graalvm` from 1.3.4 to 1.3.5 Release notes *Sourced from [graalvm/setup-graalvm's releases](https://github.com/graalvm/setup-graalvm/releases).* > v1.3.5 > ------ > > What's Changed > -------------- > > * Update dependencies by [`@fniephaus`](https://github.com/fniephaus) in [graalvm/setup-graalvm#167](https://redirect.github.com/graalvm/setup-graalvm/pull/167) > * Revise `README.md`. by [`@fniephaus`](https://github.com/fniephaus) in [graalvm/setup-graalvm#169](https://redirect.github.com/graalvm/setup-graalvm/pull/169) > * Bump the npm-development group with 10 updates by [`@dependabot`](https://github.com/dependabot)[bot] in [graalvm/setup-graalvm#170](https://redirect.github.com/graalvm/setup-graalvm/pull/170) > * Bump eslint-plugin-jest from 28.12.0 to 29.0.1 by [`@dependabot`](https://github.com/dependabot)[bot] in [graalvm/setup-graalvm#171](https://redirect.github.com/graalvm/setup-graalvm/pull/171) > * Bump form-data from 2.5.3 to 2.5.5 by [`@dependabot`](https://github.com/dependabot)[bot] in [graalvm/setup-graalvm#172](https://redirect.github.com/graalvm/setup-graalvm/pull/172) > * Bump version to `1.3.5`. by [`@fniephaus`](https://github.com/fniephaus) in [graalvm/setup-graalvm#173](https://redirect.github.com/graalvm/setup-graalvm/pull/173) > > **Full Changelog**: <graalvm/setup-graalvm@v1.3.4...v1.3.5> Commits * [`7f488cf`](graalvm/setup-graalvm@7f488cf) Bump version to `1.3.5`. * [`372a804`](graalvm/setup-graalvm@372a804) Use `@actions/github` instead of `@octokit/core`. * [`356b5a6`](graalvm/setup-graalvm@356b5a6) Avoid a warning during testing. * [`6d95698`](graalvm/setup-graalvm@6d95698) Upgrade packages. * [`c7293b6`](graalvm/setup-graalvm@c7293b6) Ensure tests run with token. * [`a13b739`](graalvm/setup-graalvm@a13b739) Bump form-data from 2.5.3 to 2.5.5 * [`7de2d09`](graalvm/setup-graalvm@7de2d09) Bump eslint-plugin-jest from 28.12.0 to 29.0.1 * [`d7feb9d`](graalvm/setup-graalvm@d7feb9d) Bump the npm-development group with 10 updates * [`63e0340`](graalvm/setup-graalvm@63e0340) Revise `README.md`. ([#169](https://redirect.github.com/graalvm/setup-graalvm/issues/169)) * [`8ea6c1f`](graalvm/setup-graalvm@8ea6c1f) Update dependencies * See full diff in [compare view](graalvm/setup-graalvm@e1df20a...7f488cf) Updates `mikepenz/release-changelog-builder-action` from 5.3.1 to 5.4.1 Release notes *Sourced from [mikepenz/release-changelog-builder-action's releases](https://github.com/mikepenz/release-changelog-builder-action/releases).* > v5.4.1 > ------ > > 💬 Other > ------- > > * Improve CI test run report > + PR: [#1463](https://redirect.github.com/mikepenz/release-changelog-builder-action/issues/1463) > > 📦 Dependencies > -------------- > > * Upgrade dependencies > + PR: [#1462](https://redirect.github.com/mikepenz/release-changelog-builder-action/issues/1462) > > Contributors: > ------------- > > * [`@mikepenz`](https://github.com/mikepenz) > > v5.4.0 > ------ > > 🚀 Features > ---------- > > * Add new `offlineMode` > + PR: [#1460](https://redirect.github.com/mikepenz/release-changelog-builder-action/issues/1460) > > Contributors: > ------------- > > * [`@mikepenz`](https://github.com/mikepenz) Commits * [`c9dc836`](mikepenz/release-changelog-builder-action@c9dc836) Merge pull request [#1465](https://redirect.github.com/mikepenz/release-changelog-builder-action/issues/1465) from mikepenz/develop * [`825abd1`](mikepenz/release-changelog-builder-action@825abd1) Merge pull request [#1463](https://redirect.github.com/mikepenz/release-changelog-builder-action/issues/1463) from mikepenz/ci/impr * [`59e4e52`](mikepenz/release-changelog-builder-action@59e4e52) Merge pull request [#1462](https://redirect.github.com/mikepenz/release-changelog-builder-action/issues/1462) from mikepenz/feature/dependency\_upgrades * [`e1c7bbf`](mikepenz/release-changelog-builder-action@e1c7bbf) - combined run for tests to get a full report * [`981311d`](mikepenz/release-changelog-builder-action@981311d) - upgrade dependencies `globals`, and ton of dev dependencies * [`e97a713`](mikepenz/release-changelog-builder-action@e97a713) Merge pull request [#1461](https://redirect.github.com/mikepenz/release-changelog-builder-action/issues/1461) from mikepenz/develop * [`af5898d`](mikepenz/release-changelog-builder-action@af5898d) Merge pull request [#1460](https://redirect.github.com/mikepenz/release-changelog-builder-action/issues/1460) from mikepenz/feature/1459 * [`6c979ed`](mikepenz/release-changelog-builder-action@6c979ed) - also test the offline variant * [`8357bc6`](mikepenz/release-changelog-builder-action@8357bc6) - make sure we reset env prior to the next test * [`0f359e3`](mikepenz/release-changelog-builder-action@0f359e3) - apply codeQL rule * Additional commits viewable in [compare view](mikepenz/release-changelog-builder-action@5fb6e51...c9dc836) Updates `dorny/test-reporter` from 2.1.0 to 2.1.1 Release notes *Sourced from [dorny/test-reporter's releases](https://github.com/dorny/test-reporter/releases).* > v2.1.1 > ------ > > A bug fix release of the `test-reporter` action. > > What's Changed > -------------- > > * Use if: '!cancelled()' by [`@Vampire`](https://github.com/Vampire) in [dorny/test-reporter#576](https://redirect.github.com/dorny/test-reporter/pull/576) > * Update packages to latest minor releases by [`@jozefizso`](https://github.com/jozefizso) in [dorny/test-reporter#599](https://redirect.github.com/dorny/test-reporter/pull/599) > * Add step summary short summary by [`@OlesGalatsan`](https://github.com/OlesGalatsan) in [dorny/test-reporter#589](https://redirect.github.com/dorny/test-reporter/pull/589) > * Return links to summary report by [`@OlesGalatsan`](https://github.com/OlesGalatsan) in [dorny/test-reporter#588](https://redirect.github.com/dorny/test-reporter/pull/588) > * Add type definitions to `github-utils.ts` by [`@jozefizso`](https://github.com/jozefizso) in [dorny/test-reporter#604](https://redirect.github.com/dorny/test-reporter/pull/604) > * Configure markdown linting rules by [`@jozefizso`](https://github.com/jozefizso) in [dorny/test-reporter#605](https://redirect.github.com/dorny/test-reporter/pull/605) > * List only failed tests by [`@jozefizso`](https://github.com/jozefizso) in [dorny/test-reporter#606](https://redirect.github.com/dorny/test-reporter/pull/606) > * Add stack trace from trx to summary by [`@dboriichuk`](https://github.com/dboriichuk) in [dorny/test-reporter#615](https://redirect.github.com/dorny/test-reporter/pull/615) > * Update development dependencies by [`@jozefizso`](https://github.com/jozefizso) in [dorny/test-reporter#628](https://redirect.github.com/dorny/test-reporter/pull/628) > * Fix error when a TestMethod element does not have a className attribute in a trx file by [`@0xced`](https://github.com/0xced) in [dorny/test-reporter#623](https://redirect.github.com/dorny/test-reporter/pull/623) > * test-reporter release v2.1.1 by [`@jozefizso`](https://github.com/jozefizso) in [dorny/test-reporter#638](https://redirect.github.com/dorny/test-reporter/pull/638) > > New Contributors > ---------------- > > * [`@dboriichuk`](https://github.com/dboriichuk) made their first contribution in [dorny/test-reporter#615](https://redirect.github.com/dorny/test-reporter/pull/615) > * [`@0xced`](https://github.com/0xced) made their first contribution in [dorny/test-reporter#623](https://redirect.github.com/dorny/test-reporter/pull/623) > > **Full Changelog**: <dorny/test-reporter@v2.1.0...v2.1.1> Changelog *Sourced from [dorny/test-reporter's changelog](https://github.com/dorny/test-reporter/blob/main/CHANGELOG.md).* > Changelog > ========= > > 2.1.1 > ----- > > * Fix error when a TestMethod element does not have a className attribute in a trx file [dorny/test-reporter#623](https://redirect.github.com/dorny/test-reporter/pull/623) > * Add stack trace from trx to summary [dorny/test-reporter#615](https://redirect.github.com/dorny/test-reporter/pull/615) > * List only failed tests [dorny/test-reporter#606](https://redirect.github.com/dorny/test-reporter/pull/606) > * Add type definitions to `github-utils.ts` [dorny/test-reporter#604](https://redirect.github.com/dorny/test-reporter/pull/604) > * Avoid split on undefined [dorny/test-reporter#258](https://redirect.github.com/dorny/test-reporter/pull/258) > * Return links to summary report [dorny/test-reporter#588](https://redirect.github.com/dorny/test-reporter/pull/588) > * Add step summary short summary [dorny/test-reporter#589](https://redirect.github.com/dorny/test-reporter/pull/589) > * Fix for empty TRX TestDefinitions [dorny/test-reporter#582](https://redirect.github.com/dorny/test-reporter/pull/582) > * Increase step summary limit to 1MiB [dorny/test-reporter#581](https://redirect.github.com/dorny/test-reporter/pull/581) > * Fix input description for list options [dorny/test-reporter#572](https://redirect.github.com/dorny/test-reporter/pull/572) > > 2.1.0 > ----- > > * Feature: Add summary title [dorny/test-reporter#568](https://redirect.github.com/dorny/test-reporter/pull/568) > * Feature: Add Golang test parser [dorny/test-reporter#571](https://redirect.github.com/dorny/test-reporter/pull/571) > * Increase step summary limit to 1MiB [dorny/test-reporter#581](https://redirect.github.com/dorny/test-reporter/pull/581) > * Fix for empty TRX TestDefinitions [dorny/test-reporter#582](https://redirect.github.com/dorny/test-reporter/pull/582) > * Fix input description for list options [dorny/test-reporter#572](https://redirect.github.com/dorny/test-reporter/pull/572) > * Update npm packages [dorny/test-reporter#583](https://redirect.github.com/dorny/test-reporter/pull/583) > > 2.0.0 > ----- > > * Parse JUnit report with detailed message in failure [dorny/test-reporter#559](https://redirect.github.com/dorny/test-reporter/pull/559) > * Support displaying test results in markdown using GitHub Actions Job Summaries [dorny/test-reporter#383](https://redirect.github.com/dorny/test-reporter/pull/383) > > 1.9.1 > ----- > > * Fix problematic retransmission of authentication token [dorny/test-reporter#438](https://redirect.github.com/dorny/test-reporter/pull/438) > * Report correct number of tests in Dart [dorny/test-reporter#426](https://redirect.github.com/dorny/test-reporter/pull/426) > * Number of completed tests mismatches passed/failed [dorny/test-reporter#319](https://redirect.github.com/dorny/test-reporter/issues/319) > > 1.9.0 > ----- > > * Add support for Rspec (Ruby) [dorny/test-reporter#398](https://redirect.github.com/dorny/test-reporter/pull/398) > > 1.8.0 > ----- > > * Add `SwiftXunitParser` class based on `JavaJunitParser` for `swift-xunit` reporter [dorny/test-reporter#317](https://redirect.github.com/dorny/test-reporter/pull/317) > * Use NodeJS 18 LTS as default runtime [dorny/test-reporter#332](https://redirect.github.com/dorny/test-reporter/pull/332) > * Escape `<>` characters in suite name [dorny/test-reporter#236](https://redirect.github.com/dorny/test-reporter/pull/236) > * Update actions runtime to Node20 [dorny/test-reporter#315](https://redirect.github.com/dorny/test-reporter/pull/315) > * Update check title and remove icon [dorny/test-reporter#144](https://redirect.github.com/dorny/test-reporter/pull/144) > > 1.7.0 > ----- > > * Fix [#199](https://redirect.github.com/dorny/test-reporter/issues/199): Use ✅ instead of ✔️ for better cross platform look by [`@petrdvorak`](https://github.com/petrdvorak) in [dorny/test-reporter#200](https://redirect.github.com/dorny/test-reporter/pull/200) > * Verify content of dist/ folder matches build output by [`@dorny`](https://github.com/dorny) in [dorny/test-reporter#207](https://redirect.github.com/dorny/test-reporter/pull/207) > * Gracefully handle empty nested testsuite elements for JUnit. by [`@rvdlaarschot`](https://github.com/rvdlaarschot) in [dorny/test-reporter#193](https://redirect.github.com/dorny/test-reporter/pull/193) > * Gracefully handle empty failure tags by [`@haudren-woven`](https://github.com/haudren-woven) in [dorny/test-reporter#213](https://redirect.github.com/dorny/test-reporter/pull/213) > * Fix [#208](https://redirect.github.com/dorny/test-reporter/issues/208) - java-junit: show annotations on PR changed files by [`@atsu85`](https://github.com/atsu85) in [dorny/test-reporter#209](https://redirect.github.com/dorny/test-reporter/pull/209) > * Only report failure if fail-on-error is set by [`@trond-snekvik`](https://github.com/trond-snekvik) in [dorny/test-reporter#214](https://redirect.github.com/dorny/test-reporter/pull/214) > * Improve clarity on configuring for forkable repos by [`@abelbraaksma`](https://github.com/abelbraaksma) in [dorny/test-reporter#211](https://redirect.github.com/dorny/test-reporter/pull/211) > * Suppress "Processing test results from" log by [`@vasanthdharmaraj`](https://github.com/vasanthdharmaraj) in [dorny/test-reporter#179](https://redirect.github.com/dorny/test-reporter/pull/179) ... (truncated) Commits * [`dc3a926`](dorny/test-reporter@dc3a926) test-reporter release v2.1.1 * [`e8e2736`](dorny/test-reporter@e8e2736) test-reporter release v2.1.1 * [`ec9d9d2`](dorny/test-reporter@ec9d9d2) Merge pull request [#623](https://redirect.github.com/dorny/test-reporter/issues/623) from 0xced/xunitv3-trx * [`be36461`](dorny/test-reporter@be36461) Fix code formatting in the `dotnet-trx.tests.ts` file * [`8dd7047`](dorny/test-reporter@8dd7047) Merge pull request [#628](https://redirect.github.com/dorny/test-reporter/issues/628) from dorny/chore/update\_packages * [`71814ae`](dorny/test-reporter@71814ae) Update development dependencies * [`4128d36`](dorny/test-reporter@4128d36) Use "Unclassified" when no class name is available * [`d1504ea`](dorny/test-reporter@d1504ea) Add test on a trx report where the className attribute of TestMethod is missing * [`18430db`](dorny/test-reporter@18430db) Merge pull request [#615](https://redirect.github.com/dorny/test-reporter/issues/615) from dboriichuk/trx-stack-trace-summary * [`ae8bd19`](dorny/test-reporter@ae8bd19) Add stack tracke to summary * Additional commits viewable in [compare view](dorny/test-reporter@890a17c...dc3a926) Updates `anchore/scan-action` from 6.4.0 to 6.5.1 Release notes *Sourced from [anchore/scan-action's releases](https://github.com/anchore/scan-action/releases).* > v6.5.1 > ------ > > New in scan-action v6.5.1 > ------------------------- > > * Update Grype to v0.97.1 ([#495](https://redirect.github.com/anchore/scan-action/issues/495)) > > v6.5.0 > ------ > > New in scan-action v6.5.0 > ------------------------- > > * Update Grype to v0.96.1 ([#493](https://redirect.github.com/anchore/scan-action/issues/493)) [[[anchore-actions-token-generator[bot]](https://github.com/apps/anchore-actions-token-generator)]([https://github.com/[anchore-actions-token-generator[bot]](https://github.com/apps/anchore-actions-token-generator))]](https://github.com/%5Banchore-actions-token-generator%5Bbot%5D%5D(https://github.com/apps/anchore-actions-token-generator))%5D) > * fix: output stderr for nonzero exit code ([#491](https://redirect.github.com/anchore/scan-action/issues/491)) [[kzantow](https://github.com/kzantow)] Commits * [`1638637`](anchore/scan-action@1638637) chore(deps-dev): bump eslint from 9.31.0 to 9.32.0 ([#494](https://redirect.github.com/anchore/scan-action/issues/494)) * [`a834544`](anchore/scan-action@a834544) chore(deps): update Grype to v0.97.1 ([#495](https://redirect.github.com/anchore/scan-action/issues/495)) * [`df39580`](anchore/scan-action@df39580) chore(deps-dev): bump jest from 30.0.4 to 30.0.5 ([#492](https://redirect.github.com/anchore/scan-action/issues/492)) * [`e4ff89e`](anchore/scan-action@e4ff89e) chore(deps): update Grype to v0.96.1 ([#493](https://redirect.github.com/anchore/scan-action/issues/493)) * [`b8370fa`](anchore/scan-action@b8370fa) fix: output stderr to log, more accurate nonzero exit code behavior ([#491](https://redirect.github.com/anchore/scan-action/issues/491)) * [`a0ef9a0`](anchore/scan-action@a0ef9a0) chore(deps-dev): bump jest from 30.0.3 to 30.0.4 ([#487](https://redirect.github.com/anchore/scan-action/issues/487)) * [`0fc8134`](anchore/scan-action@0fc8134) chore(deps-dev): bump eslint from 9.30.1 to 9.31.0 ([#488](https://redirect.github.com/anchore/scan-action/issues/488)) * [`0743469`](anchore/scan-action@0743469) chore(deps): update Grype to v0.96.0 ([#489](https://redirect.github.com/anchore/scan-action/issues/489)) * See full diff in [compare view](anchore/scan-action@16910ac...1638637) Updates `github/codeql-action` from 3.29.2 to 3.29.8 Release notes *Sourced from [github/codeql-action's releases](https://github.com/github/codeql-action/releases).* > v3.29.8 > ------- > > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > 3.29.8 - 08 Aug 2025 > -------------------- > > * Fix an issue where the Action would autodetect unsupported languages such as HTML. [#3015](https://redirect.github.com/github/codeql-action/pull/3015) > > See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.29.8/CHANGELOG.md) for more information. > > v3.29.7 > ------- > > This is a re-release of v3.29.5 to mitigate an issue that was discovered with v3.29.6. > > v3.29.6 > ------- > > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > 3.29.6 - 07 Aug 2025 > -------------------- > > * The `cleanup-level` input to the `analyze` Action is now deprecated. The CodeQL Action has written a limited amount of intermediate results to the database since version 2.2.5, and now automatically manages cleanup. [#2999](https://redirect.github.com/github/codeql-action/pull/2999) > * Update default CodeQL bundle version to 2.22.3. [#3000](https://redirect.github.com/github/codeql-action/pull/3000) > > See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.29.6/CHANGELOG.md) for more information. > > v3.29.5 > ------- > > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > 3.29.5 - 29 Jul 2025 > -------------------- > > * Update default CodeQL bundle version to 2.22.2. [#2986](https://redirect.github.com/github/codeql-action/pull/2986) > > See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.29.5/CHANGELOG.md) for more information. > > v3.29.4 > ------- > > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > 3.29.4 - 23 Jul 2025 > -------------------- > > No user facing changes. > > See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.29.4/CHANGELOG.md) for more information. > > v3.29.3 > ------- > > CodeQL Action Changelog > ======================= ... (truncated) Changelog *Sourced from [github/codeql-action's changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md).* > CodeQL Action Changelog > ======================= > > See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. > > [UNRELEASED] > ------------ > > No user facing changes. > > 3.29.8 - 08 Aug 2025 > -------------------- > > * Fix an issue where the Action would autodetect unsupported languages such as HTML. [#3015](https://redirect.github.com/github/codeql-action/pull/3015) > > 3.29.7 - 07 Aug 2025 > -------------------- > > This release rolls back 3.29.6 to address issues with language autodetection. It is identical to 3.29.5. > > 3.29.6 - 07 Aug 2025 > -------------------- > > * The `cleanup-level` input to the `analyze` Action is now deprecated. The CodeQL Action has written a limited amount of intermediate results to the database since version 2.2.5, and now automatically manages cleanup. [#2999](https://redirect.github.com/github/codeql-action/pull/2999) > * Update default CodeQL bundle version to 2.22.3. [#3000](https://redirect.github.com/github/codeql-action/pull/3000) > > 3.29.5 - 29 Jul 2025 > -------------------- > > * Update default CodeQL bundle version to 2.22.2. [#2986](https://redirect.github.com/github/codeql-action/pull/2986) > > 3.29.4 - 23 Jul 2025 > -------------------- > > No user facing changes. > > 3.29.3 - 21 Jul 2025 > -------------------- > > No user facing changes. > > 3.29.2 - 30 Jun 2025 > -------------------- > > * Experimental: When the `quality-queries` input for the `init` action is provided with an argument, separate `.quality.sarif` files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. [#2935](https://redirect.github.com/github/codeql-action/pull/2935) > > 3.29.1 - 27 Jun 2025 > -------------------- > > * Fix bug in PR analysis where user-provided `include` query filter fails to exclude non-included queries. [#2938](https://redirect.github.com/github/codeql-action/pull/2938) > * Update default CodeQL bundle version to 2.22.1. [#2950](https://redirect.github.com/github/codeql-action/pull/2950) > > 3.29.0 - 11 Jun 2025 > -------------------- > > * Update default CodeQL bundle version to 2.22.0. [#2925](https://redirect.github.com/github/codeql-action/pull/2925) > * Bump minimum CodeQL bundle version to 2.16.6. [#2912](https://redirect.github.com/github/codeql-action/pull/2912) > > 3.28.21 - 28 July 2025 > ---------------------- > > No user facing changes. ... (truncated) Commits * [`76621b6`](github/codeql-action@76621b6) Merge pull request [#3019](https://redirect.github.com/github/codeql-action/issues/3019) from github/update-v3.29.8-679a40d33 * [`29ac3ce`](github/codeql-action@29ac3ce) Add release notes for 3.29.7 * [`737cfde`](github/codeql-action@737cfde) Update changelog for v3.29.8 * [`679a40d`](github/codeql-action@679a40d) Merge pull request [#3014](https://redirect.github.com/github/codeql-action/issues/3014) from github/henrymercer/rebuild-dispatch * [`6fe50b2`](github/codeql-action@6fe50b2) Merge pull request [#3015](https://redirect.github.com/github/codeql-action/issues/3015) from github/henrymercer/language-autodetection-worka... * [`6bc91d6`](github/codeql-action@6bc91d6) Add changelog note * [`6b4fedc`](github/codeql-action@6b4fedc) Bump Action patch version * [`5794ffc`](github/codeql-action@5794ffc) Fix auto-detection of extractors that aren't languages * [`bd62bf4`](github/codeql-action@bd62bf4) Finish in-progress merges * [`2afb4e6`](github/codeql-action@2afb4e6) Avoid specifying branch unnecessarily * Additional commits viewable in [compare view](github/codeql-action@181d5ee...76621b6) Updates `ruby/setup-ruby` from 1.245.0 to 1.254.0 Release notes *Sourced from [ruby/setup-ruby's releases](https://github.com/ruby/setup-ruby/releases).* > v1.254.0 > -------- > > What's Changed > -------------- > > * Bump form-data from 2.5.3 to 2.5.5 by [`@dependabot`](https://github.com/dependabot)[bot] in [ruby/setup-ruby#782](https://redirect.github.com/ruby/setup-ruby/pull/782) > * Bump brace-expansion from 1.1.11 to 1.1.12 by [`@dependabot`](https://github.com/dependabot)[bot] in [ruby/setup-ruby#779](https://redirect.github.com/ruby/setup-ruby/pull/779) > * Use case-insensitive key comparison for cache keys by [`@BytewaveMLP`](https://github.com/BytewaveMLP) in [ruby/setup-ruby#660](https://redirect.github.com/ruby/setup-ruby/pull/660) > > New Contributors > ---------------- > > * [`@BytewaveMLP`](https://github.com/BytewaveMLP) made their first contribution in [ruby/setup-ruby#660](https://redirect.github.com/ruby/setup-ruby/pull/660) > > **Full Changelog**: <ruby/setup-ruby@v1.253.0...v1.254.0> > > v1.253.0 > -------- > > What's Changed > -------------- > > * Add printing of the lockfile after installation (retry) by [`@Fryguy`](https://github.com/Fryguy) in [ruby/setup-ruby#790](https://redirect.github.com/ruby/setup-ruby/pull/790) > > **Full Changelog**: <ruby/setup-ruby@v1.252.0...v1.253.0> > > v1.252.0 > -------- > > What's Changed > -------------- > > * Revert "Add printing of the lockfile after installation" by [`@eregon`](https://github.com/eregon) in [ruby/setup-ruby#789](https://redirect.github.com/ruby/setup-ruby/pull/789) > > **Full Changelog**: <ruby/setup-ruby@v1.251.0...v1.252.0> > > v1.251.0 > -------- > > What's Changed > -------------- > > * Add printing of the lockfile after installation by [`@Fryguy`](https://github.com/Fryguy) in [ruby/setup-ruby#785](https://redirect.github.com/ruby/setup-ruby/pull/785) > > **Full Changelog**: <ruby/setup-ruby@v1.250.0...v1.251.0> > > v1.250.0 > -------- > > What's Changed > -------------- > > * Update CRuby releases on Windows by [`@ruby-builder-bot`](https://github.com/ruby-builder-bot) in [ruby/setup-ruby#786](https://redirect.github.com/ruby/setup-ruby/pull/786) > > **Full Changelog**: <ruby/setup-ruby@v1.249.0...v1.250.0> > > v1.249.0 > -------- > > What's Changed > -------------- > > * Add ruby-3.2.9,ruby-3.3.9 by [`@ruby-builder-bot`](https://github.com/ruby-builder-bot) in [ruby/setup-ruby#784](https://redirect.github.com/ruby/setup-ruby/pull/784) > > **Full Changelog**: <ruby/setup-ruby@v1.248.0...v1.249.0> > > v1.248.0 > -------- > > What's Changed > -------------- > > * Add jruby-10.0.1.0 by [`@ruby-builder-bot`](https://github.com/ruby-builder-bot) in [ruby/setup-ruby#781](https://redirect.github.com/ruby/setup-ruby/pull/781) ... (truncated) Commits * [`2a7b300`](ruby/setup-ruby@2a7b300) Rename to `isExactCacheKeyMatch` * [`78876b7`](ruby/setup-ruby@78876b7) Use case-insensitive key comparsion for cache keys * [`3ec1ec0`](ruby/setup-ruby@3ec1ec0) Bump brace-expansion from 1.1.11 to 1.1.12 * [`45dc484`](ruby/setup-ruby@45dc484) Bump form-data from 2.5.3 to 2.5.5 * [`bb6434c`](ruby/setup-ruby@bb6434c) Add non-null check * [`ba9e71c`](ruby/setup-ruby@ba9e71c) Add printing of the lockfile after installation * [`0ecad18`](ruby/setup-ruby@0ecad18) Revert "Add printing of the lockfile after installation" * [`e8621f0`](ruby/setup-ruby@e8621f0) Add printing of the lockfile after installation * [`bd6859c`](ruby/setup-ruby@bd6859c) Use core.group() instead of startGroup/endGroup * [`223e443`](ruby/setup-ruby@223e443) Update CRuby releases on Windows * Additional commits viewable in [compare view](ruby/setup-ruby@a4effe4...2a7b300) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Here is an alternative solution to #436. It delegates the redirect-handling to the
gotlibrary, instead of fixing the manual handling. This should fix #343 and fix #363, just as the original solution.