Skip to content

Bump the actions group across 1 directory with 2 updates #1389

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump the actions group across 1 directory with 2 updates #1389

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 7, 2025
edited
Loading

Bumps the actions group with 2 updates in the / directory: scientific-python/upload-nightly-action and actions/create-github-app-token.

Updates scientific-python/upload-nightly-action from 0.6.1 to 0.6.2

Release notes

Sourced from scientific-python/upload-nightly-action's releases.

0.6.2

0.6.2 updates to use anaconda-client v1.13.0 and Python 3.13. The entire lock file is updated to pick up any security fixes.

What's Changed

Internal and testing

Full Changelog: scientific-python/upload-nightly-action@0.6.1...0.6.2

Commits
  • b36e8c0 MNT: Update to anaconda-client v1.13.0 and project version v0.6.2 (#126)
  • 7093839 Build(deps): Bump the actions group with 2 updates (#122)
  • 07ba11e Build(deps): Bump the actions group with 3 updates (#121)
  • a715c4f Build(deps): Bump the actions group with 2 updates (#118)
  • c7f3f25 DOC: Clarify service is Anaconda.org (#116)
  • c7296da Build(deps): Bump the actions group with 2 updates (#115)
  • 3eda6b5 DEP: Changing dependabot to be monthly (#114)
  • 075f05d Build(deps): Bump the actions group with 3 updates (#113)
  • dbe0cec Build(deps): Bump astral-sh/setup-uv in the actions group (#109)
  • d296150 Build(deps): Bump astral-sh/setup-uv in the actions group (#108)
  • Additional commits viewable in compare view

Updates actions/create-github-app-token from 1 to 2

Release notes

Sourced from actions/create-github-app-token's releases.

v2.0.0

2.0.0 (2025-04-03)

BREAKING CHANGES

  • Removed deprecated inputs (app_id, private_key, skip_token_revoke) and made app-id and private-key required in the action configuration.

v1.12.0

1.12.0 (2025-03-27)

Features

v1.11.7

1.11.7 (2025-03-20)

Bug Fixes

  • deps: bump undici from 5.28.4 to 7.5.0 (#214) (a24b46a)

v1.11.6

1.11.6 (2025-03-03)

Bug Fixes

  • deps: bump the production-dependencies group with 2 updates (#210) (1ff1dea)

v1.11.5

1.11.5 (2025-02-15)

Bug Fixes

... (truncated)

Commits
  • 3ff1caa build(release): 2.0.2 [skip ci]
  • eaef294 fix: improve log messages for token creation (#226)
  • 86e2496 build(release): 2.0.1 [skip ci]
  • 2411bfc fix(deps): bump the production-dependencies group across 1 directory with 2 u...
  • f17d09a build(deps-dev): bump the development-dependencies group with 3 updates (#225)
  • e250d17 ci(update-permission-inputs): add permissions (#230)
  • ed258b4 Rename workflow
  • 5c652ca Update update-inputs.yml
  • 60ee75d ci(update-inputs): create initial version (#229)
  • 064492a build(release): 2.0.0 [skip ci]
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 7, 2025
@dependabot
Bump the actions group across 1 directory with 2 updates
28c3e48 
Bumps the actions group with 2 updates in the / directory: [scientific-python/upload-nightly-action](https://github.com/scientific-python/upload-nightly-action) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `scientific-python/upload-nightly-action` from 0.6.1 to 0.6.2
- [Release notes](https://github.com/scientific-python/upload-nightly-action/releases)
- [Commits](scientific-python/upload-nightly-action@82396a2...b36e8c0)

Updates `actions/create-github-app-token` from 1 to 2
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](actions/create-github-app-token@v1...v2)

---
updated-dependencies:
- dependency-name: scientific-python/upload-nightly-action
  dependency-version: 0.6.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
- dependency-name: actions/create-github-app-token
  dependency-version: '2'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/github_actions/actions-b5c992de76 branch from 5be3b7a to 28c3e48 Compare April 14, 2025 22:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code maintenance
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants