Skip to content

Comments

Bump actions/setup-go from 2 to 3#32

Merged
shizhMSFT merged 1 commit intomainfrom
dependabot/github_actions/actions/setup-go-3
Apr 27, 2022
Merged

Bump actions/setup-go from 2 to 3#32
shizhMSFT merged 1 commit intomainfrom
dependabot/github_actions/actions/setup-go-3

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 11, 2022

Bumps actions/setup-go from 2 to 3.

Release notes

Sourced from actions/setup-go's releases.

v3.0.0

What's Changed

Breaking Changes

With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.

This new major release removes the stable input, so there is no need to specify additional input to use pre-release versions. This release also corrects the pre-release versions syntax to satisfy the SemVer notation (1.18.0-beta1 -> 1.18.0-beta.1, 1.18.0-rc1 -> 1.18.0-rc.1).

steps:
  - uses: actions/checkout@v2
  - uses: actions/setup-go@v3
    with:
      go-version: '1.18.0-rc.1' 
  - run: go version

Add check-latest input

In scope of this release we add the check-latest input. If check-latest is set to true, the action first checks if the cached version is the latest one. If the locally cached version is not the most up-to-date, a Go version will then be downloaded from go-versions repository. By default check-latest is set to false. Example of usage:

steps:
  - uses: actions/checkout@v2
  - uses: actions/setup-go@v2
    with:
      go-version: '1.16'
      check-latest: true
  - run: go version

Moreover, we updated @actions/core from 1.2.6 to 1.6.0

v2.1.5

In scope of this release we updated matchers.json to improve the problem matcher pattern. For more information please refer to this pull request

v2.1.4

What's Changed

New Contributors

Full Changelog: actions/setup-go@v2.1.3...v2.1.4

v2.1.3

  • Updated communication with runner to use environment files rather then workflow commands

v2.1.2

This release includes vendored licenses for this action's npm dependencies.

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump actions/setup-go from 2 to 3
38b067b 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2 to 3.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from a team April 11, 2022 00:47
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 11, 2022
shizhMSFT
shizhMSFT approved these changes Apr 27, 2022
View reviewed changes
Copy link
Contributor

@shizhMSFT shizhMSFT left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@shizhMSFT shizhMSFT merged commit 4ff60ca into main Apr 27, 2022
@shizhMSFT shizhMSFT deleted the dependabot/github_actions/actions/setup-go-3 branch April 27, 2022 05:29
rgnote pushed a commit to rgnote/notation-go that referenced this pull request May 3, 2022
@dependabot @rgnote
Bump actions/setup-go from 2 to 3 (notaryproject#32)
aabadeb 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2 to 3.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: rgnote <5878554+rgnote@users.noreply.github.com>
qmuntal pushed a commit to qmuntal/notation-go that referenced this pull request May 5, 2022
@dependabot @qmuntal
Bump actions/setup-go from 2 to 3 (notaryproject#32)
01a45db 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2 to 3.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: qmuntal <qmuntaldiaz@microsoft.com>
SteveLasker pushed a commit that referenced this pull request May 18, 2022
@qmuntal @gokarnm
Implement generate signature plugin workflow (#42)
4075375 
* implement plugin manager
* ignore symlinks
* fix Manager.Command
* export constants
* improve error message
* move manager to its own package
* change metadata error messages
* improve the plugin manager interface
* implement plugin.Run
* add plugin signer
* improve Manager.Run
* base64 encode payload
* fix supported algs
* create envelope
* remove Command.Capability() and Command.NewResponse()
* add DescribeKey command
* remove command validation
* plugin cleanup
* base64 encode signature
* ignore symlinked plugin directories
* suuport plugin key spec
* pass signing payload as ascii string
* fix rsa method
* define KeySpec
* add signing tests
* Bump actions/setup-go from 2 to 3 (#32)
* Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2 to 3.
* [Release notes](https://github.com/actions/setup-go/releases)
* [Commits](actions/setup-go@v2...v3)
* updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
* Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3.0.1.
* [Release notes](https://github.com/actions/cache/releases)
* [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
* [Commits](actions/cache@v2...v3.0.1)
* Bump github.com/golang-jwt/jwt/v4 from 4.3.0 to 4.4.1 (#29)
* Bumps [github.com/golang-jwt/jwt/v4](https://github.com/golang-jwt/jwt) from 4.3.0 to 4.4.1.
* [Release notes](https://github.com/golang-jwt/jwt/releases)
* [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
* [Commits](golang-jwt/jwt@v4.3.0...v4.4.1)
* check extension ID length and add tests
* fail on empty certificate chain
* create and use spec package
* dedup notaryClaim
* remove support for multiple signature envelope
* move payload creation to where it's needed
* add missing json tags
* use correct header encoding
* rename NewManager to New and add root param
* remove artifact type from descriptor
* dedup jwt.Token creation
* simpligy running plugin command
* update plugin spec
* check runner response type
* remove spec/v1 directory
* Revert "remove support for multiple signature envelope"
* don't check timestamp certificate
* define SignatureAlgorithm in spec
* Update plugin implementation with latest spec
* improve plugin error report
* add x5c comment
* simplify runner interface
* remove spec package
* pr feedback
* Apply suggestions from code review
Signed-off-by: qmuntal <qmuntaldiaz@microsoft.com>
Co-authored-by: Milind Gokarn <milind81@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@shizhMSFT shizhMSFT shizhMSFT approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@shizhMSFT