-
Notifications
You must be signed in to change notification settings - Fork 323
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump actions/create-github-app-token from 1.10.3 to 1.11.0 in the actions group #2485
Bump actions/create-github-app-token from 1.10.3 to 1.11.0 in the actions group #2485
Conversation
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
Hm...
@aeisenberg do you think the current failure is related to #2474? |
Perhaps we could add a condition like |
Bumps the actions group with 1 update: [actions/create-github-app-token](https://github.com/actions/create-github-app-token). Updates `actions/create-github-app-token` from 1.10.3 to 1.11.0 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](actions/create-github-app-token@31c86eb...5d869da) --- updated-dependencies: - dependency-name: actions/create-github-app-token dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <[email protected]>
fb777f4
to
b436a5f
Compare
Sorry...I missed this ping last week. I think you're right that we will need to add something to prevent uploading sarif for dependabot runs. We'll need to add this to |
If it is only readonly on a The |
I didn't even realize we were running on all pushes. Looks like branches were removed here: 38a0291. The rationale behind the change makes sense, but I'm also open to reevaluating it. We'd also need to include |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks Andrew for #2499. This is now green, so approving.
Bumps the actions group with 1 update: actions/create-github-app-token.
Updates
actions/create-github-app-token
from 1.10.3 to 1.11.0Release notes
Sourced from actions/create-github-app-token's releases.
Commits
5d869da
build(release): 1.11.0 [skip ci]796b88d
feat: allow repositories input to be comma or newline-separated (#169)3378cda
build(release): 1.10.4 [skip ci]e177c20
fix(deps): bump the production-dependencies group across 1 directory with 3 u...961c228
build(deps-dev): bump the development-dependencies group across 1 directory w...15db037
test: fix test file extensions and inputs for repositories (#161)9ccc6db
ci(test): addworkflow_dispatch
trigger000e2a0
docs(readme): document how a Base64 private key could be decoded (#155)d0ac2ad
docs(README): fix thegit committer string
andConfigure git CLI
examples...040c259
build(deps-dev): bump the development-dependencies group with 4 updates (#150)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase
will rebase this PR@dependabot recreate
will recreate this PR, overwriting any edits that have been made to it@dependabot merge
will merge this PR after your CI passes on it@dependabot squash and merge
will squash and merge this PR after your CI passes on it@dependabot cancel merge
will cancel a previously requested merge and block automerging@dependabot reopen
will reopen this PR if it is closed@dependabot close
will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions
will show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major version
will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor version
will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>
will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>
will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>
will remove the ignore condition of the specified dependency and ignore conditions