Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dependabot: bump codecov/codecov-action from 1 to 3 #513

Merged
merged 1 commit into from
Oct 2, 2023

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Oct 2, 2023

Bumps codecov/codecov-action from 1 to 3.

Release notes

Sourced from codecov/codecov-action's releases.

v3.0.0

Breaking Changes

  • #689 Bump to node16 and small fixes

Features

  • #688 Incorporate gcov arguments for the Codecov uploader

Dependencies

  • #548 build(deps-dev): bump jest-junit from 12.2.0 to 13.0.0
  • #603 [Snyk] Upgrade @​actions/core from 1.5.0 to 1.6.0
  • #628 build(deps): bump node-fetch from 2.6.1 to 3.1.1
  • #634 build(deps): bump node-fetch from 3.1.1 to 3.2.0
  • #636 build(deps): bump openpgp from 5.0.1 to 5.1.0
  • #652 build(deps-dev): bump @​vercel/ncc from 0.30.0 to 0.33.3
  • #653 build(deps-dev): bump @​types/node from 16.11.21 to 17.0.18
  • #659 build(deps-dev): bump @​types/jest from 27.4.0 to 27.4.1
  • #667 build(deps): bump actions/checkout from 2 to 3
  • #673 build(deps): bump node-fetch from 3.2.0 to 3.2.3
  • #683 build(deps): bump minimist from 1.2.5 to 1.2.6
  • #685 build(deps): bump @​actions/github from 5.0.0 to 5.0.1
  • #681 build(deps-dev): bump @​types/node from 17.0.18 to 17.0.23
  • #682 build(deps-dev): bump typescript from 4.5.5 to 4.6.3
  • #676 build(deps): bump @​actions/exec from 1.1.0 to 1.1.1
  • #675 build(deps): bump openpgp from 5.1.0 to 5.2.1

v2.1.0

2.1.0

Features

  • #515 Allow specifying version of Codecov uploader

Dependencies

  • #499 build(deps-dev): bump @​vercel/ncc from 0.29.0 to 0.30.0
  • #508 build(deps): bump openpgp from 5.0.0-5 to 5.0.0
  • #514 build(deps-dev): bump @​types/node from 16.6.0 to 16.9.0

v2.0.3

2.0.3

Fixes

  • #464 Fix wrong link in the readme
  • #485 fix: Add override OS and linux default to platform

Dependencies

  • #447 build(deps): bump openpgp from 5.0.0-4 to 5.0.0-5
  • #458 build(deps-dev): bump eslint from 7.31.0 to 7.32.0
  • #465 build(deps-dev): bump @​typescript-eslint/eslint-plugin from 4.28.4 to 4.29.1
  • #466 build(deps-dev): bump @​typescript-eslint/parser from 4.28.4 to 4.29.1
  • #468 build(deps-dev): bump @​types/jest from 26.0.24 to 27.0.0
  • #470 build(deps-dev): bump @​types/node from 16.4.0 to 16.6.0
  • #472 build(deps): bump path-parse from 1.0.6 to 1.0.7
  • #473 build(deps-dev): bump @​types/jest from 27.0.0 to 27.0.1

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

4.0.0-beta.2

Fixes

  • #1085 not adding -n if empty to do-upload command

4.0.0-beta.1

v4 represents a move from the universal uploader to the Codecov CLI. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.

Breaking Changes

  • No current support for aarch64 and alpine architectures.
  • Tokenless uploading is unsuported
  • Various arguments to the Action have been removed

3.1.4

Fixes

  • #967 Fix typo in README.md
  • #971 fix: add back in working dir
  • #969 fix: CLI option names for uploader

Dependencies

  • #970 build(deps-dev): bump @​types/node from 18.15.12 to 18.16.3
  • #979 build(deps-dev): bump @​types/node from 20.1.0 to 20.1.2
  • #981 build(deps-dev): bump @​types/node from 20.1.2 to 20.1.4

3.1.3

Fixes

  • #960 fix: allow for aarch64 build

Dependencies

  • #957 build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0
  • #958 build(deps): bump openpgp from 5.7.0 to 5.8.0
  • #959 build(deps-dev): bump @​types/node from 18.15.10 to 18.15.12

3.1.2

Fixes

  • #718 Update README.md
  • #851 Remove unsupported path_to_write_report argument
  • #898 codeql-analysis.yml
  • #901 Update README to contain correct information - inputs and negate feature
  • #955 fix: add in all the extra arguments for uploader

Dependencies

  • #819 build(deps): bump openpgp from 5.4.0 to 5.5.0
  • #835 build(deps): bump node-fetch from 3.2.4 to 3.2.10
  • #840 build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4
  • #841 build(deps): bump @​actions/core from 1.9.1 to 1.10.0
  • #843 build(deps): bump @​actions/github from 5.0.3 to 5.1.1
  • #869 build(deps): bump node-fetch from 3.2.10 to 3.3.0
  • #872 build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0
  • #879 build(deps): bump decode-uri-component from 0.2.0 to 0.2.2

... (truncated)

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 1 to 3.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v1...v3)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added github_actions Pull requests that update GitHub Actions code Mend: dependency security vulnerability Security vulnerability detected by WhiteSource labels Oct 2, 2023
@codecov
Copy link

codecov bot commented Oct 2, 2023

Codecov Report

Merging #513 (681d588) into main (ee22f03) will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff            @@
##               main     #513   +/-   ##
=========================================
  Coverage     29.17%   29.17%           
  Complexity       98       98           
=========================================
  Files            22       22           
  Lines          1186     1186           
  Branches        109      109           
=========================================
  Hits            346      346           
  Misses          819      819           
  Partials         21       21           

@joshpalis joshpalis merged commit 76c65f0 into main Oct 2, 2023
16 of 19 checks passed
@dependabot dependabot bot deleted the dependabot/github_actions/codecov/codecov-action-3 branch October 2, 2023 17:17
opensearch-trigger-bot bot pushed a commit that referenced this pull request Oct 2, 2023
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 1 to 3.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v1...v3)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
(cherry picked from commit 76c65f0)
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
joshpalis pushed a commit that referenced this pull request Oct 2, 2023
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 1 to 3.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v1...v3)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...



(cherry picked from commit 76c65f0)

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
backport 2.x github_actions Pull requests that update GitHub Actions code Mend: dependency security vulnerability Security vulnerability detected by WhiteSource
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants