Commit Graph

174 Commits

Author SHA1 Message Date
Thomas Boop a327a9c763
Update default runtime to node16 (#134)
Node 12 has an end of life on April 30, 2022.

This PR updates the default runtime to [node16](https://github.blog/changelog/2021-12-10-github-actions-github-hosted-runners-now-run-node-js-16-by-default/), rather then node12. 

This is supported on all Actions Runners v2.285.0 or later.
2022-02-07 21:18:27 +01:00
Konrad Pabjan f023be2c48
Update @actions/artifact to version 0.6.0 (#123)
* Update @actions/artifact to version 0.6.0

* update artifact.dep.yml to use version 0.6.0
2021-12-07 11:44:54 -05:00
Konrad Pabjan 591af65465
Create release-new-action-version.yml (#122) 2021-12-02 11:14:52 -05:00
dependabot[bot] f2e7c54ea3
Bump path-parse from 1.0.6 to 1.0.7 (#109)
Bumps [path-parse](https://github.com/jbgutierrez/path-parse) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases)
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7)

---
updated-dependencies:
- dependency-name: path-parse
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-02 10:31:46 -05:00
Rob Herley e15ea60964
Merge pull request #121 from actions/robherley/dupe-issue-template
rm dupe security vulnerability from issue template
2021-11-23 14:48:56 -05:00
Rob Herley 12f9853977
rm dupe security vulnerability from issue template 2021-11-23 14:46:39 -05:00
Rob Herley b3f61af72c
Merge pull request #120 from actions/robherley/update-issue-templates
Add issue templates
2021-11-22 16:49:17 -05:00
Rob Herley ad79f6c16c
add issue templates 2021-11-22 10:12:52 -05:00
Brian Cristante b1985abdea
Create check-dist.yml (#108)
* Add check-dist.yml

* Fix triggers in licensed.yml
2021-08-10 13:59:02 -04:00
Brian Cristante 3be87be14a
Ingest v0.5.2 of @actions/artifact (#100)
* npm install --update @actions/artifact

* Update .licenses file

* npm run release
2021-06-16 16:19:05 -04:00
Brian Cristante 8bef1ad834
Merge pull request #97 from actions/dependabot/npm_and_yarn/glob-parent-5.1.2
Bump glob-parent from 5.1.1 to 5.1.2
2021-06-16 16:06:52 -04:00
Brian Cristante 2940e0d2ad
Merge pull request #92 from actions/dependabot/npm_and_yarn/hosted-git-info-2.8.9
Bump hosted-git-info from 2.8.5 to 2.8.9
2021-06-16 16:06:23 -04:00
Brian Cristante bd90b34638
Merge pull request #91 from actions/dependabot/npm_and_yarn/lodash-4.17.21
Bump lodash from 4.17.19 to 4.17.21
2021-06-16 16:06:06 -04:00
Brian Cristante 3b6d0aba35
Merge pull request #99 from actions/brcrista/dependabot-push
Don't trigger CodeQL on Dependabot push
2021-06-16 16:05:29 -04:00
Brian Cristante 46a6d6f216
Don't trigger CodeQL on Dependabot push 2021-06-16 16:01:04 -04:00
dependabot[bot] 246a0f4716
Bump glob-parent from 5.1.1 to 5.1.2
Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2.
- [Release notes](https://github.com/gulpjs/glob-parent/releases)
- [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md)
- [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2)

---
updated-dependencies:
- dependency-name: glob-parent
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
2021-06-11 13:14:19 +00:00
Robert Cannon df388c92ce
Clarified the `v1` and `v2` differences (#96)
The original text implies by supplying no inputs all files are placed in the root directory without added directories by focusing only on the `path` input. In practice, supplying no inputs results in the backwards compatible `v1` behavior of creating an extra parameter. This may be obvious in some scenarios and stated somewhat later in the document, but is less obvious when the "name" matches a filename for a single file artifact.
2021-05-21 21:20:10 +02:00
dependabot[bot] 87f717a35d
Bump hosted-git-info from 2.8.5 to 2.8.9
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.5 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases)
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md)
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.5...v2.8.9)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-11 17:16:23 +00:00
dependabot[bot] ae445150c2
Bump lodash from 4.17.19 to 4.17.21
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.19...4.17.21)

Signed-off-by: dependabot[bot] <support@github.com>
2021-05-11 12:10:53 +00:00
Konrad Pabjan 158ca71f7c
Bump @actions/artifact to version 0.5.1 (#85) 2021-04-06 16:50:27 -04:00
dependabot[bot] 65bdb44741
Bump y18n from 4.0.0 to 4.0.1 (#84)
Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/yargs/y18n/releases)
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md)
- [Commits](https://github.com/yargs/y18n/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-04-06 15:23:44 -04:00
Josh Gross 782e5ae9ea
Merge pull request #81 from rneatherway/codeql-add-pull-request-trigger
Add on: pull_request trigger to CodeQL workflow
2021-01-14 18:42:16 -05:00
Robin Neatherway a6ff13d56d Add on: pull_request trigger to CodeQL workflow
From February 2021, in order to provide feedback on pull requests, Code Scanning workflows must be configured with both `push` and `pull_request` triggers. This is because Code Scanning compares the results from a pull request against the results for the base branch to tell you only what has changed between the two.

Early in the beta period we supported displaying results on pull requests for workflows with only `push` triggers, but have discontinued support as this proved to be less robust.

See https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#scanning-pull-requests for more information on how best to configure your Code Scanning workflows.
2021-01-13 11:19:52 +00:00
Konrad Pabjan 4a7a711286
Add retries to all HTTP calls + fix dependabot alerts (#80)
* Update @actions/artifact package to version 0.5.0

* bump eslint-plugin-github to version 4.1.1

* Update artifact.dep.yml
2021-01-04 15:47:26 +01:00
Konrad Pabjan f144d3c391
Update @actions/artifact from 0.3.5 to 0.4.2 (#73)
* Update @actions/artifact from 0.3.5 to 0.4.2

* Update package versions in .licenses
2020-12-15 10:55:26 -05:00
Josh Gross 987de047e8
Merge pull request #71 from actions/joshmgross/fix-codeowners
Fix CODEOWNERS team name
2020-12-07 15:50:08 -05:00
Josh Gross 89cfa805e3
Fix CODEOWNERS team name 2020-12-07 13:35:10 -05:00
Yang Cao 37439a4b3c
Merge pull request #69 from brcrista/patch-1
Add CODEOWNERS file
2020-11-25 15:24:36 -05:00
Brian Cristante d84bbb4c0a
Create CODEOWNERS 2020-11-25 15:18:14 -05:00
Konrad Pabjan f8e41fbffe
Bump @actions/core to v1.2.6 (#64)
* Bump @actions/core to v1.2.6

* Update version in license for @actions/core

* Fix typo
2020-11-13 14:53:33 -05:00
Yang Cao f60857ee28
Merge pull request #56 from thboop/main
Add `Licensed` To Help Verify Prod Licenses
2020-09-23 17:18:58 -04:00
Thomas Boop 6da19888bb Add contributing.md information 2020-09-23 17:02:34 -04:00
Thomas Boop 38343be9e7 Ignore Generated Files in Git PR's 2020-08-26 11:21:58 -04:00
Justin Weissig 910a9eff4a
Fixed minor spelling mistake (#59)
Made two minor changes to fix spelling mistakes.
2020-08-24 23:02:33 +02:00
Thomas Boop 66ed71e3c8 Manually Review licenses 2020-08-11 20:23:22 -04:00
Thomas Boop fbf2bddea0 Add licensed workflow and files 2020-08-11 20:20:07 -04:00
Thomas Boop c3f5d00c87
Add Third Party License Information to Dist Files (#54)
* Add Third Party License Information

* Update licenses for @actions npm modules
2020-08-10 18:21:40 +02:00
Konrad Pabjan b3cedea9be
Bump @actions/artifact to 0.3.5 (#52) 2020-08-04 17:55:46 +02:00
Konrad Pabjan 80d2d4023c
Document Artifact Limitations + Bump actions/artifact package version (#51)
* Document Artifact Limitations

* README Updates

* Restructure README
2020-07-31 17:16:59 +02:00
Konrad Pabjan 381af06b42
Add support for tilde expansion (#50)
* Add support for tilde expansion

* Print resolved path with debug

* Update README

* README

* Only replace tilde in certain scenarios

* Fix
2020-07-30 12:01:38 +02:00
dependabot[bot] 83fcc74d04
Bump lodash from 4.17.15 to 4.17.19 (#46)
Bumps [lodash](https://github.com/lodash/lodash) from 4.17.15 to 4.17.19.
- [Release notes](https://github.com/lodash/lodash/releases)
- [Commits](https://github.com/lodash/lodash/compare/4.17.15...4.17.19)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-07-22 13:26:09 +02:00
Konrad Pabjan 1ac47ba4b6
Update README.md 2020-07-15 12:35:21 +02:00
Konrad Pabjan 2a5974104b
Update README.md 2020-07-15 12:19:31 +02:00
Konrad Pabjan 7e5b6f00de
Misc Download Artifact Improvements (#43)
* Various improvements to download-artifact

* Resolve input path

* README updates

* PR feedback
2020-07-15 12:09:31 +02:00
Konrad Pabjan 385ad92b52
Create CONTRIBUTING.md 2020-07-13 12:55:53 +02:00
Konrad Pabjan 552dca742d
Create CODE_OF_CONDUCT.md 2020-07-13 12:49:43 +02:00
Josh Gross 6cdc83a8a8
Merge pull request #39 from actions/joshmgross/code-scanning
Create codeql-analysis.yml
2020-05-11 10:47:46 -04:00
Josh Gross 1e32d64f05
Add paths ignore for md files 2020-05-11 09:48:46 -04:00
Josh Gross c898b9b624
Create codeql-analysis.yml 2020-05-11 09:30:11 -04:00
Konrad Pabjan d0b19596d3
V2 Updates (#36)
* Update README with compatibilty differences between v1 and v2

* NPM package updates and rebuild index.js

* Update README

* Compat update
2020-04-30 22:50:01 +02:00