build(deps): bump the ci group across 1 directory with 10 updates

[dependabot]

Bumps the ci group with 10 updates in the / directory:

Package	From	To
mercedesbenzio/detect-action	1	2
peaceiris/actions-mdbook	1	2
peaceiris/actions-gh-pages	3	4
actions/cache	3	4
helm/kind-action	1.8.0	1.10.0
yokawasa/action-setup-kube-tools	0.9.3	0.11.1
slackapi/slack-github-action	1.24.0	1.27.0
8BitJonny/gh-get-current-pr	2.2.0	3.0.0
thollander/actions-comment-pull-request	2.4.3	2.5.0
goreleaser/goreleaser-action	5	6

Updates mercedesbenzio/detect-action from 1 to 2

Release notes

Sourced from mercedesbenzio/detect-action's releases.

v2.0.0

What's Changed

• feat!: update to node 20 by @​tvcsantos in tvcsantos/detect-action#17

Full Changelog: tvcsantos/detect-action@v1.5.0...v2.0.0

v1.5.0

What's Changed

• feat: add support for custom PR comments by @​tvcsantos in tvcsantos/detect-action#16

Full Changelog: tvcsantos/detect-action@v1.4.1...v1.5.0

v1.4.1

What's Changed

• feat: improve tool name on PR comment header by @​tvcsantos in mercedesbenzio/detect-action#13

Full Changelog: tvcsantos/detect-action@v1.4.0...v1.4.1

v1.4.0

What's Changed

• feat: add tool name to PR comment header by @​tvcsantos in mercedesbenzio/detect-action#12

Full Changelog: tvcsantos/detect-action@v1.3.0...v1.4.0

v1.3.0

What's Changed

• feat: add input to control PR comments on success by @​tvcsantos in mercedesbenzio/detect-action#11

Full Changelog: tvcsantos/detect-action@v1.2.0...v1.3.0

v1.2.0

What's Changed

• build: update package version by @​tvcsantos in mercedesbenzio/detect-action#10
• feat: improve debug log level and add fail-if-detect-fails by @​tvcsantos in mercedesbenzio/detect-action#9

Full Changelog: tvcsantos/detect-action@v1.1.0...v1.2.0

v1.1.0

What's Changed

• feat: make detect-version optional by downloading latest by @​tvcsantos in mercedesbenzio/detect-action#8

Full Changelog: tvcsantos/detect-action@v1.0.0...v1.1.0

Changelog

Sourced from mercedesbenzio/detect-action's changelog.

Commits

• 290ca63 fix: fix incompatible package @​actions/artifact (#18)
• c5123b0 feat!: update to node 20 (#17)
• See full diff in compare view

Updates peaceiris/actions-mdbook from 1 to 2

Release notes

Sourced from peaceiris/actions-mdbook's releases.

actions-mdbook v2.0.0

See CHANGELOG.md for more details.

actions-mdbook v1.2.0

• deps: bump node12 to node16
• deps: bump @​actions/core from 1.6.0 to 1.10.0

See CHANGELOG.md for more details.

actions-mdbook v1.1.14

See CHANGELOG.md for more details.

actions-mdbook v1.1.13

See CHANGELOG.md for more details.

actions-mdbook v1.1.12

See CHANGELOG.md for more details.

actions-mdbook v1.1.11

See CHANGELOG.md for more details.

actions-mdbook v1.1.10

See CHANGELOG.md for more details.

This action was featured at GitHub Action Hero: Shohei Ueda - The GitHub Blog. Thanks all.

actions-mdbook v1.1.9

See CHANGELOG.md for more details.

actions-mdbook v1.1.8

See CHANGELOG.md for more details.

actions-mdbook v1.1.7

See CHANGELOG.md for more details.

actions-mdbook v1.1.6

See CHANGELOG.md for more details.

actions-mdbook v1.1.5

See CHANGELOG.md for more details.

Release v1.1.4

See CHANGELOG.md for more details.

Release v1.1.3

See CHANGELOG.md for more details.

Release v1.1.2

See CHANGELOG.md for more details.

... (truncated)

Changelog

Sourced from peaceiris/actions-mdbook's changelog.

2.0.0 (2024-04-08)

build

• bump node to 20.12.1 (#504) (cb4d902), closes #504

chore

• revert build (c95f05c)

ci

• bump actions/checkout from 3 to 4 (#487) (c0c1ffe), closes #487
• bump actions/dependency-review-action from 2.5.0 to 2.5.1 (#470) (e8a2552), closes #470 #290 #300 #299
• bump actions/dependency-review-action from 2.5.1 to 3.0.0 (#472) (9a6ded1), closes #472 #327 #324 #325 #326
• bump actions/dependency-review-action from 3.0.0 to 3.0.1 (#473) (939fe76), closes #473
• bump actions/dependency-review-action from 3.0.1 to 3.0.2 (#474) (404c95a), closes #474
• bump actions/dependency-review-action from 3.0.2 to 3.0.3 (#476) (665e827), closes #476
• bump actions/dependency-review-action from 3.0.3 to 3.0.4 (#479)Co-authored-by: dependabot[bot] (9d85c8a), closes #479
• bump actions/dependency-review-action from 3.0.4 to 3.0.6 (#480) (a1c0a09), closes #480
• bump actions/dependency-review-action from 3.0.6 to 3.0.7 (#483) (2987c69), closes #483
• bump actions/dependency-review-action from 3.0.7 to 3.0.8 (#485) (162a198), closes #485
• bump actions/dependency-review-action from 3.0.8 to 3.1.0 (#488) (60cc2ff), closes #488
• bump actions/setup-node from 3.5.1 to 3.6.0 (#475) (10da3f5), closes #475
• bump actions/setup-node from 3.6.0 to 3.7.0 (#481) (334df4e), closes #481
• bump actions/setup-node from 3.7.0 to 3.8.0 (#484) (fe51920), closes #484
• bump actions/setup-node from 3.8.0 to 3.8.1 (#486) (c6c9e0f), closes #486
• bump codecov/codecov-action from 3 to 4 (#490) (7b0c98f), closes #490
• bump github/codeql-action from 1 to 2 (#440) (7ce6923), closes #440
• bump peaceiris/actions-mdbook from 1.1.14 to 1.2.0 (#469) (59732c8), closes #469 #397 #397 #385 #385 #407 #407 #409 #409 #424 #424 #463 #463 #393 #393 #395 #395 #399 #399 #400 #400 #405 #405 #411 #411 #412 #412 #416 #416 #435 #435 #438 #438 #456 #456 #460 #460 #462 #462 #371 #371 #437 #437 #392 #392 #394 #394 #396 #396 #402 #402 #404 #404 #436 #436 #373 #373 #374 #374 #377 #377 #380 #380 #381 #381 #383 #383 #384 #384 #382 #382 #466 #463 #462 #460 #456 #438 #437

feat

• bump to node20 runtime (#500) (46c97c2), closes #500

Commits

• ee69d23 chore(release): 2.0.0
• 2d79d45 chore(release): Add build assets
• c95f05c chore: revert build
• cb4d902 build: bump node to 20.12.1 (#504)
• 46c97c2 feat: bump to node20 runtime (#500)
• 7b0c98f ci: bump codecov/codecov-action from 3 to 4 (#490)
• 60cc2ff ci: bump actions/dependency-review-action from 3.0.8 to 3.1.0 (#488)
• c0c1ffe ci: bump actions/checkout from 3 to 4 (#487)
• c6c9e0f ci: bump actions/setup-node from 3.8.0 to 3.8.1 (#486)
• 162a198 ci: bump actions/dependency-review-action from 3.0.7 to 3.0.8 (#485)
• Additional commits viewable in compare view

Updates peaceiris/actions-gh-pages from 3 to 4

Release notes

Sourced from peaceiris/actions-gh-pages's releases.

actions-github-pages v4.0.0

See CHANGELOG.md for more details.

actions-github-pages v3.9.3

See CHANGELOG.md for more details.

actions-github-pages v3.9.2

See CHANGELOG.md for more details.

actions-github-pages v3.9.1

• update deps

See CHANGELOG.md for more details.

actions-github-pages v3.9.0

• deps: bump node12 to node16
• deps: bump @​actions/core from 1.6.0 to 1.10.0

See CHANGELOG.md for more details.

actions-github-pages v3.8.0

See CHANGELOG.md for more details.

actions-github-pages v3.7.3

See CHANGELOG.md for more details.

actions-github-pages v3.7.2

See CHANGELOG.md for more details.

actions-github-pages v3.7.1

See CHANGELOG.md for more details.

actions-github-pages v3.7.0

See CHANGELOG.md for more details.

Overviews:

• Add .nojekyll file by default for all branches (#438) (079d483), closes #438
• Add destination_dir option (#403) (f30118c), closes #403 #324 #390
• Add exclude_assets option (#416) (0f5c65e), closes #416 #163
• exclude_assets supports glob patterns (#417) (6f45501), closes #417 #163

actions-github-pages v3.6.4

See CHANGELOG.md for more details.

actions-github-pages v3.6.3

See CHANGELOG.md for more details.

actions-github-pages v3.6.2

See CHANGELOG.md for more details.

... (truncated)

Changelog

Sourced from peaceiris/actions-gh-pages's changelog.

3.9.3 (2023-03-30)

docs

• fix typo, bump hugo version (#851) (884a022), closes #851

fix

• fix error handling (#841) (32e33dc), closes #841
• update known_hosts (#871) (31c15f0), closes #871

3.9.2 (2023-01-17)

chore

• rename cicd (32c9288)
• replace npm ci with install (9839780)

ci

• add github-actions npm (5e5dc6d)
• enable automerge (dd7d778)
• remove dependabot (7af79a8)
• remove enabledManagers (cba22ba)
• use peaceiris/workflows/setup-node 0.19.1 (#818) (416f539), closes #818

deps

• apply npm audit fix (#809) (e3aa46d), closes #809

3.9.1 (2023-01-05)

chore

• change cicd label name (1808965)

ci

• add Renovate config (#802) (072d16c), closes #802
• bump actions/dependency-review-action from 2 to 3 (#799) (e3b45f2), closes #799
• bump peaceiris/actions-github-app-token from 1.1.4 to 1.1.5 (#798) (a5f971f), closes #798
• bump peaceiris/actions-mdbook from 1.1.14 to 1.2.0 (#793) (9af6a68), closes #793
• bump peaceiris/workflows from 0.17.1 to 0.17.2 (#794) (087a759), closes #794

... (truncated)

Commits

• 4f9cc66 chore(release): 4.0.0
• 9c75028 chore(release): Add build assets
• 5049354 build: node 20.11.1
• 4eb285e chore: bump node16 to node20 (#1067)
• cdc09a3 chore(deps): update dependency @​types/node to v16.18.77 (#1065)
• d830378 chore(deps): update dependency @​types/node to v16.18.76 (#1063)
• 80daa1d chore(deps): update dependency @​types/node to v16.18.75 (#1061)
• 108285e chore(deps): update dependency ts-jest to v29.1.2 (#1060)
• 99c95ff chore(deps): update dependency @​types/node to v16.18.74 (#1058)
• 1f46537 chore(deps): update dependency @​types/node to v16.18.73 (#1057)
• Additional commits viewable in compare view

Updates actions/cache from 3 to 4

Release notes

Sourced from actions/cache's releases.

v4.0.0

What's Changed

• Update action to node20 by @​takost in actions/cache#1284
• feat: save-always flag by @​to-s in actions/cache#1242

New Contributors

• @​takost made their first contribution in actions/cache#1284
• @​to-s made their first contribution in actions/cache#1242

Full Changelog: actions/cache@v3...v4.0.0

v3.3.3

What's Changed

• Cache v3.3.3 by @​robherley in actions/cache#1302

New Contributors

• @​robherley made their first contribution in actions/cache#1302

Full Changelog: actions/cache@v3...v3.3.3

v3.3.2

What's Changed

• Fixed readme with new segment timeout values by @​kotewar in actions/cache#1133
• Readme fixes by @​kotewar in actions/cache#1134
• Updated description of the lookup-only input for main action by @​kotewar in actions/cache#1130
• Change two new actions mention as quoted text by @​bishal-pdMSFT in actions/cache#1131
• Update Cross-OS Caching tips by @​pdotl in actions/cache#1122
• Bazel example (Take #2️⃣) by @​vorburger in actions/cache#1132
• Remove actions to add new PRs and issues to a project board by @​jorendorff in actions/cache#1187
• Consume latest toolkit and fix dangling promise bug by @​chkimes in actions/cache#1217
• Bump action version to 3.3.2 by @​bethanyj28 in actions/cache#1236

New Contributors

• @​vorburger made their first contribution in actions/cache#1132
• @​jorendorff made their first contribution in actions/cache#1187
• @​chkimes made their first contribution in actions/cache#1217
• @​bethanyj28 made their first contribution in actions/cache#1236

Full Changelog: actions/cache@v3...v3.3.2

v3.3.1

What's Changed

• Reduced download segment size to 128 MB and timeout to 10 minutes by @​kotewar in actions/cache#1129

Full Changelog: actions/cache@v3...v3.3.1

v3.3.0

What's Changed

• Bug: Permission is missing in cache delete example by @​kotokaze in actions/cache#1123

... (truncated)

Changelog

Sourced from actions/cache's changelog.

Releases

4.0.2

• Fixed restore fail-on-cache-miss not working.

4.0.1

• Updated isGhes check

4.0.0

• Updated minimum runner version support from node 12 -> node 20

3.3.3

• Updates @​actions/cache to v3.2.3 to fix accidental mutated path arguments to getCacheVersion actions/toolkit#1378
• Additional audit fixes of npm package(s)

3.3.2

• Fixes bug with Azure SDK causing blob downloads to get stuck.

3.3.1

• Reduced segment size to 128MB and segment timeout to 10 minutes to fail fast in case the cache download is stuck.

3.3.0

• Added option to lookup cache without downloading it.

3.2.6

• Fix zstd not being used after zstd version upgrade to 1.5.4 on hosted runners.

3.2.5

• Added fix to prevent from setting MYSYS environment variable globally.

3.2.4

• Added option to fail job on cache miss.

3.2.3

• Support cross os caching on Windows as an opt-in feature.
• Fix issue with symlink restoration on Windows for cross-os caches.

3.2.2

... (truncated)

Commits

• 0c45773 Merge pull request #1327 from cdce8p/fix-fail-on-cache-miss
• 8a55f83 Add test case for process exit
• 3884cac Bump version
• e29dad3 Fix fail-on-cache-miss not working
• ab5e6d0 Merge pull request #1341 from bethanyj28/main
• 89c7d86 licensed cache
• d2c84da update @​actions/cache
• 37e7d4e Merge pull request #1340 from actions/bethanyj28/update-publish-flow
• a18323f add release action
• a2ed59d Merge pull request #1305 from actions/yacaovsnc/update_examples
• Additional commits viewable in compare view

Updates helm/kind-action from 1.8.0 to 1.10.0

Release notes

Sourced from helm/kind-action's releases.

v1.10.0

Requirements

We changed to use wget instead of curl

What's Changed

• Update kind to release v0.21.0 by @​cpanato in helm/kind-action#104
• Bump actions/checkout from 4.1.1 to 4.1.2 by @​dependabot in helm/kind-action#106
• Bump actions/checkout from 4.1.2 to 4.1.3 by @​dependabot in helm/kind-action#108
• bump kind to 0.22.0 / kubectl and general housekeeping by @​cpanato in helm/kind-action#107
• Bump actions/checkout from 4.1.2 to 4.1.3 in the actions group by @​dependabot in helm/kind-action#109

Full Changelog: helm/kind-action@v1.9.0...v1.10.0

v1.9.0

What's Changed

• Bump actions/checkout from 3.3.0 to 3.5.3 by @​dependabot in helm/kind-action#90
• Bump actions/checkout from 3.5.3 to 3.6.0 by @​dependabot in helm/kind-action#96
• Bump actions/checkout from 3.6.0 to 4.0.0 by @​dependabot in helm/kind-action#97
• Bump actions/checkout from 4.0.0 to 4.1.0 by @​dependabot in helm/kind-action#98
• Bump actions/checkout from 4.1.0 to 4.1.1 by @​dependabot in helm/kind-action#99
• chore: Bump node version to node20 by @​sayboras in helm/kind-action#102
• Fix arch detection in non-Debian distros by @​musse in helm/kind-action#93
• docs: fix default version in action.yml by @​dunglas in helm/kind-action#91
• docs: bump outdated action version in README by @​dunglas in helm/kind-action#92

New Contributors

• @​musse made their first contribution in helm/kind-action#93
• @​dunglas made their first contribution in helm/kind-action#91

Full Changelog: helm/kind-action@v1.8.0...v1.9.0

Commits

• 0025e74 Bump actions/checkout from 4.1.2 to 4.1.3 in the actions group (#109)
• 2a7d25f bump kind to 0.22.0 / kubectl and general housekeeping (#107)
• d821386 Bump actions/checkout from 4.1.2 to 4.1.3 (#108)
• e89fbc4 Bump actions/checkout from 4.1.1 to 4.1.2 (#106)
• 8300bd0 Update kind to release v0.21.0 (#104)
• 99576bf docs: bump outdated action version in README (#92)
• 0ca85d0 docs: fix default version in action.yml (#91)
• fc8d4ed Fix arch detection in non-Debian distros (#93)
• 4be822c chore: Bump node version to node20 (#102)
• 100421e Bump actions/checkout from 4.1.0 to 4.1.1 (#99)
• Additional commits viewable in compare view

Updates yokawasa/action-setup-kube-tools from 0.9.3 to 0.11.1

Release notes

Sourced from yokawasa/action-setup-kube-tools's releases.

v0.11.1

What's Changed

• updated sample tool versions in README by @​yokawasa in yokawasa/action-setup-kube-tools#55
• Bump undici from 5.28.3 to 5.28.4 by @​dependabot in yokawasa/action-setup-kube-tools#56
• Release v0.11.1 by @​yokawasa in yokawasa/action-setup-kube-tools#57

Full Changelog: yokawasa/action-setup-kube-tools@v0.11.0...v0.11.1

v0.11.0

What's Changed

• Support arch-type by @​yokawasa in yokawasa/action-setup-kube-tools#53
• release v0.11.0 by @​yokawasa in yokawasa/action-setup-kube-tools#54

Full Changelog: yokawasa/action-setup-kube-tools@v0.10.0...v0.11.0

v0.10.0

What's Changed

• node 20 by @​till in yokawasa/action-setup-kube-tools#49
• Bump word-wrap from 1.2.3 to 1.2.4 by @​dependabot in yokawasa/action-setup-kube-tools#45
• Bump undici from 5.19.1 to 5.26.3 by @​dependabot in yokawasa/action-setup-kube-tools#46
• Bump undici from 5.26.3 to 5.28.3 by @​dependabot in yokawasa/action-setup-kube-tools#50
• Bump @​babel/traverse from 7.7.4 to 7.23.9 by @​dependabot in yokawasa/action-setup-kube-tools#51
• fix readme and add dependencies for v0.10.0 release by @​yokawasa in yokawasa/action-setup-kube-tools#52

New Contributors

• @​till made their first contribution in yokawasa/action-setup-kube-tools#49

Full Changelog: yokawasa/action-setup-kube-tools@v0.9.3...v0.10.0

Commits

• 5fe3850 Merge pull request #57 from yokawasa/release-v0.11.1
• 31ec3e1 update README, remove CHANGELOG
• 714d1f0 Merge pull request #56 from yokawasa/dependabot/npm_and_yarn/undici-5.28.4
• ad566aa Bump undici from 5.28.3 to 5.28.4
• 448b9bd Merge pull request #55 from yokawasa/update-readme
• 06c35f4 updated sample tool versions
• dc0754a Merge pull request #54 from yokawasa/release-v0.11.0
• 953eee8 release v0.11.0
• 2e3262f Merge pull request #53 from yokawasa/add-arch-type
• e651ff0 fix test
• Additional commits viewable in compare view

Updates slackapi/slack-github-action from 1.24.0 to 1.27.0

Release notes

Sourced from slackapi/slack-github-action's releases.

Slack Send V1.27.0

What's changed

This release introduces an optional payload-delimiter parameter for flattening nested objects with a customized delimiter before the payload is sent to Slack Workflow Builder when using workflow webhook triggers.

  - name: Send a custom flattened payload
    uses: slackapi/[email protected]
+   with:
+     payload-delimiter: "_"
    env:
      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}

Setting this value to an underscore (_) is recommended when using nested inputs within Workflow Builder to match expected input formats of Workflow Builder, but the actual value can be changed to something else! This "flattening" behavior did exist prior to this version, but used a period (.) which is not valid for webook inputs in Workflow Builder.

The resulting output of flattened objects is not always clear, but the following can hopefully serve as a quick reference as well as these specs when using _ as the delimiter:

Input:

{
    "apples": "tree",
    "bananas": {
        "truthiness": true
    }
}

Output:

{
    "apples": "tree",
    "bananas_truthiness": "true"
}

Notice that bananas_truthiness is also stringified in this process, as part of updating values to match the expected inputs of Workflow Builder!

Changes

In addition to the changes above, the following lists all of the changes since the prior version with the complete changelog changes found here: slackapi/slack-github-action@v1.26.0...v1.27.0

🎁 Enhancements

... (truncated)

Commits

• 37ebaef Automatic compilation
• 5d1fb07 chore(release): tag version 1.27.0
• 3bc0671 chore(deps): bump axios to 1.7.5 (#332)
• b452451 feat: make the payload delimiter configurable for workflow webhook triggers (...
• c50e848 build(deps-dev): bump mocha from 10.5.2 to 10.7.0 (#328)
• e4a9c4b build(deps): bump @​slack/web-api from 7.2.0 to 7.3.2 (#327)
• 9a7f0fa build(deps-dev): bump chai from 4.4.1 to 4.5.0 (#326)
• 73b7062 build(deps-dev): bump eslint-plugin-jsdoc from 48.5.0 to 48.10.2 (#325)
• 3d5207b build(deps): bump https-proxy-agent from 7.0.4 to 7.0.5 (#320)
• 4e15b6a build(deps): bump @​slack/web-api from 7.0.4 to 7.2.0 (#323)
• Additional commits viewable in

[github-actions]

Mend Scan Summary: ❌

Repository: open-component-model/MPAS

VIOLATION DESCRIPTION	NUMBER OF VIOLATIONS
HIGH/CRITICAL SECURITY VULNERABILITIES	6
MAJOR UPDATES AVAILABLE	0
LICENSE REQUIRES REVIEW	0
LICENSE RISK HIGH	7
RESTRICTIED LICENSE FOR ON-PREMISE DELIVERY	0

Detailed Logs: mend-scan-> Generate Report
Mend UI