[pull] main from GitTools:main#281
Open
pull[bot] wants to merge 644 commits into
Open
Conversation
a6d0c32 to
5e7846e
Compare
1b17f42 to
b3c6a61
Compare
39298a9 to
c1b5f1a
Compare
860c000 to
143e2a8
Compare
fix: sanitize labels correctly when using enviornment variables
…ature updates (#5015) * chore(deps): merge docker configs, add devcontainers ecosystem, group actions - Merge the two docker ecosystem entries into one via directories list - Add devcontainers ecosystem to update features in devcontainer.json - Group additional github-actions vendors (docker, codeql, reviewdog, gittools) Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> * chore(devcontainer): add lock file so Dependabot can track features Unpin feature tags and add devcontainer-lock.json with resolved versions and digests, required for the devcontainers Dependabot ecosystem. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
…#5016) Bumps the codeql group with 3 updates in the /.github/workflows directory: [github/codeql-action/init](https://github.com/github/codeql-action), [github/codeql-action/analyze](https://github.com/github/codeql-action) and [github/codeql-action/upload-sarif](https://github.com/github/codeql-action). Updates `github/codeql-action/init` from 4.36.2 to 4.36.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@8aad20d...54f647b) Updates `github/codeql-action/analyze` from 4.36.2 to 4.36.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@8aad20d...54f647b) Updates `github/codeql-action/upload-sarif` from 4.36.2 to 4.36.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@8aad20d...54f647b) --- updated-dependencies: - dependency-name: github/codeql-action/init dependency-version: 4.36.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: codeql - dependency-name: github/codeql-action/analyze dependency-version: 4.36.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: codeql - dependency-name: github/codeql-action/upload-sarif dependency-version: 4.36.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: codeql ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps Microsoft.CodeAnalysis.Analyzers from 5.3.0 to 5.6.0 Bumps Microsoft.CodeAnalysis.CSharp from 5.3.0 to 5.6.0 Bumps Microsoft.CodeAnalysis.PublicApiAnalyzers from 5.0.0-1.25277.114 to 5.6.0 --- updated-dependencies: - dependency-name: Microsoft.CodeAnalysis.Analyzers dependency-version: 5.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: microsoft - dependency-name: Microsoft.CodeAnalysis.CSharp dependency-version: 5.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: microsoft - dependency-name: Microsoft.CodeAnalysis.CSharp dependency-version: 5.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: microsoft - dependency-name: Microsoft.CodeAnalysis.PublicApiAnalyzers dependency-version: 5.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: microsoft ... Signed-off-by: dependabot[bot] <support@github.com>
…d version property Dependabot's partial bump of Microsoft.CodeAnalysis.CSharp to 5.6.0 left Microsoft.CodeAnalysis.Common/VisualBasic (src) and Microsoft.CodeAnalysis.CSharp.Workspaces (new-cli) pinned at 5.3.0, causing NU1605 downgrade errors during restore. Introduce a single MicrosoftCodeAnalysisVersion MSBuild property so these tightly-coupled packages always move together, and fix the dependabot.yml group ordering so the CodeAnalysis-specific group isn't shadowed by the broader Microsoft.* group.
…soft-1c1da6d8a1 (deps): Bump the microsoft group with 3 updates
--- updated-dependencies: - dependency-name: SharpYaml dependency-version: 3.12.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Add a missing backslash to correctly continue the multi-line command in the Homebrew workflow.
…-3.12.0 (deps): Bump SharpYaml from 3.11.0 to 3.12.0
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.19.4 to 2.20.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@9af89fc...bf7454d) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…github/workflows/step-security/harden-runner-2.20.0 (build deps): bump step-security/harden-runner from 2.19.4 to 2.20.0 in /.github/workflows
…t-throwing fix: allow incorrect labels if placeholders are missing
Remove the git feature from the devcontainer configuration as it is already provided by the base image.
Bumps the codeql group with 3 updates in the /.github/workflows directory: [github/codeql-action/init](https://github.com/github/codeql-action), [github/codeql-action/analyze](https://github.com/github/codeql-action) and [github/codeql-action/upload-sarif](https://github.com/github/codeql-action). Updates `github/codeql-action/init` from 4.36.3 to 4.37.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@54f647b...99df26d) Updates `github/codeql-action/analyze` from 4.36.3 to 4.37.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@54f647b...99df26d) Updates `github/codeql-action/upload-sarif` from 4.36.3 to 4.37.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@54f647b...99df26d) --- updated-dependencies: - dependency-name: github/codeql-action/init dependency-version: 4.37.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: codeql - dependency-name: github/codeql-action/analyze dependency-version: 4.37.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: codeql - dependency-name: github/codeql-action/upload-sarif dependency-version: 4.37.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: codeql ... Signed-off-by: dependabot[bot] <support@github.com>
…github/workflows/codeql-7512263334 (build deps): bump the codeql group across 1 directory with 3 updates
Add local branch validation, consolidate readiness checks into a single confirmation step, and handle downstream no-op signals. Remove redundant SHA256 sections from release notes.
Bumps the actions group with 1 update in the /.github/workflows directory: [actions/stale](https://github.com/actions/stale). Updates `actions/stale` from 10.3.0 to 10.4.0 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@eb5cf3a...1e223db) --- updated-dependencies: - dependency-name: actions/stale dependency-version: 10.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>
…github/workflows/actions-38afab4f4d (build deps): bump actions/stale from 10.3.0 to 10.4.0 in /.github/workflows in the actions group across 1 directory
--- updated-dependencies: - dependency-name: SharpYaml dependency-version: 3.13.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
…-3.13.0 (deps): Bump SharpYaml from 3.12.0 to 3.13.0
--- updated-dependencies: - dependency-name: NSubstitute dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
…te-6.0.0 (deps): Bump NSubstitute from 5.3.0 to 6.0.0
Bumps System.IO.Abstractions from 22.1.1 to 22.2.0 --- updated-dependencies: - dependency-name: System.IO.Abstractions dependency-version: 22.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: microsoft - dependency-name: System.IO.Abstractions dependency-version: 22.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: microsoft ... Signed-off-by: dependabot[bot] <support@github.com>
…soft-5c87809d62 (deps): Bump the microsoft group with 1 update
Bumps Microsoft.NET.Test.Sdk from 18.7.0 to 18.8.0 --- updated-dependencies: - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: microsoft - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: microsoft ... Signed-off-by: dependabot[bot] <support@github.com>
…soft-ad96945197 (deps): Bump the microsoft group with 1 update
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
See Commits and Changes for more details.
Created by
pull[bot] (v2.0.0-alpha.4)
Can you help keep this open source service alive? 💖 Please sponsor : )