Skip to content
This repository was archived by the owner on Jun 6, 2025. It is now read-only.

chore(deps,github_actions): major update github actions (major) #108

Open
renovate wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps,github_actions): major update github actions (major) #108

renovate wants to merge 1 commit into from

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented May 9, 2025

This PR contains the following updates:

Package Type Update Change Package file References
docker/build-push-action action major v5 -> v6 .github/workflows/tag-docker_test_build_push.yaml source
peter-evans/create-pull-request action major v6 -> v7 .github/workflows/changelog.yaml source
tj-actions/changed-files action major v44.5.2 -> v46.0.5 .github/workflows/changelog.yaml source

Release Notes

docker/build-push-action (docker/build-push-action)

v6

Compare Source

peter-evans/create-pull-request (peter-evans/create-pull-request)

v7

Compare Source

tj-actions/changed-files (tj-actions/changed-files)

v46.0.5

Compare Source

What's Changed

Full Changelog: tj-actions/changed-files@v46...v46.0.5

v46.0.4

Compare Source

What's Changed

Full Changelog: tj-actions/changed-files@v46...v46.0.4

v46.0.3

Compare Source

What's Changed

Full Changelog: tj-actions/changed-files@v46...v46.0.3

v46.0.2

Compare Source

What's Changed

New Contributors

Full Changelog: tj-actions/changed-files@v46...v46.0.2

v46.0.1

Compare Source

[!WARNING]
Security Alert: A critical security issue was identified in this action due to a compromised commit.

This commit has been removed from all tags and branches, and necessary measures have been implemented to prevent similar issues in the future.

Action Required:

  • Review your workflows executed between March 14 and March 15. If you notice unexpected output under the changed-files section, decode it using the following command: echo 'xxx' | base64 -d | base64 -d
    If the output contains sensitive information (e.g., tokens or secrets), revoke and rotate those secrets immediately.
  • If your workflows reference this commit directly by its SHA, you must update them immediately to avoid using the compromised version.
  • If you are using tagged versions (e.g., v35, v44.5.1), no action is required as these tags have been updated and are now safe to use.

Additionally, as a precaution, we recommend rotating any secrets that may have been exposed during this timeframe to ensure the continued security of your workflows.

What's Changed

Full Changelog: tj-actions/changed-files@v46...v46.0.1

v46.0.0

Compare Source

[!WARNING]
Security Alert: A critical security issue was identified in this action due to a compromised commit.

This commit has been removed from all tags and branches, and necessary measures have been implemented to prevent similar issues in the future.

Action Required:

  • Review your workflows executed between March 14 and March 15. If you notice unexpected output under the changed-files section, decode it using the following command: echo 'xxx' | base64 -d | base64 -d
    If the output contains sensitive information (e.g., tokens or secrets), revoke and rotate those secrets immediately.
  • If your workflows reference this commit directly by its SHA, you must update them immediately to avoid using the compromised version.
  • If you are using tagged versions (e.g., v35, v44.5.1), no action is required as these tags have been updated and are now safe to use.

Additionally, as a precaution, we recommend rotating any secrets that may have been exposed during this timeframe to ensure the continued security of your workflows.

What's Changed

New Contributors

Full Changelog: tj-actions/changed-files@v45.0.5...v46.0.0

What's Changed

Full Changelog: tj-actions/changed-files@v45.0.5...v46.0.0

v45.0.9

Compare Source

What's Changed

Full Changelog: tj-actions/changed-files@v45.0.4...v45.0.9

v45.0.8

Compare Source

What's Changed

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate
chore(deps,github_actions): major update github actions
fa22b4e 
| datasource  | package                         | from    | to      |
| ----------- | ------------------------------- | ------- | ------- |
| github-tags | docker/build-push-action        | v5      | v6      |
| github-tags | peter-evans/create-pull-request | v6      | v7      |
| github-tags | tj-actions/changed-files        | v44.5.2 | v46.0.5 |
@renovate renovate bot added the github_actions Pull requests that update GitHub Actions code label May 9, 2025
@renovate renovate bot assigned bukowa May 9, 2025
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

@bukowa bukowa

Labels

github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@bukowa