• c8236a6 unicode/bidi: remove unused global
• ada7473 all: remove redundant type conversion
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 1bdb400 language: remove compatibility with go < 1.2
• 252bee0 go.mod: ignore cyclic dependency for tagging
• ecab6e5 go.mod: ignore cyclic dependency for tagging
• 369c86b all: fix a few function names on comments
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

• 434eadc language: reject excessively large Accept-Language strings
• 23407e7 go.mod: ignore cyclic dependency for tagging
• b18d3dd secure/precis: replace bytes.Compare with bytes.Equal
• 795e854 all: replace io/ioutil with io and os package
• b0ca10f internal/language: bump script types to uint16 and update registry
• ba9b0e1 go.mod: update x/tools to HEAD
• d03b418 A+C: delete AUTHORS and CONTRIBUTORS
• b4bca84 language/display: fix Tag method comment
• ea49e3e go.mod: update x/tools to HEAD
• 78819d0 go.mod: update to golang.org/x/text v0.1.10
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github/codeql-action's changelog.

2.1.8 - 08 Apr 2022

• Update default CodeQL bundle version to 2.8.5. #1014
• Fix error where the init action would fail due to a GitHub API request that was taking too long to complete #1025

2.1.7 - 05 Apr 2022

• A bug where additional queries specified in the workflow file would sometimes not be respected has been fixed. #1018

2.1.6 - 30 Mar 2022

• [v2+ only] The CodeQL Action now runs on Node.js v16. #1000
• Update default CodeQL bundle version to 2.8.4. #990
• Fix a bug where an invalid commit_oid was being sent to code scanning when a custom checkout path was being used. #956

• 2c03704 Allow the version of the ML-powered pack to depend on the CLI version
• dd6b592 Simplify ML-powered query status report definition
• a90d8bf Merge pull request #1011 from github/henrymercer/ml-powered-queries-pr-check
• dc0338e Use latest major version of actions/upload-artifact
• 57096fe Add a PR check to validate that ML-powered queries are run correctly
• b0ddf36 Merge pull request #1012 from github/henrymercer/update-actions-major-versions
• 1ea2f2d Merge branch 'main' into henrymercer/update-actions-major-versions
• 9dcc141 Merge pull request #1010 from github/henrymercer/stop-running-ml-powered-quer...
• ea751a9 Update other Actions from v2 to v3
• a2949f4 Update actions/checkout from v2 to v3
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/setup-go's releases.

v3.0.0

What's Changed

• Update default runtime to node16 (actions/setup-go#192)
• Update package-lock.json file version to 2 (actions/setup-go#193) and @types/node to 16.11.25 (actions/setup-go#194)
• Remove the stable input and fix SemVer notation (actions/setup-go#195)

Breaking Changes

With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.

This new major release removes the stable input, so there is no need to specify additional input to use pre-release versions. This release also corrects the pre-release versions syntax to satisfy the SemVer notation (1.18.0-beta1 -> 1.18.0-beta.1, 1.18.0-rc1 -> 1.18.0-rc.1).

steps:
  - uses: actions/checkout@v2
  - uses: actions/setup-go@v3
    with:
      go-version: '1.18.0-rc.1' 
  - run: go version

Add check-latest input

In scope of this release we add the check-latest input. If check-latest is set to true, the action first checks if the cached version is the latest one. If the locally cached version is not the most up-to-date, a Go version will then be downloaded from go-versions repository. By default check-latest is set to false. Example of usage:

steps:
  - uses: actions/checkout@v2
  - uses: actions/setup-go@v2
    with:
      go-version: '1.16'
      check-latest: true
  - run: go version

Moreover, we updated @actions/core from 1.2.6 to 1.6.0

v2.1.5

In scope of this release we updated matchers.json to improve the problem matcher pattern. For more information please refer to this pull request

v2.1.4

What's Changed

• Fix extractor selection on windows by @​paulcacheux in actions/setup-go#141

New Contributors

• @​paulcacheux made their first contribution in actions/setup-go#141

Full Changelog: https://github.com/actions/setup-go/compare/v2.1.3...v2.1.4

v2.1.3

• Updated communication with runner to use environment files rather then workflow commands

v2.1.2

This release includes vendored licenses for this action's npm dependencies.

... (truncated)

• f6164bd Remove stable input and fix SemVer notation (#195)
• 2bb2aab update types node (#194)
• edcbc0c update lockfileVersion (#193)
• fb9a043 Update default runtime to node16 (#192)
• 5b0ae0e Bump pathval from 1.1.0 to 1.1.1 (#188)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from EndBug/add-and-commit's releases.

v9.0.0

Changed:

• [BREAKING] The action will now fail when the git commit command fails. (#370)
• [BREAKING] The action won't try deleting and re-creting tags when it fails to push them, it's now up to you to set the proper arguments (see the tag_push input). (#367)

Added:

• tag_push input: you can now set the arguments of the git push --tags command.
• tag_pushed output: whether the action pushed tags.

v8.0.2

Fixed:

• The commit input is now properly listed in the README. (#360)

v8.0.1

Fixed:

• Fixed a bug that prevented the --allow-empty flag from being used for the commit input. (#352)
• Fixed README and CHANGELOG docs for the pull input, that were still showing the option to use NO-PULL to prevent pulling (while now it's the default behavior). (#354)
• Added a paragraph to the FAQs section of the README, that explains how to work with PRs in v8. (#351)

Sourced from EndBug/add-and-commit's changelog.

[4.3.0] - 2020-07-29

Addded:

• signoff parameter: lets you use the --signoff argument for the git commit command (PR #46)

[4.2.1] - 2020-07-10

Fixed:

• OS-support: the action now properly works on Windows instances (issue #33)

[4.2.0] - 2020-05-17

Added:

• Tagging: you can now create and update lightweight tags (PR #30)

[4.1.0] - 2020-05-01

Added:

• ref parameter: lets you choose the branch to run the action on, the default is the one that triggered the workflow (issue #29)

[4.0.3] - 2020-05-01

Fixed:

• Logs: git diff won't display logs anymore, to avoid buffer problems (issue #27)
• Logs: additional info will be logged along with the command outputs
• Logs: added groups to improve readability

[4.0.2] - 2020-04-19

Fixed:

• Error handling: failures are now easier to read (issue #25)

[4.0.1] - 2020-03-20

Fixed:

• Scheduled events: the action can be used in action runs triggered by a scheduled events
• Warnings: there won't be warnings when both author_name and author_email are set

[4.0.0] - 2020-03-03

Removed:

• [BREAKING] path parameter: see 'Changed' section for more info

... (truncated)

• 050a667 release: v9.0.0
• 7fbfbfa docs: add Josh-Cena as a contributor for bug (#377)
• 0b47528 fix!: fail when there's an error while committing (#376)
• a3279e7 docs: add sconix as a contributor for ideas (#375)
• 0930a0f docs(README): add tag_push and tag_pushed
• 0e4f5f6 feat: add tag_push input and tag_pushed output (#374)
• d67ae5f chore(deps-dev): bump ts-node from 10.5.0 to 10.7.0 (#373)
• 2cbf8eb chore(deps-dev): bump typescript from 4.5.5 to 4.6.2 (#372)
• 6d7bd05 chore(deps-dev): bump eslint-config-prettier from 8.4.0 to 8.5.0 (#371)
• e6dcd77 docs(README): remove "used by" badge
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/checkout's releases.

v3.0.0

• Update default runtime to node16

v2.4.0

• Convert SSH URLs like org-<ORG_ID>@github.com: to https://github.com/ - pr

v2.3.5

Update dependencies

v2.3.4

• Add missing awaits
• Swap to Environment Files

v2.3.3

• Remove Unneeded commit information from build logs
• Add Licensed to verify third party dependencies

v2.3.2

Add Third Party License Information to Dist Files

v2.3.1

Fix default branch resolution for .wiki and when using SSH

v2.3.0

Fallback to the default branch

v2.2.0

Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH
• Add submodule support
• Follow proxy settings
• Fix ref for pr closed event when a pr is merged
• Fix issue checking detached when git less than 2.22

Sourced from actions/checkout's changelog.

Changelog

v2.3.1

• Fix default branch resolution for .wiki and when using SSH

v2.3.0

• Fallback to the default branch

v2.2.0

• Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

• Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH
• Add submodule support
• Follow proxy settings
• Fix ref for pr closed event when a pr is merged
• Fix issue checking detached when git less than 2.22

v2.0.0

• Do not pass cred on command line
• Add input persist-credentials
• Fallback to REST API to download repo

v2 (beta)

• Improved fetch performance
  • The default behavior now fetches only the SHA being checked-out
• Script authenticated git commands
  • Persists with.token in the local git config
  • Enables your scripts to run authenticated git commands
  • Post-job cleanup removes the token
  • Coming soon: Opt out by setting with.persist-credentials to false
• Creates a local branch
  • No longer detached HEAD when checking out a branch
  • A local branch is created with the corresponding upstream branch set
• Improved layout

... (truncated)

• a12a394 update readme for v3 (#708)
• 8f9e05e Update to node 16 (#689)
• 230611d Change secret name for PAT to not start with GITHUB_ (#623)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)