Sourced from codecov/codecov-action's releases.

v2.0.1

Fixes

• #424 fix: Issue in building all deep dependencies

v2.0.0

On February 1, 2022, the v1 uploader will be full sunset and no longer function. This is due to the deprecation of the underlying bash uploader. This version uses the new uploader.

The v2 Action downloads, verifies, and runs the Codecov binary.

Breaking Changes

• Multiple fields have not been transferred from the bash uploader or have been deprecated. Notably many of the functionalities and gcov_ arguments have been removed. Please check the documentation for the full list.

Features

• dry-run argument allows Codecov flow without uploading reports to Codecov
• (Enterprise only) slug allows specifying the repository slug manually
• (Enterprise only) url allows changing the upload host

Sourced from codecov/codecov-action's changelog.

2.0.1

Fixes

• #424 fix: Issue in building all deep dependencies

2.0.0

On February 1, 2022, the v1 uploader will be full sunset and no longer function. This is due to the deprecation of the underlying bash uploader. This version uses the new uploader.

The v2 Action downloads, verifies, and runs the Codecov binary.

Breaking Changes

• Multiple fields have not been transferred from the bash uploader or have been deprecated. Notably many of the functionalities and gcov_ arguments have been removed. Please check the documentation for the full list.

Features

• dry-run argument allows Codecov flow without uploading reports to Codecov
• (Enterprise only) slug allows specifying the repository slug manually
• (Enterprise only) url allows changing the upload host

• c585afe Merge pull request #424 from codecov/2.0.1-fix-deps
• 852cffb Remove dist/coverage
• d910efb Update CHANGELOG
• 439c1e5 Remove coverage folder
• fc5d663 fix: Hack to force asn1.js
• 5c832ae Force the dep
• 71fa76a fix: Add job to test no deps
• 672fbdc Merge pull request #421 from codecov/dependabot/npm_and_yarn/types/node-16.3.3
• 1691a31 Merge pull request #422 from codecov/dependabot/npm_and_yarn/vercel/ncc-0.29.0
• ad2b003 fix: Add deep deps
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/BurntSushi/toml's releases.

v1.2.1

This release fixes the omitempty struct tag on an uncomparable type panicking.

• 74c008f Test Go 1.19; gofmt 1.19
• 8de7f4a Update tests a little bit and add comment
• 8bbca55 add a check for uncomparable empty structs
• 17ef72d Tweak docs to use Go 1.19 syntax
• 1ba7f5b Merge pull request #367 from zhsj/fix-32
• 473c10f Fix test on 32 bit arch
• 360c9e3 Don't return error on uncomparable types: just silently ignore like before
• 929b0a7 Merge pull request #361 from BurntSushi/p-omitempty
• 8d9ffad Don't panic with 'omitempty' and uncomparable type
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/BurntSushi/toml's releases.

Release v1.2.0

This release adds a few additional features:

• Support encoding and decoding json.Number, making interoperability with JSON when using json.Encoder.UseNumber() easier.

• Support time.Duration string format; an integer will be interpreted as nanoseconds (like before), but a string like "5h" will be parsed. On encoding the string format is used.

• The omitempty struct tag now also works for structs with all zero values, for example an empty time.Time. A struct is considered "empty" when all fields (exported and private) are the zero value.

• Allow using interface{} (or any) as the map key when decoding.

And some fixes:

• Fix encoding.TextUnmarshaler not working for map values.

• Make encoding.TextUnmarshaler and toml.Unmarshaler work if MarshalText() or MarshalTOML() have a pointer receiver.

• Error out on nil returns from MarshalTOML/MarshalText; before they would get encoded as invalid TOML (keyname =).

• Fix a panic where it would try to encode array = [{}, 0] as:

  [[array]]
  [[array]]
  

  Which isn't valid as 0 isn't a table.

• Some better error reporting for some errors.

• 2e74712 Simplify test case
• e2f6fa2 Allow using interface{} as map keys when decoding
• f0ccf71 Merge pull request #358 from kkHAIKE/encode_MarshalText_fix
• c03a31c Small stylistic updates
• 6805a3d add test for embed field
• 0ae83fe replace some Interface() check when encode private embed struct
• eaf0d98 add test
• d138d7a change eindirect behave match with indirect from decode
• 0a9f2b0 Don't panic encoding arrays where the first item is a table, but others aren't
• 28ff18d Merge pull request #356 from BurntSushi/empty
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github/codeql-action's changelog.

2.1.8 - 08 Apr 2022

• Update default CodeQL bundle version to 2.8.5. #1014
• Fix error where the init action would fail due to a GitHub API request that was taking too long to complete #1025

2.1.7 - 05 Apr 2022

• A bug where additional queries specified in the workflow file would sometimes not be respected has been fixed. #1018

2.1.6 - 30 Mar 2022

• [v2+ only] The CodeQL Action now runs on Node.js v16. #1000
• Update default CodeQL bundle version to 2.8.4. #990
• Fix a bug where an invalid commit_oid was being sent to code scanning when a custom checkout path was being used. #956

• 2c03704 Allow the version of the ML-powered pack to depend on the CLI version
• dd6b592 Simplify ML-powered query status report definition
• a90d8bf Merge pull request #1011 from github/henrymercer/ml-powered-queries-pr-check
• dc0338e Use latest major version of actions/upload-artifact
• 57096fe Add a PR check to validate that ML-powered queries are run correctly
• b0ddf36 Merge pull request #1012 from github/henrymercer/update-actions-major-versions
• 1ea2f2d Merge branch 'main' into henrymercer/update-actions-major-versions
• 9dcc141 Merge pull request #1010 from github/henrymercer/stop-running-ml-powered-quer...
• ea751a9 Update other Actions from v2 to v3
• a2949f4 Update actions/checkout from v2 to v3
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/setup-go's releases.

v3.0.0

What's Changed

• Update default runtime to node16 (actions/setup-go#192)
• Update package-lock.json file version to 2 (actions/setup-go#193) and @types/node to 16.11.25 (actions/setup-go#194)
• Remove the stable input and fix SemVer notation (actions/setup-go#195)

Breaking Changes

With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.

This new major release removes the stable input, so there is no need to specify additional input to use pre-release versions. This release also corrects the pre-release versions syntax to satisfy the SemVer notation (1.18.0-beta1 -> 1.18.0-beta.1, 1.18.0-rc1 -> 1.18.0-rc.1).

steps:
  - uses: actions/checkout@v2
  - uses: actions/setup-go@v3
    with:
      go-version: '1.18.0-rc.1' 
  - run: go version

Add check-latest input

In scope of this release we add the check-latest input. If check-latest is set to true, the action first checks if the cached version is the latest one. If the locally cached version is not the most up-to-date, a Go version will then be downloaded from go-versions repository. By default check-latest is set to false. Example of usage:

steps:
  - uses: actions/checkout@v2
  - uses: actions/setup-go@v2
    with:
      go-version: '1.16'
      check-latest: true
  - run: go version

Moreover, we updated @actions/core from 1.2.6 to 1.6.0

v2.1.5

In scope of this release we updated matchers.json to improve the problem matcher pattern. For more information please refer to this pull request

v2.1.4

What's Changed

• Fix extractor selection on windows by @​paulcacheux in actions/setup-go#141

New Contributors

• @​paulcacheux made their first contribution in actions/setup-go#141

Full Changelog: https://github.com/actions/setup-go/compare/v2.1.3...v2.1.4

v2.1.3

• Updated communication with runner to use environment files rather then workflow commands

v2.1.2

This release includes vendored licenses for this action's npm dependencies.

... (truncated)

• f6164bd Remove stable input and fix SemVer notation (#195)
• 2bb2aab update types node (#194)
• edcbc0c update lockfileVersion (#193)
• fb9a043 Update default runtime to node16 (#192)
• 5b0ae0e Bump pathval from 1.1.0 to 1.1.1 (#188)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/BurntSushi/toml's releases.

v1.1.0

Just a few bugfixes:

• Skip fields with toml:"-" even when they're unsupported types. Previously something like this would fail to encode due to func being an unsupported type:

  struct {
      Str  string `toml:"str"
      Func func() `toml:"-"`
  }
  

• Multiline strings can't end with \. This is valid:

  # Valid
  key = """ foo \
  """
  Invalid
  key = """ foo \ """
  

• Don't quote values in TOMLMarshaler. Previously they would always include quoting (e.g. "value"), while the entire point of this interface is to bypass that.

• 891d261 Don't error out if a multiline string ends with an incomplete UTF-8 sequence
• ef65e34 Don't run Unmarshal() through Decode()
• 573cad4 Merge pull request #347 from zhsj/fix-32
• f3633f4 Fix test on 32 bit arch
• 551f4a5 Merge pull request #344 from lucasbutn/hotfix-341-marshaler-shouldnot-writequ...
• dec5825 Removed write quote in marshal to allow write other types than strings
• 2249a9c Multiline strings can't end with ""
• 51b22f2 Fix README
• 01e5516 Skip fields with toml:"-", even when they're unsupported types
• 87b9f05 Fix tests for older Go versions
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from codecov/codecov-action's releases.

v3.0.0

Breaking Changes

• #689 Bump to node16 and small fixes

Features

• #688 Incorporate gcov arguments for the Codecov uploader

Dependencies

• #548 build(deps-dev): bump jest-junit from 12.2.0 to 13.0.0
• #603 [Snyk] Upgrade @​actions/core from 1.5.0 to 1.6.0
• #628 build(deps): bump node-fetch from 2.6.1 to 3.1.1
• #634 build(deps): bump node-fetch from 3.1.1 to 3.2.0
• #636 build(deps): bump openpgp from 5.0.1 to 5.1.0
• #652 build(deps-dev): bump @​vercel/ncc from 0.30.0 to 0.33.3
• #653 build(deps-dev): bump @​types/node from 16.11.21 to 17.0.18
• #659 build(deps-dev): bump @​types/jest from 27.4.0 to 27.4.1
• #667 build(deps): bump actions/checkout from 2 to 3
• #673 build(deps): bump node-fetch from 3.2.0 to 3.2.3
• #683 build(deps): bump minimist from 1.2.5 to 1.2.6
• #685 build(deps): bump @​actions/github from 5.0.0 to 5.0.1
• #681 build(deps-dev): bump @​types/node from 17.0.18 to 17.0.23
• #682 build(deps-dev): bump typescript from 4.5.5 to 4.6.3
• #676 build(deps): bump @​actions/exec from 1.1.0 to 1.1.1
• #675 build(deps): bump openpgp from 5.1.0 to 5.2.1

Sourced from codecov/codecov-action's changelog.

3.0.0

Breaking Changes

• #689 Bump to node16 and small fixes

Features

• #688 Incorporate gcov arguments for the Codecov uploader

Dependencies

• #548 build(deps-dev): bump jest-junit from 12.2.0 to 13.0.0
• #603 [Snyk] Upgrade @​actions/core from 1.5.0 to 1.6.0
• #628 build(deps): bump node-fetch from 2.6.1 to 3.1.1
• #634 build(deps): bump node-fetch from 3.1.1 to 3.2.0
• #636 build(deps): bump openpgp from 5.0.1 to 5.1.0
• #652 build(deps-dev): bump @​vercel/ncc from 0.30.0 to 0.33.3
• #653 build(deps-dev): bump @​types/node from 16.11.21 to 17.0.18
• #659 build(deps-dev): bump @​types/jest from 27.4.0 to 27.4.1
• #667 build(deps): bump actions/checkout from 2 to 3
• #673 build(deps): bump node-fetch from 3.2.0 to 3.2.3
• #683 build(deps): bump minimist from 1.2.5 to 1.2.6
• #685 build(deps): bump @​actions/github from 5.0.0 to 5.0.1
• #681 build(deps-dev): bump @​types/node from 17.0.18 to 17.0.23
• #682 build(deps-dev): bump typescript from 4.5.5 to 4.6.3
• #676 build(deps): bump @​actions/exec from 1.1.0 to 1.1.1
• #675 build(deps): bump openpgp from 5.1.0 to 5.2.1

• e3c5604 Merge pull request #689 from codecov/feat/gcov
• 174efc5 Update package-lock.json
• 6243a75 bump to 3.0.0
• 0d6466f Bump to node16
• d4729ee fetch.default
• 351baf6 fix: bash
• d8cf680 Merge pull request #675 from codecov/dependabot/npm_and_yarn/openpgp-5.2.1
• b775e90 Merge pull request #676 from codecov/dependabot/npm_and_yarn/actions/exec-1.1.1
• 2ebc2f0 Merge pull request #682 from codecov/dependabot/npm_and_yarn/typescript-4.6.3
• 8e2ef2b Merge pull request #681 from codecov/dependabot/npm_and_yarn/types/node-17.0.23
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/checkout's releases.

v3.0.0

• Update default runtime to node16

Sourced from actions/checkout's changelog.

Changelog

v2.3.1

• Fix default branch resolution for .wiki and when using SSH

v2.3.0

• Fallback to the default branch

v2.2.0

• Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

• Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH
• Add submodule support
• Follow proxy settings
• Fix ref for pr closed event when a pr is merged
• Fix issue checking detached when git less than 2.22

v2.0.0

• Do not pass cred on command line
• Add input persist-credentials
• Fallback to REST API to download repo

v2 (beta)

• Improved fetch performance
  • The default behavior now fetches only the SHA being checked-out
• Script authenticated git commands
  • Persists with.token in the local git config
  • Enables your scripts to run authenticated git commands
  • Post-job cleanup removes the token
  • Coming soon: Opt out by setting with.persist-credentials to false
• Creates a local branch
  • No longer detached HEAD when checking out a branch
  • A local branch is created with the corresponding upstream branch set
• Improved layout

... (truncated)

• a12a394 update readme for v3 (#708)
• 8f9e05e Update to node 16 (#689)
• 230611d Change secret name for PAT to not start with GITHUB_ (#623)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from github.com/BurntSushi/toml's releases.

v1.0.0

This release adds much more detailed errors, support for the toml.Marshaler interface, and several fixes.

There is no special meaning in the jump to v1.0; the 0.x releases were always treated as if they're 1.x with regards to compatibility; the versioning scheme for this library predates the release of modules.

New features

• Error reporting is much improved; the reported position of errors should now always be correct and the library can print more detailed errors (#299, #332)

  Decode always return a toml.ParseError, which has three methods:

  • Error() behaves as before and shows a single concise line with the error.

  • ErrorWithLocation() shows the same error, but also shows the line the error occurred at, similar to e.g. clang or the Rust compiler.

  • ErrorWithUsage() is the same as ErrorWithPosition(), but may also show a longer usage guidance message. This isn't always present (in which case it behaves identical to ErrorWithPosition()), but it should be present for most common mistakes and sources of confusion.

  Which error the correct one to use is depends on your application and preferences; in general I would recommend using at least ErrorWithPosition() for user-facing errors, as it's much more helpful for users of any skill level. If your users are likely to be non-technical then ErrorWithUsage() is probably a good idea; I did my best to avoid technical jargon such as "newline" and phrase things in a way that's understandable by most people not intimately familiar with these sort of things.

  Additionally, the TOML key that fialed should now always be reported in all errors.

• Add toml.Marshaler interface. This can be used if you want full control over how something is marshalled as TOML, similar to json.Marshaler etc. This takes precedence over encoding.TextMarshaler. (#327)

• Allow TOML integers to be decoded to a Go float (#325)

  Previously int = 42 could only be decoded to an int* type; now this can also be decoded in a float type as long as it can be represented without loss of data.

Fixes

• Key.String() is now quoted when needed (#333)

• Fix decoding of nested structs on 32bit platforms (#314)

• Empty slices are now always []T{} rather than nil, which was the behaviour in v0.3.1 and before. While they are identical for most purposes, encoding/json encodes them different ([] vs. null), making it an (accidentally) incompatible change (#339)

• 4272474 Reject control characters everywhere
• 9bbaaec Update toml-test
• 8a54f3e Merge TestDecodeInterfaceSlice in TestDecodeSlices
• 9515b92 Decode S=[] into a non-nil []interface{}. (#339)
• 7d0236f Make sure quoted keys with dots work well (#333)
• ff0a3f8 Add back build tags for toml-test files
• 7356d5f Few staticcheck fixes
• b1471ff Don't allow "0_0"
• 847ee8a Update toml-test
• 4619257 Clearer errors when decoding to invalid types (#332)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/checkout's releases.

v2.4.0

• Convert SSH URLs like org-<ORG_ID>@github.com: to https://github.com/ - pr

• ec3a7ce set insteadOf url for org-id (#621)
• fd47087 codeql should analyze lib not dist (#620)
• 3d677ac script to generate license info (#614)
• 826ba42 npm audit fix (#612)
• eb8a193 update dev dependencies and react to new linting rules (#611)
• c49af7c Create codeql-analysis.yml (#602)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)