Sourced from codecov/codecov-action's releases.

v4.3.0

What's Changed

• fix: automatically detect if using GitHub enterprise by @​thomasrockhu-codecov in codecov/codecov-action#1356
• build(deps-dev): bump typescript from 5.4.3 to 5.4.4 by @​dependabot in codecov/codecov-action#1355
• build(deps): bump github/codeql-action from 3.24.9 to 3.24.10 by @​dependabot in codecov/codecov-action#1360
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.5.0 to 7.6.0 by @​dependabot in codecov/codecov-action#1364
• build(deps-dev): bump @​typescript-eslint/parser from 7.5.0 to 7.6.0 by @​dependabot in codecov/codecov-action#1363
• feat: add network params by @​thomasrockhu-codecov in codecov/codecov-action#1365
• build(deps): bump undici from 5.28.3 to 5.28.4 by @​dependabot in codecov/codecov-action#1361
• chore(release): v4.3.0 by @​thomasrockhu-codecov in codecov/codecov-action#1366

Full Changelog: https://github.com/codecov/codecov-action/compare/v4.2.0...v4.3.0

• 8450866 chore(release): v4.3.0 (#1366)
• e841909 build(deps): bump undici from 5.28.3 to 5.28.4 (#1361)
• 363a65a feat: add network params (#1365)
• 640b86a build(deps-dev): bump @​typescript-eslint/parser from 7.5.0 to 7.6.0 (#1363)
• 375c033 build(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.5.0 to 7.6.0 (#...
• d701256 build(deps): bump github/codeql-action from 3.24.9 to 3.24.10 (#1360)
• 0bb547a build(deps-dev): bump typescript from 5.4.3 to 5.4.4 (#1355)
• 55e8381 fix: automatically detect if using GitHub enterprise (#1356)
• See full diff in compare view

Sourced from codecov/codecov-action's releases.

v4.2.0

What's Changed

• chore(deps): update deps by @​thomasrockhu-codecov in codecov/codecov-action#1351
• feat: allow for authentication via OIDC token by @​thomasrockhu-codecov in codecov/codecov-action#1330
• fix: use_oidc shoudl be required false by @​thomasrockhu-codecov in codecov/codecov-action#1353

Full Changelog: https://github.com/codecov/codecov-action/compare/v4.1.1...v4.2.0

• 7afa10e fix: use_oidc shoudl be required false (#1353)
• d820d60 feat: allow for authentication via OIDC token (#1330)
• 3a20752 chore(deps): update deps (#1351)
• See full diff in compare view

Sourced from codecov/codecov-action's releases.

v4.1.1

What's Changed

• build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by @​dependabot in codecov/codecov-action#1315
• build(deps-dev): bump typescript from 5.3.3 to 5.4.2 by @​dependabot in codecov/codecov-action#1319
• Removed mention of Mercurial by @​drazisil-codecov in codecov/codecov-action#1325
• build(deps): bump github/codeql-action from 3.24.6 to 3.24.7 by @​dependabot in codecov/codecov-action#1332
• build(deps): bump actions/checkout from 4.1.1 to 4.1.2 by @​dependabot in codecov/codecov-action#1331
• fix: force version by @​thomasrockhu-codecov in codecov/codecov-action#1329
• build(deps-dev): bump typescript from 5.4.2 to 5.4.3 by @​dependabot in codecov/codecov-action#1334
• build(deps): bump undici from 5.28.2 to 5.28.3 by @​dependabot in codecov/codecov-action#1338
• build(deps): bump github/codeql-action from 3.24.7 to 3.24.9 by @​dependabot in codecov/codecov-action#1341
• fix: typo in disable_safe_directory by @​mkroening in codecov/codecov-action#1343
• chore(release): 4.1.1 by @​thomasrockhu-codecov in codecov/codecov-action#1344

New Contributors

• @​mkroening made their first contribution in codecov/codecov-action#1343

Full Changelog: https://github.com/codecov/codecov-action/compare/v4.1.0...v4.1.1

Sourced from codecov/codecov-action's changelog.

4.0.0-beta.2

Fixes

• #1085 not adding -n if empty to do-upload command

4.0.0-beta.1

v4 represents a move from the universal uploader to the Codecov CLI. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.

Breaking Changes

• No current support for aarch64 and alpine architectures.
• Tokenless uploading is unsuported
• Various arguments to the Action have been removed

3.1.4

Fixes

• #967 Fix typo in README.md
• #971 fix: add back in working dir
• #969 fix: CLI option names for uploader

Dependencies

• #970 build(deps-dev): bump @​types/node from 18.15.12 to 18.16.3
• #979 build(deps-dev): bump @​types/node from 20.1.0 to 20.1.2
• #981 build(deps-dev): bump @​types/node from 20.1.2 to 20.1.4

3.1.3

Fixes

• #960 fix: allow for aarch64 build

Dependencies

• #957 build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0
• #958 build(deps): bump openpgp from 5.7.0 to 5.8.0
• #959 build(deps-dev): bump @​types/node from 18.15.10 to 18.15.12

3.1.2

Fixes

• #718 Update README.md
• #851 Remove unsupported path_to_write_report argument
• #898 codeql-analysis.yml
• #901 Update README to contain correct information - inputs and negate feature
• #955 fix: add in all the extra arguments for uploader

Dependencies

• #819 build(deps): bump openpgp from 5.4.0 to 5.5.0
• #835 build(deps): bump node-fetch from 3.2.4 to 3.2.10
• #840 build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4
• #841 build(deps): bump @​actions/core from 1.9.1 to 1.10.0
• #843 build(deps): bump @​actions/github from 5.0.3 to 5.1.1
• #869 build(deps): bump node-fetch from 3.2.10 to 3.3.0
• #872 build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0
• #879 build(deps): bump decode-uri-component from 0.2.0 to 0.2.2

... (truncated)

• c16abc2 chore(release): 4.1.1 (#1344)
• 3e33441 fix: typo in disable_safe_directory (#1343)
• 85aacc9 build(deps): bump github/codeql-action from 3.24.7 to 3.24.9 (#1341)
• 4ea9be0 build(deps): bump undici from 5.28.2 to 5.28.3 (#1338)
• 164fade build(deps-dev): bump typescript from 5.4.2 to 5.4.3 (#1334)
• 4621ecc fix: force version (#1329)
• 251ba34 build(deps): bump actions/checkout from 4.1.1 to 4.1.2 (#1331)
• 5a593a5 build(deps): bump github/codeql-action from 3.24.6 to 3.24.7 (#1332)
• a15c0e4 Removed mention of Mercurial (#1325)
• 8be6ba5 build(deps-dev): bump typescript from 5.3.3 to 5.4.2 (#1319)
• Additional commits viewable in compare view

Sourced from pypa/gh-action-pypi-publish's releases.

v1.8.14

🛠️ Internal Dependencies

Nothing changed feature-wise. The only notable update is that the underlying container runtime now uses Python 3.12 and pip has been updated to v24.0 there. This is should go unnoticed in terms of behavior. It's just a bit of maintenance burden to be done occasionally by @​webknjaz💰. Enjoy!

🪞 Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.13...v1.8.14

🧔‍♂️ Release Manager: @​webknjaz 🇺🇦

v1.8.13

🐛 What's Fixed

This action is now able to consume and publish distribution packages with Metadata-Version: 2.3 embedded.

🛠️ Internal Dependencies

@​SigureMo💰 sent us a bump of pkginfo version to version 1.10.0 in #219. It's a transitive dependency for us and is not an API-level change but upgrading it has a side effect of letting Twine recognize distribution packages declaring Metadata-Version: 2.3. In particular, it is known to affect distributions built with Maturin >= 1.5.0.

Following that, @​webknjaz💰 upgraded other transitive and direct dependency pins, including, among others, the following notable bumps:

• cryptography == 42.0.5
• id == 1.3.0
• readme-renderer == 43.0
• Twine == 5.0.0

💪 New Contributors

@​SigureMo made their first contribution in pypa/gh-action-pypi-publish#219

🪞 Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.12...v1.8.13

🧔‍♂️ Release Manager: @​webknjaz 🇺🇦

• 81e9d93 Bump pip to v24.0 in runtime prerequisites lock
• 91527c4 Regenerate lockfiles with pip-tools v7.4.1
• 3a817c6 Bump action runtime to CPython 3.12
• 741947b Add a config file for pip-tools
• d7af439 Mass-bump transitive dependencies of runtime
• e90ddca Bump readme-renderer to v43.0
• dae7fa3 Bump Twine to v5.0.0
• 0fe04ae Bump id to v1.3.0
• 444e179 Bump cryptography to v42.0.5
• 820be4e Normalize pip-tools' header comment @ runtime.txt
• Additional commits viewable in compare view

Sourced from codecov/codecov-action's releases.

v4.1.0

What's Changed

• fix: set safe directory by @​thomasrockhu-codecov in codecov/codecov-action#1304
• build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 by @​dependabot in codecov/codecov-action#1306
• build(deps-dev): bump eslint from 8.56.0 to 8.57.0 by @​dependabot in codecov/codecov-action#1305
• chore(release): v4.1.0 by @​thomasrockhu-codecov in codecov/codecov-action#1307

Full Changelog: https://github.com/codecov/codecov-action/compare/v4.0.2...v4.1.0

• 54bcd87 chore(release): v4.1.0 (#1307)
• 8ba77ef build(deps-dev): bump eslint from 8.56.0 to 8.57.0 (#1305)
• c60aa80 build(deps): bump github/codeql-action from 3.24.3 to 3.24.5 (#1306)
• 2fc4847 fix: set safe directory (#1304)
• See full diff in compare view

Sourced from pypa/gh-action-pypi-publish's releases.

v1.8.12

💅 Cosmetic Output Improvements

@​woodruffw💰 replaced the notice annotations with simplified debug messages related to authentication methanism selection via #196. The also improved the error clarity during OIDC exchange on PRs from forks via #203.

📝 What's Documented

@​virtuald💰 updated the docs and pointer messages were updated to mention that reusable workflows aren't supported right now in #186 and @​xuanzhi33💰 later corrected the markdown syntax there via #216.

🛠️ Internal Dependencies

• pre-commit linters got autoupdated @ #204
• Cryptography was bumped from 41.0.6 to 42.0.4 @ #210, #213 and #214

⚙️ Secret Stuff

@​woodruffw proactively updated the OIDC minting API endpoint used during the exchange via #206. Nothing you should be too concerned about, promise!

💪 New Contributors

• @​virtuald made their first contribution in pypa/gh-action-pypi-publish#186
• @​xuanzhi33 made their first contribution in pypa/gh-action-pypi-publish#216

🪞 Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.11...v1.8.12

:man_beard: Release Manager: @​webknjaz 🇺🇦

• e53eb8b Clarify the error during OIDC exchange on PRs from forks
• edfa8f3 Merge pull request #216 from xuanzhi33/unstable/v1
• aeff019 docs(fix): Fix a markdown alert
• 24c5d5c Merge pull request #214 from pypa/dependabot/pip/requirements/cryptography-42...
• c13b4aa build(deps): bump cryptography from 42.0.2 to 42.0.4 in /requirements
• 72a79c8 Merge pull request #213 from pypa/dependabot/pip/requirements/cryptography-42...
• 751e5b8 build(deps): bump cryptography from 42.0.0 to 42.0.2 in /requirements
• 0580fcb Merge pull request #210 from pypa/dependabot/pip/requirements/cryptography-42...
• a524841 build(deps): bump cryptography from 41.0.6 to 42.0.0 in /requirements
• 3f824c7 Merge pull request #204 from pypa/pre-commit-ci-update-config
• Additional commits viewable in compare view

Sourced from codecov/codecov-action's releases.

v4.0.2

What's Changed

• Update README.md by @​thomasrockhu-codecov in codecov/codecov-action#1251
• build(deps-dev): bump @​types/jest from 29.5.11 to 29.5.12 by @​dependabot in codecov/codecov-action#1257
• build(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by @​dependabot in codecov/codecov-action#1266
• Escape pipes in table of arguments by @​jwodder in codecov/codecov-action#1265
• Add link to docs on Dependabot secrets by @​ianlewis in codecov/codecov-action#1260
• fix: working-directory input for all stages by @​Bo98 in codecov/codecov-action#1272
• build(deps-dev): bump @​typescript-eslint/parser from 6.20.0 to 6.21.0 by @​dependabot in codecov/codecov-action#1271
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 6.20.0 to 6.21.0 by @​dependabot in codecov/codecov-action#1269
• build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 by @​dependabot in codecov/codecov-action#1298
• Use updated syntax for GitHub Markdown notes by @​jamacku in codecov/codecov-action#1300
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 6.21.0 to 7.0.0 by @​dependabot in codecov/codecov-action#1290
• build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 by @​dependabot in codecov/codecov-action#1286
• chore(release): bump to 4.0.2 by @​thomasrockhu-codecov in codecov/codecov-action#1302

New Contributors

• @​jwodder made their first contribution in codecov/codecov-action#1265
• @​ianlewis made their first contribution in codecov/codecov-action#1260
• @​Bo98 made their first contribution in codecov/codecov-action#1272
• @​jamacku made their first contribution in codecov/codecov-action#1300

Full Changelog: https://github.com/codecov/codecov-action/compare/v4.0.1...v4.0.2

• 0cfda1d chore(release): bump to 4.0.2 (#1302)
• 7d3a55e build(deps): bump actions/upload-artifact from 4.3.0 to 4.3.1 (#1286)
• fe84a0b build(deps-dev): bump @​typescript-eslint/eslint-plugin from 6.21.0 to 7.0.0 (...
• e12c940 Use updated syntax for GitHub Markdown notes (#1300)
• ef7f8a5 build(deps): bump github/codeql-action from 3.24.0 to 3.24.3 (#1298)
• b8a1d6a build(deps-dev): bump @​typescript-eslint/eslint-plugin from 6.20.0 to 6.21.0 ...
• 6ef7ea4 build(deps-dev): bump @​typescript-eslint/parser from 6.20.0 to 6.21.0 (#1271)
• f62c5ee fix: working-directory input for all stages (#1272)
• fdbfa4b Add link to docs on Dependabot secrets (#1260)
• 9855cf7 Escape pipes in table of arguments (#1265)
• Additional commits viewable in compare view

Sourced from scientific-python/upload-nightly-action's releases.

0.5.0

0.5.0 has the same features as release 0.4.0 but achieves them with fewer dependencies by updating anaconda-client to v1.12.3 to take advantage of upstream fixes that release 0.4.0 provided locally in the GitHub Action. The version of CPython used is also updated to 3.12.

What's Changed

• DOC: Update action commit SHA to the 0.4.0 tag by @​matthewfeickert in scientific-python/upload-nightly-action#66
• ENH: Update to anaconda-client v1.12.3 and simplify dependencies by @​matthewfeickert in scientific-python/upload-nightly-action#67

Full Changelog: https://github.com/scientific-python/upload-nightly-action/compare/0.4.0...0.5.0

0.4.0

0.4.0 adds an additional guard to ensure that projects that:

• Already have the package name exist on the target index
• Only have one version of the package on the target index
• Only have one distribution file for that package

won't remove the project from the index while trying to upload to it. This most commonly guards no arch wheels that don't include version control system information in the filename that are overriding the same wheel filename in place. c.f. Anaconda-Platform/anaconda-client#702 for more informaiton.

No API changes are required to move from 0.3.0 to 0.4.0.

What's Changed

• DOC: Update action commit SHA to the 0.3.0 tag by @​matthewfeickert in scientific-python/upload-nightly-action#56
• CI: Group dependabot updates by @​matthewfeickert in scientific-python/upload-nightly-action#59
• fix: Guard against removing package while uploading to it by @​matthewfeickert in scientific-python/upload-nightly-action#64

Full Changelog: https://github.com/scientific-python/upload-nightly-action/compare/0.3.0...0.4.0

• b67d7fc ENH: Update to anaconda-client v1.12.3 and simplify dependencies (#67)
• 2c7042c DOC: Update action commit SHA to the 0.4.0 tag (#66)
• 95f7bf6 fix: Guard against removing package while uploading to it (#64)
• 66bc1b6 CI: Group dependabot updates (#59)
• 6f1e2b9 DOC: Update action commit SHA to the 0.3.0 tag (#56)
• See full diff in compare view

Sourced from codecov/codecov-action's releases.

v4.0.1

What's Changed

• Update README.md by @​thomasrockhu-codecov in codecov/codecov-action#1243
• Add all args by @​thomasrockhu-codecov in codecov/codecov-action#1245
• fix: show both token uses in readme by @​thomasrockhu-codecov in codecov/codecov-action#1250

Full Changelog: https://github.com/codecov/codecov-action/compare/v4.0.0...v4.0.1

v4.0.0

v4 of the Codecov Action uses the CLI as the underlying upload. The CLI has helped to power new features including local upload, the global upload token, and new upcoming features.

Breaking Changes

• The Codecov Action runs as a node20 action due to node16 deprecation. See this post from GitHub on how to migrate.
• Tokenless uploading is unsupported. However, PRs made from forks to the upstream public repos will support tokenless (e.g. contributors to OS projects do not need the upstream repo's Codecov token). This doc shows instructions on how to add the Codecov token.
• OS platforms have been added, though some may not be automatically detected. To see a list of platforms, see our CLI download page
• Various arguments to the Action have been changed. Please be aware that the arguments match with the CLI's needs

v3 versions and below will not have access to CLI features (e.g. global upload token, ATS).

What's Changed

• build(deps): bump openpgp from 5.8.0 to 5.9.0 by @​dependabot in codecov/codecov-action#985
• build(deps): bump actions/checkout from 3.0.0 to 3.5.3 by @​dependabot in codecov/codecov-action#1000
• build(deps): bump ossf/scorecard-action from 2.1.3 to 2.2.0 by @​dependabot in codecov/codecov-action#1006
• build(deps): bump tough-cookie from 4.0.0 to 4.1.3 by @​dependabot in codecov/codecov-action#1013
• build(deps-dev): bump word-wrap from 1.2.3 to 1.2.4 by @​dependabot in codecov/codecov-action#1024
• build(deps): bump node-fetch from 3.3.1 to 3.3.2 by @​dependabot in codecov/codecov-action#1031
• build(deps-dev): bump @​types/node from 20.1.4 to 20.4.5 by @​dependabot in codecov/codecov-action#1032
• build(deps): bump github/codeql-action from 1.0.26 to 2.21.2 by @​dependabot in codecov/codecov-action#1033
• build commit,report and upload args based on codecovcli by @​dana-yaish in codecov/codecov-action#943
• build(deps-dev): bump @​types/node from 20.4.5 to 20.5.3 by @​dependabot in codecov/codecov-action#1055
• build(deps): bump github/codeql-action from 2.21.2 to 2.21.4 by @​dependabot in codecov/codecov-action#1051
• build(deps-dev): bump @​types/node from 20.5.3 to 20.5.4 by @​dependabot in codecov/codecov-action#1058
• chore(deps): update outdated deps by @​thomasrockhu-codecov in codecov/codecov-action#1059
• build(deps-dev): bump @​types/node from 20.5.4 to 20.5.6 by @​dependabot in codecov/codecov-action#1060
• build(deps-dev): bump @​typescript-eslint/parser from 6.4.1 to 6.5.0 by @​dependabot in codecov/codecov-action#1065
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 6.4.1 to 6.5.0 by @​dependabot in codecov/codecov-action#1064
• build(deps): bump actions/checkout from 3.5.3 to 3.6.0 by @​dependabot in codecov/codecov-action#1063
• build(deps-dev): bump eslint from 8.47.0 to 8.48.0 by @​dependabot in codecov/codecov-action#1061
• build(deps-dev): bump @​types/node from 20.5.6 to 20.5.7 by @​dependabot in codecov/codecov-action#1062
• build(deps): bump openpgp from 5.9.0 to 5.10.1 by @​dependabot in codecov/codecov-action#1066
• build(deps-dev): bump @​types/node from 20.5.7 to 20.5.9 by @​dependabot in codecov/codecov-action#1070
• build(deps): bump github/codeql-action from 2.21.4 to 2.21.5 by @​dependabot in codecov/codecov-action#1069
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 6.5.0 to 6.6.0 by @​dependabot in codecov/codecov-action#1072
• Update README.md by @​thomasrockhu-codecov in codecov/codecov-action#1073
• build(deps-dev): bump @​typescript-eslint/parser from 6.5.0 to 6.6.0 by @​dependabot in codecov/codecov-action#1071
• build(deps-dev): bump @​vercel/ncc from 0.36.1 to 0.38.0 by @​dependabot in codecov/codecov-action#1074
• build(deps): bump @​actions/core from 1.10.0 to 1.10.1 by @​dependabot in codecov/codecov-action#1081
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 6.6.0 to 6.7.0 by @​dependabot in codecov/codecov-action#1080

... (truncated)

Sourced from codecov/codecov-action's changelog.

4.0.0-beta.2

Fixes

• #1085 not adding -n if empty to do-upload command

4.0.0-beta.1

v4 represents a move from the universal uploader to the Codecov CLI. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.

Breaking Changes

• No current support for aarch64 and alpine architectures.
• Tokenless uploading is unsuported
• Various arguments to the Action have been removed

3.1.4

Fixes

• #967 Fix typo in README.md
• #971 fix: add back in working dir
• #969 fix: CLI option names for uploader

Dependencies

• #970 build(deps-dev): bump @​types/node from 18.15.12 to 18.16.3
• #979 build(deps-dev): bump @​types/node from 20.1.0 to 20.1.2
• #981 build(deps-dev): bump @​types/node from 20.1.2 to 20.1.4

3.1.3

Fixes

• #960 fix: allow for aarch64 build

Dependencies

• #957 build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0
• #958 build(deps): bump openpgp from 5.7.0 to 5.8.0
• #959 build(deps-dev): bump @​types/node from 18.15.10 to 18.15.12

3.1.2

Fixes

• #718 Update README.md
• #851 Remove unsupported path_to_write_report argument
• #898 codeql-analysis.yml
• #901 Update README to contain correct information - inputs and negate feature
• #955 fix: add in all the extra arguments for uploader

Dependencies

• #819 build(deps): bump openpgp from 5.4.0 to 5.5.0
• #835 build(deps): bump node-fetch from 3.2.4 to 3.2.10
• #840 build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4
• #841 build(deps): bump @​actions/core from 1.9.1 to 1.10.0
• #843 build(deps): bump @​actions/github from 5.0.3 to 5.1.1
• #869 build(deps): bump node-fetch from 3.2.10 to 3.3.0
• #872 build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0
• #879 build(deps): bump decode-uri-component from 0.2.0 to 0.2.2

... (truncated)

• e0b68c6 fix: show both token uses in readme (#1250)
• 1f9f557 Add all args (#1245)
• 09686fc Update README.md (#1243)
• f30e495 fix: update action.yml (#1240)
• a7b945c fix: allow for other archs (#1239)
• 98ab2c5 Update package.json (#1238)
• 43235cc Update README.md (#1237)
• 0cf8684 chore(ci): bump to node20 (#1236)
• 8e1e730 build(deps-dev): bump @​typescript-eslint/eslint-plugin from 6.19.1 to 6.20.0 ...
• 61293af build(deps-dev): bump @​typescript-eslint/parser from 6.19.1 to 6.20.0 (#1235)
• Additional commits viewable in compare view

Sourced from codecov/codecov-action's releases.

v3.1.5

What's Changed

• action.yml: Update to Node.js 20 by @​hallabro in codecov/codecov-action#1228

New Contributors

• @​hallabro made their first contribution in codecov/codecov-action#1228

Full Changelog: https://github.com/codecov/codecov-action/compare/v3.1.4...v3.1.5

Sourced from codecov/codecov-action's changelog.

4.0.0-beta.2

Fixes

• #1085 not adding -n if empty to do-upload command

4.0.0-beta.1

v4 represents a move from the universal uploader to the Codecov CLI. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.

Breaking Changes

• No current support for aarch64 and alpine architectures.
• Tokenless uploading is unsuported
• Various arguments to the Action have been removed

• 4fe8c5f chore(release): bump to 3.1.5
• 9140fdc action.yml: Update to Node.js 20 (#1228)
• See full diff in compare view

Sourced from actions/upload-artifact's releases.

v4.0.0

What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.

For more information, see the @​actions/artifact documentation.

New Contributors

• @​vmjoseph made their first contribution in actions/upload-artifact#464

Full Changelog: https://github.com/actions/upload-artifact/compare/v3...v4.0.0

v3.1.3

What's Changed

• chore(github): remove trailing whitespaces by @​ljmf00 in actions/upload-artifact#313
• Bump @​actions/artifact version to v1.1.2 by @​bethanyj28 in actions/upload-artifact#436

Full Changelog: https://github.com/actions/upload-artifact/compare/v3...v3.1.3

v3.1.2

• Update all @actions/* NPM packages to their latest versions- #374
• Update all dev dependencies to their most recent versions - #375

v3.1.1

• Update actions/core package to latest version to remove set-output deprecation warning #351

v3.1.0

What's Changed

• Bump @​actions/artifact to v1.1.0 (actions/upload-artifact#327)
  • Adds checksum headers on artifact upload (actions/toolkit#1095) (actions/toolkit#1063)

• c7d193f Merge pull request #466 from actions/v4-beta
• 13131bb licensed cache
• 4a6c273 Merge branch 'main' into v4-beta
• f391bb9 Merge pull request #465 from actions/robherley/v4-documentation
• 9653d03 Apply suggestions from code review
• 875b630 add limitations section
• ecb2146 add compression example
• 5e7604f trim some repeated info
• d6437d0 naming
• 1b56155 s/v4-beta/v4/g
• Additional commits viewable in compare view

Sourced from actions/download-artifact's releases.

v4.0.0

What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major changes to the backend architecture of Artifacts. They have numerous performance and behavioral improvements.

For more information, see the @​actions/artifact documentation.

New Contributors

• @​bflad made their first contribution in actions/download-artifact#194

Full Changelog: https://github.com/actions/download-artifact/compare/v3...v4.0.0

v3.0.2

• Bump @actions/artifact to v1.1.1 - actions/download-artifact#195
• Fixed a bug in Node16 where if an HTTP download finished too quickly (<1ms, e.g. when it's mocked) we attempt to delete a temp file that has not been created yet actions/toolkit#1278

v3.0.1

• Bump @​actions/core to 1.10.0

• 7a1cd32 Merge pull request #246 from actions/v4-beta
• 8f32874 licensed cache
• b5ff844 Merge pull request #245 from actions/robherley/v4-documentation
• f07a0f7 Update README.md
• 7226129 update test workflow to use different artifact names for matrix
• ada9446 update docs and bump @​actions/artifact
• 7eafc8b Merge pull request #244 from actions/robherley/bump-toolkit
• 3132d12 consume latest toolkit
• 5be1d38 Merge pull request #243 from actions/robherley/v4-beta-updates
• 465b526 consume latest @​actions/toolkit
• Additional commits viewable in compare view

Sourced from actions/setup-python's releases.

v5.0.0

What's Changed

In scope of this release, we update node version runtime from node16 to node20 (actions/setup-python#772). Besides, we update dependencies to the latest versions.

Full Changelog: https://github.com/actions/setup-python/compare/v4.8.0...v5.0.0

v4.8.0

What's Changed

In scope of this release we added support for GraalPy (actions/setup-python#694). You can use this snippet to set up GraalPy:

steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4 
  with:
    python-version: 'graalpy-22.3' 
- run: python my_script.py

Besides, the release contains such changes as:

• Trim python version when reading from file by @​FerranPares in actions/setup-python#628
• Use non-deprecated versions in examples by @​jeffwidman in actions/setup-python#724
• Change deprecation comment to past tense by @​jeffwidman in actions/setup-python#723
• Bump @​babel/traverse from 7.9.0 to 7.23.2 by @​dependabot in actions/setup-python#743
• advanced-usage.md: Encourage the use actions/checkout@v4 by @​cclauss in actions/setup-python#729
• Examples now use checkout@v4 by @​simonw in actions/setup-python#738
• Update actions/checkout to v4 by @​dmitry-shibanov in actions/setup-python#761

New Contributors

• @​FerranPares made their first contribution in actions/setup-python#628
• @​timfel made their first contribution in actions/setup-python#694
• @​jeffwidman made their first contribution in actions/setup-python#724

Full Changelog: https://github.com/actions/setup-python/compare/v4...v4.8.0

v4.7.1

What's Changed

• Bump word-wrap from 1.2.3 to 1.2.4 by @​dependabot in actions/setup-python#702
• Add range validation for toml files by @​dmitry-shibanov in actions/setup-python#726

Full Changelog: https://github.com/actions/setup-python/compare/v4...v4.7.1

v4.7.0

In scope of this release, the support for reading python version from pyproject.toml was added (actions/setup-python#669).

      - name: Setup Python
        uses: actions/setup-python@v4
</tr></table> 

... (truncated)

• 0a5c615 Update action to node20 (#772)
• 0ae5836 Add example of GraalPy to docs (#773)
• b64ffca update actions/checkout to v4 (#761)
• 8d28961 Examples now use checkout@v4 (#738)
• 7bc6abb advanced-usage.md: Encourage the use actions/checkout@v4 (#729)
• e8111ce Bump @​babel/traverse from 7.9.0 to 7.23.2 (#743)
• a00ea43 add fix for graalpy ci (#741)
• 8635b1c Change deprecation comment to past tense (#723)
• f6cc428 Use non-deprecated versions in examples (#724)
• 5f2af21 Add GraalPy support (#694)
• Additional commits viewable in compare view

Sourced from pypa/gh-action-pypi-publish's releases.

v1.8.11

:nail_care: Cosmetic output improvements

@​woodruffw added a nudge suggesting the users storing passwords in a GitHub Actions repository secrets to switch to using secretless publishing in pypa/gh-action-pypi-publish#190. This also reminds people that PyPI will start mandating two-factor authentication to perform uploads in 2024.

:memo: What's Documented

@​di linked the configuration docs for Trusted Publishing in README via pypa/gh-action-pypi-publish#179.

:hammer_and_wrench: Internal dependencies

• Cryptography was bumped from 41.0.3 to 41.0.6 @ pypa/gh-action-pypi-publish#194
• Pip was bumped from 22.3.1 to 23.3 @ pypa/gh-action-pypi-publish#189
• pre-commit linters got autoupdated @ pypa/gh-action-pypi-publish#184
• Urllib3 was bumped from 2.0.3 to 2.0.7 @ pypa/gh-action-pypi-publish#183 and pypa/gh-action-pypi-publish#185

:muscle: New Contributors

• @​di made their first contribution in pypa/gh-action-pypi-publish#179

:mirror: Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.10...v1.8.11

• 2f6f737 Merge commit PR #184 into unstable/v1
• 2fa448a Merge PRs #190, #184, #185, #189 and #194 into unstable/v1
• 824ad31 Revert flake8 to v4.0.1 for WPS
• 41f3f53 Bump cryptography from 41.0.3 to 41.0.6 in /requirements
• 2319287 twine-upload: ::error, switch nudge order
• 254a0d4 twine-upload: add a nudge for password auth
• 70a33ca Bump pip from 22.3.1 to 23.3 in /requirements
• 102f507 Bump urllib3 from 2.0.6 to 2.0.7 in /requirements
• 79739dc Merge pull request #183 from pypa/dependabot/pip/requirements/urllib3-2.0.6
• 9a3f9ad [pre-commit.ci] pre-commit autoupdate
• Additional commits viewable in compare view

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

• Update default runtime to node20 by @​takost in actions/checkout#1436
• Support fetching without the --progress option by @​simonbaird in actions/checkout#1067
• Release 4.0.0 by @​takost in actions/checkout#1447

New Contributors

• @​takost made their first contribution in actions/checkout#1436
• @​simonbaird made their first contribution in actions/checkout#1067

Full Changelog: https://github.com/actions/checkout/compare/v3...v4.0.0

v3.6.0

What's Changed

• Mark test scripts with Bash'isms to be run via Bash by @​dscho in actions/checkout#1377
• Add option to fetch tags even if fetch-depth > 0 by @​RobertWieczoreck in actions/checkout#579
• Release 3.6.0 by @​luketomlinson in actions/checkout#1437

New Contributors

• @​RobertWieczoreck made their first contribution in actions/checkout#579
• @​luketomlinson made their first contribution in actions/checkout#1437

Full Changelog: https://github.com/actions/checkout/compare/v3.5.3...v3.6.0

v3.5.3

What's Changed

• Fix: Checkout Issue in self hosted runner due to faulty submodule check-ins by @​megamanics in actions/checkout#1196
• Fix typos found by codespell by @​DimitriPapadopoulos in actions/checkout#1287
• Add support for sparse checkouts by @​dscho and @​dfdez in actions/checkout#1369
• Release v3.5.3 by @​TingluoHuang in actions/checkout#1376

New Contributors

• @​megamanics made their first contribution in actions/checkout#1196
• @​DimitriPapadopoulos made their first contribution in actions/checkout#1287
• @​dfdez made their first contribution in actions/checkout#1369

Full Changelog: https://github.com/actions/checkout/compare/v3...v3.5.3

v3.5.2

What's Changed

• Fix: Use correct API url / endpoint in GHES by @​fhammerl in actions/checkout#1289 based on #1286 by @​1newsr

Full Changelog: https://github.com/actions/checkout/compare/v3.5.1...v3.5.2

v3.5.1

What's Changed

• Improve checkout performance on Windows runners by upgrading @​actions/github dependency by @​BrettDong in actions/checkout#1246

New Contributors

• @​BrettDong made their first contribution in actions/checkout#1246

... (truncated)

Sourced from actions/checkout's changelog.

Changelog

v4.0.0

• Support fetching without the --progress option
• Update to node20

v3.6.0

• Fix: Mark test scripts with Bash'isms to be run via Bash
• Add option to fetch tags even if fetch-depth > 0

v3.5.3

• Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in
• Fix typos found by codespell
• Add support for sparse checkouts

v3.5.2

• Fix api endpoint for GHES

v3.5.1

• Fix slow checkout on Windows

v3.5.0

• Add new public key for known_hosts

v3.4.0

• Upgrade codeql actions to v2
• Upgrade dependencies
• Upgrade @​actions/io

v3.3.0

• Implement branch list using callbacks from exec function
• Add in explicit reference to private checkout options
• [Fix comment typos (that got added in #770)](actions/checkout#1057)

v3.2.0

• Add GitHub Action to perform release
• Fix status badge
• Replace datadog/squid with ubuntu/squid Docker image
• Wrap pipeline commands for submoduleForeach in quotes
• Update @​actions/io to 1.1.2
• Upgrading version to 3.2.0

v3.1.0

• Use @​actions/core saveState and getState
• Add github-server-url input

v3.0.2

• Add input set-safe-directory

v3.0.1

... (truncated)

• 3df4ab1 Release 4.0.0 (#1447)
• 8b5e8b7 Support fetching without the --progress option (#1067)
• 97a652b Update default runtime to node20 (#1436)
• See full diff in compare view

Sourced from pypa/gh-action-pypi-publish's releases.

v1.8.10

:bug: What's Fixed

@​woodruffw fixed decoding OIDC claims in debug output on failure by applying correct padding to the encoded payload via pypa/gh-action-pypi-publish#177.

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.9...v1.8.10

v1.8.9

:nail_care: Cosmetic output improvements

• @​woodruffw added debug output to the trusted publishing OIDC exchange on failures in pypa/gh-action-pypi-publish#174
• @​woodruffw implemented Markdown semantic callouts in README via pypa/gh-action-pypi-publish#175

:hammer_and_wrench: Internal dependencies

• Certifi was bumped from 2023.5.7 to 2023.7.22 @ pypa/gh-action-pypi-publish#171
• Cryptography was bumped from 41.0.2 to 41.0.3 @ pypa/gh-action-pypi-publish#172

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.8...v1.8.9

• b7f401d Merge PR #177 into unstable/v1
• ba3ecc9 oidc-exchange: fix padding
• ade57f5 Merge PRs #174 #175 and #172 into unstable/v1
• 637917e README: re-add "pro tip" language
• 4864f13 README: use semantic callouts
• 326f9ad oidc-exchange: add-trailing-comma
• e5f0690 oidc-exchange: ignore a nested function
• 8bdd0cc oidc-exchange: lintage
• 71a0032 oidc-exchange: render claims if exchange fails
• adef75a Bump cryptography from 41.0.2 to 41.0.3 in /requirements
• Additional commits viewable in compare view

Sourced from pypa/gh-action-pypi-publish's releases.

v1.8.8

:nail_care: Cosmetic output improvements

• In pypa/gh-action-pypi-publish#167, @​woodruffw introduced a nudge-warning encouraging people to start using secretless publishing to PyPI, as suggested by @​sethmlarson in pypa/gh-action-pypi-publish#164, collaborating with @​di.

  :bulb: Tip: The OIDC-based trusted publishing integration details can be found in the action README at https://github.com/marketplace/actions/pypi-publish#trusted-publishing and on the PyPI docs page at https://docs.pypi.org/trusted-publishers/. It's gone GA on April 20, 2023, during PyCon: https://blog.pypi.org/posts/2023-04-20-introducing-trusted-publishers/. And the Trail Of Bits blog post has some deeper explanation here: https://blog.trailofbits.com/2023/05/23/trusted-publishing-a-new-benchmark-for-packaging-security/.

:hammer_and_wrench: Internal dependencies

• @​pquentin bumped the runtime dependency pins to the recent versions @ pypa/gh-action-pypi-publish#168.

:muscle: New Contributors

• @​pquentin made their first contribution in pypa/gh-action-pypi-publish#168

:mirror: Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.7...v1.8.8

• f8c70e7 Merge pull request #168 from pquentin/bump-dependencies
• 68276eb Merge pull request #167 from trail-of-forks/tob-nudge
• a5d57af Bump runtime dependencies
• e90e853 twine-upload: only nudge on PyPI-looking domains
• be69596 twine-upload: add a nudge for trusted publishing
• 54d67ed Merge pull request #165 from pypa/pre-commit-ci-update-config
• d32e2fa Revert flake8 to v4.0.1
• a8d92e9 [pre-commit.ci] pre-commit autoupdate
• See full diff in compare view

Sourced from pypa/gh-action-pypi-publish's releases.

v1.8.7

:nail_care: Cosmetic output impovements

• @​woodruffw fixed OIDC the multiline annotations by escaping LF through urlencoding it in pypa/gh-action-pypi-publish#156.
• @​jaap3 noticed and promptly removed extraneous } from a non-OIDC log annotation in pypa/gh-action-pypi-publish#161.
• @​hugovk made pip ignore that it runs under the root user and suppress its warning output in pypa/gh-action-pypi-publish#159.

:hammer_and_wrench: Internal dependencies

• Cryptography was bumped from 39.0.1 to 41.0.0 @ pypa/gh-action-pypi-publish#160
• Requests was bumped from 2.28.1 to 2.31.0 @ pypa/gh-action-pypi-publish#157

:muscle: New Contributors

• @​jaap3 made their first contribution in pypa/gh-action-pypi-publish#161

:mirror: Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.6...v1.8.7

• f5622bd Merge PRs #159 and #160 into unstable/v1
• 3be882c Merge pull request #161 from jaap3/jaap3-patch-1
• 775be49 Remove extraneous }
• 5684530 Bump cryptography from 39.0.1 to 41.0.0 in /requirements
• 135d0d5 Ignore pip's root user warning
• 110f54a Merge pull request #157 from pypa/dependabot/pip/requirements/requests-2.31.0
• c803c91 Bump requests from 2.28.1 to 2.31.0 in /requirements
• f9ed8ba Merge pull request #156 from trail-of-forks/tob-fix-annotation
• 3063966 oidc-exchange: "fix" multiline annotations
• See full diff in compare view

Sourced from mamba-org/provision-with-micromamba's releases.

v16

⛔️ With this release, we are deprecating this project.

Please use the mamba-org/setup-micromamba action instead.

See the migration guide for instructions how to migrate from provision-with-micromamba to setup-micromamba.

• 3c96c0c Add deprecation warning (#122)
• See full diff in compare view

Sourced from codecov/codecov-action's releases.

3.1.4

What's Changed

• build(deps-dev): bump @​types/node from 18.15.12 to 18.16.3 by @​dependabot in codecov/codecov-action#970
• Fix typo in README.md by @​hisaac in codecov/codecov-action#967
• fix: add back in working dir by @​thomasrockhu-codecov in codecov/codecov-action#971
• fix: CLI option names for uploader by @​kleisauke in codecov/codecov-action#969
• build(deps-dev): bump @​types/node from 18.16.3 to 20.1.0 by @​dependabot in codecov/codecov-action#975
• build(deps-dev): bump @​types/node from 20.1.0 to 20.1.2 by @​dependabot in codecov/codecov-action#979
• build(deps-dev): bump @​types/node from 20.1.2 to 20.1.4 by @​dependabot in codecov/codecov-action#981
• release: 3.1.4 by @​thomasrockhu-codecov in codecov/codecov-action#983

New Contributors

• @​hisaac made their first contribution in codecov/codecov-action#967
• @​kleisauke made their first contribution in codecov/codecov-action#969

Full Changelog: https://github.com/codecov/codecov-action/compare/v3.1.3...v3.1.4

Sourced from codecov/codecov-action's changelog.

3.1.4

Fixes

• #967 Fix typo in README.md
• #971 fix: add back in working dir
• #969 fix: CLI option names for uploader

Dependencies

• #970 build(deps-dev): bump @​types/node from 18.15.12 to 18.16.3
• #979 build(deps-dev): bump @​types/node from 20.1.0 to 20.1.2
• #981 build(deps-dev): bump @​types/node from 20.1.2 to 20.1.4

• eaaf4be release: 3.1.4 (#983)
• c2ab9ab build(deps-dev): bump @​types/node from 20.1.2 to 20.1.4 (#981)
• 49c20db build(deps-dev): bump @​types/node from 20.1.0 to 20.1.2 (#979)
• cf8e3e4 build(deps-dev): bump @​types/node from 18.16.3 to 20.1.0 (#975)
• 1c34415 fix: CLI option names for uploader (#969)
• b4dfea7 fix: add back in working dir (#971)
• 5bf2504 Fix typo in README.md (#967)
• 1dd0ce3 build(deps-dev): bump @​types/node from 18.15.12 to 18.16.3 (#970)
• See full diff in compare view

Sourced from pypa/gh-action-pypi-publish's releases.

v1.8.6

What's Updated

• @​woodruffw dropped the references to a “private beta” from the project docs and runtime in pypa/gh-action-pypi-publish#147. He also clarified that the API tokens are still more secure than passwords in pypa/gh-action-pypi-publish#150.
• @​asherf noticed that the action metadata incorrectly marked the password field as required and contributed a correction in pypa/gh-action-pypi-publish#151
• @​webknjaz moved the Trusted Publishing example to the top of the README in hopes that new users would default to using it via https://github.com/pypa/gh-action-pypi-publish/commit/f47b34707fd264d5ddb1ef322ca74cf8e4cf351b

New Contributors

• @​asherf made their first contribution in pypa/gh-action-pypi-publish#151

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.5...v1.8.6

• a56da0b Merge pull request #151 from asherf/trusted
• e4b9031 password input is no longer required, since not specifying it implies trusted...
• 5a085bf Merge pull request #150 from trail-of-forks/tob-doc-tweaks
• 0811f99 README: small doc tweaks
• f47b347 📝🎨 Put OIDC on pedestal @ README
• 7a1a355 🎨 Show GH environments use in README examples
• 3b6670b Merge pull request #147 from trail-of-forks/tob-stabilize-oidc
• c008c2f README: re-add OIDC note
• fe431ff README, oidc-exchange: remove beta references
• c542b72 Bump WPS flake8 plugin set to v0.17.0
• Additional commits viewable in compare view

Sourced from codecov/codecov-action's releases.

3.1.3

What's Changed

• build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0 by @​dependabot in codecov/codecov-action#957
• build(deps): bump openpgp from 5.7.0 to 5.8.0 by @​dependabot in codecov/codecov-action#958
• build(deps-dev): bump @​types/node from 18.15.10 to 18.15.12 by @​dependabot in codecov/codecov-action#959
• fix: allow for aarch64 build by @​thomasrockhu-codecov in codecov/codecov-action#960
• chore(release): bump to 3.1.3 by @​thomasrockhu-codecov in codecov/codecov-action#961

Full Changelog: https://github.com/codecov/codecov-action/compare/v3.1.2...v3.1.3

Sourced from codecov/codecov-action's changelog.

3.1.3

Fixes

• #960 fix: allow for aarch64 build

Dependencies

• #957 build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0
• #958 build(deps): bump openpgp from 5.7.0 to 5.8.0
• #959 build(deps-dev): bump @​types/node from 18.15.10 to 18.15.12

• 894ff02 chore(release): bump to 3.1.3 (#961)
• f539f97 fix: allow for aarch64 build (#960)
• 6757614 build(deps-dev): bump @​types/node from 18.15.10 to 18.15.12 (#959)
• cdee249 build(deps): bump openpgp from 5.7.0 to 5.8.0 (#958)
• ce548e9 build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0 (#957)
• See full diff in compare view

Sourced from codecov/codecov-action's releases.

3.1.2

What's Changed

• build(deps): bump node-fetch from 3.2.4 to 3.2.10 by @​dependabot in codecov/codecov-action#835
• build(deps-dev): bump @​types/node from 16.11.40 to 18.13.0 by @​dependabot in codecov/codecov-action#911
• build(deps-dev): bump @​vercel/ncc from 0.34.0 to 0.36.1 by @​dependabot in codecov/codecov-action#900
• build(deps-dev): bump typescript from 4.7.4 to 4.9.5 by @​dependabot in codecov/codecov-action#905
• Update README.md by @​stefanomunarini in codecov/codecov-action#718
• build(deps): bump openpgp from 5.4.0 to 5.5.0 by @​dependabot in codecov/codecov-action#819
• build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4 by @​dependabot in codecov/codecov-action#840
• build(deps): bump @​actions/core from 1.9.1 to 1.10.0 by @​dependabot in codecov/codecov-action#841
• build(deps): bump @​actions/github from 5.0.3 to 5.1.1 by @​dependabot in codecov/codecov-action#843
• build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2 by @​dependabot in codecov/codecov-action#896
• build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0 by @​dependabot in codecov/codecov-action#872
• build(deps): bump node-fetch from 3.2.10 to 3.3.0 by @​dependabot in codecov/codecov-action#869
• build(deps): bump decode-uri-component from 0.2.0 to 0.2.2 by @​dependabot in codecov/codecov-action#879
• build(deps): bump json5 from 2.2.1 to 2.2.3 by @​dependabot in codecov/codecov-action#895
• codeql-analysis.yml by @​minumulasri in codecov/codecov-action#898
• build(deps): bump ossf/scorecard-action from 1.1.1 to 2.1.2 by @​dependabot in codecov/codecov-action#889
• build(deps-dev): bump @​types/node from 18.13.0 to 18.14.0 by @​dependabot in codecov/codecov-action#922
• build(deps): bump openpgp from 5.5.0 to 5.7.0 by @​dependabot in codecov/codecov-action#924
• build(deps-dev): bump @​types/node from 18.14.0 to 18.14.2 by @​dependabot in codecov/codecov-action#927
• Remove unsupported path_to_write_report argument by @​jsoref in codecov/codecov-action#851
• Update README to contain correct information - inputs and negate feature by @​moshe-azaria-sage in codecov/codecov-action#901
• build(deps-dev): bump @​types/node from 18.14.2 to 18.14.6 by @​dependabot in codecov/codecov-action#933
• build(deps-dev): bump @​types/node from 18.14.6 to 18.15.0 by @​dependabot in codecov/codecov-action#937
• build(deps-dev): bump @​types/node from 18.15.0 to 18.15.5 by @​dependabot in codecov/codecov-action#945
• build(deps): bump node-fetch from 3.3.0 to 3.3.1 by @​dependabot in codecov/codecov-action#938
• build(deps-dev): bump @​types/node from 18.15.5 to 18.15.6 by @​dependabot in codecov/codecov-action#946
• build(deps-dev): bump @​types/node from 18.15.6 to 18.15.10 by @​dependabot in codecov/codecov-action#947
• build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3 by @​dependabot in codecov/codecov-action#951
• fix: add in all the extra arguments for uploader by @​thomasrockhu-codecov in codecov/codecov-action#955
• chore(release): bump to 3.1.2 by @​thomasrockhu-codecov in codecov/codecov-action#956

New Contributors

• @​stefanomunarini made their first contribution in codecov/codecov-action#718
• @​minumulasri made their first contribution in codecov/codecov-action#898
• @​jsoref made their first contribution in codecov/codecov-action#851
• @​moshe-azaria-sage made their first contribution in codecov/codecov-action#901

Full Changelog: https://github.com/codecov/codecov-action/compare/v3.1.1...v3.1.2

Sourced from codecov/codecov-action's changelog.

3.1.2

Fixes

• #718 Update README.md
• #851 Remove unsupported path_to_write_report argument
• #898 codeql-analysis.yml
• #901 Update README to contain correct information - inputs and negate feature
• #955 fix: add in all the extra arguments for uploader

Dependencies

• #819 build(deps): bump openpgp from 5.4.0 to 5.5.0
• #835 build(deps): bump node-fetch from 3.2.4 to 3.2.10
• #840 build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4
• #841 build(deps): bump @​actions/core from 1.9.1 to 1.10.0
• #843 build(deps): bump @​actions/github from 5.0.3 to 5.1.1
• #869 build(deps): bump node-fetch from 3.2.10 to 3.3.0
• #872 build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0
• #879 build(deps): bump decode-uri-component from 0.2.0 to 0.2.2
• #889 build(deps): bump ossf/scorecard-action from 1.1.1 to 2.1.2
• #895 build(deps): bump json5 from 2.2.1 to 2.2.3
• #896 build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2
• #900 build(deps-dev): bump @​vercel/ncc from 0.34.0 to 0.36.1
• #905 build(deps-dev): bump typescript from 4.7.4 to 4.9.5
• #911 build(deps-dev): bump @​types/node from 16.11.40 to 18.13.0
• #922 build(deps-dev): bump @​types/node from 18.13.0 to 18.14.0
• #924 build(deps): bump openpgp from 5.5.0 to 5.7.0
• #927 build(deps-dev): bump @​types/node from 18.14.0 to 18.14.2
• #933 build(deps-dev): bump @​types/node from 18.14.2 to 18.14.6
• #937 build(deps-dev): bump @​types/node from 18.14.6 to 18.15.0
• #938 build(deps): bump node-fetch from 3.3.0 to 3.3.1
• #945 build(deps-dev): bump @​types/node from 18.15.0 to 18.15.5
• #946 build(deps-dev): bump @​types/node from 18.15.5 to 18.15.6
• #947 build(deps-dev): bump @​types/node from 18.15.6 to 18.15.10
• #951 build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3

• 40a12dc chore(release): bump to 3.1.2 (#956)
• 030a000 fix: add in all the extra arguments for uploader (#955)
• 91e1847 build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3 (#951)
• cc7fb3f build(deps-dev): bump @​types/node from 18.15.6 to 18.15.10 (#947)
• fee4896 build(deps-dev): bump @​types/node from 18.15.5 to 18.15.6 (#946)
• ddd8c1b build(deps): bump node-fetch from 3.3.0 to 3.3.1 (#938)
• 76e2f52 build(deps-dev): bump @​types/node from 18.15.0 to 18.15.5 (#945)
• 9b87723 build(deps-dev): bump @​types/node from 18.14.6 to 18.15.0 (#937)
• 13d8b07 build(deps-dev): bump @​types/node from 18.14.2 to 18.14.6 (#933)
• 4b062cb Update README to contain correct information - inputs and negate feature (#901)
• Additional commits viewable in compare view

Sourced from pypa/gh-action-pypi-publish's releases.

v1.8.5

What's Improved

@​woodruffw improved the user-facing documentation and logging to make use of the Trusted Publishing flow terminology cohesive with PyPI in pypa/gh-action-pypi-publish#143. Trusted Publishing used to be referred to as OpenID Connect (OIDC) — the underlying technology that is being used to make it work. He also made the action display the cause of the Trusted Publishing flow being selected by the action via pypa/gh-action-pypi-publish#142.

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.4...v1.8.5

• 0bf742b Merge pull request #143 from trail-of-forks/tob-rewrite-oidc-refs
• 30c3822 oidc-exchange: another link
• 89ddbea README: retitle, add note
• a0f29a5 Apply suggestions from code review
• 0b567d5 oidc-exchange, twine-upload: remove more OIDC refs
• 4372cb5 README: replace OIDC with "trusted publishing"
• 69efb8c Merge pull request #142 from trail-of-forks/tob-indicate-oidc
• dfde872 Apply suggestions from code review
• 3d567f4 twine-upload: expound
• 67b747a oidc-exchange: more explanation
• See full diff in compare view

Sourced from pypa/gh-action-pypi-publish's releases.

v1.8.4

What's Improved

• @​hugovk cleaned up the double whitespaces in the OIDC flow logging in pypa/gh-action-pypi-publish#140
• @​woodruffw added a title and a docs link to the OIDC error output in pypa/gh-action-pypi-publish#139

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.3...v1.8.4

• 29930c9 Merge pull request #139 from trail-of-forks/tob-improve-errors
• 9c859e9 Merge pull request #140 from hugovk/oidc-whitespace
• 65bf8a8 Remove double spaces
• 486ec8d oidc-exchange: improve errors
• See full diff in compare view

Sourced from pypa/gh-action-pypi-publish's releases.

v1.8.3

What's New

This release improves the logging detalization of which authentication mode is selected when the action runs. It surfaces this detail to the workflow run summary page as annotations. The change was contributed by @​woodruffw in pypa/gh-action-pypi-publish#136.

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.2...v1.8.3

v1.8.2

What's Changed

This release started printing out full OIDC error messages to console, instead of just one line -- by @​woodruffw in pypa/gh-action-pypi-publish#134.

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.1...v1.8.2

• 48b317d Merge PR #136 into unstable/v1
• ae29550 twine-upload: increase detail on console notices
• f3ce18f Merge pull request #134 from trail-of-forks/tob-better-errors
• ea29ccc oidc-exchange: avoid splitting the error message
• See full diff in compare view

Sourced from pypa/gh-action-pypi-publish's releases.

v1.8.1

🐛 What's Fixed

💔 Unfortunately, a tiny mistake in v1.8.0 caused a far-reaching regression for the most used code path. ❗ But don't worry, it's fixed now thanks to @​njzjz who promptly spotted it and @​zhongjiajie who sent a bugfix.

🙌 New Contributors

• @​zhongjiajie made their first contribution in pypa/gh-action-pypi-publish#131

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.8.0...v1.8.1

v1.8.0

The Coolest Release Ever!

In this release, @​woodruffw implemented support for secretless OIDC-based publishing to PyPI-like package indexes. The OIDC flow is activated when neither username nor password action inputs are set.

The OIDC “token exchange”, is an authentication technique that PyPI (and TestPyPI, and hopefully some future others) supports as an alternative to long-lived username/password combinations or long-lived API tokens.

IMPORTANT: The PyPI-side configuration is only available to participants of the private beta test. Please, only try out the zero-config mode if you are a beta test participant having followed the PyPI configuration instructions.

Setup prerequisites: https://github.com/marketplace/actions/pypi-publish#publishing-with-openid-connect PyPI's documentation: https://pypi.org/help/#openid-connect Beta test enrollment: pypi/warehouse#12965

New Contributors

• @​woodruffw made their first contribution in pypa/gh-action-pypi-publish#123

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.7.1...v1.8.0

• a3a3baf 🐛 Merge PR #131 from into unstable/v1
• d5417dc 🐛Correct default upload URL
• 8ef2b3d Merge PR #123 into unstable/v1
• 2b46bad OIDC beta support
• See full diff in compare view

Sourced from pypa/gh-action-pypi-publish's releases.

v1.7.1

Regression?

There was a small setback with v1.7.0 — the snake_case fallbacks didn't work because the check for the kebab-case env vars with default values set was always truthy. This bugfix release promptly fixes that.

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.7.0...v1.7.1

v1.7.0

What should I care about?

TL;DR The action input names have been converted to use kebab-case and marked deprecated. But the old names still work.

This is made to align the public API with the de-facto conventions in the ecosystem. We've used snake_case names, which the maintainer considers a historical mistake. New kebab-case inputs will make the end-users' workflows look more consistent and and visually distinguishable from other identifiers one may encounter in YAML.

There is no timeline for removing the old names, but it will happen in v3 or later versions of the action. If the maintainer doesn't forget to do this, that is.

The patch is here: pypa/gh-action-pypi-publish#125.

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.6.5...v1.7.0

v1.6.5

What's Changed

• Added an explicit warning when the password passed into the action is empty — thanks @​colindean

New Contributors

• @​colindean made their first contribution in pypa/gh-action-pypi-publish#122

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.6.4...v1.6.5

• 22b4d1f 🐛 Make kebab options fall back for snake_case
• 7104b6e Merge branch 'maintenance/kebab-case-inputs' into unstable/v1
• f131721 🎨 Convert action inputs to use kebab-case
• 32b5e93 Merge pull request #122 from colindean/empty-token
• efcb9ba 🎨 Warn about empty password/token action input
• d2ce3ec ⇪ Bump isort to v5.12.0
• 0eaf3a1 Merge pull request #121 from pypa/dependabot/pip/requirements/cryptography-39...
• 6a2da9b Bump cryptography from 38.0.4 to 39.0.1 in /requirements
• 7eb3b70 Merge pull request #119 from pypa/pre-commit-ci-update-config
• 91e6121 Revert WPS flake8 hook version to 4.0.1
• Additional commits viewable in compare view

Sourced from mamba-org/provision-with-micromamba's releases.

v15

• Fix #112 (channels overridden even if empty)

• e2b397b Fix #112 (#113)
• 160ff6b Bump checkout GHA version in readme example (#105)
• See full diff in compare view

Sourced from pypa/gh-action-pypi-publish's releases.

v1.6.4

oh, boi! again?

This is the last one tonight, promise! It fixes this embarrassing bug that was actually caught by the CI but got overlooked due to the lack of sleep. TL;DR GH passed $HOME from the external env into the container and that tricked the Python's site module to think that the home directory is elsewhere, adding non-existent paths to the env vars. See #115.

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.6.3...v1.6.4

v1.6.3

Another Release!? Why?

In pypa/gh-action-pypi-publish#112, it was discovered that passing a $PATH variable even breaks the shebang. So this version adds more safeguards to make sure it keeps working with a fully broken $PATH.

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.6.2...v1.6.3

v1.6.2

What's Fixed

• Made the $PATH and $PYTHONPATH environment variables resilient to broken values passed from the host runner environment, which previously allowed the users to accidentally break the container's internal runtime as reported in pypa/gh-action-pypi-publish#112

Internal Maintenance Improvements

• Added a devpi-based smoke-test GitHub Actions CI/CD workflow by @​sesdaile-varmour in pypa/gh-action-pypi-publish#111

New Contributors

• @​sesdaile-varmour made their first contribution in pypa/gh-action-pypi-publish#111

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.6.1...v1.6.2

v1.6.1

What's happened?!

There was a sneaky bug in v1.6.0 which caused Twine to be outside the import path in the Python runtime. It is fixed in v1.6.1 by updating $PYTHONPATH to point to a correct location of the user-global site-packages/ directory.

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.6.0...v1.6.1

v1.6.0

Anything's changed?

The only update is that the Python runtime has been upgraded from 3.9 to 3.11. There are no functional changes in this release.

Full Changelog: https://github.com/pypa/gh-action-pypi-publish/compare/v1.5.2...v1.6.0

v1.5.2

What's Improved

• Implemented the Twine transitive dependency tree pinning using pip-tools-generated constraint files. See pypa/gh-action-pypi-publish#107 and pypa/gh-action-pypi-publish#101 for details.

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.5.1...v1.5.2

• c7f29f7 🐛 Override $HOME in the container with /root
• 644926c 🧪 Always run smoke testing in debug mode
• e71a4a4 Add support for verbose bash execusion w/ $DEBUG
• e56e821 🐛 Make id always available in twine-upload
• c879b84 🐛 Use full path to bash in shebang
• 57e7d53 🐛Ensure the default $PATH value is pre-loaded
• ce291dc 🎨🐛Fix the branch @ pre-commit.ci badge links
• 102d8ab 🐛 Rehardcode devpi port for GHA srv container
• 3a9eaef 🐛Use different ports in/out of GHA containers
• a01fa74 🐛 Use localhost @ GHA outside the containers
• Additional commits viewable in compare view

Sourced from pypa/gh-action-pypi-publish's releases.

v1.6.1

What's happened?!

There was a sneaky bug in v1.6.0 which caused Twine to be outside the import path in the Python runtime. It is fixed in v1.6.1 by updating $PYTHONPATH to point to a correct location of the user-global site-packages/ directory.

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.6.0...v1.6.1

v1.6.0

Anything's changed?

The only update is that the Python runtime has been upgraded from 3.9 to 3.11. There are no functional changes in this release.

Full Changelog: https://github.com/pypa/gh-action-pypi-publish/compare/v1.5.2...v1.6.0

v1.5.2

What's Improved

• Implemented the Twine transitive dependency tree pinning using pip-tools-generated constraint files. See pypa/gh-action-pypi-publish#107 and pypa/gh-action-pypi-publish#101 for details.

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.5.1...v1.5.2

• 5d1679f Use py3.11 user-global site-packages in PYTHONPATH
• d2a2496 Switch the runtime from Python 3.9 to Python 3.11
• d7edd4c Add user-global site-packages to $PYTHONPATH
• 8d5f27c Install Twine in the user-global site-packages
• b0dc178 Disable pip cache dir with an env var
• bbf6e0b Copy requirements to corresponding dir @ container
• 0b69a8c Document broken pkginfo==1.9.0 transitive dep
• c54db9c Integrate pip-tools-generated constraint files
• 480ec4e Inherit yamllint config from the default preset
• 5fb2f04 Drop __token__ from README code usage snippets
• Additional commits viewable in compare view

Sourced from mamba-org/provision-with-micromamba's releases.

v14

What's Changed

• Add micromamba deinit in post.js by @​pavelzw in mamba-org/provision-with-micromamba#89
• Fix duplicate options by @​jonashaag in mamba-org/provision-with-micromamba#98

New Contributors

• @​pavelzw made their first contribution in mamba-org/provision-with-micromamba#89

Full Changelog: https://github.com/mamba-org/provision-with-micromamba/compare/v13...v14

v13

• Fix channels and channel-priority settings
• Support linux-aarch64 and osx-arm64 runners
• Support sel(unix)

• f347426 Remove unnecessary options (#98)
• e542c7a Update deps (#93)
• 8aa0e58 Update actions/checkout (#91)
• b54d7bb Add micromamba deinit in post.js (#89)
• a319a81 Readme updates (#88)
• 28fa105 add unix for condaArch linux or osx (#85)
• bc8e4cc Fix channel priority (#84)
• 52dc9e6 Delete dist/post.js directory (#83)
• 87a13a6 use "channels" and not extraChannels (#82)
• e198969 Fix await (#78)
• Additional commits viewable in compare view

Sourced from xarray-contrib/issue-from-pytest-log's releases.

v1.0

Initial release.

This is the same release as v0.1, but using the version v1.0 allows creating a moving tag named v1.

• 89ca589 Merge pull request #1 from jrbourbeau/add-more-options
• 9460ec9 Stringify
• 63bd7a4 Make issue title and label configurable
• See full diff in compare view

Sourced from mamba-org/provision-with-micromamba's releases.

v13

• Fix channels and channel-priority settings
• Support linux-aarch64 and osx-arm64 runners
• Support sel(unix)

• a319a81 Readme updates (#88)
• 28fa105 add unix for condaArch linux or osx (#85)
• bc8e4cc Fix channel priority (#84)
• 52dc9e6 Delete dist/post.js directory (#83)
• 87a13a6 use "channels" and not extraChannels (#82)
• e198969 Fix await (#78)
• d90963f Refactoring (#73)
• 431e55a Add timeouts to GHA workflows (#74)
• 21e0d20 Merge pull request #71 from mamba-org/aarch64
• 23fc0a3 Fix mac
• Additional commits viewable in compare view

Sourced from codecov/codecov-action's releases.

3.1.1

What's Changed

• Update deprecation warning by @​slifty in codecov/codecov-action#661
• Create codeql-analysis.yml by @​mitchell-codecov in codecov/codecov-action#593
• build(deps): bump node-fetch from 3.2.3 to 3.2.4 by @​dependabot in codecov/codecov-action#714
• build(deps-dev): bump typescript from 4.6.3 to 4.6.4 by @​dependabot in codecov/codecov-action#713
• README: fix typo by @​Evalir in codecov/codecov-action#712
• build(deps): bump github/codeql-action from 1 to 2 by @​dependabot in codecov/codecov-action#724
• build(deps-dev): bump @​types/jest from 27.4.1 to 27.5.0 by @​dependabot in codecov/codecov-action#717
• fix: Remove a blank row by @​johnmanjiro13 in codecov/codecov-action#725
• Update README.md with correct badge version by @​gsheni in codecov/codecov-action#726
• build(deps-dev): bump @​types/node from 17.0.25 to 17.0.33 by @​dependabot in codecov/codecov-action#729
• build(deps-dev): downgrade @​types/node to 16.11.35 by @​dependabot in codecov/codecov-action#734
• build(deps): bump actions/checkout from 2 to 3 by @​dependabot in codecov/codecov-action#723
• build(deps): bump @​actions/github from 5.0.1 to 5.0.3 by @​dependabot in codecov/codecov-action#733
• build(deps): bump @​actions/core from 1.6.0 to 1.8.2 by @​dependabot in codecov/codecov-action#732
• build(deps-dev): bump @​types/node from 16.11.35 to 16.11.36 by @​dependabot in codecov/codecov-action#737
• Create scorecards-analysis.yml by @​mitchell-codecov in codecov/codecov-action#633
• build(deps): bump ossf/scorecard-action from 1.0.1 to 1.1.0 by @​dependabot in codecov/codecov-action#749
• fix: add more verbosity to validation by @​thomasrockhu-codecov in codecov/codecov-action#747
• build(deps-dev): bump typescript from 4.6.4 to 4.7.3 by @​dependabot in codecov/codecov-action#755
• Regenerate scorecards-analysis.yml by @​mitchell-codecov in codecov/codecov-action#750
• build(deps-dev): bump @​types/node from 16.11.36 to 16.11.39 by @​dependabot in codecov/codecov-action#759
• build(deps-dev): bump @​types/node from 16.11.39 to 16.11.40 by @​dependabot in codecov/codecov-action#762
• build(deps-dev): bump @​vercel/ncc from 0.33.4 to 0.34.0 by @​dependabot in codecov/codecov-action#746
• build(deps): bump ossf/scorecard-action from 1.1.0 to 1.1.1 by @​dependabot in codecov/codecov-action#757
• build(deps): bump openpgp from 5.2.1 to 5.3.0 by @​dependabot in codecov/codecov-action#760
• build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.0 by @​dependabot in codecov/codecov-action#748
• build(deps-dev): bump typescript from 4.7.3 to 4.7.4 by @​dependabot in codecov/codecov-action#766
• Switch to v3 by @​thomasrockhu in codecov/codecov-action#774
• Fix network entry in table by @​kevmoo in codecov/codecov-action#783
• Trim arguments after splitting them by @​mitchell-codecov in codecov/codecov-action#791
• build(deps): bump openpgp from 5.3.0 to 5.4.0 by @​dependabot in codecov/codecov-action#799
• build(deps): bump @​actions/core from 1.8.2 to 1.9.1 by @​dependabot in codecov/codecov-action#798
• Plumb failCi into verification function. by @​RobbieMcKinstry in codecov/codecov-action#769
• release: update changelog and version to 3.1.1 by @​thomasrockhu-codecov in codecov/codecov-action#828

New Contributors

• @​slifty made their first contribution in codecov/codecov-action#661
• @​Evalir made their first contribution in codecov/codecov-action#712
• @​johnmanjiro13 made their first contribution in codecov/codecov-action#725
• @​gsheni made their first contribution in codecov/codecov-action#726
• @​kevmoo made their first contribution in codecov/codecov-action#783
• @​RobbieMcKinstry made their first contribution in codecov/codecov-action#769

Full Changelog: https://github.com/codecov/codecov-action/compare/v3.1.0...v3.1.1

Sourced from codecov/codecov-action's changelog.

3.1.1

Fixes

• #661 Update deprecation warning
• #593 Create codeql-analysis.yml
• #712 README: fix typo
• #725 fix: Remove a blank row
• #726 Update README.md with correct badge version
• #633 Create scorecards-analysis.yml
• #747 fix: add more verbosity to validation
• #750 Regenerate scorecards-analysis.yml
• #774 Switch to v3
• #783 Fix network entry in table
• #791 Trim arguments after splitting them
• #769 Plumb failCi into verification function.

Dependencies

• #713 build(deps-dev): bump typescript from 4.6.3 to 4.6.4
• #714 build(deps): bump node-fetch from 3.2.3 to 3.2.4
• #724 build(deps): bump github/codeql-action from 1 to 2
• #717 build(deps-dev): bump @​types/jest from 27.4.1 to 27.5.0
• #729 build(deps-dev): bump @​types/node from 17.0.25 to 17.0.33
• #734 build(deps-dev): downgrade @​types/node to 16.11.35
• #723 build(deps): bump actions/checkout from 2 to 3
• #733 build(deps): bump @​actions/github from 5.0.1 to 5.0.3
• #732 build(deps): bump @​actions/core from 1.6.0 to 1.8.2
• #737 build(deps-dev): bump @​types/node from 16.11.35 to 16.11.36
• #749 build(deps): bump ossf/scorecard-action from 1.0.1 to 1.1.0
• #755 build(deps-dev): bump typescript from 4.6.4 to 4.7.3
• #759 build(deps-dev): bump @​types/node from 16.11.36 to 16.11.39
• #762 build(deps-dev): bump @​types/node from 16.11.39 to 16.11.40
• #746 build(deps-dev): bump @​vercel/ncc from 0.33.4 to 0.34.0
• #757 build(deps): bump ossf/scorecard-action from 1.1.0 to 1.1.1
• #760 build(deps): bump openpgp from 5.2.1 to 5.3.0
• #748 build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.0
• #766 build(deps-dev): bump typescript from 4.7.3 to 4.7.4
• #799 build(deps): bump openpgp from 5.3.0 to 5.4.0
• #798 build(deps): bump @​actions/core from 1.8.2 to 1.9.1

• d9f34f8 release: update changelog and version to 3.1.1 (#828)
• 0e9e7b4 Plumb failCi into verification function. (#769)
• 7f20bd4 build(deps): bump @​actions/core from 1.8.2 to 1.9.1 (#798)
• 13bc253 build(deps): bump openpgp from 5.3.0 to 5.4.0 (#799)
• 5c0da1b Trim arguments after splitting them (#791)
• 68d5f6d Fix network entry in table (#783)
• 2a829b9 Switch to v3 (#774)
• 8e09eaf build(deps-dev): bump typescript from 4.7.3 to 4.7.4 (#766)
• 39e2229 build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.0 (#748)
• b2b7703 build(deps): bump openpgp from 5.2.1 to 5.3.0 (#760)
• Additional commits viewable in compare view

Sourced from pypa/gh-action-pypi-publish's releases.

v1.5.1

What's Changed

• Fixed printing out the dist hashes when packages_dir is a wildcard value. — by @​meowmeowmeowcat in pypa/gh-action-pypi-publish#91

Full Changelog: https://github.com/pypa/gh-action-pypi-publish/compare/v1.5.0...v1.5.1

• 37f50c2 Merge PR #91
• 9f0421c Add #StandWithUkraine banner to README
• c3fbd68 Remove quotes
• See full diff in compare view

Sourced from EnricoMi/publish-unit-test-result-action's releases.

v2.0.0-beta.2

Adds the following features:

• Support large CDATA in JUnit XML files with ignore_runs
• Improved logging of parse errors and tracebacks (#322, #324)
• Fix state leakage with ignore_runs (#323)

v2.0.0-beta

Adds the following features:

• Minor improvements on warnings and logging.

v2.0.0-alpha

Adds the following features:

• Add support for TRX files (#287)
• Add support for NUnit and XUnit XML files (#288 and #289)
• Move to lxml parsing library (#286)
• Upgrade junitparser to 2.7.0

This release contains the following breaking changes:

• Default value for option check_name changed from "Unit Test Results" to "Test Results". If check_name is set in your config, this change is not of your concern. Add check_name: "Unit Test Results" to your config, if you want to keep the old name. Otherwise expect comments and checks with old and new name for open pull requests when moving to version 2.
• Default value for option comment_title changed from "Unit Test Results" to "Test Results". If either check_name or comment_title is set in your config, this change is not of your concern.
• Modes create new and update last removed for option comment_mode. Remove option comment_mode if used with either of these modes.
• Option hiding_comments removed. Please remove this option from your config.
• Option comment_on_pr removed. Please remove this option from your config.

This release deprecates the following features:

• Option files is deprecated, use junit_files instead (#285)

See README.md for further details on moving to version 2.

v1.39

Adds the following features:

• Add check-run HTML URL to JSON output (#310)
• Add thousands separator to progress log

v1.38

Adds the following features:

• Allow to only comment on changes, failures, errors, ... (#248)
• Add new comment_modes and deprecate create new and update last
• Log file sizes, free memory, and progress reading files (#305)

v1.37

Adds the following features:

• Re-arrange layout of PR comments without runs (#280)
• Add formatted numbers to JSON (#298)

... (truncated)

• 00dc83b Releasing v2.0.0-beta.2
• db33277 Log traceback and related exceptions (#324)
• a0006c8 Remove static state from DropTestCaseBuilder (#323)
• dd6c641 Log the actual exception that caused a ParseError (#322)
• 58debd1 Remove max-parallel from CI
• 9dc979d Support large CDATA in JUnit XML files with ignore_runs
• 7a453e7 Releasing v2.0.0-beta
• 693d938 Set log level correctly, so invalid values are reported
• 7167dcf Merge branch 'master' into master-2.x
• 62b1695 Add files back to action.yml, mark as deprected
• Additional commits viewable in compare view

Sourced from mamba-org/provision-with-micromamba's releases.

v12

• Add new options channels, condarc-file, channel-priority, log-level, installer-url, condarc-options
• Add download caching and environment caching
• Support sel(...) selectors in extra-specs
• Add support for using inside Docker containers
• Allow extra-specs only with no environment-file
• Fix Bash + Windows

• 34071ca Add autoactivate sanity check (#69)
• 37cc095 More options (#63)
• d77ce72 Add log-level option (#67)
• 4aceecb Do not ignore PowerShell exit codes (#66)
• 70349b4 Delete index.js (#64)
• 4ec73b7 Fix #60: channels both in action arguments and environment file (#62)
• See full diff in compare view

Sourced from actions/setup-python's releases.

v4.0.0

What's Changed

• Support for python-version-file input: #336

Example of usage:

- uses: actions/setup-python@v4
  with:
    python-version-file: '.python-version' # Read python version from a file
- run: python my_script.py

There is no default python version for this setup-python major version, the action requires to specify either python-version input or python-version-file input. If the python-version input is not specified the action will try to read required version from file from python-version-file input.

• Use pypyX.Y for PyPy python-version input: #349

Example of usage:

- uses: actions/setup-python@v4
  with:
    python-version: 'pypy3.9' # pypy-X.Y kept for backward compatibility
- run: python my_script.py

• RUNNER_TOOL_CACHE environment variable is equal AGENT_TOOLSDIRECTORY: #338

• Bugfix: create missing pypyX.Y symlinks: #347

• PKG_CONFIG_PATH environment variable: #400

• Added python-path output: #405 python-path output contains Python executable path.

• Updated zeit/ncc to vercel/ncc package: #393

• Bugfix: fixed output for prerelease version of poetry: #409

• Made pythonLocation environment variable consistent for Python and PyPy: #418

• Bugfix for 3.x-dev syntax: #417

• Other improvements: #318 #396 #384 #387 #388

Update actions/cache version to 2.0.2

In scope of this release we updated actions/cache package as the new version contains fixes related to GHES 3.5 (actions/setup-python#382)

Add "cache-hit" output and fix "python-version" output for PyPy

This release introduces new output cache-hit (actions/setup-python#373) and fix python-version output for PyPy (actions/setup-python#365)

The cache-hit output contains boolean value indicating that an exact match was found for the key. It shows that the action uses already existing cache or not. The output is available only if cache is enabled.

... (truncated)

• d09bd5e fix: 3.x-dev can install a 3.y version (#417)
• f72db17 Made env.var pythonLocation consistent for Python and PyPy (#418)
• 53e1529 add support for python-version-file (#336)
• 3f82819 Fix output for prerelease version of poetry (#409)
• 397252c Update zeit/ncc to vercel/ncc (#393)
• de977ad Merge pull request #412 from vsafonkin/v-vsafonkin/fix-poetry-cache-test
• 22c6af9 Change PyPy version to rebuild cache
• 081a3cf Merge pull request #405 from mayeut/interpreter-path
• ff70656 feature: add a python-path output
• fff15a2 Use pypyX.Y for PyPy python-version input (#349)
• Additional commits viewable in compare view

Sourced from codecov/codecov-action's releases.

v3.1.0

3.1.0

Features

• #699 Incorporate xcode arguments for the Codecov uploader

Dependencies

• #694 build(deps-dev): bump @​vercel/ncc from 0.33.3 to 0.33.4
• #696 build(deps-dev): bump @​types/node from 17.0.23 to 17.0.25
• #698 build(deps-dev): bump jest-junit from 13.0.0 to 13.2.0

Sourced from codecov/codecov-action's changelog.

3.1.0

Features

• #699 Incorporate xcode arguments for the Codecov uploader

Dependencies

• #694 build(deps-dev): bump @​vercel/ncc from 0.33.3 to 0.33.4
• #696 build(deps-dev): bump @​types/node from 17.0.23 to 17.0.25
• #698 build(deps-dev): bump jest-junit from 13.0.0 to 13.2.0

• 81cd2dc Merge pull request #699 from codecov/feat-xcode
• a03184e feat: add xcode support
• 6a6a9ae Merge pull request #694 from codecov/dependabot/npm_and_yarn/vercel/ncc-0.33.4
• 92a872a Merge pull request #696 from codecov/dependabot/npm_and_yarn/types/node-17.0.25
• 43a9c18 Merge pull request #698 from codecov/dependabot/npm_and_yarn/jest-junit-13.2.0
• 13ce822 Merge pull request #690 from codecov/ci-v3
• 4d6dbaa build(deps-dev): bump jest-junit from 13.0.0 to 13.2.0
• 98f0f19 build(deps-dev): bump @​types/node from 17.0.23 to 17.0.25
• d3021d9 build(deps-dev): bump @​vercel/ncc from 0.33.3 to 0.33.4
• 2c83f35 Update makefile to v3
• See full diff in compare view

Sourced from actions/upload-artifact's releases.

v3.0.0

What's Changed

• Update default runtime to node16 (#293)
• Update package-lock.json file version to 2 (#302)

Breaking Changes

With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.

v2.3.1

Fix for empty fails on Windows failing on upload #281

v2.3.0 Upload Artifact

• Optimizations for faster uploads of larger files that are already compressed
• Significantly improved logging when there are chunked uploads
• Clarifications in logs around the upload size and prohibited characters that aren't allowed in the artifact name or any uploaded files
• Various other small bugfixes & optimizations

v2.2.4

• Retry on HTTP 500 responses from the service

v2.2.3

• Fixes for proxy related issues

v2.2.2

• Improved retryability and error handling

v2.2.1

• Update used actions/core package to the latest version

v2.2.0

• Support for artifact retention

v2.1.4

• Add Third Party License Information

v2.1.3

• Use updated version of the @action/artifact NPM package

v2.1.2

• Increase upload chunk size from 4MB to 8MB
• Detect case insensitive file uploads

v2.1.1

• Fix for certain symlinks not correctly being identified as directories before starting uploads

v2.1.0

• Support for uploading artifacts with multiple paths
• Support for using exclude paths
• Updates to dependencies

... (truncated)

• 6673cd0 Update lockfileVersion in package-lock.json (#302)
• 2244c82 Update to node16 (#293)
• 87348ce Add 503 warning when uploading to the same artifact
• See full diff in compare view

Sourced from codecov/codecov-action's releases.

v3.0.0

Breaking Changes

• #689 Bump to node16 and small fixes

Features

• #688 Incorporate gcov arguments for the Codecov uploader

Dependencies

• #548 build(deps-dev): bump jest-junit from 12.2.0 to 13.0.0
• #603 [Snyk] Upgrade @​actions/core from 1.5.0 to 1.6.0
• #628 build(deps): bump node-fetch from 2.6.1 to 3.1.1
• #634 build(deps): bump node-fetch from 3.1.1 to 3.2.0
• #636 build(deps): bump openpgp from 5.0.1 to 5.1.0
• #652 build(deps-dev): bump @​vercel/ncc from 0.30.0 to 0.33.3
• #653 build(deps-dev): bump @​types/node from 16.11.21 to 17.0.18
• #659 build(deps-dev): bump @​types/jest from 27.4.0 to 27.4.1
• #667 build(deps): bump actions/checkout from 2 to 3
• #673 build(deps): bump node-fetch from 3.2.0 to 3.2.3
• #683 build(deps): bump minimist from 1.2.5 to 1.2.6
• #685 build(deps): bump @​actions/github from 5.0.0 to 5.0.1
• #681 build(deps-dev): bump @​types/node from 17.0.18 to 17.0.23
• #682 build(deps-dev): bump typescript from 4.5.5 to 4.6.3
• #676 build(deps): bump @​actions/exec from 1.1.0 to 1.1.1
• #675 build(deps): bump openpgp from 5.1.0 to 5.2.1

Sourced from codecov/codecov-action's changelog.

3.0.0

Breaking Changes

• #689 Bump to node16 and small fixes

Features

• #688 Incorporate gcov arguments for the Codecov uploader

Dependencies

• #548 build(deps-dev): bump jest-junit from 12.2.0 to 13.0.0
• #603 [Snyk] Upgrade @​actions/core from 1.5.0 to 1.6.0
• #628 build(deps): bump node-fetch from 2.6.1 to 3.1.1
• #634 build(deps): bump node-fetch from 3.1.1 to 3.2.0
• #636 build(deps): bump openpgp from 5.0.1 to 5.1.0
• #652 build(deps-dev): bump @​vercel/ncc from 0.30.0 to 0.33.3
• #653 build(deps-dev): bump @​types/node from 16.11.21 to 17.0.18
• #659 build(deps-dev): bump @​types/jest from 27.4.0 to 27.4.1
• #667 build(deps): bump actions/checkout from 2 to 3
• #673 build(deps): bump node-fetch from 3.2.0 to 3.2.3
• #683 build(deps): bump minimist from 1.2.5 to 1.2.6
• #685 build(deps): bump @​actions/github from 5.0.0 to 5.0.1
• #681 build(deps-dev): bump @​types/node from 17.0.18 to 17.0.23
• #682 build(deps-dev): bump typescript from 4.5.5 to 4.6.3
• #676 build(deps): bump @​actions/exec from 1.1.0 to 1.1.1
• #675 build(deps): bump openpgp from 5.1.0 to 5.2.1

• e3c5604 Merge pull request #689 from codecov/feat/gcov
• 174efc5 Update package-lock.json
• 6243a75 bump to 3.0.0
• 0d6466f Bump to node16
• d4729ee fetch.default
• 351baf6 fix: bash
• d8cf680 Merge pull request #675 from codecov/dependabot/npm_and_yarn/openpgp-5.2.1
• b775e90 Merge pull request #676 from codecov/dependabot/npm_and_yarn/actions/exec-1.1.1
• 2ebc2f0 Merge pull request #682 from codecov/dependabot/npm_and_yarn/typescript-4.6.3
• 8e2ef2b Merge pull request #681 from codecov/dependabot/npm_and_yarn/types/node-17.0.23
• Additional commits viewable in compare view

Sourced from actions/download-artifact's releases.

v3.0.0

What's Changed

• Update default runtime to node16 (actions/download-artifact#134)
• Update package-lock.json file version to 2 (actions/download-artifact#136)

Breaking Changes

With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.

v2.1.0 Download Artifact

• Improved output & logging
• Fixed issue where downloading all artifacts could cause display percentages to be over 100%
• Various small bug fixes & improvements

v2.0.10

• Retry on HTTP 500 responses from the service

v2.0.9

• Fixes to proxy related issues

v2.0.8

• Improvements to retryability if an error is encountered during artifact download

v2.0.7 download-artifact

• Improved download retry-ability if a partial download is encountered

v2.0.6

Update actions/core NPM package that is used internally

v2.0.5

• Add Third Party License Information

v2.0.4

• Use the latest version of the @actions/artifact NPM package

v2.0.3

• Misc improvements

v2.0.2

• Support for tilde expansion

v2.0.1

• Download path output
• Improved logging

• fb598a6 Merge pull request #136 from actions/jtamsut/update-lockfile-version
• a4a09c5 regenerate index.js
• 9acf51d regenerate package lock
• 8821072 upgrade artifact version
• b8bbd3b regenerate lockfile
• 6ee3d96 revert artifact version
• d4793f4 update docs for v3
• 2d338d2 upgrade package to v3
• 360d083 update dependency on artifact lib
• d9b73cc update lock file
• Additional commits viewable in compare view

Sourced from actions/cache's releases.

v3.0.0

• This change adds a minimum runner version(node12 -> node16), which can break users using an out-of-date/fork of the runner. This would be most commonly affecting users on GHES 3.3 or before, as those runners do not support node16 actions and they can use actions from github.com via github connect or manually copying the repo to their GHES instance.

• Few dependencies and cache action usage examples have also been updated.

v2.1.7

Support 10GB cache upload using the latest version 1.0.8 of @actions/cache

v2.1.6

• Catch unhandled "bad file descriptor" errors that sometimes occurs when the cache server returns non-successful response (actions/cache#596)

v2.1.5

• Fix permissions error seen when extracting caches with GNU tar that were previously created using BSD tar (actions/cache#527)

v2.1.4

• Make caching more verbose #650
• Use GNU tar on macOS if available #701

v2.1.3

• Upgrades @actions/core to v1.2.6 for CVE-2020-15228. This action was not using the affected methods.
• Fix error handling in uploadChunk where 400-level errors were not being detected and handled correctly

v2.1.2

• Adds input to limit the chunk upload size, useful for self-hosted runners with slower upload speeds
• No-op when executing on GHES

v2.1.1

• Update @actions/cache package to v1.0.2 which allows cache action to use posix format when taring files.

v2.1.0

• Replaces the http-client with the Azure Storage SDK for NodeJS when downloading cache content from Azure. This should help improve download performance and reliability as the SDK downloads files in 4 MB chunks, which can be parallelized and retried independently
• Display download progress and speed

• 4b0cf6c Merge pull request #769 from actions/users/ashwinsangem/bump_major_version
• 60c606a Update licensed files
• b6e9a91 Revert "Updated to the latest version."
• c842503 Updated to the latest version.
• 2b7da2a Bumped up to a major version.
• deae296 Merge pull request #651 from magnetikonline/fix-golang-windows-example
• c7c46bc Merge pull request #707 from duxtland/main
• 6535c5f Regenerated examples.md TOC
• 3fdafa4 Update GitHub Actions status badge markdown in README.md
• 341e6d7 Merge branch 'actions:main' into fix-golang-windows-example
• Additional commits viewable in compare view

Sourced from actions/setup-python's releases.

v3.0.0

What's Changed

• Update default runtime to node16 (actions/setup-python#340)
• Update package-lock.json file version to 2, @types/node to 16.11.25 and typescript to 4.2.3 (actions/setup-python#341)
• Remove legacy pypy2 and pypy3 keywords (actions/setup-python#342)

Breaking Changes

With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.

This new major release removes support of legacy pypy2 and pypy3 keywords. Please use more specific and flexible syntax to specify a PyPy version:

jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        python-version:
        - 'pypy-2.7' # the latest available version of PyPy that supports Python 2.7
        - 'pypy-3.8' # the latest available version of PyPy that supports Python 3.8
        - 'pypy-3.8-v7.3.8' # Python 3.8 and PyPy 7.3.8
    steps:
    - uses: actions/checkout@v2
    - uses: actions/setup-python@v3
      with:
        python-version: ${{ matrix.python-version }}

See more usage examples in the documentation

Update primary and restore keys for pip

In scope of this release we include a version of python in restore and primary cache keys for pip. Besides, we add temporary fix for Windows caching issue, that the pip cache dir command returns non zero exit code or writes to stderr. Moreover we updated node-fetch dependency.

Update actions/cache version to 1.0.8

We have updated actions/cache dependency version to 1.0.8 to support 10GB cache upload

Support caching dependencies

This release introduces dependency caching support (actions/setup-python#266)

Caching dependencies.

The action has a built-in functionality for caching and restoring pip/pipenv dependencies. The cache input is optional, and caching is turned off by default.

Besides, this release introduces dependency caching support for mono repos and repositories with complex structure.

By default, the action searches for the dependency file (requirements.txt for pip or Pipfile.lock for pipenv) in the whole repository. Use the cache-dependency-path input for cases when you want to override current behaviour and use different file for hash generation (for example requirements-dev.txt). This input supports wildcards or a list of file names for caching multiple dependencies.

Caching pip dependencies:

steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
  with:
    python-version: '3.9'
</tr></table> 

... (truncated)

• 0ebf233 Remove legacy PyPy input (#342)
• 665cd78 Update lockfileversion (#341)
• 93cb78f Update to node16 (#340)
• See full diff in compare view

Sourced from actions/checkout's releases.

v3.0.0

• Update default runtime to node16

v2.4.0

• Convert SSH URLs like org-<ORG_ID>@github.com: to https://github.com/ - pr

v2.3.5

Update dependencies

v2.3.4

• Add missing awaits
• Swap to Environment Files

v2.3.3

• Remove Unneeded commit information from build logs
• Add Licensed to verify third party dependencies

v2.3.2

Add Third Party License Information to Dist Files

v2.3.1

Fix default branch resolution for .wiki and when using SSH

v2.3.0

Fallback to the default branch

v2.2.0

Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH
• Add submodule support
• Follow proxy settings
• Fix ref for pr closed event when a pr is merged
• Fix issue checking detached when git less than 2.22

Sourced from actions/checkout's changelog.

Changelog

v2.3.1

• Fix default branch resolution for .wiki and when using SSH

v2.3.0

• Fallback to the default branch

v2.2.0

• Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

• Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH
• Add submodule support
• Follow proxy settings
• Fix ref for pr closed event when a pr is merged
• Fix issue checking detached when git less than 2.22

v2.0.0

• Do not pass cred on command line
• Add input persist-credentials
• Fallback to REST API to download repo

• a12a394 update readme for v3 (#708)
• 8f9e05e Update to node 16 (#689)
• 230611d Change secret name for PAT to not start with GITHUB_ (#623)
• See full diff in compare view

Sourced from actions/github-script's releases.

v6.0.0

What's Changed

• Update default runtime to node16 by @​thboop in actions/github-script#235
• Update node-fetch by @​joshmgross in actions/github-script#237
• Update @actions/core to 1.6.0 by @​joshmgross in actions/github-script#238

Breaking Changes

With the update to Node 16 in #235, all scripts will now be run with Node 16 rather than Node 12.

New Contributors

• @​thboop made their first contribution in actions/github-script#235

Full Changelog: https://github.com/actions/github-script/compare/v5...v6.0.0

v5.1.0

What's Changed

• Update to latest versions for dev dependencies by @​joshmgross in actions/github-script#204
• update plugin dependencies by @​PeterNitscheMI in actions/github-script#216
• Update licenses and use jonabc/setup-licensed in workflow by @​joshmgross in actions/github-script#228

New Contributors

• @​johan-lindqvist made their first contribution in actions/github-script#201
• @​ansgarm made their first contribution in actions/github-script#215
• @​PeterNitscheMI made their first contribution in actions/github-script#216

Full Changelog: https://github.com/actions/github-script/compare/v5.0.0...v5.1.0

• 9ac0880 Merge pull request #240 from actions/joshmgross/document-esm
• 53cdbb4 Merge pull request #239 from actions/joshmgross/v6
• 6b8d8aa Merge pull request #238 from actions/joshmgross/update-actions-core
• 6689be4 Merge pull request #237 from actions/joshmgross/audit-fix
• 5541733 Add an example using ESM import
• cd8eebf Release version 6.0.0
• 72fadf4 Update @actions/core to 1.6.0
• d526c04 Update node-fetch license
• 2c946f1 Run npm audit fix
• 41e1ab4 Merge pull request #235 from thboop/patch-1
• Additional commits viewable in compare view

Sourced from pypa/gh-action-pypi-publish's releases.

v1.5.0

What's Changed

• Added an action input print_hash for showing the hash values of files to be uploaded — by @​meowmeowmeowcat in pypa/gh-action-pypi-publish#87

New Contributors

• @​pllim made their first contribution in pypa/gh-action-pypi-publish#55
• @​meowmeowmeowcat made their first contribution in pypa/gh-action-pypi-publish#87

Full Diff: https://github.com/pypa/gh-action-pypi-publish/compare/v1.4.2...v1.5.0

• 717ba43 Trim the trailing whitespaces in print-hash.py
• 4992a00 Merge pull request #87 from meowmeowmeowcat/show-hash-values
• 977d067 Fix a bug
• 5d18baa Drop unnecessary file_iterable var
• 0575dc8 Refactor the hash helper script to use pathlib and CLI args
• 8682135 Correct the if-clause for printing the hashes
• c83d37b Introduce print_hash in README
• 777bfc4 Fix the message
• ca30c7d Show a message before printing hash values of files
• 06a2dd6 Fix bug
• Additional commits viewable in compare view

Sourced from actions/github-script's releases.

v5.0.0

What's Changed

• Upgrade to the latest version of Octokit by @​joshmgross in actions/github-script#193

Full Changelog: https://github.com/actions/github-script/compare/v4.1.1...v5.0.0

v4.1.1

What's Changed

• Update minor versions of dependencies by @​joshmgross in actions/github-script#192

Full Changelog: https://github.com/actions/github-script/compare/v4.1.0...v4.1.1

• 441359b Merge pull request #193 from actions/joshmgross/v5
• 4e1175c Update licenses
• 004e46f Fix breaking change in workflow test
• 5e5d515 Upgrade to the latest version of Octokit
• See full diff in compare view

Sourced from codecov/codecov-action's releases.

v2.1.0

2.1.0

Features

• #515 Allow specifying version of Codecov uploader

Dependencies

• #499 build(deps-dev): bump @​vercel/ncc from 0.29.0 to 0.30.0
• #508 build(deps): bump openpgp from 5.0.0-5 to 5.0.0
• #514 build(deps-dev): bump @​types/node from 16.6.0 to 16.9.0

Sourced from codecov/codecov-action's changelog.

2.1.0

Features

• #515 Allow specifying version of Codecov uploader

Dependencies

• #499 build(deps-dev): bump @​vercel/ncc from 0.29.0 to 0.30.0
• #508 build(deps): bump openpgp from 5.0.0-5 to 5.0.0
• #514 build(deps-dev): bump @​types/node from 16.6.0 to 16.9.0

• f32b3a3 Merge pull request #515 from codecov/specify-version
• 72dfd47 Allow specifying version of Codecov uploader
• 46edaed Merge pull request #499 from codecov/dependabot/npm_and_yarn/vercel/ncc-0.30.0
• b6fd8cc Merge pull request #508 from codecov/dependabot/npm_and_yarn/openpgp-5.0.0
• 07a4e97 build(deps-dev): bump @​vercel/ncc from 0.29.0 to 0.30.0
• c071c70 build(deps): bump openpgp from 5.0.0-5 to 5.0.0
• f6d4366 Merge pull request #514 from codecov/dependabot/npm_and_yarn/types/node-16.9.0
• 2bbefc9 build(deps-dev): bump @​types/node from 16.6.0 to 16.9.0
• See full diff in compare view

Sourced from codecov/codecov-action's releases.

v2.0.3

2.0.3

Fixes

• #464 Fix wrong link in the readme
• #485 fix: Add override OS and linux default to platform

Dependencies

• #447 build(deps): bump openpgp from 5.0.0-4 to 5.0.0-5
• #458 build(deps-dev): bump eslint from 7.31.0 to 7.32.0
• #465 build(deps-dev): bump @​typescript-eslint/eslint-plugin from 4.28.4 to 4.29.1
• #466 build(deps-dev): bump @​typescript-eslint/parser from 4.28.4 to 4.29.1
• #468 build(deps-dev): bump @​types/jest from 26.0.24 to 27.0.0
• #470 build(deps-dev): bump @​types/node from 16.4.0 to 16.6.0
• #472 build(deps): bump path-parse from 1.0.6 to 1.0.7
• #473 build(deps-dev): bump @​types/jest from 27.0.0 to 27.0.1
• #478 build(deps-dev): bump @​typescript-eslint/parser from 4.29.1 to 4.29.2
• #479 build(deps-dev): bump @​typescript-eslint/eslint-plugin from 4.29.1 to 4.29.2
• #481 build(deps-dev): bump @​types/node from 16.6.0 to 16.6.2
• #483 build(deps-dev): bump @​vercel/ncc from 0.29.0 to 0.29.2
• #484 build(deps): bump @​actions/core from 1.4.0 to 1.5.0

Sourced from codecov/codecov-action's changelog.

2.0.3

Fixes

• #464 Fix wrong link in the readme
• #485 fix: Add override OS and linux default to platform

Dependencies

• #447 build(deps): bump openpgp from 5.0.0-4 to 5.0.0-5
• #458 build(deps-dev): bump eslint from 7.31.0 to 7.32.0
• #465 build(deps-dev): bump @​typescript-eslint/eslint-plugin from 4.28.4 to 4.29.1
• #466 build(deps-dev): bump @​typescript-eslint/parser from 4.28.4 to 4.29.1
• #468 build(deps-dev): bump @​types/jest from 26.0.24 to 27.0.0
• #470 build(deps-dev): bump @​types/node from 16.4.0 to 16.6.0
• #472 build(deps): bump path-parse from 1.0.6 to 1.0.7
• #473 build(deps-dev): bump @​types/jest from 27.0.0 to 27.0.1
• #478 build(deps-dev): bump @​typescript-eslint/parser from 4.29.1 to 4.29.2
• #479 build(deps-dev): bump @​typescript-eslint/eslint-plugin from 4.29.1 to 4.29.2
• #481 build(deps-dev): bump @​types/node from 16.6.0 to 16.6.2
• #483 build(deps-dev): bump @​vercel/ncc from 0.29.0 to 0.29.2
• #484 build(deps): bump @​actions/core from 1.4.0 to 1.5.0

• 5a8bb47 Merge pull request #485 from codecov/alternate-os
• 3e9a281 Merge pull request #481 from codecov/dependabot/npm_and_yarn/types/node-16.6.2
• 6feb914 chore: Update CHANGELOG
• 9f40d31 build(deps-dev): bump @​types/node from 16.6.0 to 16.6.2
• c4e74fe Merge pull request #483 from codecov/dependabot/npm_and_yarn/vercel/ncc-0.29.2
• 6ba3fb3 Merge pull request #479 from codecov/dependabot/npm_and_yarn/typescript-eslin...
• 7efb9be build(deps-dev): bump @​typescript-eslint/eslint-plugin
• 514990d build(deps-dev): bump @​vercel/ncc from 0.29.0 to 0.29.2
• cd6db5e Merge pull request #484 from codecov/dependabot/npm_and_yarn/actions/core-1.5.0
• 678cc77 Merge pull request #478 from codecov/dependabot/npm_and_yarn/typescript-eslin...
• Additional commits viewable in compare view

Sourced from actions/github-script's releases.

v4.1.0

What's Changed

• Adding @​actions/exec to github-script by @​bhavanakonchada in actions/github-script#178
• Run npm audit and update dev dependencies by @​joshmgross in actions/github-script#181

New Contributors

• @​MichaelDeBoey made their first contribution in actions/github-script#145
• @​oscard0m made their first contribution in actions/github-script#174
• @​brcrista made their first contribution in actions/github-script#177
• @​bhavanakonchada made their first contribution in actions/github-script#178

Full Changelog: https://github.com/actions/github-script/compare/v4.0.2...v4.1.0

• f891eff Merge pull request #181 from actions/joshmgross/update-dependencies
• 4343407 Update dev dependencies
• ab3c97f Run npm audit fix
• e02270e Merge pull request #178 from bhavanakonchada/bhavanakonchada-exec
• c07f5aa Placed the exe.dep.yml file at the right location
• 49d397a updated package-lock.json to reflect v2
• 6f9b9a8 Merge branch 'bhavanakonchada-exec' of https://github.com/bhavanakonchada/git...
• 6456c11 Adding @​actions/exec
• a832578 Added license file for @​actions/exec
• 771c6cc updated readme.md
• Additional commits viewable in compare view

Sourced from styfle/cancel-workflow-action's releases.

0.9.1

Patches

• Fix: cancelling jobs from different repos where two branches have the same name: #105
• Fix: use getBooleanInput instead of getInput: #92
• Chore: add permissions configuration in the README.md: #96
• Chore: add prettier config, format file, add lint workflow: #63
• Chore: create dependabot.yml: #68
• Bump typescript from 4.1.5 to 4.2.4: #71
• Bump actions/setup-node requirement to v2.1.5: #69
• Bump @​vercel/ncc to 0.28.3: #73
• Bump @​actions/core from 1.2.6 to 1.2.7: #74
• Bump @​vercel/ncc from 0.28.3 to 0.28.5: #81
• Bump @​actions/core from 1.2.7 to 1.3.0: #90
• Bump prettier from 2.2.1 to 2.3.0: #85
• Bump @​vercel/ncc from 0.28.5 to 0.28.6: #95
• Bump typescript from 4.2.4 to 4.3.2: #94
• Bump prettier from 2.3.0 to 2.3.1: #97
• Bump typescript from 4.3.2 to 4.3.4: #99
• Bump prettier from 2.3.1 to 2.3.2: #100
• Bump typescript from 4.3.4 to 4.3.5: #101
• Bump husky from 6.0.0 to 7.0.0: #102
• Bump husky from 7.0.0 to 7.0.1: #103

Credits

Huge thanks to @​mikehardy, @​MichaelDeBoey, @​Warashi, @​adrienbernede, and @​spaceface777 for helping!

• a40b884 0.9.1
• a66ae1f fix cancelling jobs from different repos where two branches have the same nam...
• b54f1a5 Bump husky from 7.0.0 to 7.0.1 (#103)
• cc6225c Bump husky from 6.0.0 to 7.0.0 (#102)
• c94109d Bump typescript from 4.3.4 to 4.3.5 (#101)
• fc3581b Bump prettier from 2.3.1 to 2.3.2 (#100)
• 6f9f8b4 Bump typescript from 4.3.2 to 4.3.4 (#99)
• 6135c0f Bump prettier from 2.3.0 to 2.3.1 (#97)
• 531a036 chore: add permissions configuration in the README.md (#96)
• 1f10757 Bump typescript from 4.2.4 to 4.3.2 (#94)
• Additional commits viewable in compare view

Sourced from codecov/codecov-action's releases.

v2.0.2

Fixes

• Underlying uploader fixes issues with tokens not being sent properly for users seeing Error!: Error: Error uploading to https://codecov.io: Error: Error uploading to Codecov: Error: Not Found
• #432 fix: use import to destructure package.json
• #434 fix: openpgp and asn1.js
• #440 2.0.2 token fixes

Dependencies

• #420 Bump eslint from 7.30.0 to 7.31.0
• #433 build(deps-dev): bump @​types/node from 16.3.3 to 16.4.0
• #425 build(deps-dev): bump @​typescript-eslint/eslint-plugin from 4.28.3 to 4.28.4
• #426 build(deps-dev): bump @​typescript-eslint/parser from 4.28.3 to 4.28.4
• #438 Set up Dependabot for github-actions dependencies

v2.0.1

Fixes

• #424 fix: Issue in building all deep dependencies

v2.0.0

On February 1, 2022, the v1 uploader will be full sunset and no longer function. This is due to the deprecation of the underlying bash uploader. This version uses the new uploader.

The v2 Action downloads, verifies, and runs the Codecov binary.

Breaking Changes

• Multiple fields have not been transferred from the bash uploader or have been deprecated. Notably many of the functionalities and gcov_ arguments have been removed. Please check the documentation for the full list.

Features

• dry-run argument allows Codecov flow without uploading reports to Codecov
• (Enterprise only) slug allows specifying the repository slug manually
• (Enterprise only) url allows changing the upload host

v1.5.2

1.5.2

Fixes

• fix: Import version properly as string not object

v1.5.1

1.5.1

Fixes

• #320 doc: add github actions badge
• #336 Update bash uploader to 1.0.3
• #339 fix: Add action version

Dependencies

... (truncated)

Sourced from codecov/codecov-action's changelog.

2.0.2

Fixes

• Underlying uploader fixes issues with tokens not being sent properly for users seeing Error!: Error: Error uploading to https://codecov.io: Error: Error uploading to Codecov: Error: Not Found
• #440 fix: Validation ordering

2.0.1

Fixes

• #424 fix: Issue in building all deep dependencies

2.0.0

On February 1, 2022, the v1 uploader will be full sunset and no longer function. This is due to the deprecation of the underlying bash uploader. This version uses the new uploader.

The v2 Action downloads, verifies, and runs the Codecov binary.

Breaking Changes

• Multiple fields have not been transferred from the bash uploader or have been deprecated. Notably many of the functionalities and gcov_ arguments have been removed. Please check the documentation for the full list.

Features

• dry-run argument allows Codecov flow without uploading reports to Codecov
• (Enterprise only) slug allows specifying the repository slug manually
• (Enterprise only) url allows changing the upload host

1.5.2

Fixes

• fix: Import version properly as string not object

1.5.1

Fixes

• #320 doc: add github actions badge
• #336 Update bash uploader to 1.0.3
• #339 fix: Add action version

Dependencies

• #302 Bump @​typescript-eslint/eslint-plugin from 4.22.0 to 4.22.1
• #303 Bump @​typescript-eslint/parser from 4.22.0 to 4.22.1
• #304 Bump ts-jest from 26.5.5 to 26.5.6
• #309 Bump lodash from 4.17.19 to 4.17.21
• #310 Bump hosted-git-info from 2.8.8 to 2.8.9
• #311 Bump @​actions/github from 4.0.0 to 5.0.0
• #314 Bump eslint from 7.25.0 to 7.27.0
• #315 Bump @​actions/core from 1.2.7 to 1.3.0
• #316 Bump @​typescript-eslint/parser from 4.22.1 to 4.25.0
• #317 Bump @​typescript-eslint/eslint-plugin from 4.22.1 to 4.25.0
• #319 Bump jest-junit from 12.0.0 to 12.1.0
• #321 Bump typescript from 4.2.4 to 4.3.2
• #323 Bump ws from 7.3.1 to 7.4.6

... (truncated)

• 51d8108 Merge pull request #440 from codecov/2.0.2-token-fixes
• 88c796d Merge pull request #438 from mmorel-35/chore/dependabot
• 0bbb082 fix: Update validation
• 53f686a fix: Update validation
• 6ab08a7 Bump to 2.0.2
• f2242e1 Merge pull request #425 from codecov/dependabot/npm_and_yarn/typescript-eslin...
• fc2878a build(deps-dev): bump @​typescript-eslint/eslint-plugin
• e00e953 Merge pull request #426 from codecov/dependabot/npm_and_yarn/typescript-eslin...
• 8dcb1d2 Merge pull request #433 from codecov/dependabot/npm_and_yarn/types/node-16.4.0
• c5857ba Merge pull request #434 from RA80533/fix/openpgp
• Additional commits viewable in compare view