dependabot(deps): bump tj-actions/changed-files from 42.0.2 to 42.0.4 #4577
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
dependabot
bot
added
kind/cleanup
k8s-ci-robot
added
the
cncf-cla: yes
|
Hi @dependabot[bot]. Thanks for your PR. I'm waiting for a kubernetes-sigs member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
k8s-ci-robot
added
the
size/XS
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #4577 +/- ##
=======================================
Coverage 62.46% 62.46%
=======================================
Files 192 192
Lines 15394 15394
=======================================
Hits 9616 9616
Misses 5118 5118
Partials 660 660 ☔ View full report in Codecov by Sentry. |
k8s-ci-robot
added
the
lgtm
|
LGTM label has been added. Git tree hash: 5c4b99528874665dee61d347ff34ffa6abf8fad1
|
It's odd to me that the dependency review thing is flagging the version this PR is updating to, but the security advisory says version 41+ is fixed, which this is. And the security advisory was first published almost 2 months ago. I'll try re-running the job just to see... |
|
Looks like re-running it didn't help. Maybe try again after #4578 merges? |
|
@dependabot rebase |
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 42.0.2 to 42.0.4. - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](tj-actions/changed-files@90a06d6...3f54ebb) --- updated-dependencies: - dependency-name: tj-actions/changed-files dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
force-pushed
the
dependabot/github_actions/tj-actions/changed-files-42.0.4
branch
from
9cbced9 to
e4fa151
Compare
k8s-ci-robot
removed
the
lgtm
|
/lgtm |
k8s-ci-robot
added
the
lgtm
|
LGTM label has been added. Git tree hash: 6f1bdbd43719662065d77e2253ee8200338bb4fc
|
|
Dependency Review seems to be flagging this dep but somehow is not aware of the version. Notice that the line I am not sure.. |
|
@mboersma: /override requires failed status contexts, check run or a prowjob name to operate on.
Only the following failed contexts/checkruns were expected:
If you are trying to override a checkrun that has a space in it, you must put a double quote on the context. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: mboersma The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
k8s-ci-robot
added
the
approved
|
/override dependency-review |
|
@mboersma: /override requires failed status contexts, check run or a prowjob name to operate on.
Only the following failed contexts/checkruns were expected:
If you are trying to override a checkrun that has a space in it, you must put a double quote on the context. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
There is a newer version of the dependency-review GH action available, but I can't tell if it fixes this specific problem. Maybe we should wait until Monday when dependabot should create that dependency-review PR, and then we can see. |
Not sure why that works but it seems like it does: #4594. I'll update this PR now instead of waiting in case our 5/week cap doesn't happen to include the next bump. I'll close #4594 if this passes CI after updating it just so it's easier to track this down later if we filter on dependabot PRs. |
|
I keep getting these PRs mixed up lol. #4594 actually still fails when both changed-files and dependency-review are updated. I'm thinking we should just close this since the only material change this is making is turning CI red. Then hopefully down the road dependabot will bring us a fix. |
|
/close |
|
@mboersma: Closed this PR. In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
bot
deleted the
dependabot/github_actions/tj-actions/changed-files-42.0.4
branch
Bumps tj-actions/changed-files from 42.0.2 to 42.0.4.
Release notes
Sourced from tj-actions/changed-files's releases.
... (truncated)
Changelog
Sourced from tj-actions/changed-files's changelog.
... (truncated)
Commits
3f54ebbchore: update formatting and add missing dist changes (#1940)6f070cfUpgraded to v42.0.3 (#1939)ec75ae5Updated README.md (#1938)4333ab5docs: add codesculpture as a contributor for code, and bug (#1937)e3cac49fix(payload_api, git_diff): Accessing correct property in payload and Replaci...68bd453chore(deps): update github artifact actions to v4 (major) (#1936)f0ce41bchore(deps): update dependency eslint-plugin-jest to v27.9.0ce451bfchore(deps): update dependency@types/nodeto v20.11.197592e9echore(deps): update dependency@types/nodeto v20.11.18999653cchore(deps): lock file maintenanceDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)