Commit Graph

285 Commits

Author SHA1 Message Date
Asher 3f80dc6d6a
Update eslint
I was having a bunch of dependency conflicts and eslint seemed to be the
culprit so I just removed it and set it up again, since it seems things
have changed quite a bit.
2024-10-04 18:27:43 -08:00
Asher f5c121a2ff
Switch fully to npm
This is to match VS Code.  We were already partially using npm for the
releases so this is some nice alignment.
2024-10-04 17:00:51 -08:00
Asher 69df01185c
Revert "chore: bump softprops/action-gh-release from 1 to 2 (#6740)"
This reverts commit 1abb2ee567.

Trying to see if this fixes the release making separate drafts instead
of a single draft.
2024-09-19 12:08:43 -08:00
dependabot[bot] 90f8135c68
chore: bump tj-actions/changed-files from 44 to 45 (#6972)
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 44 to 45.
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](https://github.com/tj-actions/changed-files/compare/v44...v45)

---
updated-dependencies:
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-09-03 10:24:27 -08:00
Asher a9eb923790
Remove unused audit-ci dependency
There is a `yarn ci` script which was using audit-ci but this does not
appear to be called anywhere.

The security worflow uses `yarn audit` and `npm audit` which seem fine
enough anyway.
2024-07-10 13:23:24 -08:00
dependabot[bot] 2b33ca8a3f
chore: bump aquasecurity/trivy-action from 0.21.0 to 0.24.0 (#6894)
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.21.0 to 0.24.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](fd25fed697...6e7b7d1fd3)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-10 13:10:01 -08:00
dependabot[bot] 97bcc3b934
chore: bump robinraju/release-downloader from 1.10 to 1.11 (#6875)
Bumps [robinraju/release-downloader](https://github.com/robinraju/release-downloader) from 1.10 to 1.11.
- [Release notes](https://github.com/robinraju/release-downloader/releases)
- [Commits](https://github.com/robinraju/release-downloader/compare/v1.10...v1.11)

---
updated-dependencies:
- dependency-name: robinraju/release-downloader
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-10 13:08:52 -08:00
dependabot[bot] c86c4e8bb6
chore: bump dawidd6/action-download-artifact from 3 to 6 (#6876)
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 3 to 6.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](https://github.com/dawidd6/action-download-artifact/compare/v3...v6)

---
updated-dependencies:
- dependency-name: dawidd6/action-download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-10 19:26:02 +00:00
Muhammad Atif Ali 3031f8599c
ci: updates actionlint to 1.7.1 version (#6887) 2024-07-10 18:39:03 +00:00
Asher 0c802ba165
Remove node-gyp install (#6831)
Seems to install fine without it now.
2024-06-08 20:07:51 -08:00
Asher 1bd2b9cf08
Fix segfault in CI (#6830)
Setting DISABLE_V8_COMPILE_CACHE=1 seems to fix it.
2024-06-08 20:07:24 -08:00
dependabot[bot] fc47b4f1c5
chore: bump aquasecurity/trivy-action from 0.19.0 to 0.21.0 (#6819)
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.19.0 to 0.21.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](d710430a67...fd25fed697)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-03 10:44:54 -08:00
Asher ab4b36f573
Fix setuptools install on macOS
This is erroring now with "This environment is externally managed".
2024-05-07 13:41:21 -08:00
dependabot[bot] 2adb215d03
chore: bump robinraju/release-downloader from 1.9 to 1.10 (#6779)
Bumps [robinraju/release-downloader](https://github.com/robinraju/release-downloader) from 1.9 to 1.10.
- [Release notes](https://github.com/robinraju/release-downloader/releases)
- [Commits](https://github.com/robinraju/release-downloader/compare/v1.9...v1.10)

---
updated-dependencies:
- dependency-name: robinraju/release-downloader
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-06 14:16:27 -08:00
dependabot[bot] 1a7265b392
chore: bump azure/setup-helm from 3.5 to 4 (#6780)
Bumps [azure/setup-helm](https://github.com/azure/setup-helm) from 3.5 to 4.
- [Release notes](https://github.com/azure/setup-helm/releases)
- [Changelog](https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md)
- [Commits](https://github.com/azure/setup-helm/compare/v3.5...v4)

---
updated-dependencies:
- dependency-name: azure/setup-helm
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-06 14:16:06 -08:00
Olivier Benz 9a28bc29db
Update Code to 1.88.1 (#6754)
* Update Code to 1.88.1
* Install node-gyp

---------

Co-authored-by: Asher <ash@coder.com>
2024-04-15 15:00:21 -08:00
dependabot[bot] ebd79ed958
chore: bump aquasecurity/trivy-action from 0.18.0 to 0.19.0 (#6739)
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.18.0 to 0.19.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](062f259268...d710430a67)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-05 14:24:18 -08:00
dependabot[bot] 1abb2ee567
chore: bump softprops/action-gh-release from 1 to 2 (#6740)
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 1 to 2.
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](https://github.com/softprops/action-gh-release/compare/v1...v2)

---
updated-dependencies:
- dependency-name: softprops/action-gh-release
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-05 14:21:48 -08:00
dependabot[bot] 1c5bfeeb99
chore: bump tj-actions/changed-files from 42 to 44 (#6741)
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 42 to 44.
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](https://github.com/tj-actions/changed-files/compare/v42...v44)

---
updated-dependencies:
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-05 14:21:27 -08:00
Asher c65b1f2870
Continue release drafting on Codecov failure 2024-03-12 09:41:21 -08:00
dependabot[bot] 5453d02872
chore: bump aquasecurity/trivy-action from 0.16.1 to 0.18.0 (#6705)
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.16.1 to 0.18.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](d43c1f16c0...062f259268)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-07 10:20:04 -09:00
dependabot[bot] 107a3fd410
chore: bump codecov/codecov-action from 3 to 4 (#6706)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3 to 4.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-07 10:15:42 -09:00
Asher 56b5992280
Pin Arch Linux action version
We are still getting the old one, I think?
2024-03-06 14:10:57 -09:00
Asher 275c130845
Update Arch Linux action username
This broke due to the username being changed, and GitHub does not appear
to put any redirects in place.
2024-03-06 14:04:32 -09:00
Asher 460a4564c3
Revert "chore: bump codecov/codecov-action from 3 to 4 (#6652)"
This reverts commit 63beaaabd7.

It appears to be no longer capable of finding git.
2024-02-28 14:04:55 -09:00
Dmitry Sharshakov a2d35ad815
docker: add Fedora 39 and openSUSE Tumbleweed based images (#6669) 2024-02-08 12:31:50 -09:00
dependabot[bot] ab17495e3a
chore: bump actions/cache from 3 to 4 (#6650)
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-01 16:38:25 -09:00
dependabot[bot] 53b0fda510
chore: bump robinraju/release-downloader from 1.8 to 1.9 (#6651)
Bumps [robinraju/release-downloader](https://github.com/robinraju/release-downloader) from 1.8 to 1.9.
- [Release notes](https://github.com/robinraju/release-downloader/releases)
- [Commits](https://github.com/robinraju/release-downloader/compare/v1.8...v1.9)

---
updated-dependencies:
- dependency-name: robinraju/release-downloader
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-01 16:37:57 -09:00
dependabot[bot] 63beaaabd7
chore: bump codecov/codecov-action from 3 to 4 (#6652)
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3 to 4.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-01 16:37:42 -09:00
dependabot[bot] 2db0184c4a
chore: bump github/codeql-action from 2 to 3 (#6653)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-01 16:37:33 -09:00
dependabot[bot] dd9cefab66
chore: bump tj-actions/changed-files from 41 to 42 (#6654)
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 41 to 42.
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](https://github.com/tj-actions/changed-files/compare/v41...v42)

---
updated-dependencies:
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-01 16:37:09 -09:00
dependabot[bot] 94f759a53c
chore: bump actions/download-artifact from 3 to 4 (#6609)
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-05 13:32:33 -09:00
dependabot[bot] 2786f60752
chore: bump actions/upload-artifact from 3 to 4 (#6610)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-05 13:32:10 -09:00
dependabot[bot] aea28cb499
chore: bump dawidd6/action-download-artifact from 2 to 3 (#6612)
Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 2 to 3.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](https://github.com/dawidd6/action-download-artifact/compare/v2...v3)

---
updated-dependencies:
- dependency-name: dawidd6/action-download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-05 13:29:50 -09:00
dependabot[bot] 21e798ccdf
chore: bump aquasecurity/trivy-action from 0.14.0 to 0.16.1 (#6621)
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.14.0 to 0.16.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](2b6a709cf9...d43c1f16c0)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-05 13:28:00 -09:00
dependabot[bot] 5214555683
chore: bump tj-actions/changed-files from 40 to 41 in /.github/workflows (#6618)
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 40 to 41.
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](https://github.com/tj-actions/changed-files/compare/v40...v41)

---
updated-dependencies:
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-05 13:27:05 -09:00
Asher 984fb135dc
Fix node-gyp failure on macOS (#6537) 2023-11-16 10:10:36 -09:00
Asher da254c39ee
Set Node version in a single place (#6534)
This should make it much easier to update.  Also use 18.15.0
specifically since that is what VS Code ships with.

Additionally, it fixes the post-install script being skipped due to
a Yarn v1 bug that happens when Yarn installs node-gyp, which
it does because 18.18 onward stopped bundling node-gyp.
2023-11-14 12:45:56 -09:00
dependabot[bot] ae75f76e30
chore: bump aquasecurity/trivy-action from 0.13.1 to 0.14.0 (#6530)
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.13.1 to 0.14.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](f78e9ecf42...2b6a709cf9)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-14 09:26:40 -09:00
dependabot[bot] 4e4d510238
chore: bump docker/setup-qemu-action from 2 to 3 (#6464)
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-14 09:25:33 -09:00
dependabot[bot] c4efcaf079
chore: bump actions/setup-node from 3 to 4 (#6512)
Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3 to 4.
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](https://github.com/actions/setup-node/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-14 09:23:05 -09:00
dependabot[bot] f44b57393c
chore: bump docker/login-action from 2 to 3 (#6513)
Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-14 09:21:54 -09:00
dependabot[bot] 3fc30cae3e
chore: bump aquasecurity/trivy-action from 0.12.0 to 0.13.1 (#6514)
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.12.0 to 0.13.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](fbd16365eb...f78e9ecf42)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-14 09:21:03 -09:00
dependabot[bot] 91f8ec6295
chore: bump tj-actions/changed-files from 39 to 40 (#6515)
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 39 to 40.
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](https://github.com/tj-actions/changed-files/compare/v39...v40)

---
updated-dependencies:
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-14 09:20:36 -09:00
dependabot[bot] 9fec2d7cad
chore: bump docker/setup-buildx-action from 2 to 3 (#6463)
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-11 15:51:24 -08:00
dependabot[bot] 80dfb2b2a9
chore: bump actions/checkout from 3 to 4 (#6462)
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-04 15:50:11 -08:00
dependabot[bot] 8ee45686b0
chore: bump aquasecurity/trivy-action from 0.11.2 to 0.12.0 (#6461)
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.11.2 to 0.12.0.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](41f05d9ecf...fbd16365eb)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 13:24:45 -08:00
dependabot[bot] 512d97f22f
chore: bump tj-actions/changed-files from 38 to 39 (#6460)
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files) from 38 to 39.
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](https://github.com/tj-actions/changed-files/compare/v38...v39)

---
updated-dependencies:
- dependency-name: tj-actions/changed-files
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-02 13:24:15 -08:00
Asher 6275520348
Fix incorrect argon2 target in arm builds (#6453)
* Fix building from source on arm

Not building from source causes argon2 to pull the wrong arch, so we
have to build from source.

But building from source is causing the new Kerberos module to fail on
arm64 and keytar to fail on both.

The latter has been very difficult to debug because the GitHub image
provides a different result to containers based on Ubuntu 20.04.
Because of this, use a container instead.

Use debian:buster as the container because it is easier to set up the
architecture sources (no need to modify the sources) and because it
seems to come with glibc 2.28 rather than 2.31.

Also use the exact version of Node (18.15.0) for reproducibility.

* Set owner and group during tar to zero

Otherwise you get IDs that can cause (benign) errors while extracting,
which might be confusing.  At the very least, I did not see these errors
from previous tars (although they seem to use 1001).

There is no guarantee what IDs might exist so 0 seems the most
reasonable.
2023-09-27 19:17:47 -08:00
Asher 7a213161f2
Build from source on cross-compile step
The comment said the issue with argon2 was related to CentOS 7 but the
cross-compile steps never used CentOS 7 so maybe the real issue is with
the architecture.
2023-09-26 09:58:53 -08:00