Add support for Direct Workload Identity auth #348
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
e0bae7c
to
d605844
Compare
sethvargo
added a commit
to google-github-actions/test-infra
that referenced
this pull request
Nov 22, 2023
This is already applied, even though google-github-actions/auth#348 isn't merged. We should probably merge this since it isn't introducing something net new.
d605844
to
a4e714a
Compare
352bdd6
to
3d8df9f
Compare
77d08a5
to
cecd853
Compare
verbanicm
reviewed
Nov 28, 2023
verbanicm
previously approved these changes
Nov 28, 2023
This adds a new authentication mode, Direct Workload Identity Federation. This new mode permits authenticating to Google Cloud directly using the GitHub Actions OIDC token instead of proxying through a Google Cloud Service Account.
cecd853
to
1daa3db
Compare
verbanicm
approved these changes
Nov 28, 2023
squee1945
reviewed
Nov 28, 2023
squee1945
reviewed
Nov 28, 2023
sethvargo
commented
Nov 29, 2023
| @@ -0,0 +1,122 @@ | |||
| // Copyright 2023 Google LLC | |||
There was a problem hiding this comment.
Will move this to actions-utils after it's been battle-tested
Merged
sethvargo
pushed a commit
that referenced
this pull request
Nov 29, 2023
## What's Changed * Add support for Direct Workload Identity auth by @sethvargo in #348 * Add protection for release branches by @sethvargo in #351 * Make auth universe-aware by @sethvargo in #352 * Fix some examples to include project_id by @sethvargo in #353 **Full Changelog**: v1.2.0...0a2edc1
|
Is there further reading here? The direct vs service princiapl distinction isn't mentioned anywhere I've seen |
|
It's a new feature and it seems to be mostly undocumented at the moment. It is implied by the documentation here: https://cloud.google.com/iam/docs/principal-identifiers#v1\ Effectively, it is now possible to authorize a workload/workforce identity pool principal directly, without the need to impersonate a service account. It is broadly supported across GCP products, but not yet completely, which may explain the lack of documentation at the moment. |
I am currently seeking clarification regarding the specific Google Cloud resources that do not support principalSet identities. Unfortunately, I have not been able to find detailed information on this topic in the official Google Cloud documentation. |
|
After this PR, this bit in the README is misleading/incomplete:
This makes it seem like if you specify |
|
kakkoyun
referenced
this pull request
in parca-dev/parca-agent
Jan 2, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [google-github-actions/auth](https://togithub.com/google-github-actions/auth) | action | major | `v1.3.0` -> `v2.0.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>google-github-actions/auth (google-github-actions/auth)</summary> ### [`v2.0.0`](https://togithub.com/google-github-actions/auth/releases/tag/v2.0.0) [Compare Source](https://togithub.com/google-github-actions/auth/compare/v1.3.0...v2.0.0) **⚠️ This version requires Node 20 or later on the runner!** If you are using GitHub-managed runners, no action is needed. If you are using self-hosted runners, make sure the system version of Node is version 20 or higher. ##### What's Changed - Add support for Direct Workload Identity auth by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/348](https://togithub.com/google-github-actions/auth/pull/348) - Add protection for release branches by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/351](https://togithub.com/google-github-actions/auth/pull/351) - Make auth universe-aware by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/352](https://togithub.com/google-github-actions/auth/pull/352) - Fix some examples to include project_id by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/353](https://togithub.com/google-github-actions/auth/pull/353) - Release: v2.0.0 by [@​google-github-actions-bot](https://togithub.com/google-github-actions-bot) in [https://github.com/google-github-actions/auth/pull/355](https://togithub.com/google-github-actions/auth/pull/355) **Full Changelog**: google-github-actions/auth@v1...v2.0.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/parca-dev/parca-agent). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44Ny4yIiwidXBkYXRlZEluVmVyIjoiMzcuODcuMiIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->
ianlewis
referenced
this pull request
in slsa-framework/slsa-github-generator
May 16, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/setup-java](https://togithub.com/actions/setup-java) | action | major | `v3.13.0` -> `v4.2.1` | | [actions/setup-node](https://togithub.com/actions/setup-node) | action | major | `v3.8.1` -> `v4.0.2` | | [actions/setup-node](https://togithub.com/actions/setup-node) | action | major | `v3` -> `v4` | | [bazelbuild/setup-bazelisk](https://togithub.com/bazelbuild/setup-bazelisk) | action | major | `v2.0.0` -> `v3.0.0` | | [geekyeggo/delete-artifact](https://togithub.com/geekyeggo/delete-artifact) | action | major | `v2.0.0` -> `v5.0.0` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | major | `v2.22.4` -> `v3.25.5` | | [google-github-actions/auth](https://togithub.com/google-github-actions/auth) | action | major | `v1.1.1` -> `v2.1.3` | | [gradle/gradle-build-action](https://togithub.com/gradle/gradle-build-action) | action | major | `v2.9.0` -> `v3.3.2` | --- ### Release Notes <details> <summary>actions/setup-java (actions/setup-java)</summary> ### [`v4.2.1`](https://togithub.com/actions/setup-java/releases/tag/v4.2.1) [Compare Source](https://togithub.com/actions/setup-java/compare/v4.2.0...v4.2.1) ##### What's Changed - Patch for java version file to accept it from any path by [@​mahabaleshwars](https://togithub.com/mahabaleshwars) in [https://github.com/actions/setup-java/pull/610](https://togithub.com/actions/setup-java/pull/610) **Full Changelog**: https://github.com/actions/setup-java/compare/v4...v4.2.1 ### [`v4.2.0`](https://togithub.com/actions/setup-java/releases/tag/v4.2.0) [Compare Source](https://togithub.com/actions/setup-java/compare/v4.1.0...v4.2.0) ##### What's Changed - Updated actions/httpclient version to 2.2.1 and other dependencies by [@​HarithaVattikuti](https://togithub.com/HarithaVattikuti) in [https://github.com/actions/setup-java/pull/607](https://togithub.com/actions/setup-java/pull/607) - Added .tool-versions file support along with .java-version file by [@​mahabaleshwars](https://togithub.com/mahabaleshwars) in [https://github.com/actions/setup-java/pull/606](https://togithub.com/actions/setup-java/pull/606) ##### New Contributors - [@​HarithaVattikuti](https://togithub.com/HarithaVattikuti) made their first contribution in [https://github.com/actions/setup-java/pull/607](https://togithub.com/actions/setup-java/pull/607) **Full Changelog**: https://github.com/actions/setup-java/compare/v4...v4.2.0 ### [`v4.1.0`](https://togithub.com/actions/setup-java/releases/tag/v4.1.0) [Compare Source](https://togithub.com/actions/setup-java/compare/v4.0.0...v4.1.0) #### What's Changed - Added Windows Arm64 Support for Windows Arm64 Runners by [@​mahabaleshwars](https://togithub.com/mahabaleshwars) in [https://github.com/actions/setup-java/pull/595](https://togithub.com/actions/setup-java/pull/595) - feat: bump actions/checkout and actions/setup-java to v4 by [@​kbdharun](https://togithub.com/kbdharun) in [https://github.com/actions/setup-java/pull/533](https://togithub.com/actions/setup-java/pull/533) - Handle authorization when the token is undefined by [@​peter-murray](https://togithub.com/peter-murray) in [https://github.com/actions/setup-java/pull/556](https://togithub.com/actions/setup-java/pull/556) - Documentation update of Java 21 by [@​Okeanos](https://togithub.com/Okeanos) in [https://github.com/actions/setup-java/pull/566](https://togithub.com/actions/setup-java/pull/566) - Documentation update about maven-gpg-plugin version note by [@​IvanZosimov](https://togithub.com/IvanZosimov) in [https://github.com/actions/setup-java/pull/570](https://togithub.com/actions/setup-java/pull/570) - Oracle JDK 21 support by [@​jdubois](https://togithub.com/jdubois) in [https://github.com/actions/setup-java/pull/538](https://togithub.com/actions/setup-java/pull/538) - Fix typo in configuration example by [@​Bananeweizen](https://togithub.com/Bananeweizen) in [https://github.com/actions/setup-java/pull/572](https://togithub.com/actions/setup-java/pull/572) #### New Contributors - [@​kbdharun](https://togithub.com/kbdharun) made their first contribution in [https://github.com/actions/setup-java/pull/533](https://togithub.com/actions/setup-java/pull/533) - [@​peter-murray](https://togithub.com/peter-murray) made their first contribution in [https://github.com/actions/setup-java/pull/556](https://togithub.com/actions/setup-java/pull/556) - [@​jdubois](https://togithub.com/jdubois) made their first contribution in [https://github.com/actions/setup-java/pull/538](https://togithub.com/actions/setup-java/pull/538) - [@​Bananeweizen](https://togithub.com/Bananeweizen) made their first contribution in [https://github.com/actions/setup-java/pull/572](https://togithub.com/actions/setup-java/pull/572) - [@​mahabaleshwars](https://togithub.com/mahabaleshwars) made their first contribution in [https://github.com/actions/setup-java/pull/595](https://togithub.com/actions/setup-java/pull/595) **Full Changelog**: https://github.com/actions/setup-java/compare/v4...v4.1.0 ### [`v4.0.0`](https://togithub.com/actions/setup-java/releases/tag/v4.0.0) [Compare Source](https://togithub.com/actions/setup-java/compare/v3.13.0...v4.0.0) #### What's Changed In the scope of this release, the version of the Node.js runtime was updated to 20. The majority of dependencies were updated to the latest versions. From now on, the code for the setup-java will run on Node.js 20 instead of Node.js 16. #### Breaking changes - Update Node.js runtime to version 20 by [@​aparnajyothi-y](https://togithub.com/aparnajyothi-y) in [https://github.com/actions/setup-java/pull/558](https://togithub.com/actions/setup-java/pull/558) #### Non-breaking changes - Adding support for microsoft openjdk 21.0.0 by [@​ralfstuckert](https://togithub.com/ralfstuckert) in [https://github.com/actions/setup-java/pull/546](https://togithub.com/actions/setup-java/pull/546) - Update [@​actions/cache](https://togithub.com/actions/cache) dependency and documentation by [@​IvanZosimov](https://togithub.com/IvanZosimov) in [https://github.com/actions/setup-java/pull/549](https://togithub.com/actions/setup-java/pull/549) - Implementation of the cache-dependency-path option to control caching dependency by [@​itchyny](https://togithub.com/itchyny) in [https://github.com/actions/setup-java/pull/499](https://togithub.com/actions/setup-java/pull/499) #### New Contributors - [@​ralfstuckert](https://togithub.com/ralfstuckert) made their first contribution in [https://github.com/actions/setup-java/pull/546](https://togithub.com/actions/setup-java/pull/546) - [@​itchyny](https://togithub.com/itchyny) made their first contribution in [https://github.com/actions/setup-java/pull/499](https://togithub.com/actions/setup-java/pull/499) **Full Changelog**: https://github.com/actions/setup-java/compare/v3...v4.0.0 </details> <details> <summary>actions/setup-node (actions/setup-node)</summary> ### [`v4.0.2`](https://togithub.com/actions/setup-node/releases/tag/v4.0.2) [Compare Source](https://togithub.com/actions/setup-node/compare/v4.0.1...v4.0.2) ##### What's Changed - Add support for `volta.extends` by [@​ThisIsManta](https://togithub.com/ThisIsManta) in [https://github.com/actions/setup-node/pull/921](https://togithub.com/actions/setup-node/pull/921) - Add support for arm64 Windows by [@​dmitry-shibanov](https://togithub.com/dmitry-shibanov) in [https://github.com/actions/setup-node/pull/927](https://togithub.com/actions/setup-node/pull/927) ##### New Contributors - [@​ThisIsManta](https://togithub.com/ThisIsManta) made their first contribution in [https://github.com/actions/setup-node/pull/921](https://togithub.com/actions/setup-node/pull/921) **Full Changelog**: https://github.com/actions/setup-node/compare/v4.0.1...v4.0.2 ### [`v4.0.1`](https://togithub.com/actions/setup-node/releases/tag/v4.0.1) [Compare Source](https://togithub.com/actions/setup-node/compare/v4.0.0...v4.0.1) ##### What's Changed - Ignore engines in Yarn 1 e2e-cache tests by [@​trivikr](https://togithub.com/trivikr) in [https://github.com/actions/setup-node/pull/882](https://togithub.com/actions/setup-node/pull/882) - Update setup-node references in the README.md file to setup-node@v4 by [@​jwetzell](https://togithub.com/jwetzell) in [https://github.com/actions/setup-node/pull/884](https://togithub.com/actions/setup-node/pull/884) - Update reusable workflows to use Node.js v20 by [@​MaksimZhukov](https://togithub.com/MaksimZhukov) in [https://github.com/actions/setup-node/pull/889](https://togithub.com/actions/setup-node/pull/889) - Add fix for cache to resolve slow post action step by [@​aparnajyothi-y](https://togithub.com/aparnajyothi-y) in [https://github.com/actions/setup-node/pull/917](https://togithub.com/actions/setup-node/pull/917) - Fix README.md by [@​takayamaki](https://togithub.com/takayamaki) in [https://github.com/actions/setup-node/pull/898](https://togithub.com/actions/setup-node/pull/898) - Add `package.json` to `node-version-file` list of examples. by [@​TWiStErRob](https://togithub.com/TWiStErRob) in [https://github.com/actions/setup-node/pull/879](https://togithub.com/actions/setup-node/pull/879) - Fix node-version-file interprets entire package.json as a version by [@​NullVoxPopuli](https://togithub.com/NullVoxPopuli) in [https://github.com/actions/setup-node/pull/865](https://togithub.com/actions/setup-node/pull/865) ##### New Contributors - [@​trivikr](https://togithub.com/trivikr) made their first contribution in [https://github.com/actions/setup-node/pull/882](https://togithub.com/actions/setup-node/pull/882) - [@​jwetzell](https://togithub.com/jwetzell) made their first contribution in [https://github.com/actions/setup-node/pull/884](https://togithub.com/actions/setup-node/pull/884) - [@​aparnajyothi-y](https://togithub.com/aparnajyothi-y) made their first contribution in [https://github.com/actions/setup-node/pull/917](https://togithub.com/actions/setup-node/pull/917) - [@​takayamaki](https://togithub.com/takayamaki) made their first contribution in [https://github.com/actions/setup-node/pull/898](https://togithub.com/actions/setup-node/pull/898) - [@​TWiStErRob](https://togithub.com/TWiStErRob) made their first contribution in [https://github.com/actions/setup-node/pull/879](https://togithub.com/actions/setup-node/pull/879) - [@​NullVoxPopuli](https://togithub.com/NullVoxPopuli) made their first contribution in [https://github.com/actions/setup-node/pull/865](https://togithub.com/actions/setup-node/pull/865) **Full Changelog**: https://github.com/actions/setup-node/compare/v4...v4.0.1 ### [`v4.0.0`](https://togithub.com/actions/setup-node/releases/tag/v4.0.0) [Compare Source](https://togithub.com/actions/setup-node/compare/v3.8.2...v4.0.0) ##### What's Changed In scope of this release we changed version of node runtime for action from node16 to node20 and updated dependencies in [https://github.com/actions/setup-node/pull/866](https://togithub.com/actions/setup-node/pull/866) Besides, release contains such changes as: - Upgrade actions/checkout to v4 by [@​gmembre-zenika](https://togithub.com/gmembre-zenika) in [https://github.com/actions/setup-node/pull/868](https://togithub.com/actions/setup-node/pull/868) - Update actions/checkout for documentation and yaml by [@​dmitry-shibanov](https://togithub.com/dmitry-shibanov) in [https://github.com/actions/setup-node/pull/876](https://togithub.com/actions/setup-node/pull/876) ##### New Contributors - [@​gmembre-zenika](https://togithub.com/gmembre-zenika) made their first contribution in [https://github.com/actions/setup-node/pull/868](https://togithub.com/actions/setup-node/pull/868) **Full Changelog**: https://github.com/actions/setup-node/compare/v3...v4.0.0 ### [`v3.8.2`](https://togithub.com/actions/setup-node/releases/tag/v3.8.2) [Compare Source](https://togithub.com/actions/setup-node/compare/v3.8.1...v3.8.2) ##### What's Changed - Update semver by [@​dmitry-shibanov](https://togithub.com/dmitry-shibanov) in [https://github.com/actions/setup-node/pull/861](https://togithub.com/actions/setup-node/pull/861) - Update temp directory creation by [@​nikolai-laevskii](https://togithub.com/nikolai-laevskii) in [https://github.com/actions/setup-node/pull/859](https://togithub.com/actions/setup-node/pull/859) - Bump [@​babel/traverse](https://togithub.com/babel/traverse) from 7.15.4 to 7.23.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/setup-node/pull/870](https://togithub.com/actions/setup-node/pull/870) - Add notice about binaries not being updated yet by [@​nikolai-laevskii](https://togithub.com/nikolai-laevskii) in [https://github.com/actions/setup-node/pull/872](https://togithub.com/actions/setup-node/pull/872) - Update toolkit cache and core by [@​dmitry-shibanov](https://togithub.com/dmitry-shibanov) and [@​seongwon-privatenote](https://togithub.com/seongwon-privatenote) in [https://github.com/actions/setup-node/pull/875](https://togithub.com/actions/setup-node/pull/875) **Full Changelog**: https://github.com/actions/setup-node/compare/v3...v3.8.2 </details> <details> <summary>bazelbuild/setup-bazelisk (bazelbuild/setup-bazelisk)</summary> ### [`v3.0.0`](https://togithub.com/bazelbuild/setup-bazelisk/releases/tag/v3.0.0) [Compare Source](https://togithub.com/bazelbuild/setup-bazelisk/compare/v2.0.0...v3.0.0) #### What's Changed - Update README.md for v2 by [@​mishas](https://togithub.com/mishas) in [https://github.com/bazelbuild/setup-bazelisk/pull/20](https://togithub.com/bazelbuild/setup-bazelisk/pull/20) - Bump prettier from 2.6.1 to 2.6.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/21](https://togithub.com/bazelbuild/setup-bazelisk/pull/21) - Bump [@​actions/github](https://togithub.com/actions/github) from 5.0.0 to 5.0.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/22](https://togithub.com/bazelbuild/setup-bazelisk/pull/22) - Bump [@​actions/tool-cache](https://togithub.com/actions/tool-cache) from 1.6.1 to 1.7.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/23](https://togithub.com/bazelbuild/setup-bazelisk/pull/23) - Bump semver from 7.3.5 to 7.3.6 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/25](https://togithub.com/bazelbuild/setup-bazelisk/pull/25) - Bump [@​actions/cache](https://togithub.com/actions/cache) from 2.0.0 to 2.0.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/24](https://togithub.com/bazelbuild/setup-bazelisk/pull/24) - Bump [@​vercel/ncc](https://togithub.com/vercel/ncc) from 0.33.3 to 0.33.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/26](https://togithub.com/bazelbuild/setup-bazelisk/pull/26) - Bump semver from 7.3.6 to 7.3.7 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/27](https://togithub.com/bazelbuild/setup-bazelisk/pull/27) - Bump typescript from 4.6.3 to 4.6.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/30](https://togithub.com/bazelbuild/setup-bazelisk/pull/30) - Bump [@​actions/core](https://togithub.com/actions/core) from 1.6.0 to 1.7.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/29](https://togithub.com/bazelbuild/setup-bazelisk/pull/29) - Bump [@​actions/core](https://togithub.com/actions/core) from 1.7.0 to 1.8.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/31](https://togithub.com/bazelbuild/setup-bazelisk/pull/31) - Bump [@​actions/cache](https://togithub.com/actions/cache) from 2.0.2 to 2.0.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/32](https://togithub.com/bazelbuild/setup-bazelisk/pull/32) - Bump [@​actions/tool-cache](https://togithub.com/actions/tool-cache) from 1.7.2 to 2.0.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/34](https://togithub.com/bazelbuild/setup-bazelisk/pull/34) - Bump [@​actions/core](https://togithub.com/actions/core) from 1.8.0 to 1.8.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/33](https://togithub.com/bazelbuild/setup-bazelisk/pull/33) - Bump [@​actions/github](https://togithub.com/actions/github) from 5.0.1 to 5.0.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/35](https://togithub.com/bazelbuild/setup-bazelisk/pull/35) - Bump [@​actions/http-client](https://togithub.com/actions/http-client) from 1.0.11 to 2.0.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/36](https://togithub.com/bazelbuild/setup-bazelisk/pull/36) - Bump typescript from 4.6.4 to 4.7.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/37](https://togithub.com/bazelbuild/setup-bazelisk/pull/37) - Bump [@​vercel/ncc](https://togithub.com/vercel/ncc) from 0.33.4 to 0.34.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/38](https://togithub.com/bazelbuild/setup-bazelisk/pull/38) - Bump [@​actions/cache](https://togithub.com/actions/cache) from 2.0.4 to 2.0.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/39](https://togithub.com/bazelbuild/setup-bazelisk/pull/39) - Bump typescript from 4.7.2 to 4.7.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/40](https://togithub.com/bazelbuild/setup-bazelisk/pull/40) - Bump [@​actions/cache](https://togithub.com/actions/cache) from 2.0.5 to 2.0.6 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/41](https://togithub.com/bazelbuild/setup-bazelisk/pull/41) - Bump typescript from 4.7.3 to 4.7.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/42](https://togithub.com/bazelbuild/setup-bazelisk/pull/42) - Bump [@​actions/core](https://togithub.com/actions/core) from 1.8.2 to 1.9.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/43](https://togithub.com/bazelbuild/setup-bazelisk/pull/43) - Bump [@​types/semver](https://togithub.com/types/semver) from 7.3.9 to 7.3.10 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/44](https://togithub.com/bazelbuild/setup-bazelisk/pull/44) - Bump prettier from 2.6.2 to 2.7.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/45](https://togithub.com/bazelbuild/setup-bazelisk/pull/45) - Bump [@​actions/cache](https://togithub.com/actions/cache) from 2.0.6 to 3.0.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/46](https://togithub.com/bazelbuild/setup-bazelisk/pull/46) - Bump [@​actions/cache](https://togithub.com/actions/cache) from 3.0.0 to 3.0.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/47](https://togithub.com/bazelbuild/setup-bazelisk/pull/47) - Bump [@​actions/cache](https://togithub.com/actions/cache) from 3.0.1 to 3.0.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/48](https://togithub.com/bazelbuild/setup-bazelisk/pull/48) - Bump [@​types/semver](https://togithub.com/types/semver) from 7.3.10 to 7.3.12 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/50](https://togithub.com/bazelbuild/setup-bazelisk/pull/50) - Bump [@​actions/core](https://togithub.com/actions/core) from 1.9.0 to 1.9.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/49](https://togithub.com/bazelbuild/setup-bazelisk/pull/49) - Bump [@​actions/cache](https://togithub.com/actions/cache) from 3.0.3 to 3.0.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/51](https://togithub.com/bazelbuild/setup-bazelisk/pull/51) - Bump typescript from 4.7.4 to 4.8.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/52](https://togithub.com/bazelbuild/setup-bazelisk/pull/52) - Bump typescript from 4.8.2 to 4.8.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/53](https://togithub.com/bazelbuild/setup-bazelisk/pull/53) - Bump [@​actions/github](https://togithub.com/actions/github) from 5.0.3 to 5.1.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/54](https://togithub.com/bazelbuild/setup-bazelisk/pull/54) - Bump [@​actions/github](https://togithub.com/actions/github) from 5.1.0 to 5.1.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/55](https://togithub.com/bazelbuild/setup-bazelisk/pull/55) - Bump typescript from 4.8.3 to 4.8.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/56](https://togithub.com/bazelbuild/setup-bazelisk/pull/56) - Bump [@​actions/core](https://togithub.com/actions/core) from 1.9.1 to 1.10.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/57](https://togithub.com/bazelbuild/setup-bazelisk/pull/57) - Bump semver from 7.3.7 to 7.3.8 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/58](https://togithub.com/bazelbuild/setup-bazelisk/pull/58) - Bump [@​actions/cache](https://togithub.com/actions/cache) from 3.0.4 to 3.0.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/59](https://togithub.com/bazelbuild/setup-bazelisk/pull/59) - Add support for ARM64. by [@​junyer](https://togithub.com/junyer) in [https://github.com/bazelbuild/setup-bazelisk/pull/61](https://togithub.com/bazelbuild/setup-bazelisk/pull/61) - Bump [@​actions/cache](https://togithub.com/actions/cache) from 3.0.5 to 3.0.6 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/62](https://togithub.com/bazelbuild/setup-bazelisk/pull/62) - Get `npm run build` working again. by [@​junyer](https://togithub.com/junyer) in [https://github.com/bazelbuild/setup-bazelisk/pull/63](https://togithub.com/bazelbuild/setup-bazelisk/pull/63) - Bump typescript from 4.8.4 to 4.9.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/64](https://togithub.com/bazelbuild/setup-bazelisk/pull/64) - Bump prettier from 2.7.1 to 2.8.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/65](https://togithub.com/bazelbuild/setup-bazelisk/pull/65) - Bump prettier from 2.8.0 to 2.8.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/67](https://togithub.com/bazelbuild/setup-bazelisk/pull/67) - Bump typescript from 4.9.3 to 4.9.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/69](https://togithub.com/bazelbuild/setup-bazelisk/pull/69) - Bump [@​vercel/ncc](https://togithub.com/vercel/ncc) from 0.34.0 to 0.36.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/68](https://togithub.com/bazelbuild/setup-bazelisk/pull/68) - Bump [@​actions/cache](https://togithub.com/actions/cache) from 3.0.6 to 3.1.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/72](https://togithub.com/bazelbuild/setup-bazelisk/pull/72) - Bump [@​actions/cache](https://togithub.com/actions/cache) from 3.1.0 to 3.1.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/73](https://togithub.com/bazelbuild/setup-bazelisk/pull/73) - Bump [@​actions/cache](https://togithub.com/actions/cache) from 3.1.1 to 3.1.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/74](https://togithub.com/bazelbuild/setup-bazelisk/pull/74) - Bump prettier from 2.8.1 to 2.8.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/75](https://togithub.com/bazelbuild/setup-bazelisk/pull/75) - Bump prettier from 2.8.2 to 2.8.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/76](https://togithub.com/bazelbuild/setup-bazelisk/pull/76) - Bump [@​vercel/ncc](https://togithub.com/vercel/ncc) from 0.36.0 to 0.36.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/77](https://togithub.com/bazelbuild/setup-bazelisk/pull/77) - Bump typescript from 4.9.4 to 4.9.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/78](https://togithub.com/bazelbuild/setup-bazelisk/pull/78) - Bump [@​actions/cache](https://togithub.com/actions/cache) from 3.1.2 to 3.1.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/79](https://togithub.com/bazelbuild/setup-bazelisk/pull/79) - Bump prettier from 2.8.3 to 2.8.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/80](https://togithub.com/bazelbuild/setup-bazelisk/pull/80) - Bump [@​actions/http-client](https://togithub.com/actions/http-client) from 2.0.1 to 2.1.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/82](https://togithub.com/bazelbuild/setup-bazelisk/pull/82) - Bump [@​actions/cache](https://togithub.com/actions/cache) from 3.1.3 to 3.2.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/83](https://togithub.com/bazelbuild/setup-bazelisk/pull/83) - Bump typescript from 4.9.5 to 5.0.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/84](https://togithub.com/bazelbuild/setup-bazelisk/pull/84) - Bump prettier from 2.8.4 to 2.8.7 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/85](https://togithub.com/bazelbuild/setup-bazelisk/pull/85) - Bump typescript from 5.0.2 to 5.0.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/86](https://togithub.com/bazelbuild/setup-bazelisk/pull/86) - Bump typescript from 5.0.3 to 5.0.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/87](https://togithub.com/bazelbuild/setup-bazelisk/pull/87) - Bump semver from 7.3.8 to 7.4.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/88](https://togithub.com/bazelbuild/setup-bazelisk/pull/88) - Bump prettier from 2.8.7 to 2.8.8 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/89](https://togithub.com/bazelbuild/setup-bazelisk/pull/89) - Bump semver from 7.4.0 to 7.5.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/90](https://togithub.com/bazelbuild/setup-bazelisk/pull/90) - Bump typescript from 5.0.4 to 5.1.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/93](https://togithub.com/bazelbuild/setup-bazelisk/pull/93) - Bump semver and [@​types/semver](https://togithub.com/types/semver) by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/92](https://togithub.com/bazelbuild/setup-bazelisk/pull/92) - Bump semver from 7.5.1 to 7.5.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/94](https://togithub.com/bazelbuild/setup-bazelisk/pull/94) - Bump semver from 7.5.2 to 7.5.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/95](https://togithub.com/bazelbuild/setup-bazelisk/pull/95) - Bump typescript from 5.1.3 to 5.1.6 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/96](https://togithub.com/bazelbuild/setup-bazelisk/pull/96) - Bump semver from 7.5.3 to 7.5.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/98](https://togithub.com/bazelbuild/setup-bazelisk/pull/98) - Bump prettier from 2.8.8 to 3.0.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/97](https://togithub.com/bazelbuild/setup-bazelisk/pull/97) - Bump cachedir from 2.3.0 to 2.4.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/99](https://togithub.com/bazelbuild/setup-bazelisk/pull/99) - Bump [@​actions/http-client](https://togithub.com/actions/http-client) from 2.1.0 to 2.1.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/100](https://togithub.com/bazelbuild/setup-bazelisk/pull/100) - Bump prettier from 3.0.0 to 3.0.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/101](https://togithub.com/bazelbuild/setup-bazelisk/pull/101) - Bump [@​actions/cache](https://togithub.com/actions/cache) from 3.2.1 to 3.2.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/102](https://togithub.com/bazelbuild/setup-bazelisk/pull/102) - Bump tough-cookie and [@​azure/ms-rest-js](https://togithub.com/azure/ms-rest-js) by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/103](https://togithub.com/bazelbuild/setup-bazelisk/pull/103) - Bump xml2js and [@​azure/core-http](https://togithub.com/azure/core-http) by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/105](https://togithub.com/bazelbuild/setup-bazelisk/pull/105) - Bump prettier from 3.0.1 to 3.0.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/106](https://togithub.com/bazelbuild/setup-bazelisk/pull/106) - Bump typescript from 5.1.6 to 5.2.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/107](https://togithub.com/bazelbuild/setup-bazelisk/pull/107) - Bump [@​types/semver](https://togithub.com/types/semver) from 7.5.0 to 7.5.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/108](https://togithub.com/bazelbuild/setup-bazelisk/pull/108) - Bump prettier from 3.0.2 to 3.0.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/109](https://togithub.com/bazelbuild/setup-bazelisk/pull/109) - Bump actions/checkout from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/110](https://togithub.com/bazelbuild/setup-bazelisk/pull/110) - Bump [@​vercel/ncc](https://togithub.com/vercel/ncc) from 0.36.1 to 0.38.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/111](https://togithub.com/bazelbuild/setup-bazelisk/pull/111) - Bump [@​types/semver](https://togithub.com/types/semver) from 7.5.1 to 7.5.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/113](https://togithub.com/bazelbuild/setup-bazelisk/pull/113) - Bump [@​actions/core](https://togithub.com/actions/core) from 1.10.0 to 1.10.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/112](https://togithub.com/bazelbuild/setup-bazelisk/pull/112) - Bump [@​types/semver](https://togithub.com/types/semver) from 7.5.2 to 7.5.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/114](https://togithub.com/bazelbuild/setup-bazelisk/pull/114) - Bump [@​actions/http-client](https://togithub.com/actions/http-client) from 2.1.1 to 2.2.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/115](https://togithub.com/bazelbuild/setup-bazelisk/pull/115) - Bump [@​actions/github](https://togithub.com/actions/github) from 5.1.1 to 6.0.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/116](https://togithub.com/bazelbuild/setup-bazelisk/pull/116) - Bump undici from 5.25.4 to 5.26.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/117](https://togithub.com/bazelbuild/setup-bazelisk/pull/117) - Bump [@​vercel/ncc](https://togithub.com/vercel/ncc) from 0.38.0 to 0.38.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/118](https://togithub.com/bazelbuild/setup-bazelisk/pull/118) - Bump [@​types/semver](https://togithub.com/types/semver) from 7.5.3 to 7.5.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/119](https://togithub.com/bazelbuild/setup-bazelisk/pull/119) - Bump prettier from 3.0.3 to 3.1.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/123](https://togithub.com/bazelbuild/setup-bazelisk/pull/123) - Bump [@​types/semver](https://togithub.com/types/semver) from 7.5.4 to 7.5.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/122](https://togithub.com/bazelbuild/setup-bazelisk/pull/122) - Bump typescript from 5.2.2 to 5.3.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/124](https://togithub.com/bazelbuild/setup-bazelisk/pull/124) - Bump [@​types/semver](https://togithub.com/types/semver) from 7.5.5 to 7.5.6 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/125](https://togithub.com/bazelbuild/setup-bazelisk/pull/125) - Bump typescript from 5.3.2 to 5.3.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/126](https://togithub.com/bazelbuild/setup-bazelisk/pull/126) - Bump prettier from 3.1.0 to 3.1.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/127](https://togithub.com/bazelbuild/setup-bazelisk/pull/127) - Bump prettier from 3.1.1 to 3.2.2 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/128](https://togithub.com/bazelbuild/setup-bazelisk/pull/128) - Bump [@​actions/cache](https://togithub.com/actions/cache) from 3.2.2 to 3.2.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/129](https://togithub.com/bazelbuild/setup-bazelisk/pull/129) - Bump prettier from 3.2.2 to 3.2.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bazelbuild/setup-bazelisk/pull/130](https://togithub.com/bazelbuild/setup-bazelisk/pull/130) - Update from Node 16 to Node 20. by [@​junyer](https://togithub.com/junyer) in [https://github.com/bazelbuild/setup-bazelisk/pull/132](https://togithub.com/bazelbuild/setup-bazelisk/pull/132) #### New Contributors - [@​mishas](https://togithub.com/mishas) made their first contribution in [https://github.com/bazelbuild/setup-bazelisk/pull/20](https://togithub.com/bazelbuild/setup-bazelisk/pull/20) - [@​junyer](https://togithub.com/junyer) made their first contribution in [https://github.com/bazelbuild/setup-bazelisk/pull/61](https://togithub.com/bazelbuild/setup-bazelisk/pull/61) **Full Changelog**: https://github.com/bazelbuild/setup-bazelisk/compare/v2...v3.0.0 </details> <details> <summary>geekyeggo/delete-artifact (geekyeggo/delete-artifact)</summary> ### [`v5.0.0`](https://togithub.com/GeekyEggo/delete-artifact/releases/tag/v5.0.0) [Compare Source](https://togithub.com/geekyeggo/delete-artifact/compare/v4.1.0...v5.0.0) - Switch to [@​actions/artifact](https://www.npmjs.com/package/@​actions/artifact), removing the need for a `token` parameter (Sebastian Weigand) [#​24](https://togithub.com/GeekyEggo/delete-artifact/pull/24) ### [`v4.1.0`](https://togithub.com/GeekyEggo/delete-artifact/releases/tag/v4.1.0) [Compare Source](https://togithub.com/geekyeggo/delete-artifact/compare/v4.0.0...v4.1.0) - Add default token. - Fix over-arching `catch` output; errors now correctly result in a failed run ([@​TheMrMilchmann](https://togithub.com/TheMrMilchmann)). ### [`v4.0.0`](https://togithub.com/GeekyEggo/delete-artifact/releases/tag/v4.0.0): Support for actions/upload-artifact@v4 [Compare Source](https://togithub.com/geekyeggo/delete-artifact/compare/v2.0.0...v4.0.0) - Add support for artifacts uploaded with `actions/upload-artifact@v4`. - Add requirement of `token` with read and write access to actions. - Update requests to use GitHub REST API. - Deprecate support for `actions/upload-artifact@v1`, `actions/upload-artifact@v2`, and `actions/upload-artifact@v3` (please use `geekyeggo/delete-artifact@v2`). </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) ### [`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) ### [`v3.25.3`](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3) ### [`v3.25.2`](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2) ### [`v3.25.1`](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1) ### [`v3.25.0`](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.25.0) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.11...v3.25.0) ### [`v3.24.11`](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.24.11) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.24.11) ### [`v3.24.10`](https://togithub.com/github/codeql-action/compare/v3.24.9...v3.24.10) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.9...v3.24.10) ### [`v3.24.9`](https://togithub.com/github/codeql-action/compare/v3.24.8...v3.24.9) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.8...v3.24.9) ### [`v3.24.8`](https://togithub.com/github/codeql-action/compare/v3.24.7...v3.24.8) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.7...v3.24.8) ### [`v3.24.7`](https://togithub.com/github/codeql-action/compare/v3.24.6...v3.24.7) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.6...v3.24.7) ### [`v3.24.6`](https://togithub.com/github/codeql-action/compare/v3.24.5...v3.24.6) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.5...v3.24.6) ### [`v3.24.5`](https://togithub.com/github/codeql-action/compare/v3.24.4...v3.24.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.4...v3.24.5) ### [`v3.24.4`](https://togithub.com/github/codeql-action/compare/v3.24.3...v3.24.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.3...v3.24.4) ### [`v3.24.3`](https://togithub.com/github/codeql-action/compare/v3.24.2...v3.24.3) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.2...v3.24.3) ### [`v3.24.2`](https://togithub.com/github/codeql-action/compare/v3.24.1...v3.24.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.1...v3.24.2) ### [`v3.24.1`](https://togithub.com/github/codeql-action/compare/v3.24.0...v3.24.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.24.0...v3.24.1) ### [`v3.24.0`](https://togithub.com/github/codeql-action/compare/v3.23.2...v3.24.0) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.23.2...v3.24.0) ### [`v3.23.2`](https://togithub.com/github/codeql-action/compare/v3.23.1...v3.23.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.23.1...v3.23.2) ### [`v3.23.1`](https://togithub.com/github/codeql-action/compare/v3.23.0...v3.23.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.23.0...v3.23.1) ### [`v3.23.0`](https://togithub.com/github/codeql-action/compare/v3.22.12...v3.23.0) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.22.12...v3.23.0) ### [`v3.22.12`](https://togithub.com/github/codeql-action/compare/v3.22.11...v3.22.12) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.22.11...v3.22.12) ### [`v3.22.11`](https://togithub.com/github/codeql-action/compare/v2.22.11...v3.22.11) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.25.5...v3.22.11) ### [`v2.25.5`](https://togithub.com/github/codeql-action/compare/v2.25.4...v2.25.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.25.4...v2.25.5) ### [`v2.25.4`](https://togithub.com/github/codeql-action/compare/v2.25.3...v2.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.25.3...v2.25.4) ### [`v2.25.3`](https://togithub.com/github/codeql-action/compare/v2.25.2...v2.25.3) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.25.2...v2.25.3) ### [`v2.25.2`](https://togithub.com/github/codeql-action/compare/v2.25.1...v2.25.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.25.1...v2.25.2) ### [`v2.25.1`](https://togithub.com/github/codeql-action/compare/v2.25.0...v2.25.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.25.0...v2.25.1) ### [`v2.25.0`](https://togithub.com/github/codeql-action/compare/v2.24.10...v2.25.0) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.24.11...v2.25.0) ### [`v2.24.11`](https://togithub.com/github/codeql-action/compare/v2.24.10...v2.24.11) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.24.10...v2.24.11) ### [`v2.24.10`](https://togithub.com/github/codeql-action/compare/v2.24.9...v2.24.10) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.24.9...v2.24.10) ### [`v2.24.9`](https://togithub.com/github/codeql-action/compare/v2.24.8...v2.24.9) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.24.8...v2.24.9) ### [`v2.24.8`](https://togithub.com/github/codeql-action/compare/v2.24.7...v2.24.8) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.24.7...v2.24.8) ### [`v2.24.7`](https://togithub.com/github/codeql-action/compare/v2.24.6...v2.24.7) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.24.6...v2.24.7) ### [`v2.24.6`](https://togithub.com/github/codeql-action/compare/v2.24.5...v2.24.6) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.24.5...v2.24.6) ### [`v2.24.5`](https://togithub.com/github/codeql-action/compare/v2.24.4...v2.24.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.24.4...v2.24.5) ### [`v2.24.4`](https://togithub.com/github/codeql-action/compare/v2.24.3...v2.24.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.24.3...v2.24.4) ### [`v2.24.3`](https://togithub.com/github/codeql-action/compare/v2.24.2...v2.24.3) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.24.2...v2.24.3) ### [`v2.24.2`](https://togithub.com/github/codeql-action/compare/v2.24.1...v2.24.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.24.1...v2.24.2) ### [`v2.24.1`](https://togithub.com/github/codeql-action/compare/v2.24.0...v2.24.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.24.0...v2.24.1) ### [`v2.24.0`](https://togithub.com/github/codeql-action/compare/v2.23.2...v2.24.0) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.23.2...v2.24.0) ### [`v2.23.2`](https://togithub.com/github/codeql-action/compare/v2.23.1...v2.23.2) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.23.1...v2.23.2) ### [`v2.23.1`](https://togithub.com/github/codeql-action/compare/v2.23.0...v2.23.1) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.23.0...v2.23.1) ### [`v2.23.0`](https://togithub.com/github/codeql-action/compare/v2.22.12...v2.23.0) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.22.12...v2.23.0) ### [`v2.22.12`](https://togithub.com/github/codeql-action/compare/v2.22.11...v2.22.12) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.22.11...v2.22.12) ### [`v2.22.11`](https://togithub.com/github/codeql-action/compare/v2.22.10...v2.22.11) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.22.10...v2.22.11) ### [`v2.22.10`](https://togithub.com/github/codeql-action/compare/v2.22.9...v2.22.10) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.22.9...v2.22.10) ### [`v2.22.9`](https://togithub.com/github/codeql-action/compare/v2.22.8...v2.22.9) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.22.8...v2.22.9) ### [`v2.22.8`](https://togithub.com/github/codeql-action/compare/v2.22.7...v2.22.8) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.22.7...v2.22.8) ### [`v2.22.7`](https://togithub.com/github/codeql-action/compare/v2.22.6...v2.22.7) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.22.6...v2.22.7) ### [`v2.22.6`](https://togithub.com/github/codeql-action/compare/v2.22.5...v2.22.6) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.22.5...v2.22.6) ### [`v2.22.5`](https://togithub.com/github/codeql-action/compare/v2.22.4...v2.22.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v2.22.4...v2.22.5) </details> <details> <summary>google-github-actions/auth (google-github-actions/auth)</summary> ### [`v2.1.3`](https://togithub.com/google-github-actions/auth/releases/tag/v2.1.3) [Compare Source](https://togithub.com/google-github-actions/auth/compare/v2.1.2...v2.1.3) ##### What's Changed - Security considerations: ids are strings, not integers by [@​ewjoachim](https://togithub.com/ewjoachim) in [https://github.com/google-github-actions/auth/pull/400](https://togithub.com/google-github-actions/auth/pull/400) - security: bump undici from 5.28.3 to 5.28.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/google-github-actions/auth/pull/405](https://togithub.com/google-github-actions/auth/pull/405) - Fix typo by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/408](https://togithub.com/google-github-actions/auth/pull/408) - Switch to using universe helpers by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/410](https://togithub.com/google-github-actions/auth/pull/410) - Add request_reason for plumbing though user-supplied audit information by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/413](https://togithub.com/google-github-actions/auth/pull/413) - Release: v2.1.3 by [@​google-github-actions-bot](https://togithub.com/google-github-actions-bot) in [https://github.com/google-github-actions/auth/pull/414](https://togithub.com/google-github-actions/auth/pull/414) ##### New Contributors - [@​ewjoachim](https://togithub.com/ewjoachim) made their first contribution in [https://github.com/google-github-actions/auth/pull/400](https://togithub.com/google-github-actions/auth/pull/400) **Full Changelog**: https://github.com/google-github-actions/auth/compare/v2.1.2...v2.1.3 ### [`v2.1.2`](https://togithub.com/google-github-actions/auth/releases/tag/v2.1.2) [Compare Source](https://togithub.com/google-github-actions/auth/compare/v2.1.1...v2.1.2) ##### What's Changed - Remove documentation on retries (deprecated) by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/392](https://togithub.com/google-github-actions/auth/pull/392) - Add security considerations for Attribute Conditions by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/393](https://togithub.com/google-github-actions/auth/pull/393) - security: bump undici from 5.28.2 to 5.28.3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/google-github-actions/auth/pull/394](https://togithub.com/google-github-actions/auth/pull/394) - Reduce warnings to info level with a warning icon by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/397](https://togithub.com/google-github-actions/auth/pull/397) - Release: v2.1.2 by [@​google-github-actions-bot](https://togithub.com/google-github-actions-bot) in [https://github.com/google-github-actions/auth/pull/399](https://togithub.com/google-github-actions/auth/pull/399) ##### New Contributors - [@​dependabot](https://togithub.com/dependabot) made their first contribution in [https://github.com/google-github-actions/auth/pull/394](https://togithub.com/google-github-actions/auth/pull/394) **Full Changelog**: https://github.com/google-github-actions/auth/compare/v2...v2.1.2 ### [`v2.1.1`](https://togithub.com/google-github-actions/auth/releases/tag/v2.1.1) [Compare Source](https://togithub.com/google-github-actions/auth/compare/v2.1.0...v2.1.1) ##### What's Changed - Remove retry logic by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/389](https://togithub.com/google-github-actions/auth/pull/389) - Use an OAuth 2.0 access token for Domain-Wide Delegation by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/388](https://togithub.com/google-github-actions/auth/pull/388) - Release: v2.1.1 by [@​google-github-actions-bot](https://togithub.com/google-github-actions-bot) in [https://github.com/google-github-actions/auth/pull/390](https://togithub.com/google-github-actions/auth/pull/390) **Full Changelog**: https://github.com/google-github-actions/auth/compare/v2...v2.1.1 ### [`v2.1.0`](https://togithub.com/google-github-actions/auth/releases/tag/v2.1.0) [Compare Source](https://togithub.com/google-github-actions/auth/compare/v2.0.1...v2.1.0) ##### What's Changed - Update deps by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/384](https://togithub.com/google-github-actions/auth/pull/384) - Release: v2.1.0 by [@​google-github-actions-bot](https://togithub.com/google-github-actions-bot) in [https://github.com/google-github-actions/auth/pull/385](https://togithub.com/google-github-actions/auth/pull/385) **Full Changelog**: https://github.com/google-github-actions/auth/compare/v2...v2.1.0 ### [`v2.0.1`](https://togithub.com/google-github-actions/auth/releases/tag/v2.0.1) [Compare Source](https://togithub.com/google-github-actions/auth/compare/v2.0.0...v2.0.1) ##### What's Changed - Trigger release on pushes to release branches by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/358](https://togithub.com/google-github-actions/auth/pull/358) - Fix a small docs issue by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/359](https://togithub.com/google-github-actions/auth/pull/359) - Remove broken markdown links by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/362](https://togithub.com/google-github-actions/auth/pull/362) - Document that project_id might be required by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/367](https://togithub.com/google-github-actions/auth/pull/367) - Update README and CI to use latest version by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/365](https://togithub.com/google-github-actions/auth/pull/365) - Add service_account to WIF through SA example by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/369](https://togithub.com/google-github-actions/auth/pull/369) - Use new markdown syntax for alerts by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/371](https://togithub.com/google-github-actions/auth/pull/371) - Note .dockerignore in the exclusion for credentials by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/376](https://togithub.com/google-github-actions/auth/pull/376) - Support newline-separated inputs for delegates and access_token_scopes by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/381](https://togithub.com/google-github-actions/auth/pull/381) - Release: v2.0.1 by [@​google-github-actions-bot](https://togithub.com/google-github-actions-bot) in [https://github.com/google-github-actions/auth/pull/382](https://togithub.com/google-github-actions/auth/pull/382) **Full Changelog**: https://github.com/google-github-actions/auth/compare/v2...v2.0.1 ### [`v2.0.0`](https://togithub.com/google-github-actions/auth/releases/tag/v2.0.0) [Compare Source](https://togithub.com/google-github-actions/auth/compare/v1.3.0...v2.0.0) **⚠️ This version requires Node 20 or later on the runner!** If you are using GitHub-managed runners, no action is needed. If you are using self-hosted runners, make sure the system version of Node is version 20 or higher. ##### What's Changed - Add support for Direct Workload Identity auth by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/348](https://togithub.com/google-github-actions/auth/pull/348) - Add protection for release branches by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/351](https://togithub.com/google-github-actions/auth/pull/351) - Make auth universe-aware by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/352](https://togithub.com/google-github-actions/auth/pull/352) - Fix some examples to include project_id by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/353](https://togithub.com/google-github-actions/auth/pull/353) - Release: v2.0.0 by [@​google-github-actions-bot](https://togithub.com/google-github-actions-bot) in [https://github.com/google-github-actions/auth/pull/355](https://togithub.com/google-github-actions/auth/pull/355) **Full Changelog**: https://github.com/google-github-actions/auth/compare/v1...v2.0.0 ### [`v1.3.0`](https://togithub.com/google-github-actions/auth/releases/tag/v1.3.0) [Compare Source](https://togithub.com/google-github-actions/auth/compare/v1.2.0...v1.3.0) #### What's Changed - Revert back to Node 16 for v1 series by [@​sethvargo](https://togithub.com/sethvargo) in [https://github.com/google-github-actions/auth/pull/356](https://togithub.com/google-github-actions/auth/pull/356) - Release: v1.3.0 by [@​google-github-actions-bot](https://togithub.com/google-github-actions-bot) in [https://github.com/google-github-actions/auth/pull/357](https://togithub.com/google-github-actions/auth/pull/357) **Full Changelog**: https://github.com/google-github-actions/auth/compare/v1...v1.3.0 ### </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on the first day of the month" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/slsa-framework/slsa-github-generator). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNjMuNSIsInVwZGF0ZWRJblZlciI6IjM3LjM2My41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Signed-off-by: Mend Renovate <bot@renovateapp.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds a new authentication mode, Direct Workload Identity Federation. This new mode permits authenticating to Google Cloud directly using the GitHub Actions OIDC token instead of proxying through a Google Cloud Service Account.