dependabot[bot]
0aa54151f2
.github: Bump actions/checkout from 3.6.0 to 4.2.2 ( #14139 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.6.0 to 4.2.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3.6.0...11bd71901bbe5b1630ceea73d27597364c9af683 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-01-28 15:03:13 -07:00
dependabot[bot]
33e62a31bd
.github: Bump peter-evans/create-pull-request from 7.0.5 to 7.0.6 ( #14695 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 7.0.5 to 7.0.6.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](5e914681df...67ccf781d6
2025-01-20 11:18:42 -07:00
dependabot[bot]
dd6b808acf
.github: Bump peter-evans/create-pull-request from 7.0.1 to 7.0.5 ( #13626 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 7.0.1 to 7.0.5.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](8867c4aba1...5e914681df
2024-09-30 21:12:44 -06:00
dependabot[bot]
a98f75b783
.github: Bump tibdex/github-app-token from 1.8.0 to 2.1.0 ( #9529 )
...
Bumps [tibdex/github-app-token](https://github.com/tibdex/github-app-token ) from 1.8.0 to 2.1.0.
- [Release notes](https://github.com/tibdex/github-app-token/releases )
- [Commits](b62528385c...3beb63f4bd
2024-09-24 10:01:00 -06:00
Mario Minardi
07991dec83
.github: pin actions/checkout to latest v3 or v4 as appropriate ( #13551 )
...
Pin actions/checkout usage to latest 3.x or 4.x as appropriate. These
were previously pointing to `@4` or `@3` which pull in the latest
versions at these tags as they are released, with the potential to break
our workflows if a breaking change or malicious version for either of
these streams are released.
Changing this to a pinned version also means that dependabot will keep
this in the pinend version format (e.g., referencing a SHA) when it
opens a PR to bump the dependency.
Updates #cleanup
Signed-off-by: Mario Minardi <mario@tailscale.com>
2024-09-23 14:52:19 -06:00
dependabot[bot]
71b550c73c
.github: Bump peter-evans/create-pull-request from 5.0.1 to 7.0.1 ( #13419 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 5.0.1 to 7.0.1.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](284f54f989...8867c4aba1
2024-09-10 10:08:14 -06:00
Will Norris
33147c4591
.github: build gocross using regular GOPROXY settings
...
This `go get` action has been running very slowly, and I'm pretty sure
it's because we're building gocross on the first `./tool/go` run, and
because we've set `GOPROXY=direct`, it's going directly to GitHub to
fetch all of the gocross dependencies.
Updates #cleanup
Signed-off-by: Will Norris <will@tailscale.com>
2023-11-16 09:46:48 -08:00
Will Norris
7399e56acd
.github: add action for updating web-client-prebuilt module
...
Updates tailscale/corp#14335
Signed-off-by: Will Norris <will@tailscale.com>
2023-11-14 09:30:08 -08:00
