Merge #370

370: Bump actions/checkout from 2.3.4 to 2.3.5 r=thomaseizinger a=dependabot[bot] Bumps [actions/checkout](https://github.com/actions/checkout) from 2.3.4 to 2.3.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v2.3.5</h2> <p>Update dependencies</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="1e204e9a92"><code>1e204e9</code></a> update licensed check (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/606">#606</a>)</li> <li><a href="0299a0d2b6"><code>0299a0d</code></a> update dist (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/605">#605</a>)</li> <li><a href="be0f448456"><code>be0f448</code></a> Bump ws from 5.2.2 to 5.2.3 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/604">#604</a>)</li> <li><a href="56c00a7b1f"><code>56c00a7</code></a> Bump tmpl from 1.0.4 to 1.0.5 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/588">#588</a>)</li> <li><a href="85e47d1a2b"><code>85e47d1</code></a> Bump path-parse from 1.0.6 to 1.0.7 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/568">#568</a>)</li> <li><a href="3fc17f8645"><code>3fc17f8</code></a> Bump hosted-git-info from 2.8.5 to 2.8.9 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/500">#500</a>)</li> <li><a href="e3bc06d986"><code>e3bc06d</code></a> Bump lodash from 4.17.15 to 4.17.21 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/499">#499</a>)</li> <li><a href="442567ba57"><code>442567b</code></a> Bump handlebars from 4.5.3 to 4.7.7 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/497">#497</a>)</li> <li><a href="7f00b66d06"><code>7f00b66</code></a> Bump y18n from 4.0.0 to 4.0.1 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/469">#469</a>)</li> <li><a href="eccf386318"><code>eccf386</code></a> Bump <code>`@actions/core</code>` from 1.1.3 to 1.2.6 (<a href="https://github-redirect.dependabot.com/actions/checkout/issues/361">#361</a>)</li> <li>Additional commits viewable in <a href="https://github.com/actions/checkout/compare/v2.3.4...v2.3.5">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=2.3.4&new-version=2.3.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
3 years ago · c26a9ce6a8
5 changed files with 11 additions and 11 deletions
--- a/.github/workflows/build-release-binary.yml
+++ b/.github/workflows/build-release-binary.yml
@ -53,7 +53,7 @@ jobs:
    runs-on: ${{ matrix.os }}
    steps:
      - name: Checkout tagged commit
-        uses: actions/checkout@v2.3.4
+        uses: actions/checkout@v2.3.5
        with:
          ref: ${{ github.event.release.target_commitish }}
          token: ${{ secrets.BOTTY_GITHUB_TOKEN }}
@ -154,7 +154,7 @@ jobs:
      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
    steps:
      - name: Checkout tagged commit
-        uses: actions/checkout@v2.3.4
+        uses: actions/checkout@v2.3.5
        with:
          ref: ${{ github.event.release.target_commitish }}
      - name: Set up QEMU
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@ -11,13 +11,13 @@ jobs:
  formatting:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v2.3.5
      - uses: dprint/check@v2.0

  clippy:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v2.3.5
      - name: Install Rust
        uses: actions-rs/toolchain@v1
        with:
@ -34,7 +34,7 @@ jobs:
        working-directory: frontend
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v2.3.5
      - uses: actions/setup-node@v2
        with:
          cache: 'yarn'
@ -52,7 +52,7 @@ jobs:
        working-directory: frontend
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v2.3.5
      - uses: actions/setup-node@v2
        with:
          cache: 'yarn'
@ -67,7 +67,7 @@ jobs:
        os: [ ubuntu-latest, macos-latest, windows-latest ]
    runs-on: ${{ matrix.os }}
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v2.3.5
      - name: Setup rust toolchain
        run: rustup show
      - uses: Swatinem/rust-cache@v1.3.0
@ -100,7 +100,7 @@ jobs:
          - target: armv7-unknown-linux-gnueabihf
          - target: aarch64-unknown-linux-gnu
    steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v2.3.5
      - name: Setup rust toolchain
        run: rustup show
      - uses: Swatinem/rust-cache@v1.3.0
--- a/.github/workflows/create-release.yml
+++ b/.github/workflows/create-release.yml
@ -11,7 +11,7 @@ jobs:
    if: github.event.pull_request.merged == true && startsWith(github.event.pull_request.head.ref, 'release/')
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v2.3.4
+      - uses: actions/checkout@v2.3.5

      - name: Extract version from branch name
        id: extract-version
--- a/.github/workflows/draft-new-release.yml
+++ b/.github/workflows/draft-new-release.yml
@ -12,7 +12,7 @@ jobs:
    name: "Draft a new release"
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v2.3.4
+      - uses: actions/checkout@v2.3.5
        with:
          token: ${{ secrets.BOTTY_GITHUB_TOKEN }}

--- a/.github/workflows/preview-release.yml
+++ b/.github/workflows/preview-release.yml
@ -12,7 +12,7 @@ jobs:
    env:
      GITHUB_TOKEN: ${{ secrets.BOTTY_GITHUB_TOKEN }}
    steps:
-      - uses: actions/checkout@v2.3.4
+      - uses: actions/checkout@v2.3.5

      - name: Update 'preview' release
        run: |