setup-go

Commit Graph

Author	SHA1	Message	Date
Matthew Hughes	e75c3e80bc	Bump `form-data` to bring in fix for critical vulnerability (#618 ) The vulnerability: $ npm audit --audit-level=high # npm audit report form-data >=4.0.0 <4.0.4 \|\| <2.5.4 Severity: critical form-data uses unsafe random function in form-data for choosing boundary - https://github.com/advisories/GHSA-fjxv-7rqg-78g4 form-data uses unsafe random function in form-data for choosing boundary - https://github.com/advisories/GHSA-fjxv-7rqg-78g4 fix available via `npm audit fix` node_modules/@azure/core-http/node_modules/form-data node_modules/@types/node-fetch/node_modules/form-data node_modules/form-data 1 critical severity vulnerability To address all issues, run: npm audit fix This change is the result of from running `npm audit fix` and then using[1] to update licenses via `licensed cache`. It doesn't look like `dependabot` previously raised any PRs for this dependency, so this bumps it from `4.0.0` to `4.0.4`, see the changelog[2] for details. Link: https://github.com/licensee/licensed [1] Link: https://github.com/form-data/form-data/blob/v4.0.4/CHANGELOG.md [2]	4 weeks ago
dependabot[bot]	8e57b58e57	Bump eslint-plugin-jest from 28.11.0 to 29.0.1 (#603 ) Bumps [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) from 28.11.0 to 29.0.1. - [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases) - [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v28.11.0...v29.0.1) --- updated-dependencies: - dependency-name: eslint-plugin-jest dependency-version: 29.0.1 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2 months ago
dependabot[bot]	7c0b336c9a	Bump typescript from 5.4.2 to 5.8.3 (#538 ) * Bump typescript from 5.4.2 to 5.7.3 Bumps [typescript](https://github.com/microsoft/TypeScript) from 5.4.2 to 5.7.3. - [Release notes](https://github.com/microsoft/TypeScript/releases) - [Changelog](https://github.com/microsoft/TypeScript/blob/main/azure-pipelines.release.yml) - [Commits](https://github.com/microsoft/TypeScript/compare/v5.4.2...v5.7.3) --- updated-dependencies: - dependency-name: typescript dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * Fix low security alert --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: HarithaVattikuti <73516759+HarithaVattikuti@users.noreply.github.com>	2 months ago
dependabot[bot]	6f26dcc668	Bump undici from 5.28.5 to 5.29.0 (#594 ) * Bump undici from 5.28.5 to 5.29.0 Bumps [undici](https://github.com/nodejs/undici) from 5.28.5 to 5.29.0. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.28.5...v5.29.0) --- updated-dependencies: - dependency-name: undici dependency-version: 5.29.0 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Fix CI failures --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: HarithaVattikuti <73516759+HarithaVattikuti@users.noreply.github.com>	2 months ago
dependabot[bot]	8d4083a006	Bump @typescript-eslint/parser from 5.62.0 to 8.32.0 (#590 ) Bumps [@typescript-eslint/parser](https://github.com/typescript-eslint/typescript-eslint/tree/HEAD/packages/parser) from 5.62.0 to 8.32.0. - [Release notes](https://github.com/typescript-eslint/typescript-eslint/releases) - [Changelog](https://github.com/typescript-eslint/typescript-eslint/blob/main/packages/parser/CHANGELOG.md) - [Commits](https://github.com/typescript-eslint/typescript-eslint/commits/v8.32.0/packages/parser) --- updated-dependencies: - dependency-name: "@typescript-eslint/parser" dependency-version: 8.32.0 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2 months ago
dependabot[bot]	fa96338abe	Bump @actions/tool-cache from 2.0.1 to 2.0.2 (#591 ) * Bump @actions/tool-cache from 2.0.1 to 2.0.2 Bumps [@actions/tool-cache](https://github.com/actions/toolkit/tree/HEAD/packages/tool-cache) from 2.0.1 to 2.0.2. - [Changelog](https://github.com/actions/toolkit/blob/main/packages/tool-cache/RELEASES.md) - [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/tool-cache) --- updated-dependencies: - dependency-name: "@actions/tool-cache" dependency-version: 2.0.2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * Fix failures --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: HarithaVattikuti <73516759+HarithaVattikuti@users.noreply.github.com>	3 months ago
dependabot[bot]	4de67c04ab	Bump @types/jest from 29.5.12 to 29.5.14 (#589 ) Bumps [@types/jest](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jest) from 29.5.12 to 29.5.14. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jest) --- updated-dependencies: - dependency-name: "@types/jest" dependency-version: 29.5.14 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	3 months ago
dependabot[bot]	78535dd5f2	Bump eslint-plugin-jest from 27.9.0 to 28.11.0 (#537 ) * Bump eslint-plugin-jest from 27.9.0 to 28.11.0 Bumps [eslint-plugin-jest](https://github.com/jest-community/eslint-plugin-jest) from 27.9.0 to 28.11.0. - [Release notes](https://github.com/jest-community/eslint-plugin-jest/releases) - [Changelog](https://github.com/jest-community/eslint-plugin-jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/jest-community/eslint-plugin-jest/compare/v27.9.0...v28.11.0) --- updated-dependencies: - dependency-name: eslint-plugin-jest dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * check failures fix --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aparna Jyothi <aparnajyothi-y@github.com>	4 months ago
dependabot[bot]	bb65d8857b	Bump ts-jest from 29.1.2 to 29.3.2 (#582 ) * Bump ts-jest from 29.1.2 to 29.3.2 Bumps [ts-jest](https://github.com/kulshekhar/ts-jest) from 29.1.2 to 29.3.2. - [Release notes](https://github.com/kulshekhar/ts-jest/releases) - [Changelog](https://github.com/kulshekhar/ts-jest/blob/main/CHANGELOG.md) - [Commits](https://github.com/kulshekhar/ts-jest/compare/v29.1.2...v29.3.2) --- updated-dependencies: - dependency-name: ts-jest dependency-version: 29.3.2 dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * fix check failures --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aparna Jyothi <aparnajyothi-y@github.com>	4 months ago
dependabot[bot]	7f17e836c0	Bump @actions/glob from 0.4.0 to 0.5.0 (#573 ) * Bump @actions/glob from 0.4.0 to 0.5.0 Bumps [@actions/glob](https://github.com/actions/toolkit/tree/HEAD/packages/glob) from 0.4.0 to 0.5.0. - [Changelog](https://github.com/actions/toolkit/blob/main/packages/glob/RELEASES.md) - [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/glob) --- updated-dependencies: - dependency-name: "@actions/glob" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> * fix for check failures --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aparna Jyothi <aparnajyothi-y@github.com>	4 months ago
aparnajyothi-y	691cc3533f	upgrade actions/cache to 4.0.3 (#574 )	5 months ago
dependabot[bot]	0aaccfd150	Bump undici from 5.28.4 to 5.28.5 (#541 ) * Bump undici from 5.28.4 to 5.28.5 Bumps [undici](https://github.com/nodejs/undici) from 5.28.4 to 5.28.5. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.28.4...v5.28.5) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Bump undici from 5.28.4 to 5.28.5 Bumps [undici](https://github.com/nodejs/undici) from 5.28.4 to 5.28.5. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.28.4...v5.28.5) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Fix failures --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: HarithaVattikuti <73516759+HarithaVattikuti@users.noreply.github.com>	6 months ago
aparnajyothi-y	c4c1141886	upgrade actions/cache to 4.0.2 (#568 )	6 months ago
dependabot[bot]	5a083d0e9a	Bump eslint-config-prettier from 8.10.0 to 10.0.1 (#536 ) Bumps [eslint-config-prettier](https://github.com/prettier/eslint-config-prettier) from 8.10.0 to 10.0.1. - [Release notes](https://github.com/prettier/eslint-config-prettier/releases) - [Changelog](https://github.com/prettier/eslint-config-prettier/blob/main/CHANGELOG.md) - [Commits](https://github.com/prettier/eslint-config-prettier/compare/v8.10.0...v10.0.1) --- updated-dependencies: - dependency-name: eslint-config-prettier dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	8 months ago
dependabot[bot]	1d82324e53	Bump semver from 7.6.0 to 7.6.3 (#535 ) * Bump semver from 7.6.0 to 7.6.3 Bumps [semver](https://github.com/npm/node-semver) from 7.6.0 to 7.6.3. - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/main/CHANGELOG.md) - [Commits](https://github.com/npm/node-semver/compare/v7.6.0...v7.6.3) --- updated-dependencies: - dependency-name: semver dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * fix for check-dist and license failures --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Aparna Jyothi <aparnajyothi-y@github.com>	8 months ago
Bassem Dghaidi	f81f022188	Use the new cache service: upgrade `@actions/cache` to `^4.0.0` (#531 ) * Use new cache service * Add licensed output * Review licenses & update types	8 months ago
Tobias	3041bf56c9	feat: fallback to "raw" endpoint for manifest when rate limit is reached (#496 ) * feat: fallback to "raw" endpoint for manifest when rate limit is reached * add information about raw access to the README * prettier * update cross-spawn to 7.0.6 to fix vulnerability	10 months ago
Priya Gupta	41dfa10bad	Enhance workflows and Upgrade micromatch Dependency (#510 ) * Update workflows and bump dependencies * Add test for Go 1.22 and 1.23 * Update Go versions in local-cache setup and include macos-latest with ARM64 architecture	11 months ago
dependabot[bot]	0a12ed9d6a	Bump braces from 3.0.2 to 3.0.3 (#487 ) * Bump braces from 3.0.2 to 3.0.3 Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * Bump undici from 5.28.3 to 5.28.4 --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: HarithaVattikuti <73516759+HarithaVattikuti@users.noreply.github.com>	1 year ago
dependabot[bot]	be1aa1186e	Bump undici from 5.28.2 to 5.28.3 (#465 ) * Bump undici from 5.28.2 to 5.28.3 Bumps [undici](https://github.com/nodejs/undici) from 5.28.2 to 5.28.3. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.28.2...v5.28.3) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> * fixed check failures and update dependencies --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: HarithaVattikuti <73516759+HarithaVattikuti@users.noreply.github.com>	1 year ago
Dmitry Shibanov	0c52d547c9	Update dependencies for node20 (#445 )	2 years ago
Sergey Dolin	27eec5b982	Merge pull request #396 from actions/dependabot/npm_and_yarn/semver-6.3.1 Bump semver from 6.3.0 to 6.3.1	2 years ago
dependabot[bot]	1b80a11e05	Bump word-wrap from 1.2.3 to 1.2.4 Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.4. - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.4) --- updated-dependencies: - dependency-name: word-wrap dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2 years ago
dependabot[bot]	4220624b80	Bump semver from 6.3.0 to 6.3.1 Bumps [semver](https://github.com/npm/node-semver) from 6.3.0 to 6.3.1. - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v6.3.1/CHANGELOG.md) - [Commits](https://github.com/npm/node-semver/compare/v6.3.0...v6.3.1) --- updated-dependencies: - dependency-name: semver dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2 years ago
dependabot[bot]	db8764c1e2	Bump tough-cookie and @azure/ms-rest-js (#392 )	2 years ago
Nikolai Laevskii	f350b3e5db	Move eslint-plugin-node to dev dependencies	2 years ago
Nikolai Laevskii	06a11aedec	Install eslint-plugin-node	2 years ago
Nikolai Laevskii	fac708d667	Bump @actions/cache dependency to v3.2.1 (#374 )	2 years ago
Dmitry Shibanov	dd84a9531a	Update xml2js (#370 )	2 years ago
Dmitry Shibanov	b27d76912e	fix lockfileVersion (#349 )	3 years ago
Sergey Dolin	c51a720768	Enable caching by default with default input (#332 )	3 years ago
Ivan	7406d654ad	Add and configure ESLint and update configuration for Prettier (#341 ) * Turn on ESLint and update Prettier * Update eslint config * Update eslint config * Update dependencies * Update ESLint and Prettier configurations * update package.json * Update prettier command * Update prettier config file * Change CRLF to LF * Update docs * Update docs	3 years ago
dependabot[bot]	4347c698e3	Bump json5 from 2.2.1 to 2.2.3 (#315 )	3 years ago
Milos Pantic	38dbe75f81	Add stable and oldstable aliases (#300 )	3 years ago
Francesco Renzi	514ae57904	Update @actions/core to 1.10.0	3 years ago
Milos Pantic	4c32251b06	Update package lock version (#261 )	3 years ago
Vladimir Safonkin	0fd92001e9	Rework cache handling	3 years ago
IvanZosimov	b22fbbc292	Implementation of caching functionality for setup-go action (#228 )	3 years ago
Dmitry Shibanov	fcdc43634a	Update @zeit/ncc to @vercel/ncc (#229 )	3 years ago
dependabot[bot]	fcc0174ef2	Bump minimist from 1.2.5 to 1.2.6 Bumps [minimist](https://github.com/substack/minimist) from 1.2.5 to 1.2.6. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.5...1.2.6) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	4 years ago
Dmitry Shibanov	2bb2aab2fd	update types node (#194 )	4 years ago
Dmitry Shibanov	edcbc0c2cd	update lockfileVersion (#193 )	4 years ago
dependabot[bot]	5b0ae0e97d	Bump pathval from 1.1.0 to 1.1.1 (#188 )	4 years ago
Dmitry Shibanov	bfdd3570ce	Implement "check-latest" flag to check if pre-cached version is latest one (#186 )	4 years ago
Dmitry Shibanov	59d644db2a	update dependencies	4 years ago
Brian Cristante	b8a24202e2	Update Jest	4 years ago
Brian Cristante	e234d99c78	Run npm audit fix	4 years ago
Thomas Boop	37335c7bb2	Swap to Environment Files (#76 ) * Swap to env files	5 years ago
Dmitry Shibanov	1616116e1b	Use GitHub releases to download Go versions. (#58 )	5 years ago
Bryan MacFarlane	dec4fc5647	update tool-cache version	6 years ago

1 2

58 Commits (1d76b952eb9246b03e20e15a9ef98c6d4af389ef)