dependabot: bump tibdex/github-app-token from 1.5.0 to 2.1.0 #1295

dependabot · 2024-10-29T22:45:26Z

Bumps tibdex/github-app-token from 1.5.0 to 2.1.0.

Release notes

Sourced from tibdex/github-app-token's releases.

v2.1.0

Projects willing to keep the token alive after the end of the job can pass revoke: false as an input.

v2.0.0

BREAKING: replaces the installation_id and repository inputs with installation_retrieval_mode and installation_retrieval_payload to also support organization and user installation.

switches to node20.

adds a repositories input to scope the created token to a subset of repositories.

revokes the created token at the end of the job with a post script.

v1.9.0

No release notes provided.

v1.8.2

No release notes provided.

v1.8.1

No release notes provided.

v1.8.0

No release notes provided.

v1.7.0

No release notes provided.

v1.6.0

No release notes provided.

v1.5.2

No release notes provided.

v1.5.1

No release notes provided.

Commits

3beb63f release v2.1.0
3eb77c7 Add option to not revoke token (#95)
9571738 Add support for organization and user installation retrieval and repository s...
3a5af6b Update dependencies and simplify project (#83)
10e2a63 Revert Node.js update (#82)
388799a feat: upgrade to node 20 (#81)
c2055a0 Make the integration test optional (#67)
44d4a52 Upgrade deps (#64)
c3ff703 bump actions/checkout version (#52)
da40f50 Upgrade deps and cleanup (#51)
Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

shiv0408 · 2025-01-19T12:30:05Z

@dependabot rebase

Bumps [tibdex/github-app-token](https://github.com/tibdex/github-app-token) from 1.5.0 to 2.1.0. - [Release notes](https://github.com/tibdex/github-app-token/releases) - [Commits](tibdex/github-app-token@v1.5...v2.1.0) --- updated-dependencies: - dependency-name: tibdex/github-app-token dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>

Bumps [tibdex/github-app-token](https://github.com/tibdex/github-app-token) from 1.5.0 to 2.1.0. - [Release notes](https://github.com/tibdex/github-app-token/releases) - [Commits](tibdex/github-app-token@v1.5...v2.1.0) --- updated-dependencies: - dependency-name: tibdex/github-app-token dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> (cherry picked from commit 16a8e0f) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>

…1352) Bumps [tibdex/github-app-token](https://github.com/tibdex/github-app-token) from 1.5.0 to 2.1.0. - [Release notes](https://github.com/tibdex/github-app-token/releases) - [Commits](tibdex/github-app-token@v1.5...v2.1.0) --- updated-dependencies: - dependency-name: tibdex/github-app-token dependency-type: direct:production update-type: version-update:semver-major ... (cherry picked from commit 16a8e0f) Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

…rch-project#1295) (opensearch-project#1352) Bumps [tibdex/github-app-token](https://github.com/tibdex/github-app-token) from 1.5.0 to 2.1.0. - [Release notes](https://github.com/tibdex/github-app-token/releases) - [Commits](tibdex/github-app-token@v1.5...v2.1.0) --- updated-dependencies: - dependency-name: tibdex/github-app-token dependency-type: direct:production update-type: version-update:semver-major ... (cherry picked from commit 16a8e0f) Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

dependabot bot requested review from bowenlan-amzn and Hailong-am as code owners October 29, 2024 22:45

dependabot bot added github_actions Pull requests that update GitHub Actions code Mend: dependency security vulnerability Security vulnerability detected by WhiteSource labels Oct 29, 2024

dependabot bot requested a review from vikasvb90 as a code owner October 29, 2024 22:45

dependabot bot force-pushed the dependabot/github_actions/tibdex/github-app-token-2.1.0 branch from 6373b90 to 91116a1 Compare January 19, 2025 12:30

dependabot bot requested review from tandonks, shiv0408 and soosinha as code owners January 19, 2025 12:30

shiv0408 approved these changes Jan 23, 2025

View reviewed changes

shiv0408 merged commit 16a8e0f into main Jan 23, 2025
30 checks passed

dependabot bot deleted the dependabot/github_actions/tibdex/github-app-token-2.1.0 branch January 23, 2025 06:08

shiv0408 added the backport 2.x label Jan 23, 2025

opensearch-trigger-bot bot mentioned this pull request Jan 23, 2025

[Backport 2.x] dependabot: bump tibdex/github-app-token from 1.5.0 to 2.1.0 #1352

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

dependabot: bump tibdex/github-app-token from 1.5.0 to 2.1.0 #1295

dependabot: bump tibdex/github-app-token from 1.5.0 to 2.1.0 #1295

dependabot bot commented on behalf of github Oct 29, 2024 •

edited

Loading

shiv0408 commented Jan 19, 2025

dependabot: bump tibdex/github-app-token from 1.5.0 to 2.1.0 #1295

dependabot: bump tibdex/github-app-token from 1.5.0 to 2.1.0 #1295

Conversation

dependabot bot commented on behalf of github Oct 29, 2024 • edited Loading

v2.1.0

v2.0.0

v1.9.0

v1.8.2

v1.8.1

v1.8.0

v1.7.0

v1.6.0

v1.5.2

v1.5.1

shiv0408 commented Jan 19, 2025

dependabot bot commented on behalf of github Oct 29, 2024 •

edited

Loading