Skip to content

Bump ASFHyP3/actions from 0.19.0 to 0.20.0#2780

Merged
jtherrmann merged 1 commit intodevelopfrom
dependabot/github_actions/ASFHyP3/actions-0.20.0
May 28, 2025
Merged

Bump ASFHyP3/actions from 0.19.0 to 0.20.0#2780
jtherrmann merged 1 commit intodevelopfrom
dependabot/github_actions/ASFHyP3/actions-0.20.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 26, 2025

Bumps ASFHyP3/actions from 0.19.0 to 0.20.0.

Release notes

Sourced from ASFHyP3/actions's releases.

Actions v0.20.0

Added

  • The reusable-docker-ecr.yml workflow now accepts a file input for specifying the name of the dockerfile to build.

Changed

  • The update-examples.yml workflow no longer used the reusable-git-object-name.yml workflow.

  • The reusable-docker-ecr.yml and reusable-docker-ghcr.yml workflows have changed substantially! These workflows are now version-centric instead of branch-centric and their usage has changed. Please make these changes to any calling workflow:

     on:
   push:
     branches:
-      - main
       - develop
+    tags:
+      - 'v*'
   pull_request:
     branches:
       - main
       - develop

    and:

         uses: ASFHyP3/actions/.github/workflows/reusable-docker-ghcr.yml@v0.19.0
     ...
     with:
-      release_branch: main
-      develop_branch: develop
       ...

    For current usage, see the README and for more details about these changes, see ASFHyP3/actions#288.

Fixed

  • latest tag will now be applied to release-tagged Docker images correctly. Fixes ASFHyP3/actions#278

Removed

  • The reusable-git-object-name.yml workflow has been removed. We recommend using the reusable-version-info.yml workflow instead.
Changelog

Sourced from ASFHyP3/actions's changelog.

[0.20.0]

Added

  • The reusable-docker-ecr.yml workflow now accepts a file input for specifying the name of the dockerfile to build.

Changed

  • The update-examples.yml workflow no longer used the reusable-git-object-name.yml workflow.

  • The reusable-docker-ecr.yml and reusable-docker-ghcr.yml workflows have changed substantially! These workflows are now version-centric instead of branch-centric and their usage has changed. Please make these changes to any calling workflow:

     on:
   push:
     branches:
-      - main
       - develop
+    tags:
+      - 'v*'
   pull_request:
     branches:
       - main
       - develop

    and:

         uses: ASFHyP3/actions/.github/workflows/reusable-docker-ghcr.yml@v0.19.0
     ...
     with:
-      release_branch: main
-      develop_branch: develop
       ...

    For current usage, see the README and for more details about these changes, see ASFHyP3/actions#288.

Fixed

  • latest tag will now be applied to release-tagged Docker images correctly. Fixes ASFHyP3/actions#278

Removed

  • The reusable-git-object-name.yml workflow has been removed. We recommend using the reusable-version-info.yml workflow instead.
Commits
  • f635408 Merge pull request #293 from ASFHyP3/develop
  • 6a63ab0 Merge pull request #295 from ASFHyP3/dependabot/github_actions/trufflesecurit...
  • 32eab73 Merge pull request #296 from ASFHyP3/shush-codeql
  • 9f6509d Add workflow permissions for notify-downstream.yml
  • 9d2b472 update GH actions workflows for permissions
  • edc47d4 Merge pull request #294 from ASFHyP3/dependabot/github_actions/ASFHyP3/action...
  • 622ae6c Bump trufflesecurity/trufflehog from 3.88.29 to 3.88.30
  • 34e32b0 Bump ASFHyP3/actions from 0.18.1 to 0.19.0
  • 8827c44 Merge pull request #288 from ASFHyP3/fix-image-labels
  • 2472b8b Apply suggestions from code review
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump ASFHyP3/actions from 0.19.0 to 0.20.0
038a254 
Bumps [ASFHyP3/actions](https://github.com/asfhyp3/actions) from 0.19.0 to 0.20.0.
- [Release notes](https://github.com/asfhyp3/actions/releases)
- [Changelog](https://github.com/ASFHyP3/actions/blob/develop/CHANGELOG.md)
- [Commits](ASFHyP3/actions@v0.19.0...v0.20.0)

---
updated-dependencies:
- dependency-name: ASFHyP3/actions
  dependency-version: 0.20.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added bumpless Changes to documentation, CI/CD pipelines, etc that don't affect the project's version minor Bump the minor version number of this project labels May 26, 2025
@dependabot dependabot Bot requested a review from a team as a code owner May 26, 2025 19:39
@dependabot dependabot Bot added the bumpless Changes to documentation, CI/CD pipelines, etc that don't affect the project's version label May 26, 2025
@dependabot dependabot Bot requested review from a team as code owners May 26, 2025 19:39
@jtherrmann jtherrmann merged commit 8daca3d into develop May 28, 2025
16 checks passed
@jtherrmann jtherrmann deleted the dependabot/github_actions/ASFHyP3/actions-0.20.0 branch May 28, 2025 18:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jtherrmann jtherrmann jtherrmann approved these changes

Assignees

No one assigned

Labels

bumpless Changes to documentation, CI/CD pipelines, etc that don't affect the project's version minor Bump the minor version number of this project

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jtherrmann