⬆️ Bump the github-actions group with 3 updates

[dependabot]

Bumps the github-actions group with 3 updates: actions/checkout, n1hility/cancel-previous-runs and actions/cache.

Updates actions/checkout from 2 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

• Update default runtime to node20 by @​takost in actions/checkout#1436
• Support fetching without the --progress option by @​simonbaird in actions/checkout#1067
• Release 4.0.0 by @​takost in actions/checkout#1447

New Contributors

• @​takost made their first contribution in actions/checkout#1436
• @​simonbaird made their first contribution in actions/checkout#1067

Full Changelog: actions/checkout@v3...v4.0.0

v3.6.0

What's Changed

• Mark test scripts with Bash'isms to be run via Bash by @​dscho in actions/checkout#1377
• Add option to fetch tags even if fetch-depth > 0 by @​RobertWieczoreck in actions/checkout#579
• Release 3.6.0 by @​luketomlinson in actions/checkout#1437

New Contributors

• @​RobertWieczoreck made their first contribution in actions/checkout#579
• @​luketomlinson made their first contribution in actions/checkout#1437

Full Changelog: actions/checkout@v3.5.3...v3.6.0

v3.5.3

What's Changed

• Fix: Checkout Issue in self hosted runner due to faulty submodule check-ins by @​megamanics in actions/checkout#1196
• Fix typos found by codespell by @​DimitriPapadopoulos in actions/checkout#1287
• Add support for sparse checkouts by @​dscho and @​dfdez in actions/checkout#1369
• Release v3.5.3 by @​TingluoHuang in actions/checkout#1376

New Contributors

• @​megamanics made their first contribution in actions/checkout#1196
• @​DimitriPapadopoulos made their first contribution in actions/checkout#1287
• @​dfdez made their first contribution in actions/checkout#1369

Full Changelog: actions/checkout@v3...v3.5.3

v3.5.2

What's Changed

• Fix: Use correct API url / endpoint in GHES by @​fhammerl in actions/checkout#1289 based on #1286 by @​1newsr

Full Changelog: actions/checkout@v3.5.1...v3.5.2

v3.5.1

What's Changed

• Improve checkout performance on Windows runners by upgrading @​actions/github dependency by @​BrettDong in actions/checkout#1246

New Contributors

• @​BrettDong made their first contribution in actions/checkout#1246

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.0

• Add support for partial checkout filters

v4.0.0

• Support fetching without the --progress option
• Update to node20

v3.6.0

• Fix: Mark test scripts with Bash'isms to be run via Bash
• Add option to fetch tags even if fetch-depth > 0

v3.5.3

• Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in
• Fix typos found by codespell
• Add support for sparse checkouts

v3.5.2

• Fix api endpoint for GHES

v3.5.1

• Fix slow checkout on Windows

v3.5.0

• Add new public key for known_hosts

v3.4.0

• Upgrade codeql actions to v2
• Upgrade dependencies
• Upgrade @​actions/io

v3.3.0

• Implement branch list using callbacks from exec function
• Add in explicit reference to private checkout options
• [Fix comment typos (that got added in #770)](actions/checkout#1057)

v3.2.0

• Add GitHub Action to perform release
• Fix status badge
• Replace datadog/squid with ubuntu/squid Docker image
• Wrap pipeline commands for submoduleForeach in quotes
• Update @​actions/io to 1.1.2
• Upgrading version to 3.2.0

v3.1.0

• Use @​actions/core saveState and getState
• Add github-server-url input

v3.0.2

... (truncated)

Commits

• b4ffde6 Link to release page from what's new section (#1514)
• 8530928 Correct link to GitHub Docs (#1511)
• 7cdaf2f Update CODEOWNERS to Launch team (#1510)
• 8ade135 Prepare 4.1.0 release (#1496)
• c533a0a Add support for partial checkout filters (#1396)
• 72f2cec Update README.md for V4 (#1452)
• 3df4ab1 Release 4.0.0 (#1447)
• 8b5e8b7 Support fetching without the --progress option (#1067)
• 97a652b Update default runtime to node20 (#1436)
• f43a0e5 Release 3.6.0 (#1437)
• Additional commits viewable in compare view

Updates n1hility/cancel-previous-runs from 2 to 3

Release notes

Sourced from n1hility/cancel-previous-runs's releases.

v3.0

cancel-previous-runs

This action cancels previous runs for one or more branches/prs associated with a workflow, effectively limiting the resource consumption of the workflow to one per branch.

Usage

The easiest and most complete approach to utilize this action, is to create a separate schedule event triggered workflow, which is directed at the workflow you wish to clear duplicate runs. At each cron interval all branches and all PRs executing for either push or pull_request events will be processed and limited to one run per branch/pr.

Additionally this action can be placed as an early step in your workflow (e.g. after checkout), so that it can abort the other previously running jobs immediately, in case most resources are tied up. Unfortunately this approach is a no-op when a pull request uses a fork for a source branch. This is because the GITHUB_TOKEN provided to runs with a fork source branch specifies reed-only permissions for security reasons. write permissions are required to be able to cancel a job. Therefore, it's a good idea to only rely on this approach as a fallback in-addition to the previously described scheduling model.

Inputs

token - The github token passed from ${{ secrets.GITHUB_TOKEN }}. Since workflow files are visible in the repository, DO NOT HARDCODE A TOKEN ONLY USE A REFERENCE. workflow - The filename of the workflow to limit runs on (only applies to schedule events)

Schedule Example

name: Cleanup Duplicate Branches and PRs  
on:
  schedule:
    - cron:  '*/15 * * * *'
cancel-runs:
  # Prevent forks from running this to be nice
  if: github.repository == 'foo-org/my-repo'
  runs-on: ubuntu-latest
    steps:
      - uses: n1hility/cancel-previous-runs@v3
        with: 
          token: ${{ secrets.GITHUB_TOKEN }}
          workflow: my-heavy-workflow.yml

Alternate/Fallback Example

  test: 
    runs-on: ubuntu-latest
    steps:
    - uses: actions/checkout@v1
    - uses: n1hility/cancel-previous-runs@v3
      with: 
        token: ${{ secrets.GITHUB_TOKEN }}

License

... (truncated)

Commits

• e709d8e Update dependencies to latest and refactor code
• 6447949 Merge pull request #29 from n1hility/dependabot/npm_and_yarn/json5-2.2.3
• f868496 Merge pull request #28 from n1hility/dependabot/npm_and_yarn/qs-6.5.3
• a46d7bf Merge pull request #27 from n1hility/dependabot/npm_and_yarn/decode-uri-compo...
• aba816d Merge pull request #26 from n1hility/dependabot/npm_and_yarn/actions/core-1.9.1
• bc9f50e Merge pull request #23 from n1hility/dependabot/npm_and_yarn/ajv-6.12.6
• 651e5a9 Merge pull request #22 from n1hility/dependabot/npm_and_yarn/tmpl-1.0.5
• 34c9406 Merge pull request #21 from n1hility/dependabot/npm_and_yarn/path-parse-1.0.7
• bc5ac22 Merge pull request #18 from n1hility/dependabot/npm_and_yarn/hosted-git-info-...
• 14bfe23 Merge pull request #17 from n1hility/dependabot/npm_and_yarn/lodash-4.17.21
• Additional commits viewable in compare view

Updates actions/cache from 2 to 3

Release notes

Sourced from actions/cache's releases.

v3.0.0

• This change adds a minimum runner version(node12 -> node16), which can break users using an out-of-date/fork of the runner. This would be most commonly affecting users on GHES 3.3 or before, as those runners do not support node16 actions and they can use actions from github.com via github connect or manually copying the repo to their GHES instance.

• Few dependencies and cache action usage examples have also been updated.

Updating actions/core to version 1.10.0

The ::save-state and ::set-output are deprecated. The newer version of actions/core >1.10.0 uses the new syntax for save and set output. After this change, customers using actions/cache@v2 won't see deprecation warning message.

v2.1.7

Support 10GB cache upload using the latest version 1.0.8 of @actions/cache

v2.1.6

• Catch unhandled "bad file descriptor" errors that sometimes occurs when the cache server returns non-successful response (actions/cache#596)

v2.1.5

• Fix permissions error seen when extracting caches with GNU tar that were previously created using BSD tar (actions/cache#527)

v2.1.4

• Make caching more verbose #650
• Use GNU tar on macOS if available #701

v2.1.3

• Upgrades @actions/core to v1.2.6 for CVE-2020-15228. This action was not using the affected methods.
• Fix error handling in uploadChunk where 400-level errors were not being detected and handled correctly

v2.1.2

• Adds input to limit the chunk upload size, useful for self-hosted runners with slower upload speeds
• No-op when executing on GHES

v2.1.1

• Update @actions/cache package to v1.0.2 which allows cache action to use posix format when taring files.

v2.1.0

• Replaces the http-client with the Azure Storage SDK for NodeJS when downloading cache content from Azure. This should help improve download performance and reliability as the SDK downloads files in 4 MB chunks, which can be parallelized and retried independently
• Display download progress and speed

Changelog

Sourced from actions/cache's changelog.

Releases

3.0.0

• Updated minimum runner version support from node 12 -> node 16

3.0.1

• Added support for caching from GHES 3.5.
• Fixed download issue for files > 2GB during restore.

3.0.2

• Added support for dynamic cache size cap on GHES.

3.0.3

• Fixed avoiding empty cache save when no files are available for caching. (issue)

3.0.4

• Fixed tar creation error while trying to create tar with path as ~/ home folder on ubuntu-latest. (issue)

3.0.5

• Removed error handling by consuming actions/cache 3.0 toolkit, Now cache server error handling will be done by toolkit. (PR)

3.0.6

• Fixed #809 - zstd -d: no such file or directory error
• Fixed #833 - cache doesn't work with github workspace directory

3.0.7

• Fixed #810 - download stuck issue. A new timeout is introduced in the download process to abort the download if it gets stuck and doesn't finish within an hour.

3.0.8

• Fix zstd not working for windows on gnu tar in issues #888 and #891.
• Allowing users to provide a custom timeout as input for aborting download of a cache segment using an environment variable SEGMENT_DOWNLOAD_TIMEOUT_MINS. Default is 60 minutes.

3.0.9

• Enhanced the warning message for cache unavailablity in case of GHES.

3.0.10

• Fix a bug with sorting inputs.
• Update definition for restore-keys in README.md

... (truncated)

Commits

• 704facf Merge pull request #1236 from actions/bethanyj28/bump-version
• 17e2888 Add to RELEASES.md
• 667d8fd bump action version to 3.3.2
• f7ebb81 Consume latest toolkit and fix dangling promise bug (#1217)
• 67b839e Merge pull request #1187 from jorendorff/jorendorff/rm-add-to-project
• 57f0e3f Remove actions to add new PRs and issues to a project board
• 04f198b Merge pull request #1132 from vorburger/bazel-example
• bd9b49b Merge branch 'main' into bazel-example
• ea05037 Merge pull request #1122 from actions/pdotl-patch-1
• 6a1a45d Merge branch 'main' into pdotl-patch-1
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (7a877f5) 100.00% compared to head (14ff120) 100.00%.

Additional details and impacted files

@@            Coverage Diff            @@
##            master       #55   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            4         4           
  Lines          125       125           
  Branches        21        21           
=========================================
  Hits           125       125           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.