KEMBAR78
Revert "Add printing of the lockfile after installation" by eregon · Pull Request #789 · ruby/setup-ruby · GitHub
Skip to content

Conversation

@eregon
Copy link
Member

@eregon eregon commented Jul 25, 2025

@eregon eregon merged commit 0ecad18 into master Jul 25, 2025
380 checks passed
mergify bot added a commit to robfrank/linklift that referenced this pull request Aug 15, 2025
…updates [skip ci]

Bumps the github-actions group with 8 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [actions/cache](https://github.com/actions/cache) | `4.2.3` | `4.2.4` |
| [docker/login-action](https://github.com/docker/login-action) | `3.4.0` | `3.5.0` |
| [graalvm/setup-graalvm](https://github.com/graalvm/setup-graalvm) | `1.3.4` | `1.3.5` |
| [mikepenz/release-changelog-builder-action](https://github.com/mikepenz/release-changelog-builder-action) | `5.3.1` | `5.4.1` |
| [dorny/test-reporter](https://github.com/dorny/test-reporter) | `2.1.0` | `2.1.1` |
| [anchore/scan-action](https://github.com/anchore/scan-action) | `6.4.0` | `6.5.1` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.29.2` | `3.29.8` |
| [ruby/setup-ruby](https://github.com/ruby/setup-ruby) | `1.245.0` | `1.254.0` |
Updates `actions/cache` from 4.2.3 to 4.2.4
Release notes

*Sourced from [actions/cache's releases](https://github.com/actions/cache/releases).*

> v4.2.4
> ------
>
> What's Changed
> --------------
>
> * Update README.md by [`@​nebuk89`](https://github.com/nebuk89) in [actions/cache#1620](https://redirect.github.com/actions/cache/pull/1620)
> * Upgrade `@actions/cache` to `4.0.5` and move `@protobuf-ts/plugin` to dev depdencies by [`@​Link`](https://github.com/Link)- in [actions/cache#1634](https://redirect.github.com/actions/cache/pull/1634)
> * Prepare release `4.2.4` by [`@​Link`](https://github.com/Link)- in [actions/cache#1636](https://redirect.github.com/actions/cache/pull/1636)
>
> New Contributors
> ----------------
>
> * [`@​nebuk89`](https://github.com/nebuk89) made their first contribution in [actions/cache#1620](https://redirect.github.com/actions/cache/pull/1620)
>
> **Full Changelog**: <actions/cache@v4...v4.2.4>


Changelog

*Sourced from [actions/cache's changelog](https://github.com/actions/cache/blob/main/RELEASES.md).*

> Releases
> ========
>
> ### 4.2.4
>
> * Bump `@actions/cache` to v4.0.5
>
> ### 4.2.3
>
> * Bump `@actions/cache` to v4.0.3 (obfuscates SAS token in debug logs for cache entries)
>
> ### 4.2.2
>
> * Bump `@actions/cache` to v4.0.2
>
> ### 4.2.1
>
> * Bump `@actions/cache` to v4.0.1
>
> ### 4.2.0
>
> TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. [actions/cache](https://github.com/actions/cache) now integrates with the new cache service (v2) APIs.
>
> The new service will gradually roll out as of **February 1st, 2025**. The legacy service will also be sunset on the same date. Changes in these release are **fully backward compatible**.
>
> **We are deprecating some versions of this action**. We recommend upgrading to version `v4` or `v3` as soon as possible before **February 1st, 2025.** (Upgrade instructions below).
>
> If you are using pinned SHAs, please use the SHAs of versions `v4.2.0` or `v3.4.0`
>
> If you do not upgrade, all workflow runs using any of the deprecated [actions/cache](https://github.com/actions/cache) will fail.
>
> Upgrading to the recommended versions will not break your workflows.
>
> ### 4.1.2
>
> * Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - [#1474](https://redirect.github.com/actions/cache/pull/1474)
> * Security fix: Bump braces from 3.0.2 to 3.0.3 - [#1475](https://redirect.github.com/actions/cache/pull/1475)
>
> ### 4.1.1
>
> * Restore original behavior of `cache-hit` output - [#1467](https://redirect.github.com/actions/cache/pull/1467)
>
> ### 4.1.0
>
> * Ensure `cache-hit` output is set when a cache is missed - [#1404](https://redirect.github.com/actions/cache/pull/1404)
> * Deprecate `save-always` input - [#1452](https://redirect.github.com/actions/cache/pull/1452)
>
> ### 4.0.2
>
> * Fixed restore `fail-on-cache-miss` not working.

... (truncated)


Commits

* [`0400d5f`](actions/cache@0400d5f) Merge pull request [#1636](https://redirect.github.com/actions/cache/issues/1636) from actions/Link-/release-4.2.4
* [`374a27f`](actions/cache@374a27f) Prepare release 4.2.4
* [`358a730`](actions/cache@358a730) Merge pull request [#1634](https://redirect.github.com/actions/cache/issues/1634) from actions/Link-/optimise-deps
* [`2ee706e`](actions/cache@2ee706e) Fix with another approach
* [`94f7b5d`](actions/cache@94f7b5d) Fix bundle exec
* [`c36116c`](actions/cache@c36116c) Fix the workflow to use licensed from source
* [`320fe7d`](actions/cache@320fe7d) Update the licensed workflow to use the latest version
* [`d81cc47`](actions/cache@d81cc47) Add licensed output
* [`de24398`](actions/cache@de24398) Add licensed output
* [`e7b6a9c`](actions/cache@e7b6a9c) `@​protobuf-ts/plugin` to dev dependencies
* Additional commits viewable in [compare view](actions/cache@5a3ec84...0400d5f)
  
Updates `docker/login-action` from 3.4.0 to 3.5.0
Release notes

*Sourced from [docker/login-action's releases](https://github.com/docker/login-action/releases).*

> v3.5.0
> ------
>
> * Support dual-stack endpoints for AWS ECR by [`@​Spacefish`](https://github.com/Spacefish) [`@​crazy-max`](https://github.com/crazy-max) in [docker/login-action#874](https://redirect.github.com/docker/login-action/pull/874) [docker/login-action#876](https://redirect.github.com/docker/login-action/pull/876)
> * Bump `@​aws-sdk/client-ecr` to 3.859.0 in [docker/login-action#860](https://redirect.github.com/docker/login-action/pull/860) [docker/login-action#878](https://redirect.github.com/docker/login-action/pull/878)
> * Bump `@​aws-sdk/client-ecr-public` to 3.859.0 in [docker/login-action#860](https://redirect.github.com/docker/login-action/pull/860) [docker/login-action#878](https://redirect.github.com/docker/login-action/pull/878)
> * Bump `@​docker/actions-toolkit` from 0.57.0 to 0.62.1 in [docker/login-action#870](https://redirect.github.com/docker/login-action/pull/870)
> * Bump form-data from 2.5.1 to 2.5.5 in [docker/login-action#875](https://redirect.github.com/docker/login-action/pull/875)
>
> **Full Changelog**: <docker/login-action@v3.4.0...v3.5.0>


Commits

* [`184bdaa`](docker/login-action@184bdaa) Merge pull request [#878](https://redirect.github.com/docker/login-action/issues/878) from docker/dependabot/npm\_and\_yarn/aws-sdk-dependenc...
* [`5c6bc94`](docker/login-action@5c6bc94) chore: update generated content
* [`caf4058`](docker/login-action@caf4058) build(deps): bump the aws-sdk-dependencies group with 2 updates
* [`ef38ec3`](docker/login-action@ef38ec3) Merge pull request [#860](https://redirect.github.com/docker/login-action/issues/860) from docker/dependabot/npm\_and\_yarn/aws-sdk-dependenc...
* [`d52e8ef`](docker/login-action@d52e8ef) chore: update generated content
* [`9644ab7`](docker/login-action@9644ab7) build(deps): bump the aws-sdk-dependencies group with 2 updates
* [`7abd1d5`](docker/login-action@7abd1d5) Merge pull request [#875](https://redirect.github.com/docker/login-action/issues/875) from docker/dependabot/npm\_and\_yarn/form-data-2.5.5
* [`1a81202`](docker/login-action@1a81202) Merge pull request [#876](https://redirect.github.com/docker/login-action/issues/876) from crazy-max/aws-public-dual-stack
* [`d1ab30d`](docker/login-action@d1ab30d) chore: update generated content
* [`f25ff28`](docker/login-action@f25ff28) support dual-stack for aws public ecr
* Additional commits viewable in [compare view](docker/login-action@74a5d14...184bdaa)
  
Updates `graalvm/setup-graalvm` from 1.3.4 to 1.3.5
Release notes

*Sourced from [graalvm/setup-graalvm's releases](https://github.com/graalvm/setup-graalvm/releases).*

> v1.3.5
> ------
>
> What's Changed
> --------------
>
> * Update dependencies by [`@​fniephaus`](https://github.com/fniephaus) in [graalvm/setup-graalvm#167](https://redirect.github.com/graalvm/setup-graalvm/pull/167)
> * Revise `README.md`. by [`@​fniephaus`](https://github.com/fniephaus) in [graalvm/setup-graalvm#169](https://redirect.github.com/graalvm/setup-graalvm/pull/169)
> * Bump the npm-development group with 10 updates by [`@​dependabot`](https://github.com/dependabot)[bot] in [graalvm/setup-graalvm#170](https://redirect.github.com/graalvm/setup-graalvm/pull/170)
> * Bump eslint-plugin-jest from 28.12.0 to 29.0.1 by [`@​dependabot`](https://github.com/dependabot)[bot] in [graalvm/setup-graalvm#171](https://redirect.github.com/graalvm/setup-graalvm/pull/171)
> * Bump form-data from 2.5.3 to 2.5.5 by [`@​dependabot`](https://github.com/dependabot)[bot] in [graalvm/setup-graalvm#172](https://redirect.github.com/graalvm/setup-graalvm/pull/172)
> * Bump version to `1.3.5`. by [`@​fniephaus`](https://github.com/fniephaus) in [graalvm/setup-graalvm#173](https://redirect.github.com/graalvm/setup-graalvm/pull/173)
>
> **Full Changelog**: <graalvm/setup-graalvm@v1.3.4...v1.3.5>


Commits

* [`7f488cf`](graalvm/setup-graalvm@7f488cf) Bump version to `1.3.5`.
* [`372a804`](graalvm/setup-graalvm@372a804) Use `@actions/github` instead of `@octokit/core`.
* [`356b5a6`](graalvm/setup-graalvm@356b5a6) Avoid a warning during testing.
* [`6d95698`](graalvm/setup-graalvm@6d95698) Upgrade packages.
* [`c7293b6`](graalvm/setup-graalvm@c7293b6) Ensure tests run with token.
* [`a13b739`](graalvm/setup-graalvm@a13b739) Bump form-data from 2.5.3 to 2.5.5
* [`7de2d09`](graalvm/setup-graalvm@7de2d09) Bump eslint-plugin-jest from 28.12.0 to 29.0.1
* [`d7feb9d`](graalvm/setup-graalvm@d7feb9d) Bump the npm-development group with 10 updates
* [`63e0340`](graalvm/setup-graalvm@63e0340) Revise `README.md`. ([#169](https://redirect.github.com/graalvm/setup-graalvm/issues/169))
* [`8ea6c1f`](graalvm/setup-graalvm@8ea6c1f) Update dependencies
* See full diff in [compare view](graalvm/setup-graalvm@e1df20a...7f488cf)
  
Updates `mikepenz/release-changelog-builder-action` from 5.3.1 to 5.4.1
Release notes

*Sourced from [mikepenz/release-changelog-builder-action's releases](https://github.com/mikepenz/release-changelog-builder-action/releases).*

> v5.4.1
> ------
>
> 💬 Other
> -------
>
> * Improve CI test run report
>   + PR: [#1463](https://redirect.github.com/mikepenz/release-changelog-builder-action/issues/1463)
>
> 📦 Dependencies
> --------------
>
> * Upgrade dependencies
>   + PR: [#1462](https://redirect.github.com/mikepenz/release-changelog-builder-action/issues/1462)
>
> Contributors:
> -------------
>
> * [`@​mikepenz`](https://github.com/mikepenz)
>
> v5.4.0
> ------
>
> 🚀 Features
> ----------
>
> * Add new `offlineMode`
>   + PR: [#1460](https://redirect.github.com/mikepenz/release-changelog-builder-action/issues/1460)
>
> Contributors:
> -------------
>
> * [`@​mikepenz`](https://github.com/mikepenz)


Commits

* [`c9dc836`](mikepenz/release-changelog-builder-action@c9dc836) Merge pull request [#1465](https://redirect.github.com/mikepenz/release-changelog-builder-action/issues/1465) from mikepenz/develop
* [`825abd1`](mikepenz/release-changelog-builder-action@825abd1) Merge pull request [#1463](https://redirect.github.com/mikepenz/release-changelog-builder-action/issues/1463) from mikepenz/ci/impr
* [`59e4e52`](mikepenz/release-changelog-builder-action@59e4e52) Merge pull request [#1462](https://redirect.github.com/mikepenz/release-changelog-builder-action/issues/1462) from mikepenz/feature/dependency\_upgrades
* [`e1c7bbf`](mikepenz/release-changelog-builder-action@e1c7bbf) - combined run for tests to get a full report
* [`981311d`](mikepenz/release-changelog-builder-action@981311d) - upgrade dependencies `globals`, and ton of dev dependencies
* [`e97a713`](mikepenz/release-changelog-builder-action@e97a713) Merge pull request [#1461](https://redirect.github.com/mikepenz/release-changelog-builder-action/issues/1461) from mikepenz/develop
* [`af5898d`](mikepenz/release-changelog-builder-action@af5898d) Merge pull request [#1460](https://redirect.github.com/mikepenz/release-changelog-builder-action/issues/1460) from mikepenz/feature/1459
* [`6c979ed`](mikepenz/release-changelog-builder-action@6c979ed) - also test the offline variant
* [`8357bc6`](mikepenz/release-changelog-builder-action@8357bc6) - make sure we reset env prior to the next test
* [`0f359e3`](mikepenz/release-changelog-builder-action@0f359e3) - apply codeQL rule
* Additional commits viewable in [compare view](mikepenz/release-changelog-builder-action@5fb6e51...c9dc836)
  
Updates `dorny/test-reporter` from 2.1.0 to 2.1.1
Release notes

*Sourced from [dorny/test-reporter's releases](https://github.com/dorny/test-reporter/releases).*

> v2.1.1
> ------
>
> A bug fix release of the `test-reporter` action.
>
> What's Changed
> --------------
>
> * Use if: '!cancelled()' by [`@​Vampire`](https://github.com/Vampire) in [dorny/test-reporter#576](https://redirect.github.com/dorny/test-reporter/pull/576)
> * Update packages to latest minor releases by [`@​jozefizso`](https://github.com/jozefizso) in [dorny/test-reporter#599](https://redirect.github.com/dorny/test-reporter/pull/599)
> * Add step summary short summary by [`@​OlesGalatsan`](https://github.com/OlesGalatsan) in [dorny/test-reporter#589](https://redirect.github.com/dorny/test-reporter/pull/589)
> * Return links to summary report by [`@​OlesGalatsan`](https://github.com/OlesGalatsan) in [dorny/test-reporter#588](https://redirect.github.com/dorny/test-reporter/pull/588)
> * Add type definitions to `github-utils.ts` by [`@​jozefizso`](https://github.com/jozefizso) in [dorny/test-reporter#604](https://redirect.github.com/dorny/test-reporter/pull/604)
> * Configure markdown linting rules by [`@​jozefizso`](https://github.com/jozefizso) in [dorny/test-reporter#605](https://redirect.github.com/dorny/test-reporter/pull/605)
> * List only failed tests by [`@​jozefizso`](https://github.com/jozefizso) in [dorny/test-reporter#606](https://redirect.github.com/dorny/test-reporter/pull/606)
> * Add stack trace from trx to summary by [`@​dboriichuk`](https://github.com/dboriichuk) in [dorny/test-reporter#615](https://redirect.github.com/dorny/test-reporter/pull/615)
> * Update development dependencies by [`@​jozefizso`](https://github.com/jozefizso) in [dorny/test-reporter#628](https://redirect.github.com/dorny/test-reporter/pull/628)
> * Fix error when a TestMethod element does not have a className attribute in a trx file by [`@​0xced`](https://github.com/0xced) in [dorny/test-reporter#623](https://redirect.github.com/dorny/test-reporter/pull/623)
> * test-reporter release v2.1.1 by [`@​jozefizso`](https://github.com/jozefizso) in [dorny/test-reporter#638](https://redirect.github.com/dorny/test-reporter/pull/638)
>
> New Contributors
> ----------------
>
> * [`@​dboriichuk`](https://github.com/dboriichuk) made their first contribution in [dorny/test-reporter#615](https://redirect.github.com/dorny/test-reporter/pull/615)
> * [`@​0xced`](https://github.com/0xced) made their first contribution in [dorny/test-reporter#623](https://redirect.github.com/dorny/test-reporter/pull/623)
>
> **Full Changelog**: <dorny/test-reporter@v2.1.0...v2.1.1>


Changelog

*Sourced from [dorny/test-reporter's changelog](https://github.com/dorny/test-reporter/blob/main/CHANGELOG.md).*

> Changelog
> =========
>
> 2.1.1
> -----
>
> * Fix error when a TestMethod element does not have a className attribute in a trx file [dorny/test-reporter#623](https://redirect.github.com/dorny/test-reporter/pull/623)
> * Add stack trace from trx to summary [dorny/test-reporter#615](https://redirect.github.com/dorny/test-reporter/pull/615)
> * List only failed tests [dorny/test-reporter#606](https://redirect.github.com/dorny/test-reporter/pull/606)
> * Add type definitions to `github-utils.ts` [dorny/test-reporter#604](https://redirect.github.com/dorny/test-reporter/pull/604)
> * Avoid split on undefined [dorny/test-reporter#258](https://redirect.github.com/dorny/test-reporter/pull/258)
> * Return links to summary report [dorny/test-reporter#588](https://redirect.github.com/dorny/test-reporter/pull/588)
> * Add step summary short summary [dorny/test-reporter#589](https://redirect.github.com/dorny/test-reporter/pull/589)
> * Fix for empty TRX TestDefinitions [dorny/test-reporter#582](https://redirect.github.com/dorny/test-reporter/pull/582)
> * Increase step summary limit to 1MiB [dorny/test-reporter#581](https://redirect.github.com/dorny/test-reporter/pull/581)
> * Fix input description for list options [dorny/test-reporter#572](https://redirect.github.com/dorny/test-reporter/pull/572)
>
> 2.1.0
> -----
>
> * Feature: Add summary title [dorny/test-reporter#568](https://redirect.github.com/dorny/test-reporter/pull/568)
> * Feature: Add Golang test parser [dorny/test-reporter#571](https://redirect.github.com/dorny/test-reporter/pull/571)
> * Increase step summary limit to 1MiB [dorny/test-reporter#581](https://redirect.github.com/dorny/test-reporter/pull/581)
> * Fix for empty TRX TestDefinitions [dorny/test-reporter#582](https://redirect.github.com/dorny/test-reporter/pull/582)
> * Fix input description for list options [dorny/test-reporter#572](https://redirect.github.com/dorny/test-reporter/pull/572)
> * Update npm packages [dorny/test-reporter#583](https://redirect.github.com/dorny/test-reporter/pull/583)
>
> 2.0.0
> -----
>
> * Parse JUnit report with detailed message in failure [dorny/test-reporter#559](https://redirect.github.com/dorny/test-reporter/pull/559)
> * Support displaying test results in markdown using GitHub Actions Job Summaries [dorny/test-reporter#383](https://redirect.github.com/dorny/test-reporter/pull/383)
>
> 1.9.1
> -----
>
> * Fix problematic retransmission of authentication token [dorny/test-reporter#438](https://redirect.github.com/dorny/test-reporter/pull/438)
> * Report correct number of tests in Dart [dorny/test-reporter#426](https://redirect.github.com/dorny/test-reporter/pull/426)
> * Number of completed tests mismatches passed/failed [dorny/test-reporter#319](https://redirect.github.com/dorny/test-reporter/issues/319)
>
> 1.9.0
> -----
>
> * Add support for Rspec (Ruby) [dorny/test-reporter#398](https://redirect.github.com/dorny/test-reporter/pull/398)
>
> 1.8.0
> -----
>
> * Add `SwiftXunitParser` class based on `JavaJunitParser` for `swift-xunit` reporter [dorny/test-reporter#317](https://redirect.github.com/dorny/test-reporter/pull/317)
> * Use NodeJS 18 LTS as default runtime [dorny/test-reporter#332](https://redirect.github.com/dorny/test-reporter/pull/332)
> * Escape `<>` characters in suite name [dorny/test-reporter#236](https://redirect.github.com/dorny/test-reporter/pull/236)
> * Update actions runtime to Node20 [dorny/test-reporter#315](https://redirect.github.com/dorny/test-reporter/pull/315)
> * Update check title and remove icon [dorny/test-reporter#144](https://redirect.github.com/dorny/test-reporter/pull/144)
>
> 1.7.0
> -----
>
> * Fix [#199](https://redirect.github.com/dorny/test-reporter/issues/199): Use ✅ instead of ✔️ for better cross platform look by [`@​petrdvorak`](https://github.com/petrdvorak) in [dorny/test-reporter#200](https://redirect.github.com/dorny/test-reporter/pull/200)
> * Verify content of dist/ folder matches build output by [`@​dorny`](https://github.com/dorny) in [dorny/test-reporter#207](https://redirect.github.com/dorny/test-reporter/pull/207)
> * Gracefully handle empty nested testsuite elements for JUnit. by [`@​rvdlaarschot`](https://github.com/rvdlaarschot) in [dorny/test-reporter#193](https://redirect.github.com/dorny/test-reporter/pull/193)
> * Gracefully handle empty failure tags by [`@​haudren-woven`](https://github.com/haudren-woven) in [dorny/test-reporter#213](https://redirect.github.com/dorny/test-reporter/pull/213)
> * Fix [#208](https://redirect.github.com/dorny/test-reporter/issues/208) - java-junit: show annotations on PR changed files by [`@​atsu85`](https://github.com/atsu85) in [dorny/test-reporter#209](https://redirect.github.com/dorny/test-reporter/pull/209)
> * Only report failure if fail-on-error is set by [`@​trond-snekvik`](https://github.com/trond-snekvik) in [dorny/test-reporter#214](https://redirect.github.com/dorny/test-reporter/pull/214)
> * Improve clarity on configuring for forkable repos by [`@​abelbraaksma`](https://github.com/abelbraaksma) in [dorny/test-reporter#211](https://redirect.github.com/dorny/test-reporter/pull/211)
> * Suppress "Processing test results from" log by [`@​vasanthdharmaraj`](https://github.com/vasanthdharmaraj) in [dorny/test-reporter#179](https://redirect.github.com/dorny/test-reporter/pull/179)

... (truncated)


Commits

* [`dc3a926`](dorny/test-reporter@dc3a926) test-reporter release v2.1.1
* [`e8e2736`](dorny/test-reporter@e8e2736) test-reporter release v2.1.1
* [`ec9d9d2`](dorny/test-reporter@ec9d9d2) Merge pull request [#623](https://redirect.github.com/dorny/test-reporter/issues/623) from 0xced/xunitv3-trx
* [`be36461`](dorny/test-reporter@be36461) Fix code formatting in the `dotnet-trx.tests.ts` file
* [`8dd7047`](dorny/test-reporter@8dd7047) Merge pull request [#628](https://redirect.github.com/dorny/test-reporter/issues/628) from dorny/chore/update\_packages
* [`71814ae`](dorny/test-reporter@71814ae) Update development dependencies
* [`4128d36`](dorny/test-reporter@4128d36) Use "Unclassified" when no class name is available
* [`d1504ea`](dorny/test-reporter@d1504ea) Add test on a trx report where the className attribute of TestMethod is missing
* [`18430db`](dorny/test-reporter@18430db) Merge pull request [#615](https://redirect.github.com/dorny/test-reporter/issues/615) from dboriichuk/trx-stack-trace-summary
* [`ae8bd19`](dorny/test-reporter@ae8bd19) Add stack tracke to summary
* Additional commits viewable in [compare view](dorny/test-reporter@890a17c...dc3a926)
  
Updates `anchore/scan-action` from 6.4.0 to 6.5.1
Release notes

*Sourced from [anchore/scan-action's releases](https://github.com/anchore/scan-action/releases).*

> v6.5.1
> ------
>
> New in scan-action v6.5.1
> -------------------------
>
> * Update Grype to v0.97.1 ([#495](https://redirect.github.com/anchore/scan-action/issues/495))
>
> v6.5.0
> ------
>
> New in scan-action v6.5.0
> -------------------------
>
> * Update Grype to v0.96.1 ([#493](https://redirect.github.com/anchore/scan-action/issues/493)) [[[anchore-actions-token-generator[bot]](https://github.com/apps/anchore-actions-token-generator)]([https://github.com/[anchore-actions-token-generator[bot]](https://github.com/apps/anchore-actions-token-generator))]](https://github.com/%5Banchore-actions-token-generator%5Bbot%5D%5D(https://github.com/apps/anchore-actions-token-generator))%5D)
> * fix: output stderr for nonzero exit code ([#491](https://redirect.github.com/anchore/scan-action/issues/491)) [[kzantow](https://github.com/kzantow)]


Commits

* [`1638637`](anchore/scan-action@1638637) chore(deps-dev): bump eslint from 9.31.0 to 9.32.0 ([#494](https://redirect.github.com/anchore/scan-action/issues/494))
* [`a834544`](anchore/scan-action@a834544) chore(deps): update Grype to v0.97.1 ([#495](https://redirect.github.com/anchore/scan-action/issues/495))
* [`df39580`](anchore/scan-action@df39580) chore(deps-dev): bump jest from 30.0.4 to 30.0.5 ([#492](https://redirect.github.com/anchore/scan-action/issues/492))
* [`e4ff89e`](anchore/scan-action@e4ff89e) chore(deps): update Grype to v0.96.1 ([#493](https://redirect.github.com/anchore/scan-action/issues/493))
* [`b8370fa`](anchore/scan-action@b8370fa) fix: output stderr to log, more accurate nonzero exit code behavior ([#491](https://redirect.github.com/anchore/scan-action/issues/491))
* [`a0ef9a0`](anchore/scan-action@a0ef9a0) chore(deps-dev): bump jest from 30.0.3 to 30.0.4 ([#487](https://redirect.github.com/anchore/scan-action/issues/487))
* [`0fc8134`](anchore/scan-action@0fc8134) chore(deps-dev): bump eslint from 9.30.1 to 9.31.0 ([#488](https://redirect.github.com/anchore/scan-action/issues/488))
* [`0743469`](anchore/scan-action@0743469) chore(deps): update Grype to v0.96.0 ([#489](https://redirect.github.com/anchore/scan-action/issues/489))
* See full diff in [compare view](anchore/scan-action@16910ac...1638637)
  
Updates `github/codeql-action` from 3.29.2 to 3.29.8
Release notes

*Sourced from [github/codeql-action's releases](https://github.com/github/codeql-action/releases).*

> v3.29.8
> -------
>
> CodeQL Action Changelog
> =======================
>
> See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.
>
> 3.29.8 - 08 Aug 2025
> --------------------
>
> * Fix an issue where the Action would autodetect unsupported languages such as HTML. [#3015](https://redirect.github.com/github/codeql-action/pull/3015)
>
> See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.29.8/CHANGELOG.md) for more information.
>
> v3.29.7
> -------
>
> This is a re-release of v3.29.5 to mitigate an issue that was discovered with v3.29.6.
>
> v3.29.6
> -------
>
> CodeQL Action Changelog
> =======================
>
> See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.
>
> 3.29.6 - 07 Aug 2025
> --------------------
>
> * The `cleanup-level` input to the `analyze` Action is now deprecated. The CodeQL Action has written a limited amount of intermediate results to the database since version 2.2.5, and now automatically manages cleanup. [#2999](https://redirect.github.com/github/codeql-action/pull/2999)
> * Update default CodeQL bundle version to 2.22.3. [#3000](https://redirect.github.com/github/codeql-action/pull/3000)
>
> See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.29.6/CHANGELOG.md) for more information.
>
> v3.29.5
> -------
>
> CodeQL Action Changelog
> =======================
>
> See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.
>
> 3.29.5 - 29 Jul 2025
> --------------------
>
> * Update default CodeQL bundle version to 2.22.2. [#2986](https://redirect.github.com/github/codeql-action/pull/2986)
>
> See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.29.5/CHANGELOG.md) for more information.
>
> v3.29.4
> -------
>
> CodeQL Action Changelog
> =======================
>
> See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.
>
> 3.29.4 - 23 Jul 2025
> --------------------
>
> No user facing changes.
>
> See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v3.29.4/CHANGELOG.md) for more information.
>
> v3.29.3
> -------
>
> CodeQL Action Changelog
> =======================

... (truncated)


Changelog

*Sourced from [github/codeql-action's changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md).*

> CodeQL Action Changelog
> =======================
>
> See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.
>
> [UNRELEASED]
> ------------
>
> No user facing changes.
>
> 3.29.8 - 08 Aug 2025
> --------------------
>
> * Fix an issue where the Action would autodetect unsupported languages such as HTML. [#3015](https://redirect.github.com/github/codeql-action/pull/3015)
>
> 3.29.7 - 07 Aug 2025
> --------------------
>
> This release rolls back 3.29.6 to address issues with language autodetection. It is identical to 3.29.5.
>
> 3.29.6 - 07 Aug 2025
> --------------------
>
> * The `cleanup-level` input to the `analyze` Action is now deprecated. The CodeQL Action has written a limited amount of intermediate results to the database since version 2.2.5, and now automatically manages cleanup. [#2999](https://redirect.github.com/github/codeql-action/pull/2999)
> * Update default CodeQL bundle version to 2.22.3. [#3000](https://redirect.github.com/github/codeql-action/pull/3000)
>
> 3.29.5 - 29 Jul 2025
> --------------------
>
> * Update default CodeQL bundle version to 2.22.2. [#2986](https://redirect.github.com/github/codeql-action/pull/2986)
>
> 3.29.4 - 23 Jul 2025
> --------------------
>
> No user facing changes.
>
> 3.29.3 - 21 Jul 2025
> --------------------
>
> No user facing changes.
>
> 3.29.2 - 30 Jun 2025
> --------------------
>
> * Experimental: When the `quality-queries` input for the `init` action is provided with an argument, separate `.quality.sarif` files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. [#2935](https://redirect.github.com/github/codeql-action/pull/2935)
>
> 3.29.1 - 27 Jun 2025
> --------------------
>
> * Fix bug in PR analysis where user-provided `include` query filter fails to exclude non-included queries. [#2938](https://redirect.github.com/github/codeql-action/pull/2938)
> * Update default CodeQL bundle version to 2.22.1. [#2950](https://redirect.github.com/github/codeql-action/pull/2950)
>
> 3.29.0 - 11 Jun 2025
> --------------------
>
> * Update default CodeQL bundle version to 2.22.0. [#2925](https://redirect.github.com/github/codeql-action/pull/2925)
> * Bump minimum CodeQL bundle version to 2.16.6. [#2912](https://redirect.github.com/github/codeql-action/pull/2912)
>
> 3.28.21 - 28 July 2025
> ----------------------
>
> No user facing changes.

... (truncated)


Commits

* [`76621b6`](github/codeql-action@76621b6) Merge pull request [#3019](https://redirect.github.com/github/codeql-action/issues/3019) from github/update-v3.29.8-679a40d33
* [`29ac3ce`](github/codeql-action@29ac3ce) Add release notes for 3.29.7
* [`737cfde`](github/codeql-action@737cfde) Update changelog for v3.29.8
* [`679a40d`](github/codeql-action@679a40d) Merge pull request [#3014](https://redirect.github.com/github/codeql-action/issues/3014) from github/henrymercer/rebuild-dispatch
* [`6fe50b2`](github/codeql-action@6fe50b2) Merge pull request [#3015](https://redirect.github.com/github/codeql-action/issues/3015) from github/henrymercer/language-autodetection-worka...
* [`6bc91d6`](github/codeql-action@6bc91d6) Add changelog note
* [`6b4fedc`](github/codeql-action@6b4fedc) Bump Action patch version
* [`5794ffc`](github/codeql-action@5794ffc) Fix auto-detection of extractors that aren't languages
* [`bd62bf4`](github/codeql-action@bd62bf4) Finish in-progress merges
* [`2afb4e6`](github/codeql-action@2afb4e6) Avoid specifying branch unnecessarily
* Additional commits viewable in [compare view](github/codeql-action@181d5ee...76621b6)
  
Updates `ruby/setup-ruby` from 1.245.0 to 1.254.0
Release notes

*Sourced from [ruby/setup-ruby's releases](https://github.com/ruby/setup-ruby/releases).*

> v1.254.0
> --------
>
> What's Changed
> --------------
>
> * Bump form-data from 2.5.3 to 2.5.5 by [`@​dependabot`](https://github.com/dependabot)[bot] in [ruby/setup-ruby#782](https://redirect.github.com/ruby/setup-ruby/pull/782)
> * Bump brace-expansion from 1.1.11 to 1.1.12 by [`@​dependabot`](https://github.com/dependabot)[bot] in [ruby/setup-ruby#779](https://redirect.github.com/ruby/setup-ruby/pull/779)
> * Use case-insensitive key comparison for cache keys by [`@​BytewaveMLP`](https://github.com/BytewaveMLP) in [ruby/setup-ruby#660](https://redirect.github.com/ruby/setup-ruby/pull/660)
>
> New Contributors
> ----------------
>
> * [`@​BytewaveMLP`](https://github.com/BytewaveMLP) made their first contribution in [ruby/setup-ruby#660](https://redirect.github.com/ruby/setup-ruby/pull/660)
>
> **Full Changelog**: <ruby/setup-ruby@v1.253.0...v1.254.0>
>
> v1.253.0
> --------
>
> What's Changed
> --------------
>
> * Add printing of the lockfile after installation (retry) by [`@​Fryguy`](https://github.com/Fryguy) in [ruby/setup-ruby#790](https://redirect.github.com/ruby/setup-ruby/pull/790)
>
> **Full Changelog**: <ruby/setup-ruby@v1.252.0...v1.253.0>
>
> v1.252.0
> --------
>
> What's Changed
> --------------
>
> * Revert "Add printing of the lockfile after installation" by [`@​eregon`](https://github.com/eregon) in [ruby/setup-ruby#789](https://redirect.github.com/ruby/setup-ruby/pull/789)
>
> **Full Changelog**: <ruby/setup-ruby@v1.251.0...v1.252.0>
>
> v1.251.0
> --------
>
> What's Changed
> --------------
>
> * Add printing of the lockfile after installation by [`@​Fryguy`](https://github.com/Fryguy) in [ruby/setup-ruby#785](https://redirect.github.com/ruby/setup-ruby/pull/785)
>
> **Full Changelog**: <ruby/setup-ruby@v1.250.0...v1.251.0>
>
> v1.250.0
> --------
>
> What's Changed
> --------------
>
> * Update CRuby releases on Windows by [`@​ruby-builder-bot`](https://github.com/ruby-builder-bot) in [ruby/setup-ruby#786](https://redirect.github.com/ruby/setup-ruby/pull/786)
>
> **Full Changelog**: <ruby/setup-ruby@v1.249.0...v1.250.0>
>
> v1.249.0
> --------
>
> What's Changed
> --------------
>
> * Add ruby-3.2.9,ruby-3.3.9 by [`@​ruby-builder-bot`](https://github.com/ruby-builder-bot) in [ruby/setup-ruby#784](https://redirect.github.com/ruby/setup-ruby/pull/784)
>
> **Full Changelog**: <ruby/setup-ruby@v1.248.0...v1.249.0>
>
> v1.248.0
> --------
>
> What's Changed
> --------------
>
> * Add jruby-10.0.1.0 by [`@​ruby-builder-bot`](https://github.com/ruby-builder-bot) in [ruby/setup-ruby#781](https://redirect.github.com/ruby/setup-ruby/pull/781)

... (truncated)


Commits

* [`2a7b300`](ruby/setup-ruby@2a7b300) Rename to `isExactCacheKeyMatch`
* [`78876b7`](ruby/setup-ruby@78876b7) Use case-insensitive key comparsion for cache keys
* [`3ec1ec0`](ruby/setup-ruby@3ec1ec0) Bump brace-expansion from 1.1.11 to 1.1.12
* [`45dc484`](ruby/setup-ruby@45dc484) Bump form-data from 2.5.3 to 2.5.5
* [`bb6434c`](ruby/setup-ruby@bb6434c) Add non-null check
* [`ba9e71c`](ruby/setup-ruby@ba9e71c) Add printing of the lockfile after installation
* [`0ecad18`](ruby/setup-ruby@0ecad18) Revert "Add printing of the lockfile after installation"
* [`e8621f0`](ruby/setup-ruby@e8621f0) Add printing of the lockfile after installation
* [`bd6859c`](ruby/setup-ruby@bd6859c) Use core.group() instead of startGroup/endGroup
* [`223e443`](ruby/setup-ruby@223e443) Update CRuby releases on Windows
* Additional commits viewable in [compare view](ruby/setup-ruby@a4effe4...2a7b300)
  
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
  
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show  ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore  major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
- `@dependabot ignore  minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency
- `@dependabot unignore  ` will remove the ignore condition of the specified dependency and ignore conditions
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant