Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump rtCamp/action-slack-notify from 2.2.1 to 2.3.0 #2911

Merged
merged 6 commits into from
Aug 7, 2024
Merged

Bump rtCamp/action-slack-notify from 2.2.1 to 2.3.0 #2911

merged 6 commits into from
Aug 7, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 20, 2024
edited
Loading

Bumps rtCamp/action-slack-notify from 2.2.1 to 2.3.0.

Release notes

Sourced from rtCamp/action-slack-notify's releases.

Version 2.3.0

What's Changed

New Contributors

Full Changelog: rtCamp/action-slack-notify@v2.2.1...v2.3.0

Commits
  • 4e5fb42 Update action.yml for release
  • aa7ffed Merge pull request #167 from ohbarye/patch-1
  • 5aea5e5 Fix invalid reference format: repository name must be lowercase error
  • a7edf7e Add fix for uncleared spaces around variables and file uploads (#166)
  • df21811 Merge pull request #164 from L0RD-ZER0/master
  • 0d712e4 Update Dockerfile
  • f7a8970 Document ENABLE_ESCAPES environment variable flag
  • 3d999d9 Merge pull request #11 from L0RD-ZER0/#104
  • 78bd342 Merge pull request #10 from L0RD-ZER0/feature/app-tokens
  • 18b891d Add support for slack application tokens
  • Additional commits viewable in compare view

Dependabot compatibility score

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot requested review from a team as code owners March 20, 2024 02:23
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Mar 20, 2024
@dependabot dependabot bot removed the request for review from a team March 20, 2024 02:23
@dependabot dependabot bot added the github_actions Pull requests that update GitHub Actions code label Mar 20, 2024
@dependabot dependabot bot requested review from ademidoff, BupycHuk, idoqo and JiriCtvrtka and removed request for a team March 20, 2024 02:23
@github-actions github-actions bot enabled auto-merge (squash) March 20, 2024 02:23
@codecov Codecov
Copy link

codecov bot commented Mar 20, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 43.36%. Comparing base (c4631ba) to head (74cfa1d).
Report is 1 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #2911   +/-   ##
=======================================
  Coverage   43.35%   43.36%           
=======================================
  Files         399      399           
  Lines       41641    41641           
=======================================
+ Hits        18054    18056    +2     
+ Misses      21569    21568    -1     
+ Partials     2018     2017    -1
Flag Coverage Δ
admin 11.61% <ø> (ø)
agent 52.69% <ø> (ø)
vmproxy 66.66% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@ademidoff
Copy link
Member

ademidoff commented Mar 20, 2024
edited
Loading

@BupycHuk I wouldn't recommend to upgrade it because of this 3p dependency

@BupycHuk
Copy link
Member

@ademidoff what's wrong with that one?

@ademidoff
Copy link
Member

@ademidoff what's wrong with that one?

I'm trying to be security conscious, sometimes a bit more than minimally, not to allow actions calling other actions, which we have not seen before, nor tested. An action should be self-sufficient and do the job on its own. Otherwise, if we go that route we may unintentionally run into a supply chain attack which is not impossible with gh actions.

@dependabot dependabot bot force-pushed the dependabot/github_actions/rtCamp/action-slack-notify-2.3.0 branch from 1d04b29 to fc13d06 Compare March 22, 2024 10:24
@dependabot
Bump rtCamp/action-slack-notify from 2.2.1 to 2.3.0
15f2d5a 
Bumps [rtCamp/action-slack-notify](https://github.com/rtcamp/action-slack-notify) from 2.2.1 to 2.3.0.
- [Release notes](https://github.com/rtcamp/action-slack-notify/releases)
- [Commits](rtCamp/action-slack-notify@v2.2.1...v2.3.0)

---
updated-dependencies:
- dependency-name: rtCamp/action-slack-notify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/github_actions/rtCamp/action-slack-notify-2.3.0 branch from fc13d06 to 15f2d5a Compare April 5, 2024 09:27
@github-actions github-actions bot merged commit 4278bab into main Aug 7, 2024
30 of 31 checks passed
@github-actions github-actions bot deleted the dependabot/github_actions/rtCamp/action-slack-notify-2.3.0 branch August 7, 2024 08:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@JiriCtvrtka JiriCtvrtka JiriCtvrtka approved these changes

@BupycHuk BupycHuk BupycHuk approved these changes

@ademidoff ademidoff Awaiting requested review from ademidoff ademidoff is a code owner automatically assigned from percona/pmm-review-dependency

@idoqo idoqo Awaiting requested review from idoqo idoqo is a code owner automatically assigned from percona/pmm-review-be

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@ademidoff @BupycHuk @JiriCtvrtka