Ingest v0.5.2 of @actions/artifact (#100 )

* npm install --update @actions/artifact * Update .licenses file * npm run release
Merge pull request #97 from actions/dependabot/npm_and_yarn/glob-parent-5.1.2
2021-06-16 16:19:05 -04:00 · 2021-06-16 16:06:52 -04:00 · 2021-06-16 16:06:23 -04:00 · 2021-06-16 16:06:06 -04:00 · 2021-06-16 16:05:29 -04:00 · 2021-06-16 16:01:04 -04:00
7 changed files with 1559 additions and 1566 deletions
@@ -2,6 +2,8 @@ name: "Code scanning - action"

 on:
  push:
+    branches-ignore: "dependabot/**"
+  pull_request:
    paths-ignore:
      - '**.md'
  schedule:
@@ -1,6 +1,6 @@
 ---
 name: "@actions/artifact"
-version: 0.5.0
+version: 0.5.2
 type: npm
 summary: Actions artifact lib
 homepage: https://github.com/actions/toolkit/tree/main/packages/artifact
@@ -1,6 +1,6 @@
 ---
 name: "@actions/http-client"
-version: 1.0.9
+version: 1.0.11
 type: npm
 summary: Actions Http Client
 homepage: https://github.com/actions/http-client#readme
@@ -63,7 +63,7 @@ When using `download-artifact@v1`, a directory denoted by the name of the artifa
          ... contents of my-artifact
 ```

-With `v2`, there is no longer an extra directory that is created if the `path` input is not provided. All the contents are downloaded to the current working directory.
+With `v2`, when an artifact is specified by the `name` input, there is no longer an extra directory that is created if the `path` input is not provided. All the contents are downloaded to the current working directory.
 ```
   current/working/directory/
      ... contents of my-artifact
@@ -5,25 +5,15 @@
  "requires": true,
  "dependencies": {
    "@actions/artifact": {
-      "version": "0.5.0",
-      "resolved": "https://registry.npmjs.org/@actions/artifact/-/artifact-0.5.0.tgz",
-      "integrity": "sha512-uo9zlqm8sZBysFVaBZh8iAe2xNf9x2fDQZZMHiKyBEShvCB2S2nA4+Kt3Xsi9eG5O1E8fVMwEVuwLR3/Zy3mrA==",
+      "version": "0.5.2",
+      "resolved": "https://registry.npmjs.org/@actions/artifact/-/artifact-0.5.2.tgz",
+      "integrity": "sha512-q/r8WSqyxBJ0ffLCRrtjCBTGnAYqP+ID4yG7f7YSlhrQ4thNg/d+Tq9f1YkLPKX46ZR97OWtGDY+oU/nxcqvLw==",
      "requires": {
        "@actions/core": "^1.2.6",
-        "@actions/http-client": "^1.0.7",
+        "@actions/http-client": "^1.0.11",
        "@types/tmp": "^0.1.0",
        "tmp": "^0.1.0",
        "tmp-promise": "^2.0.2"
-      },
-      "dependencies": {
-        "tmp": {
-          "version": "0.1.0",
-          "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.1.0.tgz",
-          "integrity": "sha512-J7Z2K08jbGcdA1kkQpJSqLF6T0tdQqpR2pnSUXsIchbPdTI9v3e85cLW0d6WDhwuAleOV71j2xWs8qMPfK7nKw==",
-          "requires": {
-            "rimraf": "^2.6.3"
-          }
-        }
      }
    },
    "@actions/core": {
@@ -32,9 +22,9 @@
      "integrity": "sha512-ZQYitnqiyBc3D+k7LsgSBmMDVkOVidaagDG7j3fOym77jNunWRuYx7VSHa9GNfFZh+zh61xsCjRj4JxMZlDqTA=="
    },
    "@actions/http-client": {
-      "version": "1.0.9",
-      "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-1.0.9.tgz",
-      "integrity": "sha512-0O4SsJ7q+MK0ycvXPl2e6bMXV7dxAXOGjrXS1eTF9s2S401Tp6c/P3c3Joz04QefC1J6Gt942Wl2jbm3f4mLcg==",
+      "version": "1.0.11",
+      "resolved": "https://registry.npmjs.org/@actions/http-client/-/http-client-1.0.11.tgz",
+      "integrity": "sha512-VRYHGQV1rqnROJqdMvGUbY/Kn8vriQe/F9HR2AlYHzmKuM/p3kjNuXhmdBfcVgsvRWTz5C5XW5xvndZrVBuAYg==",
      "requires": {
        "tunnel": "0.0.6"
      }
@@ -1164,9 +1154,9 @@
      }
    },
    "glob-parent": {
-      "version": "5.1.1",
-      "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.1.tgz",
-      "integrity": "sha512-FnI+VGOpnlGHWZxthPGR+QhR78fuiK0sNLkHQv+bL9fQi57lNNdquIbna/WrfROrolq8GK5Ek6BiMwqL/voRYQ==",
+      "version": "5.1.2",
+      "resolved": "https://registry.npmjs.org/glob-parent/-/glob-parent-5.1.2.tgz",
+      "integrity": "sha512-AOIgSQCepiJYwP3ARnGx+5VnTu2HBYdzbGP45eLw1vr3zB3vZLeyed1sC9hnbcOc9/SrMyM5RPQrkGz4aS9Zow==",
      "dev": true,
      "requires": {
        "is-glob": "^4.0.1"
@@ -1231,9 +1221,9 @@
      "dev": true
    },
    "hosted-git-info": {
-      "version": "2.8.5",
-      "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.5.tgz",
-      "integrity": "sha512-kssjab8CvdXfcXMXVcvsXum4Hwdq9XGtRD3TteMEvEbq0LXyiNQr6AprqKqfeaDXze7SxWvRxdpwE6ku7ikLkg==",
+      "version": "2.8.9",
+      "resolved": "https://registry.npmjs.org/hosted-git-info/-/hosted-git-info-2.8.9.tgz",
+      "integrity": "sha512-mxIDAb9Lsm6DoOJ7xH+5+X4y1LU/4Hi50L9C5sIswK3JzULS4bwk1FvjdBgvYR4bzT4tuUQiC15FE2f5HbLvYw==",
      "dev": true
    },
    "ignore": {
@@ -1455,9 +1445,9 @@
      }
    },
    "lodash": {
-      "version": "4.17.19",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.19.tgz",
-      "integrity": "sha512-JNvd8XER9GQX0v2qJgsaN/mzFCNA5BRe/j8JN9d+tWyGLSodKQHKFicdwNYzWwI3wjRnaKPsGj1XkBjx/F96DQ==",
+      "version": "4.17.21",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
+      "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
      "dev": true
    },
    "lru-cache": {
@@ -2126,22 +2116,20 @@
      "integrity": "sha1-f17oI66AUgfACvLfSoTsP8+lcLQ=",
      "dev": true
    },
+    "tmp": {
+      "version": "0.1.0",
+      "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.1.0.tgz",
+      "integrity": "sha512-J7Z2K08jbGcdA1kkQpJSqLF6T0tdQqpR2pnSUXsIchbPdTI9v3e85cLW0d6WDhwuAleOV71j2xWs8qMPfK7nKw==",
+      "requires": {
+        "rimraf": "^2.6.3"
+      }
+    },
    "tmp-promise": {
      "version": "2.1.1",
      "resolved": "https://registry.npmjs.org/tmp-promise/-/tmp-promise-2.1.1.tgz",
      "integrity": "sha512-Z048AOz/w9b6lCbJUpevIJpRpUztENl8zdv1bmAKVHimfqRFl92ROkmT9rp7TVBnrEw2gtMTol/2Cp2S2kJa4Q==",
      "requires": {
        "tmp": "0.1.0"
-      },
-      "dependencies": {
-        "tmp": {
-          "version": "0.1.0",
-          "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.1.0.tgz",
-          "integrity": "sha512-J7Z2K08jbGcdA1kkQpJSqLF6T0tdQqpR2pnSUXsIchbPdTI9v3e85cLW0d6WDhwuAleOV71j2xWs8qMPfK7nKw==",
-          "requires": {
-            "rimraf": "^2.6.3"
-          }
-        }
      }
    },
    "to-regex-range": {
@@ -2309,9 +2297,9 @@
      }
    },
    "y18n": {
-      "version": "4.0.0",
-      "resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.0.tgz",
-      "integrity": "sha512-r9S/ZyXu/Xu9q1tYlpsLIsa3EeLXXk0VwlxqTcFRfg9EhMW+17kbt9G0NrgCmhGb5vT2hyhJZLfDGx+7+5Uj/w==",
+      "version": "4.0.1",
+      "resolved": "https://registry.npmjs.org/y18n/-/y18n-4.0.1.tgz",
+      "integrity": "sha512-wNcy4NvjMYL8gogWWYAO7ZFWFfHcbdbE57tZO8e4cbpj8tfUcwrwqSl3ad8HxpYWCdXcJUCeKKZS62Av1affwQ==",
      "dev": true
    },
    "yallist": {
@@ -28,7 +28,7 @@
  },
  "homepage": "https://github.com/actions/download-artifact#readme",
  "dependencies": {
-    "@actions/artifact": "^0.5.0",
+    "@actions/artifact": "^0.5.2",
    "@actions/core": "^1.2.6"
  },
  "devDependencies": {
Author	SHA1	Message	Date
Brian Cristante	3be87be14a	Ingest v0.5.2 of @actions/artifact (#100 ) Test / Build (ubuntu-latest) (push) Failing after 3s Test / Build (macos-latest) (push) Has been cancelled Test / Build (windows-latest) (push) Has been cancelled * npm install --update @actions/artifact * Update .licenses file * npm run release	2021-06-16 16:19:05 -04:00
Brian Cristante	8bef1ad834	Merge pull request #97 from actions/dependabot/npm_and_yarn/glob-parent-5.1.2 Bump glob-parent from 5.1.1 to 5.1.2	2021-06-16 16:06:52 -04:00
Brian Cristante	2940e0d2ad	Merge pull request #92 from actions/dependabot/npm_and_yarn/hosted-git-info-2.8.9 Bump hosted-git-info from 2.8.5 to 2.8.9	2021-06-16 16:06:23 -04:00
Brian Cristante	bd90b34638	Merge pull request #91 from actions/dependabot/npm_and_yarn/lodash-4.17.21 Bump lodash from 4.17.19 to 4.17.21	2021-06-16 16:06:06 -04:00
Brian Cristante	3b6d0aba35	Merge pull request #99 from actions/brcrista/dependabot-push Don't trigger CodeQL on Dependabot push	2021-06-16 16:05:29 -04:00
Brian Cristante	46a6d6f216	Don't trigger CodeQL on Dependabot push	2021-06-16 16:01:04 -04:00
dependabot[bot]	246a0f4716	Bump glob-parent from 5.1.1 to 5.1.2 Bumps [glob-parent](https://github.com/gulpjs/glob-parent) from 5.1.1 to 5.1.2. - [Release notes](https://github.com/gulpjs/glob-parent/releases) - [Changelog](https://github.com/gulpjs/glob-parent/blob/main/CHANGELOG.md) - [Commits](https://github.com/gulpjs/glob-parent/compare/v5.1.1...v5.1.2) --- updated-dependencies: - dependency-name: glob-parent dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2021-06-11 13:14:19 +00:00
Robert Cannon	df388c92ce	Clarified the `v1` and `v2` differences (#96 ) The original text implies by supplying no inputs all files are placed in the root directory without added directories by focusing only on the `path` input. In practice, supplying no inputs results in the backwards compatible `v1` behavior of creating an extra parameter. This may be obvious in some scenarios and stated somewhat later in the document, but is less obvious when the "name" matches a filename for a single file artifact.	2021-05-21 21:20:10 +02:00
dependabot[bot]	87f717a35d	Bump hosted-git-info from 2.8.5 to 2.8.9 Bumps [hosted-git-info](https://github.com/npm/hosted-git-info) from 2.8.5 to 2.8.9. - [Release notes](https://github.com/npm/hosted-git-info/releases) - [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md) - [Commits](https://github.com/npm/hosted-git-info/compare/v2.8.5...v2.8.9) Signed-off-by: dependabot[bot] <support@github.com>	2021-05-11 17:16:23 +00:00
dependabot[bot]	ae445150c2	Bump lodash from 4.17.19 to 4.17.21 Bumps [lodash](https://github.com/lodash/lodash) from 4.17.19 to 4.17.21. - [Release notes](https://github.com/lodash/lodash/releases) - [Commits](https://github.com/lodash/lodash/compare/4.17.19...4.17.21) Signed-off-by: dependabot[bot] <support@github.com>	2021-05-11 12:10:53 +00:00
Konrad Pabjan	158ca71f7c	Bump @actions/artifact to version 0.5.1 (#85 ) Test / Build (macos-latest) (push) Has been cancelled Test / Build (ubuntu-latest) (push) Has been cancelled Test / Build (windows-latest) (push) Has been cancelled Code scanning - action / CodeQL-Build (push) Failing after 2s	2021-04-06 16:50:27 -04:00
dependabot[bot]	65bdb44741	Bump y18n from 4.0.0 to 4.0.1 (#84 ) Bumps [y18n](https://github.com/yargs/y18n) from 4.0.0 to 4.0.1. - [Release notes](https://github.com/yargs/y18n/releases) - [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md) - [Commits](https://github.com/yargs/y18n/commits) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2021-04-06 15:23:44 -04:00
Josh Gross	782e5ae9ea	Merge pull request #81 from rneatherway/codeql-add-pull-request-trigger Add on: pull_request trigger to CodeQL workflow	2021-01-14 18:42:16 -05:00
Robin Neatherway	a6ff13d56d	Add on: pull_request trigger to CodeQL workflow From February 2021, in order to provide feedback on pull requests, Code Scanning workflows must be configured with both `push` and `pull_request` triggers. This is because Code Scanning compares the results from a pull request against the results for the base branch to tell you only what has changed between the two. Early in the beta period we supported displaying results on pull requests for workflows with only `push` triggers, but have discontinued support as this proved to be less robust. See https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#scanning-pull-requests for more information on how best to configure your Code Scanning workflows.	2021-01-13 11:19:52 +00:00