Bump crazy-max/ghaction-import-gpg from 5.2.0 to 5.3.0 (#21) · chainguard-dev/terraform-provider-cosign@4013e89

Commit

Bump crazy-max/ghaction-import-gpg from 5.2.0 to 5.3.0 (#21)

Bumps
[crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg)
from 5.2.0 to 5.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crazy-max/ghaction-import-gpg/releases">crazy-max/ghaction-import-gpg's
releases</a>.</em></p>
<blockquote>
<h2>v5.3.0</h2>
<ul>
<li>Add <code>trust_level</code> input to set private key trust level by
<a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in
<a
href="https://redirect.github.com/crazy-max/ghaction-import-gpg/pull/168">crazy-max/ghaction-import-gpg#168</a></li>
<li>Missing <code>name</code> output to action metadata by <a
href="https://github.com/dtan4"><code>@dtan4</code></a> in <a
href="https://redirect.github.com/crazy-max/ghaction-import-gpg/pull/154">crazy-max/ghaction-import-gpg#154</a></li>
<li>Update yarn to 3.5.1 by <a
href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/crazy-max/ghaction-import-gpg/pull/165">crazy-max/ghaction-import-gpg#165</a></li>
<li>Update dev dependencies by <a
href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a
href="https://redirect.github.com/crazy-max/ghaction-import-gpg/pull/167">crazy-max/ghaction-import-gpg#167</a></li>
<li>Bump openpgp from 5.5.0 to 5.8.0 in <a
href="https://redirect.github.com/crazy-max/ghaction-import-gpg/pull/164">crazy-max/ghaction-import-gpg#164</a></li>
<li>Bump minimatch from 3.0.4 to 3.1.2 in <a
href="https://redirect.github.com/crazy-max/ghaction-import-gpg/pull/155">crazy-max/ghaction-import-gpg#155</a></li>
<li>Bump json5 from 2.1.3 to 2.2.3 in <a
href="https://redirect.github.com/crazy-max/ghaction-import-gpg/pull/157">crazy-max/ghaction-import-gpg#157</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/crazy-max/ghaction-import-gpg/compare/v5.2.0...v5.3.0">https://github.com/crazy-max/ghaction-import-gpg/compare/v5.2.0...v5.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crazy-max/ghaction-import-gpg/commit/72b6676b71ab476b77e676928516f6982eef7a41"><code>72b6676</code></a>
Merge pull request <a
href="https://redirect.github.com/crazy-max/ghaction-import-gpg/issues/168">#168</a>
from crazy-max/trust-input</li>
<li><a
href="https://github.com/crazy-max/ghaction-import-gpg/commit/72156b0031c758842a4d97574dd99dc574624413"><code>72156b0</code></a>
update generated content</li>
<li><a
href="https://github.com/crazy-max/ghaction-import-gpg/commit/05fea506c1ff86b557dc05295b33a662daba4b16"><code>05fea50</code></a>
input to set private key trust level</li>
<li><a
href="https://github.com/crazy-max/ghaction-import-gpg/commit/ff084959ffa9e9534090d08335543f8708ff5e06"><code>ff08495</code></a>
Merge pull request <a
href="https://redirect.github.com/crazy-max/ghaction-import-gpg/issues/167">#167</a>
from crazy-max/update-dev-deps</li>
<li><a
href="https://github.com/crazy-max/ghaction-import-gpg/commit/ab777345bdec10825700f07b04db4477ba4c2b5d"><code>ab77734</code></a>
update generated content</li>
<li><a
href="https://github.com/crazy-max/ghaction-import-gpg/commit/bf3643eec5244955d213a77e3dbd5642afa228e9"><code>bf3643e</code></a>
update dev dependencies</li>
<li><a
href="https://github.com/crazy-max/ghaction-import-gpg/commit/25f2aa62edc9dfb2cd3b8ad43e83359c55f7c1ea"><code>25f2aa6</code></a>
Merge pull request <a
href="https://redirect.github.com/crazy-max/ghaction-import-gpg/issues/166">#166</a>
from crazy-max/ci-split</li>
<li><a
href="https://github.com/crazy-max/ghaction-import-gpg/commit/dd60c323b506322d35d0d289c3c6ec57087b26d0"><code>dd60c32</code></a>
Merge pull request <a
href="https://redirect.github.com/crazy-max/ghaction-import-gpg/issues/165">#165</a>
from crazy-max/update-yarn</li>
<li><a
href="https://github.com/crazy-max/ghaction-import-gpg/commit/d65d3751b23a9136509057da02edb19cee834d32"><code>d65d375</code></a>
ci: split test and validate workflow</li>
<li><a
href="https://github.com/crazy-max/ghaction-import-gpg/commit/a782626592db591f36bb31b65be5fe14600d3f16"><code>a782626</code></a>
add plugin-interactive-tools yarn pkg</li>
<li>Additional commits viewable in <a
href="https://github.com/crazy-max/ghaction-import-gpg/compare/111c56156bcc6918c056dbef52164cfa583dc549...72b6676b71ab476b77e676928516f6982eef7a41">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=crazy-max/ghaction-import-gpg&package-manager=github_actions&previous-version=5.2.0&new-version=5.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Loading branch information

dependabot[bot] authored May 8, 2023

1 parent b0f94bf commit 4013e89

.github/workflows/release.yml

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -24,7 +24,7 @@ jobs:
  
              check-latest: true

          - id: import_gpg

            uses: crazy-max/ghaction-import-gpg@111c56156bcc6918c056dbef52164cfa583dc549 # v5.2.0

            uses: crazy-max/ghaction-import-gpg@72b6676b71ab476b77e676928516f6982eef7a41 # v5.3.0

            with:

              gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY }}

              passphrase: ${{ secrets.PASSPHRASE }}

0 comments on commit `4013e89`

Please sign in to comment.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit

There are no files selected for viewing

0 comments on commit `4013e89`

Commit

There are no files selected for viewing

0 comments on commit 4013e89

0 comments on commit `4013e89`