dependabot[bot]
cfdfc452dc
github: bump github/codeql-action from 2.2.10 to 2.2.11
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.10 to 2.2.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8c8d71dde4...d186a2a36c
2023-04-07 10:02:55 -07:00
dependabot[bot]
f0cc4c3ae2
github: bump github/codeql-action from 2.2.9 to 2.2.10
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.9 to 2.2.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](04df1262e6...8c8d71dde4
2023-04-06 16:27:50 -07:00
dependabot[bot]
dc9658159b
github: bump EmbarkStudios/cargo-deny-action from 1.5.0 to 1.5.1
...
Bumps [EmbarkStudios/cargo-deny-action](https://github.com/EmbarkStudios/cargo-deny-action ) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/EmbarkStudios/cargo-deny-action/releases )
- [Commits](8af37f5d0c...3d26fd4e2a
2023-04-06 16:27:29 -07:00
Martin von Zweigbergk
b707a29f41
github: fix name of workflow for Dependabot auto-merge
...
I apparently forgot to update the name when I copied `build.yml`.
2023-03-30 19:29:18 -07:00
dependabot[bot]
8dea96e1ae
github: bump ossf/scorecard-action from 2.1.2 to 2.1.3
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.2 to 2.1.3.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](e38b1902ae...80e868c13c
2023-03-30 16:42:02 +00:00
Martin von Zweigbergk
9d83c40b8d
github: add a build target with all features
...
This should catch build errors in the `bench` feature (and in any
future non-default features).
2023-03-30 09:20:29 -07:00
Martin von Zweigbergk
0e29cfca5c
github: simplify build matrix definition
...
See https://docs.github.com/en/actions/using-jobs/using-a-matrix-for-your-jobs#expanding-or-adding-matrix-configurations
2023-03-30 09:20:29 -07:00
dependabot[bot]
c379c9740d
github: bump github/codeql-action from 2.2.8 to 2.2.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.8 to 2.2.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](67a35a0858...04df1262e6
2023-03-27 16:16:55 +00:00
dependabot[bot]
4a0193ccec
github: bump EmbarkStudios/cargo-deny-action from 1.4.0 to 1.5.0
...
Bumps [EmbarkStudios/cargo-deny-action](https://github.com/EmbarkStudios/cargo-deny-action ) from 1.4.0 to 1.5.0.
- [Release notes](https://github.com/EmbarkStudios/cargo-deny-action/releases )
- [Commits](8a8607bd8e...8af37f5d0c
2023-03-27 16:13:21 +00:00
dependabot[bot]
5b2e1cbe07
github: bump actions/checkout from 3.4.0 to 3.5.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](24cb908017...8f4b7f8486
2023-03-24 10:08:02 -07:00
dependabot[bot]
97a076f2da
github: bump github/codeql-action from 2.2.7 to 2.2.8
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.7 to 2.2.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](168b99b3c2...67a35a0858
2023-03-23 09:35:34 -07:00
Martin von Zweigbergk
2495c8f27e
cargo: update MSRV to 1.64
...
We need 1.64 to bump `clap` to `4.1`. We don't really need to upgrade
to that, but being on an older version causes minor confusions like
#1393 . Rust 1.64 is very close to 6 months old at this point.
2023-03-17 22:44:29 -07:00
dependabot[bot]
e4bed6418d
github: bump actions/checkout from 3.3.0 to 3.4.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.3.0 to 3.4.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](ac59398561...24cb908017
2023-03-16 22:02:06 -07:00
dependabot[bot]
08d0a33554
github: bump github/codeql-action from 2.2.6 to 2.2.7
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.6 to 2.2.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](16964e90ba...168b99b3c2
2023-03-15 10:01:04 -07:00
dependabot[bot]
a99622763f
github: bump github/codeql-action from 2.2.5 to 2.2.6
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.5 to 2.2.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](32dc499307...16964e90ba
2023-03-13 17:43:41 +00:00
Martin von Zweigbergk
9ff422396a
github: pin version of codespell action by hash
...
The security scanner complained about this. It is what we do with all
other actions.
2023-03-10 13:00:03 -08:00
dependabot[bot]
5321201a8a
github: bump cachix/install-nix-action from 19 to 20
...
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action ) from 19 to 20.
- [Release notes](https://github.com/cachix/install-nix-action/releases )
- [Commits](5c11eae19d...29bd9290ef
2023-03-02 00:02:57 +01:00
dependabot[bot]
f633534fc7
github: bump github/codeql-action from 2.2.4 to 2.2.5
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.4 to 2.2.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](17573ee1cc...32dc499307
2023-02-27 11:08:02 -08:00
Martin von Zweigbergk
9fc879747f
release: build Linux (musl) release using vendored OpenSSL
...
The 0.7.0 release build failed because it didn't find OpenSSL. I don't
know much about musl, but I think we added it in order to get a single
binary without dependencies, so I think vendoring is what we want.
2023-02-16 15:52:00 -08:00
dependabot[bot]
034dd3528d
github: bump dtolnay/rust-toolchain
...
Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) from 0a1713a447f74360b294fd86bc56dc23af3a9d3e to 52e69531e6f69a396bc9d1226284493a5db969ff.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](0a1713a447...52e69531e6
2023-02-16 08:39:18 -08:00
dependabot[bot]
2217a78df3
github: bump dtolnay/rust-toolchain
...
Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) from 25dc93b901a87e864900a8aec6c12e9aa794c0c3 to 0a1713a447f74360b294fd86bc56dc23af3a9d3e.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](25dc93b901...0a1713a447
2023-02-15 08:49:33 -08:00
dependabot[bot]
ebd9a94d4b
github: bump github/codeql-action from 2.2.3 to 2.2.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.3 to 2.2.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8775e86802...17573ee1cc
2023-02-13 22:52:07 +00:00
dependabot[bot]
e21ae8b9d0
github: bump dtolnay/rust-toolchain
...
Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) from c758e63728211bd4acda6501cfa2a16c5c751fc4 to 25dc93b901a87e864900a8aec6c12e9aa794c0c3.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](c758e63728...25dc93b901
2023-02-13 23:39:24 +01:00
dependabot[bot]
123d677aed
github: bump github/codeql-action from 2.2.2 to 2.2.3
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.2 to 2.2.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](39d8d7e78f...8775e86802
2023-02-09 16:32:36 +01:00
dependabot[bot]
e7c9493506
github: bump github/codeql-action from 2.2.1 to 2.2.2
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.2.1 to 2.2.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3ebbd71c74...39d8d7e78f
2023-02-07 08:24:19 -08:00
dependabot[bot]
52ff0ae9e6
github: bump cachix/install-nix-action from 18 to 19
...
Bumps [cachix/install-nix-action](https://github.com/cachix/install-nix-action ) from 18 to 19.
- [Release notes](https://github.com/cachix/install-nix-action/releases )
- [Commits](daddc62a2e...5c11eae19d
2023-02-06 15:26:46 +00:00
dependabot[bot]
bd5cbbdbaa
github: bump dtolnay/rust-toolchain
...
Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) from ce8f65846d7180d2ce63b1e74483d981800b9e22 to c758e63728211bd4acda6501cfa2a16c5c751fc4.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](ce8f65846d...c758e63728
2023-02-01 15:19:38 +00:00
Samuel Tardieu
615862dde8
ci: add codespell to the workflow
2023-01-28 07:23:45 -08:00
dependabot[bot]
9336a4518a
github: bump github/codeql-action from 2.1.39 to 2.2.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.39 to 2.2.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](a34ca99b46...3ebbd71c74
2023-01-27 08:08:43 -08:00
dependabot[bot]
efe72f714a
github: bump dtolnay/rust-toolchain
...
Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) from 22cb70465de2ebc761c76f91046abd5a6986040f to ce8f65846d7180d2ce63b1e74483d981800b9e22.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](22cb70465d...ce8f65846d
2023-01-23 08:32:50 -08:00
dependabot[bot]
a29b19fa9d
github: bump dtolnay/rust-toolchain
...
Bumps [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain ) from e645b0cf01249a964ec099494d38d2da0f0b349f to 22cb70465de2ebc761c76f91046abd5a6986040f.
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases )
- [Commits](e645b0cf01...22cb70465d
2023-01-20 15:18:40 +00:00
dependabot[bot]
24e03e2ff5
github: bump github/codeql-action from 2.1.38 to 2.1.39
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.38 to 2.1.39.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](515828d974...a34ca99b46
2023-01-19 08:10:30 -08:00
Michael Forster
27228ce292
Update MSRV to 1.61
...
This is needed for compatibility with the sapling dag crate.
2023-01-19 10:29:39 +01:00
Martin von Zweigbergk
ff3edb642f
github: build and test all targets
...
It seems that at least examples are not included in the default set of
targets, and we clearly want to check that the examples compile, as
that's an important reason we have them. We don't have any tests for
the examples yet, but let's add the flag now so we don't forget it
later.
2023-01-18 23:03:30 -08:00
dependabot[bot]
7c1b796f3e
github: bump github/codeql-action from 2.1.37 to 2.1.38
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.37 to 2.1.38.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](959cbb7472...515828d974
2023-01-12 09:26:31 -08:00
dependabot[bot]
f2cba66029
github: bump actions/upload-artifact from 3.1.1 to 3.1.2
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](83fd05a356...0b7f8abb15
2023-01-06 07:52:03 -08:00
dependabot[bot]
6a6724fd87
github: bump actions/checkout from 3.2.0 to 3.3.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](755da8c3cf...ac59398561
2023-01-05 15:33:10 +00:00
Martin von Zweigbergk
635f5a5cb8
build: don't use vendored OpenSSL by default
...
I added support for using a vendored OpenSSL in dbadbd68c0
2023-01-03 18:57:38 -08:00
dependabot[bot]
bb0cb7f8d1
github: bump ossf/scorecard-action from 2.1.1 to 2.1.2
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.1 to 2.1.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](15c10fcf1c...e38b1902ae
2022-12-22 15:15:44 +00:00
Benjamin Saunders
aaa175eca7
lib: replace protobuf crate with prost
2022-12-22 07:04:35 -08:00
dependabot[bot]
1a11679539
github: bump ossf/scorecard-action from 2.1.0 to 2.1.1
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.0 to 2.1.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](937ffa90d7...15c10fcf1c
2022-12-20 08:43:48 -08:00
dependabot[bot]
af32f0d3c3
github: bump ossf/scorecard-action from 2.0.6 to 2.1.0
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.0.6 to 2.1.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](99c53751e0...937ffa90d7
2022-12-15 07:40:37 -08:00
dependabot[bot]
1f3cfcec9d
github: bump github/codeql-action from 2.1.36 to 2.1.37
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.36 to 2.1.37.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](a669cc5936...959cbb7472
2022-12-14 07:35:59 -08:00
dependabot[bot]
ae981ff33a
github: bump actions/checkout from 3.1.0 to 3.2.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](93ea575cb5...755da8c3cf
2022-12-13 11:35:27 -08:00
Martin von Zweigbergk
b87c1cb514
github: new attempt at Dependabot auto-merge
...
This is an updated version of the workflow deleted in f5fc3c35f5https://github.com/cli/cli/issues/6695#issuecomment-1348430969 .
2022-12-13 10:39:58 -08:00
dependabot[bot]
15d40ffa54
github: bump github/codeql-action from 2.1.35 to 2.1.36
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.35 to 2.1.36.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b2a92eb56d...a669cc5936
2022-12-09 11:09:59 -08:00
Martin von Zweigbergk
79d6779995
github: make Scorecard security scanner not use access token
...
Google's security team asked us to remove this use of a PAT. It's
apparently supposed to work without it, it's just that it won't be
able to check that we have bronch protection set up.
2022-12-08 14:54:28 -08:00
Martin von Zweigbergk
f5fc3c35f5
github: disable broken attempt to auto-merge Dependabot PRs again
...
Sigh, I thought it was fixed now, but it seems it's only `gh pr ready`
that works with `GITHUB_TOKEN`. This rolls back commit ee7e7e1b62
2022-12-05 14:23:43 -08:00
dependabot[bot]
9a36f1d6e3
github: bump github/codeql-action from 2.1.32 to 2.1.35
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.32 to 2.1.35.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4238421316...b2a92eb56d
2022-12-05 10:07:43 -08:00
Martin von Zweigbergk
ee7e7e1b62
github: new attempt at auto-enabling merge of Dependabot PRs
...
cli/cli#1314 is now marked fixed, so let's see if this works. This
rolls back commit 184280f8f801.
2022-12-01 19:28:39 -08:00
