Sourced from actions/setup-python's releases.

v4.0.0

What's Changed

• Support for python-version-file input: #336

Example of usage:

- uses: actions/setup-python@v4
  with:
    python-version-file: '.python-version' # Read python version from a file
- run: python my_script.py

There is no default python version for this setup-python major version, the action requires to specify either python-version input or python-version-file input. If the python-version input is not specified the action will try to read required version from file from python-version-file input.

• Use pypyX.Y for PyPy python-version input: #349

Example of usage:

- uses: actions/setup-python@v4
  with:
    python-version: 'pypy3.9' # pypy-X.Y kept for backward compatibility
- run: python my_script.py

• RUNNER_TOOL_CACHE environment variable is equal AGENT_TOOLSDIRECTORY: #338

• Bugfix: create missing pypyX.Y symlinks: #347

• PKG_CONFIG_PATH environment variable: #400

• Added python-path output: #405 python-path output contains Python executable path.

• Updated zeit/ncc to vercel/ncc package: #393

• Bugfix: fixed output for prerelease version of poetry: #409

• Made pythonLocation environment variable consistent for Python and PyPy: #418

• Bugfix for 3.x-dev syntax: #417

• Other improvements: #318 #396 #384 #387 #388

Update actions/cache version to 2.0.2

In scope of this release we updated actions/cache package as the new version contains fixes related to GHES 3.5 (actions/setup-python#382)

Add "cache-hit" output and fix "python-version" output for PyPy

This release introduces new output cache-hit (actions/setup-python#373) and fix python-version output for PyPy (actions/setup-python#365)

The cache-hit output contains boolean value indicating that an exact match was found for the key. It shows that the action uses already existing cache or not. The output is available only if cache is enabled.

... (truncated)

• d09bd5e fix: 3.x-dev can install a 3.y version (#417)
• f72db17 Made env.var pythonLocation consistent for Python and PyPy (#418)
• 53e1529 add support for python-version-file (#336)
• 3f82819 Fix output for prerelease version of poetry (#409)
• 397252c Update zeit/ncc to vercel/ncc (#393)
• de977ad Merge pull request #412 from vsafonkin/v-vsafonkin/fix-poetry-cache-test
• 22c6af9 Change PyPy version to rebuild cache
• 081a3cf Merge pull request #405 from mayeut/interpreter-path
• ff70656 feature: add a python-path output
• fff15a2 Use pypyX.Y for PyPy python-version input (#349)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/setup-python's releases.

Update actions/cache version to 2.0.2

In scope of this release we updated actions/cache package as the new version contains fixes related to GHES 3.5 (actions/setup-python#382)

Add "cache-hit" output and fix "python-version" output for PyPy

This release introduces new output cache-hit (actions/setup-python#373) and fix python-version output for PyPy (actions/setup-python#365)

The cache-hit output contains boolean value indicating that an exact match was found for the key. It shows that the action uses already existing cache or not. The output is available only if cache is enabled.

The python-version contains version of Python or PyPy.

Support caching poetry dependencies and caching on GHES 3.5

• In the scope of this release, we added support for caching from GHES 3.5 and fixed the download issue for files > 2GB during restore.
• Caching poetry dependencies

steps:
- uses: actions/checkout@v3
- name: Install poetry
  run: pipx install poetry
- uses: actions/setup-python@v3
  with:
    python-version: '3.9'
    cache: 'poetry'
- run: poetry install
- run: poetry run pytest

v3.0.0

What's Changed

• Update default runtime to node16 (actions/setup-python#340)
• Update package-lock.json file version to 2, @types/node to 16.11.25 and typescript to 4.2.3 (actions/setup-python#341)
• Remove legacy pypy2 and pypy3 keywords (actions/setup-python#342)

Breaking Changes

With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.

This new major release removes support of legacy pypy2 and pypy3 keywords. Please use more specific and flexible syntax to specify a PyPy version:

jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        python-version:
        - 'pypy-2.7' # the latest available version of PyPy that supports Python 2.7
        - 'pypy-3.8' # the latest available version of PyPy that supports Python 3.8
        - 'pypy-3.8-v7.3.8' # Python 3.8 and PyPy 7.3.8
    steps:
    - uses: actions/checkout@v2
    - uses: actions/setup-python@v3
      with:
        python-version: ${{ matrix.python-version }}
</tr></table> 

... (truncated)

• 98f2ad0 Updated @​actions/cache (#382)
• 5d6f0c8 ci(workflow): add 'npm' cache for actions/setup-node in .github/workflows (#379)
• 21c0493 Cache hit output (#373)
• 7933d5a Add pyton-version to setup PyPy output (#365)
• 7885ec3 Rework pipenv caching test (#375)
• 9c644ca Update README.md to fix setup-python version in example (#368)
• 3e8e90e dist fix (#367)
• 05fb98d Cache on ghes (#363)
• 6c56602 Merge pull request #281 from patrick91/feature/poetry-caching
• 9516be8 Merge pull request #358 from actions/brcrista/codeql-main
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/setup-python's releases.

Add "cache-hit" output and fix "python-version" output for PyPy

This release introduces new output cache-hit (actions/setup-python#373) and fix python-version output for PyPy (actions/setup-python#365)

The cache-hit output contains boolean value indicating that an exact match was found for the key. It shows that the action uses already existing cache or not. The output is available only if cache is enabled.

The python-version contains version of Python or PyPy.

Support caching poetry dependencies and caching on GHES 3.5

• In the scope of this release, we added support for caching from GHES 3.5 and fixed the download issue for files > 2GB during restore.
• Caching poetry dependencies

steps:
- uses: actions/checkout@v3
- name: Install poetry
  run: pipx install poetry
- uses: actions/setup-python@v3
  with:
    python-version: '3.9'
    cache: 'poetry'
- run: poetry install
- run: poetry run pytest

v3.0.0

What's Changed

• Update default runtime to node16 (actions/setup-python#340)
• Update package-lock.json file version to 2, @types/node to 16.11.25 and typescript to 4.2.3 (actions/setup-python#341)
• Remove legacy pypy2 and pypy3 keywords (actions/setup-python#342)

Breaking Changes

With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.

This new major release removes support of legacy pypy2 and pypy3 keywords. Please use more specific and flexible syntax to specify a PyPy version:

jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        python-version:
        - 'pypy-2.7' # the latest available version of PyPy that supports Python 2.7
        - 'pypy-3.8' # the latest available version of PyPy that supports Python 3.8
        - 'pypy-3.8-v7.3.8' # Python 3.8 and PyPy 7.3.8
    steps:
    - uses: actions/checkout@v2
    - uses: actions/setup-python@v3
      with:
        python-version: ${{ matrix.python-version }}

See more usage examples in the documentation

... (truncated)

• 21c0493 Cache hit output (#373)
• 7933d5a Add pyton-version to setup PyPy output (#365)
• 7885ec3 Rework pipenv caching test (#375)
• 9c644ca Update README.md to fix setup-python version in example (#368)
• 3e8e90e dist fix (#367)
• 05fb98d Cache on ghes (#363)
• 6c56602 Merge pull request #281 from patrick91/feature/poetry-caching
• 9516be8 Merge pull request #358 from actions/brcrista/codeql-main
• 7aa3e95 Update dist
• 6c31eb3 Use \n instead of os.EOL
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/setup-python's releases.

Support caching poetry dependencies and caching on GHES 3.5

• In the scope of this release, we added support for caching from GHES 3.5 and fixed the download issue for files > 2GB during restore.
• Caching poetry dependencies

steps:
- uses: actions/checkout@v3
- name: Install poetry
  run: pipx install poetry
- uses: actions/setup-python@v3
  with:
    python-version: '3.9'
    cache: 'poetry'
- run: poetry install
- run: poetry run pytest

v3.0.0

What's Changed

• Update default runtime to node16 (actions/setup-python#340)
• Update package-lock.json file version to 2, @types/node to 16.11.25 and typescript to 4.2.3 (actions/setup-python#341)
• Remove legacy pypy2 and pypy3 keywords (actions/setup-python#342)

Breaking Changes

With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.

This new major release removes support of legacy pypy2 and pypy3 keywords. Please use more specific and flexible syntax to specify a PyPy version:

jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        python-version:
        - 'pypy-2.7' # the latest available version of PyPy that supports Python 2.7
        - 'pypy-3.8' # the latest available version of PyPy that supports Python 3.8
        - 'pypy-3.8-v7.3.8' # Python 3.8 and PyPy 7.3.8
    steps:
    - uses: actions/checkout@v2
    - uses: actions/setup-python@v3
      with:
        python-version: ${{ matrix.python-version }}

See more usage examples in the documentation

Update primary and restore keys for pip

In scope of this release we include a version of python in restore and primary cache keys for pip. Besides, we add temporary fix for Windows caching issue, that the pip cache dir command returns non zero exit code or writes to stderr. Moreover we updated node-fetch dependency.

Update actions/cache version to 1.0.8

We have updated actions/cache dependency version to 1.0.8 to support 10GB cache upload

Support caching dependencies

... (truncated)

• 9c644ca Update README.md to fix setup-python version in example (#368)
• 3e8e90e dist fix (#367)
• 05fb98d Cache on ghes (#363)
• 6c56602 Merge pull request #281 from patrick91/feature/poetry-caching
• 9516be8 Merge pull request #358 from actions/brcrista/codeql-main
• 7aa3e95 Update dist
• 6c31eb3 Use \n instead of os.EOL
• 7a37d78 Update dist
• e4be7a4 Initialise pyproject.toml
• aac0ef9 Build and format
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/cache's releases.

v3.0.1

• Added support for caching from GHES 3.5.
• Fixed download issue for files > 2GB during restore.

v3.0.0

• This change adds a minimum runner version(node12 -> node16), which can break users using an out-of-date/fork of the runner. This would be most commonly affecting users on GHES 3.3 or before, as those runners do not support node16 actions and they can use actions from github.com via github connect or manually copying the repo to their GHES instance.

• Few dependencies and cache action usage examples have also been updated.

v2.1.7

Support 10GB cache upload using the latest version 1.0.8 of @actions/cache

v2.1.6

• Catch unhandled "bad file descriptor" errors that sometimes occurs when the cache server returns non-successful response (actions/cache#596)

v2.1.5

• Fix permissions error seen when extracting caches with GNU tar that were previously created using BSD tar (actions/cache#527)

v2.1.4

• Make caching more verbose #650
• Use GNU tar on macOS if available #701

v2.1.3

• Upgrades @actions/core to v1.2.6 for CVE-2020-15228. This action was not using the affected methods.
• Fix error handling in uploadChunk where 400-level errors were not being detected and handled correctly

v2.1.2

• Adds input to limit the chunk upload size, useful for self-hosted runners with slower upload speeds
• No-op when executing on GHES

v2.1.1

• Update @actions/cache package to v1.0.2 which allows cache action to use posix format when taring files.

v2.1.0

• Replaces the http-client with the Azure Storage SDK for NodeJS when downloading cache content from Azure. This should help improve download performance and reliability as the SDK downloads files in 4 MB chunks, which can be parallelized and retried independently
• Display download progress and speed

Sourced from actions/cache's changelog.

3.0.1

• Added support for caching from GHES 3.5.
• Fixed download issue for files > 2GB during restore.

• 136d96b Enabling actions/cache for GHES based on presence of AC service (#774)
• 7d4f40b Bumping up the version to fix download issue for files > 2 GB. (#775)
• 2d8d0d1 Updated what's new. (#771)
• 7799d86 Updated the usage and docs to the major version release. (#770)
• 4b0cf6c Merge pull request #769 from actions/users/ashwinsangem/bump_major_version
• 60c606a Update licensed files
• b6e9a91 Revert "Updated to the latest version."
• c842503 Updated to the latest version.
• 2b7da2a Bumped up to a major version.
• deae296 Merge pull request #651 from magnetikonline/fix-golang-windows-example
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v4.0.0

Breaking changes

• The add-paths input no longer accepts -A as a valid value. When committing all new and modified files the add-paths input should be omitted.
• If using self-hosted runners or GitHub Enterprise Server, there are minimum requirements for v4 to run. See "What's new" below for details.

What's new

• Updated runtime to Node.js 16
  • The action now requires a minimum version of v2.285.0 for the Actions Runner.
  • If using GitHub Enterprise Server, the action requires GHES 3.4 or later.

What's Changed

• README.md: Add word "permissions" to part on GITHUB_TOKEN by @​hartwork in peter-evans/create-pull-request#1082
• docs: Document how to improve close-and-reopen user experience by @​hartwork in peter-evans/create-pull-request#1084
• README.md: Skip follow-up steps if there is no pull request by @​hartwork in peter-evans/create-pull-request#1083
• v4 by @​peter-evans in peter-evans/create-pull-request#1099

New Contributors

• @​hartwork made their first contribution in peter-evans/create-pull-request#1082

Full Changelog: https://github.com/peter-evans/create-pull-request/compare/v3.14.0...v4.0.0

Create Pull Request v3.14.0

This release reverts a commit made to bump the runtime to node 16. It inadvertently caused an issue for users on GitHub Enterprise. Apologies. 🙇‍♂️

What's Changed

• feat: revert update action runtime to node 16 by @​peter-evans https://github.com/peter-evans/create-pull-request/commit/18f7dc018cc2cd597073088f7c7591b9d1c02672

Full Changelog: https://github.com/peter-evans/create-pull-request/compare/v3.13.0...v3.14.0

Create Pull Request v3.13.0

What's Changed

• Document that draft status changes are not reflected by @​willthames in peter-evans/create-pull-request#1064
• fix: remove unused draft param from pull update by @​peter-evans in peter-evans/create-pull-request#1065
• Update action runtime to node 16 by @​sibiraj-s in peter-evans/create-pull-request#1074

New Contributors

• @​willthames made their first contribution in peter-evans/create-pull-request#1064
• @​sibiraj-s made their first contribution in peter-evans/create-pull-request#1074

Full Changelog: https://github.com/peter-evans/create-pull-request/compare/v3.12.1...v3.13.0

Create Pull Request v3.12.1

What's Changed

• ci: remove workflow by @​peter-evans in peter-evans/create-pull-request#1046
• fix: add '--' to checkout command to avoid ambiguity by @​kenji-miyake in peter-evans/create-pull-request#1051

New Contributors

• @​kenji-miyake made their first contribution in peter-evans/create-pull-request#1051

... (truncated)

• d6d5519 v4 (#1099)
• 0e8dfbd docs: update guidelines
• ffa8cc2 docs: Skip follow-up steps if there is no pull request (#1083)
• 00fb690 docs: Document how to improve close-and-reopen user experience (#1084)
• 2fe7e77 docs: Add word "permissions" (#1082)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/cache's releases.

v3.0.0

• This change adds a minimum runner version(node12 -> node16), which can break users using an out-of-date/fork of the runner. This would be most commonly affecting users on GHES 3.3 or before, as those runners do not support node16 actions and they can use actions from github.com via github connect or manually copying the repo to their GHES instance.

• Few dependencies and cache action usage examples have also been updated.

v2.1.7

Support 10GB cache upload using the latest version 1.0.8 of @actions/cache

v2.1.6

• Catch unhandled "bad file descriptor" errors that sometimes occurs when the cache server returns non-successful response (actions/cache#596)

v2.1.5

• Fix permissions error seen when extracting caches with GNU tar that were previously created using BSD tar (actions/cache#527)

v2.1.4

• Make caching more verbose #650
• Use GNU tar on macOS if available #701

v2.1.3

• Upgrades @actions/core to v1.2.6 for CVE-2020-15228. This action was not using the affected methods.
• Fix error handling in uploadChunk where 400-level errors were not being detected and handled correctly

v2.1.2

• Adds input to limit the chunk upload size, useful for self-hosted runners with slower upload speeds
• No-op when executing on GHES

v2.1.1

• Update @actions/cache package to v1.0.2 which allows cache action to use posix format when taring files.

v2.1.0

• Replaces the http-client with the Azure Storage SDK for NodeJS when downloading cache content from Azure. This should help improve download performance and reliability as the SDK downloads files in 4 MB chunks, which can be parallelized and retried independently
• Display download progress and speed

• 4b0cf6c Merge pull request #769 from actions/users/ashwinsangem/bump_major_version
• 60c606a Update licensed files
• b6e9a91 Revert "Updated to the latest version."
• c842503 Updated to the latest version.
• 2b7da2a Bumped up to a major version.
• deae296 Merge pull request #651 from magnetikonline/fix-golang-windows-example
• c7c46bc Merge pull request #707 from duxtland/main
• 6535c5f Regenerated examples.md TOC
• 3fdafa4 Update GitHub Actions status badge markdown in README.md
• 341e6d7 Merge branch 'actions:main' into fix-golang-windows-example
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/checkout's releases.

v3.0.0

• Update default runtime to node16

v2.4.0

• Convert SSH URLs like org-<ORG_ID>@github.com: to https://github.com/ - pr

v2.3.5

Update dependencies

v2.3.4

• Add missing awaits
• Swap to Environment Files

v2.3.3

• Remove Unneeded commit information from build logs
• Add Licensed to verify third party dependencies

v2.3.2

Add Third Party License Information to Dist Files

v2.3.1

Fix default branch resolution for .wiki and when using SSH

v2.3.0

Fallback to the default branch

v2.2.0

Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH
• Add submodule support
• Follow proxy settings
• Fix ref for pr closed event when a pr is merged
• Fix issue checking detached when git less than 2.22

Sourced from actions/checkout's changelog.

Changelog

v2.3.1

• Fix default branch resolution for .wiki and when using SSH

v2.3.0

• Fallback to the default branch

v2.2.0

• Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

• Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH
• Add submodule support
• Follow proxy settings
• Fix ref for pr closed event when a pr is merged
• Fix issue checking detached when git less than 2.22

v2.0.0

• Do not pass cred on command line
• Add input persist-credentials
• Fallback to REST API to download repo

• a12a394 update readme for v3 (#708)
• 8f9e05e Update to node 16 (#689)
• 230611d Change secret name for PAT to not start with GITHUB_ (#623)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/setup-python's releases.

v3.0.0

What's Changed

• Update default runtime to node16 (actions/setup-python#340)
• Update package-lock.json file version to 2, @types/node to 16.11.25 and typescript to 4.2.3 (actions/setup-python#341)
• Remove legacy pypy2 and pypy3 keywords (actions/setup-python#342)

Breaking Changes

With the update to Node 16, all scripts will now be run with Node 16 rather than Node 12.

This new major release removes support of legacy pypy2 and pypy3 keywords. Please use more specific and flexible syntax to specify a PyPy version:

jobs:
  build:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        python-version:
        - 'pypy-2.7' # the latest available version of PyPy that supports Python 2.7
        - 'pypy-3.8' # the latest available version of PyPy that supports Python 3.8
        - 'pypy-3.8-v7.3.8' # Python 3.8 and PyPy 7.3.8
    steps:
    - uses: actions/checkout@v2
    - uses: actions/setup-python@v3
      with:
        python-version: ${{ matrix.python-version }}

See more usage examples in the documentation

Update primary and restore keys for pip

In scope of this release we include a version of python in restore and primary cache keys for pip. Besides, we add temporary fix for Windows caching issue, that the pip cache dir command returns non zero exit code or writes to stderr. Moreover we updated node-fetch dependency.

Update actions/cache version to 1.0.8

We have updated actions/cache dependency version to 1.0.8 to support 10GB cache upload

Support caching dependencies

This release introduces dependency caching support (actions/setup-python#266)

Caching dependencies.

The action has a built-in functionality for caching and restoring pip/pipenv dependencies. The cache input is optional, and caching is turned off by default.

Besides, this release introduces dependency caching support for mono repos and repositories with complex structure.

By default, the action searches for the dependency file (requirements.txt for pip or Pipfile.lock for pipenv) in the whole repository. Use the cache-dependency-path input for cases when you want to override current behaviour and use different file for hash generation (for example requirements-dev.txt). This input supports wildcards or a list of file names for caching multiple dependencies.

Caching pip dependencies:

steps:
- uses: actions/checkout@v2
- uses: actions/setup-python@v2
  with:
    python-version: '3.9'
</tr></table> 

... (truncated)

• 0ebf233 Remove legacy PyPy input (#342)
• 665cd78 Update lockfileversion (#341)
• 93cb78f Update to node16 (#340)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/cache's releases.

v3.0.11

What's Changed

• Call out cache not saved on hit by @​Phantsure in actions/cache#946
• Update @​actions/core to 1.10.0 by @​rentziass in actions/cache#950
• Update cache to use @​actions/core@^1.10.0 by @​pdotl in actions/cache#956

New Contributors

• @​rentziass made their first contribution in actions/cache#950

Full Changelog: https://github.com/actions/cache/compare/v3...v3.0.11

v3.0.10

• Fix a bug with sorting inputs.
• Update definition for restore-keys in README.md

v3.0.9

• Enhanced the warning message for cache unavailability in case of GHES.

v3.0.8

What's Changed

• Fix zstd not working for windows on gnu tar in issues.
• Allow users to provide a custom timeout as input for aborting cache segment download using the environment variable SEGMENT_DOWNLOAD_TIMEOUT_MIN. Default is 60 minutes.

v3.0.7

What's Changed

• Fix for the download stuck problem has been added in actions/cache for users who were intermittently facing the issue. As part of this fix, new timeout has been introduced in the download step to stop the download if it doesn't complete within an hour and run the rest of the workflow without erroring out.

v3.0.6

What's Changed

• Add example for clojure lein project dependencies by @​shivamarora1 in PR actions/cache#835
• Update toolkit's cache npm module to latest. Bump cache version to v3.0.6 by @​pdotl in PR actions/cache#887
• Fix issue #809 where cache save/restore was failing for Amazon Linux 2 runners due to older tar version
• Fix issue #833 where cache save was not working for caching github workspace directory

New Contributors

• @​shivamarora1 made their first contribution in actions/cache#835
• @​pdotl made their first contribution in actions/cache#887

Full Changelog: https://github.com/actions/cache/compare/v3...v3.0.6

v3.0.5

Removed error handling by consuming actions/cache 3.0 toolkit, Now cache server error handling will be done by toolkit.

v3.0.4

In this release, we have fixed the tar creation error while trying to create it with path as ~/ home folder on ubuntu-latest.

v3.0.3

Fixed avoiding empty cache save when no files are available for caching. (actions/cache#624)

v3.0.2

... (truncated)

Sourced from actions/cache's changelog.

3.0.11

• Update toolkit version to 3.0.5 to include @actions/core@^1.10.0
• Update @actions/cache to use updated saveState and setOutput functions from @actions/core@^1.10.0

• 9b0c1fc Merge pull request #956 from actions/pdotl-version-bump
• 18103f6 Fix licensed status error
• 3e383cd Update RELEASES
• 43428ea toolkit versioon update and version bump for cache
• 1c73980 3.0.11
• a3f5edc Merge pull request #950 from rentziass/rentziass/update-actions-core
• 831ee69 Update licenses
• b9c8bfe Update @​actions/core to 1.10.0
• 0f20846 Merge pull request #946 from actions/Phantsure-patch-2
• 862fc14 Update README.md
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/checkout's releases.

v3.1.0

What's Changed

• Inject GitHub host to be able to clone from another GitHub instance by @​peter-murray in actions/checkout#922
• Bump @​actions/core to 1.10.0 by @​rentziass in actions/checkout#939

New Contributors

• @​peter-murray made their first contribution in actions/checkout#922
• @​rentziass made their first contribution in actions/checkout#939

Full Changelog: https://github.com/actions/checkout/compare/v3.0.2...v3.1.0

v3.0.2

What's Changed

• Add set-safe-directory input to allow customers to take control. by @​TingluoHuang in actions/checkout#770
• Prepare changelog for v3.0.2. by @​TingluoHuang in actions/checkout#777

Full Changelog: https://github.com/actions/checkout/compare/v3...v3.0.2

v3.0.1

• Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory
• Bumped various npm package versions

v3.0.0

• Updated to the node16 runtime by default
  • This requires a minimum Actions Runner version of v2.285.0 to run, which is by default available in GHES 3.4 or later.

v2.4.2

What's Changed

• Add set-safe-directory input to allow customers to take control. (#770) by @​TingluoHuang in actions/checkout#776
• Prepare changelog for v2.4.2. by @​TingluoHuang in actions/checkout#778

Full Changelog: https://github.com/actions/checkout/compare/v2...v2.4.2

v2.4.1

• Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory

v2.4.0

• Convert SSH URLs like org-<ORG_ID>@github.com: to https://github.com/ - pr

v2.3.5

Update dependencies

v2.3.4

• Add missing awaits
• Swap to Environment Files

v2.3.3

• Remove Unneeded commit information from build logs

... (truncated)

Sourced from actions/checkout's changelog.

v3.1.0

• Use @​actions/core saveState and getState
• Add github-server-url input

v3.0.2

• Add input set-safe-directory

v3.0.1

• Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory
• Bumped various npm package versions

v3.0.0

• Update to node 16

v2.3.1

• Fix default branch resolution for .wiki and when using SSH

v2.3.0

• Fallback to the default branch

v2.2.0

• Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

• Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH
• Add submodule support
• Follow proxy settings
• Fix ref for pr closed event when a pr is merged
• Fix issue checking detached when git less than 2.22

v2.0.0

• Do not pass cred on command line
• Add input persist-credentials
• Fallback to REST API to download repo

• 93ea575 Prepare release v3.1.0 (#940)
• 6a84743 Bump @​actions/core to 1.10.0 (#939)
• e6d535c Inject GitHub host to be able to clone from another GitHub instance (#922)
• 2541b12 Prepare changelog for v3.0.2. (#777)
• 0ffe6f9 Add set-safe-directory input to allow customers to take control. (#770)
• dcd71f6 Enforce safe directory (#762)
• add3486 Patch to fix the dependbot alert. (#744)
• 5126516 Bump minimist from 1.2.5 to 1.2.6 (#741)
• d50f8ea Add v3.0 release information to changelog (#740)
• 2d1c119 update test workflows to checkout v3 (#709)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/setup-python's releases.

v4.1.0

In scope of this pull request we updated actions/cache package as the new version contains fixes for caching error handling. Moreover, we added a new input update-environment. This option allows to specify if the action shall update environment variables (default) or not.

Update-environment input

    - name: setup-python 3.9
      uses: actions/setup-python@v4
      with:
        python-version: 3.9
        update-environment: false

Besides, we added such changes as:

• Allow python-version-file to be a relative path: actions/setup-python#431
• Added new environment variables for Cmake: actions/setup-python#440
• Updated error message for resolveVersion: actions/setup-python#450
• Assign default value of AGENT_TOOLSDIRECTORY if not set: actions/setup-python#394

v4.0.0

What's Changed

• Support for python-version-file input: #336

Example of usage:

- uses: actions/setup-python@v4
  with:
    python-version-file: '.python-version' # Read python version from a file
- run: python my_script.py

There is no default python version for this setup-python major version, the action requires to specify either python-version input or python-version-file input. If the python-version input is not specified the action will try to read required version from file from python-version-file input.

• Use pypyX.Y for PyPy python-version input: #349

Example of usage:

- uses: actions/setup-python@v4
  with:
    python-version: 'pypy3.9' # pypy-X.Y kept for backward compatibility
- run: python my_script.py

• RUNNER_TOOL_CACHE environment variable is equal AGENT_TOOLSDIRECTORY: #338

• Bugfix: create missing pypyX.Y symlinks: #347

• PKG_CONFIG_PATH environment variable: #400

• Added python-path output: #405

... (truncated)

• c4e89fa Improve readme for 3.x and 3.11-dev style python-version (#441)
• 0ad0f6a Merge pull request #452 from mayeut/fix-env
• f0bcf8b Merge pull request #456 from akx/patch-1
• af97157 doc: Add multiple wildcards example to readme
• 364e819 Merge pull request #394 from akv-platform/v-sedoli/set-env-by-default
• 782f81b Merge pull request #450 from IvanZosimov/ResolveVersionFix
• 2c9de4e Remove duplicate code introduced in #440
• 412091c Fix tests for update-environment==false
• 78a2330 Merge pull request #451 from dmitry-shibanov/fx-pipenv-python-version
• 96f494e trigger checks
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v4.0.1

What's Changed

• fix: strip optional '.git' suffix from https server remote name. by @​salexander6 in peter-evans/create-pull-request#1153
• Update distribution by @​github-actions in peter-evans/create-pull-request#1157
• 6 dependency updates by @​dependabot

New Contributors

• @​salexander6 made their first contribution in peter-evans/create-pull-request#1153

Full Changelog: https://github.com/peter-evans/create-pull-request/compare/v4.0.0...v4.0.1

Create Pull Request v4.0.0

Breaking changes

• The add-paths input no longer accepts -A as a valid value. When committing all new and modified files the add-paths input should be omitted.
• If using self-hosted runners or GitHub Enterprise Server, there are minimum requirements for v4 to run. See "What's new" below for details.

What's new

• Updated runtime to Node.js 16
  • The action now requires a minimum version of v2.285.0 for the Actions Runner.
  • If using GitHub Enterprise Server, the action requires GHES 3.4 or later.

What's Changed

• README.md: Add word "permissions" to part on GITHUB_TOKEN by @​hartwork in peter-evans/create-pull-request#1082
• docs: Document how to improve close-and-reopen user experience by @​hartwork in peter-evans/create-pull-request#1084
• README.md: Skip follow-up steps if there is no pull request by @​hartwork in peter-evans/create-pull-request#1083
• v4 by @​peter-evans in peter-evans/create-pull-request#1099

New Contributors

• @​hartwork made their first contribution in peter-evans/create-pull-request#1082

Full Changelog: https://github.com/peter-evans/create-pull-request/compare/v3.14.0...v4.0.0

Create Pull Request v3.14.0

This release reverts a commit made to bump the runtime to node 16. It inadvertently caused an issue for users on GitHub Enterprise. Apologies. 🙇‍♂️

What's Changed

• feat: revert update action runtime to node 16 by @​peter-evans https://github.com/peter-evans/create-pull-request/commit/18f7dc018cc2cd597073088f7c7591b9d1c02672

Full Changelog: https://github.com/peter-evans/create-pull-request/compare/v3.13.0...v3.14.0

Create Pull Request v3.13.0

What's Changed

• Document that draft status changes are not reflected by @​willthames in peter-evans/create-pull-request#1064
• fix: remove unused draft param from pull update by @​peter-evans in peter-evans/create-pull-request#1065
• Update action runtime to node 16 by @​sibiraj-s in peter-evans/create-pull-request#1074

New Contributors

• @​willthames made their first contribution in peter-evans/create-pull-request#1064

... (truncated)

• f1a7646 build: update distribution (#1157)
• 15b68d1 fix: strip optional '.git' suffix from https server remote name. (#1153)
• 0dfc93c build(deps): bump peter-evans/create-pull-request from 3 to 4 (#1150)
• 252fb19 build(deps): bump peter-evans/slash-command-dispatch from 2 to 3 (#1122)
• 4b867c4 build(deps): bump actions/setup-node from 2 to 3 (#1123)
• 4fb3835 build(deps): bump peter-evans/close-pull from 1 to 2 (#1121)
• 19ace47 build(deps): bump peter-evans/create-or-update-comment from 1 to 2 (#1120)
• 84d431a build(deps): bump peter-evans/find-comment from 1 to 2 (#1119)
• d6d5519 v4 (#1099)
• 0e8dfbd docs: update guidelines
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from peter-evans/enable-pull-request-automerge's releases.

Enable Pull Request Automerge v2.0.0

What's new

• Updated runtime to Node.js 16
  • The action now requires a minimum version of v2.285.0 for the Actions Runner.
  • If using GitHub Enterprise Server, the action requires GHES 3.4 or later.

What's Changed

• Update runtime to node 16 by @​peter-evans in peter-evans/enable-pull-request-automerge#313

Full Changelog: https://github.com/peter-evans/enable-pull-request-automerge/compare/v1.2.0...v2.0.0

Enable Pull Request Automerge v1.2.0

What's Changed

• feat: add support for https_proxy env var by @​peter-evans in peter-evans/enable-pull-request-automerge#301

Full Changelog: https://github.com/peter-evans/enable-pull-request-automerge/compare/v1.1.0...v1.2.0

Enable Pull Request Automerge v1.1.0

• Adds support for Github Enterprise

• 4e25525 Update runtime to node 16 (#313)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)