chore(deps): update github-actions deps #2
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![elastic-renovate-prod[bot]](https://avatars.githubusercontent.com/in/937301?s=80&v=4){kind=small}
lahsivjar
pushed a commit
that referenced
this pull request
Aug 21, 2025
…ing - approach #2 (open-telemetry#13460) <!--Ex. Fixing a bug - Describe the bug and how this fixes the issue. Ex. Adding a feature - Explain what this achieves.--> #### Description This PR provides a solution to propagate context values across batching. This is particularly useful in scenarios where context carries important metadata—such as authentication tokens. **New API** A new API has been added to support this functionality: ``` mergeCtx func(ctx1 context.Context, ctx2 context.Context) context.Context ``` By supplying a custom mergeCtx function, users can control how context values are preserved or combined—for example, by selectively copying specific keys, merging metadata, or keeping the larger value. Note: `context.Context` returned from the above function should not override `Value()` function. **Default Behavior** If mergeCtx is not provided (i.e., left as nil), the batching system defaults to a conservative behavior: no context values are retained from the original incoming contexts. Users who need context propagation must explicitly opt in by defining and supplying a mergeCtx function. <!-- Issue number if applicable --> #### Link to tracking issue open-telemetry#13320 <!--Describe what testing was performed and which tests were added.--> #### Testing * `batch_context_test.go` checks the `mergeCtx` does not interfere with span link * `partition_batcher_test.go` checks `mergeCtx=nil` works properly <!--Describe the documentation added.--> #### Documentation <!--Please delete paragraphs that you did not use before submitting.-->
elastic-renovate-prod
bot
force-pushed
the
renovate/github-actions-deps
branch
2 times, most recently
from
99715a9 to
3870147
Compare
elastic-renovate-prod
bot
force-pushed
the
renovate/github-actions-deps
branch
2 times, most recently
from
69e4d9e to
05ef8a3
Compare
elastic-renovate-prod
bot
force-pushed
the
renovate/github-actions-deps
branch
2 times, most recently
from
486095a to
27aea0d
Compare
elastic-renovate-prod
bot
force-pushed
the
renovate/github-actions-deps
branch
3 times, most recently
from
d41abd9 to
3d80e68
Compare
elastic-renovate-prod
bot
force-pushed
the
renovate/github-actions-deps
branch
2 times, most recently
from
855e135 to
7c691d7
Compare
elastic-renovate-prod
bot
force-pushed
the
renovate/github-actions-deps
branch
from
7c691d7 to
c3b7c9b
Compare
elastic-renovate-prod
bot
force-pushed
the
renovate/github-actions-deps
branch
from
c3b7c9b to
96478d4
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v4.2.3->v4.3.0v4.2.2->v4.3.0v2.0.6->v2.1.4v7.0.1->v7.1.0v0.20.4->v0.20.85.4.3->5.5.1v3.29.5->v3.30.8v6.3.0->v6.4.05c4ee84->e79a91bv2.4.2->v2.4.3v3.9.2->v3.10.0Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
actions/cache (actions/cache)
v4.3.0Compare Source
What's Changed
v4.3.0release by @Link- in https://github.com/actions/cache/pull/1655New Contributors
Full Changelog: actions/cache@v4...v4.3.0
v4.2.4Compare Source
What's Changed
@actions/cacheto4.0.5and move@protobuf-ts/pluginto dev depdencies by @Link- in https://github.com/actions/cache/pull/16344.2.4by @Link- in https://github.com/actions/cache/pull/1636New Contributors
Full Changelog: actions/cache@v4...v4.2.4
actions/checkout (actions/checkout)
v4.3.0Compare Source
What's Changed
New Contributors
Full Changelog: actions/checkout@v4...v4.3.0
actions/create-github-app-token (actions/create-github-app-token)
v2.1.4Compare Source
Bug Fixes
v2.1.3Compare Source
Bug Fixes
v2.1.2Compare Source
Bug Fixes
v2.1.1Compare Source
Bug Fixes
node24as runner" (#278) (5204204), closes actions/create-github-app-token#267v2.1.0Compare Source
Features
node24as runner (#267) (a1cbe0f)actions/github-script (actions/github-script)
v7.1.0Compare Source
What's Changed
actions/upload-artifactby @joshmgross in https://github.com/actions/github-script/pull/512npm audit fixby @joshmgross in https://github.com/actions/github-script/pull/515permissionsin workflows and update actions by @joshmgross in https://github.com/actions/github-script/pull/531octokitREADME updates for v7 by @joshmgross in https://github.com/actions/github-script/pull/557scriptby @joshmgross in https://github.com/actions/github-script/pull/603New Contributors
Full Changelog: actions/github-script@v7...v7.1.0
anchore/sbom-action (anchore/sbom-action)
v0.20.8Compare Source
Changes in v0.20.8
v0.20.7Compare Source
Changes in v0.20.7
v0.20.6Compare Source
Changes in v0.20.6
v0.20.5Compare Source
Changes in v0.20.5
codecov/codecov-action (codecov/codecov-action)
v5.5.1Compare Source
What's Changed
codecov-cliversion reference example by @webknjaz in https://github.com/codecov/codecov-action/pull/1774Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1
v5.5.0Compare Source
What's Changed
Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0
github/codeql-action (github/codeql-action)
v3.30.8Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.30.8 - 10 Oct 2025
No user facing changes.
See the full CHANGELOG.md for more information.
v3.30.7Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.30.7 - 06 Oct 2025
No user facing changes.
See the full CHANGELOG.md for more information.
v3.30.6Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.30.6 - 02 Oct 2025
See the full CHANGELOG.md for more information.
v3.30.5Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.30.5 - 26 Sep 2025
3.30.4withupload-sarifwhich resulted in files without a.sarifextension not getting uploaded. #3160See the full CHANGELOG.md for more information.
v3.30.4Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.30.4 - 25 Sep 2025
codeql-action/initstep if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of thecodeql-action/initstep. #3099 and #3100tools: nightlyto theinitaction. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. #3130See the full CHANGELOG.md for more information.
v3.30.3Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.30.3 - 10 Sep 2025
No user facing changes.
See the full CHANGELOG.md for more information.
v3.30.2Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.30.2 - 09 Sep 2025
quality-queriesinput that was added in3.29.2as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a newanalysis-kindsinput, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. #3064See the full CHANGELOG.md for more information.
v3.30.1Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.30.1 - 05 Sep 2025
See the full CHANGELOG.md for more information.
v3.30.0Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.30.0 - 01 Sep 2025
See the full CHANGELOG.md for more information.
v3.29.11Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.29.11 - 21 Aug 2025
See the full CHANGELOG.md for more information.
v3.29.10Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.29.10 - 18 Aug 2025
No user facing changes.
See the full CHANGELOG.md for more information.
v3.29.9Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.29.9 - 12 Aug 2025
No user facing changes.
See the full CHANGELOG.md for more information.
v3.29.8Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.29.8 - 08 Aug 2025
See the full CHANGELOG.md for more information.
v3.29.7Compare Source
This is a re-release of v3.29.5 to mitigate an issue that was discovered with v3.29.6.
v3.29.6Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
3.29.6 - 07 Aug 2025
cleanup-levelinput to theanalyzeAction is now deprecated. The CodeQL Action has written a limited amount of intermediate results to the database since version 2.2.5, and now automatically manages cleanup. #2999See the full CHANGELOG.md for more information.
goreleaser/goreleaser-action (goreleaser/goreleaser-action)
v6.4.0Compare Source
What's Changed
New Contributors
Full Changelog: goreleaser/goreleaser-action@v6.3.0...v6.4.0
ossf/scorecard-action (ossf/scorecard-action)
v2.4.3Compare Source
What's Changed
This update bumps the Scorecard version to the v5.3.0 release. For a complete list of changes, please refer to the Scorecard v5.3.0 release notes.
Documentation
GITHUB_TOKENpermissions needed for private repos by @pankajtaneja5 in https://github.com/ossf/scorecard-action/pull/1574Other
New Contributors
Full Changelog: ossf/scorecard-action@v2.4.2...v2.4.3
sigstore/cosign-installer (sigstore/cosign-installer)
v3.10.0Compare Source
What's Changed
Full Changelog: sigstore/cosign-installer@v3.9.2...v3.10.0
Configuration
📅 Schedule: Branch creation - "on tuesday" (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Renovate Bot.