chore(deps): bump the github-action-dependencies group across 1 directory with 3 updates

[dependabot]

Bumps the github-action-dependencies group with 3 updates in the / directory: slackapi/slack-github-action, codecov/codecov-action and mikepenz/action-junit-report.

Updates slackapi/slack-github-action from 1.26.0 to 2.0.0

Release notes

Sourced from slackapi/slack-github-action's releases.

Slack Send v2.0.0

YAML! And more API methods! With improved erroring! And more!

Sending data to Slack can now be done with the YAML format, and that data can be sent to [a Slack API method][methods] or technique of choice with the provided payload. And additional configurations can improve error handling or customize values between steps.

Breaking changes happen with this update and recommended migration strategies are detailed below. Adding this step to new workflows might prefer to follow the README instead 📚

What's changed

Both inputs of payload variables, techniques for sending the payload, additional configurations, and expected outputs were changed:

• Sending variables
  • Breaking changes
    • Only one payload input can be provided
    • Only one technique to send can be provided
    • Variable replacements no longer happen by default
    • Payload file path parsed option was removed
  • Enhancements
    • Payloads can now be written in YAML
    • Payload can now be written in unwrapped JSON
• Sending techniques
  • Technique 1: Slack Workflow Builder
    • Breaking changes
      • The webhook type must be specified in webhook inputs
      • Payload flattening no longer happens by default
    • Enhancements
      • The webhook URL can be specified in webhook inputs
  • Technique 2: Slack API method
    • Breaking changes
      • The Slack API method now must be specified in inputs
      • A token must be provided with other inputs
      • Inputs to the Slack API method must be provided in payloads
      • Messages cannot be sent to multiple channels in one step
  • Technique 3: Slack incoming webhook
    • Breaking changes
      • The webhook type must be specified for incoming webhooks
    • Enhancements
      • The webhook URL can be specified for incoming webhook
• Additional configurations
  • Enhancements
    • Steps can exit with an error after a failed Slack API call
    • Failed requests can be retried various amounts of times
    • Provided payloads can be flattened with a delimiter
    • Provided payloads can have templated variables replaced
    • Proxying HTTPS requests can be done within inputs
• Expected outputs
  • Breaking changes
    • The time value is now returned as the Unix epoch time
  • Enhancements
    • An ok value is added to represent response success

... (truncated)

Commits

• 485a9d4 Release
• e598089 chore(release): tag version 2.0.0
• e9b3a6b feat!: wrap payloads to send to a "method" with "token" or "webhook" (#333)
• 74ae656 chore(release): tag version 1.27.1
• bd0e281 build(deps): bump codecov/codecov-action from 4.5.0 to 4.6.0 (#355)
• e127529 build(deps): bump @​actions/core from 1.10.1 to 1.11.1 (#354)
• 6b51022 build(deps-dev): bump eslint-plugin-jsdoc from 50.3.1 to 50.4.3 (#353)
• 555e4ad build(deps-dev): bump eslint-plugin-import from 2.30.0 to 2.31.0 (#352)
• 8d4500e build(deps): bump @​slack/web-api from 7.5.0 to 7.7.0 (#351)
• d0dece6 build(deps-dev): bump mocha from 10.7.3 to 10.8.2 (#350)
• Additional commits viewable in compare view

Updates codecov/codecov-action from 4 to 5

Release notes

Sourced from codecov/codecov-action's releases.

v5.0.0

v5 Release

v5 of the Codecov GitHub Action will use the Codecov Wrapper to encapsulate the CLI. This will help ensure that the Action gets updates quicker.

Migration Guide

The v5 release also coincides with the opt-out feature for tokens for public repositories. In the Global Upload Token section of the settings page of an organization in codecov.io, you can set the ability for Codecov to receive a coverage reports from any source. This will allow contributors or other members of a repository to upload without needing access to the Codecov token. For more details see how to upload without a token.

[!WARNING]
The following arguments have been changed

• file (this has been deprecated in favor of files)
• plugin (this has been deprecated in favor of plugins)

The following arguments have been added:

• binary
• gcov_args
• gcov_executable
• gcov_ignore
• gcov_include
• report_type
• skip_validation
• swift_project

You can see their usage in the action.yml file.

What's Changed

• chore(deps): bump to eslint9+ and remove eslint-config-google by @​thomasrockhu-codecov in codecov/codecov-action#1591
• build(deps-dev): bump @​octokit/webhooks-types from 7.5.1 to 7.6.1 by @​dependabot in codecov/codecov-action#1595
• build(deps-dev): bump typescript from 5.6.2 to 5.6.3 by @​dependabot in codecov/codecov-action#1604
• build(deps-dev): bump @​typescript-eslint/parser from 8.8.0 to 8.8.1 by @​dependabot in codecov/codecov-action#1601
• build(deps): bump @​actions/core from 1.11.0 to 1.11.1 by @​dependabot in codecov/codecov-action#1597
• build(deps): bump github/codeql-action from 3.26.9 to 3.26.11 by @​dependabot in codecov/codecov-action#1596
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 8.8.0 to 8.8.1 by @​dependabot in codecov/codecov-action#1600
• build(deps-dev): bump eslint from 9.11.1 to 9.12.0 by @​dependabot in codecov/codecov-action#1598
• build(deps): bump github/codeql-action from 3.26.11 to 3.26.12 by @​dependabot in codecov/codecov-action#1609
• build(deps): bump actions/checkout from 4.2.0 to 4.2.1 by @​dependabot in codecov/codecov-action#1608
• build(deps): bump actions/upload-artifact from 4.4.0 to 4.4.3 by @​dependabot in codecov/codecov-action#1607
• build(deps-dev): bump @​typescript-eslint/parser from 8.8.1 to 8.9.0 by @​dependabot in codecov/codecov-action#1612
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 8.8.1 to 8.9.0 by @​dependabot in codecov/codecov-action#1611
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 8.9.0 to 8.10.0 by @​dependabot in codecov/codecov-action#1615
• build(deps-dev): bump eslint from 9.12.0 to 9.13.0 by @​dependabot in codecov/codecov-action#1618
• build(deps): bump github/codeql-action from 3.26.12 to 3.26.13 by @​dependabot in codecov/codecov-action#1617
• build(deps-dev): bump @​typescript-eslint/parser from 8.9.0 to 8.10.0 by @​dependabot in codecov/codecov-action#1614
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 8.10.0 to 8.11.0 by @​dependabot in codecov/codecov-action#1620
• build(deps-dev): bump @​typescript-eslint/parser from 8.10.0 to 8.11.0 by @​dependabot in codecov/codecov-action#1619
• build(deps-dev): bump @​types/jest from 29.5.13 to 29.5.14 by @​dependabot in codecov/codecov-action#1622
• build(deps): bump actions/checkout from 4.2.1 to 4.2.2 by @​dependabot in codecov/codecov-action#1625
• build(deps): bump github/codeql-action from 3.26.13 to 3.27.0 by @​dependabot in codecov/codecov-action#1624
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 8.11.0 to 8.12.1 by @​dependabot in codecov/codecov-action#1626
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 8.12.1 to 8.12.2 by @​dependabot in codecov/codecov-action#1629

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

4.0.0-beta.2

Fixes

• #1085 not adding -n if empty to do-upload command

4.0.0-beta.1

v4 represents a move from the universal uploader to the Codecov CLI. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.

Breaking Changes

• No current support for aarch64 and alpine architectures.
• Tokenless uploading is unsuported
• Various arguments to the Action have been removed

3.1.4

Fixes

• #967 Fix typo in README.md
• #971 fix: add back in working dir
• #969 fix: CLI option names for uploader

Dependencies

• #970 build(deps-dev): bump @​types/node from 18.15.12 to 18.16.3
• #979 build(deps-dev): bump @​types/node from 20.1.0 to 20.1.2
• #981 build(deps-dev): bump @​types/node from 20.1.2 to 20.1.4

3.1.3

Fixes

• #960 fix: allow for aarch64 build

Dependencies

• #957 build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0
• #958 build(deps): bump openpgp from 5.7.0 to 5.8.0
• #959 build(deps-dev): bump @​types/node from 18.15.10 to 18.15.12

3.1.2

Fixes

• #718 Update README.md
• #851 Remove unsupported path_to_write_report argument
• #898 codeql-analysis.yml
• #901 Update README to contain correct information - inputs and negate feature
• #955 fix: add in all the extra arguments for uploader

Dependencies

• #819 build(deps): bump openpgp from 5.4.0 to 5.5.0
• #835 build(deps): bump node-fetch from 3.2.4 to 3.2.10
• #840 build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4
• #841 build(deps): bump @​actions/core from 1.9.1 to 1.10.0
• #843 build(deps): bump @​actions/github from 5.0.3 to 5.1.1
• #869 build(deps): bump node-fetch from 3.2.10 to 3.3.0
• #872 build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0
• #879 build(deps): bump decode-uri-component from 0.2.0 to 0.2.2

... (truncated)

Commits

• 5c47607 fix: override commit and pr values for PR cases (#1657)
• 3b1354a chore(release): 5.0.1 (#1656)
• 2e2a9c6 fix: update tokenless branch logic (#1650)
• cfc521b Update README.md
• 0642541 fix: use marketplace v5 badge (#1646)
• 9688725 Update README.md
• 2112eae chore(deps): bump wrapper to 0.0.23 (#1644)
• 193421c fixL use the correct source (#1642)
• 6018df7 fix: update container builds (#1640)
• eff1a64 fix: add missing vars (#1638)
• Additional commits viewable in compare view

Updates mikepenz/action-junit-report from 4 to 5

Release notes

Sourced from mikepenz/action-junit-report's releases.

v5

• no changes

v5.0.0

[!NOTE]
v5 adjusts the format of the summary output. If you depend on the prior format, please verify the simplified format works for your usecase.

🚀 Features

• Introduce new ability to include flaky tests in summary
  • PR: #1115
• Include flakyFailures block in retry count
  • PR: #1118
• Refactor testParser to enable it for future usecases
  • PR: #1119
• Allow configuration of bread_crumb_delimiter
  • PR: #1120
• Introduce flag to comment summary on PR
  • PR: #1167
• Improve transformer performance
  • PR: #1182
• Provide optimised class detection skipping globber if not required
  • PR: #1183
• Upgrade dependencies to latest major version
  • PR: #1220
• Add new API to skip annotations all-to-gether
  • PR: #1221
• Introduce flag to fail_on_parse_error
  • PR: #1222
• Improve parsing logic for nested suites
  • PR: #1224
• Configuration to enable grouping by TestSuite in the Detail Summary
  • PR: #1225

🐛 Fixes

• Require pull_request trigger to attach comment
  • PR: #1181

💬 Other

• Move test CI steps
  • PR: #1116
• Slight code cleanup
  • PR: #1223

📦 Dependencies

• Upgrade dependencies
  • PR: #1117

... (truncated)

Commits

• a427a90 - ignorePreReleases for changelog
• 6141c38 Merge pull request #1231 from gilesw/docs/example-stanza-for-forked-non-forke...
• eb88208 - slightly rephrase updated README
• 511b061 Merge pull request #1237 from mikepenz/feature/dependency_updates_20241116
• 3caf5b3 - upgrade npm dependencies
• 46ad281 docs: try to fix yaml rendering
• 56596cc docs: small example to show a use case for annotate_only
• 1c2f98d - update README for v5 action
• ec3a351 Merge pull request #1225 from mikepenz/feature/grouped_summary
• b317015 - html formatting
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Sample app builds 📱

Below you will find the list of the latest versions of the sample apps. It's recommended to always download the latest builds of the sample apps to accurately test the pull request.

---

• CocoaPods-FCM: Build failed. See CI job logs to determine the issue and try re-building.
• APN-UIKit: Build failed. See CI job logs to determine the issue and try re-building.

[Shahroz16]

closing this for now as it keeps on sending non-reviewed notifications, and updates breaking sample apps and other actions, so we will revisit it when we have time.

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml