fix 1Password cli installer error on Windows#154
Merged
Conversation
|
If you're new to commit signing, there are different ways to set it up: Sign commits with
|
Contributor
|
/ok-to-test sha=080cd2d |
|
✅ E2E tests passed. |
JillRegan
approved these changes
May 15, 2026
JillRegan
left a comment
Contributor
There was a problem hiding this comment.
Thanks @superteppo, tested and confirmed on Windows. LGTM! 👍
Merged
onap-github
pushed a commit
to onap/policy-drools-pdp
that referenced
this pull request
Jun 15, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: I10e73c81528f3abf24d5963c5c329eaed81090c0 GitHub-PR: #17 GitHub-Hash: 1a3de8be57538b84 Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/aai-model-loader
that referenced
this pull request
Jun 15, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: If1f6a135c339a5290352ac292f3448c40b2f8d4f GitHub-PR: #24 GitHub-Hash: ddb3a30dbbee6ddc Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/sdc-sdc-workflow-designer
that referenced
this pull request
Jun 15, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: I2c77cbcfc24184b6d3ac7b8758f34d3bbe08e0cf GitHub-PR: #20 GitHub-Hash: 81546a6d52581d2e Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/aai-schema-service
that referenced
this pull request
Jun 15, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: Iafb525e0e54513700501adbda57a6ad9190a59f7 GitHub-PR: #14 GitHub-Hash: 5b3c05bd559d9dfc Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/ccsdk-distribution
that referenced
this pull request
Jun 15, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: Iebffb75b84b7df1c1d238facd3ba35c5219b6185 GitHub-PR: #14 GitHub-Hash: 7a155250f9f2e395 Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/ccsdk-parent
that referenced
this pull request
Jun 15, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: I732c0d909fd7d0cdc3e7a189d9e419fd55ecdca1 GitHub-PR: #24 GitHub-Hash: 43e092a08de4141c Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/oparent
that referenced
this pull request
Jun 15, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: Icb8f848798a5d8c8d9f4a432e77d9d92036a8cd7 GitHub-PR: #21 GitHub-Hash: d0dc85829fa0a11d Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/ccsdk-apps
that referenced
this pull request
Jun 15, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: Id896d2e89e49c63bef93619b259e38d79521c888 GitHub-PR: #17 GitHub-Hash: e9f262c17903f33f Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/sdc-sdc-be-common
that referenced
this pull request
Jun 15, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: Ic0ba82401c60ef013c5217149acea107f5afd663 GitHub-PR: #24 GitHub-Hash: 5405891e56402378 Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/policy-pap
that referenced
this pull request
Jun 16, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: I9b97add3878fce8f736e5629f76268bb8734e79d GitHub-PR: #11 GitHub-Hash: 29284c1c2b90720c Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/aai-sparky-be
that referenced
this pull request
Jun 16, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: I18fd4bf8b35e9b48442620522b3046219dda9171 GitHub-PR: #13 GitHub-Hash: a453efc59d0c8d7f Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/usecase-ui
that referenced
this pull request
Jun 16, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: Iea4541d631b5eb06dc81732d1b46287a9c08db9f GitHub-PR: #13 GitHub-Hash: f7d6c1ad61cfe1fc Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/aai-rest-client
that referenced
this pull request
Jun 16, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: I4676c0b07a637eb12b560a12ab94b0c0e34d1e3f GitHub-PR: #13 GitHub-Hash: 09b7eb116160600c Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/so
that referenced
this pull request
Jun 16, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: I4d549a73e8a7be5fcbeff566cd29ebc3474d180e GitHub-PR: #27 GitHub-Hash: a447eb534dd12405 Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/multicloud-framework
that referenced
this pull request
Jun 16, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: If397530015b1da353ba3fbe7a3348ea8f171151f GitHub-PR: #13 GitHub-Hash: 0202bbce5096f587 Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/policy-parent
that referenced
this pull request
Jun 16, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: Ib59907e6e6d4eadadc75dfd7e22d4729b62f6484 GitHub-PR: #3 GitHub-Hash: ef714032f59e46ea Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/policy-distribution
that referenced
this pull request
Jun 16, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: Ia96f10b42cb5d4de72d6e29cfcb45fc4c66ea1a6 GitHub-PR: #5 GitHub-Hash: 8bcad7f4aeae9c2e Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/policy-api
that referenced
this pull request
Jun 22, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: I43300f2ca3ed4e1abb569b72681f550c9415bd50 GitHub-PR: #10 GitHub-Hash: 1f121d43f80838eb Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/policy-apex-pdp
that referenced
this pull request
Jun 29, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: Icd1b128d19f1366def8483282361e6c534c02fb4 GitHub-PR: #17 GitHub-Hash: 16861333ca80f2f9 Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/policy-drools-applications
that referenced
this pull request
Jun 29, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: I6a87e2c9231ff2f0b072eb3ab63f6533a947424a GitHub-PR: #17 GitHub-Hash: e43ea8179ac5a20f Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/policy-common
that referenced
this pull request
Jun 30, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: I3a670baf349b066279ca0bf954012b190ef01f76 GitHub-PR: #13 GitHub-Hash: 1e12b0d9c4449230 Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/policy-xacml-pdp
that referenced
this pull request
Jun 30, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: I709648743f3598e5563cb77f11adb89054a6bbf2 GitHub-PR: #16 GitHub-Hash: 0905f4c07beac4b1 Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
onap-github
pushed a commit
to onap/policy-models
that referenced
this pull request
Jun 30, 2026
## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view  Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: Ie1a69748d49ed719abdf54414e0b02e81d1c022a GitHub-PR: #12 GitHub-Hash: 2abe73906414c5af Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org> Signed-off-by: danielhanrahan <daniel.hanrahan@est.tech>
onap-github
pushed a commit
to onap/policy-clamp
that referenced
this pull request
Jul 15, 2026
Bumps the github-actions-updates group with 8 updates: | Package | From | To | | --- | --- | --- | | step-security/harden-runner | `2.19.4` | `2.20.0` | | lfreleng-actions/repository-metadata-action | `0.2.1` | `0.2.3` | | lfreleng-actions/github2gerrit-action | `1.3.3` | `1.4.2` | | im-open/workflow-conclusion | `2.2.5` | `3.0.0` | | actions/upload-artifact | `4` | `7` | | lfreleng-actions/checkout-gerrit-change-action | `1.0.1` | `1.0.2` | | 1password/load-secrets-action | `4.0.0` | `4.0.1` | | lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml | `0.7.2` | `0.7.4` | Updates `step-security/harden-runner` from 2.19.4 to 2.20.0 ## Release notes Sourced from step-security/harden-runner's releases. v2.20.0 What's Changed Support for block policy for MacOS and Windows GitHub-hosted runners Support for Bitrise MacOS GitHub Actions runners HTTPS monitoring support for Bun for Linux runners (enterprise tier) Full Changelog: step-security/harden-runner@v2.19.4...v2.20.0 ## Commits bf7454d Merge pull request #673 from step-security/fix/aggregate-error-startup-hang 1188420 Update non-TLS agent to v0.16.2 162cfea Update non-TLS agent to v0.16.1 eb9e1f4 Bring macOS runner updates from PR 674 1a10b01 Update Windows agent to v1.0.7 8b4a105 Apply npm audit fixes with release-age cooldown 3626e03 Default TLS status check failures to enabled 100e08b Update agent-ebpf to v1.8.12 774f75f Update agent to v1.8.9 f312657 Extend missing-agent-dir guard to Linux and macOS cleanup paths Additional commits viewable in compare view Updates `lfreleng-actions/repository-metadata-action` from 0.2.1 to 0.2.3 ## Release notes Sourced from lfreleng-actions/repository-metadata-action's releases. v0.2.3 🐛 Bug Fixes 🐛 Fix(deps): Remove uv exclude-newer cooldown @ModeSevenIndustrialSolutions (#119) 🔧 Maintenance 🔧 Chore: Bump release-drafter/release-drafter from 7.4.0 to 7.5.1 @dependabot[bot] (#122) Chore: Bump actions/cache from 5.0.5 to 6.1.0 @dependabot[bot] (#123) Chore: Bump lfreleng-actions/tag-validate-action from 1.0.3 to 1.0.4 @dependabot[bot] (#120) Chore: Bump actions/setup-python from 6.2.0 to 6.3.0 @dependabot[bot] (#121) Chore: pre-commit autoupdate @pre-commit-ci[bot] (#124) 🎓 Code Quality 🎓 CI: Add OpenSSF Scorecard workflow @ModeSevenIndustrialSolutions (#118) Links Submit bugs/feature requests v0.2.2 🐛 Bug Fixes 🐛 Fix: resolve Zizmor findings and bump GitPython @ModeSevenIndustrialSolutions (#117) 🔧 Maintenance 🔧 Chore: pre-commit autoupdate @pre-commit-ci[bot] (#105) Chore: Bump lfreleng-actions/tag-validate-action from 1.0.2 to 1.0.3 @dependabot[bot] (#106) Chore: Bump actions/checkout from 6.0.3 to 7.0.0 @dependabot[bot] (#107) Chore: Bump release-drafter/release-drafter from 7.3.1 to 7.4.0 @dependabot[bot] (#108) Chore: Bump lfreleng-actions/draft-release-promote-action from 0.1.3 to 0.1.4 @dependabot[bot] (#109) Chore: Bump cryptography from 46.0.3 to 48.0.1 @dependabot[bot] (#110) Chore: Bump idna from 3.11 to 3.15 @dependabot[bot] (#111) Chore: Bump urllib3 from 2.6.2 to 2.7.0 @dependabot[bot] (#112) Chore: Bump pyjwt from 2.10.1 to 2.13.0 @dependabot[bot] (#113) Chore: Bump pytest from 7.4.4 to 9.0.3 @dependabot[bot] (#115) Chore: pre-commit autoupdate @pre-commit-ci[bot] (#116) Chore: Bump requests from 2.32.5 to 2.33.0 @dependabot[bot] (#114) Links Submit bugs/feature requests ## Commits 61e837e Merge pull request #124 from lfreleng-actions/pre-commit-ci-update-config 7909703 Chore: pre-commit autoupdate 93407da Merge pull request #121 from lfreleng-actions/dependabot/github_actions/actio 9723574 Merge pull request #120 from lfreleng-actions/dependabot/github_actions/lfrel 437113c Merge pull request #123 from lfreleng-actions/dependabot/github_actions/actio 7fa2f05 Merge pull request #122 from lfreleng-actions/dependabot/github_actions/relea eda4aa4 Chore: Bump actions/cache from 5.0.5 to 6.1.0 073e023 Chore: Bump release-drafter/release-drafter from 7.4.0 to 7.5.1 fe6ad86 Chore: Bump actions/setup-python from 6.2.0 to 6.3.0 619ed6e Chore: Bump lfreleng-actions/tag-validate-action from 1.0.3 to 1.0.4 Additional commits viewable in compare view Updates `lfreleng-actions/github2gerrit-action` from 1.3.3 to 1.4.2 ## Release notes Sourced from lfreleng-actions/github2gerrit-action's releases. v1.4.2 🐛 Bug Fixes 🐛 Fix: Reconcile closed changes and bundle action/workflow @ModeSevenIndustrialSolutions (#330) 🔧 Maintenance 🔧 Chore: Bump astral-sh/setup-uv from 8.2.0 to 8.3.0 @dependabot[bot] (#327) Chore: Bump responses from 0.26.1 to 0.26.2 @dependabot[bot] (#328) Chore: pre-commit autoupdate @pre-commit-ci[bot] (#329) Chore: Bump step-security/harden-runner from 2.19.4 to 2.20.0 @dependabot[bot] (#331) Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml from 0.7.2 to 0.7.4 @dependabot[bot] (#334) Chore: Bump astral-sh/setup-uv from 8.3.0 to 8.3.2 @dependabot[bot] (#332) Chore: Bump mypy from 2.1.0 to 2.2.0 @dependabot[bot] (#333) Chore: Bump hatchling from 1.30.1 to 1.31.0 @dependabot[bot] (#335) 🎓 Code Quality 🎓 CI: Set coverage data_file outside project tree @ModeSevenIndustrialSolutions (#326) Links Submit bugs/feature requests v1.4.1 🐛 Bug Fixes 🐛 Fix: Unify Gerrit topic format across push/query @ModeSevenIndustrialSolutions (#324) 🔧 Maintenance 🔧 Chore: Remove AI-slop comments flagged by aislop @ModeSevenIndustrialSolutions (#325) Links Submit bugs/feature requests v1.4.0 ✨ New Features ✨ Feat: Add Copilot to known automation tools @eb-oss (#296) Feat: Add OpenSSF Scorecard and fix zizmor @ModeSevenIndustrialSolutions (#311) 🐛 Bug Fixes 🐛 Fix(deps): Remove uv exclude-newer cooldown @ModeSevenIndustrialSolutions (#312) ... (truncated) ## Commits 9f32f3c Merge pull request #335 from lfreleng-actions/dependabot/uv/hatchling-1.31.0 86c6955 Merge pull request #333 from lfreleng-actions/dependabot/uv/mypy-2.2.0 c6305b3 Merge pull request #332 from lfreleng-actions/dependabot/github_actions/astra d6a1ecd Merge pull request #334 from lfreleng-actions/dependabot/github_actions/lfit/ 5ae1bf9 Merge pull request #331 from lfreleng-actions/dependabot/github_actions/step- e134af5 Chore: Bump hatchling from 1.30.1 to 1.31.0 5dc30c2 Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-sc b053702 Chore: Bump mypy from 2.1.0 to 2.2.0 0be7d15 Chore: Bump astral-sh/setup-uv from 8.3.0 to 8.3.2 6d3b65f Chore: Bump step-security/harden-runner from 2.19.4 to 2.20.0 Additional commits viewable in compare view Updates `im-open/workflow-conclusion` from 2.2.5 to 3.0.0 ## Commits 8eac7f1 Merge pull request #29 from im-open/node24 c4d9654 Update to node 24 aa85805 Merge pull request #23 from im-open/dependabot/npm_and_yarn/multi-0f30d60bd3 40cf9b3 Merge branch 'main' into dependabot/npm_and_yarn/multi-0f30d60bd3 58125f7 Bump @octokit/plugin-paginate-rest and @actions/github See full diff in compare view Updates `actions/upload-artifact` from 4 to 7 ## Release notes Sourced from actions/upload-artifact's releases. v7.0.0 v7 What's new Direct Uploads Adds support for uploading single files directly (unzipped). Callers can set the new archive parameter to false to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The name parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file. ESM To support new versions of the @actions/* packages, we've upgraded the package to ESM. What's Changed Add proxy integration test by @Link- in actions/upload-artifact#754 Upgrade the module to ESM and bump dependencies by @danwkennedy in actions/upload-artifact#762 Support direct file uploads by @danwkennedy in actions/upload-artifact#764 New Contributors @Link- made their first contribution in actions/upload-artifact#754 Full Changelog: actions/upload-artifact@v6...v7.0.0 v6.0.0 v6 - What's new [!IMPORTANT] actions/upload-artifact@v6 now runs on Node.js 24 (runs.using: node24) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading. Node.js 24 This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24. What's Changed Upload Artifact Node 24 support by @salmanmkc in actions/upload-artifact#719 fix: update @actions/artifact for Node.js 24 punycode deprecation by @salmanmkc in actions/upload-artifact#744 prepare release v6.0.0 for Node.js 24 support by @salmanmkc in actions/upload-artifact#745 Full Changelog: actions/upload-artifact@v5.0.0...v6.0.0 v5.0.0 What's Changed BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such. Update README.md by @GhadimiR in actions/upload-artifact#681 Update README.md by @nebuk89 in actions/upload-artifact#712 Readme: spell out the first use of GHES by @danwkennedy in actions/upload-artifact#727 Update GHES guidance to include reference to Node 20 version by @patrikpolyak in actions/upload-artifact#725 Bump @actions/artifact to v4.0.0 Prepare v5.0.0 by @danwkennedy in actions/upload-artifact#734 ... (truncated) ## Commits 043fb46 Merge pull request #797 from actions/yacaovsnc/update-dependency 634250c Include changes in typespec/ts-http-runtime 0.3.5 e454baa Readme: bump all the example versions to v7 (#796) 74fad66 Update the readme with direct upload details (#795) bbbca2d Support direct file uploads (#764) 589182c Upgrade the module to ESM and bump dependencies (#762) 47309c9 Merge pull request #754 from actions/Link-/add-proxy-integration-tests 02a8460 Add proxy integration test b7c566a Merge pull request #745 from actions/upload-artifact-v6-release e516bc8 docs: correct description of Node.js 24 support in README Additional commits viewable in compare view Updates `lfreleng-actions/checkout-gerrit-change-action` from 1.0.1 to 1.0.2 ## Release notes Sourced from lfreleng-actions/checkout-gerrit-change-action's releases. v1.0.2 🔧 Maintenance 🔧 Chore: Bump step-security/harden-runner from 2.16.0 to 2.16.1 @dependabot[bot] (#79) Chore: pre-commit autoupdate @pre-commit-ci[bot] (#80) Chore: pre-commit autoupdate @pre-commit-ci[bot] (#81) Chore: Bump release-drafter/release-drafter from 7.1.1 to 7.2.0 @dependabot[bot] (#83) Chore: Bump step-security/harden-runner from 2.16.1 to 2.18.0 @dependabot[bot] (#82) Chore: Bump release-drafter/release-drafter from 7.2.0 to 7.2.1 @dependabot[bot] (#88) Chore: pre-commit autoupdate @pre-commit-ci[bot] (#85) Chore: Bump step-security/harden-runner from 2.18.0 to 2.19.0 @dependabot[bot] (#86) Chore: Bump lfreleng-actions/tag-validate-action from 1.0.1 to 1.0.2 @dependabot[bot] (#87) Chore: pre-commit autoupdate @pre-commit-ci[bot] (#89) Chore: Bump step-security/harden-runner from 2.19.0 to 2.19.1 @dependabot[bot] (#90) Chore: pre-commit autoupdate @pre-commit-ci[bot] (#91) Chore: Bump step-security/harden-runner from 2.19.1 to 2.19.2 @dependabot[bot] (#93) Chore: Bump release-drafter/release-drafter from 7.2.1 to 7.3.0 @dependabot[bot] (#92) Chore: pre-commit autoupdate @pre-commit-ci[bot] (#94) Chore: Bump step-security/harden-runner from 2.19.2 to 2.19.3 @dependabot[bot] (#95) Chore: pre-commit autoupdate @pre-commit-ci[bot] (#96) Chore: Bump step-security/harden-runner from 2.19.3 to 2.19.4 @dependabot[bot] (#97) Chore: Bump release-drafter/release-drafter from 7.3.0 to 7.3.1 @dependabot[bot] (#98) Chore: pre-commit autoupdate @pre-commit-ci[bot] (#99) Chore: Bump actions/checkout from 6.0.2 to 6.0.3 @dependabot[bot] (#100) Chore: remove redundant workflow copies @ModeSevenIndustrialSolutions (#102) Chore: pre-commit autoupdate @pre-commit-ci[bot] (#103) Docs: Add SECURITY.md security policy @ModeSevenIndustrialSolutions (#105) Chore: pre-commit autoupdate @pre-commit-ci[bot] (#106) 🎓 Code Quality 🎓 CI: update tag-push workflow from template @ModeSevenIndustrialSolutions (#84) CI(dependabot): Add 7-day update cooldown @ModeSevenIndustrialSolutions (#104) Links Submit bugs/feature requests ## Commits f87b90a Merge pull request #106 from lfreleng-actions/pre-commit-ci-update-config 3b77a16 Chore: pre-commit autoupdate 719371f Merge pull request #105 from modeseven-lfreleng-actions/chore/add-security-md 43d9e1a Docs: Add SECURITY.md security policy 857d657 Merge pull request #104 from modeseven-lfreleng-actions/dependabot-cooldown b164594 CI(dependabot): Add 7-day update cooldown 9b89664 Merge pull request #103 from lfreleng-actions/pre-commit-ci-update-config 0d8f64d Chore: pre-commit autoupdate 60dc200 Merge pull request #102 from modeseven-lfreleng-actions/chore/remove-redundan 0ecb658 Chore: remove redundant workflow copies Additional commits viewable in compare view Updates `1password/load-secrets-action` from 4.0.0 to 4.0.1 ## Release notes Sourced from 1password/load-secrets-action's releases. v4.0.1 What's Changed Fix Fixed a Windows specific issue where 1Password CLI installation could fail because the downloaded archive lacked a .zip extension required by PowerShell’s archive extraction fallback. (#154) Bump actions/checkout from v5 to v6 in CI workflows. (#156) Security Harden GitHub Actions workflows by pinning external actions to immutable commit SHAs. (#157) Docs Add 1Password API Terms of Service notice to the README (#166) New Contributors @dagecko made their first contribution in 1Password/load-secrets-action#157 @superteppo made their first contribution in 1Password/load-secrets-action#154 @libutcher made their first contribution in 1Password/load-secrets-action#166 Full Changelog: 1Password/load-secrets-action@v4.0.0...v4.0.1 ## Commits 3a12b0a Merge pull request #167 from 1Password/release/v4.0.1 0f0cd1b create new build be2f36b Add Terms of Service to README (#166) 908aabf Merge pull request #154 from superteppo/main cc166c6 Merge pull request #157 from dagecko/runner-guard/fix-ci-security 080cd2d Merge branch '1Password:main' into main 2a321c3 fix: pin 4 unpinned action(s),extract 3 unsafe expression(s) to env vars 2a9101f Merge pull request #156 from 1Password/jill/bump-actions 5b18565 bump actions a763b8d fix installer error on windows See full diff in compare view Updates `lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml` from 0.7.2 to 0.7.4 ## Release notes Sourced from lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml's releases. v0.7.4 🔧 Maintenance 🔧 Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-packer-verify.yaml from 0.7.0 to 0.7.2 @dependabot[bot] (#751) Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-sonatype-lifecycle.yaml from 0.6.1 to 0.7.2 @dependabot[bot] (#753) Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml from 0.7.0 to 0.7.2 @dependabot[bot] (#754) Chore: Bump github/codeql-action/init from 4.36.2 to 4.36.3 @dependabot[bot] (#752) Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-verify-github-actions.yaml from 0.7.0 to 0.7.2 @dependabot[bot] (#755) Chore: Bump dorny/paths-filter from 4.0.1 to 4.0.2 @dependabot[bot] (#756) Chore: Bump lfit/releng-reusable-workflows/.github/workflows/gerrit-compose-required-tox-verify.yaml from 0.7.0 to 0.7.2 @dependabot[bot] (#750) Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-repo-linting.yaml from 0.7.0 to 0.7.2 @dependabot[bot] (#757) Chore: Bump docker/build-push-action from 7.2.0 to 7.3.0 @dependabot[bot] (#758) Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-jjb-verify.yaml from 0.7.0 to 0.7.2 @dependabot[bot] (#760) Chore: Bump lfreleng-actions/credential-load-action from 1.0.0 to 1.1.0 @dependabot[bot] (#759) Chore: Bump lfreleng-actions/zizmor-scan-action from 0.3.0 to 0.3.1 @dependabot[bot] (#761) Chore: Bump github/codeql-action/upload-sarif from 4.36.2 to 4.36.3 @dependabot[bot] (#762) Chore: pre-commit linting updates @pre-commit-ci[bot] (#765) Chore: Bump jordanconway/package-manager-hardening from 0.4.2 to 0.4.3 @dependabot[bot] (#763) Chore: Bump github/codeql-action/analyze from 4.36.2 to 4.36.3 @dependabot[bot] (#764) Chore: Bump lfit/releng-reusable-workflows/.github/workflows/gerrit-compose-required-tox-verify.yaml from 0.7.2 to 0.7.3 @dependabot[bot] (#769) Chore: Bump github/codeql-action/upload-sarif from 4.36.3 to 4.37.0 @dependabot[bot] (#770) Chore: Bump github/codeql-action/analyze from 4.36.3 to 4.37.0 @dependabot[bot] (#768) Chore: Bump step-security/harden-runner from 2.19.4 to 2.20.0 @dependabot[bot] (#771) Chore: Bump lfreleng-actions/credential-load-action from 1.1.0 to 2.0.0 @dependabot[bot] (#767) Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml from 0.7.2 to 0.7.3 @dependabot[bot] (#772) Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-jjb-verify.yaml from 0.7.2 to 0.7.3 @dependabot[bot] (#773) Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-verify-github-actions.yaml from 0.7.2 to 0.7.3 @dependabot[bot] (#775) Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-repo-linting.yaml from 0.7.2 to 0.7.3 @dependabot[bot] (#774) Chore: Bump github/codeql-action/init from 4.36.3 to 4.37.0 @dependabot[bot] (#776) Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-packer-verify.yaml from 0.7.2 to 0.7.3 @dependabot[bot] (#778) Chore: Bump actions/setup-java from 5.4.0 to 5.5.0 @dependabot[bot] (#777) Chore: Bump lfreleng-actions/zizmor-scan-action from 0.3.1 to 0.4.0 @dependabot[bot] (#779) Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-sonatype-lifecycle.yaml from 0.7.2 to 0.7.3 @dependabot[bot] (#780) Links Submit bugs/feature requests v0.7.3 🔧 Maintenance 🔧 Chore: Bump change-isolation-action to v0.2.0 @ModeSevenIndustrialSolutions (#766) Links Submit bugs/feature requests ## Commits 5fa62e3 Merge pull request #780 from lfit/dependabot/github_actions/lfit/releng-reusa 34d94b1 Merge pull request #779 from lfit/dependabot/github_actions/lfreleng-actions/ 70d4d84 Merge pull request #777 from lfit/dependabot/github_actions/actions/setup-jav 55039c6 Merge pull request #778 from lfit/dependabot/github_actions/lfit/releng-reusa d940c57 Merge pull request #776 from lfit/dependabot/github_actions/github/codeql-act 57c5c52 Merge pull request #774 from lfit/dependabot/github_actions/lfit/releng-reusa a54a16e Merge pull request #775 from lfit/dependabot/github_actions/lfit/releng-reusa 66b4a1c Merge pull request #773 from lfit/dependabot/github_actions/lfit/releng-reusa aa3ba13 Merge pull request #772 from lfit/dependabot/github_actions/lfit/releng-reusa f463514 Merge pull request #767 from lfit/dependabot/github_actions/lfreleng-actions/ Additional commits viewable in compare view Issue-ID: CIMAN-33 Signed-off-by: dependabot[bot] <support@github.com> Change-Id: Id0b478b9c184aa6108f0e2dd6311acb82b036973 GitHub-PR: #40 GitHub-Hash: 8867668c6c265f6c Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Override install() in WindowsInstaller to rename the downloaded file with a .zip extension before extraction.
On Windows, @actions/tool-cache’s downloadTool() saves downloads using a random UUID filename with no extension. When pwsh is unavailable and only legacy powershell is present, extractZip() falls back to Expand-Archive, which requires the file to have a .zip extension. Before this change, extraction failed because the downloaded file had no .zip suffix.