)]}' { "log": [ { "commit": "5c526bab3345051790e867bc846a40acc93c165c", "tree": "09a7e9e6cc6d9fa8c19949b7661c68b3b112d207", "parents": [ "54a4d10f7c09984f0cfbb19deaf0b38a6cd1e146" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Mon Jun 01 17:19:18 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jun 01 17:19:18 2026 +0800" }, "message": "docs: add reqsign release skill (#763)\n\nAdd a reusable release skill for Apache OpenDAL reqsign.\n\nThe skill captures the Apache RC flow used for the 0.20.1 release:\nversion bump PR, signed RC tag, source artifacts, ASF dist upload,\nvote/result, formal tag, crates.io publish, GitHub Release, and recovery\nnotes for common release mistakes." }, { "commit": "54a4d10f7c09984f0cfbb19deaf0b38a6cd1e146", "tree": "87bc2ecf572e3c44498d869b3b96e4ffa6e58be4", "parents": [ "3a50c2c1f269109c5901b121791c4b4489cdafca" ], "author": { "name": "Yuang Gao", "email": "91290127+YuangGao@users.noreply.github.com", "time": "Thu May 28 02:21:27 2026 -0700" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu May 28 17:21:27 2026 +0800" }, "message": "feat(azure-storage): add missing setters for client secret and workload identity providers (#760)\n\n## Which issue does this PR close?\n\n- Closes #756.\n\n## What changes are included in this PR?\n\n`ClientSecretCredentialProvider`:\n- Add `client_secret` and `authority_host` fields with corresponding\nsetters.\n- `provide_credential` now reads `self.client_id` / `self.client_secret`\n/ `self.authority_host` first, falling back to `AZURE_CLIENT_ID` /\n`AZURE_CLIENT_SECRET` / `AZURE_AUTHORITY_HOST`. Fixes `with_client_id`\nbeing a silent no-op.\n\n`WorkloadIdentityCredentialProvider`:\n- Add `client_id`, `federated_token_file`, and `authority_host` fields\nwith corresponding setters.\n- `provide_credential` now reads each from `self` first, falling back to\nenv vars. Fixes `with_tenant_id` being a silent no-op" }, { "commit": "3a50c2c1f269109c5901b121791c4b4489cdafca", "tree": "a570cfc702998574f5e6d4d8e0ee24d331b2612a", "parents": [ "6d7af22845aa70e4f9273cfe7b1e9f6bd5749438" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Fri May 22 17:37:15 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 22 17:37:15 2026 +0800" }, "message": "chore: prepare v0.20.1 release\n\nPrepare workspace manifests for v0.20.1 release." }, { "commit": "6d7af22845aa70e4f9273cfe7b1e9f6bd5749438", "tree": "71026976c0fdcd1ed0d69f503ea2bf9231a67cd8", "parents": [ "aa879f11975721e223fa0c592f74b20b94c750fd" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Fri May 22 17:05:39 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 22 17:05:39 2026 +0800" }, "message": "refactor: Remove jsonwebtoken dependency (#757)\n\nCloses #754.\n\nThis removes `jsonwebtoken` from the workspace instead of adding crypto\nbackend feature selection for it. Reqsign only needs to generate RS256\nclient assertions for Google and Azure, so the PR replaces those call\nsites with a small internal RS256 JWT encoder built on the existing\n`rsa`, `serde_json`, and `base64` dependencies.\n\nThis supersedes #755 by removing the dependency path that pulled\n`aws-lc-rs` into normal builds." }, { "commit": "aa879f11975721e223fa0c592f74b20b94c750fd", "tree": "8252d6525538d4470169f968ebb5305bbbe0e3ab", "parents": [ "bb87cb8459b13c243b06827e43aa2b04ff1eef93" ], "author": { "name": "Tamir Duberstein", "email": "tamird@gmail.com", "time": "Fri May 22 10:40:18 2026 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 22 16:40:18 2026 +0800" }, "message": "Clarify Azure version header ownership (#746)\n\nReqsign no longer owns Azure service-version header insertion. Document\nthat callers should provide `x-ms-version` for ordinary Azure Storage\nrequests and omit it only for batch sub-requests.\n\nThis changed in aa28ce2e4db673c6f0fa9fc31533b39e856ad825." }, { "commit": "bb87cb8459b13c243b06827e43aa2b04ff1eef93", "tree": "7bd89f59287111171f509e4759320fe59f266754", "parents": [ "9aba16ea2c2766844aedf32c3e6a9701a08f6ec6" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri May 22 16:17:34 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 22 16:17:34 2026 +0800" }, "message": "build(deps): update quick-xml requirement from 0.39.2 to 0.40.0 (#753)\n\nUpdates the requirements on\n[quick-xml](https://github.com/tafia/quick-xml) to permit the latest\nversion.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/releases\"\u003equick-xml\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.40.0 - UTF-16 and ISO-2022-JP encodings supported\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cp\u003eMSRV bumped to 1.79.\u003c/p\u003e\n\u003cp\u003eNow \u003ccode\u003equick-xml\u003c/code\u003e supports the UTF-16 and ISO-2022-JP\nencoded documents. See the new \u003ccode\u003eDecodingReader\u003c/code\u003e type.\u003c/p\u003e\n\u003ch3\u003eNew Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/956\"\u003e#956\u003c/a\u003e:\nAdd \u003ccode\u003eDecodingReader\u003c/code\u003e, a \u003ccode\u003eBufRead\u003c/code\u003e adapter that\nauto-detects encoding from BOM or XML declaration and transcodes to\nUTF-8. Enabled by the \u003ccode\u003eencoding\u003c/code\u003e feature.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/938\"\u003e#938\u003c/a\u003e:\nAdd new enumeration \u003ccode\u003eXmlVersion\u003c/code\u003e and typified getter\n\u003ccode\u003eBytesDecl::xml_version()\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/938\"\u003e#938\u003c/a\u003e:\nAdd new error variant \u003ccode\u003eIllFormedError::UnknownVersion\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/371\"\u003e#371\u003c/a\u003e:\nAdd new error variant\n\u003ccode\u003eEscapeError::TooManyNestedEntities\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/371\"\u003e#371\u003c/a\u003e:\nImproved compliance with the XML attribute value normalization process\nby adding\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAttribute::normalized_value()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAttribute::normalized_value_with()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAttribute::decoded_and_normalized_value()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAttribute::decoded_and_normalized_value_with()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ewhich ought to be used in place of deprecated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAttribute::unescape_value()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAttribute::unescape_value_with()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAttribute::decode_and_unescape_value()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAttribute::decode_and_unescape_value_with()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDeprecated functions now behaves the same as newly added.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/938\"\u003e#938\u003c/a\u003e:\nUse correct rules for EOL normalization in \u003ccode\u003eDeserializer\u003c/code\u003e\nwhen parse XML 1.0 documents. Previously XML 1.1. rules was\napplied.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMisc Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/914\"\u003e#914\u003c/a\u003e:\nRemove deprecated \u003ccode\u003e.prefixes()\u003c/code\u003e, \u003ccode\u003e.resolve()\u003c/code\u003e,\n\u003ccode\u003e.resolve_attribute()\u003c/code\u003e, and \u003ccode\u003e.resolve_element()\u003c/code\u003e\nof \u003ccode\u003eNsReader\u003c/code\u003e. Use \u003ccode\u003e.resolver().\u0026lt;...\u0026gt;\u003c/code\u003e\nmethods instead.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/938\"\u003e#938\u003c/a\u003e:\nNow \u003ccode\u003eBytesText::xml_content\u003c/code\u003e,\n\u003ccode\u003eBytesCData::xml_content\u003c/code\u003e and\n\u003ccode\u003eBytesRef::xml_content\u003c/code\u003e accepts \u003ccode\u003eXmlVersion\u003c/code\u003e\nparameter to apply correct EOL normalization rules.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/944\"\u003e#944\u003c/a\u003e:\n\u003ccode\u003eread_text()\u003c/code\u003e now returns \u003ccode\u003eBytesText\u003c/code\u003e which allows\nyou to get the content with properly normalized EOLs. To get the\nprevious behavior use \u003ccode\u003e.read_text().decode()?\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/956\"\u003e#956\u003c/a\u003e:\nBumped MSRV from 1.59 (Feb 2022) to 1.79 (June 2024)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/371\"\u003e#371\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/371\"\u003etafia/quick-xml#371\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/914\"\u003e#914\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/pull/914\"\u003etafia/quick-xml#914\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/938\"\u003e#938\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/pull/938\"\u003etafia/quick-xml#938\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/944\"\u003e#944\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/pull/944\"\u003etafia/quick-xml#944\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/956\"\u003e#956\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/pull/956\"\u003etafia/quick-xml#956\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/dobermai\"\u003e\u003ccode\u003e@​dobermai\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/pull/958\"\u003etafia/quick-xml#958\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/compare/v0.39.4...v0.40.0\"\u003ehttps://github.com/tafia/quick-xml/compare/v0.39.4...v0.40.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/blob/master/Changelog.md\"\u003equick-xml\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.40.0 -- 2026-05-11\u003c/h2\u003e\n\u003cp\u003eMSRV bumped to 1.79.\u003c/p\u003e\n\u003cp\u003eNow \u003ccode\u003equick-xml\u003c/code\u003e supports the UTF-16 encoded documents. See\nthe new \u003ccode\u003eDecodingReader\u003c/code\u003e type.\u003c/p\u003e\n\u003ch3\u003eNew Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/956\"\u003e#956\u003c/a\u003e:\nAdd \u003ccode\u003eDecodingReader\u003c/code\u003e, a \u003ccode\u003eBufRead\u003c/code\u003e adapter that\nauto-detects encoding\nfrom BOM or XML declaration and transcodes to UTF-8. Enabled by the\n\u003ccode\u003eencoding\u003c/code\u003e feature.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/938\"\u003e#938\u003c/a\u003e:\nAdd new enumeration \u003ccode\u003eXmlVersion\u003c/code\u003e and typified getter\n\u003ccode\u003eBytesDecl::xml_version()\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/938\"\u003e#938\u003c/a\u003e:\nAdd new error variant \u003ccode\u003eIllFormedError::UnknownVersion\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/371\"\u003e#371\u003c/a\u003e:\nAdd new error variant\n\u003ccode\u003eEscapeError::TooManyNestedEntities\u003c/code\u003e.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/371\"\u003e#371\u003c/a\u003e:\nImproved compliance with the XML attribute value normalization process\nby adding\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAttribute::normalized_value()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAttribute::normalized_value_with()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAttribute::decoded_and_normalized_value()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAttribute::decoded_and_normalized_value_with()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003ewhich ought to be used in place of deprecated\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eAttribute::unescape_value()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAttribute::unescape_value_with()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAttribute::decode_and_unescape_value()\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003eAttribute::decode_and_unescape_value_with()\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eDeprecated functions now behaves the same as newly added.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/938\"\u003e#938\u003c/a\u003e:\nUse correct rules for EOL normalization in \u003ccode\u003eDeserializer\u003c/code\u003e\nwhen parse XML 1.0 documents.\nPreviously XML 1.1. rules was applied.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMisc Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/914\"\u003e#914\u003c/a\u003e:\nRemove deprecated \u003ccode\u003e.prefixes()\u003c/code\u003e, \u003ccode\u003e.resolve()\u003c/code\u003e,\n\u003ccode\u003e.resolve_attribute()\u003c/code\u003e, and \u003ccode\u003e.resolve_element()\u003c/code\u003e\nof \u003ccode\u003eNsReader\u003c/code\u003e. Use \u003ccode\u003e.resolver().\u0026lt;...\u0026gt;\u003c/code\u003e\nmethods instead.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/938\"\u003e#938\u003c/a\u003e:\nNow \u003ccode\u003eBytesText::xml_content\u003c/code\u003e,\n\u003ccode\u003eBytesCData::xml_content\u003c/code\u003e and\n\u003ccode\u003eBytesRef::xml_content\u003c/code\u003e\naccepts \u003ccode\u003eXmlVersion\u003c/code\u003e parameter to apply correct EOL\nnormalization rules.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/944\"\u003e#944\u003c/a\u003e:\n\u003ccode\u003eread_text()\u003c/code\u003e now returns \u003ccode\u003eBytesText\u003c/code\u003e which allows\nyou to get the content with\nproperly normalized EOLs. To get the previous behavior use\n\u003ccode\u003e.read_text().decode()?\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/956\"\u003e#956\u003c/a\u003e:\nBumped MSRV from 1.59 (Feb 2022) to 1.79 (June 2024)\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/371\"\u003e#371\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/371\"\u003etafia/quick-xml#371\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/914\"\u003e#914\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/pull/914\"\u003etafia/quick-xml#914\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/938\"\u003e#938\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/pull/938\"\u003etafia/quick-xml#938\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/944\"\u003e#944\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/pull/944\"\u003etafia/quick-xml#944\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/956\"\u003e#956\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/pull/956\"\u003etafia/quick-xml#956\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.39.4 -- 2026-05-08\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/2778564d592ca25d6315ea20b5105c74addfce5e\"\u003e\u003ccode\u003e2778564\u003c/code\u003e\u003c/a\u003e\nRelease 0.40.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/393db036811e7473b22d875109cd07acb183580f\"\u003e\u003ccode\u003e393db03\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/962\"\u003e#962\u003c/a\u003e\nfrom Mingun/prepare-0.40\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/a27709a457126f129b06d20309316be74056234c\"\u003e\u003ccode\u003ea27709a\u003c/code\u003e\u003c/a\u003e\nFix misprint in code example\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/0c0c914bc753075abdab92dcd94fc95c6a195b25\"\u003e\u003ccode\u003e0c0c914\u003c/code\u003e\u003c/a\u003e\nMake some functions const and enable clippy::missing_const_for_fn\nlint\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/bf4ffe5020cbe256c441c2cd26adf8716f6e5324\"\u003e\u003ccode\u003ebf4ffe5\u003c/code\u003e\u003c/a\u003e\nFix clippy warning: use \u003ccode\u003e.first()\u003c/code\u003e instead of\n\u003ccode\u003e.get(0)\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/d69baad385aeb489d4761469cc9738c21aa41c4f\"\u003e\u003ccode\u003ed69baad\u003c/code\u003e\u003c/a\u003e\nFix clippy warning: remove unnecessary after\n241f01e20ff679e9248f2ae424c9ba82...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/8e0ae4f7f4f2d0dda9f000f094bdf9b8e2b915a5\"\u003e\u003ccode\u003e8e0ae4f\u003c/code\u003e\u003c/a\u003e\nFix clippy warning: use \u003ccode\u003estrip_prefix\u003c/code\u003e instead of manual\nstripping\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/b795a5db737ad1b9c3fa8e61b31215fe1aba9552\"\u003e\u003ccode\u003eb795a5d\u003c/code\u003e\u003c/a\u003e\nRemove outdated documentation line that accidentally remained after\n99d2870a3...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/94e61ed5c0dbc8f18ce7e4bdc77a4a14fac71111\"\u003e\u003ccode\u003e94e61ed\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/956\"\u003e#956\u003c/a\u003e\nfrom dralley/decode\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/b918b0bab8c5b98cfc84f7322bd80fa3cc80f5b4\"\u003e\u003ccode\u003eb918b0b\u003c/code\u003e\u003c/a\u003e\nExpand tests using DecodingReader\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/compare/v0.39.2...v0.40.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "9aba16ea2c2766844aedf32c3e6a9701a08f6ec6", "tree": "f77f878d16e9b636d5887e87fcd658dce86b72cb", "parents": [ "7ebc4d5a0a993106f67de638e7956ab4ff182785" ], "author": { "name": "The Apache Software Foundation", "email": "root-asf-gitbox-commits@apache.org", "time": "Fri May 22 03:16:54 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri May 22 16:16:54 2026 +0800" }, "message": "[INFRA] Set up default rulesets for default and release branches (#747)\n\nThis Pull Request enables the repository to conform with the \"sane\ndefault security settings\" of the Apache Software Foundation by\nconfiguring a default branch ruleset that protects the default branch\nand any release branches.\n\nNote that `~DEFAULT_BRANCH` is a GitHub symbolic link to the current\ndefault branch (HEAD) of the repository and does not need changing.\nIf the managing project does not wish to set up these defaults, please\nclose this Pull Request. Alternatively, the project may merge this Pull\nRequest to apply the changes immediately.\n\nIf no action is taken, this Pull Request will be automatically merged by\nthe Apache Infrastructure team on **2026-06-14** (30 days from now).\n\nFor any further information, please reach us on Slack or at:\nusers@infra.apache.org" }, { "commit": "7ebc4d5a0a993106f67de638e7956ab4ff182785", "tree": "ec6914c68892a1fa9889cb47f0986c4d6b6158b4", "parents": [ "361d38b433a3c58b849538d138e3c6767c626b3c" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Mon May 18 16:32:22 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 18 16:32:22 2026 +0800" }, "message": "Add ASF allowlist check (#745)\n\nAdd the ASF infrastructure allowlist check for GitHub workflow changes\nso new action references are validated before merge.\n\nThis also normalizes the 1Password action references to the upstream\ncasing and updates Azure login to the allowlisted v3 ref, so the new\ncheck passes against the current ASF allowlist." }, { "commit": "361d38b433a3c58b849538d138e3c6767c626b3c", "tree": "63bf59e3cc55f5083e69d048388919eedc6f7f12", "parents": [ "4f2dca68173e1dc810eef38d1c7dc9c8190cfa2d" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Tue May 12 12:11:19 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue May 12 12:11:19 2026 +0800" }, "message": "Support explicit Aliyun OIDC config (#744)\n\nThis PR lets `AssumeRoleWithOidcCredentialProvider` accept the required\nOIDC settings through typed builder methods, so embedders no longer need\nto synthesize runtime environment variables just to use structured\nconfig.\n\nThe existing environment-variable path remains available as a\nconvenience fallback, while explicitly configured values take precedence\nand can fully bypass env lookup when all required OIDC fields are\nprovided.\n\nCloses #734." }, { "commit": "4f2dca68173e1dc810eef38d1c7dc9c8190cfa2d", "tree": "7a6f413409083ae06642e948aa34643a8455d584", "parents": [ "b50f609530f05aae43d5cdc515a0c9aa5b38e8d0" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue May 12 09:25:56 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue May 12 09:25:56 2026 +0800" }, "message": "build(deps): bump 1password/load-secrets-action from 3.2.1 to 4.0.0 (#737)\n\nBumps\n[1password/load-secrets-action](https://github.com/1password/load-secrets-action)\nfrom 3.2.1 to 4.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/1password/load-secrets-action/releases\"\u003e1password/load-secrets-action\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eClear \u003cstrong\u003enpm audit\u003c/strong\u003e / \u003cstrong\u003eDependabot\u003c/strong\u003e\nfindings via \u003cstrong\u003e\u003ccode\u003enpm audit fix\u003c/code\u003e\u003c/strong\u003e where safe\n(e.g. \u003cstrong\u003eajv\u003c/strong\u003e, \u003cstrong\u003eflatted\u003c/strong\u003e,\n\u003cstrong\u003eundici\u003c/strong\u003e, and other resolvable \u003cstrong\u003eminimatch\u003c/strong\u003e\nupdates). \u003ca\nhref\u003d\"https://redirect.github.com/1password/load-secrets-action/issues/151\"\u003e#151\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAction runtime updated from Node 20 to \u003cstrong\u003eNode 24\u003c/strong\u003e for\nGitHub Actions compatibility (\u003ca\nhref\u003d\"https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/\"\u003edeprecation\nnotice\u003c/a\u003e). \u003ca\nhref\u003d\"https://redirect.github.com/1password/load-secrets-action/issues/148\"\u003e#148\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/jjavieralv\"\u003e\u003ccode\u003e@​jjavieralv\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/1Password/load-secrets-action/pull/149\"\u003e1Password/load-secrets-action#149\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/compare/v3...v4.0.0\"\u003ehttps://github.com/1Password/load-secrets-action/compare/v3...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/92467eb28f72e8255933372f1e0707c567ce2259\"\u003e\u003ccode\u003e92467eb\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/1password/load-secrets-action/issues/153\"\u003e#153\u003c/a\u003e\nfrom 1Password/release/v4.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/21f21cb3122f5fe7bfdfd67df466dcdb3779307e\"\u003e\u003ccode\u003e21f21cb\u003c/code\u003e\u003c/a\u003e\nUpdate readme\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/a82b5b0e6208219fa3988afa58471e77f1ae24c7\"\u003e\u003ccode\u003ea82b5b0\u003c/code\u003e\u003c/a\u003e\ncreate new build\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/355a4641a8ce03214b1d4713e4df46ce299aa659\"\u003e\u003ccode\u003e355a464\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/1password/load-secrets-action/issues/151\"\u003e#151\u003c/a\u003e\nfrom 1Password/fix/dependabot-alerts\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/50dbf2f36c578393af5f8c525f7b55fd04ec600c\"\u003e\u003ccode\u003e50dbf2f\u003c/code\u003e\u003c/a\u003e\nRun npm isntall\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/2a602963c2584abcf77cd466b8b6e386f833f3b2\"\u003e\u003ccode\u003e2a60296\u003c/code\u003e\u003c/a\u003e\nUndo version bump\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/61e04e231d813e6a6f186baa3c659316dfe1ddaa\"\u003e\u003ccode\u003e61e04e2\u003c/code\u003e\u003c/a\u003e\nOveride minimatch\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/93d1217e3f210e307b4fc30ee8e0e18f590a1e0e\"\u003e\u003ccode\u003e93d1217\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/1password/load-secrets-action/issues/150\"\u003e#150\u003c/a\u003e\nfrom 1Password/jill/update-tests-to-use-node-24\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/17a79a92a6dc3496470258dff9b216fd5033b503\"\u003e\u003ccode\u003e17a79a9\u003c/code\u003e\u003c/a\u003e\nUndo mistaken udpate\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/7a0b59f9ab438aecbc232501a58d8c34a18f6591\"\u003e\u003ccode\u003e7a0b59f\u003c/code\u003e\u003c/a\u003e\nUpdate to v6\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/1password/load-secrets-action/compare/dafbe7cb03502b260e2b2893c753c352eee545bf...92467eb28f72e8255933372f1e0707c567ce2259\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003d1password/load-secrets-action\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d3.2.1\u0026new-version\u003d4.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has\nbeen open for over 30 days.\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "b50f609530f05aae43d5cdc515a0c9aa5b38e8d0", "tree": "e80fb06c0d9dd94f97fcec85af8fb4d156d783aa", "parents": [ "73ebc4b893b5ef1094005e079c4cf6e848a3e1fe" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue May 12 09:25:30 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue May 12 09:25:30 2026 +0800" }, "message": "build(deps): bump azure/login from 2.3.0 to 3.0.0 (#735)\n\nBumps [azure/login](https://github.com/azure/login) from 2.3.0 to 3.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/azure/login/releases\"\u003eazure/login\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eAzure Login Action v3.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade nodejs from 20 to 24 and update dependencies by \u003ca\nhref\u003d\"https://github.com/YanaXu\"\u003e\u003ccode\u003e@​YanaXu\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/Azure/login/pull/578\"\u003eAzure/login#578\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/Azure/login/compare/v2.3.0...v3.0.0\"\u003ehttps://github.com/Azure/login/compare/v2.3.0...v3.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/Azure/login/commit/532459ea530d8321f2fb9bb10d1e0bcf23869a43\"\u003e\u003ccode\u003e532459e\u003c/code\u003e\u003c/a\u003e\nprepare release v3.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/Azure/login/commit/893aa84218880a3fafd9a6d332ff1aea7108f1fe\"\u003e\u003ccode\u003e893aa84\u003c/code\u003e\u003c/a\u003e\nupgrade Azure Login Action version in README (\u003ca\nhref\u003d\"https://redirect.github.com/azure/login/issues/579\"\u003e#579\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/Azure/login/commit/ce6a9ff965c6b99ee966eee159baa8c35e135635\"\u003e\u003ccode\u003ece6a9ff\u003c/code\u003e\u003c/a\u003e\nupgrade nodejs from 20 to 24 and update dependencies (\u003ca\nhref\u003d\"https://redirect.github.com/azure/login/issues/578\"\u003e#578\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/azure/login/compare/a457da9ea143d694b1b9c7c869ebb04ebe844ef5...532459ea530d8321f2fb9bb10d1e0bcf23869a43\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dazure/login\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d2.3.0\u0026new-version\u003d3.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\n\u003e **Note**\n\u003e Automatic rebases have been disabled on this pull request as it has\nbeen open for over 30 days.\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "73ebc4b893b5ef1094005e079c4cf6e848a3e1fe", "tree": "648a0ec61c666eaf2e9f37c31fa1e378529a6e10", "parents": [ "712082079745d902f2f53b8c6c3d61eb0e647ce5" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue May 12 01:29:33 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue May 12 01:29:33 2026 +0800" }, "message": "build(deps): bump actions/github-script from 8.0.0 to 9.0.0 (#741)\n\nBumps [actions/github-script](https://github.com/actions/github-script)\nfrom 8.0.0 to 9.0.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/actions/github-script/releases\"\u003eactions/github-script\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eNew features:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003egetOctokit\u003c/code\u003e factory function\u003c/strong\u003e —\nAvailable directly in the script context. Create additional\nauthenticated Octokit clients with different tokens for multi-token\nworkflows, GitHub App tokens, and cross-org access. See \u003ca\nhref\u003d\"https://github.com/actions/github-script#creating-additional-clients-with-getoctokit\"\u003eCreating\nadditional clients with \u003ccode\u003egetOctokit\u003c/code\u003e\u003c/a\u003e for details and\nexamples.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eOrchestration ID in user-agent\u003c/strong\u003e — The\n\u003ccode\u003eACTIONS_ORCHESTRATION_ID\u003c/code\u003e environment variable is\nautomatically appended to the user-agent string for request\ntracing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003erequire(\u0027@actions/github\u0027)\u003c/code\u003e no longer works in\nscripts.\u003c/strong\u003e The upgrade to \u003ccode\u003e@actions/github\u003c/code\u003e v9\n(ESM-only) means \u003ccode\u003erequire(\u0027@actions/github\u0027)\u003c/code\u003e will fail at\nruntime. If you previously used patterns like \u003ccode\u003econst { getOctokit }\n\u003d require(\u0027@actions/github\u0027)\u003c/code\u003e to create secondary clients, use the\nnew injected \u003ccode\u003egetOctokit\u003c/code\u003e function instead — it\u0027s available\ndirectly in the script context with no imports needed.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003egetOctokit\u003c/code\u003e is now an injected function parameter.\nScripts that declare \u003ccode\u003econst getOctokit \u003d ...\u003c/code\u003e or \u003ccode\u003elet\ngetOctokit \u003d ...\u003c/code\u003e will get a \u003ccode\u003eSyntaxError\u003c/code\u003e because\nJavaScript does not allow \u003ccode\u003econst\u003c/code\u003e/\u003ccode\u003elet\u003c/code\u003e\nredeclaration of function parameters. Use the injected\n\u003ccode\u003egetOctokit\u003c/code\u003e directly, or use \u003ccode\u003evar getOctokit \u003d\n...\u003c/code\u003e if you need to redeclare it.\u003c/li\u003e\n\u003cli\u003eIf your script accesses other \u003ccode\u003e@actions/github\u003c/code\u003e internals\nbeyond the standard \u003ccode\u003egithub\u003c/code\u003e/\u003ccode\u003eoctokit\u003c/code\u003e client, you\nmay need to update those references for v9 compatibility.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ACTIONS_ORCHESTRATION_ID to user-agent string by \u003ca\nhref\u003d\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/695\"\u003eactions/github-script#695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use deployment: false for integration test environments by \u003ca\nhref\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/712\"\u003eactions/github-script#712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat!: add getOctokit to script context, upgrade\n\u003ccode\u003e@​actions/github\u003c/code\u003e v9, \u003ccode\u003e@​octokit/core\u003c/code\u003e v7, and\nrelated packages by \u003ca\nhref\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/700\"\u003eactions/github-script#700\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/695\"\u003eactions/github-script#695\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/actions/github-script/compare/v8.0.0...v9.0.0\"\u003ehttps://github.com/actions/github-script/compare/v8.0.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/3a2844b7e9c422d3c10d287c895573f7108da1b3\"\u003e\u003ccode\u003e3a2844b\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/issues/700\"\u003e#700\u003c/a\u003e\nfrom actions/salmanmkc/expose-getoctokit + prepare re...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/ca10bbdd1a7739de09e99a200c7a59f5d73a4079\"\u003e\u003ccode\u003eca10bbd\u003c/code\u003e\u003c/a\u003e\nfix: use \u003ccode\u003e@​octokit/core/\u003c/code\u003etypes import for v7\ncompatibility\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/86e48e20ac85c970ed1f96e718fd068173948b7b\"\u003e\u003ccode\u003e86e48e2\u003c/code\u003e\u003c/a\u003e\nmerge: incorporate main branch changes\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/c1084728b5b935ec4ddc1e4cee877b01797b3ff9\"\u003e\u003ccode\u003ec108472\u003c/code\u003e\u003c/a\u003e\nchore: rebuild dist for v9 upgrade and getOctokit factory\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/afff112e4f8b57c718168af75b89ce00bc8d091d\"\u003e\u003ccode\u003eafff112\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/issues/712\"\u003e#712\u003c/a\u003e\nfrom actions/salmanmkc/deployment-false + fix user-ag...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/ff8117e5b78c415f814f39ad6998f424fee7b817\"\u003e\u003ccode\u003eff8117e\u003c/code\u003e\u003c/a\u003e\nci: fix user-agent test to handle orchestration ID\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/81c6b7876079abe10ff715951c9fc7b3e1ab389d\"\u003e\u003ccode\u003e81c6b78\u003c/code\u003e\u003c/a\u003e\nci: use deployment: false to suppress deployment noise from integration\ntests\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/3953caf8858d318f37b6cc53a9f5708859b5a7b7\"\u003e\u003ccode\u003e3953caf\u003c/code\u003e\u003c/a\u003e\ndocs: update README examples from \u003ca\nhref\u003d\"https://github.com/v8\"\u003e\u003ccode\u003e@​v8\u003c/code\u003e\u003c/a\u003e to \u003ca\nhref\u003d\"https://github.com/v9\"\u003e\u003ccode\u003e@​v9\u003c/code\u003e\u003c/a\u003e, add getOctokit docs\nand v9 brea...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/c17d55b90dcdb3d554d0027a6c180a7adc2daf78\"\u003e\u003ccode\u003ec17d55b\u003c/code\u003e\u003c/a\u003e\nci: add getOctokit integration test job\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/a047196d9a02fe92098771cafbb98c2f1814e408\"\u003e\u003ccode\u003ea047196\u003c/code\u003e\u003c/a\u003e\ntest: add getOctokit integration tests via callAsyncFunction\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/actions/github-script/compare/ed597411d8f924073f98dfc5c65a23a2325f34cd...3a2844b7e9c422d3c10d287c895573f7108da1b3\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dactions/github-script\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d8.0.0\u0026new-version\u003d9.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "712082079745d902f2f53b8c6c3d61eb0e647ce5", "tree": "6e9feb55c446add342448133f662a075700f89bb", "parents": [ "a3c923fe2fce1823dcbd06cbe31bd41d1338a927" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Mon May 11 23:13:26 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon May 11 23:13:26 2026 +0800" }, "message": "Upgrade RustCrypto hash dependencies (#743)\n\nThis upgrades the direct RustCrypto hash/MAC dependencies to the current\nstable line: hmac 0.13 and sha1/sha2 0.11. The RSA crate is\nintentionally left on the latest stable 0.9 series, so RSA signing code\nuses rsa::sha2::Sha256 to keep that digest-0.10 boundary isolated while\nthe rest of reqsign moves forward.\n\nCargo.lock is ignored in this repository, so this PR only updates\nmanifests and the small API adaptations required by the new hash crates." }, { "commit": "a3c923fe2fce1823dcbd06cbe31bd41d1338a927", "tree": "02d650369fdb72e2887d60a6cd7828cebe33fc1a", "parents": [ "9c67ccc929f0b4bd432f70b81759d5fd98a65512" ], "author": { "name": "Ben Beasley", "email": "code@musicinmybrain.net", "time": "Fri Mar 27 12:32:34 2026 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Mar 27 20:32:34 2026 +0800" }, "message": "fix: Fix missing LICENSE file in published reqsign-volcengine-tos crate (#736)\n\nThis is the same fix as\nhttps://github.com/apache/opendal-reqsign/pull/635, but for the new\n`volcengine-tos` service." }, { "commit": "9c67ccc929f0b4bd432f70b81759d5fd98a65512", "tree": "b573de3b134ff35193240b4e56331913ca72655f", "parents": [ "0976884a738b22110e29fe7bed88caedd5392d50" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Thu Mar 19 15:45:12 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Mar 19 15:45:12 2026 +0800" }, "message": "feat(aliyun-oss): add signature v2 signing support (#725)\n\nThis PR adds OSS Signature V2 support to `reqsign-aliyun-oss`, covering\nboth header signing and presign.\n\nIt extends the signer parity work after V4 by adding the remaining OSS\nsigning variant with deterministic tests and updated docs." }, { "commit": "0976884a738b22110e29fe7bed88caedd5392d50", "tree": "6e6b0c10d8d49ae85be9b1f8d0df903a0038fc21", "parents": [ "3b749afa8ed2ee249e126c41fb6432f48dbcbb3c" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Thu Mar 19 15:38:08 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Mar 19 15:38:08 2026 +0800" }, "message": "fix(aliyun-oss): normalize custom sts endpoints (#726)\n\nThis fixes a correctness bug in Aliyun OSS STS endpoint handling: when\n`ALIBABA_CLOUD_STS_ENDPOINT` was set to a full URL, the AssumeRole path\nprefixed `https://` again and produced a malformed request URI.\n\nThe change normalizes custom STS endpoints so both bare hosts and full\nURLs work consistently across the AK-based AssumeRole provider and the\nOIDC-based STS provider. It also adds regression coverage for the\nenv-configured full-URL case.\n\nContext: found while reviewing the latest 20 commits on `main`,\nspecifically the new AssumeRole provider added in #724." }, { "commit": "3b749afa8ed2ee249e126c41fb6432f48dbcbb3c", "tree": "f7cfea97e68e63885a6a9922c605324aa1b9a4d5", "parents": [ "bf20a01f0185072348d6150ea33ec9681d3625a8" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Thu Mar 19 05:27:34 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Mar 19 05:27:34 2026 +0800" }, "message": "feat(google): support aws external account sources (#728)\n\nGoogle external account credentials also support the AWS-specific\n`credential_source` shape from AIP-4117. This teaches `reqsign-google`\nto resolve `aws1` region and credentials from environment variables or\nIMDS, mint the signed `GetCallerIdentity` subject token, and exchange it\nthrough the existing STS flow.\n\nThis follows the executable `external_account` support in #727 and keeps\nthe change fully inside `services/google`." }, { "commit": "bf20a01f0185072348d6150ea33ec9681d3625a8", "tree": "7d4d94a987841c5b0c61685e13926064100e7633", "parents": [ "85ed1dd30680682789f0869fcc7ec40d93b49bbe" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Thu Mar 19 05:23:36 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Mar 19 05:23:36 2026 +0800" }, "message": "feat(google): support executable external account sources (#727)\n\nThis adds executable-sourced `external_account` support for Google\ncredentials by extending the existing Google service-layer provider with\nAIP-4117 style executable loading, cache-file reuse, and validation. It\nkeeps the change scoped to `services/google` and uses the existing\ncommand execution context instead of introducing new core abstractions.\n\nThis is the first PR in a stacked series for broader Google WIF\ncoverage. The follow-up PR will focus on AWS provider-specific\n`credential_source` handling." }, { "commit": "85ed1dd30680682789f0869fcc7ec40d93b49bbe", "tree": "88b7f5cccefd40329e7aafc8d94952aee721d4cf", "parents": [ "3dc1cf19b2d69b35459cbcecabbd488bf0e69a5b" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Thu Mar 19 04:24:58 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Mar 19 04:24:58 2026 +0800" }, "message": "feat(aliyun-oss): add credentials URI and ECS RAM role providers (#721)\n\nThis stacked PR builds on #720 by adding the two network-based runtime\ncredential sources needed for Aliyun OSS parity: `credentials_uri` and\nECS RAM role metadata.\n\nIt introduces dedicated slot/no-slot builder entries, keeps refresh\nbehavior aligned with `reqsign_core::Signer` cache semantics, and adds\nfocused tests for chain order, IMDS fallback, and refresh-before-expiry\nbehavior. Related to #684." }, { "commit": "3dc1cf19b2d69b35459cbcecabbd488bf0e69a5b", "tree": "0a5888fa6609a2db792afb1f7d2e04eaa2d604e7", "parents": [ "34db49cc08b3e7b939b2c73aa3295d509b836788" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Thu Mar 19 02:50:16 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Mar 19 02:50:16 2026 +0800" }, "message": "feat(aliyun-oss): add assume role credential provider (#724)\n\nThis PR adds an AK-based AssumeRole provider for `reqsign-aliyun-oss`\nand wires it into the default credential builder.\n\nIt extends the OSS credential parity work with a non-recursive base\nprovider chain and keeps the builder semantics aligned with the new\nslot-based API." }, { "commit": "34db49cc08b3e7b939b2c73aa3295d509b836788", "tree": "8ef48d845d3cca1eddc4fcd5ba7f312e7768a0d8", "parents": [ "81399926577bbc7913c9d10192bc1a56f3f35265" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Thu Mar 19 01:59:38 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Mar 19 01:59:38 2026 +0800" }, "message": "feat(aliyun-oss): add signature v4 signing support (#723)\n\nThis stacked PR builds on #719 and adds OSS Signature V4 support for\nboth header signing and presigned URLs.\n\nIt reuses the signer API introduced in the parent PR, keeps V1 as the\ndefault, and adds golden-style tests for canonical requests,\nstring-to-sign construction, repeated query-key ordering, and final V4\noutput. Related to #684." }, { "commit": "81399926577bbc7913c9d10192bc1a56f3f35265", "tree": "ea3e84463b1886d58d9e5e3d12a003cb5680c64c", "parents": [ "7fccb97bd5e87e7471e38fdda34142c1821fce36" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Thu Mar 19 01:48:25 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Mar 19 01:48:25 2026 +0800" }, "message": "feat(aliyun-oss): add shared credentials and config file providers (#722)\n\nThis stacked PR builds on #720 by adding the two Alibaba shared file\nsources that are distinct from the OSS profile file: shared\n`credentials.ini` and `config.json` providers.\n\nIt keeps the slot boundaries explicit (`credentials_file` and\n`config_file`), limits this PR to direct static modes, and adds\nprecedence tests showing these file-based providers slot cleanly in\nfront of OIDC. Related to #684." }, { "commit": "7fccb97bd5e87e7471e38fdda34142c1821fce36", "tree": "c3ed1f5337842b1c2139eac31f749bfec734cbea", "parents": [ "1fe7000c942c80adb4409dab61f12b436eb34327" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Thu Mar 19 01:42:20 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Mar 19 01:42:20 2026 +0800" }, "message": "refactor(aliyun-oss): prepare signer for region-aware signing (#719)\n\nThis PR narrows the Aliyun OSS signer API to the part we can commit to\ntoday: region configuration on `RequestSigner`.\n\nIt keeps current V1 behavior unchanged, avoids exposing\nnot-yet-implemented signing-version switches, and adds tests/docs that\nlock in `with_region(...)` as a no-op for V1 while reserving the\nconfiguration path needed for future V4 work. Related to #684." }, { "commit": "1fe7000c942c80adb4409dab61f12b436eb34327", "tree": "2ed3aa246831bf229d5dbbfa7dca7257bc8298c4", "parents": [ "1f6d84bef58bb1418ddc64eab861349313126d84" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Thu Mar 19 01:39:03 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Mar 19 01:39:03 2026 +0800" }, "message": "feat(aliyun-oss): add OSS env aliases and profile provider (#720)\n\nThis PR expands the low-risk Aliyun OSS credential chain by adding OSS\nenvironment-variable aliases and a dedicated `~/.oss/credentials`\nprofile provider.\n\nIt keeps the new slot/no-slot builder API consistent with the repository\npolicy, inserts `oss_profile` between env and OIDC in the default chain,\nand adds focused tests for precedence, profile selection, and chain\nordering. Related to #684." }, { "commit": "1f6d84bef58bb1418ddc64eab861349313126d84", "tree": "11ef430adb54a927a670a5991827a3680ee15dc9", "parents": [ "710917e27299aad1da3b9d3e8cb620bfc5c82c40" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Thu Mar 19 01:31:16 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Mar 19 01:31:16 2026 +0800" }, "message": "fix(aliyun-oss): sign canonicalized OSS headers in presign (#718)\n\nThis PR fixes a V1 presign correctness gap in Aliyun OSS: canonicalized\n`x-oss-*` headers now participate in the string-to-sign when generating\npresigned URLs.\n\nThe change keeps the existing STS query-token behavior intact, adds\nfocused regression tests for presign/header canonicalization, and\naddresses one of the concrete bugs called out in #684." }, { "commit": "710917e27299aad1da3b9d3e8cb620bfc5c82c40", "tree": "33e60662797b4842bf1640117d5764c0631fd15c", "parents": [ "9fd8cdb4cf6df8e5a04d1a65025e93de0673bd89" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Wed Mar 18 19:09:07 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 18 19:09:07 2026 +0800" }, "message": "refactor: migrate huaweicloud-obs default credential provider builder API (#717)\n\nAlign `reqsign-huaweicloud-obs` with the new default credential provider\nAPI defined in `docs/default-credential-provider-api.md`.\n\nThis service only exposes the `env` default slot, so the PR keeps the\npublic builder on the `env(...)` / `no_env()` shape and updates examples\nand tests to cover explicit removal and re-adding of that slot." }, { "commit": "9fd8cdb4cf6df8e5a04d1a65025e93de0673bd89", "tree": "e99936a936304112867e7d64add4e95403eefa2e", "parents": [ "4b8be5ec348d29a40c9de77b74b78e8cd053a82c" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Wed Mar 18 19:08:21 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 18 19:08:21 2026 +0800" }, "message": "refactor(aws-v4): migrate default credential builder (#713)\n\nThis updates `services/aws-v4` to the `DefaultCredentialProvider` slot\nAPI defined in `docs/default-credential-provider-api.md`. The builder\nnow exposes slot and no-slot methods only, and `build()` only pushes\nconfigured `Some(...)` slots without fallback re-enabling.\n\nThe aws-v4 README was refreshed to the current public API, and the crate\ntests now cover both `process(...)` and `no_process()` so the removal\nsemantics are exercised directly in this service." }, { "commit": "4b8be5ec348d29a40c9de77b74b78e8cd053a82c", "tree": "ec52aa73f0a450eca9f9aef80ddcc32aa6e58eca", "parents": [ "38265ddfbb28057225ca05581f651bd86c52e9a5" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Wed Mar 18 19:06:04 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 18 19:06:04 2026 +0800" }, "message": "feat(volcengine-tos): migrate default credential builder api (#712)\n\nMigrate the Volcengine TOS default credential provider to the slot-based\nbuilder API from the default credential provider design. This removes\nthe legacy configure/disable env API, keeps env as the only public slot,\nand adds coverage that `no_env()` actually removes the provider from the\nchain.\n\nThis PR is part of the service-by-service migration toward the new\n`DefaultCredentialProvider` API documented in\n`docs/default-credential-provider-api.md`." }, { "commit": "38265ddfbb28057225ca05581f651bd86c52e9a5", "tree": "72ad3bd4c63981360fe73a9cbd72353da4c88980", "parents": [ "fc1e49108f8e3cc3c1c001983ac2e9b03df58c64" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Wed Mar 18 18:58:01 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 18 18:58:01 2026 +0800" }, "message": "services/oracle: migrate default credential builder API (#710)\n\nThis updates Oracle\u0027s `DefaultCredentialProviderBuilder` to match the\nnew repository-wide slot API design, removing the legacy `configure_*`\nand `disable_*(bool)` methods.\n\nThe builder now models `env` and `config_file` as explicit optional\nslots, and the tests cover that `no_env()` and `no_config_file()`\nactually remove those providers instead of re-enabling them during\n`build()`." }, { "commit": "fc1e49108f8e3cc3c1c001983ac2e9b03df58c64", "tree": "7582608870407a9639b6b66b3780e9d1ad09544f", "parents": [ "56cc5a85aef517f893ffab7be5badfd9d7be4b09" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Wed Mar 18 18:57:06 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 18 18:57:06 2026 +0800" }, "message": "refactor(aliyun-oss): migrate default credential provider API (#716)\n\nMigrate reqsign-aliyun-oss to the new DefaultCredentialProvider slot API\nso the public builder matches the repository design. This removes the\nlegacy configure/disable surface, renames the OIDC slot explicitly, and\nupdates Aliyun-specific docs and tests to cover slot removal semantics." }, { "commit": "56cc5a85aef517f893ffab7be5badfd9d7be4b09", "tree": "2dee127418d8931633ee5dfc11fea2090211591b", "parents": [ "a9fbc1c30f98d343dd4da38d439b7916277935af" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Wed Mar 18 18:56:22 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 18 18:56:22 2026 +0800" }, "message": "feat: migrate azure-storage default credential provider API (#715)\n\nThis migrates `reqsign-azure-storage` to the slot-based\n`DefaultCredentialProvider` builder defined in\n`docs/default-credential-provider-api.md`.\nIt removes the legacy `configure_*` and `disable_*(bool)` APIs, keeps\nthe existing default chain and wasm/non-wasm slot set, and updates\ndocs/examples/tests to cover `no_slot()` removal semantics." }, { "commit": "a9fbc1c30f98d343dd4da38d439b7916277935af", "tree": "d66a0ff89b7666ec1c206eb656e675709ae07f64", "parents": [ "bbf41ec87209878cfaeac6c99ddb77322ce8afe0" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Wed Mar 18 18:55:23 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 18 18:55:23 2026 +0800" }, "message": "feat(google): migrate default credential provider API (#714)\n\nThis updates the Google default credential provider to match the\nrepository-wide API defined in\n`docs/default-credential-provider-api.md`. The builder now uses explicit\n`slot(...)` and `no_slot()` methods for the env, well-known ADC, and VM\nmetadata providers, and removes the old patch-style and boolean-toggle\nAPIs.\n\nThe change also exports the Google-specific env and well-known ADC\nproviders so callers can still customize those slots directly, and adds\ntests that verify removed slots are truly absent from the default chain." }, { "commit": "bbf41ec87209878cfaeac6c99ddb77322ce8afe0", "tree": "35016cb138d3c86cca6dce62abbd55d9afb29fd5", "parents": [ "75decdbd4899d5e06c3613ca1bae59ef85012ffc" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Wed Mar 18 18:53:55 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 18 18:53:55 2026 +0800" }, "message": "services/tencent-cos: migrate default credential provider API (#711)\n\nThis changes the Tencent COS `DefaultCredentialProvider` builder to\nfollow the repository\u0027s new default credential provider API design.\nIt replaces the legacy `configure_*` and `disable_*(bool)` methods with\nexplicit `env` and `web_identity` slots plus `no_*` removal APIs, and\nadds tests that verify removed slots are not re-enabled during\n`build()`." }, { "commit": "75decdbd4899d5e06c3613ca1bae59ef85012ffc", "tree": "81be46cc10178cae9b87940f3a2ade9909c9062f", "parents": [ "c5400d8d2cb3a309f2171f3ec24ac0c066fdfcd5" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Wed Mar 18 18:49:13 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 18 18:49:13 2026 +0800" }, "message": "feat: migrate huaweicloud-obs default credential provider API (#709)\n\nThis updates the Huawei Cloud OBS default credential provider to match\nthe repository\u0027s new builder API contract.\n\nThe builder now exposes explicit `env(...)` and `no_env()` slot\ncontrols, removes the legacy `configure_*` and `disable_*(bool)` APIs,\nand keeps removed slots out of the chain instead of re-enabling them\nduring `build()`." }, { "commit": "c5400d8d2cb3a309f2171f3ec24ac0c066fdfcd5", "tree": "32b1e26a863bf95a74cd1069f1b5f937142af475", "parents": [ "35f3ede60f498d6c0234a2ce27c23e8100a9c738" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Wed Mar 18 18:39:32 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 18 18:39:32 2026 +0800" }, "message": "docs: define default credential provider API policy (#708)\n\nThis PR turns the default credential provider API shape into explicit\nrepository documentation instead of leaving it implicit in legacy\nimplementations. It records the authoritative design in\n`docs/default-credential-provider-api.md` and keeps `AGENTS.md` focused\non durable agent-facing constraints.\n\nIt also converts `CLAUDE.md` into an alias of `AGENTS.md` so repository\nguidance has a single source of truth before we start the API refactor\nitself." }, { "commit": "35f3ede60f498d6c0234a2ce27c23e8100a9c738", "tree": "b9a28624a583204946f864e8828b232e800b2d89", "parents": [ "561a93a294a5b679133b1e7e3cd13f482cd9cb43" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Wed Mar 18 18:37:13 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 18 18:37:13 2026 +0800" }, "message": "feat(google): add explicit file and token providers (#707)\n\nThis PR adds built-in Google credential providers for explicit\n`credential_path` and raw access token inputs so downstream integrations\nno longer need local adapters. It keeps the existing core caching model\nunchanged while factoring JSON credential parsing into a shared helper\nreused by default, static, and file-based providers.\n\nThis also adds targeted tests for file-path credentials and token\nproviders, including token-path loading and expiration handling. Related\nissues: #694, #696." }, { "commit": "561a93a294a5b679133b1e7e3cd13f482cd9cb43", "tree": "0929f9956f492c7a7822db2c3fb81d0f0ba38601", "parents": [ "2e566d0c3ba38692afb2603d907fba8dd89f8bc1" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Wed Mar 18 17:38:03 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 18 17:38:03 2026 +0800" }, "message": "reqsign-google: support selecting service account in VM metadata provider (#706)\n\nThis PR adds service account selection support to reqsign-google\u0027s VM\nmetadata provider so integrations running on GCE can request tokens for\na non-default service account without shipping a local custom provider.\n\nThe default ADC builder can now pass that option through\n`configure_vm_metadata(...)`, and the existing behavior remains\nunchanged when no service account is configured.\n\nCloses #695." }, { "commit": "2e566d0c3ba38692afb2603d907fba8dd89f8bc1", "tree": "cc3ae9216f21410028a46b25fec664082718f097", "parents": [ "d87031dc4a7e81583fe76d8f0f521da2930c89b1" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Mar 18 17:03:53 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 18 17:03:53 2026 +0800" }, "message": "fix(google): use rsa rand_core rng for signing (#699)\n\nGoogle service account signing only needs an RNG for RSA blinding during\nprivate-key operations.\n\nThis change switches the signer to `rsa::rand_core::OsRng` and removes\nthe direct `rand` dependency from `reqsign-google` and the workspace. It\nkeeps the RNG source aligned with `rsa`\u0027s `rand_core` version and avoids\nbinding this crate to `rand`\u0027s higher-level API surface.\n\n---------\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e\nCo-authored-by: Xuanwo \u003cgithub@xuanwo.io\u003e" }, { "commit": "d87031dc4a7e81583fe76d8f0f521da2930c89b1", "tree": "9a4e26c7e15aacfb99ddf776456ce6602d374513", "parents": [ "5536ae96f2f2ce250c3b40007d2a93db8e988285" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Wed Mar 18 16:28:41 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 18 16:28:41 2026 +0800" }, "message": "chore: align default credential provider API style (#700)\n\n## Summary\n\nThis PR aligns `DefaultCredentialProvider` /\n`DefaultCredentialProviderBuilder` API style across services using\n`aws-v4` as the baseline.\n\n### Changes\n- Fix Oracle `DefaultCredentialProvider::default()` semantics to match\n`new()`.\n- Add Oracle regression test to ensure `default()` and `new()` stay\nequivalent.\n- Export `DefaultCredentialProviderBuilder` from Volcengine\n`provide_credential` module.\n- Export `DefaultCredentialProviderBuilder` from Google and Oracle crate\nroots.\n- Make `provide_credential` module private in Oracle and Tencent (keep\npublic re-exports).\n\n## Validation\n\n- `cargo check -p reqsign-oracle -p reqsign-volcengine-tos -p\nreqsign-google -p reqsign-tencent-cos`\n- `cargo test -p reqsign-oracle test_default_matches_new`" }, { "commit": "5536ae96f2f2ce250c3b40007d2a93db8e988285", "tree": "bf598bafeac4a7f23b558c4999e67b18f9cd46ad", "parents": [ "14f98f55eee875eb23682554870b7625f014a85e" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Wed Mar 18 16:20:06 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 18 16:20:06 2026 +0800" }, "message": "ci: skip secret-required tests for dependabot PRs (#704)\n\nDependabot pull requests in this repository cannot access CI secrets,\nbut several workflows currently treat same-repo PRs as secret-eligible\nand still run integration tests. This causes unrelated dependency bump\nPRs to fail before functional checks complete. This PR updates the\nworkflow guards so secret-required integration jobs are skipped for\nDependabot PRs while preserving existing behavior for normal PRs and\npushes.\n\nContext: https://github.com/apache/opendal-reqsign/pull/701 failed\nbecause 1Password credentials were unavailable in a Dependabot PR, and\nthe same pattern exists in multiple service workflows." }, { "commit": "14f98f55eee875eb23682554870b7625f014a85e", "tree": "13fe7ff20664c13d00701283f4d05d9c7167f286", "parents": [ "25718cf16983b376dab975341cc4dee5fc54b209" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Mar 18 16:18:22 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 18 16:18:22 2026 +0800" }, "message": "chore(deps): Bump 1password/load-secrets-action from 3.1.0 to 3.2.1 (#705)\n\nBumps\n[1password/load-secrets-action](https://github.com/1password/load-secrets-action)\nfrom 3.1.0 to 3.2.1.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/1password/load-secrets-action/releases\"\u003e1password/load-secrets-action\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003ch3\u003eFix\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRevert SDK field-resolution regression introduced in v3.2.0 that\nbroke certain valid secret refs (website/url fields) \u003ca\nhref\u003d\"https://redirect.github.com/1Password/load-secrets-action/pull/145\"\u003e1Password/load-secrets-action#145\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/compare/v3.2.0...v3.2.1\"\u003ehttps://github.com/1Password/load-secrets-action/compare/v3.2.0...v3.2.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s changed\u003c/h2\u003e\n\u003ch2\u003eFeatures\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eService account auth now uses the 1Password SDK instead of the CLI;\nthe CLI is not installed when using a service account token. \u003ca\nhref\u003d\"https://redirect.github.com/1Password/load-secrets-action/pull/137\"\u003e1Password/load-secrets-action#137\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFix\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eEmpty string secret values are now set as outputs and environment\nvariables instead of being skipped by \u003ca\nhref\u003d\"https://github.com/toga4\"\u003e\u003ccode\u003e@​toga4\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/1Password/load-secrets-action/pull/132\"\u003e1Password/load-secrets-action#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocs: Documented the SSH key format parameter for secret references\nby \u003ca\nhref\u003d\"https://github.com/BolajiOlajide\"\u003e\u003ccode\u003e@​BolajiOlajide\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/1Password/load-secrets-action/pull/130\"\u003e1Password/load-secrets-action#130\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/BolajiOlajide\"\u003e\u003ccode\u003e@​BolajiOlajide\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/1Password/load-secrets-action/pull/130\"\u003e1Password/load-secrets-action#130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/toga4\"\u003e\u003ccode\u003e@​toga4\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/1Password/load-secrets-action/pull/132\"\u003e1Password/load-secrets-action#132\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/compare/v3.1.0...v3.2.0\"\u003ehttps://github.com/1Password/load-secrets-action/compare/v3.1.0...v3.2.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/dafbe7cb03502b260e2b2893c753c352eee545bf\"\u003e\u003ccode\u003edafbe7c\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/1password/load-secrets-action/issues/146\"\u003e#146\u003c/a\u003e\nfrom 1Password/release/v3.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/7f98afc2d7a58e181e9c6a5bab0ddba1387efd0c\"\u003e\u003ccode\u003e7f98afc\u003c/code\u003e\u003c/a\u003e\nRemove binary\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/9cdab8f59d7cea0fc90e8aaf0e905a669755f6fd\"\u003e\u003ccode\u003e9cdab8f\u003c/code\u003e\u003c/a\u003e\ncreate new build\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/6a14785fa526929e3bb568fb6a8ee1ba6238afbb\"\u003e\u003ccode\u003e6a14785\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/1password/load-secrets-action/issues/145\"\u003e#145\u003c/a\u003e\nfrom 1Password/revert-pr-137\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/7d4e24a43ff243f56efa13564531f01f7fb52300\"\u003e\u003ccode\u003e7d4e24a\u003c/code\u003e\u003c/a\u003e\nRevert \u0026quot;Merge pull request \u003ca\nhref\u003d\"https://redirect.github.com/1password/load-secrets-action/issues/137\"\u003e#137\u003c/a\u003e\nfrom 1Password/feature/migrate-to-sdk\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/cb7c5acc8a2b09f96acc233de388fe361e49839a\"\u003e\u003ccode\u003ecb7c5ac\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/1password/load-secrets-action/issues/143\"\u003e#143\u003c/a\u003e\nfrom 1Password/release/v3.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/ea49b14f1eb06a1089612c3b54de04fd6b04c6aa\"\u003e\u003ccode\u003eea49b14\u003c/code\u003e\u003c/a\u003e\nRebuild\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/93abacc9df9ea7ea47d739758c9685e93640cca7\"\u003e\u003ccode\u003e93abacc\u003c/code\u003e\u003c/a\u003e\nFix version\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/40e52b6cef3f4d7118e21efd0011d273182b7fdd\"\u003e\u003ccode\u003e40e52b6\u003c/code\u003e\u003c/a\u003e\nUpdate version and build\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/commit/38b333095dd181f4fbb51e943024c6f2e28717e1\"\u003e\u003ccode\u003e38b3330\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/1password/load-secrets-action/issues/137\"\u003e#137\u003c/a\u003e\nfrom 1Password/feature/migrate-to-sdk\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/1password/load-secrets-action/compare/8d0d610af187e78a2772c2d18d627f4c52d3fbfb...dafbe7cb03502b260e2b2893c753c352eee545bf\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003d1password/load-secrets-action\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d3.1.0\u0026new-version\u003d3.2.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "25718cf16983b376dab975341cc4dee5fc54b209", "tree": "1f52cac72bcb89b02eab5b1188dadb3dee07c36c", "parents": [ "5a9954c88c8d8c0cc42c0d357d02e740b68ddf75" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Wed Mar 18 16:17:04 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Mar 18 16:17:04 2026 +0800" }, "message": "Bump reqsign to v0.20.0 (#703)\n\nThis PR bumps `reqsign` to `v0.20.0` and aligns workspace crate versions\nfor the recent breaking API refactor. It marks the `MaybeSend` migration\nand `async_trait` removal as a formal major-version update so downstream\nusers can upgrade with clear semver signals.\n\nContext:\n- Related change: #702 (`refactor: adopt MaybeSend futures and remove\nasync_trait`)\n- Validation: `cargo check --workspace`" }, { "commit": "5a9954c88c8d8c0cc42c0d357d02e740b68ddf75", "tree": "9ba9c4b363ec7ee0b150615baa75781dbe95e818", "parents": [ "635f0bceb6aafde7678c82ecc51041d02add636e" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Mar 09 13:57:22 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Mar 09 13:57:22 2026 +0800" }, "message": "chore(deps): Update quick-xml requirement from 0.38.1 to 0.39.2 (#701)\n\nUpdates the requirements on\n[quick-xml](https://github.com/tafia/quick-xml) to permit the latest\nversion.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/releases\"\u003equick-xml\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev0.39.2 - Fix regression and read_text_into\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003ch3\u003eNew Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/483\"\u003e#483\u003c/a\u003e:\nImplement \u003ccode\u003eread_text_into()\u003c/code\u003e and\n\u003ccode\u003eread_text_into_async()\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/939\"\u003e#939\u003c/a\u003e:\nFix parsing error of the tag from buffered reader, when the first byte\n\u003ccode\u003e\u0026lt;\u003c/code\u003e is the last in the \u003ccode\u003eBufRead\u003c/code\u003e internal\nbuffer. This is the regression from \u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/936\"\u003e#936\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/483\"\u003e#483\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/483\"\u003etafia/quick-xml#483\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/936\"\u003e#936\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/pull/936\"\u003etafia/quick-xml#936\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/939\"\u003e#939\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/939\"\u003etafia/quick-xml#939\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/compare/v0.39.1...v0.39.2\"\u003ehttps://github.com/tafia/quick-xml/compare/v0.39.1...v0.39.2\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/blob/master/Changelog.md\"\u003equick-xml\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e0.39.2 -- 2026-02-20\u003c/h2\u003e\n\u003ch3\u003eNew Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/483\"\u003e#483\u003c/a\u003e:\nImplement \u003ccode\u003eread_text_into()\u003c/code\u003e and\n\u003ccode\u003eread_text_into_async()\u003c/code\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/939\"\u003e#939\u003c/a\u003e:\nFix parsing error of the tag from buffered reader, when the first byte\n\u003ccode\u003e\u0026lt;\u003c/code\u003e\nis the last in the \u003ccode\u003eBufRead\u003c/code\u003e internal buffer. This is the\nregression from \u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/936\"\u003e#936\u003c/a\u003e.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/483\"\u003e#483\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/483\"\u003etafia/quick-xml#483\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/936\"\u003e#936\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/pull/936\"\u003etafia/quick-xml#936\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/939\"\u003e#939\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/939\"\u003etafia/quick-xml#939\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.39.1 -- 2026-02-15\u003c/h2\u003e\n\u003ch3\u003eNew Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/598\"\u003e#598\u003c/a\u003e:\nAdd method \u003ccode\u003eNamespaceResolver::set_level\u003c/code\u003e which may be\nhelpful in some circumstances.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/597\"\u003e#597\u003c/a\u003e:\nFix incorrect processing of namespace scopes in\n\u003ccode\u003eNsReader::read_to_end\u003c/code\u003e\n\u003ccode\u003eNsReader::read_to_end_into\u003c/code\u003e,\n\u003ccode\u003eNsReader::read_to_end_into_async\u003c/code\u003e and\n\u003ccode\u003eNsReader::read_text\u003c/code\u003e.\nThe scope started by a start element was not ended after that call.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/936\"\u003e#936\u003c/a\u003e:\nFix incorrect result of \u003ccode\u003e.read_text()\u003c/code\u003e when it is called\nafter reading \u003ccode\u003eText\u003c/code\u003e or \u003ccode\u003eGeneralRef\u003c/code\u003e event.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/597\"\u003e#597\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/597\"\u003etafia/quick-xml#597\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/598\"\u003e#598\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/pull/598\"\u003etafia/quick-xml#598\u003c/a\u003e\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/936\"\u003e#936\u003c/a\u003e:\n\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/pull/936\"\u003etafia/quick-xml#936\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e0.39.0 -- 2026-01-11\u003c/h2\u003e\n\u003cp\u003eAdded a way to configure \u003ccode\u003eWriter\u003c/code\u003e. Now all configuration\nis contained in the \u003ccode\u003ewriter::Config\u003c/code\u003e\nstruct and can be applied at once. When \u003ccode\u003eserde-types\u003c/code\u003e feature\nis enabled, configuration is serializable.\u003c/p\u003e\n\u003ch3\u003eNew Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/846\"\u003e#846\u003c/a\u003e:\nAdd methods \u003ccode\u003econfig()\u003c/code\u003e and \u003ccode\u003econfig_mut()\u003c/code\u003e to\ninspect and change the writer configuration.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/846\"\u003e#846\u003c/a\u003e:\nAdd ability to write space before \u003ccode\u003e/\u0026gt;\u003c/code\u003e in self-closed tags\nfor maximum compatibility with\nXHTML.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/846\"\u003e#846\u003c/a\u003e:\nAdd method \u003ccode\u003eempty_element_handling()\u003c/code\u003e as a more powerful\nalternative to \u003ccode\u003eexpand_empty_elements()\u003c/code\u003e\nin \u003ccode\u003eSerializer\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/929\"\u003e#929\u003c/a\u003e:\nAllow to pass list of field names to\n\u003ccode\u003eimpl_deserialize_for_internally_tagged_enum!\u003c/code\u003e macro\nwhich is required if you enum variants contains \u003ccode\u003e$value\u003c/code\u003e\nfields.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/5611c894f6b9fd5301c266167a6d3a7ef005dedd\"\u003e\u003ccode\u003e5611c89\u003c/code\u003e\u003c/a\u003e\nRelease 0.39.2\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/b8eba9abf7a59f605981ef5ec10f9e260f1c0f94\"\u003e\u003ccode\u003eb8eba9a\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/941\"\u003e#941\u003c/a\u003e\nfrom Mingun/full-cover\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/f8e8857c46d010e7c2b94f7eea2d6b0229d6056e\"\u003e\u003ccode\u003ef8e8857\u003c/code\u003e\u003c/a\u003e\nImplement read_text_into and read_text_into_async\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/489dc17e4080d85885b1a30003ca40a0caea9bdb\"\u003e\u003ccode\u003e489dc17\u003c/code\u003e\u003c/a\u003e\nPlace \u003ccode\u003e;\u003c/code\u003e to the buffer when read general entity\nreferences\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/9a7e8f577a74f323abefc93a495004e88d60fa45\"\u003e\u003ccode\u003e9a7e8f5\u003c/code\u003e\u003c/a\u003e\nPlace \u003ccode\u003e\u0026gt;\u003c/code\u003e to the buffer when read elements, processing\ninstructions and XML d...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/c34af489c6d5fc90b1efde2d497db86fe051f7b9\"\u003e\u003ccode\u003ec34af48\u003c/code\u003e\u003c/a\u003e\nPlace \u003ccode\u003e\u0026gt;\u003c/code\u003e to the buffer when read comment, CDATA or\nDOCTYPE\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/241f01e20ff679e9248f2ae424c9ba823fc15444\"\u003e\u003ccode\u003e241f01e\u003c/code\u003e\u003c/a\u003e\nReturn only index from BangType::parse (renamed to feed) like in other\nparsers\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/e3230c24f35b41792b5a23fd46eb8f73ab402781\"\u003e\u003ccode\u003ee3230c2\u003c/code\u003e\u003c/a\u003e\nAppend +1 outside of BangType, in read_bang_element, like read_with\ndo\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/623c92cfb8908d46437e5a76a4fe06b2365898a5\"\u003e\u003ccode\u003e623c92c\u003c/code\u003e\u003c/a\u003e\nRewrite \u003ccode\u003eread_bang_element\u003c/code\u003e with the same style as\n\u003ccode\u003eread_with\u003c/code\u003e, \u003ccode\u003eread_ref\u003c/code\u003e an...\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/commit/e06f70ab88d596f764217ac10202ae2663aaaa02\"\u003e\u003ccode\u003ee06f70a\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/tafia/quick-xml/issues/940\"\u003e#940\u003c/a\u003e\nfrom Mingun/fix-939\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/tafia/quick-xml/compare/v0.38.1...v0.39.2\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "635f0bceb6aafde7678c82ecc51041d02add636e", "tree": "f649beccef457eb8567684fe226dab5f3941807c", "parents": [ "1d5ac3d18b984f11f55ed2c14c18e43f7d03a082" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Tue Mar 03 16:52:41 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Mar 03 16:52:41 2026 +0800" }, "message": "refactor: adopt MaybeSend futures and remove async_trait (#702)\n\nThis PR replaces `async_trait`-based async trait methods with an\nOpenDAL-style `MaybeSend` future model across reqsign. It keeps the\nsingle-trait architecture while making wasm/non-wasm send bounds\nexplicit through shared future aliases.\n\nTo preserve object safety and existing ergonomics, this change\nintroduces `*Dyn` adapters (`HttpSendDyn`, `FileReadDyn`,\n`CommandExecuteDyn`, `ProvideCredentialDyn`, `SignRequestDyn`) and keeps\npublic builder APIs (`Context`, `Signer`, provider chains) working with\ntrait objects.\n\n## Context\n- Aligns reqsign with the same `MaybeSend` direction used by OpenDAL.\n- Removes all `async-trait` usage and corresponding crate dependencies\nacross the workspace." }, { "commit": "1d5ac3d18b984f11f55ed2c14c18e43f7d03a082", "tree": "7179f9e9329c03422c6860b428dd1c729f451e6f", "parents": [ "f2942b0b5ffdca472ee589e17d9272bf6244c052" ], "author": { "name": "William Woodruff", "email": "william@yossarian.net", "time": "Thu Feb 26 09:27:58 2026 -0500" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Feb 26 22:27:58 2026 +0800" }, "message": "Apply CI security best practices (#687)\n\nHi there! [uv](https://github.com/astral-sh/uv) is a downstream user of\nthis crate, and as a result we have an interest in ensuring your CI/CD\nis as secure, hermetic, and reproducible as possible 🙂\n\nTo that end, this PR has a series of commits (each of which can be\nreviewed separately) that will hopefully improve your default posture.\nThese changes were made based on findings from\n[zizmor](https://docs.zizmor.sh).\n\nTo summarize:\n\n1. All actions references are now hash-pinned, to prevent unexpected tag\nmutation. Dependabot will handle updating these hash-pins for you.\n2. Dependabot itself now enforces a seven-day cooldown, to reduce the\nrisk of quickly adopting a compromised dependency.\n3. I\u0027ve minimized all permissions and credential persistence risks in\nall workflows. This should be **reviewed carefully**, since it\u0027s hard to\npredict ahead-of-time whether some permissions were being used\nimplicitly.\n4. I\u0027ve eliminated all flagged template injection risks. Most of these\nare not exploitable in practice, but intermediating expressions with\nshell variables `${FOO}` instead of `${{ foo }}` is a best practice\nanyways.\n\nAfter all of that, the only remaining default finding is this:\n\n```\ninfo[use-trusted-publishing]: prefer trusted publishing for authentication\n --\u003e ./.github/workflows/release.yml:40:14\n |\n40 | - run: cargo publish --workspace\n | --- ^^^^^^^^^^^^^^^^^^^^^^^^^ this command\n | |\n | this step\n |\n \u003d note: audit confidence → High\n```\n\nTo fix that one, one of the maintainers will need to set up [Trusted\nPublishing](https://crates.io/docs/trusted-publishing) and remove your\ncurrent manual crates.io token. I strongly recommend doing this as a way\nto reduce your credential exposure risk 🙂\n\nFinally, I\u0027ve done all this without adding a workflow that will\nproactively catch new CI/CD issues. However, if you\u0027re interested in\nthat, I\u0027d be happy to add one.\n\nSigned-off-by: William Woodruff \u003cwilliam@astral.sh\u003e\n\n---------\n\nSigned-off-by: William Woodruff \u003cwilliam@astral.sh\u003e" }, { "commit": "f2942b0b5ffdca472ee589e17d9272bf6244c052", "tree": "c5313cef33100c19530b9470d6149b8ff1c76aa3", "parents": [ "7b2bbb1b8dde3b86ef593547e8e1c05c22c49549" ], "author": { "name": "Changxin Miao", "email": "mcx_221@foxmail.com", "time": "Thu Feb 26 21:15:00 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Feb 26 21:15:00 2026 +0800" }, "message": "fix(aliyun-oss): avoid duplicated bucket in canonicalized resource for path-style (#692)\n\nWhen using PrivateLink to access OSS, users must use the path-style\naccess method. For more information, see\n\nhttps://help.aliyun.com/zh/oss/user-guide/access-oss-via-privatelink-network\n\nBut `reqsign` currently does not support path-style signature, it always\nduplicates the bucket name in the path, which causes signature failure.\nA valid string to sign should be like:\n```\nGET\n\n\nWed, 25 Feb 2026 13:53:35 GMT\n/test-bucket/\n```\n\nwhereas the current code signs this:\n```\nGET\n\n\nWed, 25 Feb 2026 13:52:33 GMT\n/test-bucket/test-bucket\n```" }, { "commit": "7b2bbb1b8dde3b86ef593547e8e1c05c22c49549", "tree": "ea1abd7f5c207572782d627cc021420069bc67b9", "parents": [ "efbcf356d390fbd9d9f7ad7c5d86636347353dbf" ], "author": { "name": "Xin Sun", "email": "ddupgs@gmail.com", "time": "Thu Feb 26 15:34:48 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Feb 26 15:34:48 2026 +0800" }, "message": "feat: support volcengine tos (#686)\n\nCloses: https://github.com/apache/opendal/issues/7152" }, { "commit": "efbcf356d390fbd9d9f7ad7c5d86636347353dbf", "tree": "494eb3b52b2dd6a935fbfed34a87505a598e5e8f", "parents": [ "0ec4c323cae246e68c989d910ace5231bb354d6b" ], "author": { "name": "Dimitri John Ledkov", "email": "19779+xnox@users.noreply.github.com", "time": "Wed Feb 25 15:16:53 2026 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Feb 25 23:16:53 2026 +0800" }, "message": "build(deps): upgrade jsonwebtoken (#689)\n\nMove jsonwebtoken to a workspace dependency.\n\nUpgrade to 10 series, to pick up CVE fix in 10.3.0. Use aws-lc backend, as aws-lc is already an existing transitive dependency." }, { "commit": "0ec4c323cae246e68c989d910ace5231bb354d6b", "tree": "8b933057ec5dcdcf3894a6d4440da41a90c9b758", "parents": [ "37966ac8c40ebd4af8cc70eda8f83e350557efe7" ], "author": { "name": "Alexander Kjäll", "email": "alexander.kjall@gmail.com", "time": "Mon Feb 23 02:19:31 2026 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Feb 23 09:19:31 2026 +0800" }, "message": "Replace dotenv with dotenvy (#688)\n\ndotenv is no longer maintained:\nhttps://rustsec.org/advisories/RUSTSEC-2021-0141.html\ndotenvy seems like the best replacement:\nhttps://crates.io/crates/dotenvy" }, { "commit": "37966ac8c40ebd4af8cc70eda8f83e350557efe7", "tree": "9f86488fbb3ad2d6bbee52790a2024a416070a6b", "parents": [ "8ee4d8eacc36ea2707e27f20de73d119cdf74af0" ], "author": { "name": "tison", "email": "wander4096@gmail.com", "time": "Tue Jan 20 20:54:19 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Jan 20 20:54:19 2026 +0800" }, "message": "chore: Update copyright year in NOTICE file (#682)\n\n" }, { "commit": "8ee4d8eacc36ea2707e27f20de73d119cdf74af0", "tree": "d4022c2619f49efe589ddad3051f7823f0b9a52b", "parents": [ "cc77c270da5d3d311b24c5d059e639cc6da0ff96" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Mon Jan 19 23:38:26 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jan 19 23:38:26 2026 +0800" }, "message": "chore: Enable feature flags for discussions (#680)\n\nEnable discussion for opendal-reqsign" }, { "commit": "cc77c270da5d3d311b24c5d059e639cc6da0ff96", "tree": "5b1374858a097146496356728d4cb772d7d6c9d5", "parents": [ "3918127630604e20bc14c2f8b03a10588a2c37df" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Mon Jan 19 23:31:40 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jan 19 23:31:40 2026 +0800" }, "message": "Bump reqsign to v0.19.0 (#679)\n\nThis PR will bump reqsign to v0.19.0\n\n---\n\n**Parts of this PR were drafted with assistance from Codex (with\n`gpt-5.2`) and fully reviewed and edited by me. I take full\nresponsibility for all changes.**" }, { "commit": "3918127630604e20bc14c2f8b03a10588a2c37df", "tree": "18c171395cfb54fc3a1af2774815195028a6bc6b", "parents": [ "b93f92c9ac71f0d12c5dae625109769ed74c1000" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Mon Jan 19 23:00:38 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jan 19 23:00:38 2026 +0800" }, "message": "feat(oss): Add role session name suppport (#678)\n\nThis PR will add role session name suppport for oss.\n\n---\n\n**Parts of this PR were drafted with assistance from Codex (with\n`gpt-5.2`) and fully reviewed and edited by me. I take full\nresponsibility for all changes.**" }, { "commit": "b93f92c9ac71f0d12c5dae625109769ed74c1000", "tree": "16287ecbc4cf92f0b4f272d5591e85f0fca700b6", "parents": [ "e3d028e09461d74506c71fe951e337c1c13ec7e0" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Jan 12 22:21:29 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Jan 12 22:21:29 2026 +0800" }, "message": "chore(deps): Bump 1password/load-secrets-action from 3.0.0 to 3.1.0 (#669)\n\nBumps\n[1password/load-secrets-action](https://github.com/1password/load-secrets-action)\nfrom 3.0.0 to 3.1.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/1password/load-secrets-action/releases\"\u003e1password/load-secrets-action\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003ch2\u003e🚀 Features\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport loading secrets from env files \u003ca\nhref\u003d\"https://redirect.github.com/1password/load-secrets-action/issues/93\"\u003e#93\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eFixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eop-cli-installer\u003c/code\u003e dependency is removed \u003ca\nhref\u003d\"https://redirect.github.com/1Password/load-secrets-action/pull/127\"\u003e1Password/load-secrets-action#127\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eSecurity\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdates js-yaml from 4.1.0 to 4.1.1 \u003ca\nhref\u003d\"https://redirect.github.com/1Password/load-secrets-action/pull/128\"\u003e1Password/load-secrets-action#128\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/geofox\"\u003e\u003ccode\u003e@​geofox\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/1Password/load-secrets-action/pull/117\"\u003e1Password/load-secrets-action#117\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/wcarlsen\"\u003e\u003ccode\u003e@​wcarlsen\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/1Password/load-secrets-action/pull/118\"\u003e1Password/load-secrets-action#118\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/1Password/load-secrets-action/compare/v3...v3.1.0\"\u003ehttps://github.com/1Password/load-secrets-action/compare/v3...v3.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/1password/load-secrets-action/compare/v3...v3.1.0\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003d1password/load-secrets-action\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d3.0.0\u0026new-version\u003d3.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e\nCo-authored-by: tison \u003cwander4096@gmail.com\u003e" }, { "commit": "e3d028e09461d74506c71fe951e337c1c13ec7e0", "tree": "f66cd2d635583cca1a645844cdb0698fd92d4ced", "parents": [ "0ff4c42d0373eadef7e2b00cf26cbc712202c4bd" ], "author": { "name": "tison", "email": "wander4096@gmail.com", "time": "Sun Jan 11 21:36:57 2026 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Jan 11 21:36:57 2026 +0800" }, "message": "chore: upgrade reqwest to 0.13 (#675)\n\nSigned-off-by: tison \u003cwander4096@gmail.com\u003e" }, { "commit": "0ff4c42d0373eadef7e2b00cf26cbc712202c4bd", "tree": "71518973c777977e82fec8f9170cd2bc8c523f7d", "parents": [ "08aa73eaf75ab0fa8fe1a39eaa5053ef66c0e713" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Fri Dec 26 21:25:06 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Dec 26 21:25:06 2025 +0800" }, "message": "chore: Align our mock servers impl (#674)\n\nThis PR will align our mock servers impl\n\n---\n\n**Parts of this PR were drafted with assistance from Codex (with\n`gpt-5.2`) and fully reviewed and edited by me. I take full\nresponsibility for all changes.**" }, { "commit": "08aa73eaf75ab0fa8fe1a39eaa5053ef66c0e713", "tree": "4d4ba177841e1b0239c6e3604f38267d674497ae", "parents": [ "ab9b0fcb8c6cf58a14e9ab33d9854ea7e0d2c091" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Fri Dec 26 20:59:52 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Dec 26 20:59:52 2025 +0800" }, "message": "feat(google): Add workload identity support (#673)\n\nThis PR will add workload identity support\n\n---\n\n**Parts of this PR were drafted with assistance from Codex (with\n`gpt-5.2`) and fully reviewed and edited by me. I take full\nresponsibility for all changes.**" }, { "commit": "ab9b0fcb8c6cf58a14e9ab33d9854ea7e0d2c091", "tree": "ca9ba614fb835bbb82fd79cdba9cac203e20d97f", "parents": [ "c3b660eb42934a133881cabea8c42be01917271f" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Fri Dec 26 20:13:31 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Dec 26 20:13:31 2025 +0800" }, "message": "feat(azure): Add scoped SAS support (#672)\n\nThis PR will add scoped SAS support\n\n\n---\n\n**Parts of this PR were drafted with assistance from Codex (with\n`gpt-5.2`) and fully reviewed and edited by me. I take full\nresponsibility for all changes.**" }, { "commit": "c3b660eb42934a133881cabea8c42be01917271f", "tree": "d650a98cc06fdba9c56d733dd648ec3e0bf55ee3", "parents": [ "f2eb9ea8894566437b1f37f9c6a9f738155c2e29" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Fri Dec 26 19:21:58 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Dec 26 19:21:58 2025 +0800" }, "message": "feat(aws): Add session policy support for sts (#670)\n\nThis PR adds session policy support for sts\n\n---\n\n**Parts of this PR were drafted with assistance from Codex (with\n`gpt-5.2`) and fully reviewed and edited by me. I take full\nresponsibility for all changes.**" }, { "commit": "f2eb9ea8894566437b1f37f9c6a9f738155c2e29", "tree": "a3686aa01018d20e4164bbb9da53f8d0d32be585", "parents": [ "42fd8f3b18ba428b4db5138520fe302190e7408c" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Fri Dec 26 19:15:21 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Dec 26 19:15:21 2025 +0800" }, "message": "feat(google): Add sign blob support (#671)\n\nThis PR will add sign blob support\n\n---\n\n**Parts of this PR were drafted with assistance from Codex (with\n`gpt-5.2`) and fully reviewed and edited by me. I take full\nresponsibility for all changes.**" }, { "commit": "42fd8f3b18ba428b4db5138520fe302190e7408c", "tree": "8f74601f68254b736a8733507e83b5e20e1e7cfb", "parents": [ "4c60e7cd3d507411b3b76c022f1f7d685d4810a0" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Wed Dec 03 16:30:43 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Dec 03 16:30:43 2025 +0800" }, "message": "chore(deps): Bump actions/checkout from 5 to 6 (#665)\n\nBumps [actions/checkout](https://github.com/actions/checkout) from 5 to\n6.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/actions/checkout/releases\"\u003eactions/checkout\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements\nby \u003ca href\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca\nhref\u003d\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca\nhref\u003d\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca\nhref\u003d\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under\n\u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git\nconfig.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca\nhref\u003d\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e\nto access the persisted credentials for \u003ca\nhref\u003d\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker\ncontainer action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca\nhref\u003d\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003eV6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca\nhref\u003d\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements\nby \u003ca href\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eV5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca\nhref\u003d\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eV5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca\nhref\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eV4.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca\nhref\u003d\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eV4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca\nhref\u003d\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca\nhref\u003d\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca\nhref\u003d\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca\nhref\u003d\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca\nhref\u003d\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca\nhref\u003d\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca\nhref\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment\nvariables by \u003ca href\u003d\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca\nhref\u003d\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca\nhref\u003d\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca\nhref\u003d\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4\nupdates by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca\nhref\u003d\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout\u0027s own workflows to a known, good, stable\nversion. by \u003ca href\u003d\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca\nhref\u003d\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate NPM dependencies by \u003ca\nhref\u003d\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1703\"\u003eactions/checkout#1703\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump github/codeql-action from 2 to 3 by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1694\"\u003eactions/checkout#1694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 1 to 4 by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1696\"\u003eactions/checkout#1696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/upload-artifact from 2 to 4 by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1695\"\u003eactions/checkout#1695\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e\nupdate readme/changelog for v6 (\u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e\nv6-beta (\u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e\nPersist creds to a separate file (\u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e\nUpdate README to include Node.js 24 support details and requirements (\u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/actions/checkout/compare/v5...v6\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dactions/checkout\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d5\u0026new-version\u003d6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "4c60e7cd3d507411b3b76c022f1f7d685d4810a0", "tree": "78de256a6594f574f01d8935e0b7a4d23479ed91", "parents": [ "f6ff6a7ad039619b35a84d21214d4585130f4f7d" ], "author": { "name": "Aarni Koskela", "email": "akx@iki.fi", "time": "Wed Dec 03 09:50:17 2025 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Dec 03 15:50:17 2025 +0800" }, "message": "chore: do not require `reqwest` directly in services (#666)\n\nThese features are provided via `reqsign-http-send-reqwest` (or another\nimplementation); these service providers shouldn\u0027t pull them in.\n\nSigned-off-by: Aarni Koskela \u003cakx@iki.fi\u003e\nCo-authored-by: Xuanwo \u003cgithub@xuanwo.io\u003e" }, { "commit": "f6ff6a7ad039619b35a84d21214d4585130f4f7d", "tree": "9f9624f15643ee92fc0ec2009a037c14dbb4dd49", "parents": [ "507ed20ee43f86ef5a6b5919008d1577392724d2" ], "author": { "name": "Aarni Koskela", "email": "akx@iki.fi", "time": "Wed Dec 03 09:46:29 2025 +0200" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Dec 03 15:46:29 2025 +0800" }, "message": "chore: fix wasm tests (#667)\n\nFixes the wasm_tests failure exhibited in #666\u0027s CI run." }, { "commit": "507ed20ee43f86ef5a6b5919008d1577392724d2", "tree": "156085853f14a219f7cd07e1a5a2c169b6025846", "parents": [ "6f4530d243746896483a5e548bf0df4ee3d31176" ], "author": { "name": "tison", "email": "wander4096@gmail.com", "time": "Thu Nov 13 21:00:30 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Nov 13 21:00:30 2025 +0800" }, "message": "ci: fix wasm test (#664)\n\nSigned-off-by: tison \u003cwander4096@gmail.com\u003e" }, { "commit": "6f4530d243746896483a5e548bf0df4ee3d31176", "tree": "345445cf35e3fb3f32a21ee3661e00e64a91821e", "parents": [ "3ae0ec8919f242bb75e71398f2eced57a8597c55" ], "author": { "name": "Ben Beasley", "email": "code@musicinmybrain.net", "time": "Thu Nov 13 08:59:21 2025 +0000" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Nov 13 16:59:21 2025 +0800" }, "message": "chore: Fix typo in reqsign-google description (#663)\n\n" }, { "commit": "3ae0ec8919f242bb75e71398f2eced57a8597c55", "tree": "a3fa74dd8647183c9b83fdfc35430a32f1d77cb8", "parents": [ "4997eef7616e600e2ae509af64b60dfa861ad7eb" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Tue Oct 21 17:02:46 2025 +0900" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Oct 21 16:02:46 2025 +0800" }, "message": "Bump version to 0.18.1 (#659)\n\nThis PR will bump reqsign version to 0.18.1\n\nAll other crates bumped to 2.0.1\n\n\n## Summary\n\n- Enabled reqsign-http-send-reqwest and reqsign-file-read-tokio to build\non WASM, tightening cross-platform coverage.\n- Improved credential handling by returning credential_invalid when no\ncredential is available and trimming/encoding AWS\n tokens correctly.\n- Aligned internal crate versions for the 0.18.1/2.0.1 release and fixed\nthe release workflow.\n\n## Commits\n\n- bd9eee5 Bump version to 0.18.1\n- 4997eef feat: Make http-send-reqwest available on wasm (#656)\n- 125362c feat: Return credential_invalid while no credential found\n(#655)\n- c7953e5 feat(context-file-read-tokio): Allow file read tokio been\nbuilt on wasm (#654)\n- 1744efc fix(services-aws-v4): Ensure token has been trimmed and\nencoded (#653)\n- 60d1ca9 ci: fix up release workflow (#650)\n\n---\n\n**This PR was primarily authored with Codex using GPT-5-Codex and then\nhand-reviewed by me. I AM responsible for every change made in this PR.\nI aimed to keep it aligned with our goals, though I may have missed\nminor issues. Please flag anything that feels off, I\u0027ll fix it\nquickly.**\n\nSigned-off-by: Xuanwo \u003cgithub@xuanwo.io\u003e" }, { "commit": "4997eef7616e600e2ae509af64b60dfa861ad7eb", "tree": "e3658f17c31ac5b0c73726a4d7c1708898692b74", "parents": [ "125362c6ef4e116ed70c6e76260de3b47980985f" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Sun Oct 19 17:51:30 2025 +0900" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Oct 19 16:51:30 2025 +0800" }, "message": "feat: Make http-send-reqwest available on wasm (#656)\n\nAllow https://github.com/apache/opendal/pull/6656 to pass.\n\n---\n\n**This PR was primarily authored with Codex using GPT-5-Codex and then\nhand-reviewed by me. I AM responsible for every change made in this PR.\nI aimed to keep it aligned with our goals, though I may have missed\nminor issues. Please flag anything that feels off, I\u0027ll fix it\nquickly.**\n\n---------\n\nSigned-off-by: Xuanwo \u003cgithub@xuanwo.io\u003e" }, { "commit": "125362c6ef4e116ed70c6e76260de3b47980985f", "tree": "aa1c3b8c768fef7c62ddc9c5e21737df6bacaced", "parents": [ "c7953e52e3daf8ed328dec2d34b5f89df9b6643a" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Mon Oct 13 22:50:54 2025 +0900" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Oct 13 21:50:54 2025 +0800" }, "message": "feat: Return credential_invalid while no credential found (#655)\n\n`Signer` should check and return error instead of passing down to\n`RequestSigner`.\n\n---------\n\nSigned-off-by: Xuanwo \u003cgithub@xuanwo.io\u003e" }, { "commit": "c7953e52e3daf8ed328dec2d34b5f89df9b6643a", "tree": "f4d2df604e39b78c68d6ff39c47f18fdee7c090f", "parents": [ "1744efcc7b4a0e817eb36956864e990179843902" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Mon Oct 13 17:12:26 2025 +0900" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Oct 13 16:12:26 2025 +0800" }, "message": "feat(context-file-read-tokio): Allow file read tokio been built on wasm (#654)\n\nTechnically, file-read-tokio doesn\u0027t support WASM at all. But it\u0027s still\nuseful to make this crate available on WASM so users don\u0027t have to\njuggle features and target configurations.\n\nSigned-off-by: Xuanwo \u003cgithub@xuanwo.io\u003e" }, { "commit": "1744efcc7b4a0e817eb36956864e990179843902", "tree": "c349503c1333cd8cb3d52d624f76326ab421caec", "parents": [ "60d1ca93bbc84e1344d14b5c47bb4ab870196911" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Mon Oct 13 15:43:19 2025 +0900" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Oct 13 14:43:19 2025 +0800" }, "message": "fix(services-aws-v4): Ensure token has been trimmed and encoded (#653)\n\nFix part of https://github.com/apache/opendal/pull/6656\n\nIn the real world, token files may contain non-URL-safe characters. This\nPR handles them by trimming and encoding the tokens before sending them\nout.\n\nSigned-off-by: Xuanwo \u003cgithub@xuanwo.io\u003e" }, { "commit": "60d1ca93bbc84e1344d14b5c47bb4ab870196911", "tree": "238c25c69cde99ec181a4e72633dff92013ec83a", "parents": [ "077a866f5c179bb1f2e9c05a4f8adc2f384bd39b" ], "author": { "name": "tison", "email": "wander4096@gmail.com", "time": "Mon Oct 06 18:33:39 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Oct 06 18:33:39 2025 +0800" }, "message": "ci: fix up release workflow (#650)\n\n" }, { "commit": "077a866f5c179bb1f2e9c05a4f8adc2f384bd39b", "tree": "b4dcef7664a192baf6fe8230d91e4a09f8a54642", "parents": [ "84823db10adfd439b22fd4a63c7cccea43df7752" ], "author": { "name": "tison", "email": "wander4096@gmail.com", "time": "Sat Oct 04 21:59:55 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sat Oct 04 21:59:55 2025 +0800" }, "message": "chore: use the official license template (#649)\n\n" }, { "commit": "84823db10adfd439b22fd4a63c7cccea43df7752", "tree": "4a197e5d794b50c71cfa62998648421c95174eef", "parents": [ "54de7a2c0df10714573decb3f631ef77f333b313" ], "author": { "name": "tison", "email": "wander4096@gmail.com", "time": "Sat Oct 04 21:54:59 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sat Oct 04 21:54:59 2025 +0800" }, "message": "chore: add NOTICE file (#647)\n\nSigned-off-by: tison \u003cwander4096@gmail.com\u003e" }, { "commit": "54de7a2c0df10714573decb3f631ef77f333b313", "tree": "b98357492485ad27c6c8c6a5852f2c50d03d2797", "parents": [ "873fac195c1b678fa0f47f59d26f32e9015e419a" ], "author": { "name": "tison", "email": "wander4096@gmail.com", "time": "Sat Oct 04 00:01:11 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sat Oct 04 00:01:11 2025 +0800" }, "message": "chore: metadata and release workflow (#645)\n\nSigned-off-by: tison \u003cwander4096@gmail.com\u003e" }, { "commit": "873fac195c1b678fa0f47f59d26f32e9015e419a", "tree": "5f6c1d1f00866974c16b57a2869e91752f1733c0", "parents": [ "c2f250a7d3324a1ca865909d865c3baf57ce9317" ], "author": { "name": "tison", "email": "wander4096@gmail.com", "time": "Fri Oct 03 21:40:53 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Oct 03 21:40:53 2025 +0800" }, "message": "chore: bump major version and encapsulate Timestamp (#643)\n\nSigned-off-by: tison \u003cwander4096@gmail.com\u003e" }, { "commit": "c2f250a7d3324a1ca865909d865c3baf57ce9317", "tree": "316abe060fff63db0c600596790813ec413cc594", "parents": [ "282b5dc716af0f788c50802229652d342e97a33e" ], "author": { "name": "tison", "email": "wander4096@gmail.com", "time": "Fri Oct 03 11:00:57 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Oct 03 11:00:57 2025 +0800" }, "message": "chore: add .asf.yaml file (#644)\n\nAdded configuration for GitHub integration and notifications." }, { "commit": "282b5dc716af0f788c50802229652d342e97a33e", "tree": "0f87e5722e877c0dcc9dd137bce9857e300d5dc7", "parents": [ "6a46ce475964ef0e887320e1c77b4d7c8d9ddbe1" ], "author": { "name": "tison", "email": "wander4096@gmail.com", "time": "Thu Oct 02 00:02:19 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Oct 02 00:02:19 2025 +0800" }, "message": "chore: bump version and fix up metadata (#642)\n\nThis closes https://github.com/apache/opendal-reqsign/pull/640.\n\n---------\n\nSigned-off-by: tison \u003cwander4096@gmail.com\u003e\nCo-authored-by: SuzuyaXJZ \u003csuzuyax.jz@gmail.com\u003e" }, { "commit": "6a46ce475964ef0e887320e1c77b4d7c8d9ddbe1", "tree": "b87c8a0643d5891bbabdbb44b056addfa820deea", "parents": [ "484765a234a67cba65b28fd9dade3e24fa886c8e" ], "author": { "name": "tison", "email": "wander4096@gmail.com", "time": "Wed Oct 01 22:21:14 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Wed Oct 01 22:21:14 2025 +0800" }, "message": "chore: migrate branding to Apache OpenDAL Reqsign (#641)\n\nSigned-off-by: tison \u003cwander4096@gmail.com\u003e" }, { "commit": "484765a234a67cba65b28fd9dade3e24fa886c8e", "tree": "90c5b09bb361f098caed46c42778e470dd1e9a5c", "parents": [ "c25ec1c7c522428f0aa2c160a35319d0e90bda93" ], "author": { "name": "Ben Beasley", "email": "code@musicinmybrain.net", "time": "Mon Sep 29 11:53:44 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Sep 29 18:53:44 2025 +0800" }, "message": "fix: Fix license files missing from published crates (#635)\n\nUse symbolic links to the top-level (workspace) license file.\n\nBefore this PR:\n\n```\n$ cd reqsign/\n$ cargo publish --dry-run\n$ tar -tzvf ../target/package/reqsign-0.17.0.crate\n-rw-r--r-- 0/0 101 1970-01-01 01:00 reqsign-0.17.0/.cargo_vcs_info.json\n-rw-r--r-- 0/0 61728 1970-01-01 01:00 reqsign-0.17.0/Cargo.lock\n-rw-r--r-- 0/0 2993 1970-01-01 01:00 reqsign-0.17.0/Cargo.toml\n-rw-r--r-- 0/0 2893 2006-07-24 02:21 reqsign-0.17.0/Cargo.toml.orig\n-rw-r--r-- 0/0 5086 2006-07-24 02:21 reqsign-0.17.0/README.md\n-rw-r--r-- 0/0 1496 2006-07-24 02:21 reqsign-0.17.0/examples/aws.rs\n-rw-r--r-- 0/0 1495 2006-07-24 02:21 reqsign-0.17.0/examples/azure.rs\n-rw-r--r-- 0/0 1520 2006-07-24 02:21 reqsign-0.17.0/examples/google.rs\n-rw-r--r-- 0/0 2395 2006-07-24 02:21 reqsign-0.17.0/src/aliyun.rs\n-rw-r--r-- 0/0 2823 2006-07-24 02:21 reqsign-0.17.0/src/aws.rs\n-rw-r--r-- 0/0 2812 2006-07-24 02:21 reqsign-0.17.0/src/azure.rs\n-rw-r--r-- 0/0 2715 2006-07-24 02:21 reqsign-0.17.0/src/context.rs\n-rw-r--r-- 0/0 3391 2006-07-24 02:21 reqsign-0.17.0/src/google.rs\n-rw-r--r-- 0/0 2411 2006-07-24 02:21 reqsign-0.17.0/src/huaweicloud.rs\n-rw-r--r-- 0/0 1429 2006-07-24 02:21 reqsign-0.17.0/src/lib.rs\n-rw-r--r-- 0/0 2355 2006-07-24 02:21 reqsign-0.17.0/src/oracle.rs\n-rw-r--r-- 0/0 2377 2006-07-24 02:21 reqsign-0.17.0/src/tencent.rs\n```\n\nAfter this PR:\n\n```\n$ cd reqsign/\n$ cargo publish --dry-run\n$ tar -tzvf ../target/package/reqsign-0.17.0.crate\n-rw-r--r-- 0/0 101 1970-01-01 01:00 reqsign-0.17.0/.cargo_vcs_info.json\n-rw-r--r-- 0/0 61728 1970-01-01 01:00 reqsign-0.17.0/Cargo.lock\n-rw-r--r-- 0/0 2993 1970-01-01 01:00 reqsign-0.17.0/Cargo.toml\n-rw-r--r-- 0/0 2893 2006-07-24 02:21 reqsign-0.17.0/Cargo.toml.orig\n-rw-r--r-- 0/0 11342 2006-07-24 02:21 reqsign-0.17.0/LICENSE\n-rw-r--r-- 0/0 5086 2006-07-24 02:21 reqsign-0.17.0/README.md\n-rw-r--r-- 0/0 1496 2006-07-24 02:21 reqsign-0.17.0/examples/aws.rs\n-rw-r--r-- 0/0 1495 2006-07-24 02:21 reqsign-0.17.0/examples/azure.rs\n-rw-r--r-- 0/0 1520 2006-07-24 02:21 reqsign-0.17.0/examples/google.rs\n-rw-r--r-- 0/0 2395 2006-07-24 02:21 reqsign-0.17.0/src/aliyun.rs\n-rw-r--r-- 0/0 2823 2006-07-24 02:21 reqsign-0.17.0/src/aws.rs\n-rw-r--r-- 0/0 2812 2006-07-24 02:21 reqsign-0.17.0/src/azure.rs\n-rw-r--r-- 0/0 2715 2006-07-24 02:21 reqsign-0.17.0/src/context.rs\n-rw-r--r-- 0/0 3391 2006-07-24 02:21 reqsign-0.17.0/src/google.rs\n-rw-r--r-- 0/0 2411 2006-07-24 02:21 reqsign-0.17.0/src/huaweicloud.rs\n-rw-r--r-- 0/0 1429 2006-07-24 02:21 reqsign-0.17.0/src/lib.rs\n-rw-r--r-- 0/0 2355 2006-07-24 02:21 reqsign-0.17.0/src/oracle.rs\n-rw-r--r-- 0/0 2377 2006-07-24 02:21 reqsign-0.17.0/src/tencent.rs\n```" }, { "commit": "c25ec1c7c522428f0aa2c160a35319d0e90bda93", "tree": "d16a3cac16d580e3409e587fa1e9c33f7e2298e9", "parents": [ "a925881ab574d65082a40a3bbe84fa0dc2850e1b" ], "author": { "name": "Ben Beasley", "email": "code@musicinmybrain.net", "time": "Mon Sep 29 11:53:23 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Sep 29 18:53:23 2025 +0800" }, "message": "fix: Fix failure of custom_client example to build in http-send-reqwest (#637)\n\nFixes #636 by adding a dev-dependency on `reqwest` with the\n`default-tls` feature enabled.\n\nAlso converts the `reqwest` dependencies in this crate to workspace\ndependencies. Other crates in the repository already use the workspace\n`reqwest`, and this avoids repetition (and possible eventual\nskew/mismatch) of the `reqwest` version number." }, { "commit": "a925881ab574d65082a40a3bbe84fa0dc2850e1b", "tree": "46c390cd6ddcae59eb27d6bf10d490b530e33764", "parents": [ "90475b4987f96702d3dee743f3ab8b1ddf8e1b08" ], "author": { "name": "tison", "email": "wander4096@gmail.com", "time": "Mon Sep 29 15:00:01 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Sep 29 15:00:01 2025 +0800" }, "message": "refactor: chrono to jiff (#634)\n\nThis closes #631\n\nSigned-off-by: tison \u003cwander4096@gmail.com\u003e" }, { "commit": "90475b4987f96702d3dee743f3ab8b1ddf8e1b08", "tree": "bfa2cebf01a6476c700377fba1bb0bc239cf4fe3", "parents": [ "8f89556e54099497f6797844147d72b288b45ff5" ], "author": { "name": "Kingsword", "email": "kingsword09@gmail.com", "time": "Mon Sep 22 17:09:56 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Sep 22 17:09:56 2025 +0800" }, "message": "ci: use `cargo publish --workspace` for publishing all crates (#632)\n\n- Replace individual `cargo publish -p \u003ccrate\u003e` steps with a single\n`cargo publish --workspace`\n- Requires Rust 1.90.0 or newer\n\nReferences:\n- [Rust 1.90.0 release notes: Cargo adds native support for workspace\npublishing](https://blog.rust-lang.org/2025/09/18/Rust-1.90.0/#cargo-adds-native-support-for-workspace-publishing)" }, { "commit": "8f89556e54099497f6797844147d72b288b45ff5", "tree": "b726c90f91e5b868bc275e34f92c017a2687efd1", "parents": [ "765bc446fbdedf1580cf72cec19d34149002ba2b" ], "author": { "name": "meteorgan", "email": "meteorite.gan@gmail.com", "time": "Mon Sep 22 17:08:46 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Sep 22 17:08:46 2025 +0800" }, "message": "chore: Make clippy happy (#633)\n\n" }, { "commit": "765bc446fbdedf1580cf72cec19d34149002ba2b", "tree": "1145903cedb2dfe3f9d359718cfd636c49d57754", "parents": [ "41f5df7fcb7ec79b253dccf93dae167e151b88a6" ], "author": { "name": "Adam Gutglick", "email": "adamgsal@gmail.com", "time": "Thu Sep 11 11:29:39 2025 +0100" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Sep 11 18:29:39 2025 +0800" }, "message": "Build docs for all features on docs.rs (#628)\n\n" }, { "commit": "41f5df7fcb7ec79b253dccf93dae167e151b88a6", "tree": "a355bf73dfff07c5ea6dad5eb0063f438a728a51", "parents": [ "5236a930dfc19505fceb3ff62d1001d8c4d097c5" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Thu Sep 11 17:25:37 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Sep 11 17:25:37 2025 +0800" }, "message": "feat: Allow configure from default chain (#620)\n\n**This PR was primarily authored with Codex using GPT-5 and then\nhand-reviewed by me. I AM responsible for every change made in this PR.\nI aimed to keep it aligned with our goals, though I may have missed\nminor issues. Please flag anything that feels off, I\u0027ll fix it\nquickly.**\n\n---------\n\nSigned-off-by: Xuanwo \u003cgithub@xuanwo.io\u003e" }, { "commit": "5236a930dfc19505fceb3ff62d1001d8c4d097c5", "tree": "17e038df3d396bd49d8b4b12982e57ee422e2dce", "parents": [ "6ebbd815de7133ab16f62502ac9370b748bd0e13" ], "author": { "name": "Kingsword", "email": "kingsword09@gmail.com", "time": "Mon Sep 08 16:58:02 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Sep 08 16:58:02 2025 +0800" }, "message": "ci: Switch from --nocapture to --no-capture (#626)\n\n`--no-capture` was added in 1.88, with `--nocapture` being\nsoft-deprecated.\nhttps://releases.rs/docs/1.88.0/#libraries" }, { "commit": "6ebbd815de7133ab16f62502ac9370b748bd0e13", "tree": "41768db2b7fe777996be0bc7ac248aa5bdd0213d", "parents": [ "65bcece3d3c7557c8f7c1759043a534a506353c7" ], "author": { "name": "Kingsword", "email": "kingsword09@gmail.com", "time": "Sun Sep 07 16:38:36 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Sep 07 16:38:36 2025 +0800" }, "message": "ci: Update GitHub Action to ASF approved patterns (#623)\n\n" }, { "commit": "65bcece3d3c7557c8f7c1759043a534a506353c7", "tree": "04f895d97e069e2187c0bca44edc6187b3e82f1f", "parents": [ "542768b3fda432ee91de51675cb4b1bc96b4ef10" ], "author": { "name": "Kingsword", "email": "kingsword09@gmail.com", "time": "Sun Sep 07 13:58:50 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Sun Sep 07 13:58:50 2025 +0800" }, "message": "*: Add ASF headers for all code files (#622)\n\nCloses: #621" }, { "commit": "542768b3fda432ee91de51675cb4b1bc96b4ef10", "tree": "a69d84d76f12647b9b11c21dcdabcb89720448ac", "parents": [ "e82712c190362ea1009d1583bc2fd315e1626ff8" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri Sep 05 20:32:52 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Sep 05 20:32:52 2025 +0800" }, "message": "chore(deps): Update windows-sys requirement from 0.60.2 to 0.61.0 (#619)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "e82712c190362ea1009d1583bc2fd315e1626ff8", "tree": "54e535b15e5cd63722460276ba24e150b2c072b6", "parents": [ "e1c4d13e293075eebb3fb7112ac7d0ce56c5b7e7" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Fri Sep 05 20:32:39 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Sep 05 20:32:39 2025 +0800" }, "message": "chore(deps): Bump actions/github-script from 7 to 8 (#618)\n\nBumps [actions/github-script](https://github.com/actions/github-script)\nfrom 7 to 8.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/actions/github-script/releases\"\u003eactions/github-script\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Node.js version support to 24.x by \u003ca\nhref\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/637\"\u003eactions/github-script#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eREADME for updating actions/github-script from v7 to v8 by \u003ca\nhref\u003d\"https://github.com/sneha-krip\"\u003e\u003ccode\u003e@​sneha-krip\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/653\"\u003eactions/github-script#653\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca\nhref\u003d\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease\nNotes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this\nrelease.\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/637\"\u003eactions/github-script#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/sneha-krip\"\u003e\u003ccode\u003e@​sneha-krip\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/653\"\u003eactions/github-script#653\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/actions/github-script/compare/v7.1.0...v8.0.0\"\u003ehttps://github.com/actions/github-script/compare/v7.1.0...v8.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade husky to v9 by \u003ca\nhref\u003d\"https://github.com/benelan\"\u003e\u003ccode\u003e@​benelan\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/482\"\u003eactions/github-script#482\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd workflow file for publishing releases to immutable action\npackage by \u003ca\nhref\u003d\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/485\"\u003eactions/github-script#485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade IA Publish by \u003ca\nhref\u003d\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/486\"\u003eactions/github-script#486\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix workflow status badges by \u003ca\nhref\u003d\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/497\"\u003eactions/github-script#497\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate usage of \u003ccode\u003eactions/upload-artifact\u003c/code\u003e by \u003ca\nhref\u003d\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/512\"\u003eactions/github-script#512\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClear up package name confusion by \u003ca\nhref\u003d\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/514\"\u003eactions/github-script#514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate dependencies with \u003ccode\u003enpm audit fix\u003c/code\u003e by \u003ca\nhref\u003d\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/515\"\u003eactions/github-script#515\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSpecify that the used script is JavaScript by \u003ca\nhref\u003d\"https://github.com/timotk\"\u003e\u003ccode\u003e@​timotk\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/478\"\u003eactions/github-script#478\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Add Dependabot for NPM and Actions by \u003ca\nhref\u003d\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/472\"\u003eactions/github-script#472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDefine \u003ccode\u003epermissions\u003c/code\u003e in workflows and update actions by\n\u003ca href\u003d\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/531\"\u003eactions/github-script#531\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Add Dependabot for .github/actions/install-dependencies by \u003ca\nhref\u003d\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/532\"\u003eactions/github-script#532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Remove .vscode settings by \u003ca\nhref\u003d\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/533\"\u003eactions/github-script#533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: Use github/setup-licensed by \u003ca\nhref\u003d\"https://github.com/nschonni\"\u003e\u003ccode\u003e@​nschonni\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/473\"\u003eactions/github-script#473\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003emake octokit instance available as octokit on top of github, to make\nit easier to seamlessly copy examples from GitHub rest api or octokit\ndocumentations by \u003ca\nhref\u003d\"https://github.com/iamstarkov\"\u003e\u003ccode\u003e@​iamstarkov\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/508\"\u003eactions/github-script#508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove \u003ccode\u003eoctokit\u003c/code\u003e README updates for v7 by \u003ca\nhref\u003d\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/557\"\u003eactions/github-script#557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: add \u0026quot;exec\u0026quot; usage examples by \u003ca\nhref\u003d\"https://github.com/neilime\"\u003e\u003ccode\u003e@​neilime\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/546\"\u003eactions/github-script#546\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump ruby/setup-ruby from 1.213.0 to 1.222.0 by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot]\nin \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/563\"\u003eactions/github-script#563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump ruby/setup-ruby from 1.222.0 to 1.229.0 by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot]\nin \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/575\"\u003eactions/github-script#575\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClearly document passing inputs to the \u003ccode\u003escript\u003c/code\u003e by \u003ca\nhref\u003d\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/603\"\u003eactions/github-script#603\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca\nhref\u003d\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/610\"\u003eactions/github-script#610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/benelan\"\u003e\u003ccode\u003e@​benelan\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/482\"\u003eactions/github-script#482\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/485\"\u003eactions/github-script#485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/timotk\"\u003e\u003ccode\u003e@​timotk\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/478\"\u003eactions/github-script#478\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/iamstarkov\"\u003e\u003ccode\u003e@​iamstarkov\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/508\"\u003eactions/github-script#508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/neilime\"\u003e\u003ccode\u003e@​neilime\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/546\"\u003eactions/github-script#546\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/pull/610\"\u003eactions/github-script#610\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/actions/github-script/compare/v7...v7.1.0\"\u003ehttps://github.com/actions/github-script/compare/v7...v7.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/ed597411d8f924073f98dfc5c65a23a2325f34cd\"\u003e\u003ccode\u003eed59741\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/issues/653\"\u003e#653\u003c/a\u003e\nfrom actions/sneha-krip/readme-for-v8\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/2dc352e4baefd91bec0d06f6ae2f1045d1687ca3\"\u003e\u003ccode\u003e2dc352e\u003c/code\u003e\u003c/a\u003e\nBold minimum Actions Runner version in README\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/01e118c8d0d22115597e46514b5794e7bc3d56f1\"\u003e\u003ccode\u003e01e118c\u003c/code\u003e\u003c/a\u003e\nUpdate README for Node 24 runtime requirements\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/8b222ac82eda86dcad7795c9d49b839f7bf5b18b\"\u003e\u003ccode\u003e8b222ac\u003c/code\u003e\u003c/a\u003e\nApply suggestion from \u003ca\nhref\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/adc0eeac992408a7b276994ca87edde1c8ce4d25\"\u003e\u003ccode\u003eadc0eea\u003c/code\u003e\u003c/a\u003e\nREADME for updating actions/github-script from v7 to v8\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/20fe497b3fe0c7be8aae5c9df711ac716dc9c425\"\u003e\u003ccode\u003e20fe497\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/issues/637\"\u003e#637\u003c/a\u003e\nfrom actions/node24\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/e7b7f222b11a03e8b695c4c7afba89a02ea20164\"\u003e\u003ccode\u003ee7b7f22\u003c/code\u003e\u003c/a\u003e\nupdate licenses\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/2c81ba05f308415d095291e6eeffe983d822345b\"\u003e\u003ccode\u003e2c81ba0\u003c/code\u003e\u003c/a\u003e\nUpdate Node.js version support to 24.x\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/f28e40c7f34bde8b3046d885e986cb6290c5673b\"\u003e\u003ccode\u003ef28e40c\u003c/code\u003e\u003c/a\u003e\nMerge pull request \u003ca\nhref\u003d\"https://redirect.github.com/actions/github-script/issues/610\"\u003e#610\u003c/a\u003e\nfrom actions/nebuk89-patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/github-script/commit/1ae9958572fde544457e4d51aed5ea044e8936f3\"\u003e\u003ccode\u003e1ae9958\u003c/code\u003e\u003c/a\u003e\nUpdate README.md\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca\nhref\u003d\"https://github.com/actions/github-script/compare/v7...v8\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dactions/github-script\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d7\u0026new-version\u003d8)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "e1c4d13e293075eebb3fb7112ac7d0ce56c5b7e7", "tree": "b31c3e57739d5c1e196b3482646b5f1578ecf12d", "parents": [ "6041f6520da0df01fe0dcc0b045486eb6d4fdbcf" ], "author": { "name": "Tzu Gwo", "email": "gotzehsing@gmail.com", "time": "Fri Sep 05 20:32:24 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Fri Sep 05 20:32:24 2025 +0800" }, "message": "chore: remove useless `reqwest` requirement (#617)\n\nreqwest is not required in aws, azure and huawei cloud. Remove it to\nmake dependencies neat.\n\nCo-authored-by: Tzu Gwo \u003ctzu@tonbo.io\u003e" }, { "commit": "6041f6520da0df01fe0dcc0b045486eb6d4fdbcf", "tree": "857e6addaf4e08ec62c77d7364d7e00d24419c84", "parents": [ "e8f3d73408bb32328f2d2248354c7ab2a2ee9094" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Thu Sep 04 17:59:17 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Thu Sep 04 17:59:17 2025 +0800" }, "message": "feat: Add push_front for all default credential providers (#616)\n\nClose https://github.com/Xuanwo/reqsign/issues/614\n\n---\n\n**This PR was primarily authored with Claude Code using Opus 4.1 and\nthen hand-reviewed by me. I AM responsible for every change made in this\nPR. I aimed to keep it aligned with our goals, though I may have missed\nminor issues. Please flag anything that feels off, I\u0027ll fix it\nquickly.**\n\n---------\n\nSigned-off-by: Xuanwo \u003cgithub@xuanwo.io\u003e" }, { "commit": "e8f3d73408bb32328f2d2248354c7ab2a2ee9094", "tree": "6251fc8f51a111e96a28399fceace91f65dc3b7d", "parents": [ "dd8e582f6e1bff15bd80591cd2791decb7b72cd1" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Tue Sep 02 12:22:24 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Sep 02 12:22:24 2025 +0800" }, "message": "ci: Fix cargo publish (#613)\n\nSigned-off-by: Xuanwo \u003cgithub@xuanwo.io\u003e" }, { "commit": "dd8e582f6e1bff15bd80591cd2791decb7b72cd1", "tree": "f5427c82d2124bfd0c4b8011d1a9ebed444adb14", "parents": [ "273a9cd070ac39727ed943618618e8293e106df8" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Tue Sep 02 12:18:57 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Tue Sep 02 12:18:57 2025 +0800" }, "message": "chore(deps): Bump actions/checkout from 4 to 5 (#612)\n\nBumps [actions/checkout](https://github.com/actions/checkout) from 4 to\n5.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/actions/checkout/releases\"\u003eactions/checkout\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca\nhref\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca\nhref\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca\nhref\u003d\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease\nNotes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this\nrelease.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/actions/checkout/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/checkout/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca\nhref\u003d\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca\nhref\u003d\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca\nhref\u003d\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca\nhref\u003d\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca\nhref\u003d\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca\nhref\u003d\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca\nhref\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare release v4.3.0 by \u003ca\nhref\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2237\"\u003eactions/checkout#2237\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e made\ntheir first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/actions/checkout/compare/v4...v4.3.0\"\u003ehttps://github.com/actions/checkout/compare/v4...v4.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment\nvariables by \u003ca href\u003d\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca\nhref\u003d\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/actions/checkout/compare/v4.2.1...v4.2.2\"\u003ehttps://github.com/actions/checkout/compare/v4.2.1...v4.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca\nhref\u003d\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/Jcambass\"\u003e\u003ccode\u003e@​Jcambass\u003c/code\u003e\u003c/a\u003e\nmade their first contribution in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1919\"\u003eactions/checkout#1919\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/actions/checkout/compare/v4.2.0...v4.2.1\"\u003ehttps://github.com/actions/checkout/compare/v4.2.0...v4.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout\u0027s\nchangelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003eV5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca\nhref\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eV4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca\nhref\u003d\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca\nhref\u003d\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca\nhref\u003d\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca\nhref\u003d\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca\nhref\u003d\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca\nhref\u003d\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca\nhref\u003d\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment\nvariables by \u003ca href\u003d\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca\nhref\u003d\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca\nhref\u003d\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca\nhref\u003d\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e,\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4\nupdates by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca\nhref\u003d\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout\u0027s own workflows to a known, good, stable\nversion. by \u003ca href\u003d\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca\nhref\u003d\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate NPM dependencies by \u003ca\nhref\u003d\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1703\"\u003eactions/checkout#1703\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump github/codeql-action from 2 to 3 by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1694\"\u003eactions/checkout#1694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 1 to 4 by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1696\"\u003eactions/checkout#1696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/upload-artifact from 2 to 4 by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1695\"\u003eactions/checkout#1695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eREADME: Suggest \u003ccode\u003euser.email\u003c/code\u003e to be\n\u003ccode\u003e41898282+github-actions[bot]@users.noreply.github.com\u003c/code\u003e by \u003ca\nhref\u003d\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1707\"\u003eactions/checkout#1707\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDisable \u003ccode\u003eextensions.worktreeConfig\u003c/code\u003e when disabling\n\u003ccode\u003esparse-checkout\u003c/code\u003e by \u003ca\nhref\u003d\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1692\"\u003eactions/checkout#1692\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd dependabot config by \u003ca\nhref\u003d\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in\n\u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1688\"\u003eactions/checkout#1688\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump the minor-actions-dependencies group with 2 updates by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1693\"\u003eactions/checkout#1693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump word-wrap from 1.2.3 to 1.2.5 by \u003ca\nhref\u003d\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/pull/1643\"\u003eactions/checkout#1643\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.3\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e\nPrepare v5.0.0 release (\u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/actions/checkout/commit/9f265659d3bb64ab1440b03b12f4d47a24320917\"\u003e\u003ccode\u003e9f26565\u003c/code\u003e\u003c/a\u003e\nUpdate actions checkout to use node 24 (\u003ca\nhref\u003d\"https://redirect.github.com/actions/checkout/issues/2226\"\u003e#2226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/actions/checkout/compare/v4...v5\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dactions/checkout\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d4\u0026new-version\u003d5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" }, { "commit": "273a9cd070ac39727ed943618618e8293e106df8", "tree": "acfe8c3066ad98ad698927a5a4044283b5649c12", "parents": [ "f99172552d0e9946f3bc168059f0a5465badd177" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Mon Sep 01 17:53:17 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Sep 01 17:53:17 2025 +0800" }, "message": "fix: Cyclic dependences in context crates (#610)\n\nSigned-off-by: Xuanwo \u003cgithub@xuanwo.io\u003e" }, { "commit": "f99172552d0e9946f3bc168059f0a5465badd177", "tree": "e82a78fafb8ab553c84d86b6b730150328fcfa92", "parents": [ "d26ae1a4c99f87b2315f0946aa2d02d2a01c937e" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Mon Sep 01 17:38:24 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Sep 01 17:38:24 2025 +0800" }, "message": "chore: Remove examples in to core to avoid cyclic deps (#609)\n\nSigned-off-by: Xuanwo \u003cgithub@xuanwo.io\u003e" }, { "commit": "d26ae1a4c99f87b2315f0946aa2d02d2a01c937e", "tree": "4cc873d10734586d9c134b891e3f951e662b7b41", "parents": [ "682377741452c866affc1713095d9a397ad117ba" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Mon Sep 01 17:20:38 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Sep 01 17:20:38 2025 +0800" }, "message": "Bump to version 1.0.0 (#607)\n\nSigned-off-by: Xuanwo \u003cgithub@xuanwo.io\u003e" }, { "commit": "682377741452c866affc1713095d9a397ad117ba", "tree": "4eaca500d5f7ca32867ae971c5b4e880527eb936", "parents": [ "7d00c2b8bd068c5169a8fb3769062248d2fd1e4c" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Mon Sep 01 17:11:42 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Sep 01 17:11:42 2025 +0800" }, "message": "ci: Add release workflow (#606)\n\nSigned-off-by: Xuanwo \u003cgithub@xuanwo.io\u003e" }, { "commit": "7d00c2b8bd068c5169a8fb3769062248d2fd1e4c", "tree": "6541d3ecbb80d808be7aa198d78dcd9bb6c7ea57", "parents": [ "1883d1cbcde8037fe0fe844949b48fd097c683dd" ], "author": { "name": "Xuanwo", "email": "github@xuanwo.io", "time": "Mon Sep 01 15:49:26 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Sep 01 15:49:26 2025 +0800" }, "message": "chore: Using workspace member instead (#605)\n\nSigned-off-by: Xuanwo \u003cgithub@xuanwo.io\u003e" }, { "commit": "1883d1cbcde8037fe0fe844949b48fd097c683dd", "tree": "23e07e628f5dae612456953b56ef1270e3b7cdff", "parents": [ "416d6c9aabf3d93eb1cf07957b0436fdf59c6788" ], "author": { "name": "dependabot[bot]", "email": "49699333+dependabot[bot]@users.noreply.github.com", "time": "Mon Sep 01 14:39:25 2025 +0800" }, "committer": { "name": "GitHub", "email": "noreply@github.com", "time": "Mon Sep 01 14:39:25 2025 +0800" }, "message": "chore(deps): Bump google-github-actions/auth from 2 to 3 (#604)\n\nBumps\n[google-github-actions/auth](https://github.com/google-github-actions/auth)\nfrom 2 to 3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca\nhref\u003d\"https://github.com/google-github-actions/auth/releases\"\u003egoogle-github-actions/auth\u0027s\nreleases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump to Node 24 and remove old parameters by \u003ca\nhref\u003d\"https://github.com/sethvargo\"\u003e\u003ccode\u003e@​sethvargo\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/pull/508\"\u003egoogle-github-actions/auth#508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove hacky script by \u003ca\nhref\u003d\"https://github.com/sethvargo\"\u003e\u003ccode\u003e@​sethvargo\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/pull/509\"\u003egoogle-github-actions/auth#509\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: v3.0.0 by \u003ca\nhref\u003d\"https://github.com/google-github-actions-bot\"\u003e\u003ccode\u003e@​google-github-actions-bot\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/pull/510\"\u003egoogle-github-actions/auth#510\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/google-github-actions/auth/compare/v2...v3.0.0\"\u003ehttps://github.com/google-github-actions/auth/compare/v2...v3.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.1.13\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate deps by \u003ca\nhref\u003d\"https://github.com/sethvargo\"\u003e\u003ccode\u003e@​sethvargo\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/pull/506\"\u003egoogle-github-actions/auth#506\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: v2.1.13 by \u003ca\nhref\u003d\"https://github.com/google-github-actions-bot\"\u003e\u003ccode\u003e@​google-github-actions-bot\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/pull/507\"\u003egoogle-github-actions/auth#507\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/google-github-actions/auth/compare/v2.1.12...v2.1.13\"\u003ehttps://github.com/google-github-actions/auth/compare/v2.1.12...v2.1.13\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.1.12\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd retries for getIDToken by \u003ca\nhref\u003d\"https://github.com/sethvargo\"\u003e\u003ccode\u003e@​sethvargo\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/pull/502\"\u003egoogle-github-actions/auth#502\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: v2.1.12 by \u003ca\nhref\u003d\"https://github.com/google-github-actions-bot\"\u003e\u003ccode\u003e@​google-github-actions-bot\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/pull/503\"\u003egoogle-github-actions/auth#503\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/google-github-actions/auth/compare/v2.1.11...v2.1.12\"\u003ehttps://github.com/google-github-actions/auth/compare/v2.1.11...v2.1.12\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.1.11\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate troubleshooting docs for Python by \u003ca\nhref\u003d\"https://github.com/sethvargo\"\u003e\u003ccode\u003e@​sethvargo\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/pull/488\"\u003egoogle-github-actions/auth#488\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd linters by \u003ca\nhref\u003d\"https://github.com/sethvargo\"\u003e\u003ccode\u003e@​sethvargo\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/pull/499\"\u003egoogle-github-actions/auth#499\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate deps by \u003ca\nhref\u003d\"https://github.com/sethvargo\"\u003e\u003ccode\u003e@​sethvargo\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/pull/500\"\u003egoogle-github-actions/auth#500\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: v2.1.11 by \u003ca\nhref\u003d\"https://github.com/google-github-actions-bot\"\u003e\u003ccode\u003e@​google-github-actions-bot\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/pull/501\"\u003egoogle-github-actions/auth#501\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/google-github-actions/auth/compare/v2.1.10...v2.1.11\"\u003ehttps://github.com/google-github-actions/auth/compare/v2.1.10...v2.1.11\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.1.10\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeclare workflow permissions by \u003ca\nhref\u003d\"https://github.com/sethvargo\"\u003e\u003ccode\u003e@​sethvargo\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/pull/482\"\u003egoogle-github-actions/auth#482\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument that the OIDC token expires in 5min by \u003ca\nhref\u003d\"https://github.com/sethvargo\"\u003e\u003ccode\u003e@​sethvargo\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/pull/483\"\u003egoogle-github-actions/auth#483\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: v2.1.10 by \u003ca\nhref\u003d\"https://github.com/google-github-actions-bot\"\u003e\u003ccode\u003e@​google-github-actions-bot\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/pull/484\"\u003egoogle-github-actions/auth#484\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca\nhref\u003d\"https://github.com/google-github-actions/auth/compare/v2.1.9...v2.1.10\"\u003ehttps://github.com/google-github-actions/auth/compare/v2.1.9...v2.1.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.1.9\u003c/h2\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUse our custom boolean parsing by \u003ca\nhref\u003d\"https://github.com/sethvargo\"\u003e\u003ccode\u003e@​sethvargo\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/pull/478\"\u003egoogle-github-actions/auth#478\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate deps by \u003ca\nhref\u003d\"https://github.com/sethvargo\"\u003e\u003ccode\u003e@​sethvargo\u003c/code\u003e\u003c/a\u003e in \u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/pull/479\"\u003egoogle-github-actions/auth#479\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRelease: v2.1.9 by \u003ca\nhref\u003d\"https://github.com/google-github-actions-bot\"\u003e\u003ccode\u003e@​google-github-actions-bot\u003c/code\u003e\u003c/a\u003e\nin \u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/pull/480\"\u003egoogle-github-actions/auth#480\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/google-github-actions/auth/commit/7c6bc770dae815cd3e89ee6cdf493a5fab2cc093\"\u003e\u003ccode\u003e7c6bc77\u003c/code\u003e\u003c/a\u003e\nRelease: v3.0.0 (\u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/issues/510\"\u003e#510\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/google-github-actions/auth/commit/42e4997ee345eebb9d114030d0f9e9b47829ee80\"\u003e\u003ccode\u003e42e4997\u003c/code\u003e\u003c/a\u003e\nRemove hacky script (\u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/issues/509\"\u003e#509\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca\nhref\u003d\"https://github.com/google-github-actions/auth/commit/5ea4dc11472eebb0a541812f1063c7d318adf57e\"\u003e\u003ccode\u003e5ea4dc1\u003c/code\u003e\u003c/a\u003e\nBump to Node 24 and remove old parameters (\u003ca\nhref\u003d\"https://redirect.github.com/google-github-actions/auth/issues/508\"\u003e#508\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca\nhref\u003d\"https://github.com/google-github-actions/auth/compare/v2...v3\"\u003ecompare\nview\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility\nscore](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dgoogle-github-actions/auth\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d2\u0026new-version\u003d3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t\nalter it yourself. You can also trigger a rebase manually by commenting\n`@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits\nthat have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after\nyour CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge\nand block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating\nit. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all\nof the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop\nDependabot creating any more for this major version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop\nDependabot creating any more for this minor version (unless you reopen\nthe PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop\nDependabot creating any more for this dependency (unless you reopen the\nPR or upgrade to it yourself)\n\n\n\u003c/details\u003e\n\nSigned-off-by: dependabot[bot] \u003csupport@github.com\u003e\nCo-authored-by: dependabot[bot] \u003c49699333+dependabot[bot]@users.noreply.github.com\u003e" } ], "next": "416d6c9aabf3d93eb1cf07957b0436fdf59c6788" }