Sourced from actions/cache's releases.

v3.0.0

• This change adds a minimum runner version(node12 -> node16), which can break users using an out-of-date/fork of the runner. This would be most commonly affecting users on GHES 3.3 or before, as those runners do not support node16 actions and they can use actions from github.com via github connect or manually copying the repo to their GHES instance.

• Few dependencies and cache action usage examples have also been updated.

v2.1.7

Support 10GB cache upload using the latest version 1.0.8 of @actions/cache

v2.1.6

• Catch unhandled "bad file descriptor" errors that sometimes occurs when the cache server returns non-successful response (actions/cache#596)

v2.1.5

• Fix permissions error seen when extracting caches with GNU tar that were previously created using BSD tar (actions/cache#527)

v2.1.4

• Make caching more verbose #650
• Use GNU tar on macOS if available #701

v2.1.3

• Upgrades @actions/core to v1.2.6 for CVE-2020-15228. This action was not using the affected methods.
• Fix error handling in uploadChunk where 400-level errors were not being detected and handled correctly

v2.1.2

• Adds input to limit the chunk upload size, useful for self-hosted runners with slower upload speeds
• No-op when executing on GHES

v2.1.1

• Update @actions/cache package to v1.0.2 which allows cache action to use posix format when taring files.

v2.1.0

• Replaces the http-client with the Azure Storage SDK for NodeJS when downloading cache content from Azure. This should help improve download performance and reliability as the SDK downloads files in 4 MB chunks, which can be parallelized and retried independently
• Display download progress and speed

• 4b0cf6c Merge pull request #769 from actions/users/ashwinsangem/bump_major_version
• 60c606a Update licensed files
• b6e9a91 Revert "Updated to the latest version."
• c842503 Updated to the latest version.
• 2b7da2a Bumped up to a major version.
• deae296 Merge pull request #651 from magnetikonline/fix-golang-windows-example
• c7c46bc Merge pull request #707 from duxtland/main
• 6535c5f Regenerated examples.md TOC
• 3fdafa4 Update GitHub Actions status badge markdown in README.md
• 341e6d7 Merge branch 'actions:main' into fix-golang-windows-example
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

v4.67.4: Fix encoding/decoding an array of dates with URL Encoding

Compare Source

This patch was authored and released by @​Joannis.

Fixes a bug where an Array of Dates wouldn't be encoded or decoded when using URL encoding.

v4.67.3: Fix Stream Callback never being called in close

Compare Source

This patch was authored and released by @​0xTim.

Fixes a bug where abandoned requests mean that the stream callback is never invoked. This happens when a client sends a request, the server starts processing it but hasn't constructed the Response and then the client closes early. The response is discarded, as is the stream callback so it never gets invoked. This fixes that issue

v4.67.2: Fix unused generator parameter in Array.random(count:using:)

Compare Source

This patch was authored by @​michal-tomlein and released by @​0xTim.

The generator parameter in Array.random(count:using:) was unused in what appears to be a copy-paste error. This change passes it down to FixedWidthInteger.random(using:), which was the original intention.

v4.67.1: Fix 24h timeformat for expire and last-modified header

Compare Source

This patch was authored by @​patrick-zippenfenig and released by @​0xTim.

Expire and Last-Modified header were encoding the hour part in 12h format (hh) instead of 24h format (HH). This results in timestamps being 12 hours off for all afternoon hours. This fixes the format used to follow the spec correctly and adds tests to ensure no regressions.

v4.67.0: Conforms Request.Body to AsyncSequence

Compare Source

This patch was authored by @​mcritz and released by @​0xTim.

This PR wraps Request.Body.drain() as a modern Swift AsyncSequence<ByteBuffer, Error>.

This is useful to stream bytes from request rather than collecting them in memory. Example: A route could handle a multigigbyte file upload like this:

do {
    let nioFileHandle = try NIOFileHandle(path: filePath, mode: .write)
    var offset: Int64 = 0
    
    for try await bytes in req.body {
        try await req.application.fileio.write(fileHandle: nioFileHandle,
                                               toOffset: offset,
                                               buffer: bytes,
                                               eventLoop: req.eventLoop).get()
        offset += Int64(bytes.readableBytes)
        try nioFileHandle.close()
    }
} catch {
   ...
}

v4.66.1: Migrate from Lock to NIOLock

Compare Source

This patch was authored by @​MahdiBM and released by @​0xTim.

Lock has recently been deprecated in favor of NIOLock.

Changes

All Locks have been renamed to NIOLock.

v4.66.0: Prevent vapor from crashing during a crash in third-party code, obfuscating the real problem

Compare Source

This patch was authored by @​Joannis and released by @​0xTim.

If a third-party library or user defined code crashed a Vapor app, the Vapor Application deinit will crash the app before the real issue pops up. This leads to frustrating debug sessions

v4.65.2: Fixing issue #​2755: updating config storage inside HTTPServer

Compare Source

This patch was authored by @​rkreutz and released by @​gwynne.

We can update application.storage from within HTTPServer, this way we can keep any changes that happen to the configuration internally up-to-date with the application storage.

This possibly has the least changes and less surface of potential flaws, since we are only adding an extra param and working on top of it. However, now we are setting the application storage from within HTTPServer, there is no issue with that, is just that now we have 2 places changing the storage for the config.

Resolves #​2755

v4.65.1: Add missing protocol ExpressibleByStringLiteral to HTTPHeaders.Name

Compare Source

This patch was authored by @​grahamburgsma and released by @​0xTim.

Add missing protocol ExpressibleByStringLiteral to HTTPHeaders.Name. The implementation init(stringLiteral:) was there, but the actual protocol was missing.

v4.65.0: Implement support for custom verify callbacks

Compare Source

This patch was authored by @​Lukasa and released by @​0xTim.

Motivation

When using NIOSSL it is sometimes necessary to completely take over the certificate verification logic. NIOSSL exposes a callback for this, but it's currently hidden from Vapor users. We should let them get access to this callback.

Modifications

• Added the callback to the HTTPServer configuration struct.
• Plumbed the callback through.
• Added some invalid test certs to the resources for the tests.
• Added a test to confirm the override functions correctly.

Result

Users can override client cert validation.

v4.64.0: Add support for regular expression validations

Compare Source

This patch was authored by @​K1NXZ and released by @​0xTim.

Validate a regular expression pattern

Example:

struct TestContent: Codable, Validatable {
    static func validations(_ validations: inout Validations) {
        validations.add("numbersOnly", as: String.self, is: .pattern("^[0-9]*$"))
    }
    
    let numbersOnly: String
    
    init(numbersOnly: String) {
        self.numbersOnly = numbersOnly
    }
}

v4.63.0: Add documentation comments and a defaulting subscript to Storage.

Compare Source

This patch was authored and released by @​gwynne.

The new subscript simplifies "provider" implementations that extend Application and use its Storage instance without complex initialization requirements:

extension Application {
    public struct Foo {
        final class Storage { /* content which needs no special initialization */ }
        struct Key: StorageKey { typealias Value = Storage }
        let application: Application

        // Before:
        var storage: Storage {
            if self.application.storage[Key.self] == nil { self.initialize() }
            return self.application.storage[Key.self]!
        }

        func initialize() { self.application.storage[Key.self] = .init() }

        // After:
        var storage: Storage { self.application.storage[Key.self, default: .init()] }

v4.62.2: fix: validate each not taking required parameter into account

Compare Source

This patch was authored by @​BasPeter and released by @​0xTim.

• Required parameter in add(each) now taken into account for validation
• Add tests for required false test case

v4.62.1: Fix CredentialsAuthenticator not receiving all the body

Compare Source

This patch was authored and released by @​0xTim.

This is a workaround for #​2742. This ensures the request body is available in the middleware rather than it failing silently.

v4.62.0: Conform Bool to Content

Compare Source

This patch was authored by @​josercc and released by @​0xTim.

Conform Bool to Content to allow Bool types to be returned to the top level

app.get("isOK") { req in
    return true
}

v4.6.0: Update minimum Swift version to 5.5

Compare Source

This patch was authored and released by @​gwynne.

Also updates very ancient CI.

v4.5.0: Add asyncCredentialsAuthenticator to ModelCredentialsAuthenticatable

Compare Source

This patch was authored by @​fatto and released by @​0xTim.

Adds asyncCredentialsAuthenticator to ModelCredentialsAuthenticatable to allow it to be overridden if needs be

• Schedule: ["at any time"]
• Branch name: renovate/vapor-fluent-4.x
• Merge into: main
• Upgrade vapor/fluent to 2da106f46b093885f77fa03e3c719ab5bb8cfab4

• Schedule: ["at any time"]
• Branch name: renovate/vapor-vapor-4.x
• Merge into: main
• Upgrade vapor/vapor to 2d54398d50951f177eb899c05154636e381f3bc6

Sourced from cycjimmy/semantic-release-action's releases.

v3.0.0

3.0.0 (2022-03-03)

Features

• switch operating environment to node16 (b5f16ae), closes #92 #96

BREAKING CHANGES

• switch operating environment to node16

v2.7.0

2.7.0 (2021-12-12)

Features

• add working dir (7126083)

v2.6.0

2.6.0 (2021-10-15)

Features

• add output for last release version (f8175c6)

v2.5.4

2.5.4 (2021-04-30)

Bug Fixes

• use error loglevel for installing dependencies (ed6729b), closes #57

v2.5.3

... (truncated)

Sourced from cycjimmy/semantic-release-action's changelog.

3.1.2 (2022-10-19)

Bug Fixes

• actions: update @​actions/core to cope with new output (3e7aded)

3.1.1 (2022-08-30)

Bug Fixes

• set last_release_version output even if no release has been published (b1467cd)

3.1.0 (2022-08-05)

Features

• handle versioned extends inputs correctly (4a51b9f)

3.0.0 (2022-03-03)

Features

• switch operating environment to node16 (b5f16ae), closes #92 #96

BREAKING CHANGES

• switch operating environment to node16

2.7.0 (2021-12-12)

Features

• add working dir (7126083)

2.6.0 (2021-10-15)

Features

• add output for last release version (f8175c6)

2.5.4 (2021-04-30)

... (truncated)

• 8f6ceb9 chore(release): 3.2.0 [skip ci]
• a297eb1 Merge pull request #135 from dkhunt27/cycjimmy
• 385af4f feat: added gitHead and gitTag outputs
• 17e74ff Merge pull request #2 from cycjimmy/main
• bdd914f docs(README): update broken links
• be27b56 chore(release): 3.1.2 [skip ci]
• 37e7c02 Merge pull request #129 from OlivierCuyp/main
• 3e7aded fix(actions): update @​actions/core to cope with new output
• 8139709 Merge pull request #126 from cycjimmy/dependabot/npm_and_yarn/actions/core-1....
• 269aa6b Merge pull request #124 from nickmccurdy/rename-to-main
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/cache's releases.

v3.0.1

• Added support for caching from GHES 3.5.
• Fixed download issue for files > 2GB during restore.

v3.0.0

• This change adds a minimum runner version(node12 -> node16), which can break users using an out-of-date/fork of the runner. This would be most commonly affecting users on GHES 3.3 or before, as those runners do not support node16 actions and they can use actions from github.com via github connect or manually copying the repo to their GHES instance.

• Few dependencies and cache action usage examples have also been updated.

v2.1.7

Support 10GB cache upload using the latest version 1.0.8 of @actions/cache

v2.1.6

• Catch unhandled "bad file descriptor" errors that sometimes occurs when the cache server returns non-successful response (actions/cache#596)

v2.1.5

• Fix permissions error seen when extracting caches with GNU tar that were previously created using BSD tar (actions/cache#527)

v2.1.4

• Make caching more verbose #650
• Use GNU tar on macOS if available #701

v2.1.3

• Upgrades @actions/core to v1.2.6 for CVE-2020-15228. This action was not using the affected methods.
• Fix error handling in uploadChunk where 400-level errors were not being detected and handled correctly

v2.1.2

• Adds input to limit the chunk upload size, useful for self-hosted runners with slower upload speeds
• No-op when executing on GHES

v2.1.1

• Update @actions/cache package to v1.0.2 which allows cache action to use posix format when taring files.

v2.1.0

• Replaces the http-client with the Azure Storage SDK for NodeJS when downloading cache content from Azure. This should help improve download performance and reliability as the SDK downloads files in 4 MB chunks, which can be parallelized and retried independently
• Display download progress and speed

Sourced from actions/cache's changelog.

3.0.1

• Added support for caching from GHES 3.5.
• Fixed download issue for files > 2GB during restore.

• 136d96b Enabling actions/cache for GHES based on presence of AC service (#774)
• 7d4f40b Bumping up the version to fix download issue for files > 2 GB. (#775)
• 2d8d0d1 Updated what's new. (#771)
• 7799d86 Updated the usage and docs to the major version release. (#770)
• 4b0cf6c Merge pull request #769 from actions/users/ashwinsangem/bump_major_version
• 60c606a Update licensed files
• b6e9a91 Revert "Updated to the latest version."
• c842503 Updated to the latest version.
• 2b7da2a Bumped up to a major version.
• deae296 Merge pull request #651 from magnetikonline/fix-golang-windows-example
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Sourced from actions/checkout's releases.

v3.0.0

• Update default runtime to node16

v2.4.0

• Convert SSH URLs like org-<ORG_ID>@github.com: to https://github.com/ - pr

v2.3.5

Update dependencies

v2.3.4

• Add missing awaits
• Swap to Environment Files

v2.3.3

• Remove Unneeded commit information from build logs
• Add Licensed to verify third party dependencies

v2.3.2

Add Third Party License Information to Dist Files

v2.3.1

Fix default branch resolution for .wiki and when using SSH

v2.3.0

Fallback to the default branch

v2.2.0

Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH
• Add submodule support
• Follow proxy settings
• Fix ref for pr closed event when a pr is merged
• Fix issue checking detached when git less than 2.22

Sourced from actions/checkout's changelog.

Changelog

v2.3.1

• Fix default branch resolution for .wiki and when using SSH

v2.3.0

• Fallback to the default branch

v2.2.0

• Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

• Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH
• Add submodule support
• Follow proxy settings
• Fix ref for pr closed event when a pr is merged
• Fix issue checking detached when git less than 2.22

v2.0.0

• Do not pass cred on command line
• Add input persist-credentials
• Fallback to REST API to download repo

• a12a394 update readme for v3 (#708)
• 8f9e05e Update to node 16 (#689)
• 230611d Change secret name for PAT to not start with GITHUB_ (#623)
• See full diff in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

.github/workflows/merge-main.yml

• actions/checkout v3
• cycjimmy/semantic-release-action v3
• actions/create-release v1
• hugo19941994/delete-draft-releases v1.0.0
• actions/create-release v1

.github/workflows/pull-request.yml

• actions/checkout v3
• swift-actions/setup-swift v1
• actions/cache v3

Package.swift

• vapor/vapor from: "4.67.5"
• vapor/fluent from: "4.6.0"