From 23be0c987b1e0c1cff95d34c0867c9e3ca770dcd Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 1 May 2024 15:32:52 +0000
Subject: [PATCH 1/2] Bump actions/checkout from 4.1.2 to 4.1.4 (#63)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.2 to 4.1.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p>
<blockquote>
<h2>v4.1.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@âjww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.3...v4.1.4">https://github.com/actions/checkout/compare/v4.1.3...v4.1.4</a></p>
<h2>v4.1.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@âjww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li>
<li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@âjww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li>
<li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v4.1.2...v4.1.3">https://github.com/actions/checkout/compare/v4.1.2...v4.1.3</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v4.1.4</h2>
<ul>
<li>Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@âjww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1692">actions/checkout#1692</a></li>
<li>Add dependabot config by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1688">actions/checkout#1688</a></li>
<li>Bump the minor-actions-dependencies group with 2 updates by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1693">actions/checkout#1693</a></li>
<li>Bump word-wrap from 1.2.3 to 1.2.5 by <a href="https://github.com/dependabot"><code>@âdependabot</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1643">actions/checkout#1643</a></li>
</ul>
<h2>v4.1.3</h2>
<ul>
<li>Check git version before attempting to disable <code>sparse-checkout</code> by <a href="https://github.com/jww3"><code>@âjww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li>
<li>Add SSH user parameter by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li>
<li>Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> by <a href="https://github.com/jww3"><code>@âjww3</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li>
</ul>
<h2>v4.1.2</h2>
<ul>
<li>Fix: Disable sparse checkout whenever <code>sparse-checkout</code> option is not present <a href="https://github.com/dscho"><code>@âdscho</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1598">actions/checkout#1598</a></li>
</ul>
<h2>v4.1.1</h2>
<ul>
<li>Correct link to GitHub Docs by <a href="https://github.com/peterbe"><code>@âpeterbe</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1511">actions/checkout#1511</a></li>
<li>Link to release page from what's new section by <a href="https://github.com/cory-miller"><code>@âcory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1514">actions/checkout#1514</a></li>
</ul>
<h2>v4.1.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1396">Add support for partial checkout filters</a></li>
</ul>
<h2>v4.0.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1067">Support fetching without the --progress option</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1436">Update to node20</a></li>
</ul>
<h2>v3.6.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1377">Fix: Mark test scripts with Bash'isms to be run via Bash</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/579">Add option to fetch tags even if fetch-depth &gt; 0</a></li>
</ul>
<h2>v3.5.3</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1196">Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1287">Fix typos found by codespell</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1369">Add support for sparse checkouts</a></li>
</ul>
<h2>v3.5.2</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1289">Fix api endpoint for GHES</a></li>
</ul>
<h2>v3.5.1</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1246">Fix slow checkout on Windows</a></li>
</ul>
<h2>v3.5.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1237">Add new public key for known_hosts</a></li>
</ul>
<h2>v3.4.0</h2>
<ul>
<li><a href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade codeql actions to v2</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade dependencies</a></li>
<li><a href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade <code>@âactions/io</code></a></li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/actions/checkout/commit/0ad4b8fadaa221de15dcec353f45205ec38ea70b"><code>0ad4b8f</code></a> Prep Release v4.1.4 (<a href="https://redirect.github.com/actions/checkout/issues/1704">#1704</a>)</li>
<li><a href="https://github.com/actions/checkout/commit/43045ae669be728bd34ed56fcd1a230c0dc4d8e2"><code>43045ae</code></a> Disable <code>extensions.worktreeConfig</code> when disabling <code>sparse-checkout</code> (<a href="https://redirect.github.com/actions/checkout/issues/1692">#1692</a>)</li>
<li><a href="https://github.com/actions/checkout/commit/37b082107ba410260a3aaddf93122e04801ce631"><code>37b0821</code></a> Bump the minor-actions-dependencies group with 2 updates (<a href="https://redirect.github.com/actions/checkout/issues/1693">#1693</a>)</li>
<li><a href="https://github.com/actions/checkout/commit/9839dc14a02ddc6b6995e69eb3ecb98132fc8b6b"><code>9839dc1</code></a> Add dependabot config (<a href="https://redirect.github.com/actions/checkout/issues/1688">#1688</a>)</li>
<li><a href="https://github.com/actions/checkout/commit/9b4c13b0bfa31b4514c14f74b5a166c2708f43c6"><code>9b4c13b</code></a> Bump word-wrap from 1.2.3 to 1.2.5 (<a href="https://redirect.github.com/actions/checkout/issues/1643">#1643</a>)</li>
<li><a href="https://github.com/actions/checkout/commit/1d96c772d19495a3b5c517cd2bc0cb401ea0529f"><code>1d96c77</code></a> Add SSH user parameter (<a href="https://redirect.github.com/actions/checkout/issues/1685">#1685</a>)</li>
<li><a href="https://github.com/actions/checkout/commit/cd7d8d697e10461458bc61a30d094dc601a8b017"><code>cd7d8d6</code></a> Check git version before attempting to disable <code>sparse-checkout</code> (<a href="https://redirect.github.com/actions/checkout/issues/1656">#1656</a>)</li>
<li><a href="https://github.com/actions/checkout/commit/8410ad0602e1e429cee44a835ae9f77f654a6694"><code>8410ad0</code></a> Update <code>actions/checkout</code> version in <code>update-main-version.yml</code> (<a href="https://redirect.github.com/actions/checkout/issues/1650">#1650</a>)</li>
<li>See full diff in <a href="https://github.com/actions/checkout/compare/9bb56186c3b09b4f86b1c65136769dd318469633...0ad4b8fadaa221de15dcec353f45205ec38ea70b">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.2&new-version=4.1.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
---
 .github/workflows/test-package.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/.github/workflows/test-package.yml b/.github/workflows/test-package.yml
index 543075c..e7c9974 100644
--- a/.github/workflows/test-package.yml
+++ b/.github/workflows/test-package.yml
@@ -24,7 +24,7 @@ jobs:
       matrix:
         sdk: [dev]
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b
       - uses: dart-lang/setup-dart@fedb1266e91cf51be2fdb382869461a434b920a3
         with:
           sdk: ${{ matrix.sdk }}
@@ -51,7 +51,7 @@ jobs:
         os: [ubuntu-latest]
         sdk: [3.1, dev]
     steps:
-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b
       - uses: dart-lang/setup-dart@fedb1266e91cf51be2fdb382869461a434b920a3
         with:
           sdk: ${{ matrix.sdk }}

From 6695954806342e69c0c334160fe0cee995609856 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 1 May 2024 15:35:07 +0000
Subject: [PATCH 2/2] Bump dart-lang/setup-dart from 1.6.2 to 1.6.4 (#64)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps [dart-lang/setup-dart](https://github.com/dart-lang/setup-dart) from 1.6.2 to 1.6.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a href="https://github.com/dart-lang/setup-dart/releases">dart-lang/setup-dart's releases</a>.</em></p>
<blockquote>
<h2>v1.6.4</h2>
<ul>
<li>Rebuild JS code to include changes from v1.6.3</li>
</ul>
<h2>v1.6.3</h2>
<ul>
<li>Roll <code>undici</code> dependency to address <a href="https://github.com/nodejs/undici/security/advisories/GHSA-m4v8-wqvr-p9f7">CVE-2024-30260</a> and <a href="https://github.com/nodejs/undici/security/advisories/GHSA-9qxr-qj54-h672">CVE-2024-30261</a>.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a href="https://github.com/dart-lang/setup-dart/blob/main/CHANGELOG.md">dart-lang/setup-dart's changelog</a>.</em></p>
<blockquote>
<h2>v1.6.4</h2>
<ul>
<li>Rebuild JS code.</li>
</ul>
<h2>v1.6.3</h2>
<ul>
<li>Roll <code>undici</code> dependency to address <a href="https://github.com/nodejs/undici/security/advisories/GHSA-m4v8-wqvr-p9f7">CVE-2024-30260</a> and <a href="https://github.com/nodejs/undici/security/advisories/GHSA-9qxr-qj54-h672">CVE-2024-30261</a>.</li>
</ul>
<h2>v1.6.2</h2>
<ul>
<li>Switch to running the workflow on <code>node20`` from </code>node16`. See also
<a href="https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20/">Transitioning from Node 16 to Node 20</a>.</li>
</ul>
<h2>v1.6.1</h2>
<ul>
<li>Updated the google storage url for <code>main</code> channel releases.</li>
</ul>
<h2>v1.6.0</h2>
<ul>
<li>Enable provisioning of the latest Dart SDK patch release by specifying just
the major and minor version (e.g. <code>3.2</code>).</li>
</ul>
<h2>v1.5.1</h2>
<ul>
<li>No longer test the <code>setup-dart</code> action on pre-2.12 SDKs.</li>
<li>Upgrade JS interop code to use extension types
(the new name for inline classes).</li>
<li>The upcoming rename of the <code>be</code> channel to <code>main</code> is now supported with
forward compatibility that switches when the rename happens.</li>
</ul>
<h2>v1.5.0</h2>
<ul>
<li>Re-wrote the implementation of the action into Dart.</li>
<li>Auto-detect the platform architecture (<code>x64</code>, <code>ia32</code>, <code>arm</code>, <code>arm64</code>).</li>
<li>Improved the caching and download resilience of the sdk.</li>
<li>Added a new action output: <code>dart-version</code> - the installed version of the sdk.</li>
</ul>
<h2>v1.4.0</h2>
<ul>
<li>Automatically create OIDC token for pub.dev.</li>
<li>Add a reusable workflow for publishing.</li>
</ul>
<h2>v1.3.0</h2>
<ul>
<li>The install location of the Dart SDK is now available</li>
</ul>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a href="https://github.com/dart-lang/setup-dart/commit/f0ead981b4d9a35b37f30d36160575d60931ec30"><code>f0ead98</code></a> Rebuild JS code (<a href="https://redirect.github.com/dart-lang/setup-dart/issues/129">#129</a>)</li>
<li><a href="https://github.com/dart-lang/setup-dart/commit/65c82982aa686933bf10d50aced7a27b2b63f2a6"><code>65c8298</code></a> Update CHANGELOG.md (<a href="https://redirect.github.com/dart-lang/setup-dart/issues/128">#128</a>)</li>
<li><a href="https://github.com/dart-lang/setup-dart/commit/57338d64c065775c2cf86eaf665316ea44e0249d"><code>57338d6</code></a> Bump undici from 5.28.3 to 5.28.4 (<a href="https://redirect.github.com/dart-lang/setup-dart/issues/127">#127</a>)</li>
<li><a href="https://github.com/dart-lang/setup-dart/commit/05d3f5ec28dca4e3ae8991f2be7828a62942f8a8"><code>05d3f5e</code></a> Bump <code>@âactions/http-client</code> from 2.2.0 to 2.2.1 (<a href="https://redirect.github.com/dart-lang/setup-dart/issues/126">#126</a>)</li>
<li><a href="https://github.com/dart-lang/setup-dart/commit/b8c0b77d1f6fb52c5ddff2fc3da6cfa3f9585860"><code>b8c0b77</code></a> no longer specify the inline-class experiment flag (<a href="https://redirect.github.com/dart-lang/setup-dart/issues/125">#125</a>)</li>
<li><a href="https://github.com/dart-lang/setup-dart/commit/b9952d818df9b43bab696de0e1b7bbf09464a829"><code>b9952d8</code></a> Bump undici from 5.27.0 to 5.28.3 (<a href="https://redirect.github.com/dart-lang/setup-dart/issues/124">#124</a>)</li>
<li><a href="https://github.com/dart-lang/setup-dart/commit/9a6ee8904aa6a1fa76b02bb3e7b0ec30cddcaaac"><code>9a6ee89</code></a> Bump dart-lang/setup-dart from 1.6.0 to 1.6.2 (<a href="https://redirect.github.com/dart-lang/setup-dart/issues/123">#123</a>)</li>
<li>See full diff in <a href="https://github.com/dart-lang/setup-dart/compare/fedb1266e91cf51be2fdb382869461a434b920a3...f0ead981b4d9a35b37f30d36160575d60931ec30">compare view</a></li>
</ul>
</details>
<br />

[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=dart-lang/setup-dart&package-manager=github_actions&previous-version=1.6.2&new-version=1.6.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

</details>
---
 .github/workflows/test-package.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/test-package.yml b/.github/workflows/test-package.yml
index e7c9974..30ee7fa 100644
--- a/.github/workflows/test-package.yml
+++ b/.github/workflows/test-package.yml
@@ -25,7 +25,7 @@ jobs:
         sdk: [dev]
     steps:
       - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b
-      - uses: dart-lang/setup-dart@fedb1266e91cf51be2fdb382869461a434b920a3
+      - uses: dart-lang/setup-dart@f0ead981b4d9a35b37f30d36160575d60931ec30
         with:
           sdk: ${{ matrix.sdk }}
       - id: install
@@ -52,7 +52,7 @@ jobs:
         sdk: [3.1, dev]
     steps:
       - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b
-      - uses: dart-lang/setup-dart@fedb1266e91cf51be2fdb382869461a434b920a3
+      - uses: dart-lang/setup-dart@f0ead981b4d9a35b37f30d36160575d60931ec30
         with:
           sdk: ${{ matrix.sdk }}
       - id: install
