From c12de78b582469e606f8fadfee3355fc2e663751 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 21 Nov 2024 22:01:43 +0000 Subject: [PATCH] build(deps): bump the github-actions group across 1 directory with 5 updates Bumps the github-actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.2.0` | `4.2.2` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.26.9` | `3.27.5` | | [actions/setup-node](https://github.com/actions/setup-node) | `4.0.4` | `4.1.0` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.3.4` | `4.5.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.0` | `4.4.3` | Updates `actions/checkout` from 4.2.0 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/d632683dd7b4114ad314bca15554477dd762a938...11bd71901bbe5b1630ceea73d27597364c9af683) Updates `github/codeql-action` from 3.26.9 to 3.27.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/461ef6c76dfe95d5c364de2f431ddbd31a417628...f09c1c0a94de965c15400f5634aa42fac8fb8f88) Updates `actions/setup-node` from 4.0.4 to 4.1.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/0a44ba7841725637a19e28fa30b79a866c81b0a6...39370e3970a6d050c480ffad4ff0ed4d3fdee5af) Updates `actions/dependency-review-action` from 4.3.4 to 4.5.0 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/5a2ce3f5b92ee19cbb1541a4984c76d921601d7c...3b139cfc5fae8b618d3eae3675e383bb1769c019) Updates `actions/upload-artifact` from 4.4.0 to 4.4.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/50769540e7f4bd5e21e526ee35c689e35e0d6874...b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/check-exec.yaml | 2 +- .github/workflows/check-helpers.yaml | 2 +- .github/workflows/check-kubernetes.yaml | 2 +- .github/workflows/check-oci.yaml | 2 +- .github/workflows/codeql.yaml | 6 +++--- .github/workflows/commitlint.yaml | 4 ++-- .github/workflows/dependency-review.yml | 4 ++-- .github/workflows/lint.yaml | 2 +- .github/workflows/openssf.yaml | 6 +++--- .github/workflows/release-exec.yaml | 4 ++-- .github/workflows/release-helpers.yaml | 4 ++-- .github/workflows/release-kubernetes.yaml | 4 ++-- .github/workflows/release-oci.yaml | 4 ++-- .github/workflows/scan-cves.yaml | 2 +- .github/workflows/test-unit.yaml | 2 +- 15 files changed, 25 insertions(+), 25 deletions(-) diff --git a/.github/workflows/check-exec.yaml b/.github/workflows/check-exec.yaml index 638178d..e79c3d0 100644 --- a/.github/workflows/check-exec.yaml +++ b/.github/workflows/check-exec.yaml @@ -17,7 +17,7 @@ jobs: new-version: ${{ steps.bump-version.outputs.new-version }} steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 diff --git a/.github/workflows/check-helpers.yaml b/.github/workflows/check-helpers.yaml index 8c25319..cdb5418 100644 --- a/.github/workflows/check-helpers.yaml +++ b/.github/workflows/check-helpers.yaml @@ -17,7 +17,7 @@ jobs: new-version: ${{ steps.bump-version.outputs.new-version }} steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 diff --git a/.github/workflows/check-kubernetes.yaml b/.github/workflows/check-kubernetes.yaml index 4f4966d..801dd03 100644 --- a/.github/workflows/check-kubernetes.yaml +++ b/.github/workflows/check-kubernetes.yaml @@ -17,7 +17,7 @@ jobs: new-version: ${{ steps.bump-version.outputs.new-version }} steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 diff --git a/.github/workflows/check-oci.yaml b/.github/workflows/check-oci.yaml index 2692019..8af21ec 100644 --- a/.github/workflows/check-oci.yaml +++ b/.github/workflows/check-oci.yaml @@ -17,7 +17,7 @@ jobs: new-version: ${{ steps.bump-version.outputs.new-version }} steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 563f969..32cf66f 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -28,13 +28,13 @@ jobs: steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install tools uses: ./.github/actions/install-tools - name: Initialize CodeQL - uses: github/codeql-action/init@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 + uses: github/codeql-action/init@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 with: languages: go config-file: ./.github/codeql.yaml @@ -42,6 +42,6 @@ jobs: - run: make build - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 + uses: github/codeql-action/analyze@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 with: category: "/language:go" diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml index 8e2c288..0750f84 100644 --- a/.github/workflows/commitlint.yaml +++ b/.github/workflows/commitlint.yaml @@ -16,12 +16,12 @@ jobs: steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Setup Node.js - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 - name: Install commitlint run: npm install --save-dev @commitlint/{config-conventional,cli} diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 41da472..51a63bf 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -9,6 +9,6 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Dependency Review - uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4 + uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0 diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 40c4e30..1f342da 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install tools uses: ./.github/actions/install-tools diff --git a/.github/workflows/openssf.yaml b/.github/workflows/openssf.yaml index 7f92d3d..4501aa9 100644 --- a/.github/workflows/openssf.yaml +++ b/.github/workflows/openssf.yaml @@ -22,7 +22,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false @@ -47,13 +47,13 @@ jobs: publish_results: true - name: "Upload artifact" - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: SARIF file path: results.sarif retention-days: 5 - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 + uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 with: sarif_file: results.sarif diff --git a/.github/workflows/release-exec.yaml b/.github/workflows/release-exec.yaml index 17dd155..3be94ed 100644 --- a/.github/workflows/release-exec.yaml +++ b/.github/workflows/release-exec.yaml @@ -17,7 +17,7 @@ jobs: new-version: ${{ steps.bump-version.outputs.new-version }} steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 @@ -34,7 +34,7 @@ jobs: environment: release steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 diff --git a/.github/workflows/release-helpers.yaml b/.github/workflows/release-helpers.yaml index 872d5e8..9c8751b 100644 --- a/.github/workflows/release-helpers.yaml +++ b/.github/workflows/release-helpers.yaml @@ -17,7 +17,7 @@ jobs: new-version: ${{ steps.bump-version.outputs.new-version }} steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 @@ -34,7 +34,7 @@ jobs: environment: release steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 diff --git a/.github/workflows/release-kubernetes.yaml b/.github/workflows/release-kubernetes.yaml index c0db258..a641b3e 100644 --- a/.github/workflows/release-kubernetes.yaml +++ b/.github/workflows/release-kubernetes.yaml @@ -17,7 +17,7 @@ jobs: new-version: ${{ steps.bump-version.outputs.new-version }} steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 @@ -34,7 +34,7 @@ jobs: environment: release steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 diff --git a/.github/workflows/release-oci.yaml b/.github/workflows/release-oci.yaml index fcff8fc..6a5d3be 100644 --- a/.github/workflows/release-oci.yaml +++ b/.github/workflows/release-oci.yaml @@ -17,7 +17,7 @@ jobs: new-version: ${{ steps.bump-version.outputs.new-version }} steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 @@ -34,7 +34,7 @@ jobs: environment: release steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 diff --git a/.github/workflows/scan-cves.yaml b/.github/workflows/scan-cves.yaml index c95867d..d082b45 100644 --- a/.github/workflows/scan-cves.yaml +++ b/.github/workflows/scan-cves.yaml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install tools uses: ./.github/actions/install-tools diff --git a/.github/workflows/test-unit.yaml b/.github/workflows/test-unit.yaml index 8ed6ed1..f89d4e1 100644 --- a/.github/workflows/test-unit.yaml +++ b/.github/workflows/test-unit.yaml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install tools uses: ./.github/actions/install-tools