From 19a9f5df85afdfd434d0d1cbec9b033e4feb9b8c Mon Sep 17 00:00:00 2001 From: Chad Bentz <1760475+felickz@users.noreply.github.com> Date: Thu, 9 Mar 2023 13:49:38 -0500 Subject: [PATCH 01/23] Add runner size docs --- code-scanning/codeql.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/code-scanning/codeql.yml b/code-scanning/codeql.yml index f0c3bebfae..79a4a7c109 100644 --- a/code-scanning/codeql.yml +++ b/code-scanning/codeql.yml @@ -23,6 +23,11 @@ on: jobs: analyze: name: Analyze + # Runner size impacts CodeQL analysis time. Please see: + # https://gh.io/recommended-hardware-resources-for-running-codeql + # https://gh.io/supported-runners-and-hardware-resources + # https://gh.io/using-larger-runners + # to learn more. runs-on: ubuntu-latest permissions: actions: read From 744aa3940ae8bc1de5fb3d4a5d58832d1fa70573 Mon Sep 17 00:00:00 2001 From: daz Date: Tue, 18 Apr 2023 12:10:27 -0600 Subject: [PATCH 02/23] Update to v2.4.2 of gradle/gradle-build-action This update contains important fixes and we recommend that all new workflows use this version. --- ci/gradle-publish.yml | 4 ++-- ci/gradle.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ci/gradle-publish.yml b/ci/gradle-publish.yml index 42eae2721b..326c3ca127 100644 --- a/ci/gradle-publish.yml +++ b/ci/gradle-publish.yml @@ -30,14 +30,14 @@ jobs: settings-path: ${{ github.workspace }} # location for the settings.xml file - name: Build with Gradle - uses: gradle/gradle-build-action@67421db6bd0bf253fb4bd25b31ebb98943c375e1 + uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 with: arguments: build # The USERNAME and TOKEN need to correspond to the credentials environment variables used in # the publishing section of your build.gradle - name: Publish to GitHub Packages - uses: gradle/gradle-build-action@67421db6bd0bf253fb4bd25b31ebb98943c375e1 + uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 with: arguments: publish env: diff --git a/ci/gradle.yml b/ci/gradle.yml index 2be0b58ec9..461a705fc0 100644 --- a/ci/gradle.yml +++ b/ci/gradle.yml @@ -29,6 +29,6 @@ jobs: java-version: '11' distribution: 'temurin' - name: Build with Gradle - uses: gradle/gradle-build-action@67421db6bd0bf253fb4bd25b31ebb98943c375e1 + uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 with: arguments: build From f6b2d354a2ab0113314ab63a77d94d6532475e47 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Apr 2023 20:56:17 +0000 Subject: [PATCH 03/23] Bump peter-evans/close-issue from 2 to 3 Bumps [peter-evans/close-issue](https://github.com/peter-evans/close-issue) from 2 to 3. - [Release notes](https://github.com/peter-evans/close-issue/releases) - [Commits](https://github.com/peter-evans/close-issue/compare/v2...v3) --- updated-dependencies: - dependency-name: peter-evans/close-issue dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/label-feature.yml | 2 +- .github/workflows/label-support.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/label-feature.yml b/.github/workflows/label-feature.yml index 122caac624..aaf1e7e805 100644 --- a/.github/workflows/label-feature.yml +++ b/.github/workflows/label-feature.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Close Issue - uses: peter-evans/close-issue@v2 + uses: peter-evans/close-issue@v3 if: contains(github.event.issue.labels.*.name, 'feature') with: comment: | diff --git a/.github/workflows/label-support.yml b/.github/workflows/label-support.yml index e762afcc33..639ae0a585 100644 --- a/.github/workflows/label-support.yml +++ b/.github/workflows/label-support.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Close Issue - uses: peter-evans/close-issue@v2 + uses: peter-evans/close-issue@v3 if: contains(github.event.issue.labels.*.name, 'support') with: comment: | From 2f530b0cd479c1e07141f409afdd623b43179869 Mon Sep 17 00:00:00 2001 From: Stephen Chudleigh Date: Wed, 26 Apr 2023 01:21:31 -0700 Subject: [PATCH 04/23] Update elixir.yml Fixes the build error on the default build action and updates the Erlang/Elixir versions. --- ci/elixir.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ci/elixir.yml b/ci/elixir.yml index 371ff242ca..9890efd8dd 100644 --- a/ci/elixir.yml +++ b/ci/elixir.yml @@ -23,10 +23,10 @@ jobs: steps: - uses: actions/checkout@v3 - name: Set up Elixir - uses: erlef/setup-beam@988e02bfe678367a02564f65ca2e37726dc0268f + uses: erlef/setup-beam@v1 with: - elixir-version: '1.12.3' # Define the elixir version [required] - otp-version: '24.1' # Define the OTP version [required] + elixir-version: '1.14.4' # Define the elixir version [required] + otp-version: '25.3' # Define the OTP version [required] - name: Restore dependencies cache uses: actions/cache@v3 with: From feb7e20c136025f76bfdebf7a2be112faf3dd544 Mon Sep 17 00:00:00 2001 From: jcook36605 Date: Fri, 28 Apr 2023 17:23:42 -0400 Subject: [PATCH 05/23] Update maven.yml --- ci/maven.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/maven.yml b/ci/maven.yml index c553f73a03..f97113ef9e 100644 --- a/ci/maven.yml +++ b/ci/maven.yml @@ -21,10 +21,10 @@ jobs: steps: - uses: actions/checkout@v3 - - name: Set up JDK 11 + - name: Set up JDK 17 uses: actions/setup-java@v3 with: - java-version: '11' + java-version: '17' distribution: 'temurin' cache: maven - name: Build with Maven From 4c95f1b7e49b61adcfe16b906abc6955919baa4e Mon Sep 17 00:00:00 2001 From: Leo Kettmeir Date: Wed, 3 May 2023 12:17:51 +0200 Subject: [PATCH 06/23] Update denoland/setup-deno workflow --- ci/deno.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/deno.yml b/ci/deno.yml index 5ee940df1f..c48292e850 100644 --- a/ci/deno.yml +++ b/ci/deno.yml @@ -27,7 +27,7 @@ jobs: - name: Setup Deno # uses: denoland/setup-deno@v1 - uses: denoland/setup-deno@9db7f66e8e16b5699a514448ce994936c63f0d54 + uses: denoland/setup-deno@61fe2df320078202e33d7d5ad347e7dcfa0e8f31 with: deno-version: v1.x From ae3f875c790648b014466245a12e878375457506 Mon Sep 17 00:00:00 2001 From: Zonespace <41448081+Zonespace27@users.noreply.github.com> Date: Tue, 16 May 2023 08:50:17 -0700 Subject: [PATCH 07/23] Bumps python-package versions Deprecates 3.8 and adds 3.11 for the python versions to build --- ci/python-package.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/python-package.yml b/ci/python-package.yml index de579a3d4e..249ceef8bb 100644 --- a/ci/python-package.yml +++ b/ci/python-package.yml @@ -16,7 +16,7 @@ jobs: strategy: fail-fast: false matrix: - python-version: ["3.8", "3.9", "3.10"] + python-version: ["3.9", "3.10", "3.11"] steps: - uses: actions/checkout@v3 From b54241071aa42253f58aefd5d960e98471d97f37 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Batuhan=20Apayd=C4=B1n?= Date: Mon, 15 May 2023 21:44:39 +0300 Subject: [PATCH 08/23] use intermediate environment variables to avoid risks of script injection MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Batuhan Apaydın --- ci/docker-publish.yml | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/ci/docker-publish.yml b/ci/docker-publish.yml index d57b2f1bd3..4aaca04375 100644 --- a/ci/docker-publish.yml +++ b/ci/docker-publish.yml @@ -41,10 +41,9 @@ jobs: # https://github.com/sigstore/cosign-installer - name: Install cosign if: github.event_name != 'pull_request' - uses: sigstore/cosign-installer@f3c664df7af409cb4873aa5068053ba9d61a57b6 #v2.6.0 + uses: sigstore/cosign-installer@03d0fecf172873164a163bbc64bed0f3bf114ed7 #v3.4.0 with: - cosign-release: 'v1.13.1' - + cosign-release: 'v2.0.2' # Workaround: https://github.com/docker/build-push-action/issues/461 - name: Setup Docker buildx @@ -90,7 +89,9 @@ jobs: - name: Sign the published Docker image if: ${{ github.event_name != 'pull_request' }} env: - COSIGN_EXPERIMENTAL: "true" + # https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable + TAGS: ${{ steps.meta.outputs.tags }} + DIGEST: ${{ steps.build-and-push.outputs.digest }} # This step uses the identity token to provision an ephemeral certificate # against the sigstore community Fulcio instance. - run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign {}@${{ steps.build-and-push.outputs.digest }} + run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} From 5aa237a2b718234311cf2602f0251ef551ae19c6 Mon Sep 17 00:00:00 2001 From: Chad Bentz <1760475+felickz@users.noreply.github.com> Date: Tue, 30 May 2023 09:38:22 -0400 Subject: [PATCH 09/23] add descriptive name to trivy starter workflow --- code-scanning/trivy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/trivy.yml b/code-scanning/trivy.yml index 4a8fe41ed7..451f303fba 100644 --- a/code-scanning/trivy.yml +++ b/code-scanning/trivy.yml @@ -3,7 +3,7 @@ # separate terms of service, privacy policy, and support # documentation. -name: build +name: trivy on: push: From 02d32ccbc289bd4bcb46c0a8b1f51a4df4e1f74e Mon Sep 17 00:00:00 2001 From: Chad Bentz <1760475+felickz@users.noreply.github.com> Date: Tue, 30 May 2023 09:56:36 -0400 Subject: [PATCH 10/23] ubuntu runner upgrade to vNext --- code-scanning/trivy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/trivy.yml b/code-scanning/trivy.yml index 451f303fba..e4d38cd91d 100644 --- a/code-scanning/trivy.yml +++ b/code-scanning/trivy.yml @@ -24,7 +24,7 @@ jobs: security-events: write # for github/codeql-action/upload-sarif to upload SARIF results actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status name: Build - runs-on: "ubuntu-18.04" + runs-on: "ubuntu-20.04" steps: - name: Checkout code uses: actions/checkout@v3 From 82f55d00bdc01e81e34edf2ce29733c6f96f0ef1 Mon Sep 17 00:00:00 2001 From: Chad Bentz <1760475+felickz@users.noreply.github.com> Date: Thu, 8 Jun 2023 12:08:28 -0400 Subject: [PATCH 11/23] Bump DR to take advantage of latest features --- code-scanning/dependency-review.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/dependency-review.yml b/code-scanning/dependency-review.yml index fe461b4243..b0dedc42e0 100644 --- a/code-scanning/dependency-review.yml +++ b/code-scanning/dependency-review.yml @@ -17,4 +17,4 @@ jobs: - name: 'Checkout Repository' uses: actions/checkout@v3 - name: 'Dependency Review' - uses: actions/dependency-review-action@v2 + uses: actions/dependency-review-action@v3 From 2402be0dd2440854bd9c695066d297daaf836468 Mon Sep 17 00:00:00 2001 From: Chad Bentz <1760475+felickz@users.noreply.github.com> Date: Thu, 15 Jun 2023 16:46:40 -0400 Subject: [PATCH 12/23] Update code-scanning/codeql.yml Co-authored-by: Nick Liffen --- code-scanning/codeql.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/code-scanning/codeql.yml b/code-scanning/codeql.yml index 79a4a7c109..15398a7973 100644 --- a/code-scanning/codeql.yml +++ b/code-scanning/codeql.yml @@ -27,7 +27,8 @@ jobs: # https://gh.io/recommended-hardware-resources-for-running-codeql # https://gh.io/supported-runners-and-hardware-resources # https://gh.io/using-larger-runners - # to learn more. + # to learn more. + # Consider using larger runners for possible analysis time improvements. runs-on: ubuntu-latest permissions: actions: read From fcf8a26d9d738ab865ef0fa1413a579df8424b6f Mon Sep 17 00:00:00 2001 From: Dmitry Shibanov Date: Mon, 19 Jun 2023 11:47:56 +0200 Subject: [PATCH 13/23] bump go version and use single quotes --- ci/go.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/go.yml b/ci/go.yml index e89f6c9fbf..9f74f8704d 100644 --- a/ci/go.yml +++ b/ci/go.yml @@ -17,9 +17,9 @@ jobs: - uses: actions/checkout@v3 - name: Set up Go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: - go-version: 1.19 + go-version: '1.20' - name: Build run: go build -v ./... From c6191f3c154ba8fc2b63183ac0d8e67897ea3c23 Mon Sep 17 00:00:00 2001 From: Joe Mooring Date: Tue, 20 Jun 2023 22:39:07 -0700 Subject: [PATCH 14/23] Update Hugo version and switch to Dart Sass --- pages/hugo.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/pages/hugo.yml b/pages/hugo.yml index fd6c4b4631..8d9fc97244 100644 --- a/pages/hugo.yml +++ b/pages/hugo.yml @@ -31,14 +31,14 @@ jobs: build: runs-on: ubuntu-latest env: - HUGO_VERSION: 0.108.0 + HUGO_VERSION: 0.114.0 steps: - name: Install Hugo CLI run: | wget -O ${{ runner.temp }}/hugo.deb https://github.com/gohugoio/hugo/releases/download/v${HUGO_VERSION}/hugo_extended_${HUGO_VERSION}_linux-amd64.deb \ && sudo dpkg -i ${{ runner.temp }}/hugo.deb - - name: Install Dart Sass Embedded - run: sudo snap install dart-sass-embedded + - name: Install Dart Sass + run: sudo snap install dart-sass - name: Checkout uses: actions/checkout@v3 with: From 0c238aec84e18522e7befaa32ccb39537e7dc44d Mon Sep 17 00:00:00 2001 From: "James M. Greene" Date: Mon, 10 Jul 2023 23:00:03 -0500 Subject: [PATCH 15/23] Update all Pages starter workflows to use upload-pages-artifact@v2 --- pages/astro.yml | 2 +- pages/gatsby.yml | 2 +- pages/hugo.yml | 2 +- pages/jekyll-gh-pages.yml | 2 +- pages/jekyll.yml | 2 +- pages/mdbook.yml | 2 +- pages/nextjs.yml | 2 +- pages/nuxtjs.yml | 2 +- pages/static.yml | 2 +- 9 files changed, 9 insertions(+), 9 deletions(-) diff --git a/pages/astro.yml b/pages/astro.yml index 42789585f4..ccbae47b42 100644 --- a/pages/astro.yml +++ b/pages/astro.yml @@ -71,7 +71,7 @@ jobs: --base "${{ steps.pages.outputs.base_path }}" working-directory: ${{ env.BUILD_PATH }} - name: Upload artifact - uses: actions/upload-pages-artifact@v1 + uses: actions/upload-pages-artifact@v2 with: path: ${{ env.BUILD_PATH }}/dist diff --git a/pages/gatsby.yml b/pages/gatsby.yml index 1fe2d24de3..676740b61b 100644 --- a/pages/gatsby.yml +++ b/pages/gatsby.yml @@ -80,7 +80,7 @@ jobs: PREFIX_PATHS: 'true' run: ${{ steps.detect-package-manager.outputs.manager }} run build - name: Upload artifact - uses: actions/upload-pages-artifact@v1 + uses: actions/upload-pages-artifact@v2 with: path: ./public diff --git a/pages/hugo.yml b/pages/hugo.yml index fd6c4b4631..9e0fb88348 100644 --- a/pages/hugo.yml +++ b/pages/hugo.yml @@ -58,7 +58,7 @@ jobs: --minify \ --baseURL "${{ steps.pages.outputs.base_url }}/" - name: Upload artifact - uses: actions/upload-pages-artifact@v1 + uses: actions/upload-pages-artifact@v2 with: path: ./public diff --git a/pages/jekyll-gh-pages.yml b/pages/jekyll-gh-pages.yml index 851f2ce28f..044e34cdb1 100644 --- a/pages/jekyll-gh-pages.yml +++ b/pages/jekyll-gh-pages.yml @@ -36,7 +36,7 @@ jobs: source: ./ destination: ./_site - name: Upload artifact - uses: actions/upload-pages-artifact@v1 + uses: actions/upload-pages-artifact@v2 # Deployment job deploy: diff --git a/pages/jekyll.yml b/pages/jekyll.yml index 5adebe4e50..bd2f2e89ca 100644 --- a/pages/jekyll.yml +++ b/pages/jekyll.yml @@ -49,7 +49,7 @@ jobs: JEKYLL_ENV: production - name: Upload artifact # Automatically uploads an artifact from the './_site' directory by default - uses: actions/upload-pages-artifact@v1 + uses: actions/upload-pages-artifact@v2 # Deployment job deploy: diff --git a/pages/mdbook.yml b/pages/mdbook.yml index 78d664ebf0..0fae7a4a27 100644 --- a/pages/mdbook.yml +++ b/pages/mdbook.yml @@ -43,7 +43,7 @@ jobs: - name: Build with mdBook run: mdbook build - name: Upload artifact - uses: actions/upload-pages-artifact@v1 + uses: actions/upload-pages-artifact@v2 with: path: ./book diff --git a/pages/nextjs.yml b/pages/nextjs.yml index 81073e6ac1..308b76e319 100644 --- a/pages/nextjs.yml +++ b/pages/nextjs.yml @@ -78,7 +78,7 @@ jobs: - name: Static HTML export with Next.js run: ${{ steps.detect-package-manager.outputs.runner }} next export - name: Upload artifact - uses: actions/upload-pages-artifact@v1 + uses: actions/upload-pages-artifact@v2 with: path: ./out diff --git a/pages/nuxtjs.yml b/pages/nuxtjs.yml index ddf8f4f271..2951136868 100644 --- a/pages/nuxtjs.yml +++ b/pages/nuxtjs.yml @@ -73,7 +73,7 @@ jobs: - name: Static HTML export with Nuxt run: ${{ steps.detect-package-manager.outputs.manager }} run generate - name: Upload artifact - uses: actions/upload-pages-artifact@v1 + uses: actions/upload-pages-artifact@v2 with: path: ./dist diff --git a/pages/static.yml b/pages/static.yml index 43bec60eaf..31ac4283a2 100644 --- a/pages/static.yml +++ b/pages/static.yml @@ -34,7 +34,7 @@ jobs: - name: Setup Pages uses: actions/configure-pages@v3 - name: Upload artifact - uses: actions/upload-pages-artifact@v1 + uses: actions/upload-pages-artifact@v2 with: # Upload entire repository path: '.' From 356930494d1828026e574eb42892964e6b1ce089 Mon Sep 17 00:00:00 2001 From: Natalie Somersall Date: Wed, 12 Jul 2023 15:25:09 +0000 Subject: [PATCH 16/23] move gem workflow to ruby/setup-ruby, same as ruby --- ci/gem-push.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/ci/gem-push.yml b/ci/gem-push.yml index 8905272015..dd6d867397 100644 --- a/ci/gem-push.yml +++ b/ci/gem-push.yml @@ -17,7 +17,10 @@ jobs: steps: - uses: actions/checkout@v3 - name: Set up Ruby 2.6 - uses: actions/setup-ruby@v1 + # To automatically get bug fixes and new Ruby versions for ruby/setup-ruby, + # change this to (see https://github.com/ruby/setup-ruby#versioning): + # uses: ruby/setup-ruby@v1 + uses: ruby/setup-ruby@55283cc23133118229fd3f97f9336ee23a179fcf # v1.146.0 with: ruby-version: 2.6.x From 830d0c7c9dc9cb64457807f740440982e68a1a77 Mon Sep 17 00:00:00 2001 From: "James M. Greene" Date: Thu, 13 Jul 2023 09:30:22 -0500 Subject: [PATCH 17/23] Add comment containing friendly version number --- ci/deno.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/deno.yml b/ci/deno.yml index c48292e850..92338c9705 100644 --- a/ci/deno.yml +++ b/ci/deno.yml @@ -27,7 +27,7 @@ jobs: - name: Setup Deno # uses: denoland/setup-deno@v1 - uses: denoland/setup-deno@61fe2df320078202e33d7d5ad347e7dcfa0e8f31 + uses: denoland/setup-deno@61fe2df320078202e33d7d5ad347e7dcfa0e8f31 # v1.1.2 with: deno-version: v1.x From d0ceca4feaff32caa6d0957e1b1ae9314b619167 Mon Sep 17 00:00:00 2001 From: "James M. Greene" Date: Thu, 13 Jul 2023 09:36:51 -0500 Subject: [PATCH 18/23] Compress the comment --- code-scanning/codeql.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/code-scanning/codeql.yml b/code-scanning/codeql.yml index 15398a7973..18667cf50f 100644 --- a/code-scanning/codeql.yml +++ b/code-scanning/codeql.yml @@ -23,11 +23,10 @@ on: jobs: analyze: name: Analyze - # Runner size impacts CodeQL analysis time. Please see: - # https://gh.io/recommended-hardware-resources-for-running-codeql - # https://gh.io/supported-runners-and-hardware-resources - # https://gh.io/using-larger-runners - # to learn more. + # Runner size impacts CodeQL analysis time. To learn more, please see: + # - https://gh.io/recommended-hardware-resources-for-running-codeql + # - https://gh.io/supported-runners-and-hardware-resources + # - https://gh.io/using-larger-runners # Consider using larger runners for possible analysis time improvements. runs-on: ubuntu-latest permissions: From ec351ca4a9ea59041fccee4d2bbaf1fcf1a98e31 Mon Sep 17 00:00:00 2001 From: "James M. Greene" Date: Thu, 13 Jul 2023 09:39:44 -0500 Subject: [PATCH 19/23] Delete trailing whitespace --- code-scanning/codeql.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/code-scanning/codeql.yml b/code-scanning/codeql.yml index 660514a9c5..f53c061a3f 100644 --- a/code-scanning/codeql.yml +++ b/code-scanning/codeql.yml @@ -27,7 +27,7 @@ jobs: # - https://gh.io/recommended-hardware-resources-for-running-codeql # - https://gh.io/supported-runners-and-hardware-resources # - https://gh.io/using-larger-runners - # Consider using larger runners for possible analysis time improvements. + # Consider using larger runners for possible analysis time improvements. runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }} timeout-minutes: ${{ (matrix.language == 'swift' && 120) || 360 }} permissions: From a07603e5efb78778ca8291d20a54900f0024e0b8 Mon Sep 17 00:00:00 2001 From: "James M. Greene" Date: Thu, 13 Jul 2023 09:51:15 -0500 Subject: [PATCH 20/23] Update to latest cosign versions --- ci/docker-publish.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/docker-publish.yml b/ci/docker-publish.yml index 4aaca04375..31da0e37bf 100644 --- a/ci/docker-publish.yml +++ b/ci/docker-publish.yml @@ -41,9 +41,9 @@ jobs: # https://github.com/sigstore/cosign-installer - name: Install cosign if: github.event_name != 'pull_request' - uses: sigstore/cosign-installer@03d0fecf172873164a163bbc64bed0f3bf114ed7 #v3.4.0 + uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1 with: - cosign-release: 'v2.0.2' + cosign-release: 'v2.1.1' # Workaround: https://github.com/docker/build-push-action/issues/461 - name: Setup Docker buildx From cbe6296a3534c58492e4553dbc21063c347bbe7b Mon Sep 17 00:00:00 2001 From: "James M. Greene" Date: Thu, 13 Jul 2023 10:30:20 -0500 Subject: [PATCH 21/23] Update ci/elixir.yml --- ci/elixir.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/elixir.yml b/ci/elixir.yml index 9890efd8dd..a8513c17cf 100644 --- a/ci/elixir.yml +++ b/ci/elixir.yml @@ -23,7 +23,7 @@ jobs: steps: - uses: actions/checkout@v3 - name: Set up Elixir - uses: erlef/setup-beam@v1 + uses: erlef/setup-beam@61e01a43a562a89bfc54c7f9a378ff67b03e4a21 # v1.16.0 with: elixir-version: '1.14.4' # Define the elixir version [required] otp-version: '25.3' # Define the OTP version [required] From 49efc3d27f757ab3bb8e7ee7ee9233c32a27de77 Mon Sep 17 00:00:00 2001 From: "James M. Greene" Date: Thu, 13 Jul 2023 10:30:29 -0500 Subject: [PATCH 22/23] Update ci/elixir.yml --- ci/elixir.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ci/elixir.yml b/ci/elixir.yml index a8513c17cf..58f0b2783b 100644 --- a/ci/elixir.yml +++ b/ci/elixir.yml @@ -25,8 +25,8 @@ jobs: - name: Set up Elixir uses: erlef/setup-beam@61e01a43a562a89bfc54c7f9a378ff67b03e4a21 # v1.16.0 with: - elixir-version: '1.14.4' # Define the elixir version [required] - otp-version: '25.3' # Define the OTP version [required] + elixir-version: '1.15.2' # [Required] Define the Elixir version + otp-version: '26.0' # [Required] Define the Erlang/OTP version - name: Restore dependencies cache uses: actions/cache@v3 with: From 72d4aceb2f6ab012523440e972bab7b0e8747d95 Mon Sep 17 00:00:00 2001 From: "James M. Greene" Date: Thu, 13 Jul 2023 10:38:10 -0500 Subject: [PATCH 23/23] Bumping version to latest --- ci/gradle-publish.yml | 4 ++-- ci/gradle.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/ci/gradle-publish.yml b/ci/gradle-publish.yml index 326c3ca127..3e301337af 100644 --- a/ci/gradle-publish.yml +++ b/ci/gradle-publish.yml @@ -30,14 +30,14 @@ jobs: settings-path: ${{ github.workspace }} # location for the settings.xml file - name: Build with Gradle - uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 + uses: gradle/gradle-build-action@bd5760595778326ba7f1441bcf7e88b49de61a25 # v2.6.0 with: arguments: build # The USERNAME and TOKEN need to correspond to the credentials environment variables used in # the publishing section of your build.gradle - name: Publish to GitHub Packages - uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 + uses: gradle/gradle-build-action@bd5760595778326ba7f1441bcf7e88b49de61a25 # v2.6.0 with: arguments: publish env: diff --git a/ci/gradle.yml b/ci/gradle.yml index 461a705fc0..51645f9532 100644 --- a/ci/gradle.yml +++ b/ci/gradle.yml @@ -29,6 +29,6 @@ jobs: java-version: '11' distribution: 'temurin' - name: Build with Gradle - uses: gradle/gradle-build-action@749f47bda3e44aa060e82d7b3ef7e40d953bd629 + uses: gradle/gradle-build-action@bd5760595778326ba7f1441bcf7e88b49de61a25 # v2.6.0 with: arguments: build