From 2e6aaff4d55e407258058d937315604995a63c33 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 13 Jun 2024 15:50:19 +0000 Subject: [PATCH] github: bump the github-dependencies group with 2 updates Bumps the github-dependencies group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/checkout` from 4.1.6 to 4.1.7 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/a5ac7e51b41094c92402da3b24376905380afc29...692973e3d937129bcbf40652eb9f2f61becf3332) Updates `github/codeql-action` from 3.25.8 to 3.25.10 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/2e230e8fe0ad3a14a340ad0815ddb96d599d2aff...23acc5c183826b7a8a97bce3cecc52db901f8251) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-dependencies - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/build-nix.yml | 2 +- .github/workflows/build.yml | 16 ++++++++-------- .github/workflows/codespell.yml | 2 +- .github/workflows/docs.yml | 2 +- .github/workflows/release.yml | 6 +++--- .github/workflows/scorecards.yml | 4 ++-- 6 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/build-nix.yml b/.github/workflows/build-nix.yml index 70d7b4ff12..6d5d9189dd 100644 --- a/.github/workflows/build-nix.yml +++ b/.github/workflows/build-nix.yml @@ -19,7 +19,7 @@ jobs: name: flake check steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 with: fetch-depth: 0 - uses: DeterminateSystems/nix-installer-action@7993355175c2765e5733dae74f3e0786fe0e5c4f diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index b8200f0116..52aea9f231 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -37,7 +37,7 @@ jobs: timeout-minutes: 15 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # The default version of gpg installed on the runners is a version baked in with git # which only contains the components needed by git and doesn't work for our test cases. @@ -81,7 +81,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - name: Install Rust uses: dtolnay/rust-toolchain@1482605bfc5719782e1267fd0c0cc350fe7646b8 @@ -94,7 +94,7 @@ jobs: name: Check protos runs-on: ubuntu-latest steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - uses: dtolnay/rust-toolchain@1482605bfc5719782e1267fd0c0cc350fe7646b8 with: toolchain: stable @@ -108,7 +108,7 @@ jobs: name: Check formatting runs-on: ubuntu-latest steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - uses: dtolnay/rust-toolchain@1482605bfc5719782e1267fd0c0cc350fe7646b8 with: toolchain: nightly @@ -119,7 +119,7 @@ jobs: name: Check that MkDocs can build the docs runs-on: ubuntu-latest steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d with: python-version: 3.11 @@ -136,7 +136,7 @@ jobs: name: Check that MkDocs can build the docs with Poetry 1.8 runs-on: ubuntu-latest steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d with: python-version: 3.11 @@ -167,7 +167,7 @@ jobs: continue-on-error: ${{ matrix.checks == 'advisories' }} steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - uses: EmbarkStudios/cargo-deny-action@3f4a782664881cf5725d0ffd23969fcce89fd868 with: command: check ${{ matrix.checks }} @@ -178,7 +178,7 @@ jobs: checks: write runs-on: ubuntu-latest steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - uses: dtolnay/rust-toolchain@1482605bfc5719782e1267fd0c0cc350fe7646b8 with: toolchain: stable diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml index 4bf658c8df..8ea24aab05 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/codespell.yml @@ -13,7 +13,7 @@ jobs: name: Codespell runs-on: ubuntu-latest steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - uses: codespell-project/actions-codespell@94259cd8be02ad2903ba34a22d9c13de21a74461 with: check_filenames: true diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index b960f12a47..605ce0ec0b 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -16,7 +16,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - run: "git fetch origin gh-pages --depth=1" - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 530922a7c1..3090a7b1ac 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -37,7 +37,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout repository - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - name: Install packages (Ubuntu) if: matrix.os == 'ubuntu-24.04' run: | @@ -96,7 +96,7 @@ jobs: run: | sudo apt-get update sudo apt-get install -y --no-install-recommends xz-utils liblz4-tool musl-tools - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d with: python-version: 3.11 @@ -127,7 +127,7 @@ jobs: contents: write steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 - run: "git fetch origin gh-pages --depth=1" - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d with: diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 9667e68dab..6eab471ddb 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -21,7 +21,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 with: persist-credentials: false @@ -46,6 +46,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff + uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 with: sarif_file: results.sarif