From 0d0abff0b1be0a1277f6676802cc10acc8cd0740 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 14 Oct 2024 10:05:54 +0200 Subject: [PATCH] Bump actions/checkout from 4.2.0 to 4.2.1 (#1305) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.0 to 4.2.1. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/d632683dd7b4114ad314bca15554477dd762a938...eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/add-remove-new-fulcio.yaml | 2 +- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/fulcio-rekor-kind.yaml | 6 +++--- .github/workflows/prober-test.yml | 2 +- .github/workflows/release.yaml | 2 +- .github/workflows/terraform.yml | 6 +++--- .github/workflows/test-action-tuf.yaml | 4 ++-- .github/workflows/test-release.yaml | 2 +- .github/workflows/verify.yml | 6 +++--- 9 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/add-remove-new-fulcio.yaml b/.github/workflows/add-remove-new-fulcio.yaml index 5465be5f9..b5d9cb1e0 100644 --- a/.github/workflows/add-remove-new-fulcio.yaml +++ b/.github/workflows/add-remove-new-fulcio.yaml @@ -55,7 +55,7 @@ jobs: check-latest: true - name: Check out our repo - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: path: ./src/github.com/sigstore/scaffolding diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 20ff1e2a2..79880d726 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -28,7 +28,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Filter paths uses: dorny/paths-filter@v3 diff --git a/.github/workflows/fulcio-rekor-kind.yaml b/.github/workflows/fulcio-rekor-kind.yaml index 71cf69bc1..8b9f0a9a8 100644 --- a/.github/workflows/fulcio-rekor-kind.yaml +++ b/.github/workflows/fulcio-rekor-kind.yaml @@ -46,7 +46,7 @@ jobs: steps: - name: Check out our repo - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: path: ./src/github.com/sigstore/scaffolding @@ -178,7 +178,7 @@ jobs: # Test with cosign in 'airgapped mode' # Uncomment these once modified cosign goes in. #- name: Checkout modified cosign for testing. - # uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + # uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 # with: # repository: vaikas/cosign # ref: air-gap @@ -200,7 +200,7 @@ jobs: # ./cosign verify --rekor-url ${{ env.REKOR_URL }} --allow-insecure-registry ${{ env.demoimage }} - name: Checkout TSA for testing. - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: repository: sigstore/timestamp-authority path: ./src/github.com/sigstore/timestamp-authority diff --git a/.github/workflows/prober-test.yml b/.github/workflows/prober-test.yml index 7945a942a..56cdaff0d 100644 --- a/.github/workflows/prober-test.yml +++ b/.github/workflows/prober-test.yml @@ -20,7 +20,7 @@ jobs: contents: read steps: - name: 'Checkout' - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Set up Go uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 6ba57429c..829c5ad2b 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -21,7 +21,7 @@ jobs: steps: - name: Check out code onto GOPATH - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: fetch-depth: 1 path: ./src/github.com/${{ github.repository }} diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 37f8ea405..3e6be4798 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -21,7 +21,7 @@ jobs: steps: - name: 'Checkout' - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v2.0.0 with: @@ -41,7 +41,7 @@ jobs: steps: - name: 'Checkout' - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v2.0.0 with: @@ -70,7 +70,7 @@ jobs: steps: - name: 'Checkout' - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: tfsec uses: tfsec/tfsec-sarif-action@21ded20e8ca120cd9d3d6ab04ef746477542a608 # v0.1.0 diff --git a/.github/workflows/test-action-tuf.yaml b/.github/workflows/test-action-tuf.yaml index 85ed44805..9b831bb07 100644 --- a/.github/workflows/test-action-tuf.yaml +++ b/.github/workflows/test-action-tuf.yaml @@ -38,7 +38,7 @@ jobs: steps: - name: Checkout the current action - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Test running the action uses: ./actions/setup with: @@ -88,7 +88,7 @@ jobs: --certificate-oidc-issuer "https://kubernetes.default.svc.cluster.local" - name: Checkout TSA for testing. - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: repository: sigstore/timestamp-authority path: ./src/github.com/sigstore/timestamp-authority diff --git a/.github/workflows/test-release.yaml b/.github/workflows/test-release.yaml index 8758c2823..109bdeec5 100644 --- a/.github/workflows/test-release.yaml +++ b/.github/workflows/test-release.yaml @@ -139,7 +139,7 @@ jobs: --certificate-oidc-issuer "https://kubernetes.default.svc.cluster.local" - name: Checkout TSA for testing. - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: repository: sigstore/timestamp-authority path: ./src/github.com/sigstore/timestamp-authority diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml index b7854d2e1..45893c064 100644 --- a/.github/workflows/verify.yml +++ b/.github/workflows/verify.yml @@ -13,7 +13,7 @@ jobs: name: license boilerplate check runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: @@ -33,7 +33,7 @@ jobs: name: Shellcheck runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Run ShellCheck uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # v2.0.0 @@ -42,7 +42,7 @@ jobs: name: lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: