From 8ac9ca15a30b916c0990e03525378f6c8ef9ef4b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Jan 2024 08:49:23 -0600 Subject: [PATCH] :seedling: Bump the github-actions group with 4 updates (#3794) Bumps the github-actions group with 4 updates: [tj-actions/changed-files](https://github.com/tj-actions/changed-files), [actions/cache](https://github.com/actions/cache), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [actions/download-artifact](https://github.com/actions/download-artifact). Updates `tj-actions/changed-files` from 41.0.1 to 41.1.1 - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](https://github.com/tj-actions/changed-files/compare/716b1e13042866565e00e85fd4ec490e186c4a2f...62f4729b5df35e6e0e01265fa70a82ccaf196b4b) Updates `actions/cache` from 3.3.2 to 3.3.3 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/704facf57e6136b1bc63b828d79edcd491f0ee84...e12d46a63a90f2fae62d114769bbf2a179198b5c) Updates `actions/upload-artifact` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/c7d193f32edcb7bfad88892161225aeda64e9392...1eb3cb2b3e0f29609092a73eb033bb759a334595) Updates `actions/download-artifact` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/f44cd7b40bfd40b6aa1cc1b9b5b7bf03d3c67110...6b208ae046db98c579e8a3aa621ab581ff575935) --- updated-dependencies: - dependency-name: tj-actions/changed-files dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/docker.yml | 2 +- .github/workflows/gitlab.yml | 2 +- .github/workflows/integration.yml | 2 +- .github/workflows/main.yml | 10 +++++----- .github/workflows/scorecard-analysis.yml | 2 +- .github/workflows/slsa-goreleaser.yml | 4 ++-- 6 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index c7c21e31..cb17b1d2 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -40,7 +40,7 @@ jobs: fetch-depth: 2 # needed to diff changed files - id: files name: Get changed files - uses: tj-actions/changed-files@716b1e13042866565e00e85fd4ec490e186c4a2f #v41.0.1 + uses: tj-actions/changed-files@62f4729b5df35e6e0e01265fa70a82ccaf196b4b #v41.1.1 with: files_ignore: '**.md' - id: docs_only_check diff --git a/.github/workflows/gitlab.yml b/.github/workflows/gitlab.yml index aa5821ba..be76c2cc 100644 --- a/.github/workflows/gitlab.yml +++ b/.github/workflows/gitlab.yml @@ -52,7 +52,7 @@ jobs: echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT" - name: Cache builds # https://github.com/mvdan/github-actions-golang#how-do-i-set-up-caching-between-builds - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 #v3.3.2 + uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c #v3.3.3 with: path: | ${{ steps.go-cache-paths.outputs.go-build }} diff --git a/.github/workflows/integration.yml b/.github/workflows/integration.yml index d1184386..cc376bf5 100644 --- a/.github/workflows/integration.yml +++ b/.github/workflows/integration.yml @@ -63,7 +63,7 @@ jobs: echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT" - name: Cache builds # https://github.com/mvdan/github-actions-golang#how-do-i-set-up-caching-between-builds - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 #v3.3.2 + uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c #v3.3.3 with: path: | ${{ steps.go-cache-paths.outputs.go-build }} diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index e3eda191..78f0e36e 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -54,7 +54,7 @@ jobs: echo "go-mod=$(go env GOMODCACHE)" >> "$GITHUB_OUTPUT" - name: Cache builds # https://github.com/mvdan/github-actions-golang#how-do-i-set-up-caching-between-builds - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 #v3.3.2 + uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c #v3.3.3 with: path: | ${{ steps.go-cache-paths.outputs.go-build }} @@ -106,7 +106,7 @@ jobs: repo-token: ${{ secrets.GITHUB_TOKEN }} - name: Cache builds # https://github.com/mvdan/github-actions-golang#how-do-i-set-up-caching-between-builds - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 + uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c # v3.3.3 with: path: | ~/go/pkg/mod @@ -226,7 +226,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Cache builds # https://github.com/mvdan/github-actions-golang#how-do-i-set-up-caching-between-builds - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 + uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c # v3.3.3 with: path: | ~/go/pkg/mod @@ -266,7 +266,7 @@ jobs: - name: Cache builds # https://github.com/mvdan/github-actions-golang#how-do-i-set-up-caching-between-builds - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 + uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c # v3.3.3 with: path: | ~/go/pkg/mod @@ -313,7 +313,7 @@ jobs: repo-token: ${{ secrets.GITHUB_TOKEN }} - name: Cache builds # https://github.com/mvdan/github-actions-golang#how-do-i-set-up-caching-between-builds - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 + uses: actions/cache@e12d46a63a90f2fae62d114769bbf2a179198b5c # v3.3.3 with: path: | ~/go/pkg/mod diff --git a/.github/workflows/scorecard-analysis.yml b/.github/workflows/scorecard-analysis.yml index abb2e068..b0da8874 100644 --- a/.github/workflows/scorecard-analysis.yml +++ b/.github/workflows/scorecard-analysis.yml @@ -40,7 +40,7 @@ jobs: # https://docs.github.com/en/actions/advanced-guides/storing-workflow-data-as-artifacts # Optional. - name: "Upload artifact" - uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v3 + uses: actions/upload-artifact@1eb3cb2b3e0f29609092a73eb033bb759a334595 # v3 with: name: SARIF file path: results.sarif diff --git a/.github/workflows/slsa-goreleaser.yml b/.github/workflows/slsa-goreleaser.yml index 669b591b..6b584eb1 100644 --- a/.github/workflows/slsa-goreleaser.yml +++ b/.github/workflows/slsa-goreleaser.yml @@ -47,12 +47,12 @@ jobs: uses: slsa-framework/slsa-verifier/actions/installer@v2.4.1 - name: Download the artifact - uses: actions/download-artifact@f44cd7b40bfd40b6aa1cc1b9b5b7bf03d3c67110 # v4.1.0 + uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 with: name: "${{ needs.build.outputs.go-binary-name }}.intoto.jsonl" - name: Download the artifact - uses: actions/download-artifact@f44cd7b40bfd40b6aa1cc1b9b5b7bf03d3c67110 # v4.1.0 + uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 with: name: ${{ needs.build.outputs.go-binary-name }}