From 2a7192163f2ade9a470d28063ac1a6e42a5793ed Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 Nov 2024 05:41:06 +0000 Subject: [PATCH] Bump the gh-patch group across 1 directory with 3 updates Bumps the gh-patch group with 3 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [actions/cache](https://github.com/actions/cache) and [anchore/sbom-action](https://github.com/anchore/sbom-action). Updates `actions/checkout` from 4.2.0 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/d632683dd7b4114ad314bca15554477dd762a938...11bd71901bbe5b1630ceea73d27597364c9af683) Updates `actions/cache` from 4.1.1 to 4.1.2 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/3624ceb22c1c5a301c8db4169662070a689d9ea8...6849a6489940f00c2f30c0fb92c6274307ccb58a) Updates `anchore/sbom-action` from 0.17.3 to 0.17.7 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](https://github.com/anchore/sbom-action/compare/f5e124a5e5e1d497a692818ae907d3c45829d033...fc46e51fd3cb168ffb36c6d1915723c47db58abb) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gh-patch - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gh-patch - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gh-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-publish.yaml | 2 +- .github/workflows/docs.yaml | 4 ++-- .github/workflows/e2e.yaml | 4 ++-- .github/workflows/helm-release.yaml | 2 +- .github/workflows/helm-test.yaml | 2 +- .github/workflows/ossf.yaml | 2 +- .github/workflows/release-runners.yaml | 4 ++-- .github/workflows/release.yaml | 4 ++-- .github/workflows/scan.yaml | 6 +++--- .github/workflows/targeted-test.yaml | 2 +- .github/workflows/test.yaml | 4 ++-- .github/workflows/verify.yaml | 2 +- 12 files changed, 19 insertions(+), 19 deletions(-) diff --git a/.github/workflows/build-and-publish.yaml b/.github/workflows/build-and-publish.yaml index b9f100b2..6a112f93 100644 --- a/.github/workflows/build-and-publish.yaml +++ b/.github/workflows/build-and-publish.yaml @@ -20,7 +20,7 @@ jobs: packages: write # needed for ghcr access steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.0.0 - name: Setup Go uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml index 2b75148d..d811c3a1 100644 --- a/.github/workflows/docs.yaml +++ b/.github/workflows/docs.yaml @@ -17,7 +17,7 @@ jobs: permissions: contents: write steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.0.0 - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: 3.x @@ -25,7 +25,7 @@ jobs: run: pip install mkdocs-material - name: Generate docs artifacts run: mkdocs build -d /tmp/docs - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.0.0 with: ref: gh-pages path: gh-pages diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index 6e0a0db1..99c1f3df 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.0.0 - name: Setup YQ uses: frenck/action-setup-yq@c4b5be8b4a215c536a41d436757d9feb92836d4f # v1.0.2 with: @@ -34,7 +34,7 @@ jobs: **/go.sum **/go.mod - name: Cache Docker layers - uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4.1.1 + uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 id: cache with: path: /tmp/.buildx-cache diff --git a/.github/workflows/helm-release.yaml b/.github/workflows/helm-release.yaml index b984ef15..b16e1cb0 100644 --- a/.github/workflows/helm-release.yaml +++ b/.github/workflows/helm-release.yaml @@ -13,7 +13,7 @@ jobs: id-token: write # needed for keyless signing packages: write # needed for ghcr access steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.0.0 - name: Publish Helm chart in GitHub Pages uses: stefanprodan/helm-gh-pages@0ad2bb377311d61ac04ad9eb6f252fb68e207260 # v1.7.0 with: diff --git a/.github/workflows/helm-test.yaml b/.github/workflows/helm-test.yaml index b69949b7..af7fc92c 100644 --- a/.github/workflows/helm-test.yaml +++ b/.github/workflows/helm-test.yaml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.0.0 with: fetch-depth: 0 diff --git a/.github/workflows/ossf.yaml b/.github/workflows/ossf.yaml index 8d23d619..7de7cc3c 100644 --- a/.github/workflows/ossf.yaml +++ b/.github/workflows/ossf.yaml @@ -20,7 +20,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.0.0 with: persist-credentials: false diff --git a/.github/workflows/release-runners.yaml b/.github/workflows/release-runners.yaml index 38e40734..d8e9e181 100644 --- a/.github/workflows/release-runners.yaml +++ b/.github/workflows/release-runners.yaml @@ -29,7 +29,7 @@ jobs: packages: write # needed for ghcr access steps: - name: Check out - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.0.0 - name: Setup QEMU uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 with: @@ -78,7 +78,7 @@ jobs: tf_version: [1.0.11, 1.1.9, 1.2.9, 1.3.9, 1.4.6, 1.5.5] steps: - name: Check out - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.0.0 - name: Setup QEMU uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0 with: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index bf330e48..72c8267b 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -26,7 +26,7 @@ jobs: packages: write # needed for ghcr access steps: - name: Check out - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.0.0 - name: Set up yq uses: frenck/action-setup-yq@c4b5be8b4a215c536a41d436757d9feb92836d4f # v1.0.2 with: @@ -36,7 +36,7 @@ jobs: - name: Setup Cosign uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0 - name: Setup Syft - uses: anchore/sbom-action/download-syft@f5e124a5e5e1d497a692818ae907d3c45829d033 # v0.17.3 + uses: anchore/sbom-action/download-syft@fc46e51fd3cb168ffb36c6d1915723c47db58abb # v0.17.7 - name: Prepare id: prep run: | diff --git a/.github/workflows/scan.yaml b/.github/workflows/scan.yaml index 9596b227..0a9c3d36 100644 --- a/.github/workflows/scan.yaml +++ b/.github/workflows/scan.yaml @@ -15,7 +15,7 @@ jobs: name: FOSSA runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.0.0 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.0.0 - name: Run FOSSA scan and upload build data uses: fossa-contrib/fossa-action@cdc5065bcdee31a32e47d4585df72d66e8e941c2 # v3.0.0 with: @@ -30,7 +30,7 @@ jobs: security-events: write # for codeQL to write security events steps: - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.0.0 - name: Setup Go uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: @@ -52,7 +52,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.0.0 - name: Build tofu-controller image run: | make docker-buildx diff --git a/.github/workflows/targeted-test.yaml b/.github/workflows/targeted-test.yaml index 6dbec90f..3f772c88 100644 --- a/.github/workflows/targeted-test.yaml +++ b/.github/workflows/targeted-test.yaml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.0.0 - name: Setup Go uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 0b8c4e0d..b61526a1 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -58,7 +58,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.0.0 - name: Setup Go uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: @@ -85,7 +85,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.0.0 - name: Setup Go uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: diff --git a/.github/workflows/verify.yaml b/.github/workflows/verify.yaml index 9f58f326..89217c3a 100644 --- a/.github/workflows/verify.yaml +++ b/.github/workflows/verify.yaml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.0.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.0.0 - name: Setup Go uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1 with: