diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index c88599d1..9e4743b6 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -10,7 +10,7 @@ ARG CLANG_VERSION=16 ARG DOCKER_VERSION=24.0.6 ARG MULL_VERSION=main ARG INCLUDE_WHAT_YOU_USE_VERSION=0.20 -ARG XWIN_VERSION=0.3.1 +ARG XWIN_VERSION=0.5.0 ARG DEBIAN_FRONTEND=noninteractive diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml index 5bee8925..ecba0821 100644 --- a/.github/workflows/build-push.yml +++ b/.github/workflows/build-push.yml @@ -56,7 +56,7 @@ jobs: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 + - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 id: build-and-push with: file: .devcontainer/Dockerfile @@ -69,12 +69,12 @@ jobs: provenance: true cache-from: type=gha cache-to: type=gha,mode=max - - uses: anchore/sbom-action@78fc58e266e87a38d4194b2137a3d4e9bcaf7ca1 # v0.14.3 + - uses: anchore/sbom-action@fd74a6fb98a204a1ad35bbfae0122c1a302ff88b # v0.15.0 if: ${{ steps.build-and-push.outputs.digest != '' && github.event_name != 'merge_group' }} with: image: ${{ env.REGISTRY }}/${{ github.repository }}@${{ steps.build-and-push.outputs.digest }} dependency-snapshot: true - - uses: actions/dependency-review-action@7bbfa034e752445ea40215fff1c3bf9597993d3f # v3.1.3 + - uses: actions/dependency-review-action@01bc87099ba56df1e897b6874784491ea6309bc4 # v3.1.4 if: ${{ github.event_name == 'pull_request' }} with: comment-summary-in-pr: on-failure diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a7d854c3..959e65a7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -24,7 +24,7 @@ jobs: # the checkout step for running our tests. - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - - uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 + - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 with: file: .devcontainer/Dockerfile load: true diff --git a/.github/workflows/linting-formatting.yml b/.github/workflows/linting-formatting.yml index 6c43d9fd..ceee7551 100644 --- a/.github/workflows/linting-formatting.yml +++ b/.github/workflows/linting-formatting.yml @@ -30,7 +30,7 @@ jobs: APPLY_FIXES: all VALIDATE_ALL_CODEBASE: true GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - uses: github/codeql-action/upload-sarif@66b90a5db151a8042fa97405c6cf843bbe433f7b # v2.22.7 + - uses: github/codeql-action/upload-sarif@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8 if: ${{ success() || failure() }} with: sarif_file: megalinter-reports/megalinter-report.sarif diff --git a/.github/workflows/prime-cache.yml b/.github/workflows/prime-cache.yml index d4135744..17493c01 100644 --- a/.github/workflows/prime-cache.yml +++ b/.github/workflows/prime-cache.yml @@ -18,7 +18,7 @@ jobs: steps: - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 - uses: docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0 - - uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 + - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 with: file: .devcontainer/Dockerfile platforms: linux/amd64,linux/arm64 diff --git a/.github/workflows/vulnerability-scan.yml b/.github/workflows/vulnerability-scan.yml index 9987e276..8869957a 100644 --- a/.github/workflows/vulnerability-scan.yml +++ b/.github/workflows/vulnerability-scan.yml @@ -19,7 +19,7 @@ jobs: with: image: ghcr.io/${{ github.repository }}:latest dockerfile: .devcontainer/Dockerfile - - uses: github/codeql-action/upload-sarif@66b90a5db151a8042fa97405c6cf843bbe433f7b # v2.22.7 + - uses: github/codeql-action/upload-sarif@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8 if: ${{ steps.scan.outputs.sarif != '' }} with: sarif_file: ${{ steps.scan.outputs.sarif }}