From 1499250fada92d6921cdf2896fe60432a75cc46a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 16 Jan 2025 07:42:14 +0000 Subject: [PATCH] chore(deps): bump the github-actions group across 1 directory with 7 updates Bumps the github-actions group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/setup-go](https://github.com/actions/setup-go) | `5.1.0` | `5.2.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.10.0` | `6.12.0` | | [smlx/ccv](https://github.com/smlx/ccv) | `0.9.0` | `0.10.0` | | [vladopajic/go-test-coverage](https://github.com/vladopajic/go-test-coverage) | `2.11.0` | `2.11.1` | | [wagoid/commitlint-github-action](https://github.com/wagoid/commitlint-github-action) | `6.1.2` | `6.2.1` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.27.5` | `3.28.1` | | [advanced-security/sbom-generator-action](https://github.com/advanced-security/sbom-generator-action) | `0.0.1` | `0.0.2` | Updates `actions/setup-go` from 5.1.0 to 5.2.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed...3041bf56c941b39c61721a86cd11f3bb1338122a) Updates `docker/build-push-action` from 6.10.0 to 6.12.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/48aba3b46d1b1fec4febb7c5d0c644b249a11355...67a2d409c0a876cbe6b11854e3e25193efe4e62d) Updates `smlx/ccv` from 0.9.0 to 0.10.0 - [Release notes](https://github.com/smlx/ccv/releases) - [Changelog](https://github.com/smlx/ccv/blob/main/.goreleaser.yaml) - [Commits](https://github.com/smlx/ccv/compare/d3de774e9b607b079940a7a86952f44643743336...7318e2f25a52dcd550e75384b84983973251a1f8) Updates `vladopajic/go-test-coverage` from 2.11.0 to 2.11.1 - [Release notes](https://github.com/vladopajic/go-test-coverage/releases) - [Commits](https://github.com/vladopajic/go-test-coverage/compare/661e46779fd602ce29d4a4e32fb3a27bce71903c...efb6737ee1bdb4b2180a000b2f9a309a0fbaef8a) Updates `wagoid/commitlint-github-action` from 6.1.2 to 6.2.1 - [Changelog](https://github.com/wagoid/commitlint-github-action/blob/master/CHANGELOG.md) - [Commits](https://github.com/wagoid/commitlint-github-action/compare/3d28780bbf0365e29b144e272b2121204d5be5f3...b948419dd99f3fd78a6548d48f94e3df7f6bf3ed) Updates `github/codeql-action` from 3.27.5 to 3.28.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/f09c1c0a94de965c15400f5634aa42fac8fb8f88...b6a472f63d85b9c78a3ac5e89422239fc15e9b3c) Updates `advanced-security/sbom-generator-action` from 0.0.1 to 0.0.2 - [Release notes](https://github.com/advanced-security/sbom-generator-action/releases) - [Commits](https://github.com/advanced-security/sbom-generator-action/compare/375dee8e6144d9fd0ec1f5667b4f6fb4faacefed...6fe43abf522b2e7a19bc769aec1e6c848614b517) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: smlx/ccv dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: vladopajic/go-test-coverage dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: wagoid/commitlint-github-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: advanced-security/sbom-generator-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yaml | 6 +++--- .github/workflows/coverage.yaml | 4 ++-- .github/workflows/lint.yaml | 4 ++-- .github/workflows/ossf-analysis.yaml | 2 +- .github/workflows/release.yaml | 6 +++--- .github/workflows/test.yaml | 2 +- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index c123189..e7ae298 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -20,7 +20,7 @@ jobs: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ github.event.pull_request.head.sha }} - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: stable - run: echo "GOVERSION=$(go version)" >> "$GITHUB_ENV" @@ -45,7 +45,7 @@ jobs: - run: echo "GITHUB_REPOSITORY_NAME=$(basename ${{ github.repository }})" >> "$GITHUB_ENV" - name: Build and push ${{ matrix.binary }} container image if: github.actor != 'dependabot[bot]' - uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 + uses: docker/build-push-action@67a2d409c0a876cbe6b11854e3e25193efe4e62d # v6.12.0 with: push: true tags: ${{ steps.docker_metadata.outputs.tags }} @@ -62,7 +62,7 @@ jobs: with: fetch-depth: 0 - id: ccv - uses: smlx/ccv@d3de774e9b607b079940a7a86952f44643743336 # v0.9.0 + uses: smlx/ccv@7318e2f25a52dcd550e75384b84983973251a1f8 # v0.10.0 with: write-tag: false - run: | diff --git a/.github/workflows/coverage.yaml b/.github/workflows/coverage.yaml index e286702..7b27d87 100644 --- a/.github/workflows/coverage.yaml +++ b/.github/workflows/coverage.yaml @@ -11,14 +11,14 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: stable - name: Calculate coverage run: | go test -v -covermode=atomic -coverprofile=cover.out -coverpkg=./... ./... - name: Generage coverage badge - uses: vladopajic/go-test-coverage@661e46779fd602ce29d4a4e32fb3a27bce71903c # v2.11.0 + uses: vladopajic/go-test-coverage@efb6737ee1bdb4b2180a000b2f9a309a0fbaef8a # v2.11.1 with: profile: cover.out local-prefix: github.com/${{ github.repository }} diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 0605232..01577ae 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: stable - uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1 @@ -26,7 +26,7 @@ jobs: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - - uses: wagoid/commitlint-github-action@3d28780bbf0365e29b144e272b2121204d5be5f3 # v6.1.2 + - uses: wagoid/commitlint-github-action@b948419dd99f3fd78a6548d48f94e3df7f6bf3ed # v6.2.1 with: configFile: .github/commitlint.config.mjs lint-actions: diff --git a/.github/workflows/ossf-analysis.yaml b/.github/workflows/ossf-analysis.yaml index 81f4a12..599d7da 100644 --- a/.github/workflows/ossf-analysis.yaml +++ b/.github/workflows/ossf-analysis.yaml @@ -26,6 +26,6 @@ jobs: # of the value entered here. publish_results: true - name: Upload SARIF results to code scanning - uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 + uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1 with: sarif_file: results.sarif diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index ff1bb45..fa043d2 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -18,7 +18,7 @@ jobs: fetch-depth: 0 - name: Bump tag if necessary id: ccv - uses: smlx/ccv@d3de774e9b607b079940a7a86952f44643743336 # v0.9.0 + uses: smlx/ccv@7318e2f25a52dcd550e75384b84983973251a1f8 # v0.10.0 release-build: permissions: # create release @@ -36,7 +36,7 @@ jobs: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: stable - name: Login to GHCR @@ -47,7 +47,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Set up environment run: echo "GOVERSION=$(go version)" >> "$GITHUB_ENV" - - uses: advanced-security/sbom-generator-action@375dee8e6144d9fd0ec1f5667b4f6fb4faacefed # v0.0.1 + - uses: advanced-security/sbom-generator-action@6fe43abf522b2e7a19bc769aec1e6c848614b517 # v0.0.2 id: sbom env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index f1afa1c..2f2fb1a 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -13,7 +13,7 @@ jobs: - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: ${{ github.event.pull_request.head.sha }} - - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: stable - run: go test -v ./...