From 6925ff7d1805e0ddeead5f9373351a32a3428782 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 5 Nov 2024 13:35:18 +0000 Subject: [PATCH 1/4] Bump actions/cache from 3 to 4 Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/run_trivy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/run_trivy.yml b/.github/workflows/run_trivy.yml index 548cd92ad..18018e367 100644 --- a/.github/workflows/run_trivy.yml +++ b/.github/workflows/run_trivy.yml @@ -31,7 +31,7 @@ jobs: sha=$(gh api -H "${headers}" "${endpoint}" | jq --raw-output "${jqFilter}") echo "Trivy DB sha256:${sha}" echo "::set-output name=sha::${sha}" - - uses: actions/cache@v3 + - uses: actions/cache@v4 with: path: .trivy key: ${{ runner.os }}-trivy-db-${{ steps.trivy-db.outputs.sha }} From 0fc96c5f6c08722ba6525cb7376c1aef131c631f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 5 Nov 2024 13:35:21 +0000 Subject: [PATCH 2/4] Bump actions/checkout from 3 to 4 Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build_container_develop_branch.yml | 2 +- .github/workflows/build_container_non_develop_branch.yml | 2 +- .github/workflows/build_contributer_container.yml | 2 +- .github/workflows/build_package.yml | 2 +- .github/workflows/build_pull_request.yml | 2 +- .github/workflows/run_trivy.yml | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build_container_develop_branch.yml b/.github/workflows/build_container_develop_branch.yml index 211cc9cb9..822448338 100644 --- a/.github/workflows/build_container_develop_branch.yml +++ b/.github/workflows/build_container_develop_branch.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest if: ${{ github.event.workflow_run.conclusion == 'success' }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: 'Download artifact' uses: actions/github-script@v7 with: diff --git a/.github/workflows/build_container_non_develop_branch.yml b/.github/workflows/build_container_non_develop_branch.yml index a25f2ded9..189111ad5 100644 --- a/.github/workflows/build_container_non_develop_branch.yml +++ b/.github/workflows/build_container_non_develop_branch.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest if: ${{ github.event.workflow_run.conclusion == 'success' }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: 'Download artifact' uses: actions/github-script@v7 with: diff --git a/.github/workflows/build_contributer_container.yml b/.github/workflows/build_contributer_container.yml index d021318c1..79b029b51 100644 --- a/.github/workflows/build_contributer_container.yml +++ b/.github/workflows/build_contributer_container.yml @@ -19,7 +19,7 @@ jobs: github.event.workflow_run.event == 'pull_request' && github.event.workflow_run.conclusion == 'success' steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: 'Download artifact' uses: actions/github-script@v7 with: diff --git a/.github/workflows/build_package.yml b/.github/workflows/build_package.yml index b17201185..ea9a1714a 100644 --- a/.github/workflows/build_package.yml +++ b/.github/workflows/build_package.yml @@ -20,7 +20,7 @@ jobs: --health-timeout 5s --health-retries 5 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up JDK 11 uses: actions/setup-java@v2 with: diff --git a/.github/workflows/build_pull_request.yml b/.github/workflows/build_pull_request.yml index 9b463eb38..e9a2c3dc4 100644 --- a/.github/workflows/build_pull_request.yml +++ b/.github/workflows/build_pull_request.yml @@ -27,7 +27,7 @@ jobs: --health-timeout 5s --health-retries 5 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Set up JDK 11 uses: actions/setup-java@v2 with: diff --git a/.github/workflows/run_trivy.yml b/.github/workflows/run_trivy.yml index 548cd92ad..af0bab2ba 100644 --- a/.github/workflows/run_trivy.yml +++ b/.github/workflows/run_trivy.yml @@ -19,7 +19,7 @@ jobs: if: ${{ github.event.workflow_run.conclusion == 'success' }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - id: trivy-db name: Check trivy db sha env: From a4c84772f3f0c1d918de403976f01eaeb6dda5d0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 5 Nov 2024 13:35:24 +0000 Subject: [PATCH 3/4] Bump actions/setup-java from 2 to 4 Bumps [actions/setup-java](https://github.com/actions/setup-java) from 2 to 4. - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](https://github.com/actions/setup-java/compare/v2...v4) --- updated-dependencies: - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build_package.yml | 2 +- .github/workflows/build_pull_request.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build_package.yml b/.github/workflows/build_package.yml index b17201185..eb005c97e 100644 --- a/.github/workflows/build_package.yml +++ b/.github/workflows/build_package.yml @@ -22,7 +22,7 @@ jobs: steps: - uses: actions/checkout@v3 - name: Set up JDK 11 - uses: actions/setup-java@v2 + uses: actions/setup-java@v4 with: java-version: '11' distribution: 'adopt' diff --git a/.github/workflows/build_pull_request.yml b/.github/workflows/build_pull_request.yml index 9b463eb38..90e102d15 100644 --- a/.github/workflows/build_pull_request.yml +++ b/.github/workflows/build_pull_request.yml @@ -29,7 +29,7 @@ jobs: steps: - uses: actions/checkout@v3 - name: Set up JDK 11 - uses: actions/setup-java@v2 + uses: actions/setup-java@v4 with: java-version: '11' distribution: 'adopt' From 3c547cc2e4660ad63583a5ccedde0e3410fe1ad1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 5 Nov 2024 13:35:26 +0000 Subject: [PATCH 4/4] Bump github/codeql-action from 1 to 3 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v1...v3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/run_trivy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/run_trivy.yml b/.github/workflows/run_trivy.yml index 548cd92ad..d5c8cf552 100644 --- a/.github/workflows/run_trivy.yml +++ b/.github/workflows/run_trivy.yml @@ -49,6 +49,6 @@ jobs: - name: Fix .trivy permissions run: sudo chown -R $(stat . -c %u:%g) .trivy - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v1 + uses: github/codeql-action/upload-sarif@v3 with: sarif_file: 'trivy-results.sarif' \ No newline at end of file