From 0642da65e09c6a05d1c52e0365652afb0877dcac Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 16 Oct 2024 19:57:51 +0000 Subject: [PATCH] build(deps): bump the actions group across 1 directory with 5 updates (#572) * build(deps): bump the actions group across 1 directory with 5 updates Bumps the actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.2.0` | `4.2.1` | | [actions/cache](https://github.com/actions/cache) | `4.1.0` | `4.1.1` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `3.1.3` | `4.4.3` | | [coverallsapp/github-action](https://github.com/coverallsapp/github-action) | `2.3.0` | `2.3.2` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.26.12` | `3.26.13` | Updates `actions/checkout` from 4.2.0 to 4.2.1 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/d632683dd7b4114ad314bca15554477dd762a938...eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871) Updates `actions/cache` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/2cdf405574d6ef1f33a1d12acccd3ae82f47b3f2...3624ceb22c1c5a301c8db4169662070a689d9ea8) Updates `actions/upload-artifact` from 3.1.3 to 4.4.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v3.1.3...b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882) Updates `coverallsapp/github-action` from 2.3.0 to 2.3.2 - [Release notes](https://github.com/coverallsapp/github-action/releases) - [Commits](https://github.com/coverallsapp/github-action/compare/643bc377ffa44ace6394b2b5d0d3950076de9f63...43f11c4e058174f808ee9cd63701b6c42fe3f5e3) Updates `github/codeql-action` from 3.26.12 to 3.26.13 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/c36620d31ac7c881962c3d9dd939c40ec9434f2b...f779452ac5af1c261dce0346a8f964149f49322b) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: coverallsapp/github-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] * Fix conflicting package names Signed-off-by: Alan Jowett --------- Signed-off-by: dependabot[bot] Signed-off-by: Alan Jowett Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Alan Jowett --- .github/workflows/dependency-review.yml | 2 +- .github/workflows/fuzzing.yml | 10 +++++----- .github/workflows/main.yml | 7 +------ .github/workflows/posix.yml | 20 ++++++++++---------- .github/workflows/scorecards.yml | 6 +++--- .github/workflows/update-docs.yml | 2 +- .github/workflows/windows.yml | 13 ++++++++----- 7 files changed, 29 insertions(+), 31 deletions(-) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 5c03af260..7b0990bcf 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -22,6 +22,6 @@ jobs: egress-policy: audit - name: 'Checkout Repository' - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: 'Dependency Review' uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4 diff --git a/.github/workflows/fuzzing.yml b/.github/workflows/fuzzing.yml index 45b59a62a..f5e60dc83 100644 --- a/.github/workflows/fuzzing.yml +++ b/.github/workflows/fuzzing.yml @@ -28,7 +28,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: submodules: 'recursive' @@ -37,7 +37,7 @@ jobs: run: echo "VALUE=platform-${{ matrix.platform }}_arch=${{ matrix.arch }}_type=fuzzing" >> $GITHUB_OUTPUT - name: Update the cache (ccache) - uses: actions/cache@2cdf405574d6ef1f33a1d12acccd3ae82f47b3f2 # v4.1.0 + uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4.1.1 with: path: ccache key: ${{ steps.cache_key.outputs.VALUE }}_ccache @@ -107,12 +107,12 @@ jobs: --build build - name: Upload fuzzer as artifacts - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: fuzzer path: build/bin/ubpf_fuzzer - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: submodules: 'recursive' ref: fuzz/corpus @@ -147,7 +147,7 @@ jobs: - name: Upload artifacts if: always() - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: fuzzing-artifacts path: artifacts/ diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 6507e8a34..8cf335379 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -44,7 +44,6 @@ jobs: with: platform: windows-2019 build_type: RelWithDebInfo - upload_packages: true disable_retpolines: true windows_debug: @@ -52,14 +51,12 @@ jobs: with: platform: windows-2019 build_type: Debug - upload_packages: true windows_debug_no_retpolines: uses: ./.github/workflows/windows.yml with: platform: windows-2019 build_type: Debug - upload_packages: true disable_retpolines: true macos_release: @@ -76,7 +73,6 @@ jobs: arch: x86_64 platform: macos-latest build_type: RelWithDebInfo - upload_packages: true disable_retpolines: true macos_release_coverage: @@ -267,7 +263,6 @@ jobs: arch: arm64 platform: ubuntu-latest build_type: Debug - upload_packages: true linux_debug_coverage: uses: ./.github/workflows/posix.yml @@ -373,7 +368,7 @@ jobs: egress-policy: audit - name: Coveralls Finished - uses: coverallsapp/github-action@643bc377ffa44ace6394b2b5d0d3950076de9f63 # v2.3.0 + uses: coverallsapp/github-action@43f11c4e058174f808ee9cd63701b6c42fe3f5e3 # v2.3.2 with: github-token: ${{ secrets.github_token }} parallel-finished: true diff --git a/.github/workflows/posix.yml b/.github/workflows/posix.yml index 5fc5da1f2..f29648f06 100644 --- a/.github/workflows/posix.yml +++ b/.github/workflows/posix.yml @@ -65,13 +65,13 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: submodules: 'recursive' - name: Initialize CodeQL if: inputs.build_codeql == true - uses: github/codeql-action/init@c36620d31ac7c881962c3d9dd939c40ec9434f2b + uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b with: languages: 'cpp' @@ -80,7 +80,7 @@ jobs: run: echo "VALUE=platform-${{ inputs.platform }}_arch=${{ inputs.arch }}_type-${{ inputs.build_type }}_sanitizers-${{ inputs.enable_sanitizers }}_coverage-${{ inputs.enable_coverage }}_scan_build-${{ inputs.scan_build }}_retpolines-${{ inputs.disable_retpolines }}" >> $GITHUB_OUTPUT - name: Update the cache (ccache) - uses: actions/cache@2cdf405574d6ef1f33a1d12acccd3ae82f47b3f2 # v4.1.0 + uses: actions/cache@3624ceb22c1c5a301c8db4169662070a689d9ea8 # v4.1.1 with: path: ccache key: ${{ steps.cache_key.outputs.VALUE }}_ccache @@ -173,7 +173,7 @@ jobs: - name: Upload scan-build report if: inputs.scan_build == true - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 with: name: scan-build_report path: ${{github.workspace}}/scan_build_report @@ -211,7 +211,7 @@ jobs: - name: Coveralls Parallel if: inputs.enable_coverage == true - uses: coverallsapp/github-action@643bc377ffa44ace6394b2b5d0d3950076de9f63 # v2.3.0 + uses: coverallsapp/github-action@43f11c4e058174f808ee9cd63701b6c42fe3f5e3 # v2.3.2 with: github-token: ${{ secrets.github_token }} flag-name: run-${{inputs.build_type}}-${{inputs.platform}}-${{inputs.arch}} @@ -274,7 +274,7 @@ jobs: - name: Upload the DEB package if: inputs.upload_packages == true && inputs.platform == 'ubuntu-latest' - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 with: name: linux_deb_package path: ${{ steps.package_locations.outputs.REL_DEB_PACKAGE_PATH }} @@ -282,7 +282,7 @@ jobs: - name: Upload the RPM package if: inputs.upload_packages == true && inputs.platform == 'ubuntu-latest' - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 with: name: linux_rpm_package path: ${{ steps.package_locations.outputs.REL_RPM_PACKAGE_PATH }} @@ -290,7 +290,7 @@ jobs: - name: Upload the Linux TGZ package if: inputs.upload_packages == true && inputs.platform == 'ubuntu-latest' - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 with: name: linux_tgz_package path: ${{ steps.package_locations.outputs.REL_TGZ_PACKAGE_PATH }} @@ -298,7 +298,7 @@ jobs: - name: Upload the macOS TGZ package if: inputs.upload_packages == true && inputs.platform == 'macos-latest' - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 with: name: macos_tgz_package path: ${{ steps.package_locations.outputs.REL_TGZ_PACKAGE_PATH }} @@ -306,4 +306,4 @@ jobs: - name: Perform CodeQL Analysis if: inputs.build_codeql == true - uses: github/codeql-action/analyze@c36620d31ac7c881962c3d9dd939c40ec9434f2b + uses: github/codeql-action/analyze@f779452ac5af1c261dce0346a8f964149f49322b diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index e0ab01984..ed7838077 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -36,7 +36,7 @@ jobs: egress-policy: audit - name: "Checkout code" - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: persist-credentials: false @@ -63,7 +63,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: SARIF file path: results.sarif @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12 + uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 with: sarif_file: results.sarif diff --git a/.github/workflows/update-docs.yml b/.github/workflows/update-docs.yml index c4e3cba65..ad7984ffd 100644 --- a/.github/workflows/update-docs.yml +++ b/.github/workflows/update-docs.yml @@ -38,7 +38,7 @@ jobs: run: | sudo apt install doxygen - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Clone docs run: | diff --git a/.github/workflows/windows.yml b/.github/workflows/windows.yml index 064389820..2387f9ec2 100644 --- a/.github/workflows/windows.yml +++ b/.github/workflows/windows.yml @@ -20,16 +20,19 @@ on: type: string upload_packages: - required: true + required: false type: boolean + default: false build_codeql: required: false type: boolean + default: false disable_retpolines: required: false type: boolean + default: false permissions: contents: read @@ -48,13 +51,13 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: submodules: 'recursive' - name: Initialize CodeQL if: inputs.build_codeql == true - uses: github/codeql-action/init@c36620d31ac7c881962c3d9dd939c40ec9434f2b + uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b with: languages: 'cpp' @@ -105,7 +108,7 @@ jobs: - name: Upload the Windows TGZ package if: inputs.upload_packages == true - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 with: name: windows_tgz_package path: ${{ steps.package_locations.outputs.REL_TGZ_PACKAGE_PATH }} @@ -113,4 +116,4 @@ jobs: - name: Perform CodeQL Analysis if: inputs.build_codeql == true - uses: github/codeql-action/analyze@c36620d31ac7c881962c3d9dd939c40ec9434f2b + uses: github/codeql-action/analyze@f779452ac5af1c261dce0346a8f964149f49322b