From 38218d6fc23f6a8ba2cc72b04fa12c95fc7405a7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 24 Jan 2024 05:16:45 +0000 Subject: [PATCH] Chore(deps): Bump the github_actions_dependencies group with 4 updates Bumps the github_actions_dependencies group with 4 updates: [shivammathur/setup-php](https://github.com/shivammathur/setup-php), [actions/cache](https://github.com/actions/cache), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [github/codeql-action](https://github.com/github/codeql-action). Updates `shivammathur/setup-php` from 2.28.0 to 2.29.0 - [Release notes](https://github.com/shivammathur/setup-php/releases) - [Commits](https://github.com/shivammathur/setup-php/compare/e6f75134d35752277f093989e72e140eaa222f35...6d7209f44a25a59e904b1ee9f3b0c33ab2cd888d) Updates `actions/cache` from 3.3.2 to 4.0.0 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/704facf57e6136b1bc63b828d79edcd491f0ee84...13aacd865c20de90d75de3b17ebe84f7a17d57d2) Updates `actions/upload-artifact` from 3.1.3 to 4.3.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/a8a3f3ad30e3422c9c7b888a15615d19a852ae32...26f96dfa697d77e81fd5907df203aa23a56210a8) Updates `github/codeql-action` from 2.22.8 to 3.23.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v2.22.8...v3.23.1) --- updated-dependencies: - dependency-name: shivammathur/setup-php dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github_actions_dependencies - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major dependency-group: github_actions_dependencies - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major dependency-group: github_actions_dependencies - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github_actions_dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/main.yml | 28 ++++++++++++++-------------- .github/workflows/scorecard.yml | 4 ++-- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 761e024fc..33c1cf308 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -30,7 +30,7 @@ jobs: fetch-depth: '0' - name: Setup PHP, with composer and extensions - uses: shivammathur/setup-php@e6f75134d35752277f093989e72e140eaa222f35 # v2.28.0 + uses: shivammathur/setup-php@6d7209f44a25a59e904b1ee9f3b0c33ab2cd888d # v2.29.0 with: php-version: '8.3' tools: composer:v2 @@ -40,7 +40,7 @@ jobs: run: echo "CACHE_DIR=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT - name: Cache composer dependencies - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 + uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 with: path: ${{ steps.composer-cache.outputs.CACHE_DIR }} key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} @@ -75,7 +75,7 @@ jobs: fetch-depth: '0' - name: Setup PHP, with composer and extensions - uses: shivammathur/setup-php@e6f75134d35752277f093989e72e140eaa222f35 # v2.28.0 + uses: shivammathur/setup-php@6d7209f44a25a59e904b1ee9f3b0c33ab2cd888d # v2.29.0 with: php-version: '8.3' tools: composer:v2 @@ -85,7 +85,7 @@ jobs: run: echo "CACHE_DIR=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT - name: Cache composer dependencies - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 + uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 with: path: ${{ steps.composer-cache.outputs.CACHE_DIR }} key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} @@ -126,7 +126,7 @@ jobs: fetch-depth: '0' - name: Setup PHP, with composer and extensions - uses: shivammathur/setup-php@e6f75134d35752277f093989e72e140eaa222f35 # v2.28.0 + uses: shivammathur/setup-php@6d7209f44a25a59e904b1ee9f3b0c33ab2cd888d # v2.29.0 with: php-version: '8.3' tools: composer:v2 @@ -136,7 +136,7 @@ jobs: run: echo "CACHE_DIR=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT - name: Cache composer dependencies - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 + uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 with: path: ${{ steps.composer-cache.outputs.CACHE_DIR }} key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} @@ -178,13 +178,13 @@ jobs: run: make phpinsights - name: Archive Psalm results (psalm.json) - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: psalm.json path: ./build/psalm.json - name: Archive `phploc` results (phploc.json) - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: phploc.json path: ./build/phploc.json @@ -214,7 +214,7 @@ jobs: fetch-depth: '0' - name: Setup PHP, with composer and extensions - uses: shivammathur/setup-php@e6f75134d35752277f093989e72e140eaa222f35 # v2.28.0 + uses: shivammathur/setup-php@6d7209f44a25a59e904b1ee9f3b0c33ab2cd888d # v2.29.0 with: php-version: '8.3' extensions: pdo_mysql, mysql @@ -226,7 +226,7 @@ jobs: run: echo "CACHE_DIR=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT - name: Cache composer dependencies - uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2 + uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 with: path: ${{ steps.composer-cache.outputs.CACHE_DIR }} key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }} @@ -290,25 +290,25 @@ jobs: run: make phpmetrics - name: Archive code coverage results (clover.xml) - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: clover.xml path: ./build/logs/clover.xml - name: Archive code coverage results (junit.xml) - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: junit.xml path: ./build/logs/junit.xml - name: Archive Code Coverage - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: PhpMetrics path: ./build/report - name: Archive PhpMetrics results - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: PhpMetrics path: ./build/phpmetrics diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 00caffa36..7367c084c 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -61,7 +61,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: SARIF file path: results.sarif @@ -69,6 +69,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@v2.22.8 + uses: github/codeql-action/upload-sarif@v3.23.1 with: sarif_file: results.sarif