Skip to content

Commit 55d4e8d

Browse files
dependabot[bot]dependabot[bot]
authored
update: bump the gh-actions-packages group across 1 directory with 12 updates (#403)
1 parent 0d424f7 commit 55d4e8d

File tree

8 files changed

+55
-55
lines changed

8 files changed

+55
-55
lines changed

.github/workflows/.reusable-build.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -63,7 +63,7 @@ jobs:
6363
build_labels: ${{ steps.get_context.outputs.build_labels }}
6464
steps:
6565
- name: Checkout code
66-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
66+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
6767
- name: Get context
6868
id: get_context
6969
uses: ./.github/actions/context
@@ -79,7 +79,7 @@ jobs:
7979
packages: write
8080
steps:
8181
- name: Checkout code
82-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
82+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
8383
- name: Build semgr8s
8484
id: build
8585
uses: ./.github/actions/build

.github/workflows/.reusable-compliance.yml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ jobs:
2222
security-events: write
2323
steps:
2424
- name: Checkout code
25-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
25+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2626
with:
2727
persist-credentials: false
2828
- name: Analyze
@@ -33,7 +33,7 @@ jobs:
3333
repo_token: ${{ secrets.SCORECARD_TOKEN }}
3434
publish_results: false #TODO: reactivate when working again
3535
- name: Upload
36-
uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
36+
uses: github/codeql-action/upload-sarif@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3
3737
with:
3838
sarif_file: results.sarif
3939

@@ -49,9 +49,9 @@ jobs:
4949
pull-requests: write
5050
steps:
5151
- name: Checkout code
52-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
52+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
5353
- name: Review
54-
uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4
54+
uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0
5555
with:
5656
comment-summary-in-pr: always
5757

@@ -63,7 +63,7 @@ jobs:
6363
permissions: {}
6464
steps:
6565
- name: Checkout code
66-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
66+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
6767
with:
6868
ref: ${{ github.event.pull_request.head.sha }} # Otherwise will checkout merge commit, which isn't conform
6969
fetch-depth: ${{ github.event.pull_request.commits }} # Fetch all commits of the MR, but only those

.github/workflows/.reusable-docs.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ jobs:
2020
contents: write
2121
steps:
2222
- name: Checkout code
23-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
23+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2424
with:
2525
fetch-depth: 0
2626
- name: Set release env
@@ -30,11 +30,11 @@ jobs:
3030
git config user.name "versioning_user"
3131
git config user.email "[email protected]"
3232
- name: Install python
33-
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
33+
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
3434
with:
3535
python-version-file: '.python-version'
3636
- name: Install poetry
37-
uses: snok/install-poetry@93ada01c735cc8a383ce0ce2ae205a21c415379b # v1.3.4
37+
uses: snok/install-poetry@76e04a911780d5b312d89783f7b1cd627778900a # v1.4.1
3838
with:
3939
version: 1.8.3
4040
virtualenvs-create: false

.github/workflows/.reusable-integration-test.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -46,7 +46,7 @@ jobs:
4646
]
4747
steps:
4848
- name: Checkout code
49-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
49+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
5050
- name: Login with registry
5151
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
5252
with:
@@ -102,7 +102,7 @@ jobs:
102102
]
103103
steps:
104104
- name: Checkout code
105-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
105+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
106106
- name: Login with registry
107107
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
108108
with:
@@ -157,7 +157,7 @@ jobs:
157157
]
158158
steps:
159159
- name: Checkout code
160-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
160+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
161161
- name: Login with registry
162162
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
163163
with:
@@ -212,7 +212,7 @@ jobs:
212212
]
213213
steps:
214214
- name: Checkout code
215-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
215+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
216216
- name: Login with registry
217217
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
218218
with:

.github/workflows/.reusable-sast.yml

Lines changed: 26 additions & 26 deletions
Original file line numberDiff line numberDiff line change
@@ -25,13 +25,13 @@ jobs:
2525
security-events: write
2626
steps:
2727
- name: Checkout code
28-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
28+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2929
- name: Install python
30-
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
30+
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
3131
with:
3232
python-version-file: '.python-version'
3333
- name: Install poetry
34-
uses: snok/install-poetry@93ada01c735cc8a383ce0ce2ae205a21c415379b # v1.3.4
34+
uses: snok/install-poetry@76e04a911780d5b312d89783f7b1cd627778900a # v1.4.1
3535
with:
3636
version: 1.8.3
3737
virtualenvs-create: false
@@ -48,7 +48,7 @@ jobs:
4848
run: bandit -r -f sarif -o bandit-results.sarif semgr8s/ --exit-zero
4949
- name: Upload
5050
if: inputs.output == 'sarif'
51-
uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
51+
uses: github/codeql-action/upload-sarif@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3
5252
with:
5353
sarif_file: 'bandit-results.sarif'
5454

@@ -60,13 +60,13 @@ jobs:
6060
inputs.skip != 'all'
6161
steps:
6262
- name: Checkout code
63-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
63+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
6464
- name: Install python
65-
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
65+
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
6666
with:
6767
python-version-file: '.python-version'
6868
- name: Install poetry
69-
uses: snok/install-poetry@93ada01c735cc8a383ce0ce2ae205a21c415379b # v1.3.4
69+
uses: snok/install-poetry@76e04a911780d5b312d89783f7b1cd627778900a # v1.4.1
7070
with:
7171
version: 1.8.3
7272
virtualenvs-create: false
@@ -89,7 +89,7 @@ jobs:
8989
security-events: write
9090
steps:
9191
- name: Checkout code
92-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
92+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
9393
- name: Render Helm charts
9494
run: |
9595
rm -rf tests # remove 'tests' folder from scan
@@ -99,22 +99,22 @@ jobs:
9999
shell: bash
100100
- name: Scan
101101
if: inputs.output == 'table'
102-
uses: bridgecrewio/checkov-action@f34d0f0acd8974b1655797c684ecd907aa3ef929 # v12.2837.0
102+
uses: bridgecrewio/checkov-action@5c5ef32fa4ed5765cb8f4894203edd314f284f61 # v12.2947.0
103103
with:
104104
skip_check: CKV_DOCKER_2
105105
output_format: cli
106106
soft_fail: false
107107
- name: Scan
108108
if: inputs.output == 'sarif'
109-
uses: bridgecrewio/checkov-action@f34d0f0acd8974b1655797c684ecd907aa3ef929 # v12.2837.0
109+
uses: bridgecrewio/checkov-action@5c5ef32fa4ed5765cb8f4894203edd314f284f61 # v12.2947.0
110110
with:
111111
skip_check: CKV_DOCKER_2
112112
output_file_path: console,checkov-results.sarif
113113
output_format: cli,sarif
114114
soft_fail: true
115115
- name: Upload
116116
if: inputs.output == 'sarif'
117-
uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
117+
uses: github/codeql-action/upload-sarif@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3
118118
with:
119119
sarif_file: checkov-results.sarif
120120

@@ -129,13 +129,13 @@ jobs:
129129
pull-requests: read
130130
steps:
131131
- name: Checkout repository
132-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
132+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
133133
- name: Initialize CodeQL
134-
uses: github/codeql-action/init@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
134+
uses: github/codeql-action/init@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3
135135
with:
136136
languages: 'python'
137137
- name: Analyze
138-
uses: github/codeql-action/analyze@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
138+
uses: github/codeql-action/analyze@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3
139139

140140
hadolint:
141141
runs-on: ubuntu-latest
@@ -147,7 +147,7 @@ jobs:
147147
security-events: write
148148
steps:
149149
- name: Checkout code
150-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
150+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
151151
- name: Scan
152152
uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
153153
if: inputs.output == 'table'
@@ -164,7 +164,7 @@ jobs:
164164
no-fail: true
165165
output-file: hadolint-results.sarif
166166
- name: Upload
167-
uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
167+
uses: github/codeql-action/upload-sarif@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3
168168
if: inputs.output == 'sarif'
169169
with:
170170
sarif_file: 'hadolint-results.sarif'
@@ -179,16 +179,16 @@ jobs:
179179
security-events: write
180180
steps:
181181
- name: Checkout code
182-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
182+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
183183
- name: Scan
184-
uses: stackrox/kube-linter-action@5792edc6a03735d592b13c08201711327a935735 # v1.0.5
184+
uses: stackrox/kube-linter-action@15786eefcc8f5441d767d923b108abe5f7dd8882 # v1.0.6
185185
if: inputs.output == 'table'
186186
with:
187187
config: .kube-linter/config.yaml
188188
directory: charts/semgr8s
189189
format: plain
190190
- name: Scan
191-
uses: stackrox/kube-linter-action@5792edc6a03735d592b13c08201711327a935735 # v1.0.5
191+
uses: stackrox/kube-linter-action@15786eefcc8f5441d767d923b108abe5f7dd8882 # v1.0.6
192192
if: inputs.output == 'sarif'
193193
continue-on-error: true
194194
with:
@@ -197,7 +197,7 @@ jobs:
197197
format: sarif
198198
output-file: kubelinter-results.sarif
199199
- name: Upload
200-
uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
200+
uses: github/codeql-action/upload-sarif@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3
201201
if: inputs.output == 'sarif'
202202
with:
203203
sarif_file: 'kubelinter-results.sarif'
@@ -209,13 +209,13 @@ jobs:
209209
inputs.skip != 'all'
210210
steps:
211211
- name: Checkout code
212-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
212+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
213213
- name: Install python
214-
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
214+
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
215215
with:
216216
python-version-file: '.python-version'
217217
- name: Install poetry
218-
uses: snok/install-poetry@93ada01c735cc8a383ce0ce2ae205a21c415379b # v1.3.4
218+
uses: snok/install-poetry@76e04a911780d5b312d89783f7b1cd627778900a # v1.4.1
219219
with:
220220
version: 1.8.3
221221
virtualenvs-create: false
@@ -241,15 +241,15 @@ jobs:
241241
SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }}
242242
steps:
243243
- name: Checkout code
244-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
244+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
245245
- name: Scan
246246
if: inputs.output == 'table'
247247
run: semgrep ci --config=auto --suppress-errors --text
248248
- name: Scan
249249
if: inputs.output == 'sarif'
250250
run: semgrep ci --config=auto --suppress-errors --sarif --output=semgrep-results.sarif || exit 0
251251
- name: Upload
252-
uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
252+
uses: github/codeql-action/upload-sarif@dd196fa9ce80b6bacc74ca1c32bd5b0ba22efca7 # v3.28.3
253253
if: inputs.output == 'sarif'
254254
with:
255255
sarif_file: semgrep-results.sarif
@@ -265,7 +265,7 @@ jobs:
265265
security-events: write
266266
steps:
267267
- name: Checkout code
268-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
268+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
269269
- name: Run Trivy
270270
uses: ./.github/actions/trivy-config
271271
with:

.github/workflows/.reusable-sca.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ jobs:
4141
image: docker:stable
4242
steps:
4343
- name: Checkout code
44-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
44+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
4545
- name: Run
4646
uses: ./.github/actions/trivy-image
4747
with:
@@ -64,7 +64,7 @@ jobs:
6464
image: docker:stable
6565
steps:
6666
- name: Checkout code
67-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
67+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
6868
- name: Run
6969
uses: ./.github/actions/grype
7070
with:
@@ -93,7 +93,7 @@ jobs:
9393
username: ${{ inputs.repo_owner }}
9494
password: ${{ secrets.GITHUB_TOKEN }}
9595
- name: Run
96-
uses: anchore/sbom-action@d94f46e13c6c62f59525ac9a1e147a99dc0b9bf5 # v0.17.0
96+
uses: anchore/sbom-action@df80a981bc6edbc4e220a492d3cbe9f5547a6e75 # v0.17.9
9797
with:
9898
image: ${{ inputs.image }}
9999
format: cyclonedx-json

.github/workflows/.reusable-unit-test.yml

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -19,11 +19,11 @@ jobs:
1919
if: inputs.skip != 'all'
2020
steps:
2121
- name: Checkout code
22-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
22+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2323
- name: Set up Docker buildx
24-
uses: docker/setup-buildx-action@aa33708b10e362ff993539393ff100fa93ed6a27 # v3.5.0
24+
uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
2525
- name: Build test image
26-
uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0
26+
uses: docker/build-push-action@67a2d409c0a876cbe6b11854e3e25193efe4e62d # v6.12.0
2727
with:
2828
push: false
2929
load: true
@@ -38,15 +38,15 @@ jobs:
3838
run: docker run --rm -t -v ${PWD}/tests/:/app/tests/ semgr8s:tester pytest --cov-report=term-missing:skip-covered --junitxml=tests/pytest.xml --cov=semgr8s tests/ | tee tests/pytest-coverage.txt
3939
- name: Coverage comment
4040
id: comment
41-
uses: MishaKav/pytest-coverage-comment@fa1c641d7e3fa1d98ed95d5f658ccd638b774628 # v1.1.52
41+
uses: MishaKav/pytest-coverage-comment@81882822c5b22af01f91bd3eacb1cefb6ad73dc2 # v1.1.53
4242
if: |
4343
github.event_name == 'pull_request' &&
4444
inputs.skip != 'non-required'
4545
with:
4646
pytest-coverage-path: tests/pytest-coverage.txt
4747
junitxml-path: tests/pytest.xml
4848
- name: Publish Test Report
49-
uses: mikepenz/action-junit-report@db71d41eb79864e25ab0337e395c352e84523afe # v4.3.1
49+
uses: mikepenz/action-junit-report@62516aa379bff6370c95fd5894d5a27fb6619d9b # v5.2.0
5050
if: success() || failure() # always run even if the previous step fails
5151
with:
5252
report_paths: 'tests/pytest.xml'
@@ -59,13 +59,13 @@ jobs:
5959
inputs.skip != 'all'
6060
steps:
6161
- name: Checkout code
62-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
62+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
6363
- name: Install python
64-
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
64+
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
6565
with:
6666
python-version-file: '.python-version'
6767
- name: Install poetry
68-
uses: snok/install-poetry@93ada01c735cc8a383ce0ce2ae205a21c415379b # v1.3.4
68+
uses: snok/install-poetry@76e04a911780d5b312d89783f7b1cd627778900a # v1.4.1
6969
with:
7070
version: 1.8.3
7171
virtualenvs-create: false
@@ -88,13 +88,13 @@ jobs:
8888
inputs.skip != 'all'
8989
steps:
9090
- name: Checkout code
91-
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
91+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
9292
- name: Install python
93-
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
93+
uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0
9494
with:
9595
python-version-file: '.python-version'
9696
- name: Install poetry
97-
uses: snok/install-poetry@93ada01c735cc8a383ce0ce2ae205a21c415379b # v1.3.4
97+
uses: snok/install-poetry@76e04a911780d5b312d89783f7b1cd627778900a # v1.4.1
9898
with:
9999
version: 1.8.3
100100
virtualenvs-create: false

0 commit comments

Comments
 (0)