Skip to content

Commit

Permalink
chore(deps): update workflows (#1205)
Browse files Browse the repository at this point in the history
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[actions/setup-python](https://redirect.github.com/actions/setup-python)
| action | minor | `v5.1.1` -> `v5.2.0` |
|
[actions/upload-artifact](https://redirect.github.com/actions/upload-artifact)
| action | minor | `v4.3.6` -> `v4.4.0` |
|
[github/codeql-action](https://redirect.github.com/github/codeql-action)
| action | patch | `v3.26.4` -> `v3.26.6` |
| [ruby/setup-ruby](https://redirect.github.com/ruby/setup-ruby) |
action | minor | `v1.190.0` -> `v1.191.0` |

---

### Release Notes

<details>
<summary>actions/setup-python (actions/setup-python)</summary>

###
[`v5.2.0`](https://redirect.github.com/actions/setup-python/compare/v5.1.1...v5.2.0)

[Compare
Source](https://redirect.github.com/actions/setup-python/compare/v5.1.1...v5.2.0)

</details>

<details>
<summary>actions/upload-artifact (actions/upload-artifact)</summary>

###
[`v4.4.0`](https://redirect.github.com/actions/upload-artifact/compare/v4.3.6...v4.4.0)

[Compare
Source](https://redirect.github.com/actions/upload-artifact/compare/v4.3.6...v4.4.0)

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.26.6`](https://redirect.github.com/github/codeql-action/compare/v3.26.5...v3.26.6)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.26.5...v3.26.6)

###
[`v3.26.5`](https://redirect.github.com/github/codeql-action/compare/v3.26.4...v3.26.5)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.26.4...v3.26.5)

</details>

<details>
<summary>ruby/setup-ruby (ruby/setup-ruby)</summary>

###
[`v1.191.0`](https://redirect.github.com/ruby/setup-ruby/releases/tag/v1.191.0)

[Compare
Source](https://redirect.github.com/ruby/setup-ruby/compare/v1.190.0...v1.191.0)

#### What's Changed

- Add ruby-3.3.5 by
[@&#8203;ruby-builder-bot](https://redirect.github.com/ruby-builder-bot)
in
[https://github.com/ruby/setup-ruby/pull/634](https://redirect.github.com/ruby/setup-ruby/pull/634)

**Full Changelog**:
ruby/setup-ruby@v1.190.0...v1.191.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 6am on monday" in timezone
Australia/Sydney, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/google/osv-scanner).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4yNi4xIiwidXBkYXRlZEluVmVyIjoiMzguNTkuMiIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIl19-->

Co-authored-by: Xueqin Cui <[email protected]>
  • Loading branch information
renovate-bot and cuixq authored Sep 11, 2024
1 parent 5402211 commit b9b1b98
Show file tree
Hide file tree
Showing 7 changed files with 22 additions and 22 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/checks.yml
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,7 @@ jobs:
with:
persist-credentials: false
- run: scripts/build_test_images.sh
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: image-fixtures-${{ github.run_number }}-${{ github.run_attempt }}
path: internal/image/fixtures/*.tar
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -48,7 +48,7 @@ jobs:
go-version-file: go.mod
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@f0f3afee809481da311ca3a6ff1ff51d81dbeb24 # v3.26.4
uses: github/codeql-action/init@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -59,7 +59,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@f0f3afee809481da311ca3a6ff1ff51d81dbeb24 # v3.26.4
uses: github/codeql-action/autobuild@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6

# ℹ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
Expand All @@ -73,4 +73,4 @@ jobs:
# make release

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@f0f3afee809481da311ca3a6ff1ff51d81dbeb24 # v3.26.4
uses: github/codeql-action/analyze@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
8 changes: 4 additions & 4 deletions .github/workflows/osv-scanner-reusable-pr.yml
Original file line number Diff line number Diff line change
Expand Up @@ -86,28 +86,28 @@ jobs:
# format to the repository Actions tab.
- name: "Upload artifact"
if: "!cancelled()"
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: SARIF file
path: ${{ inputs.results-file-name }}
retention-days: 5
- name: "Upload old scan json results"
if: "!cancelled()"
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: old-json-results
path: old-results.json
retention-days: 5
- name: "Upload new scan json results"
if: "!cancelled()"
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: new-json-results
path: new-results.json
retention-days: 5
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
if: ${{ !cancelled() && inputs.upload-sarif == true }}
uses: github/codeql-action/upload-sarif@f0f3afee809481da311ca3a6ff1ff51d81dbeb24 # v3.26.4
uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
with:
sarif_file: ${{ inputs.results-file-name }}
4 changes: 2 additions & 2 deletions .github/workflows/osv-scanner-reusable.yml
Original file line number Diff line number Diff line change
Expand Up @@ -83,14 +83,14 @@ jobs:
# format to the repository Actions tab.
- name: "Upload artifact"
if: "!cancelled()"
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: SARIF file
path: ${{ inputs.results-file-name }}
retention-days: 5
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
if: "${{ !cancelled() && inputs.upload-sarif == true }}"
uses: github/codeql-action/upload-sarif@f0f3afee809481da311ca3a6ff1ff51d81dbeb24 # v3.26.4
uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
with:
sarif_file: ${{ inputs.results-file-name }}
2 changes: 1 addition & 1 deletion .github/workflows/prerelease-check.yml
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ jobs:
with:
persist-credentials: false
- run: scripts/build_test_images.sh
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: image-fixtures-${{ github.run_number }}-${{ github.run_attempt }}
path: internal/image/fixtures/*.tar
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/scorecards.yml
Original file line number Diff line number Diff line change
Expand Up @@ -60,14 +60,14 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@f0f3afee809481da311ca3a6ff1ff51d81dbeb24 # v3.26.4
uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
with:
sarif_file: results.sarif
18 changes: 9 additions & 9 deletions .github/workflows/semantic.yml
Original file line number Diff line number Diff line change
Expand Up @@ -42,14 +42,14 @@ jobs:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
persist-credentials: false
- uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
with:
python-version: "3.10"
- run: dpkg --version
- run: python3 scripts/generators/generate-debian-versions.py
- run: git status
- run: stat debian-db.zip
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: generated-debian-versions
path: internal/semantic/fixtures/debian-versions-generated.txt
Expand All @@ -73,7 +73,7 @@ jobs:
extensions: zip
- run: php scripts/generators/generate-packagist-versions.php
- run: git status
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: generated-packagist-versions
path: internal/semantic/fixtures/packagist-versions-generated.txt
Expand All @@ -86,14 +86,14 @@ jobs:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
persist-credentials: false
- uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
- uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
with:
python-version: "3.10"
- name: setup dependencies
run: pip install packaging==21.3
- run: python3 scripts/generators/generate-pypi-versions.py
- run: git status
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: generated-pypi-versions
path: internal/semantic/fixtures/pypi-versions-generated.txt
Expand All @@ -106,14 +106,14 @@ jobs:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
persist-credentials: false
- uses: ruby/setup-ruby@a6e6f86333f0a2523ece813039b8b4be04560854 # v1.190.0
- uses: ruby/setup-ruby@52753b7da854d5c07df37391a986c76ab4615999 # v1.191.0
with:
ruby-version: "3.1"
- name: setup dependencies
run: gem install rubyzip
- run: ruby scripts/generators/generate-rubygems-versions.rb
- run: git status
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: generated-rubygems-versions
path: internal/semantic/fixtures/rubygems-versions-generated.txt
Expand All @@ -139,7 +139,7 @@ jobs:
-o scripts/generators/lib/maven-artifact-3.8.5.jar
- run: java -cp 'scripts/generators/lib/*' scripts/generators/GenerateMavenVersions.java
- run: git status
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: generated-maven-versions
path: internal/semantic/fixtures/maven-versions-generated.txt
Expand All @@ -157,7 +157,7 @@ jobs:
r-version: "3.5.3"
- run: Rscript scripts/generators/generate-cran-versions.R
- run: git status
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
- uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
with:
name: generated-cran-versions
path: internal/semantic/fixtures/cran-versions-generated.txt
Expand Down

0 comments on commit b9b1b98

Please sign in to comment.