From da11b56694d62a3ae8280d8b34eaa780d2f0d715 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 12 Sep 2024 19:53:03 +0000 Subject: [PATCH] Bump the github-actions group across 1 directory with 13 updates Bumps the github-actions group with 13 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/setup-python](https://github.com/actions/setup-python) | `5.1.0` | `5.2.0` | | [actions/setup-node](https://github.com/actions/setup-node) | `4.0.2` | `4.0.3` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.3` | `4.4.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4.1.7` | `4.1.8` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.3.0` | `3.6.1` | | [docker/login-action](https://github.com/docker/login-action) | `3.2.0` | `3.3.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.2.0` | `6.7.0` | | [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) | `1.9.0` | `1.10.1` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `6.1.0` | `7.0.2` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.0.6` | `2.0.8` | | [reviewdog/action-suggester](https://github.com/reviewdog/action-suggester) | `1.15.0` | `1.17.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.3.3` | `2.4.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.25.11` | `3.26.6` | Updates `actions/setup-python` from 5.1.0 to 5.2.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/82c7e631bb3cdc910f68e0081d67478d79c6982d...f677139bbe7f9c59b41e40162b753c062f5d49a3) Updates `actions/setup-node` from 4.0.2 to 4.0.3 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/60edb5dd545a775178f52524783378180af0d1f8...1e60f620b9541d16bece96c5465dc8ee9832be0b) Updates `actions/upload-artifact` from 4.3.3 to 4.4.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/65462800fd760344b1a7b4382951275a0abb4808...50769540e7f4bd5e21e526ee35c689e35e0d6874) Updates `actions/download-artifact` from 4.1.7 to 4.1.8 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/65a9edc5881444af0b9093a5e628f2fe47ea3b2e...fa0a91b85d4f404e444e00e005971372dc801d16) Updates `docker/setup-buildx-action` from 3.3.0 to 3.6.1 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/d70bba72b1f3fd22344832f00baa16ece964efeb...988b5a0280414f521da01fcc63a27aeeb4b104db) Updates `docker/login-action` from 3.2.0 to 3.3.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/0d4c9c5ea7693da7b068278f7b52bda2a190a446...9780b0c442fbb1117ed29e0efdff1e18412f7567) Updates `docker/build-push-action` from 6.2.0 to 6.7.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/15560696de535e4014efeff63c48f16952e52dd1...5cd11c3a4ced054e52742c5fd54dca954e0edd85) Updates `pypa/gh-action-pypi-publish` from 1.9.0 to 1.10.1 - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](https://github.com/pypa/gh-action-pypi-publish/compare/ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0...0ab0b79471669eb3a4d647e625009c62f9f3b241) Updates `peter-evans/create-pull-request` from 6.1.0 to 7.0.2 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/c5a7806660adbe173f04e3e038b0ccdcd758773c...d121e62763d8cc35b5fb1710e887d6e69a52d3a4) Updates `softprops/action-gh-release` from 2.0.6 to 2.0.8 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/a74c6b72af54cfa997e81df42d94703d6313a2d0...c062e08bd532815e2082a85e87e3ef29c3e6d191) Updates `reviewdog/action-suggester` from 1.15.0 to 1.17.0 - [Release notes](https://github.com/reviewdog/action-suggester/releases) - [Commits](https://github.com/reviewdog/action-suggester/compare/a1d57ff096639094e0ba35ef3039e79316364796...63b8f8cc21dfa052ac44436e65ed31edcffcb6c1) Updates `ossf/scorecard-action` from 2.3.3 to 2.4.0 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/dc50aa9510b46c811795eb24b2f1ba02a914e534...62b2cac7ed8198b15735ed49ab1e5cf35480ba46) Updates `github/codeql-action` from 3.25.11 to 3.26.6 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/b611370bb5703a7efb587f9d136a52ea24c5c38c...4dd16135b69a43b6c8efb853346f8437d92d3c93) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: pypa/gh-action-pypi-publish dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: reviewdog/action-suggester dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/api.yml | 8 +- .github/workflows/benchmarks.yml | 4 +- .github/workflows/build.arm64.yml | 24 +++--- .github/workflows/build.yml | 130 ++++++++++++++--------------- .github/workflows/release.note.yml | 2 +- .github/workflows/release.yml | 6 +- .github/workflows/reviewdog.yml | 8 +- .github/workflows/scorecard.yml | 6 +- 8 files changed, 94 insertions(+), 94 deletions(-) diff --git a/.github/workflows/api.yml b/.github/workflows/api.yml index 60b0f61c7..d9db867cc 100644 --- a/.github/workflows/api.yml +++ b/.github/workflows/api.yml @@ -23,7 +23,7 @@ jobs: version: ['tensorflow:tensorflow-io-nightly', 'tf-nightly:tensorflow-io', 'tf-nightly:tensorflow-io-nightly'] steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: ${{ matrix.python }} - run: | @@ -66,7 +66,7 @@ jobs: version: ['tensorflow:tensorflow-io-nightly', 'tf-nightly:tensorflow-io', 'tf-nightly:tensorflow-io-nightly'] steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: ${{ matrix.python }} - name: Setup Linux @@ -121,10 +121,10 @@ jobs: version: ['tensorflow:tensorflow-io-nightly', 'tf-nightly:tensorflow-io', 'tf-nightly:tensorflow-io-nightly'] steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: ${{ matrix.python }} - - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 + - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: node-version: '8.x' - name: Setup Windows diff --git a/.github/workflows/benchmarks.yml b/.github/workflows/benchmarks.yml index 5ce00d202..fddb92fa9 100644 --- a/.github/workflows/benchmarks.yml +++ b/.github/workflows/benchmarks.yml @@ -20,7 +20,7 @@ jobs: version: ['tensorflow:tensorflow-io-nightly', 'tensorflow:tensorflow-io'] steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: ${{ matrix.python }} - name: Setup macOS @@ -61,7 +61,7 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: ${{ matrix.python }} - name: Setup Linux diff --git a/.github/workflows/build.arm64.yml b/.github/workflows/build.arm64.yml index e638756fc..4e84c25af 100644 --- a/.github/workflows/build.arm64.yml +++ b/.github/workflows/build.arm64.yml @@ -18,7 +18,7 @@ jobs: run: | set -x -e bash -e .github/workflows/build.bazel.sh python3 - - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: ${{ runner.os }}-arm64-bazel-bin path: | @@ -37,7 +37,7 @@ jobs: python: ['3.9', '3.10', '3.11', '3.12'] steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ runner.os }}-arm64-bazel-bin path: bazel-bin @@ -63,7 +63,7 @@ jobs: cp $f wheelhouse done ls wheelhouse/* - - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: ${{ runner.os }}-arm64-${{ matrix.python }}-wheel path: wheelhouse @@ -73,19 +73,19 @@ jobs: needs: macos-arm64-wheel runs-on: ubuntu-20.04 steps: - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: macOS-arm64-3.9-wheel path: macOS-arm64-3.9-wheel - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: macOS-arm64-3.10-wheel path: macOS-arm64-3.10-wheel - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: macOS-arm64-3.11-wheel path: macOS-arm64-3.11-wheel - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: macOS-arm64-3.12-wheel path: macOS-arm64-3.12-wheel @@ -98,7 +98,7 @@ jobs: cp macOS-arm64-3.12-wheel/*.whl wheelhouse/ ls -la wheelhouse/ sha256sum wheelhouse/*.whl - - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: tensorflow-io-release-macos-arm64 path: wheelhouse @@ -109,7 +109,7 @@ jobs: runs-on: ubuntu-20.04 steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: tensorflow-io-release-macos-arm64 path: wheelhouse @@ -131,12 +131,12 @@ jobs: COPY wheelhouse.commit /wheelhouse.commit COPY wheelhouse.version /wheelhouse.version EOF - - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - - uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 + - uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1 + - uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: username: tfsigio password: ${{ secrets.DOCKER_PASSWORD }} - - uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 # v6.2.0 + - uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: context: . push: true diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c29b16f64..44fc5b7dd 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -60,7 +60,7 @@ jobs: cat > service_account_creds.json << EOF ${{ secrets.GCP_CREDS }} EOF - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: "3.9" - name: macOS @@ -117,7 +117,7 @@ jobs: cat > service_account_creds.json << EOF ${{ secrets.GCP_CREDS }} EOF - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: "3.10" - name: Bazel on macOS @@ -128,7 +128,7 @@ jobs: export BAZEL_OPTIMIZATION="$BAZEL_OPTIMIZATION --remote_upload_local_results=true --google_credentials=service_account_creds.json" fi sudo -E -H bash -e .github/workflows/build.bazel.sh python3 - - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: ${{ runner.os }}-bazel-bin path: | @@ -148,11 +148,11 @@ jobs: python: ['3.9', '3.10', '3.11', '3.12'] steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ runner.os }}-bazel-bin path: bazel-bin - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: ${{ matrix.python }} - name: Wheel ${{ matrix.python }} macOS @@ -175,7 +175,7 @@ jobs: cp $f wheelhouse done ls wheelhouse/* - - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: ${{ runner.os }}-${{ matrix.python }}-wheel path: wheelhouse @@ -189,11 +189,11 @@ jobs: python: ['3.9'] steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ runner.os }}-${{ matrix.python }}-wheel path: wheelhouse - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: ${{ matrix.python }} - run: | @@ -271,7 +271,7 @@ jobs: find build/tensorflow_io -name '*runfiles*' | xargs rm -rf find build/tensorflow_io_gcs_filesystem -name '*runfiles*' | xargs rm -rf sudo rm -rf build/tensorflow_io/core/golang_ops.h - - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: ${{ runner.os }}-bazel-bin path: | @@ -287,7 +287,7 @@ jobs: python: ['3.9', '3.10', '3.11', '3.12'] steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ runner.os }}-bazel-bin path: bazel-bin @@ -307,7 +307,7 @@ jobs: done sudo chown -R $(id -nu):$(id -ng) . ls wheelhouse/* - - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: ${{ runner.os }}-${{ matrix.python }}-wheel path: wheelhouse @@ -321,10 +321,10 @@ jobs: python: ['3.9'] steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: ${{ matrix.python }} - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ runner.os }}-${{ matrix.python }}-wheel path: wheelhouse @@ -387,7 +387,7 @@ jobs: cp -r bazel-bin/tensorflow_io build cp -r bazel-bin/tensorflow_io_gcs_filesystem build bash -c "find build -not -name '*.so' -type f | xargs rm -rf" - - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: ${{ runner.os }}-bazel-bin path: | @@ -403,11 +403,11 @@ jobs: python: ['3.9', '3.10', '3.11', '3.12'] steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ runner.os }}-bazel-bin path: bazel-bin - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: ${{ matrix.python }} - name: Wheel ${{ matrix.python }} Windows @@ -420,7 +420,7 @@ jobs: rm -rf build python setup.py --project tensorflow-io-gcs-filesystem --data bazel-bin -q bdist_wheel ls -la dist - - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: ${{ runner.os }}-${{ matrix.python }}-wheel path: dist @@ -434,14 +434,14 @@ jobs: python: ['3.9'] steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ runner.os }}-${{ matrix.python }}-wheel path: wheel - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: ${{ matrix.python }} - - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 + - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: node-version: '8.x' - name: Setup ${{ matrix.python }} Windows @@ -487,51 +487,51 @@ jobs: needs: [linux-wheel, macos-wheel] #, windows-wheel] runs-on: ubuntu-20.04 steps: - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: macOS-3.9-wheel path: macOS-3.9-wheel - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: macOS-3.10-wheel path: macOS-3.10-wheel - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: macOS-3.11-wheel path: macOS-3.11-wheel - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: macOS-3.12-wheel path: macOS-3.12-wheel - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: Linux-3.9-wheel path: Linux-3.9-wheel - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: Linux-3.10-wheel path: Linux-3.10-wheel - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: Linux-3.11-wheel path: Linux-3.11-wheel - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: Linux-3.12-wheel path: Linux-3.12-wheel - #- uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + #- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 # with: # name: Windows-3.9-wheel # path: Windows-3.9-wheel - #- uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + #- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 # with: # name: Windows-3.10-wheel # path: Windows-3.10-wheel - #- uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + #- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 # with: # name: Windows-3.11-wheel # path: Windows-3.11-wheel - #- uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + #- uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 # with: # name: Windows-3.12-wheel # path: Windows-3.12-wheel @@ -552,7 +552,7 @@ jobs: # cp Windows-3.12-wheel/*.whl wheelhouse/ ls -la wheelhouse/ sha256sum wheelhouse/*.whl - - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: tensorflow-io-release path: wheelhouse @@ -564,7 +564,7 @@ jobs: runs-on: ubuntu-20.04 steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: tensorflow-io-release path: wheelhouse @@ -586,12 +586,12 @@ jobs: COPY wheelhouse.commit /wheelhouse.commit COPY wheelhouse.version /wheelhouse.version EOF - - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - - uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 + - uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1 + - uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0 with: username: tfsigio password: ${{ secrets.DOCKER_PASSWORD }} - - uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 # v6.2.0 + - uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: context: . push: true @@ -604,7 +604,7 @@ jobs: runs-on: ubuntu-20.04 steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: 3.8 - run: | @@ -628,7 +628,7 @@ jobs: set -e -x BUILD_NUMBER=$(date "+%Y%m%d%H%M%S") echo ${BUILD_NUMBER} > BUILD_NUMBER - - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: BUILD_NUMBER path: BUILD_NUMBER @@ -642,17 +642,17 @@ jobs: matrix: python: ['3.9', '3.10', '3.11', '3.12'] steps: - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: BUILD_NUMBER - uses: einaregilsson/build-number@46decf22c413b48c8923e98b2b5836f8aaf7781e # v3 - run: echo "Build number is $BUILD_NUMBER" - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ runner.os }}-bazel-bin path: bazel-bin - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: ${{ matrix.python }} - name: Wheel ${{ matrix.python }} macOS @@ -675,7 +675,7 @@ jobs: cp $f wheelhouse done ls wheelhouse/* - - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: ${{ runner.os }}-${{ matrix.python }}-nightly path: wheelhouse @@ -689,13 +689,13 @@ jobs: matrix: python: ['3.9', '3.10', '3.11', '3.12'] steps: - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: BUILD_NUMBER - uses: einaregilsson/build-number@46decf22c413b48c8923e98b2b5836f8aaf7781e # v3 - run: echo "Build number is $BUILD_NUMBER" - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ runner.os }}-bazel-bin path: bazel-bin @@ -715,7 +715,7 @@ jobs: done sudo chown -R $(id -nu):$(id -ng) . ls wheelhouse/* - - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: ${{ runner.os }}-${{ matrix.python }}-nightly path: wheelhouse @@ -729,17 +729,17 @@ jobs: matrix: python: ['3.9', '3.10', '3.11', '3.12'] steps: - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: BUILD_NUMBER - uses: einaregilsson/build-number@46decf22c413b48c8923e98b2b5836f8aaf7781e # v3 - run: echo "Build number is $BUILD_NUMBER" - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ runner.os }}-bazel-bin path: bazel-bin - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: ${{ matrix.python }} - name: Wheel ${{ matrix.python }} Windows @@ -752,7 +752,7 @@ jobs: rm -rf build python setup.py --project tensorflow-io-gcs-filesystem --data bazel-bin -q bdist_wheel --nightly %BUILD_NUMBER% ls -la dist - - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: ${{ runner.os }}-${{ matrix.python }}-nightly path: dist @@ -763,51 +763,51 @@ jobs: needs: [linux-nightly, macos-nightly, windows-nightly] runs-on: ubuntu-20.04 steps: - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: macOS-3.9-nightly path: macOS-3.9-nightly - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: macOS-3.10-nightly path: macOS-3.10-nightly - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: macOS-3.11-nightly path: macOS-3.11-nightly - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: macOS-3.12-nightly path: macOS-3.12-nightly - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: Linux-3.9-nightly path: Linux-3.9-nightly - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: Linux-3.10-nightly path: Linux-3.10-nightly - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: Linux-3.11-nightly path: Linux-3.11-nightly - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: Linux-3.12-nightly path: Linux-3.12-nightly - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: Windows-3.9-nightly path: Windows-3.9-nightly - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: Windows-3.10-nightly path: Windows-3.10-nightly - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: Windows-3.11-nightly path: Windows-3.11-nightly - - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: Windows-3.12-nightly path: Windows-3.12-nightly @@ -828,7 +828,7 @@ jobs: cp Windows-3.12-nightly/tensorflow_io_nightly*.whl dist/ ls -la dist/ sha256sum dist/*.whl - - uses: pypa/gh-action-pypi-publish@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0 # v1.9.0 + - uses: pypa/gh-action-pypi-publish@0ab0b79471669eb3a4d647e625009c62f9f3b241 # v1.10.1 with: user: __token__ password: ${{ secrets.github_tensorflow_io_nightly }} @@ -850,7 +850,7 @@ jobs: cp Windows-3.12-nightly/tensorflow_io_gcs_filesystem_nightly*.whl dist/ ls -la dist/ sha256sum dist/*.whl - - uses: pypa/gh-action-pypi-publish@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0 # v1.9.0 + - uses: pypa/gh-action-pypi-publish@0ab0b79471669eb3a4d647e625009c62f9f3b241 # v1.10.1 with: user: __token__ password: ${{ secrets.tensorflow_io_gcs_filesystem_nightly }} @@ -862,7 +862,7 @@ jobs: runs-on: ubuntu-20.04 steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: 3.8 - run: | diff --git a/.github/workflows/release.note.yml b/.github/workflows/release.note.yml index 3533732b7..5ff57ad01 100644 --- a/.github/workflows/release.note.yml +++ b/.github/workflows/release.note.yml @@ -24,7 +24,7 @@ jobs: - run: git diff - run: python3 tools/release/note_update.py - run: git diff - - uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0 + - uses: peter-evans/create-pull-request@d121e62763d8cc35b5fb1710e887d6e69a52d3a4 # v7.0.2 with: commit-message: Update RELEASE.md [bot] branch: bot-RELEASE.md diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 33f203981..aa84d02c6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -63,19 +63,19 @@ jobs: echo ${{ steps.info.outputs.name }} echo ${{ steps.info.outputs.commit }} cat CURRENT.md - - uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6 + - uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8 with: body_path: CURRENT.md name: ${{ steps.info.outputs.name }} tag_name: ${{ steps.info.outputs.tag }} target_commitish: ${{ steps.info.outputs.commit }} draft: true - - uses: pypa/gh-action-pypi-publish@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0 # master + - uses: pypa/gh-action-pypi-publish@0ab0b79471669eb3a4d647e625009c62f9f3b241 # master with: user: __token__ password: ${{ secrets.TEST_PYPI_TOKEN }} repository_url: https://test.pypi.org/legacy/ - #- uses: pypa/gh-action-pypi-publish@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0 # master + #- uses: pypa/gh-action-pypi-publish@0ab0b79471669eb3a4d647e625009c62f9f3b241 # master # with: # user: __token__ # password: ${{ secrets.PYPI_TOKEN }} diff --git a/.github/workflows/reviewdog.yml b/.github/workflows/reviewdog.yml index 298f49e97..9423924c6 100644 --- a/.github/workflows/reviewdog.yml +++ b/.github/workflows/reviewdog.yml @@ -20,7 +20,7 @@ jobs: - run: | sudo python3 -m pip install -U numpy pip black pyupgrade bazel run -s --verbose_failures --experimental_repo_remote_exec //tools/lint:lint -- bazel - - uses: reviewdog/action-suggester@a1d57ff096639094e0ba35ef3039e79316364796 # v1.15.0 + - uses: reviewdog/action-suggester@63b8f8cc21dfa052ac44436e65ed31edcffcb6c1 # v1.17.0 black: permissions: checks: write # for reviewdog/action-suggester to report issues using checks @@ -32,7 +32,7 @@ jobs: - run: | sudo python3 -m pip install -U numpy pip black pyupgrade bazel run -s --verbose_failures --experimental_repo_remote_exec //tools/lint:lint -- black - - uses: reviewdog/action-suggester@a1d57ff096639094e0ba35ef3039e79316364796 # v1.15.0 + - uses: reviewdog/action-suggester@63b8f8cc21dfa052ac44436e65ed31edcffcb6c1 # v1.17.0 clang: permissions: checks: write # for reviewdog/action-suggester to report issues using checks @@ -44,7 +44,7 @@ jobs: - run: | sudo python3 -m pip install -U numpy pip black pyupgrade bazel run -s --verbose_failures --experimental_repo_remote_exec //tools/lint:lint -- clang - - uses: reviewdog/action-suggester@a1d57ff096639094e0ba35ef3039e79316364796 # v1.15.0 + - uses: reviewdog/action-suggester@63b8f8cc21dfa052ac44436e65ed31edcffcb6c1 # v1.17.0 pyupgrade: permissions: checks: write # for reviewdog/action-suggester to report issues using checks @@ -56,4 +56,4 @@ jobs: - run: | sudo python3 -m pip install -U numpy pip black pyupgrade bazel run -s --verbose_failures --experimental_repo_remote_exec //tools/lint:lint -- pyupgrade - - uses: reviewdog/action-suggester@a1d57ff096639094e0ba35ef3039e79316364796 # v1.15.0 + - uses: reviewdog/action-suggester@63b8f8cc21dfa052ac44436e65ed31edcffcb6c1 # v1.17.0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index bd84cd48d..24869ff78 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -34,7 +34,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3 + uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 with: results_file: results.sarif results_format: sarif @@ -51,7 +51,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: SARIF file path: results.sarif @@ -59,6 +59,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 + uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 with: sarif_file: results.sarif