From 3575e70c48ee4f3073214320ffb657d5a2e12c54 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Feb 2025 18:55:03 +0000 Subject: [PATCH] ci: bump the github-actions group across 1 directory with 5 updates Bumps the github-actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `3.1.0` | `4.2.2` | | [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `45.0.4` | `45.0.7` | | [python-semantic-release/publish-action](https://github.com/python-semantic-release/publish-action) | `9.14.0` | `9.20.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `2.1.36` | `3.28.9` | | [mikepenz/action-junit-report](https://github.com/mikepenz/action-junit-report) | `5.0.0` | `5.3.0` | Updates `actions/checkout` from 3.1.0 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v3.1.0...v4.2.2) Updates `tj-actions/changed-files` from 45.0.4 to 45.0.7 - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](https://github.com/tj-actions/changed-files/compare/v45.0.4...v45.0.7) Updates `python-semantic-release/publish-action` from 9.14.0 to 9.20.0 - [Release notes](https://github.com/python-semantic-release/publish-action/releases) - [Changelog](https://github.com/python-semantic-release/publish-action/blob/main/releaserc.toml) - [Commits](https://github.com/python-semantic-release/publish-action/compare/v9.14.0...v9.20.0) Updates `github/codeql-action` from 2.1.36 to 3.28.9 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/a669cc5936cc5e1b6a362ec1ff9e410dc570d190...9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0) Updates `mikepenz/action-junit-report` from 5.0.0 to 5.3.0 - [Release notes](https://github.com/mikepenz/action-junit-report/releases) - [Commits](https://github.com/mikepenz/action-junit-report/compare/v5.0.0...v5.3.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: tj-actions/changed-files dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: python-semantic-release/publish-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: mikepenz/action-junit-report dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 8 ++++---- .github/workflows/cicd.yml | 12 ++++++------ .github/workflows/codeql-analysis-injected.yml | 6 +++--- .github/workflows/validate.yml | 16 ++++++++-------- 4 files changed, 21 insertions(+), 21 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index cca7e057..b1dd5c40 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,7 +16,7 @@ jobs: if: ${{ github.event_name != 'pull_request' || !github.event.pull_request.draft }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.2.2 with: fetch-depth: 0 @@ -30,19 +30,19 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.2.2 with: fetch-depth: 100 - name: Evaluate | Check common file types for changes id: core-changed-files - uses: tj-actions/changed-files@v45.0.4 + uses: tj-actions/changed-files@v45.0.7 with: files_yaml_from_source_file: .github/changed-files-spec.yml - name: Evaluate | Check specific file types for changes id: ci-changed-files - uses: tj-actions/changed-files@v45.0.4 + uses: tj-actions/changed-files@v45.0.7 with: files_yaml: | ci: diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml index 74b1ff9a..86688145 100644 --- a/.github/workflows/cicd.yml +++ b/.github/workflows/cicd.yml @@ -19,21 +19,21 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.2.2 with: fetch-depth: 100 # Must at least retrieve a set of commits to compare changes # primarily because of any 'Rebase and Merge' PR action in GitHub - name: Evaluate | Check common file types for changes id: core-changed-files - uses: tj-actions/changed-files@v45.0.4 + uses: tj-actions/changed-files@v45.0.7 with: base_sha: ${{ github.event.push.before }} files_yaml_from_source_file: .github/changed-files-spec.yml - name: Evaluate | Check specific file types for changes id: ci-changed-files - uses: tj-actions/changed-files@v45.0.4 + uses: tj-actions/changed-files@v45.0.7 with: base_sha: ${{ github.event.push.before }} files_yaml: | @@ -100,7 +100,7 @@ jobs: # the branch was updated. To keep PSR working with the configured release branches, # we force a checkout of the desired release branch but at the workflow sha HEAD. - name: Setup | Checkout Repository at workflow sha - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: fetch-depth: 0 ref: ${{ github.sha }} @@ -125,7 +125,7 @@ jobs: build: false - name: Release | Add distribution artifacts to GitHub Release Assets - uses: python-semantic-release/publish-action@v9.14.0 + uses: python-semantic-release/publish-action@v9.20.0 with: github_token: ${{ secrets.GITHUB_TOKEN }} tag: ${{ steps.release.outputs.tag }} @@ -178,7 +178,7 @@ jobs: # the branch was updated. To keep PSR working with the configured release branches, # we force a checkout of the desired release branch but at the workflow sha HEAD. - name: Setup | Checkout Repository at workflow sha - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: fetch-depth: 1 ref: ${{ github.sha }} diff --git a/.github/workflows/codeql-analysis-injected.yml b/.github/workflows/codeql-analysis-injected.yml index 12b7830b..985e9be3 100644 --- a/.github/workflows/codeql-analysis-injected.yml +++ b/.github/workflows/codeql-analysis-injected.yml @@ -42,11 +42,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + uses: actions/checkout@85e6279cec87321a52edac9c87bce653a07cf6c2 # v3.1.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@a669cc5936cc5e1b6a362ec1ff9e410dc570d190 # v2.1.36 + uses: github/codeql-action/init@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 with: languages: ${{ matrix.language }} config-file: ./.github/codeql/codeql-config.yml @@ -73,4 +73,4 @@ jobs: npm run all - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@a669cc5936cc5e1b6a362ec1ff9e410dc570d190 # v2.1.36 \ No newline at end of file + uses: github/codeql-action/analyze@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 \ No newline at end of file diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index ea1e214e..0f56c0c4 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -71,7 +71,7 @@ jobs: steps: - name: Setup | Checkout Repository at workflow sha - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: ref: ${{ github.sha }} fetch-depth: 0 @@ -125,7 +125,7 @@ jobs: steps: - name: Setup | Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: ref: ${{ github.sha }} fetch-depth: 1 @@ -157,7 +157,7 @@ jobs: --junit-xml=tests/reports/pytest-results.xml - name: Report | Upload Test Results - uses: mikepenz/action-junit-report@v5.0.0 + uses: mikepenz/action-junit-report@v5.3.0 if: ${{ always() && steps.tests.outcome != 'skipped' }} with: report_paths: ./tests/reports/*.xml @@ -179,7 +179,7 @@ jobs: steps: - name: Setup | Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: ref: ${{ github.sha }} fetch-depth: 1 @@ -245,7 +245,7 @@ jobs: retention-days: 1 - name: Report | Upload Test Results - uses: mikepenz/action-junit-report@v5.0.0 + uses: mikepenz/action-junit-report@v5.3.0 if: ${{ always() && steps.tests.outcome != 'skipped' }} with: report_paths: ./tests/reports/*.xml @@ -266,7 +266,7 @@ jobs: steps: - name: Setup | Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: ref: ${{ github.sha }} fetch-depth: 1 @@ -340,7 +340,7 @@ jobs: retention-days: 1 - name: Report | Upload Test Results - uses: mikepenz/action-junit-report@v5.0.0 + uses: mikepenz/action-junit-report@v5.3.0 if: ${{ always() && steps.tests.outcome != 'skipped' }} with: report_paths: ./tests/reports/*.xml @@ -354,7 +354,7 @@ jobs: steps: - name: Setup | Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@v4.2.2 with: ref: ${{ github.sha }} fetch-depth: 1