From 535d93fd5d955947ae8abc780a6606867e72173b Mon Sep 17 00:00:00 2001 From: nginx-bot <68849795+nginx-bot@users.noreply.github.com> Date: Mon, 6 Jan 2025 04:02:41 -0800 Subject: [PATCH] [cherry-pick] chore(deps): bump the actions group across 1 directory with 5 updates (#7057) chore(deps): bump the actions group across 1 directory with 5 updates (#7055) Bumps the actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github/codeql-action](https://github.com/github/codeql-action) | `3.27.9` | `3.28.0` | | [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.60.0` | `1.61.0` | | [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) | `18.0.0` | `19.0.0` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `7.0.5` | `7.0.6` | | [nginxinc/aws-marketplace-publish](https://github.com/nginxinc/aws-marketplace-publish) | `1.0.6` | `1.0.7` | Updates `github/codeql-action` from 3.27.9 to 3.28.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/df409f7d9260372bd5f19e5b04e83cb3c43714ae...48ab28a6f5dbc2a99bf1e0131198dd8f1df78169) Updates `reviewdog/action-actionlint` from 1.60.0 to 1.61.0 - [Release notes](https://github.com/reviewdog/action-actionlint/releases) - [Commits](https://github.com/reviewdog/action-actionlint/compare/08ef4afa963243489a457cca426f705ce4e0d1a5...534eb894142bcf31616e5436cbe4214641c58101) Updates `DavidAnson/markdownlint-cli2-action` from 18.0.0 to 19.0.0 - [Release notes](https://github.com/davidanson/markdownlint-cli2-action/releases) - [Commits](https://github.com/davidanson/markdownlint-cli2-action/compare/eb5ca3ab411449c66620fe7f1b3c9e10547144b0...a23dae216ce3fee4db69da41fed90d2a4af801cf) Updates `peter-evans/create-pull-request` from 7.0.5 to 7.0.6 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/5e914681df9dc83aa4e4905692ca88beb2f9e91f...67ccf781d68cd99b580ae25a5c18a1cc84ffff1f) Updates `nginxinc/aws-marketplace-publish` from 1.0.6 to 1.0.7 - [Release notes](https://github.com/nginxinc/aws-marketplace-publish/releases) - [Commits](https://github.com/nginxinc/aws-marketplace-publish/compare/47db7444063941b7e5b509cd8cd0be6f25ecb35b...108e752101152582ed409c5faed859a891e0d7aa) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: reviewdog/action-actionlint dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: DavidAnson/markdownlint-cli2-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: nginxinc/aws-marketplace-publish dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql-analysis.yml | 6 +++--- .github/workflows/image-promotion.yml | 8 ++++---- .github/workflows/lint-format.yml | 4 ++-- .github/workflows/release-pr.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/scorecards.yml | 2 +- .github/workflows/update-docker-sha.yml | 2 +- .github/workflows/update-kubernetes-version.yml | 2 +- .github/workflows/version-bump.yml | 2 +- 9 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index b58345a6db..de64d6d9ad 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -70,7 +70,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3.27.7 + uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -89,7 +89,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, Java, or Swift). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3.27.7 + uses: github/codeql-action/autobuild@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -102,6 +102,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3.27.7 + uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/image-promotion.yml b/.github/workflows/image-promotion.yml index 5250d768cb..64519c2f19 100644 --- a/.github/workflows/image-promotion.yml +++ b/.github/workflows/image-promotion.yml @@ -143,7 +143,7 @@ jobs: fi - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3.27.7 + uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 if: steps.check-sarif.outputs.sarif_has_results == 'true' with: sarif_file: govulncheck.sarif @@ -468,7 +468,7 @@ jobs: overwrite: true - name: Upload Scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3.27.7 + uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: sarif_file: "${{ steps.directory.outputs.directory }}/" @@ -557,7 +557,7 @@ jobs: overwrite: true - name: Upload Scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3.27.7 + uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: sarif_file: "${{ steps.directory.outputs.directory }}/" @@ -653,7 +653,7 @@ jobs: overwrite: true - name: Upload Scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3.27.7 + uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: sarif_file: "${{ steps.directory.outputs.directory }}/" continue-on-error: true diff --git a/.github/workflows/lint-format.yml b/.github/workflows/lint-format.yml index 28fb7b1041..1195d03bd0 100644 --- a/.github/workflows/lint-format.yml +++ b/.github/workflows/lint-format.yml @@ -63,7 +63,7 @@ jobs: - name: Checkout Repository uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: reviewdog/action-actionlint@08ef4afa963243489a457cca426f705ce4e0d1a5 # v1.60.0 + - uses: reviewdog/action-actionlint@534eb894142bcf31616e5436cbe4214641c58101 # v1.61.0 with: actionlint_flags: -shellcheck "" @@ -84,7 +84,7 @@ jobs: - name: Checkout Repository uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: DavidAnson/markdownlint-cli2-action@eb5ca3ab411449c66620fe7f1b3c9e10547144b0 # v18.0.0 + - uses: DavidAnson/markdownlint-cli2-action@a23dae216ce3fee4db69da41fed90d2a4af801cf # v19.0.0 with: config: .markdownlint-cli2.yaml globs: "**/*.md" diff --git a/.github/workflows/release-pr.yml b/.github/workflows/release-pr.yml index 4a3e91aa4f..df3025068f 100644 --- a/.github/workflows/release-pr.yml +++ b/.github/workflows/release-pr.yml @@ -70,7 +70,7 @@ jobs: .github/scripts/release-notes-update.sh ${{ github.event.inputs.new_version }} ${{ github.event.inputs.new_helm_version }} "${{ github.event.inputs.k8s_versions }}" "${{ github.event.inputs.release_date }}" - name: Create Pull Request - uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5 + uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6 with: token: ${{ secrets.NGINX_PAT }} commit-message: Release ${{ github.event.inputs.new_version }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 056e1b1e30..0e87afaea1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -404,7 +404,7 @@ jobs: role-to-assume: ${{ secrets.AWS_ROLE_MARKETPLACE }} - name: Publish to AWS Marketplace - uses: nginxinc/aws-marketplace-publish@47db7444063941b7e5b509cd8cd0be6f25ecb35b # v1.0.6 + uses: nginxinc/aws-marketplace-publish@108e752101152582ed409c5faed859a891e0d7aa # v1.0.7 continue-on-error: true with: version: ${{ inputs.nic_version }} diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 5661494b77..442c2a97c9 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -57,6 +57,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@babb554ede22fd5605947329c4d04d8e7a0b8155 # v3.27.7 + uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: sarif_file: results.sarif diff --git a/.github/workflows/update-docker-sha.yml b/.github/workflows/update-docker-sha.yml index 19c3f70c7a..1eb2776695 100644 --- a/.github/workflows/update-docker-sha.yml +++ b/.github/workflows/update-docker-sha.yml @@ -75,7 +75,7 @@ jobs: echo $GITHUB_OUTPUT - name: Create Pull Request - uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5 + uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6 id: pr with: token: ${{ secrets.NGINX_PAT }} diff --git a/.github/workflows/update-kubernetes-version.yml b/.github/workflows/update-kubernetes-version.yml index 9c79f73ca7..8afa03edd6 100644 --- a/.github/workflows/update-kubernetes-version.yml +++ b/.github/workflows/update-kubernetes-version.yml @@ -43,7 +43,7 @@ jobs: if: ${{ steps.search.outputs.found == 'false' }} - name: Create Pull Request - uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5 + uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6 with: token: ${{ secrets.NGINX_PAT }} commit-message: update kubernetes version to ${{ steps.k8s-version.outputs.version }} in helm schema diff --git a/.github/workflows/version-bump.yml b/.github/workflows/version-bump.yml index 25b66fe06b..d65682c834 100644 --- a/.github/workflows/version-bump.yml +++ b/.github/workflows/version-bump.yml @@ -48,7 +48,7 @@ jobs: CHART_VERSION: ${{ inputs.helm_chart_version }} - name: Create Pull Request - uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5 + uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7.0.6 with: token: ${{ secrets.NGINX_PAT }} commit-message: Version Bump for ${{ github.event.inputs.ic_version }}