From 30282425f2eb41bae8e7264e5d2cae452f27505d Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 17 Dec 2024 21:07:55 +0000 Subject: [PATCH] chore(deps): update maru support dependencies | datasource | package | from | to | | ----------- | -------------------------------- | -------- | ------- | | github-tags | actions/checkout | v4.2.1 | v4.2.2 | | github-tags | actions/dependency-review-action | v4.3.4 | v4.5.0 | | github-tags | actions/setup-go | v5.0.2 | v5.2.0 | | github-tags | actions/setup-node | v4.0.4 | v4.1.0 | | github-tags | anchore/sbom-action | v0.17.4 | v0.17.9 | | github-tags | github/codeql-action | v3.26.13 | v3.27.9 | | github-tags | goreleaser/goreleaser-action | v6.0.0 | v6.1.0 | | github-tags | zarf-dev/zarf | v0.41.0 | v0.45.0 | --- .github/actions/golang/action.yaml | 2 +- .github/actions/install-tools/action.yaml | 2 +- .github/actions/zarf/action.yaml | 2 +- .github/workflows/commitlint.yaml | 4 ++-- .github/workflows/dependency-review.yaml | 4 ++-- .github/workflows/release.yaml | 8 ++++---- .github/workflows/scan-codeql.yaml | 6 +++--- .github/workflows/scan-lint.yaml | 4 ++-- .github/workflows/scorecard.yaml | 4 ++-- .github/workflows/test-e2e-pr.yaml | 2 +- .github/workflows/test-schema.yaml | 2 +- .github/workflows/test-unit-pr.yaml | 2 +- 12 files changed, 21 insertions(+), 21 deletions(-) diff --git a/.github/actions/golang/action.yaml b/.github/actions/golang/action.yaml index 60cf98e..772d57e 100644 --- a/.github/actions/golang/action.yaml +++ b/.github/actions/golang/action.yaml @@ -4,6 +4,6 @@ description: "Setup Go binary and caching" runs: using: composite steps: - - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: 1.21.x diff --git a/.github/actions/install-tools/action.yaml b/.github/actions/install-tools/action.yaml index 176d3e7..622af58 100644 --- a/.github/actions/install-tools/action.yaml +++ b/.github/actions/install-tools/action.yaml @@ -5,4 +5,4 @@ runs: using: composite steps: # used by goreleaser to create SBOMs - - uses: anchore/sbom-action/download-syft@8d0a6505bf28ced3e85154d13dc6af83299e13f1 # v0.17.4 + - uses: anchore/sbom-action/download-syft@df80a981bc6edbc4e220a492d3cbe9f5547a6e75 # v0.17.9 diff --git a/.github/actions/zarf/action.yaml b/.github/actions/zarf/action.yaml index 24cb0fa..843d62b 100644 --- a/.github/actions/zarf/action.yaml +++ b/.github/actions/zarf/action.yaml @@ -7,4 +7,4 @@ runs: - uses: defenseunicorns/setup-zarf@main with: # renovate: datasource=github-tags depName=zarf-dev/zarf - version: v0.41.0 + version: v0.45.0 diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml index 93554ae..755bd88 100644 --- a/.github/workflows/commitlint.yaml +++ b/.github/workflows/commitlint.yaml @@ -16,12 +16,12 @@ jobs: steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Setup Node.js - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 - name: Install commitlint run: npm install --save-dev @commitlint/{config-conventional,cli} diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml index 09cd2bf..ed3f97c 100644 --- a/.github/workflows/dependency-review.yaml +++ b/.github/workflows/dependency-review.yaml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Dependency Review - uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4 + uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index eb53f19..ef824b5 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -11,7 +11,7 @@ jobs: steps: # Checkout the repo and setup the tooling for this job - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 @@ -38,7 +38,7 @@ jobs: steps: # Checkout the repo and setup the tooling for this job - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 @@ -78,7 +78,7 @@ jobs: contents: write steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 @@ -112,7 +112,7 @@ jobs: repositories: homebrew-tap - name: Run GoReleaser - uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0 + uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf # v6.1.0 with: distribution: goreleaser version: latest diff --git a/.github/workflows/scan-codeql.yaml b/.github/workflows/scan-codeql.yaml index 8219d2b..0d6b01a 100644 --- a/.github/workflows/scan-codeql.yaml +++ b/.github/workflows/scan-codeql.yaml @@ -36,7 +36,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup golang uses: ./.github/actions/golang @@ -45,7 +45,7 @@ jobs: run: make build-cli-linux-amd - name: Initialize CodeQL - uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 + uses: github/codeql-action/init@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 env: CODEQL_EXTRACTOR_GO_BUILD_TRACING: on with: @@ -54,6 +54,6 @@ jobs: - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 + uses: github/codeql-action/analyze@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scan-lint.yaml b/.github/workflows/scan-lint.yaml index ad52964..a33fbe7 100644 --- a/.github/workflows/scan-lint.yaml +++ b/.github/workflows/scan-lint.yaml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup golang uses: ./.github/actions/golang @@ -26,7 +26,7 @@ jobs: extra_args: --all-files --verbose # pre-commit run --all-files --verbose - name: Run Revive Action by pulling pre-built image - uses: docker://morphy/revive-action:v2@sha256:d6f045593cf654035d239c3b64595bcc09a6271fc974a97b9f7a4e678cfcfa72 + uses: docker://morphy/revive-action:v2@sha256:793c4e8bac339d7dcfccb0c35c9dbc623f5b0956515fcce9efd78162c084e8e0 with: config: revive.toml # Exclude patterns, separated by semicolons (optional) diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index e88c391..c82a2ac 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -22,7 +22,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false @@ -45,6 +45,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 + uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 with: sarif_file: results.sarif diff --git a/.github/workflows/test-e2e-pr.yaml b/.github/workflows/test-e2e-pr.yaml index 451015d..f4a2a00 100644 --- a/.github/workflows/test-e2e-pr.yaml +++ b/.github/workflows/test-e2e-pr.yaml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup golang uses: ./.github/actions/golang diff --git a/.github/workflows/test-schema.yaml b/.github/workflows/test-schema.yaml index 1455b41..4e211ca 100644 --- a/.github/workflows/test-schema.yaml +++ b/.github/workflows/test-schema.yaml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup golang uses: ./.github/actions/golang diff --git a/.github/workflows/test-unit-pr.yaml b/.github/workflows/test-unit-pr.yaml index 128993f..6886e44 100644 --- a/.github/workflows/test-unit-pr.yaml +++ b/.github/workflows/test-unit-pr.yaml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Setup golang uses: ./.github/actions/golang