From cc590bfb517336e043c9e37b2f9299f570ac7da4 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Wed, 20 Nov 2024 11:25:02 -0800
Subject: [PATCH] chore(deps): update github-actions deps (#11712)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[codecov/codecov-action](https://redirect.github.com/codecov/codecov-action)
| action | patch | `5.0.2` -> `5.0.5` |
|
[github/codeql-action](https://redirect.github.com/github/codeql-action)
| action | patch | `v3.27.4` -> `v3.27.5` |
# Warnings (1)
Please correct - or verify that you can safely ignore - these warnings
before you merge this PR.
- `codecov/codecov-action`: Could not determine new digest for update
(github-tags package codecov/codecov-action)
---
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
---
### Release Notes
codecov/codecov-action (codecov/codecov-action)
###
[`v5.0.5`](https://redirect.github.com/codecov/codecov-action/blob/HEAD/CHANGELOG.md#v505)
[Compare
Source](https://redirect.github.com/codecov/codecov-action/compare/v5.0.4...v5.0.5)
##### What's Changed
- chore(release): wrapper-0.0.27 by
[@app/codecov-releaser-app](https://redirect.github.com/app/codecov-releaser-app)
in
[https://github.com/codecov/codecov-action/pull/1685](https://redirect.github.com/codecov/codecov-action/pull/1685)
**Full Changelog**:
https://github.com/codecov/codecov-action/compare/v5.0.4..v5.0.5
###
[`v5.0.4`](https://redirect.github.com/codecov/codecov-action/blob/HEAD/CHANGELOG.md#v504)
[Compare
Source](https://redirect.github.com/codecov/codecov-action/compare/v5.0.3...v5.0.4)
##### What's Changed
- chore(deps): bump wrapper to 0.0.26 by
[@thomasrockhu-codecov](https://redirect.github.com/thomasrockhu-codecov)
in
[https://github.com/codecov/codecov-action/pull/1681](https://redirect.github.com/codecov/codecov-action/pull/1681)
- fix: strip out a trailing /n from input tokens by
[@thomasrockhu-codecov](https://redirect.github.com/thomasrockhu-codecov)
in
[https://github.com/codecov/codecov-action/pull/1679](https://redirect.github.com/codecov/codecov-action/pull/1679)
- fix: add action version by
[@thomasrockhu-codecov](https://redirect.github.com/thomasrockhu-codecov)
in
[https://github.com/codecov/codecov-action/pull/1678](https://redirect.github.com/codecov/codecov-action/pull/1678)
**Full Changelog**:
https://github.com/codecov/codecov-action/compare/v5.0.3..v5.0.4
###
[`v5.0.3`](https://redirect.github.com/codecov/codecov-action/blob/HEAD/CHANGELOG.md#v503)
[Compare
Source](https://redirect.github.com/codecov/codecov-action/compare/v5.0.2...v5.0.3)
##### What's Changed
- fix: update OIDC audience by
[@thomasrockhu-codecov](https://redirect.github.com/thomasrockhu-codecov)
in
[https://github.com/codecov/codecov-action/pull/1675](https://redirect.github.com/codecov/codecov-action/pull/1675)
- fix: use double-quotes for OIDC by
[@thomasrockhu-codecov](https://redirect.github.com/thomasrockhu-codecov)
in
[https://github.com/codecov/codecov-action/pull/1669](https://redirect.github.com/codecov/codecov-action/pull/1669)
- fix: prevent always setting tokenless to be true by
[@thomasrockhu-codecov](https://redirect.github.com/thomasrockhu-codecov)
in
[https://github.com/codecov/codecov-action/pull/1673](https://redirect.github.com/codecov/codecov-action/pull/1673)
- fix: update CHANGELOG and automate by
[@thomasrockhu-codecov](https://redirect.github.com/thomasrockhu-codecov)
in
[https://github.com/codecov/codecov-action/pull/1674](https://redirect.github.com/codecov/codecov-action/pull/1674)
- fix: bump to v5 and update README by
[@thomasrockhu-codecov](https://redirect.github.com/thomasrockhu-codecov)
in
[https://github.com/codecov/codecov-action/pull/1655](https://redirect.github.com/codecov/codecov-action/pull/1655)
- build(deps): bump github/codeql-action from 3.27.0 to 3.27.4 by
[@app/dependabot](https://redirect.github.com/app/dependabot) in
[https://github.com/codecov/codecov-action/pull/1665](https://redirect.github.com/codecov/codecov-action/pull/1665)
- fix: typo in `inputs.disable_safe_directory` by
[@mkroening](https://redirect.github.com/mkroening) in
[https://github.com/codecov/codecov-action/pull/1666](https://redirect.github.com/codecov/codecov-action/pull/1666)
**Full Changelog**:
https://github.com/codecov/codecov-action/compare/v5.0.2..v5.0.3
github/codeql-action (github/codeql-action)
###
[`v3.27.5`](https://redirect.github.com/github/codeql-action/compare/v3.27.4...v3.27.5)
[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.27.4...v3.27.5)
---
### Configuration
📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
â™» **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.
---
- [ ] If you want to rebase/retry this PR, check
this box
---
This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
.github/workflows/build-and-test.yml | 2 +-
.github/workflows/codeql-analysis.yml | 6 +++---
.github/workflows/scorecard.yml | 2 +-
3 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml
index b5eca0be481..9a7307a6e65 100644
--- a/.github/workflows/build-and-test.yml
+++ b/.github/workflows/build-and-test.yml
@@ -212,7 +212,7 @@ jobs:
- name: Run Unit Tests With Coverage
run: make gotest-with-cover
- name: Upload coverage report
- uses: codecov/codecov-action@5c47607acb93fed5485fdbf7232e8a31425f672a # 5.0.2
+ uses: codecov/codecov-action@288befbd1044bd1756afb0bdae077549e0ddb31f # 5.0.5
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 63fc7bff27f..99e22a0a377 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -30,12 +30,12 @@ jobs:
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
- uses: github/codeql-action/init@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+ uses: github/codeql-action/init@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
with:
languages: go
- name: Autobuild
- uses: github/codeql-action/autobuild@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+ uses: github/codeql-action/autobuild@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+ uses: github/codeql-action/analyze@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 20594578f34..4026533faa6 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -64,6 +64,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
- uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+ uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
with:
sarif_file: results.sarif