From f30b175b4c5796937defa5c7c5d1c3bfe63043cf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 12 Apr 2024 09:20:24 +0000 Subject: [PATCH] chore(deps): bump the github-actions group with 4 updates Bumps the github-actions group with 4 updates: [vladopajic/go-test-coverage](https://github.com/vladopajic/go-test-coverage), [wagoid/commitlint-github-action](https://github.com/wagoid/commitlint-github-action), [github/codeql-action](https://github.com/github/codeql-action) and [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer). Updates `vladopajic/go-test-coverage` from 2.10.0 to 2.10.1 - [Release notes](https://github.com/vladopajic/go-test-coverage/releases) - [Commits](https://github.com/vladopajic/go-test-coverage/compare/a1e0de1432c72e8ca43f6ca07ffa038690b2fbb6...1079cd4e58dda229c04ffdb6324fc3756b8542ff) Updates `wagoid/commitlint-github-action` from 6.0.0 to 6.0.1 - [Changelog](https://github.com/wagoid/commitlint-github-action/blob/master/CHANGELOG.md) - [Commits](https://github.com/wagoid/commitlint-github-action/compare/3c75220e8d20774b68eea48e869a706ff7249b54...7f0a61df502599e1f1f50880aaa7ec1e2c0592f2) Updates `github/codeql-action` from 3.24.9 to 3.24.10 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/1b1aada464948af03b950897e5eb522f92603cc2...4355270be187e1b672a7a1c7c7bae5afdc1ab94a) Updates `sigstore/cosign-installer` from 3.4.0 to 3.5.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/e1523de7571e31dbe865fd2e80c5c7c23ae71eb4...59acb6260d9c0ba8f4a2f9d9b48431a222b68e20) --- updated-dependencies: - dependency-name: vladopajic/go-test-coverage dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: wagoid/commitlint-github-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/coverage.yaml | 2 +- .github/workflows/lint.yaml | 2 +- .github/workflows/ossf-analysis.yaml | 2 +- .github/workflows/release.yaml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/coverage.yaml b/.github/workflows/coverage.yaml index 599be31b..d267caf9 100644 --- a/.github/workflows/coverage.yaml +++ b/.github/workflows/coverage.yaml @@ -20,7 +20,7 @@ jobs: # remove generated code from coverage calculation grep -Ev 'internal/mock|_enumer.go' cover.out.raw > cover.out - name: Generage coverage badge - uses: vladopajic/go-test-coverage@a1e0de1432c72e8ca43f6ca07ffa038690b2fbb6 # v2.10.0 + uses: vladopajic/go-test-coverage@1079cd4e58dda229c04ffdb6324fc3756b8542ff # v2.10.1 with: profile: cover.out local-prefix: github.com/uselagoon/lagoon-ssh-portal diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index d29e7f6e..bab6de5d 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -26,7 +26,7 @@ jobs: - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 0 - - uses: wagoid/commitlint-github-action@3c75220e8d20774b68eea48e869a706ff7249b54 # v6.0.0 + - uses: wagoid/commitlint-github-action@7f0a61df502599e1f1f50880aaa7ec1e2c0592f2 # v6.0.1 with: configFile: .github/commitlint.config.mjs lint-actions: diff --git a/.github/workflows/ossf-analysis.yaml b/.github/workflows/ossf-analysis.yaml index 4f266694..dd4624b9 100644 --- a/.github/workflows/ossf-analysis.yaml +++ b/.github/workflows/ossf-analysis.yaml @@ -26,6 +26,6 @@ jobs: # of the value entered here. publish_results: true - name: Upload SARIF results to code scanning - uses: github/codeql-action/upload-sarif@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9 + uses: github/codeql-action/upload-sarif@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10 with: sarif_file: results.sarif diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 97f30ac7..3ca5a94f 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -63,7 +63,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Set up environment run: echo "GOVERSION=$(go version)" >> "$GITHUB_ENV" - - uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0 + - uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0 - uses: advanced-security/sbom-generator-action@375dee8e6144d9fd0ec1f5667b4f6fb4faacefed # v0.0.1 id: sbom env: