From 31a63c5162d8764ad6bb1fb20b288a6f2cf9f982 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 11 Sep 2023 02:38:53 +0000 Subject: [PATCH] Bump the github-workflows group with 4 updates Bumps the github-workflows group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [actions/cache](https://github.com/actions/cache), [taiki-e/install-action](https://github.com/taiki-e/install-action) and [actions/upload-artifact](https://github.com/actions/upload-artifact). Updates `actions/checkout` from 3.6.0 to 4.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/f43a0e5ff2bd294095638e18286ca9a3d1956744...3df4ab11eba7bda6032a0b82a6bb43b11571feac) Updates `actions/cache` from 3.3.1 to 3.3.2 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8...704facf57e6136b1bc63b828d79edcd491f0ee84) Updates `taiki-e/install-action` from 2.17.8 to 2.18.6 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/6801bd56b9711500292d943350f0b1f3559d7acb...b89cfc4cdbf6930a4276f4c1d662f3217ef3edae) Updates `actions/upload-artifact` from 3.1.2 to 3.1.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/0b7f8abb1508181956e8e162db84b466c27e18ce...a8a3f3ad30e3422c9c7b888a15615d19a852ae32) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-workflows - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-workflows - dependency-name: taiki-e/install-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-workflows - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-workflows ... Signed-off-by: dependabot[bot] --- .github/workflows/ci-python.yml | 6 +++--- .github/workflows/ci-rust.yml | 8 ++++---- .github/workflows/ci-web.yml | 8 ++++---- .github/workflows/ci.yml | 4 ++-- .github/workflows/codeql.yml | 6 +++--- .github/workflows/cspell.yml | 6 +++--- .github/workflows/package-ionic-app.yml | 12 ++++++------ .github/workflows/package-server.yml | 6 +++--- .github/workflows/publish-testbed.yml | 2 +- .github/workflows/releaser.yml | 2 +- 10 files changed, 30 insertions(+), 30 deletions(-) diff --git a/.github/workflows/ci-python.yml b/.github/workflows/ci-python.yml index 433c23c4662..ebb3e379f45 100644 --- a/.github/workflows/ci-python.yml +++ b/.github/workflows/ci-python.yml @@ -38,7 +38,7 @@ jobs: # 20.04 is required to install PostgreSQL 12 runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # pin v4.0.0 timeout-minutes: 5 - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # pin v2.11.1 @@ -107,7 +107,7 @@ jobs: - name: Restore libparsec if Rust hasn't been modified id: cache-libparsec - uses: actions/cache/restore@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # pin v3.3.1 + uses: actions/cache/restore@704facf57e6136b1bc63b828d79edcd491f0ee84 # pin v3.3.2 with: key: ${{ steps.cache-key.outputs.key }} path: | @@ -171,7 +171,7 @@ jobs: if: >- steps.cache-libparsec.outputs.cache-hit != 'true' && !contains(github.ref, 'gh-readonly-queue') - uses: actions/cache/save@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # pin v3.3.1 + uses: actions/cache/save@704facf57e6136b1bc63b828d79edcd491f0ee84 # pin v3.3.2 with: key: ${{ steps.cache-key.outputs.key }} path: | diff --git a/.github/workflows/ci-rust.yml b/.github/workflows/ci-rust.yml index 29ce115e6aa..ddaed332a92 100644 --- a/.github/workflows/ci-rust.yml +++ b/.github/workflows/ci-rust.yml @@ -43,7 +43,7 @@ jobs: ports: - 6777:6777 steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # pin v4.0.0 timeout-minutes: 5 - uses: actions-rust-lang/setup-rust-toolchain@f3c84ee10bf5a86e7a5d607d487bf17d57670965 # pin v1.5.0 @@ -63,7 +63,7 @@ jobs: timeout-minutes: 5 # Install cargo nextest command - - uses: taiki-e/install-action@6801bd56b9711500292d943350f0b1f3559d7acb # pin v2.17.8 + - uses: taiki-e/install-action@b89cfc4cdbf6930a4276f4c1d662f3217ef3edae # pin v2.18.6 with: tool: nextest@${{ env.cargo-nextest-version }} @@ -131,7 +131,7 @@ jobs: timeout-minutes: 30 runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # pin v4.0.0 timeout-minutes: 5 - uses: actions-rust-lang/setup-rust-toolchain@f3c84ee10bf5a86e7a5d607d487bf17d57670965 # pin v1.5.0 @@ -160,7 +160,7 @@ jobs: timeout-minutes: 1 # Install cargo nextest command - - uses: taiki-e/install-action@6801bd56b9711500292d943350f0b1f3559d7acb # pin v2.17.8 + - uses: taiki-e/install-action@b89cfc4cdbf6930a4276f4c1d662f3217ef3edae # pin v2.18.6 with: tool: nextest@${{ env.cargo-nextest-version }} diff --git a/.github/workflows/ci-web.yml b/.github/workflows/ci-web.yml index 0ef08c9960e..0aef5edc9f6 100644 --- a/.github/workflows/ci-web.yml +++ b/.github/workflows/ci-web.yml @@ -40,7 +40,7 @@ jobs: ports: - 6777:6777 steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # pin v4.0.0 timeout-minutes: 5 - uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # pin v3.8.1 @@ -76,7 +76,7 @@ jobs: - name: Restore libparsec if Rust hasn't been modified id: cache-libparsec - uses: actions/cache/restore@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # pin v3.3.1 + uses: actions/cache/restore@704facf57e6136b1bc63b828d79edcd491f0ee84 # pin v3.3.2 with: key: ${{ steps.cache-key.outputs.key }} path: | @@ -105,7 +105,7 @@ jobs: timeout-minutes: 5 # Install wasm-pack command - - uses: taiki-e/install-action@6801bd56b9711500292d943350f0b1f3559d7acb # pin v2.17.8 + - uses: taiki-e/install-action@b89cfc4cdbf6930a4276f4c1d662f3217ef3edae # pin v2.18.6 with: tool: wasm-pack@${{ env.wasm-pack-version }} @@ -117,7 +117,7 @@ jobs: - name: Save libparsec to be reuse later if: steps.cache-libparsec.outputs.cache-hit != 'true' - uses: actions/cache/save@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # pin v3.3.1 + uses: actions/cache/save@704facf57e6136b1bc63b828d79edcd491f0ee84 # pin v3.3.2 with: key: ${{ steps.cache-key.outputs.key }} path: | diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 532ddf5bbbd..24ecfa41f68 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -31,7 +31,7 @@ jobs: python: ${{ steps.need-check.outputs.python }} web: ${{ steps.need-check.outputs.web }} steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # pin v4.0.0 timeout-minutes: 5 - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # pin v2.11.1 @@ -110,7 +110,7 @@ jobs: # Just a fail-safe timeout, see the fine grain per-task timeout instead timeout-minutes: 10 steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # pin v4.0.0 timeout-minutes: 5 - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # pin v2.11.1 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index b49cda1eb42..c029e2828c3 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -34,7 +34,7 @@ jobs: poetry-version: 1.5.1 steps: - name: Checkout repository - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin v3.6.0 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # pin v4.0.0 timeout-minutes: 5 - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # pin v2.11.1 @@ -101,7 +101,7 @@ jobs: # SDK_VERSION: 30.0.3 # steps: # - name: Checkout repository - # uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin v3.6.0 + # uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # pin v4.0.0 # timeout-minutes: 5 # - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # pin v2.11.1 @@ -171,7 +171,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout repository - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin v3.6.0 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # pin v4.0.0 timeout-minutes: 5 - uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # pin v2.11.1 diff --git a/.github/workflows/cspell.yml b/.github/workflows/cspell.yml index 544494adcd4..7290b609781 100644 --- a/.github/workflows/cspell.yml +++ b/.github/workflows/cspell.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout the repository - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin v3.6.0 + uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # pin v4.0.0 timeout-minutes: 5 - name: Generate cspell cache key @@ -54,7 +54,7 @@ jobs: - name: Restore cspell cache id: cache - uses: actions/cache/restore@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # pin v3.3.1 + uses: actions/cache/restore@704facf57e6136b1bc63b828d79edcd491f0ee84 # pin v3.3.2 with: path: | package-lock.json @@ -91,7 +91,7 @@ jobs: if: >- steps.installation.outputs.previous-cache-hash != hashFiles('.cspellcache') && contains(github.ref, 'gh-readonly-queue') != 'true' - uses: actions/cache/save@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # pin v3.3.1 + uses: actions/cache/save@704facf57e6136b1bc63b828d79edcd491f0ee84 # pin v3.3.2 with: key: ${{ steps.cache-key.outputs.key }} path: | diff --git a/.github/workflows/package-ionic-app.yml b/.github/workflows/package-ionic-app.yml index a3a6e2d087d..eb2da213c54 100644 --- a/.github/workflows/package-ionic-app.yml +++ b/.github/workflows/package-ionic-app.yml @@ -28,7 +28,7 @@ jobs: runs-on: ubuntu-22.04 name: ⚡ Package web app steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # pin v4.0.0 timeout-minutes: 5 - uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # pin v3.8.1 @@ -41,7 +41,7 @@ jobs: working-directory: client # Install syft - - uses: taiki-e/install-action@6801bd56b9711500292d943350f0b1f3559d7acb # pin v2.17.8 + - uses: taiki-e/install-action@b89cfc4cdbf6930a4276f4c1d662f3217ef3edae # pin v2.18.6 with: tool: syft@0.84.0, wasm-pack@${{ env.wasm-pack-version }} @@ -56,7 +56,7 @@ jobs: - name: Generate SBOM run: syft packages --config=.syft.yaml --output=spdx-json=Parsec-SBOM-Web.spdx.json . - - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # pin v3.1.2 + - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # pin v3.1.3 with: name: webapp path: | @@ -94,7 +94,7 @@ jobs: runs-on: ${{ matrix.os }} timeout-minutes: 60 steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # pin v4.0.0 timeout-minutes: 5 - name: Install dependencies @@ -118,14 +118,14 @@ jobs: timeout-minutes: 5 # Install syft - - uses: taiki-e/install-action@6801bd56b9711500292d943350f0b1f3559d7acb # pin v2.17.8 + - uses: taiki-e/install-action@b89cfc4cdbf6930a4276f4c1d662f3217ef3edae # pin v2.18.6 with: tool: syft@0.84.0 - name: Generate SBOM run: syft packages --config=.syft.yaml --output=spdx-json=Parsec-SBOM-Electron-${{ matrix.platform }}.spdx.json . - - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # pin v3.1.2 + - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # pin v3.1.3 with: name: ${{ runner.os }}-${{ runner.arch }}-electron-app path: | diff --git a/.github/workflows/package-server.yml b/.github/workflows/package-server.yml index 96b5eaf4826..3232145ce85 100644 --- a/.github/workflows/package-server.yml +++ b/.github/workflows/package-server.yml @@ -57,7 +57,7 @@ jobs: outputs: wheel-version: ${{ steps.version.outputs.full }} steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # pin v4.0.0 timeout-minutes: 5 - uses: ./.github/actions/setup-python-poetry @@ -139,14 +139,14 @@ jobs: run: python server/packaging/wheel/wheel_it.py ./server --output dist --skip-wheel # Install syft - - uses: taiki-e/install-action@6801bd56b9711500292d943350f0b1f3559d7acb # pin v2.17.8 + - uses: taiki-e/install-action@b89cfc4cdbf6930a4276f4c1d662f3217ef3edae # pin v2.18.6 with: tool: syft@0.84.0 - name: Generate SBOM run: syft packages --config=.syft.yaml --output=spdx-json=dist/Parsec-SBOM-Wheel-${{ matrix.platform }}.spdx.json . - - uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # pin v3.1.2 + - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # pin v3.1.3 with: name: ${{ runner.os }}-${{ runner.arch }}-wheel path: | diff --git a/.github/workflows/publish-testbed.yml b/.github/workflows/publish-testbed.yml index c4a0e95441c..28aa3162e6c 100644 --- a/.github/workflows/publish-testbed.yml +++ b/.github/workflows/publish-testbed.yml @@ -30,7 +30,7 @@ jobs: publish-testbed: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # pin v4.0.0 timeout-minutes: 5 - name: Log in to the Container registry diff --git a/.github/workflows/releaser.yml b/.github/workflows/releaser.yml index b7f07a3d1fa..f3e1d829615 100644 --- a/.github/workflows/releaser.yml +++ b/.github/workflows/releaser.yml @@ -31,7 +31,7 @@ jobs: dev: ${{ steps.version.outputs.dev }} local: ${{ steps.version.outputs.local }} steps: - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # pin v3.6.0 + - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # pin v4.0.0 timeout-minutes: 5 - name: Parse version for event ${{ github.event_name }}