From 87d2aec725602e0bf7bda0caf7cd6ffaf1205f8a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 7 Jun 2024 12:04:36 -0600 Subject: [PATCH] chore(deps): update maru support dependencies (#101) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/create-github-app-token](https://togithub.com/actions/create-github-app-token) | action | patch | `v1.10.0` -> `v1.10.1` | | [actions/dependency-review-action](https://togithub.com/actions/dependency-review-action) | action | patch | `v4.3.2` -> `v4.3.3` | | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | | minor | `v0.33.2` -> `v0.34.0` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.6` -> `v3.25.8` | --- ### Release Notes
actions/create-github-app-token (actions/create-github-app-token) ### [`v1.10.1`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.10.1) [Compare Source](https://togithub.com/actions/create-github-app-token/compare/v1.10.0...v1.10.1) ##### Bug Fixes - **deps:** bump the production-dependencies group with 2 updates ([#​138](https://togithub.com/actions/create-github-app-token/issues/138)) ([8d81a59](https://togithub.com/actions/create-github-app-token/commit/8d81a59103d6d17f5ecc243eb5fd53757607a1d2)), closes [#​606](https://togithub.com/actions/create-github-app-token/issues/606) [#​606](https://togithub.com/actions/create-github-app-token/issues/606) [#​605](https://togithub.com/actions/create-github-app-token/issues/605) [#​604](https://togithub.com/actions/create-github-app-token/issues/604) [nodejs/undici#3295](https://togithub.com/nodejs/undici/issues/3295) [nodejs/undici#3298](https://togithub.com/nodejs/undici/issues/3298) [nodejs/undici#3294](https://togithub.com/nodejs/undici/issues/3294) [nodejs/undici#3281](https://togithub.com/nodejs/undici/issues/3281) [nodejs/undici#3286](https://togithub.com/nodejs/undici/issues/3286) [nodejs/undici#3284](https://togithub.com/nodejs/undici/issues/3284) [nodejs/undici#3291](https://togithub.com/nodejs/undici/issues/3291) [nodejs/undici#3290](https://togithub.com/nodejs/undici/issues/3290) [nodejs/undici#3283](https://togithub.com/nodejs/undici/issues/3283) [nodejs/undici#3281](https://togithub.com/nodejs/undici/issues/3281) [nodejs/undici#3263](https://togithub.com/nodejs/undici/issues/3263) [nodejs/undici#3279](https://togithub.com/nodejs/undici/issues/3279) [nodejs/undici#3227](https://togithub.com/nodejs/undici/issues/3227) [nodejs/undici#3234](https://togithub.com/nodejs/undici/issues/3234) [nodejs/undici#3240](https://togithub.com/nodejs/undici/issues/3240) [nodejs/undici#3245](https://togithub.com/nodejs/undici/issues/3245) [nodejs/undici#3241](https://togithub.com/nodejs/undici/issues/3241) [nodejs/undici#3247](https://togithub.com/nodejs/undici/issues/3247) [nodejs/undici#3248](https://togithub.com/nodejs/undici/issues/3248) [nodejs/undici#3219](https://togithub.com/nodejs/undici/issues/3219) [nodejs/undici#3251](https://togithub.com/nodejs/undici/issues/3251) [nodejs/undici#3254](https://togithub.com/nodejs/undici/issues/3254) [nodejs/undici#3258](https://togithub.com/nodejs/undici/issues/3258) [nodejs/undici#3257](https://togithub.com/nodejs/undici/issues/3257) [nodejs/undici#3259](https://togithub.com/nodejs/undici/issues/3259) [nodejs/undici#3262](https://togithub.com/nodejs/undici/issues/3262) [nodejs/undici#3264](https://togithub.com/nodejs/undici/issues/3264) [nodejs/undici#3118](https://togithub.com/nodejs/undici/issues/3118) [nodejs/undici#3269](https://togithub.com/nodejs/undici/issues/3269) [#​3301](https://togithub.com/actions/create-github-app-token/issues/3301) [#​3294](https://togithub.com/actions/create-github-app-token/issues/3294) [#​3298](https://togithub.com/actions/create-github-app-token/issues/3298) [#​3295](https://togithub.com/actions/create-github-app-token/issues/3295) [#​3293](https://togithub.com/actions/create-github-app-token/issues/3293) [#​3283](https://togithub.com/actions/create-github-app-token/issues/3283) [#​3290](https://togithub.com/actions/create-github-app-token/issues/3290) [#​3291](https://togithub.com/actions/create-github-app-token/issues/3291) [#​3284](https://togithub.com/actions/create-github-app-token/issues/3284) [#​3286](https://togithub.com/actions/create-github-app-token/issues/3286)
actions/dependency-review-action (actions/dependency-review-action) ### [`v4.3.3`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.3.3): Notes for v4.3.3 [Compare Source](https://togithub.com/actions/dependency-review-action/compare/v4.3.2...v4.3.3) #### What's Changed - Allow slashes in purl package names by [@​juxtin](https://togithub.com/juxtin) in [https://github.com/actions/dependency-review-action/pull/765](https://togithub.com/actions/dependency-review-action/pull/765) - use the v3 version of the deps.dev API by [@​josieang](https://togithub.com/josieang) in [https://github.com/actions/dependency-review-action/pull/741](https://togithub.com/actions/dependency-review-action/pull/741) - PR with suggestions - \[Improvement]: Help streamline / simplify dependency review action README by [@​am-stead](https://togithub.com/am-stead) in [https://github.com/actions/dependency-review-action/pull/773](https://togithub.com/actions/dependency-review-action/pull/773) - fix show-openssf-scorecard-levels input by [@​ramann](https://togithub.com/ramann) in [https://github.com/actions/dependency-review-action/pull/776](https://togithub.com/actions/dependency-review-action/pull/776) - Updates to the contribution guidelines by [@​jonjanego](https://togithub.com/jonjanego) in [https://github.com/actions/dependency-review-action/pull/778](https://togithub.com/actions/dependency-review-action/pull/778) - Create issue templates by [@​jonjanego](https://togithub.com/jonjanego) in [https://github.com/actions/dependency-review-action/pull/777](https://togithub.com/actions/dependency-review-action/pull/777) - Fix the max comment length issue by [@​jhutchings1](https://togithub.com/jhutchings1) and [@​elireisman](https://togithub.com/elireisman) in [https://github.com/actions/dependency-review-action/pull/767](https://togithub.com/actions/dependency-review-action/pull/767) - Bump project version to 4.3.3 in prep for a release by [@​elireisman](https://togithub.com/elireisman) in [https://github.com/actions/dependency-review-action/pull/781](https://togithub.com/actions/dependency-review-action/pull/781) #### New Contributors - [@​josieang](https://togithub.com/josieang) made their first contribution in [https://github.com/actions/dependency-review-action/pull/741](https://togithub.com/actions/dependency-review-action/pull/741) - [@​am-stead](https://togithub.com/am-stead) made their first contribution in [https://github.com/actions/dependency-review-action/pull/773](https://togithub.com/actions/dependency-review-action/pull/773) - [@​ramann](https://togithub.com/ramann) made their first contribution in [https://github.com/actions/dependency-review-action/pull/776](https://togithub.com/actions/dependency-review-action/pull/776) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v4.3.2...v4.3.3
defenseunicorns/zarf (defenseunicorns/zarf) ### [`v0.34.0`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.34.0) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.2...v0.34.0) #### What's Changed - refactor: move validate to expose it as receivers by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2419](https://togithub.com/defenseunicorns/zarf/pull/2419) - docs: add additional detail to security policy by [@​salaxander](https://togithub.com/salaxander) in [https://github.com/defenseunicorns/zarf/pull/2488](https://togithub.com/defenseunicorns/zarf/pull/2488) - chore: cleanup stale grype ignores and patch golang.org/x/net CVE by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2492](https://togithub.com/defenseunicorns/zarf/pull/2492) - docs: injector and init package reference material by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2468](https://togithub.com/defenseunicorns/zarf/pull/2468) - chore: patch CVE-2024-3817 by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2498](https://togithub.com/defenseunicorns/zarf/pull/2498) - refactor: cleaner image pulls by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2460](https://togithub.com/defenseunicorns/zarf/pull/2460) - chore: adding [@​dgershman](https://togithub.com/dgershman) by [@​dgershman](https://togithub.com/dgershman) in [https://github.com/defenseunicorns/zarf/pull/2506](https://togithub.com/defenseunicorns/zarf/pull/2506) - refactor: context usage in k8s code by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2405](https://togithub.com/defenseunicorns/zarf/pull/2405) - ci: run revive using golang-lint-ci by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2499](https://togithub.com/defenseunicorns/zarf/pull/2499) - feat: update injector away from rouille to axum by [@​schristoff](https://togithub.com/schristoff) in [https://github.com/defenseunicorns/zarf/pull/2457](https://togithub.com/defenseunicorns/zarf/pull/2457) - refactor: enable testifylint linter by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2504](https://togithub.com/defenseunicorns/zarf/pull/2504) - chore: remove rouille CVE from grype ignore by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2515](https://togithub.com/defenseunicorns/zarf/pull/2515) - fix(agent): missing path for pod without labels by [@​brandtkeller](https://togithub.com/brandtkeller) in [https://github.com/defenseunicorns/zarf/pull/2518](https://togithub.com/defenseunicorns/zarf/pull/2518) - fix: adopt namespace metadata by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2494](https://togithub.com/defenseunicorns/zarf/pull/2494) - refactor: enable ineffassign linter by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2500](https://togithub.com/defenseunicorns/zarf/pull/2500) - test: cluster getDeployedPackages by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2523](https://togithub.com/defenseunicorns/zarf/pull/2523) - test: add unit tests for merge zarf state by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2522](https://togithub.com/defenseunicorns/zarf/pull/2522) - test: pod agent unit tests by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2526](https://togithub.com/defenseunicorns/zarf/pull/2526) - docs: add google analytics for docs pages by [@​salaxander](https://togithub.com/salaxander) in [https://github.com/defenseunicorns/zarf/pull/2530](https://togithub.com/defenseunicorns/zarf/pull/2530) - test: add unit tests for detect distro by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2521](https://togithub.com/defenseunicorns/zarf/pull/2521) - test: add tests for injector by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2534](https://togithub.com/defenseunicorns/zarf/pull/2534) - chore: add codecov by [@​schristoff-du](https://togithub.com/schristoff-du) in [https://github.com/defenseunicorns/zarf/pull/2529](https://togithub.com/defenseunicorns/zarf/pull/2529) - chore: add unit tests for creator.LoadPackageDefinition by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2531](https://togithub.com/defenseunicorns/zarf/pull/2531) - test: refactor network test by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2533](https://togithub.com/defenseunicorns/zarf/pull/2533) - test: agent flux unit test by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2528](https://togithub.com/defenseunicorns/zarf/pull/2528) - chore: fix codecov by [@​schristoff](https://togithub.com/schristoff) in [https://github.com/defenseunicorns/zarf/pull/2538](https://togithub.com/defenseunicorns/zarf/pull/2538) - test: creator.ComposeComponents by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2537](https://togithub.com/defenseunicorns/zarf/pull/2537) - refactor: remove use of k8s serivce account by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2544](https://togithub.com/defenseunicorns/zarf/pull/2544) - refactor: remove use of k8s service by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2543](https://togithub.com/defenseunicorns/zarf/pull/2543) - refactor: remove use of k8s configmap by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2541](https://togithub.com/defenseunicorns/zarf/pull/2541) - refactor: remove use of k8s hpa by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2542](https://togithub.com/defenseunicorns/zarf/pull/2542) - test: add secrets tests by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2540](https://togithub.com/defenseunicorns/zarf/pull/2540) - refactor: allow callers to directly set logfile location by [@​Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2545](https://togithub.com/defenseunicorns/zarf/pull/2545) - test: add test for packager source by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2525](https://togithub.com/defenseunicorns/zarf/pull/2525) - chore: add unit tests to variables pkg by [@​Racer159](https://togithub.com/Racer159) in [https://github.com/defenseunicorns/zarf/pull/2519](https://togithub.com/defenseunicorns/zarf/pull/2519) - test: clean up tests for composer by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2532](https://togithub.com/defenseunicorns/zarf/pull/2532) - test: argo agent unit tests by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2536](https://togithub.com/defenseunicorns/zarf/pull/2536) - fix(release): do not delete testdata in release workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2547](https://togithub.com/defenseunicorns/zarf/pull/2547) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.33.2...v0.34.0
github/codeql-action (github/codeql-action) ### [`v3.25.8`](https://togithub.com/github/codeql-action/compare/v3.25.7...v3.25.8) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.7...v3.25.8) ### [`v3.25.7`](https://togithub.com/github/codeql-action/compare/v3.25.6...v3.25.7) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.6...v3.25.7)
--- ### Configuration 📅 **Schedule**: Branch creation - "after 12pm every weekday,before 11am every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/maru-runner). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/actions/zarf/action.yaml | 2 +- .github/workflows/dependency-review.yaml | 2 +- .github/workflows/release.yaml | 2 +- .github/workflows/scan-codeql.yaml | 4 ++-- .github/workflows/scorecard.yaml | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/actions/zarf/action.yaml b/.github/actions/zarf/action.yaml index e6ec5fc..073361c 100644 --- a/.github/actions/zarf/action.yaml +++ b/.github/actions/zarf/action.yaml @@ -7,4 +7,4 @@ runs: - uses: defenseunicorns/setup-zarf@main with: # renovate: datasource=github-tags depName=defenseunicorns/zarf - version: v0.33.2 + version: v0.34.0 diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml index 6923fe4..7b289a7 100644 --- a/.github/workflows/dependency-review.yaml +++ b/.github/workflows/dependency-review.yaml @@ -12,4 +12,4 @@ jobs: uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Dependency Review - uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2 + uses: actions/dependency-review-action@72eb03d02c7872a771aacd928f3123ac62ad6d3a # v4.3.3 diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 277b37d..0619627 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -104,7 +104,7 @@ jobs: - name: Get Brew tap repo token id: brew-tap-token - uses: actions/create-github-app-token@a0de6af83968303c8c955486bf9739a57d23c7f1 # v1.10.0 + uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1 with: app-id: ${{ secrets.HOMEBREW_TAP_WORKFLOW_GITHUB_APP_ID }} private-key: ${{ secrets.HOMEBREW_TAP_WORKFLOW_GITHUB_APP_SECRET }} diff --git a/.github/workflows/scan-codeql.yaml b/.github/workflows/scan-codeql.yaml index 5ad7489..f9a9c68 100644 --- a/.github/workflows/scan-codeql.yaml +++ b/.github/workflows/scan-codeql.yaml @@ -45,7 +45,7 @@ jobs: run: make build-cli-linux-amd - name: Initialize CodeQL - uses: github/codeql-action/init@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6 + uses: github/codeql-action/init@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 env: CODEQL_EXTRACTOR_GO_BUILD_TRACING: on with: @@ -54,6 +54,6 @@ jobs: - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6 + uses: github/codeql-action/analyze@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index 55041bf..61afd07 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -45,6 +45,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: results.sarif