From 8adea3a61178ca26466b1e56d8aed0b5377a6893 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 19 Jul 2024 04:57:54 +0000 Subject: [PATCH] chore(deps): bump the github-actions-dependencies group across 1 directory with 2 updates Bumps the github-actions-dependencies group with 2 updates in the / directory: [hoverkraft-tech/ci-github-common](https://github.com/hoverkraft-tech/ci-github-common) and [github/codeql-action](https://github.com/github/codeql-action). Updates `hoverkraft-tech/ci-github-common` from 0.13.3 to 0.14.0 - [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases) - [Commits](https://github.com/hoverkraft-tech/ci-github-common/compare/0.13.3...0.14.0) Updates `github/codeql-action` from 3.25.10 to 3.25.12 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3.25.10...v3.25.12) --- updated-dependencies: - dependency-name: hoverkraft-tech/ci-github-common dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-dependencies - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-dependencies ... Signed-off-by: dependabot[bot] Signed-off-by: Emilien Escalle --- .github/dependabot.template.yml | 37 ----------- .github/dependabot.yml | 61 +++---------------- .../__generate-dependabot-config.yml | 17 ------ .github/workflows/__greetings.yml | 2 +- .github/workflows/__main-ci.yml | 2 +- .github/workflows/__need-fix-to-issue.yml | 2 +- .github/workflows/__shared-ci.yml | 2 +- .github/workflows/__stale.yml | 2 +- .github/workflows/continuous-integration.yml | 14 ++--- 9 files changed, 21 insertions(+), 118 deletions(-) delete mode 100644 .github/dependabot.template.yml delete mode 100644 .github/workflows/__generate-dependabot-config.yml diff --git a/.github/dependabot.template.yml b/.github/dependabot.template.yml deleted file mode 100644 index 6b425a6..0000000 --- a/.github/dependabot.template.yml +++ /dev/null @@ -1,37 +0,0 @@ -version: 2 -updates: - - package-ecosystem: docker - open-pull-requests-limit: 20 - directory: "/" - schedule: - interval: weekly - day: friday - time: "04:00" - groups: - docker-dependencies: - patterns: - - "*" - - - package-ecosystem: github-actions - directory: "/" - open-pull-requests-limit: 20 - schedule: - interval: weekly - day: friday - time: "04:00" - groups: - github-actions-dependencies: - patterns: - - "*" - - - package-ecosystem: github-actions - directory: "/actions/**/action.yml" - open-pull-requests-limit: 20 - schedule: - interval: weekly - day: friday - time: "04:00" - groups: - github-actions-dependencies: - patterns: - - "*" diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 469799b..6e9dac8 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,70 +1,27 @@ -# This file was generated by the "Generate Dependabot Glob" action. Do not edit it directly. -# Make changes to `.github/dependabot.template.yml` and a PR will be automatically created. version: 2 updates: - package-ecosystem: docker open-pull-requests-limit: 20 - directory: / + directory: "/" schedule: interval: weekly day: friday - time: '04:00' + time: "04:00" groups: docker-dependencies: patterns: - - '*' + - "*" + - package-ecosystem: github-actions - directory: / open-pull-requests-limit: 20 + directories: + - "/" + - "/actions/**/*" schedule: interval: weekly day: friday - time: '04:00' + time: "04:00" groups: github-actions-dependencies: patterns: - - '*' - - package-ecosystem: github-actions - directory: /actions/dependencies-cache - open-pull-requests-limit: 20 - schedule: - interval: weekly - day: friday - time: '04:00' - groups: - github-actions-dependencies: - patterns: - - '*' - - package-ecosystem: github-actions - directory: /actions/get-package-manager - open-pull-requests-limit: 20 - schedule: - interval: weekly - day: friday - time: '04:00' - groups: - github-actions-dependencies: - patterns: - - '*' - - package-ecosystem: github-actions - directory: /actions/has-installed-dependencies - open-pull-requests-limit: 20 - schedule: - interval: weekly - day: friday - time: '04:00' - groups: - github-actions-dependencies: - patterns: - - '*' - - package-ecosystem: github-actions - directory: /actions/setup-node - open-pull-requests-limit: 20 - schedule: - interval: weekly - day: friday - time: '04:00' - groups: - github-actions-dependencies: - patterns: - - '*' + - "*" diff --git a/.github/workflows/__generate-dependabot-config.yml b/.github/workflows/__generate-dependabot-config.yml deleted file mode 100644 index 25a5df7..0000000 --- a/.github/workflows/__generate-dependabot-config.yml +++ /dev/null @@ -1,17 +0,0 @@ -name: Internal - Generate dependabot.yml config - -on: - push: - branches: - - main - -permissions: - contents: read - -jobs: - generate-dependabot-config: - uses: hoverkraft-tech/ci-github-common/.github/workflows/generate-dependabot-config.yml@0.13.3 - with: - github-app-id: ${{ vars.CI_BOT_APP_ID }} - secrets: - github-app-key: ${{ secrets.CI_BOT_APP_PRIVATE_KEY }} diff --git a/.github/workflows/__greetings.yml b/.github/workflows/__greetings.yml index 9e95695..3591848 100644 --- a/.github/workflows/__greetings.yml +++ b/.github/workflows/__greetings.yml @@ -13,4 +13,4 @@ permissions: jobs: greetings: - uses: hoverkraft-tech/ci-github-common/.github/workflows/greetings.yml@0.13.3 + uses: hoverkraft-tech/ci-github-common/.github/workflows/greetings.yml@0.14.0 diff --git a/.github/workflows/__main-ci.yml b/.github/workflows/__main-ci.yml index 7a75c77..ecb6ca9 100644 --- a/.github/workflows/__main-ci.yml +++ b/.github/workflows/__main-ci.yml @@ -25,7 +25,7 @@ jobs: release: needs: ci - uses: hoverkraft-tech/ci-github-common/.github/workflows/release-actions.yml@0.13.3 + uses: hoverkraft-tech/ci-github-common/.github/workflows/release-actions.yml@0.14.0 with: update-all: ${{ (github.event_name == 'push' && startsWith(github.ref, 'refs/tags/')) || github.event_name == 'workflow_dispatch' }} github-app-id: ${{ vars.CI_BOT_APP_ID }} diff --git a/.github/workflows/__need-fix-to-issue.yml b/.github/workflows/__need-fix-to-issue.yml index 3f62217..1ea39a8 100644 --- a/.github/workflows/__need-fix-to-issue.yml +++ b/.github/workflows/__need-fix-to-issue.yml @@ -20,7 +20,7 @@ permissions: jobs: main: - uses: hoverkraft-tech/ci-github-common/.github/workflows/need-fix-to-issue.yml@0.13.3 + uses: hoverkraft-tech/ci-github-common/.github/workflows/need-fix-to-issue.yml@0.14.0 with: manual-commit-ref: ${{ inputs.manual-commit-ref }} manual-base-ref: ${{ inputs.manual-base-ref }} diff --git a/.github/workflows/__shared-ci.yml b/.github/workflows/__shared-ci.yml index f6b20fd..3b1d124 100644 --- a/.github/workflows/__shared-ci.yml +++ b/.github/workflows/__shared-ci.yml @@ -12,7 +12,7 @@ permissions: jobs: linter: - uses: hoverkraft-tech/ci-github-common/.github/workflows/linter.yml@0.13.3 + uses: hoverkraft-tech/ci-github-common/.github/workflows/linter.yml@0.14.0 test-action-get-package-manager: name: Test action "get-package-manager" diff --git a/.github/workflows/__stale.yml b/.github/workflows/__stale.yml index 84ad862..5c586d3 100644 --- a/.github/workflows/__stale.yml +++ b/.github/workflows/__stale.yml @@ -10,4 +10,4 @@ permissions: jobs: main: - uses: hoverkraft-tech/ci-github-common/.github/workflows/stale.yml@0.13.3 + uses: hoverkraft-tech/ci-github-common/.github/workflows/stale.yml@0.14.0 diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml index cd58bed..a4b387a 100644 --- a/.github/workflows/continuous-integration.yml +++ b/.github/workflows/continuous-integration.yml @@ -56,11 +56,11 @@ jobs: security-events: write runs-on: "ubuntu-latest" steps: - - uses: hoverkraft-tech/ci-github-common/actions/checkout@0.13.3 - - uses: github/codeql-action/init@v3.25.10 + - uses: hoverkraft-tech/ci-github-common/actions/checkout@0.14.0 + - uses: github/codeql-action/init@v3.25.12 with: languages: ${{ inputs.code-ql }} - - uses: github/codeql-action/analyze@v3.25.10 + - uses: github/codeql-action/analyze@v3.25.12 setup: name: ⚙️ Setup @@ -75,7 +75,7 @@ jobs: steps: # FIXME: This is a workaround for having workflow ref. See https://github.com/orgs/community/discussions/38659 # jscpd:ignore-start - - uses: hoverkraft-tech/ci-github-common/actions/checkout@0.13.3 + - uses: hoverkraft-tech/ci-github-common/actions/checkout@0.14.0 - id: oidc uses: ChristopherHX/oidc@v3 @@ -147,7 +147,7 @@ jobs: id-token: write steps: # FIXME: This is a workaround for having workflow ref. See https://github.com/orgs/community/discussions/38659 - - uses: hoverkraft-tech/ci-github-common/actions/checkout@0.13.3 + - uses: hoverkraft-tech/ci-github-common/actions/checkout@0.14.0 - id: oidc uses: ChristopherHX/oidc@v3 @@ -181,7 +181,7 @@ jobs: id-token: write steps: # FIXME: This is a workaround for having workflow ref. See https://github.com/orgs/community/discussions/38659 - - uses: hoverkraft-tech/ci-github-common/actions/checkout@0.13.3 + - uses: hoverkraft-tech/ci-github-common/actions/checkout@0.14.0 if: needs.setup.outputs.build-commands - id: oidc @@ -242,7 +242,7 @@ jobs: id-token: write steps: # FIXME: This is a workaround for having workflow ref. See https://github.com/orgs/community/discussions/38659 - - uses: hoverkraft-tech/ci-github-common/actions/checkout@0.13.3 + - uses: hoverkraft-tech/ci-github-common/actions/checkout@0.14.0 - if: needs.setup.outputs.build-artifact uses: actions/download-artifact@v4