From 7ee9d2c8a95b6db7399e9516ec0977ee28a65392 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 20 May 2024 13:51:18 +0000
Subject: [PATCH] chore(workflows): update github actions (#1261)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
[](https://renovatebot.com)
This PR contains the following updates:
| Package | Type | Update | Change | OpenSSF |
|---|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.4` -> `v4.1.6` | [](https://securityscorecards.dev/viewer/?uri=github.com/actions/checkout)
|
| [chromaui/action](https://togithub.com/chromaui/action) | action |
digest | `3dcb663` -> `a7f65ed` | [](https://securityscorecards.dev/viewer/?uri=github.com/chromaui/action)
|
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | digest | `d39d31e` -> `b7cec75` | [](https://securityscorecards.dev/viewer/?uri=github.com/github/codeql-action)
|
|
[tj-actions/verify-changed-files](https://togithub.com/tj-actions/verify-changed-files)
| action | digest | `ab87580` -> `6ed7632` | [](https://securityscorecards.dev/viewer/?uri=github.com/tj-actions/verify-changed-files)
|
---
### Release Notes
actions/checkout (actions/checkout)
###
[`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416)
[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6)
- Check platform to set archive extension appropriately by
[@cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1732](https://togithub.com/actions/checkout/pull/1732)
###
[`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5)
[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5)
#### What's Changed
- Update NPM dependencies by
[@cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703)
- Bump github/codeql-action from 2 to 3 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694)
- Bump actions/setup-node from 1 to 4 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696)
- Bump actions/upload-artifact from 2 to 4 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695)
- README: Suggest `user.email` to be
`41898282+github-actions[bot]@users.noreply.github.com` by
[@cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707)
**Full Changelog**:
https://github.com/actions/checkout/compare/v4.1.4...v4.1.5
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
♻ **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.
---
- [ ] If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/weareinreach/InReach).
Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
.github/workflows/cache.yml | 2 +-
.github/workflows/chromatic.yml | 4 ++--
.github/workflows/codeql.yml | 6 +++---
.github/workflows/crowdin.yml | 6 +++---
.github/workflows/labels.yml | 2 +-
.github/workflows/lint.yml | 2 +-
.github/workflows/nextjs_bundle_analysis.yml | 2 +-
.github/workflows/njsscan.yml | 4 ++--
8 files changed, 14 insertions(+), 14 deletions(-)
diff --git a/.github/workflows/cache.yml b/.github/workflows/cache.yml
index 4474544e02..701fdd6bf8 100644
--- a/.github/workflows/cache.yml
+++ b/.github/workflows/cache.yml
@@ -9,7 +9,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: ⤵️ Check out code
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+ uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- name: '🧹 Cleanup'
run: |
diff --git a/.github/workflows/chromatic.yml b/.github/workflows/chromatic.yml
index d259f88494..e55d84881f 100644
--- a/.github/workflows/chromatic.yml
+++ b/.github/workflows/chromatic.yml
@@ -29,7 +29,7 @@ jobs:
run:
working-directory: packages/ui
steps:
- - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+ - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
with:
fetch-depth: 0
- uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0
@@ -50,7 +50,7 @@ jobs:
# 👇 Runs Chromatic CLI in ./packages/ui
- name: Publish to Chromatic
- uses: chromaui/action@3dcb6636a4f8eed347ef6214f5d74d2b5fee45e4 # v11
+ uses: chromaui/action@a7f65ed179bcbe19fd793367d699f43e0f0540a7 # v11
with:
workingDir: packages/ui
projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }}
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 762b0bcbfa..1eb8e8fbf3 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -23,8 +23,8 @@ jobs:
security-events: write
steps:
- name: ⤵️ Check out code from GitHub
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+ uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- name: 🏗 Initialize CodeQL
- uses: github/codeql-action/init@d39d31e687223d841ef683f52467bd88e9b21c14 # v3
+ uses: github/codeql-action/init@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3
- name: 🚀 Perform CodeQL Analysis
- uses: github/codeql-action/analyze@d39d31e687223d841ef683f52467bd88e9b21c14 # v3
+ uses: github/codeql-action/analyze@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3
diff --git a/.github/workflows/crowdin.yml b/.github/workflows/crowdin.yml
index afa840a9a2..038a636a0f 100644
--- a/.github/workflows/crowdin.yml
+++ b/.github/workflows/crowdin.yml
@@ -32,7 +32,7 @@ jobs:
HUSKY: 0
steps:
- name: Checkout
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+ uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- name: Import GPG key
id: import_gpg
@@ -97,7 +97,7 @@ jobs:
- name: Check for updated files
if: (github.event_name != 'pull_request' && github.ref_name == 'dev') || github.event_name == 'scheduled'
- uses: tj-actions/verify-changed-files@ab875806658e59162bc5f42e4df5c2d4682c459e # v20
+ uses: tj-actions/verify-changed-files@6ed7632824d235029086612d4330d659005af687 # v20
id: verify-changed-files
with:
files: '**/locales/*/*.json'
@@ -114,7 +114,7 @@ jobs:
- name: Get files to commit
if: steps.run-prettier.conclusion == 'success'
- uses: tj-actions/verify-changed-files@ab875806658e59162bc5f42e4df5c2d4682c459e # v20
+ uses: tj-actions/verify-changed-files@6ed7632824d235029086612d4330d659005af687 # v20
id: get-pending-files
with:
separator:
diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml
index ae00d80d17..e1b8e4fc80 100644
--- a/.github/workflows/labels.yml
+++ b/.github/workflows/labels.yml
@@ -14,7 +14,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: ⤵️ Check out code from GitHub
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+ uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- name: 🚀 Run Label Syncer
uses: micnncim/action-label-syncer@3abd5ab72fda571e69fffd97bd4e0033dd5f495c # v1.3.0
env:
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index de58df348a..b4694b8375 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -18,7 +18,7 @@ jobs:
steps:
# Setup steps
- name: Checkout
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+ uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
with:
ref: ${{ github.head_ref }}
diff --git a/.github/workflows/nextjs_bundle_analysis.yml b/.github/workflows/nextjs_bundle_analysis.yml
index 1c299cb64c..b552921064 100644
--- a/.github/workflows/nextjs_bundle_analysis.yml
+++ b/.github/workflows/nextjs_bundle_analysis.yml
@@ -32,7 +32,7 @@ jobs:
HUSKY: 0
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+ - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0
name: Install pnpm
diff --git a/.github/workflows/njsscan.yml b/.github/workflows/njsscan.yml
index 7a8e3bbc46..a3cc0961f6 100644
--- a/.github/workflows/njsscan.yml
+++ b/.github/workflows/njsscan.yml
@@ -30,13 +30,13 @@ jobs:
name: njsscan code scanning
steps:
- name: ⤵️ Check out code from GitHub
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+ uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- name: 🧐 nodejsscan scan
id: njsscan
uses: ajinabraham/njsscan-action@74e5a58c1edb363b84c9ddd626b0e22f038ac09e
with:
args: '. --sarif --output results.sarif || true'
- name: Upload njsscan report
- uses: github/codeql-action/upload-sarif@d39d31e687223d841ef683f52467bd88e9b21c14 # v3
+ uses: github/codeql-action/upload-sarif@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3
with:
sarif_file: results.sarif