From 64d285f79043e5768a9d6046f81df5d8779fd4c6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 10 Oct 2023 17:27:52 +0000 Subject: [PATCH 1/6] Bump dotnet/sdk from 6.0.412 to 6.0.415 Bumps dotnet/sdk from 6.0.412 to 6.0.415. --- updated-dependencies: - dependency-name: dotnet/sdk dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 5f9e4c84..73d3a7fb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,7 +9,7 @@ RUN set -xe \ && apt-get install -y --no-install-recommends curl jq \ && apt-get clean && rm -rf /var/lib/apt/lists/* -FROM mcr.microsoft.com/dotnet/sdk:6.0.412 AS build +FROM mcr.microsoft.com/dotnet/sdk:6.0.415 AS build WORKDIR /source # Restore From a2088626e49ed983991c95b66abae026cf847b43 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 10 Oct 2023 17:27:31 +0000 Subject: [PATCH 2/6] Bump dotnet/aspnet from 6.0.20 to 6.0.23 Bumps dotnet/aspnet from 6.0.20 to 6.0.23. --- updated-dependencies: - dependency-name: dotnet/aspnet dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 73d3a7fb..3d9b6ee1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # Contrast Security, Inc licenses this file to you under the Apache 2.0 License. # See the LICENSE file in the project root for more information. -FROM mcr.microsoft.com/dotnet/aspnet:6.0.20 AS base +FROM mcr.microsoft.com/dotnet/aspnet:6.0.23 AS base # To aid in debugging. RUN set -xe \ From 30f427f168ac84e81dff34543b1d48fc27ea41b3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Sep 2023 17:18:30 +0000 Subject: [PATCH 3/6] Bump docker/login-action from 2 to 3 Bumps [docker/login-action](https://github.com/docker/login-action) from 2 to 3. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v2...v3) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/pipeline.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml index 1f8a5956..8dc8a430 100644 --- a/.github/workflows/pipeline.yml +++ b/.github/workflows/pipeline.yml @@ -56,7 +56,7 @@ jobs: with: install: true version: latest - - uses: docker/login-action@v2 + - uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} @@ -185,7 +185,7 @@ jobs: - uses: actions/checkout@v3 with: submodules: true - - uses: docker/login-action@v2 + - uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} @@ -333,7 +333,7 @@ jobs: steps: - uses: actions/checkout@v3 - name: Login (GitHub) - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} @@ -376,18 +376,18 @@ jobs: steps: - uses: actions/checkout@v3 - name: Login (GitHub) - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Login (Dockerhub) - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PAT }} - name: Login (Quay) - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: quay.io username: ${{ secrets.QUAY_USERNAME }} From 7d64c2e4b11b3d61fb166ff9639c60a1ff3c0763 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Sep 2023 17:18:27 +0000 Subject: [PATCH 4/6] Bump docker/setup-buildx-action from 2 to 3 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2 to 3. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v2...v3) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml index 8dc8a430..2c4c7f74 100644 --- a/.github/workflows/pipeline.yml +++ b/.github/workflows/pipeline.yml @@ -51,7 +51,7 @@ jobs: - uses: actions/checkout@v3 with: submodules: true - - uses: docker/setup-buildx-action@v2 + - uses: docker/setup-buildx-action@v3 id: buildx with: install: true From 54db3dd5ba68d8e751cc6ffc5ddb3c7593140b40 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Sep 2023 17:18:24 +0000 Subject: [PATCH 5/6] Bump docker/metadata-action from 4 to 5 Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 4 to 5. - [Release notes](https://github.com/docker/metadata-action/releases) - [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md) - [Commits](https://github.com/docker/metadata-action/compare/v4...v5) --- updated-dependencies: - dependency-name: docker/metadata-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/pipeline.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml index 2c4c7f74..7f155316 100644 --- a/.github/workflows/pipeline.yml +++ b/.github/workflows/pipeline.yml @@ -63,7 +63,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Docker Meta id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: ${{ env.IMAGE_NAME }} tags: | @@ -340,7 +340,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Docker Meta id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: ${{ env.IMAGE_NAME }} tags: | @@ -394,7 +394,7 @@ jobs: password: ${{ secrets.QUAY_PASSWORD }} - name: Docker Meta id: dockerhub-meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: | docker.io/contrast/agent-operator From 9fb7f85605e0aad1fb13003d55570e54b2af76ea Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Sep 2023 17:18:20 +0000 Subject: [PATCH 6/6] Bump docker/build-push-action from 4 to 5 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4 to 5. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v4...v5) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml index 7f155316..00205ffd 100644 --- a/.github/workflows/pipeline.yml +++ b/.github/workflows/pipeline.yml @@ -71,7 +71,7 @@ jobs: type=raw,value=pr-artifact,enable=${{ github.event_name == 'pull_request' }} type=raw,value=dispatch-artifact,enable=${{ github.event_name == 'workflow_dispatch' }} type=raw,value=release-artifact,enable=${{ needs.generate-version.outputs.version != '0.0.1' }} - - uses: docker/build-push-action@v4 + - uses: docker/build-push-action@v5 id: build with: file: Dockerfile