From ee74104c7d441059b2ac8e04322910a3f714108f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 26 Feb 2024 11:28:33 +0000 Subject: [PATCH] chore: bump the all group with 9 updates Bumps the all group with 9 updates: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.6.1` | `2.7.0` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.0.0` | `4.1.3` | | [actions/setup-node](https://github.com/actions/setup-node) | `4.0.1` | `4.0.2` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.0` | `4.3.1` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4.1.1` | `4.1.2` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `5.0.2` | `6.0.0` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.16.1` | `0.17.0` | | [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `3.7.0` | `4.0.0` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `4.0.1` | `4.0.2` | Updates `step-security/harden-runner` from 2.6.1 to 2.7.0 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/v2.6.1...63c24ba6bd7ba022e95695ff85de572c04a18142) Updates `actions/dependency-review-action` from 4.0.0 to 4.1.3 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/4901385134134e04cec5fbe5ddfe3b2c5bd5d976...9129d7d40b8c12c1ed0f60400d00c92d437adcce) Updates `actions/setup-node` from 4.0.1 to 4.0.2 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8...60edb5dd545a775178f52524783378180af0d1f8) Updates `actions/upload-artifact` from 4.3.0 to 4.3.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/26f96dfa697d77e81fd5907df203aa23a56210a8...5d5d22a31266ced268874388b861e4b58bb5c2f3) Updates `actions/download-artifact` from 4.1.1 to 4.1.2 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/6b208ae046db98c579e8a3aa621ab581ff575935...eaceaf801fd36c7dee90939fad912460b18a1ffe) Updates `peter-evans/create-pull-request` from 5.0.2 to 6.0.0 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/v5.0.2...b1ddad2c994a25fbc81a28b3ec0e368bb2021c50) Updates `aquasecurity/trivy-action` from 0.16.1 to 0.17.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/d43c1f16c00cfd3978dde6c07f4bbcf9eb6993ca...84384bd6e777ef152729993b8145ea352e9dd3ef) Updates `golangci/golangci-lint-action` from 3.7.0 to 4.0.0 - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](https://github.com/golangci/golangci-lint-action/compare/3a919529898de77ec3da873e3063ca4b10e7f5cc...3cfe3a4abbb849e10058ce4af15d205b6da42804) Updates `codecov/codecov-action` from 4.0.1 to 4.0.2 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/e0b68c6749509c5f83f984dd99a76a1c1a231044...0cfda1dd0a4ad9efc75517f399d859cd1ea4ced1) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] --- .github/workflows/dep-review.yaml | 2 +- .github/workflows/deploy_docs.yaml | 2 +- .github/workflows/e2e-build.yaml | 8 ++++---- .github/workflows/e2e-test.yaml | 4 ++-- .github/workflows/patch-docs.yaml | 4 ++-- .github/workflows/scan-images.yaml | 6 +++--- .github/workflows/scorecard.yml | 2 +- .github/workflows/test.yaml | 10 +++++----- 8 files changed, 19 insertions(+), 19 deletions(-) diff --git a/.github/workflows/dep-review.yaml b/.github/workflows/dep-review.yaml index 0cc1b0674c..f01dff4cc5 100644 --- a/.github/workflows/dep-review.yaml +++ b/.github/workflows/dep-review.yaml @@ -17,4 +17,4 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 - name: 'Dependency Review' - uses: actions/dependency-review-action@4901385134134e04cec5fbe5ddfe3b2c5bd5d976 + uses: actions/dependency-review-action@9129d7d40b8c12c1ed0f60400d00c92d437adcce diff --git a/.github/workflows/deploy_docs.yaml b/.github/workflows/deploy_docs.yaml index 01c1ef1060..96544fd3a2 100644 --- a/.github/workflows/deploy_docs.yaml +++ b/.github/workflows/deploy_docs.yaml @@ -35,7 +35,7 @@ jobs: egress-policy: audit - name: Setup Node - uses: actions/setup-node@b39b52d1213e96004bfcb1c61a8a6fa8ab84f3e8 # v4.0.1 + uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 with: node-version: 20.x diff --git a/.github/workflows/e2e-build.yaml b/.github/workflows/e2e-build.yaml index 9462e61c2c..9d2a892ce4 100644 --- a/.github/workflows/e2e-build.yaml +++ b/.github/workflows/e2e-build.yaml @@ -45,7 +45,7 @@ jobs: - name: Build remover run: 'make docker-build-remover OUTPUT_TYPE=type=oci,dest=./${REMOVER_REPO}_${REMOVER_TAG}.tar,name=${REMOVER_REPO}:${REMOVER_TAG}' - name: Upload Build Artifacts - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 with: name: ${{ inputs.bucket-id }}-remover path: remover_test.tar @@ -87,7 +87,7 @@ jobs: - name: Build trivy-scanner run: 'make docker-build-trivy-scanner OUTPUT_TYPE=type=oci,dest=./${TRIVY_SCANNER_REPO}_${TRIVY_SCANNER_TAG}.tar,name=${TRIVY_SCANNER_REPO}:${TRIVY_SCANNER_TAG}' - name: Upload Build Artifacts - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 with: name: ${{ inputs.bucket-id }}-scanner path: scanner_test.tar @@ -129,7 +129,7 @@ jobs: - name: Build manager run: 'make docker-build-manager OUTPUT_TYPE=type=oci,dest=./${MANAGER_REPO}_${MANAGER_TAG}.tar,name=${MANAGER_REPO}:${MANAGER_TAG}' - name: Upload Build Artifacts - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 with: name: ${{ inputs.bucket-id }}-manager path: manager_test.tar @@ -171,7 +171,7 @@ jobs: - name: Build collector run: 'make docker-build-collector OUTPUT_TYPE=type=oci,dest=./${COLLECTOR_REPO}_${COLLECTOR_TAG}.tar,name=${COLLECTOR_REPO}:${COLLECTOR_TAG}' - name: Upload Build Artifacts - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 with: name: ${{ inputs.bucket-id }}-collector path: collector_test.tar diff --git a/.github/workflows/e2e-test.yaml b/.github/workflows/e2e-test.yaml index c90ee1260b..0c3c800934 100644 --- a/.github/workflows/e2e-test.yaml +++ b/.github/workflows/e2e-test.yaml @@ -53,7 +53,7 @@ jobs: - name: Check out code into the Go module directory uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Fetch Build Artifacts - uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 + uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2 with: pattern: ${{ inputs.bucket-id }}-* path: ${{ github.workspace }}/images @@ -101,7 +101,7 @@ jobs: KUBERNETES_VERSION=${{ matrix.KUBERNETES_VERSION }} \ E2E_TESTS=${{ matrix.E2E_TEST }} - name: Upload artifacts - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 if: always() with: name: test_logs diff --git a/.github/workflows/patch-docs.yaml b/.github/workflows/patch-docs.yaml index 021fefe3af..33ec17a1ea 100644 --- a/.github/workflows/patch-docs.yaml +++ b/.github/workflows/patch-docs.yaml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0 with: egress-policy: audit @@ -41,7 +41,7 @@ jobs: run: make patch-version-docs NEWVERSION=v${MAJOR_VERSION}.${MINOR_VERSION}.x TAG=v${TAG} OLDVERSION=v${MAJOR_VERSION}.${MINOR_VERSION}.$((PATCH_VERSION-1)) - name: Create release pull request - uses: peter-evans/create-pull-request@153407881ec5c347639a548ade7d8ad1d6740e38 # v5.0.2 + uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 # v6.0.0 with: commit-message: "chore: Patch docs for ${{ env.TAG }} release" title: "chore: Patch docs for ${{ env.TAG }} release" diff --git a/.github/workflows/scan-images.yaml b/.github/workflows/scan-images.yaml index 3e9da5c372..43e7f8daff 100644 --- a/.github/workflows/scan-images.yaml +++ b/.github/workflows/scan-images.yaml @@ -51,7 +51,7 @@ jobs: make ${{ matrix.data.build_cmd }} VERSION=${{ env.TAG }} ${{ matrix.data.repo_environment_var }}=${{ env.REGISTRY }}/${{ matrix.data.image }} - name: Scan for vulnerabilities - uses: aquasecurity/trivy-action@d43c1f16c00cfd3978dde6c07f4bbcf9eb6993ca # 0.16.1 + uses: aquasecurity/trivy-action@84384bd6e777ef152729993b8145ea352e9dd3ef # 0.17.0 with: image-ref: ${{ env.REGISTRY }}/${{ matrix.data.image }}:${{ env.TAG }} vuln-type: 'os,library' @@ -59,7 +59,7 @@ jobs: format: 'sarif' output: ${{ matrix.data.image }}-results.sarif - - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 + - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 with: name: ${{ matrix.data.image }} Scan Results path: ${{ matrix.data.image }}-results.sarif @@ -83,7 +83,7 @@ jobs: with: egress-policy: audit - - uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 + - uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2 with: name: ${{ matrix.image }} Scan Results path: ${{ matrix.image }}-results.sarif diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 07ba66808d..6e7a5bb340 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -57,7 +57,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 with: name: SARIF file path: results.sarif diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 0c19b90a79..2c79fcebba 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -55,26 +55,26 @@ jobs: go-version: "1.21" check-latest: true - name: lint manager - uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # v3.7.0 + uses: golangci/golangci-lint-action@3cfe3a4abbb849e10058ce4af15d205b6da42804 # v4.0.0 with: version: latest args: --timeout=10m - name: lint remover - uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # v3.7.0 + uses: golangci/golangci-lint-action@3cfe3a4abbb849e10058ce4af15d205b6da42804 # v4.0.0 with: version: latest working-directory: pkg/remover skip-pkg-cache: true args: --timeout=10m - name: lint collector - uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # v3.7.0 + uses: golangci/golangci-lint-action@3cfe3a4abbb849e10058ce4af15d205b6da42804 # v4.0.0 with: version: latest working-directory: pkg/collector skip-pkg-cache: true args: --timeout=10m - name: lint trivvy scanner - uses: golangci/golangci-lint-action@3a919529898de77ec3da873e3063ca4b10e7f5cc # v3.7.0 + uses: golangci/golangci-lint-action@3cfe3a4abbb849e10058ce4af15d205b6da42804 # v4.0.0 with: version: latest working-directory: pkg/scanners/trivy @@ -108,7 +108,7 @@ jobs: - name: Unit test run: make test - name: Codecov upload - uses: codecov/codecov-action@e0b68c6749509c5f83f984dd99a76a1c1a231044 + uses: codecov/codecov-action@0cfda1dd0a4ad9efc75517f399d859cd1ea4ced1 with: flags: unittests file: ./cover.out