From 3664675594623fae4283faa29ca73cee2f463d6c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 4 Dec 2024 00:06:49 +0000
Subject: [PATCH 1/2] build(deps): Bump the github-actions group with 3 updates

Bumps the github-actions group with 3 updates: [google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials), [github/codeql-action](https://github.com/github/codeql-action) and [subosito/flutter-action](https://github.com/subosito/flutter-action).


Updates `google-github-actions/get-gke-credentials` from 2.2.2 to 2.3.0
- [Release notes](https://github.com/google-github-actions/get-gke-credentials/releases)
- [Changelog](https://github.com/google-github-actions/get-gke-credentials/blob/main/CHANGELOG.md)
- [Commits](https://github.com/google-github-actions/get-gke-credentials/compare/206d64b64b0eba0a6e2f25113d044c31776ca8d6...9025e8f90f2d8e0c3dafc3128cc705a26d992a6a)

Updates `github/codeql-action` from 3.27.5 to 3.27.6
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/f09c1c0a94de965c15400f5634aa42fac8fb8f88...aa578102511db1f4524ed59b8cc2bae4f6e88195)

Updates `subosito/flutter-action` from 2.17.0 to 2.18.0
- [Release notes](https://github.com/subosito/flutter-action/releases)
- [Commits](https://github.com/subosito/flutter-action/compare/74af56c5ed2697ba4621264652728e8d217e53d3...f2c4f6686ca8e8d6e6d0f28410eeef506ed66aff)

---
updated-dependencies:
- dependency-name: google-github-actions/get-gke-credentials
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: subosito/flutter-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/at_server_dev_deploy.yaml  | 2 +-
 .github/workflows/at_server_prod_deploy.yaml | 2 +-
 .github/workflows/codeql.yml                 | 6 +++---
 .github/workflows/melos_bootstrap.yaml       | 2 +-
 .github/workflows/scorecards.yml             | 2 +-
 5 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/at_server_dev_deploy.yaml b/.github/workflows/at_server_dev_deploy.yaml
index 20fecd102..48ac822f6 100644
--- a/.github/workflows/at_server_dev_deploy.yaml
+++ b/.github/workflows/at_server_dev_deploy.yaml
@@ -61,7 +61,7 @@ jobs:
           uses: google-github-actions/setup-gcloud@6189d56e4096ee891640bb02ac264be376592d6a # v2.1.2
 
         # Get the GKE credentials so we can deploy to the cluster
-        - uses: google-github-actions/get-gke-credentials@206d64b64b0eba0a6e2f25113d044c31776ca8d6 # v2.2.2
+        - uses: google-github-actions/get-gke-credentials@9025e8f90f2d8e0c3dafc3128cc705a26d992a6a # v2.3.0
           with:
             cluster_name: ${{ secrets.GKE_DEV_CLUSTER }}
             location: ${{ secrets.GKE_DEV_ZONE }}
diff --git a/.github/workflows/at_server_prod_deploy.yaml b/.github/workflows/at_server_prod_deploy.yaml
index 2ecc320e6..f53f3fab8 100644
--- a/.github/workflows/at_server_prod_deploy.yaml
+++ b/.github/workflows/at_server_prod_deploy.yaml
@@ -82,7 +82,7 @@ jobs:
         uses: google-github-actions/setup-gcloud@6189d56e4096ee891640bb02ac264be376592d6a # v2.1.2
 
       # Get the GKE credentials so we can deploy to the cluster
-      - uses: google-github-actions/get-gke-credentials@206d64b64b0eba0a6e2f25113d044c31776ca8d6 # v2.2.2
+      - uses: google-github-actions/get-gke-credentials@9025e8f90f2d8e0c3dafc3128cc705a26d992a6a # v2.3.0
         with:
           cluster_name: ${{ secrets.GKE_PROD_CLUSTER }}
           location: ${{ secrets.GKE_PROD_ZONE }}
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 68ee484a2..219ea20e1 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -50,7 +50,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
+        uses: github/codeql-action/init@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -60,7 +60,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
+        uses: github/codeql-action/autobuild@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -73,6 +73,6 @@ jobs:
       #   ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
+        uses: github/codeql-action/analyze@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
         with:
           category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/melos_bootstrap.yaml b/.github/workflows/melos_bootstrap.yaml
index 4c86ca544..4bb62bff4 100644
--- a/.github/workflows/melos_bootstrap.yaml
+++ b/.github/workflows/melos_bootstrap.yaml
@@ -19,7 +19,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-      - uses: subosito/flutter-action@74af56c5ed2697ba4621264652728e8d217e53d3 # v2.17.0
+      - uses: subosito/flutter-action@f2c4f6686ca8e8d6e6d0f28410eeef506ed66aff # v2.18.0
         with:
           channel: "stable"
       - name: flutter pub get
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index d9afeba4a..dd59e3e55 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -67,6 +67,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
+        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
         with:
           sarif_file: results.sarif

From d6a7e15d565f3c24382cedb27c065f013edb821f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 4 Dec 2024 00:12:00 +0000
Subject: [PATCH 2/2] build(deps): Bump the docker group across 4 directories
 with 2 updates

Bumps the docker group with 1 update in the /packages/at_root_server directory: dart.
Bumps the docker group with 1 update in the /tools/build_secondary directory: dart.
Bumps the docker group with 1 update in the /tools/build_virtual_environment/ve directory: dart.
Bumps the docker group with 2 updates in the /tools/build_virtual_environment/ve_base directory: dart and debian.


Updates `dart` from `6489a26` to `3f3877b`

Updates `dart` from `6489a26` to `3f3877b`

Updates `dart` from `6489a26` to `3f3877b`

Updates `dart` from `6489a26` to `3f3877b`

Updates `debian` from stable-20241111-slim to stable-20241202-slim

---
updated-dependencies:
- dependency-name: dart
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: docker
- dependency-name: dart
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: docker
- dependency-name: dart
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: docker
- dependency-name: dart
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: docker
- dependency-name: debian
  dependency-type: direct:production
  dependency-group: docker
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 packages/at_root_server/Dockerfile                 | 2 +-
 tools/build_secondary/Dockerfile                   | 2 +-
 tools/build_secondary/Dockerfile.observe           | 2 +-
 tools/build_virtual_environment/ve/Dockerfile.vip  | 2 +-
 tools/build_virtual_environment/ve_base/Dockerfile | 4 ++--
 5 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/packages/at_root_server/Dockerfile b/packages/at_root_server/Dockerfile
index 3ee200cf5..780d14b0d 100644
--- a/packages/at_root_server/Dockerfile
+++ b/packages/at_root_server/Dockerfile
@@ -1,4 +1,4 @@
-FROM dart:3.5.4@sha256:6489a269e878813bf5a8fe66256c1a3e552d3a3c53eef9c1b224e2d8d737ca6d AS buildimage
+FROM dart:3.5.4@sha256:3f3877b9a75a1695dd284151d2dab5787bc6cefd04313b6a8e0bee98230d347b AS buildimage
 ENV HOMEDIR=/atsign
 ENV BINARYDIR=/usr/local/at
 ENV USER_ID=1024
diff --git a/tools/build_secondary/Dockerfile b/tools/build_secondary/Dockerfile
index 54c081e66..8e7f74981 100644
--- a/tools/build_secondary/Dockerfile
+++ b/tools/build_secondary/Dockerfile
@@ -1,4 +1,4 @@
-FROM dart:3.5.4@sha256:6489a269e878813bf5a8fe66256c1a3e552d3a3c53eef9c1b224e2d8d737ca6d AS buildimage
+FROM dart:3.5.4@sha256:3f3877b9a75a1695dd284151d2dab5787bc6cefd04313b6a8e0bee98230d347b AS buildimage
 ENV HOMEDIR=/atsign
 ENV USER_ID=1024
 ENV GROUP_ID=1024
diff --git a/tools/build_secondary/Dockerfile.observe b/tools/build_secondary/Dockerfile.observe
index e0c3faf0c..eab1c40f2 100644
--- a/tools/build_secondary/Dockerfile.observe
+++ b/tools/build_secondary/Dockerfile.observe
@@ -1,4 +1,4 @@
-FROM dart:3.5.4@sha256:6489a269e878813bf5a8fe66256c1a3e552d3a3c53eef9c1b224e2d8d737ca6d AS buildimage
+FROM dart:3.5.4@sha256:3f3877b9a75a1695dd284151d2dab5787bc6cefd04313b6a8e0bee98230d347b AS buildimage
 ENV HOMEDIR=/atsign
 ENV USER_ID=1024
 ENV GROUP_ID=1024
diff --git a/tools/build_virtual_environment/ve/Dockerfile.vip b/tools/build_virtual_environment/ve/Dockerfile.vip
index 9645a5b77..660b4b35e 100644
--- a/tools/build_virtual_environment/ve/Dockerfile.vip
+++ b/tools/build_virtual_environment/ve/Dockerfile.vip
@@ -1,4 +1,4 @@
-FROM dart:3.5.4@sha256:6489a269e878813bf5a8fe66256c1a3e552d3a3c53eef9c1b224e2d8d737ca6d AS buildimage
+FROM dart:3.5.4@sha256:3f3877b9a75a1695dd284151d2dab5787bc6cefd04313b6a8e0bee98230d347b AS buildimage
 ENV USER_ID=1024
 ENV GROUP_ID=1024
 WORKDIR /app
diff --git a/tools/build_virtual_environment/ve_base/Dockerfile b/tools/build_virtual_environment/ve_base/Dockerfile
index 39aa6e997..9bc3cff9c 100644
--- a/tools/build_virtual_environment/ve_base/Dockerfile
+++ b/tools/build_virtual_environment/ve_base/Dockerfile
@@ -1,4 +1,4 @@
-FROM dart:3.5.4@sha256:6489a269e878813bf5a8fe66256c1a3e552d3a3c53eef9c1b224e2d8d737ca6d AS buildimage
+FROM dart:3.5.4@sha256:3f3877b9a75a1695dd284151d2dab5787bc6cefd04313b6a8e0bee98230d347b AS buildimage
 ENV USER_ID=1024
 ENV GROUP_ID=1024
 WORKDIR /app
@@ -17,7 +17,7 @@ RUN \
   dart pub update ; \
   dart compile exe bin/install_PKAM_Keys.dart -o install_PKAM_Keys
 
-FROM debian:stable-20241111-slim@sha256:32f6d6f046ee9b4c31b359e695a1f0174e85846148f058f3fecad9233e88ff6a
+FROM debian:stable-20241202-slim@sha256:4d63ef53faef7bd35c92fbefb1e9e2e7b6777e3cbec6c34f640e96b925e430eb
 # was debian:stable-20221114-slim
 USER root