diff --git a/.github/actions/create-signed-pull-request/action.yml b/.github/actions/create-signed-pull-request/action.yml index 0dc00e74fc..b73cb0825c 100644 --- a/.github/actions/create-signed-pull-request/action.yml +++ b/.github/actions/create-signed-pull-request/action.yml @@ -60,7 +60,7 @@ runs: - name: Create pull request id: pr - uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 #v6.0.0 + uses: peter-evans/create-pull-request@a4f52f8033a6168103c2538976c07b467e8163bc #v6.0.1 with: add-paths: ${{ inputs.add-paths }} author: ${{ inputs.committer }} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index aaacb4da02..fae043abad 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -113,7 +113,7 @@ jobs: run: echo "changes=$(find changed -mindepth 1 -maxdepth 1 -printf "%f\n" | jq --raw-input . | jq --slurp --compact-output .)" | tee -a "$GITHUB_OUTPUT" - name: Output changes - uses: cloudposse/github-action-matrix-outputs-write@e90c7018e27e1c9466e0fa3cfe64720d9969ffca # v0.5.0 + uses: cloudposse/github-action-matrix-outputs-write@ed06cf3a6bf23b8dce36d1cf0d63123885bb8375 # v1 with: matrix-step-name: output-changes matrix-key: ${{ matrix.project }} @@ -155,7 +155,7 @@ jobs: force-deploy: ${{ inputs.force-deploy }} - name: Output changes - uses: cloudposse/github-action-matrix-outputs-write@e90c7018e27e1c9466e0fa3cfe64720d9969ffca # v0.5.0 + uses: cloudposse/github-action-matrix-outputs-write@ed06cf3a6bf23b8dce36d1cf0d63123885bb8375 # v1 with: matrix-step-name: output-changes matrix-key: ${{ matrix.project }} diff --git a/projects/accredited-programmes-and-oasys/.trivyignore b/projects/accredited-programmes-and-oasys/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/accredited-programmes-and-oasys/.trivyignore +++ b/projects/accredited-programmes-and-oasys/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/approved-premises-and-delius/.trivyignore b/projects/approved-premises-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/approved-premises-and-delius/.trivyignore +++ b/projects/approved-premises-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/approved-premises-and-oasys/.trivyignore b/projects/approved-premises-and-oasys/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/approved-premises-and-oasys/.trivyignore +++ b/projects/approved-premises-and-oasys/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/arns-and-delius/.trivyignore b/projects/arns-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/arns-and-delius/.trivyignore +++ b/projects/arns-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/assessment-summary-and-delius/.trivyignore b/projects/assessment-summary-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/assessment-summary-and-delius/.trivyignore +++ b/projects/assessment-summary-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/cas2-and-delius/.trivyignore b/projects/cas2-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/cas2-and-delius/.trivyignore +++ b/projects/cas2-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/cas3-and-delius/.trivyignore b/projects/cas3-and-delius/.trivyignore index d3f5a12faa..0637e626d4 100644 --- a/projects/cas3-and-delius/.trivyignore +++ b/projects/cas3-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/court-case-and-delius/.trivyignore b/projects/court-case-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/court-case-and-delius/.trivyignore +++ b/projects/court-case-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/create-and-vary-a-licence-and-delius/.trivyignore b/projects/create-and-vary-a-licence-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/create-and-vary-a-licence-and-delius/.trivyignore +++ b/projects/create-and-vary-a-licence-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/custody-key-dates-and-delius/.trivyignore b/projects/custody-key-dates-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/custody-key-dates-and-delius/.trivyignore +++ b/projects/custody-key-dates-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/domain-events-and-delius/.trivyignore b/projects/domain-events-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/domain-events-and-delius/.trivyignore +++ b/projects/domain-events-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/dps-and-delius/.trivyignore b/projects/dps-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/dps-and-delius/.trivyignore +++ b/projects/dps-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/effective-proposal-framework-and-delius/.trivyignore b/projects/effective-proposal-framework-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/effective-proposal-framework-and-delius/.trivyignore +++ b/projects/effective-proposal-framework-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/external-api-and-delius/.trivyignore b/projects/external-api-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/external-api-and-delius/.trivyignore +++ b/projects/external-api-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/hdc-licences-and-delius/.trivyignore b/projects/hdc-licences-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/hdc-licences-and-delius/.trivyignore +++ b/projects/hdc-licences-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/hmpps-auth-and-delius/.trivyignore b/projects/hmpps-auth-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/hmpps-auth-and-delius/.trivyignore +++ b/projects/hmpps-auth-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/make-recall-decisions-and-delius/.trivyignore b/projects/make-recall-decisions-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/make-recall-decisions-and-delius/.trivyignore +++ b/projects/make-recall-decisions-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/manage-offences-and-delius/.trivyignore b/projects/manage-offences-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/manage-offences-and-delius/.trivyignore +++ b/projects/manage-offences-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/manage-pom-cases-and-delius/.trivyignore b/projects/manage-pom-cases-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/manage-pom-cases-and-delius/.trivyignore +++ b/projects/manage-pom-cases-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/manage-supervision-and-delius/.trivyignore b/projects/manage-supervision-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/manage-supervision-and-delius/.trivyignore +++ b/projects/manage-supervision-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/manage-supervision-and-oasys/.trivyignore b/projects/manage-supervision-and-oasys/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/manage-supervision-and-oasys/.trivyignore +++ b/projects/manage-supervision-and-oasys/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/oasys-and-delius/.trivyignore b/projects/oasys-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/oasys-and-delius/.trivyignore +++ b/projects/oasys-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/offender-events-and-delius/.trivyignore b/projects/offender-events-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/offender-events-and-delius/.trivyignore +++ b/projects/offender-events-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/opd-and-delius/.trivyignore b/projects/opd-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/opd-and-delius/.trivyignore +++ b/projects/opd-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/pathfinder-and-delius/.trivyignore b/projects/pathfinder-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/pathfinder-and-delius/.trivyignore +++ b/projects/pathfinder-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/pre-sentence-reports-to-delius/.trivyignore b/projects/pre-sentence-reports-to-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/pre-sentence-reports-to-delius/.trivyignore +++ b/projects/pre-sentence-reports-to-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/prison-case-notes-to-probation/.trivyignore b/projects/prison-case-notes-to-probation/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/prison-case-notes-to-probation/.trivyignore +++ b/projects/prison-case-notes-to-probation/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/prison-custody-status-to-delius/.trivyignore b/projects/prison-custody-status-to-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/prison-custody-status-to-delius/.trivyignore +++ b/projects/prison-custody-status-to-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/prison-education-and-delius/.trivyignore b/projects/prison-education-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/prison-education-and-delius/.trivyignore +++ b/projects/prison-education-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/prison-identifier-and-delius/.trivyignore b/projects/prison-identifier-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/prison-identifier-and-delius/.trivyignore +++ b/projects/prison-identifier-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/prisoner-profile-and-delius/.trivyignore b/projects/prisoner-profile-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/prisoner-profile-and-delius/.trivyignore +++ b/projects/prisoner-profile-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/refer-and-monitor-and-delius/.trivyignore b/projects/refer-and-monitor-and-delius/.trivyignore index 8b13789179..7635dc6eb4 100644 --- a/projects/refer-and-monitor-and-delius/.trivyignore +++ b/projects/refer-and-monitor-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/resettlement-passport-and-delius/.trivyignore b/projects/resettlement-passport-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/resettlement-passport-and-delius/.trivyignore +++ b/projects/resettlement-passport-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/risk-assessment-scores-to-delius/.trivyignore b/projects/risk-assessment-scores-to-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/risk-assessment-scores-to-delius/.trivyignore +++ b/projects/risk-assessment-scores-to-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/sentence-plan-and-delius/.trivyignore b/projects/sentence-plan-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/sentence-plan-and-delius/.trivyignore +++ b/projects/sentence-plan-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/sentence-plan-and-oasys/.trivyignore b/projects/sentence-plan-and-oasys/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/sentence-plan-and-oasys/.trivyignore +++ b/projects/sentence-plan-and-oasys/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/soc-and-delius/.trivyignore b/projects/soc-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/soc-and-delius/.trivyignore +++ b/projects/soc-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/tier-to-delius/.trivyignore b/projects/tier-to-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/tier-to-delius/.trivyignore +++ b/projects/tier-to-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/unpaid-work-and-delius/.trivyignore b/projects/unpaid-work-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/unpaid-work-and-delius/.trivyignore +++ b/projects/unpaid-work-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/workforce-allocations-to-delius/.trivyignore b/projects/workforce-allocations-to-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/workforce-allocations-to-delius/.trivyignore +++ b/projects/workforce-allocations-to-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06