From 13b65e255c7dd115670f6ac3c1c6c2ba11a1ca41 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 6 Mar 2024 07:53:52 +0000 Subject: [PATCH] Bump cloudposse/github-action-matrix-outputs-write from 0.5.0 to 1.0.0 (#3343) * Bump peter-evans/create-pull-request Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 6.0.0 to 6.0.1. - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/b1ddad2c994a25fbc81a28b3ec0e368bb2021c50...a4f52f8033a6168103c2538976c07b467e8163bc) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] * Bump cloudposse/github-action-matrix-outputs-write from 0.5.0 to 1.0.0 Bumps [cloudposse/github-action-matrix-outputs-write](https://github.com/cloudposse/github-action-matrix-outputs-write) from 0.5.0 to 1.0.0. - [Release notes](https://github.com/cloudposse/github-action-matrix-outputs-write/releases) - [Commits](https://github.com/cloudposse/github-action-matrix-outputs-write/compare/e90c7018e27e1c9466e0fa3cfe64720d9969ffca...ed06cf3a6bf23b8dce36d1cf0d63123885bb8375) --- updated-dependencies: - dependency-name: cloudposse/github-action-matrix-outputs-write dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] * add trivy ignore --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Anthony Britton --- .github/actions/create-signed-pull-request/action.yml | 2 +- .github/workflows/build.yml | 4 ++-- projects/accredited-programmes-and-oasys/.trivyignore | 2 ++ projects/approved-premises-and-delius/.trivyignore | 3 ++- projects/approved-premises-and-oasys/.trivyignore | 3 ++- projects/arns-and-delius/.trivyignore | 2 ++ projects/assessment-summary-and-delius/.trivyignore | 2 ++ projects/cas2-and-delius/.trivyignore | 2 ++ projects/cas3-and-delius/.trivyignore | 3 ++- projects/court-case-and-delius/.trivyignore | 3 ++- projects/create-and-vary-a-licence-and-delius/.trivyignore | 3 ++- projects/custody-key-dates-and-delius/.trivyignore | 3 ++- projects/domain-events-and-delius/.trivyignore | 3 ++- projects/dps-and-delius/.trivyignore | 2 ++ projects/effective-proposal-framework-and-delius/.trivyignore | 3 ++- projects/external-api-and-delius/.trivyignore | 3 ++- projects/hdc-licences-and-delius/.trivyignore | 3 ++- projects/hmpps-auth-and-delius/.trivyignore | 3 ++- projects/make-recall-decisions-and-delius/.trivyignore | 3 ++- projects/manage-offences-and-delius/.trivyignore | 3 ++- projects/manage-pom-cases-and-delius/.trivyignore | 3 ++- projects/manage-supervision-and-delius/.trivyignore | 2 ++ projects/manage-supervision-and-oasys/.trivyignore | 2 ++ projects/oasys-and-delius/.trivyignore | 2 ++ projects/offender-events-and-delius/.trivyignore | 3 ++- projects/opd-and-delius/.trivyignore | 2 ++ projects/pathfinder-and-delius/.trivyignore | 3 ++- projects/pre-sentence-reports-to-delius/.trivyignore | 3 ++- projects/prison-case-notes-to-probation/.trivyignore | 2 ++ projects/prison-custody-status-to-delius/.trivyignore | 3 ++- projects/prison-education-and-delius/.trivyignore | 3 ++- projects/prison-identifier-and-delius/.trivyignore | 2 ++ projects/prisoner-profile-and-delius/.trivyignore | 2 ++ projects/refer-and-monitor-and-delius/.trivyignore | 3 ++- projects/resettlement-passport-and-delius/.trivyignore | 3 ++- projects/risk-assessment-scores-to-delius/.trivyignore | 3 ++- projects/sentence-plan-and-delius/.trivyignore | 3 ++- projects/sentence-plan-and-oasys/.trivyignore | 3 ++- projects/soc-and-delius/.trivyignore | 3 ++- projects/tier-to-delius/.trivyignore | 3 ++- projects/unpaid-work-and-delius/.trivyignore | 3 ++- projects/workforce-allocations-to-delius/.trivyignore | 3 ++- 42 files changed, 83 insertions(+), 31 deletions(-) diff --git a/.github/actions/create-signed-pull-request/action.yml b/.github/actions/create-signed-pull-request/action.yml index 0dc00e74fc..b73cb0825c 100644 --- a/.github/actions/create-signed-pull-request/action.yml +++ b/.github/actions/create-signed-pull-request/action.yml @@ -60,7 +60,7 @@ runs: - name: Create pull request id: pr - uses: peter-evans/create-pull-request@b1ddad2c994a25fbc81a28b3ec0e368bb2021c50 #v6.0.0 + uses: peter-evans/create-pull-request@a4f52f8033a6168103c2538976c07b467e8163bc #v6.0.1 with: add-paths: ${{ inputs.add-paths }} author: ${{ inputs.committer }} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index aaacb4da02..fae043abad 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -113,7 +113,7 @@ jobs: run: echo "changes=$(find changed -mindepth 1 -maxdepth 1 -printf "%f\n" | jq --raw-input . | jq --slurp --compact-output .)" | tee -a "$GITHUB_OUTPUT" - name: Output changes - uses: cloudposse/github-action-matrix-outputs-write@e90c7018e27e1c9466e0fa3cfe64720d9969ffca # v0.5.0 + uses: cloudposse/github-action-matrix-outputs-write@ed06cf3a6bf23b8dce36d1cf0d63123885bb8375 # v1 with: matrix-step-name: output-changes matrix-key: ${{ matrix.project }} @@ -155,7 +155,7 @@ jobs: force-deploy: ${{ inputs.force-deploy }} - name: Output changes - uses: cloudposse/github-action-matrix-outputs-write@e90c7018e27e1c9466e0fa3cfe64720d9969ffca # v0.5.0 + uses: cloudposse/github-action-matrix-outputs-write@ed06cf3a6bf23b8dce36d1cf0d63123885bb8375 # v1 with: matrix-step-name: output-changes matrix-key: ${{ matrix.project }} diff --git a/projects/accredited-programmes-and-oasys/.trivyignore b/projects/accredited-programmes-and-oasys/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/accredited-programmes-and-oasys/.trivyignore +++ b/projects/accredited-programmes-and-oasys/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/approved-premises-and-delius/.trivyignore b/projects/approved-premises-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/approved-premises-and-delius/.trivyignore +++ b/projects/approved-premises-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/approved-premises-and-oasys/.trivyignore b/projects/approved-premises-and-oasys/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/approved-premises-and-oasys/.trivyignore +++ b/projects/approved-premises-and-oasys/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/arns-and-delius/.trivyignore b/projects/arns-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/arns-and-delius/.trivyignore +++ b/projects/arns-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/assessment-summary-and-delius/.trivyignore b/projects/assessment-summary-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/assessment-summary-and-delius/.trivyignore +++ b/projects/assessment-summary-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/cas2-and-delius/.trivyignore b/projects/cas2-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/cas2-and-delius/.trivyignore +++ b/projects/cas2-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/cas3-and-delius/.trivyignore b/projects/cas3-and-delius/.trivyignore index d3f5a12faa..0637e626d4 100644 --- a/projects/cas3-and-delius/.trivyignore +++ b/projects/cas3-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/court-case-and-delius/.trivyignore b/projects/court-case-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/court-case-and-delius/.trivyignore +++ b/projects/court-case-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/create-and-vary-a-licence-and-delius/.trivyignore b/projects/create-and-vary-a-licence-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/create-and-vary-a-licence-and-delius/.trivyignore +++ b/projects/create-and-vary-a-licence-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/custody-key-dates-and-delius/.trivyignore b/projects/custody-key-dates-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/custody-key-dates-and-delius/.trivyignore +++ b/projects/custody-key-dates-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/domain-events-and-delius/.trivyignore b/projects/domain-events-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/domain-events-and-delius/.trivyignore +++ b/projects/domain-events-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/dps-and-delius/.trivyignore b/projects/dps-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/dps-and-delius/.trivyignore +++ b/projects/dps-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/effective-proposal-framework-and-delius/.trivyignore b/projects/effective-proposal-framework-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/effective-proposal-framework-and-delius/.trivyignore +++ b/projects/effective-proposal-framework-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/external-api-and-delius/.trivyignore b/projects/external-api-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/external-api-and-delius/.trivyignore +++ b/projects/external-api-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/hdc-licences-and-delius/.trivyignore b/projects/hdc-licences-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/hdc-licences-and-delius/.trivyignore +++ b/projects/hdc-licences-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/hmpps-auth-and-delius/.trivyignore b/projects/hmpps-auth-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/hmpps-auth-and-delius/.trivyignore +++ b/projects/hmpps-auth-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/make-recall-decisions-and-delius/.trivyignore b/projects/make-recall-decisions-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/make-recall-decisions-and-delius/.trivyignore +++ b/projects/make-recall-decisions-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/manage-offences-and-delius/.trivyignore b/projects/manage-offences-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/manage-offences-and-delius/.trivyignore +++ b/projects/manage-offences-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/manage-pom-cases-and-delius/.trivyignore b/projects/manage-pom-cases-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/manage-pom-cases-and-delius/.trivyignore +++ b/projects/manage-pom-cases-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/manage-supervision-and-delius/.trivyignore b/projects/manage-supervision-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/manage-supervision-and-delius/.trivyignore +++ b/projects/manage-supervision-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/manage-supervision-and-oasys/.trivyignore b/projects/manage-supervision-and-oasys/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/manage-supervision-and-oasys/.trivyignore +++ b/projects/manage-supervision-and-oasys/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/oasys-and-delius/.trivyignore b/projects/oasys-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/oasys-and-delius/.trivyignore +++ b/projects/oasys-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/offender-events-and-delius/.trivyignore b/projects/offender-events-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/offender-events-and-delius/.trivyignore +++ b/projects/offender-events-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/opd-and-delius/.trivyignore b/projects/opd-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/opd-and-delius/.trivyignore +++ b/projects/opd-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/pathfinder-and-delius/.trivyignore b/projects/pathfinder-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/pathfinder-and-delius/.trivyignore +++ b/projects/pathfinder-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/pre-sentence-reports-to-delius/.trivyignore b/projects/pre-sentence-reports-to-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/pre-sentence-reports-to-delius/.trivyignore +++ b/projects/pre-sentence-reports-to-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/prison-case-notes-to-probation/.trivyignore b/projects/prison-case-notes-to-probation/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/prison-case-notes-to-probation/.trivyignore +++ b/projects/prison-case-notes-to-probation/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/prison-custody-status-to-delius/.trivyignore b/projects/prison-custody-status-to-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/prison-custody-status-to-delius/.trivyignore +++ b/projects/prison-custody-status-to-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/prison-education-and-delius/.trivyignore b/projects/prison-education-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/prison-education-and-delius/.trivyignore +++ b/projects/prison-education-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/prison-identifier-and-delius/.trivyignore b/projects/prison-identifier-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/prison-identifier-and-delius/.trivyignore +++ b/projects/prison-identifier-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/prisoner-profile-and-delius/.trivyignore b/projects/prisoner-profile-and-delius/.trivyignore index e69de29bb2..7635dc6eb4 100644 --- a/projects/prisoner-profile-and-delius/.trivyignore +++ b/projects/prisoner-profile-and-delius/.trivyignore @@ -0,0 +1,2 @@ +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/refer-and-monitor-and-delius/.trivyignore b/projects/refer-and-monitor-and-delius/.trivyignore index 8b13789179..7635dc6eb4 100644 --- a/projects/refer-and-monitor-and-delius/.trivyignore +++ b/projects/refer-and-monitor-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 \ No newline at end of file diff --git a/projects/resettlement-passport-and-delius/.trivyignore b/projects/resettlement-passport-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/resettlement-passport-and-delius/.trivyignore +++ b/projects/resettlement-passport-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/risk-assessment-scores-to-delius/.trivyignore b/projects/risk-assessment-scores-to-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/risk-assessment-scores-to-delius/.trivyignore +++ b/projects/risk-assessment-scores-to-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/sentence-plan-and-delius/.trivyignore b/projects/sentence-plan-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/sentence-plan-and-delius/.trivyignore +++ b/projects/sentence-plan-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/sentence-plan-and-oasys/.trivyignore b/projects/sentence-plan-and-oasys/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/sentence-plan-and-oasys/.trivyignore +++ b/projects/sentence-plan-and-oasys/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/soc-and-delius/.trivyignore b/projects/soc-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/soc-and-delius/.trivyignore +++ b/projects/soc-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/tier-to-delius/.trivyignore b/projects/tier-to-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/tier-to-delius/.trivyignore +++ b/projects/tier-to-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/unpaid-work-and-delius/.trivyignore b/projects/unpaid-work-and-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/unpaid-work-and-delius/.trivyignore +++ b/projects/unpaid-work-and-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06 diff --git a/projects/workforce-allocations-to-delius/.trivyignore b/projects/workforce-allocations-to-delius/.trivyignore index 8b13789179..ae5217c5ac 100644 --- a/projects/workforce-allocations-to-delius/.trivyignore +++ b/projects/workforce-allocations-to-delius/.trivyignore @@ -1 +1,2 @@ - +# low risk - not using jgit +CVE-2023-4759 exp:2024-04-06