From 1463467c4494ad26f3a4500e8fbe81997145f4a9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 23 Nov 2023 20:04:36 +0000 Subject: [PATCH] Bump the github-actions group with 5 updates Bumps the github-actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.0` | `4.1.1` | | [actions/setup-node](https://github.com/actions/setup-node) | `3.8.1` | `4.0.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `5.0.0` | `5.1.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.2.0` | `2.3.1` | | [github/codeql-action](https://github.com/github/codeql-action) | `2.22.0` | `2.22.8` | Updates `actions/checkout` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11) Updates `actions/setup-node` from 3.8.1 to 4.0.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d...8f152de45cc393bb48ce5d89d36b731f54556e65) Updates `docker/build-push-action` from 5.0.0 to 5.1.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/0565240e2d4ab88bba5387d719585280857ece09...4a13e500e55cf31b7a5d59a38ab2040ab0f42f56) Updates `ossf/scorecard-action` from 2.2.0 to 2.3.1 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/08b4669551908b1024bb425080c797723083c031...0864cf19026789058feabb7e87baa5f140aac736) Updates `github/codeql-action` from 2.22.0 to 2.22.8 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/2cb752a87e96af96708ab57187ab6372ee1973ab...407ffafae6a767df3e0230c3df91b6443ae8df75) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/api.yml | 8 +++--- .github/workflows/benchmarks.yml | 4 +-- .github/workflows/build.yml | 46 +++++++++++++++--------------- .github/workflows/release.note.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/reviewdog.yml | 8 +++--- .github/workflows/scorecard.yml | 6 ++-- 7 files changed, 38 insertions(+), 38 deletions(-) diff --git a/.github/workflows/api.yml b/.github/workflows/api.yml index 2227d24f7..259cb686b 100644 --- a/.github/workflows/api.yml +++ b/.github/workflows/api.yml @@ -22,7 +22,7 @@ jobs: python: ['3.8'] version: ['tensorflow:tensorflow-io-nightly', 'tf-nightly:tensorflow-io', 'tf-nightly:tensorflow-io-nightly'] steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: ${{ matrix.python }} @@ -65,7 +65,7 @@ jobs: python: ['3.8'] version: ['tensorflow:tensorflow-io-nightly', 'tf-nightly:tensorflow-io', 'tf-nightly:tensorflow-io-nightly'] steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: ${{ matrix.python }} @@ -120,11 +120,11 @@ jobs: python: ['3.8'] version: ['tensorflow:tensorflow-io-nightly', 'tf-nightly:tensorflow-io', 'tf-nightly:tensorflow-io-nightly'] steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: ${{ matrix.python }} - - uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3.8.1 + - uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0 with: node-version: '8.x' - name: Setup Windows diff --git a/.github/workflows/benchmarks.yml b/.github/workflows/benchmarks.yml index 6707625bf..0fa4f6cf5 100644 --- a/.github/workflows/benchmarks.yml +++ b/.github/workflows/benchmarks.yml @@ -19,7 +19,7 @@ jobs: python: ['3.8'] version: ['tensorflow:tensorflow-io-nightly', 'tensorflow:tensorflow-io'] steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: ${{ matrix.python }} @@ -58,7 +58,7 @@ jobs: python: ['3.8'] version: ['tensorflow:tensorflow-io-nightly', 'tensorflow:tensorflow-io'] steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8194f0bb2..62d0239cd 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -20,7 +20,7 @@ jobs: name: Lint runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Run Lint Script for Bazel/Pyupgrade/Black/Clang run: | set -x -e @@ -32,7 +32,7 @@ jobs: name: Lint for Docs runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Run Lint Script for Docs run: | set -x -e @@ -54,7 +54,7 @@ jobs: name: macOS runs-on: macOS-11 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: GCP run: | cat > service_account_creds.json << EOF @@ -87,7 +87,7 @@ jobs: REPO_NAME: ${{ env.REPO_NAME }} EVENT_NAME: ${{ env.EVENT_NAME }} steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: GCP run: | cat > service_account_creds.json << EOF @@ -111,7 +111,7 @@ jobs: name: Bazel macOS arm64 runs-on: [self-hosted, macOS, ARM64] steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: GCP run: | cat > service_account_creds.json << EOF @@ -140,7 +140,7 @@ jobs: matrix: python: ['3.7', '3.8', '3.9', '3.10', '3.11'] steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ runner.os }}-arm64-bazel-bin @@ -177,7 +177,7 @@ jobs: name: Bazel macOS runs-on: macOS-11 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: GCP run: | cat > service_account_creds.json << EOF @@ -213,7 +213,7 @@ jobs: matrix: python: ['3.7', '3.8', '3.9', '3.10', '3.11'] steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ runner.os }}-bazel-bin @@ -254,7 +254,7 @@ jobs: matrix: python: ['3.8', '3.9'] steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ runner.os }}-${{ matrix.python }}-wheel @@ -296,7 +296,7 @@ jobs: REPO_NAME: ${{ env.REPO_NAME }} EVENT_NAME: ${{ env.EVENT_NAME }} steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: GCP run: | cat > service_account_creds.json << EOF @@ -327,7 +327,7 @@ jobs: matrix: python: ['3.7', '3.8', '3.9', '3.10', '3.11'] steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ runner.os }}-bazel-bin @@ -361,7 +361,7 @@ jobs: matrix: python: ['3.8', '3.9'] steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ runner.os }}-${{ matrix.python }}-wheel @@ -393,7 +393,7 @@ jobs: name: Bazel Windows runs-on: windows-2022 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: egor-tensin/vs-shell@9a932a62d05192eae18ca370155cf877eecc2202 # v2 with: arch: x64 @@ -440,7 +440,7 @@ jobs: matrix: python: ['3.7', '3.8', '3.9', '3.10', '3.11'] steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ runner.os }}-bazel-bin @@ -471,7 +471,7 @@ jobs: matrix: python: ['3.8', '3.9'] steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ runner.os }}-${{ matrix.python }}-wheel @@ -479,7 +479,7 @@ jobs: - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: ${{ matrix.python }} - - uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3.8.1 + - uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0 with: node-version: '8.x' - name: Setup ${{ matrix.python }} Windows @@ -641,7 +641,7 @@ jobs: needs: [lint, release] runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: tensorflow-io-release @@ -669,7 +669,7 @@ jobs: with: username: tfsigio password: ${{ secrets.DOCKER_PASSWORD }} - - uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 + - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 with: context: . push: true @@ -681,7 +681,7 @@ jobs: needs: [lint, linux-test, macos-test, windows-test] runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: 3.8 @@ -725,7 +725,7 @@ jobs: name: BUILD_NUMBER - uses: einaregilsson/build-number@46decf22c413b48c8923e98b2b5836f8aaf7781e # v3 - run: echo "Build number is $BUILD_NUMBER" - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ runner.os }}-bazel-bin @@ -772,7 +772,7 @@ jobs: name: BUILD_NUMBER - uses: einaregilsson/build-number@46decf22c413b48c8923e98b2b5836f8aaf7781e # v3 - run: echo "Build number is $BUILD_NUMBER" - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ runner.os }}-bazel-bin @@ -812,7 +812,7 @@ jobs: name: BUILD_NUMBER - uses: einaregilsson/build-number@46decf22c413b48c8923e98b2b5836f8aaf7781e # v3 - run: echo "Build number is $BUILD_NUMBER" - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2 with: name: ${{ runner.os }}-bazel-bin @@ -957,7 +957,7 @@ jobs: needs: [linux-nightly, macos-nightly, windows-nightly] runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4.7.1 with: python-version: 3.8 diff --git a/.github/workflows/release.note.yml b/.github/workflows/release.note.yml index 9069bac86..5bc084f74 100644 --- a/.github/workflows/release.note.yml +++ b/.github/workflows/release.note.yml @@ -16,7 +16,7 @@ jobs: name: README.md runs-on: ubuntu-latest steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 - run: git tag diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 477b60af9..8c26b70e1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -20,7 +20,7 @@ jobs: name: Release runs-on: ubuntu-latest steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: fetch-depth: 0 - run: | diff --git a/.github/workflows/reviewdog.yml b/.github/workflows/reviewdog.yml index 424383a37..ecdbfda06 100644 --- a/.github/workflows/reviewdog.yml +++ b/.github/workflows/reviewdog.yml @@ -16,7 +16,7 @@ jobs: name: Bazel Buildifier runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - run: | sudo python3 -m pip install -U numpy pip black pyupgrade bazel run -s --verbose_failures --experimental_repo_remote_exec //tools/lint:lint -- bazel @@ -28,7 +28,7 @@ jobs: name: Python Black runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - run: | sudo python3 -m pip install -U numpy pip black pyupgrade bazel run -s --verbose_failures --experimental_repo_remote_exec //tools/lint:lint -- black @@ -40,7 +40,7 @@ jobs: name: Clang Format runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - run: | sudo python3 -m pip install -U numpy pip black pyupgrade bazel run -s --verbose_failures --experimental_repo_remote_exec //tools/lint:lint -- clang @@ -52,7 +52,7 @@ jobs: name: Python Pyupgrade runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - run: | sudo python3 -m pip install -U numpy pip black pyupgrade bazel run -s --verbose_failures --experimental_repo_remote_exec //tools/lint:lint -- pyupgrade diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 4e0f26e27..2b9aa01cf 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -29,12 +29,12 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0 + uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 with: results_file: results.sarif results_format: sarif @@ -59,6 +59,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@2cb752a87e96af96708ab57187ab6372ee1973ab # v2.22.0 + uses: github/codeql-action/upload-sarif@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8 with: sarif_file: results.sarif