Skip to content

Commit ecdd308

Browse files
dependabot[bot]J12934
dependabot[bot]
authored and
J12934
committed
Bump the github-actions-version-updates group across 1 directory with 6 updates
Bumps the github-actions-version-updates group with 6 updates in the /.github/workflows directory: | Package | From | To | | --- | --- | --- | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `5.0.0` | `6.0.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `6.0.0` | `7.0.0` | | [actions/cache](https://github.com/actions/cache) | `4.3.0` | `5.0.1` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.31.7` | `4.31.8` | | [mikefarah/yq](https://github.com/mikefarah/yq) | `4.49.2` | `4.50.1` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `7.0.11` | `8.0.0` | Updates `actions/upload-artifact` from 5.0.0 to 6.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@330a01c...b7c566a) Updates `actions/download-artifact` from 6.0.0 to 7.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@018cc2c...37930b1) Updates `actions/cache` from 4.3.0 to 5.0.1 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@0057852...9255dc7) Updates `github/codeql-action` from 4.31.7 to 4.31.8 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@cf1bb45...1b168cd) Updates `mikefarah/yq` from 4.49.2 to 4.50.1 - [Release notes](https://github.com/mikefarah/yq/releases) - [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt) - [Commits](mikefarah/yq@7ccaf8e...065b200) Updates `peter-evans/create-pull-request` from 7.0.11 to 8.0.0 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@22a9089...98357b1) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-version-updates - dependency-name: actions/download-artifact dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-version-updates - dependency-name: actions/cache dependency-version: 5.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-version-updates - dependency-name: github/codeql-action dependency-version: 4.31.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-version-updates - dependency-name: mikefarah/yq dependency-version: 4.50.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-version-updates - dependency-name: peter-evans/create-pull-request dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-version-updates ... Signed-off-by: dependabot[bot] <support@github.com>
1 parent be44675 commit ecdd308

5 files changed

Lines changed: 40 additions & 40 deletions

File tree

.github/workflows/ci.yaml

Lines changed: 31 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -78,25 +78,25 @@ jobs:
7878
chmod +x ./task
7979
8080
- name: Archive Kind
81-
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
81+
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
8282
with:
8383
name: kind
8484
path: ./kind
8585

8686
- name: Archive Kubectl
87-
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
87+
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
8888
with:
8989
name: kubectl
9090
path: ./kubectl
9191

9292
- name: Archive Helm
93-
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
93+
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
9494
with:
9595
name: helm
9696
path: ./linux-amd64/helm
9797

9898
- name: Archive Task
99-
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
99+
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
100100
with:
101101
name: task
102102
path: ./task
@@ -113,7 +113,7 @@ jobs:
113113
steps:
114114
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
115115
- name: Download Helm
116-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
116+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
117117
with:
118118
name: helm
119119
path: ./helm
@@ -131,7 +131,7 @@ jobs:
131131
helm plugin install https://github.com/helm-unittest/helm-unittest.git --version ${{ env.HELM_PLUGIN_UNITTEST_VERSION }} --verify=false
132132
133133
- name: Download Task
134-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
134+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
135135
with:
136136
name: task
137137
path: ./task
@@ -161,13 +161,13 @@ jobs:
161161
java-package: jdk # (jre, jdk, or jdk+fx) - defaults to jdk
162162
architecture: x64 # (x64 or x86) - defaults to x64
163163
- name: Cache SonarCloud packages
164-
uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
164+
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
165165
with:
166166
path: ~/.sonar/cache
167167
key: ${{ runner.os }}-sonar
168168
restore-keys: ${{ runner.os }}-sonar
169169
- name: Cache Gradle packages
170-
uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
170+
uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
171171
with:
172172
path: ~/.gradle/caches
173173
key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle') }}
@@ -217,7 +217,7 @@ jobs:
217217
run: make docker-export-${{ matrix.component }}
218218

219219
- name: Upload Image As Artifact
220-
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
220+
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
221221
with:
222222
name: ${{ matrix.component }}-image
223223
path: ./operator/${{ matrix.component }}.tar
@@ -256,7 +256,7 @@ jobs:
256256
run: make docker-export
257257

258258
- name: Upload Image As Artifact
259-
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
259+
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
260260
with:
261261
name: auto-discovery-image
262262
path: ./auto-discovery/kubernetes/auto-discovery-kubernetes.tar
@@ -284,7 +284,7 @@ jobs:
284284
go vet ./...
285285
286286
- name: Download Task
287-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
287+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
288288
with:
289289
name: task
290290
path: ./task
@@ -294,19 +294,19 @@ jobs:
294294
chmod +x ./task/task && sudo mv ./task/task /usr/local/bin/task
295295
296296
- name: Download Kind
297-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
297+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
298298
with:
299299
name: kind
300300
path: ./kind
301301

302302
- name: Download Kubectl
303-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
303+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
304304
with:
305305
name: kubectl
306306
path: ./kubectl
307307

308308
- name: Download Helm
309-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
309+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
310310
with:
311311
name: helm
312312
path: ./helm
@@ -336,7 +336,7 @@ jobs:
336336
run: task docker-export
337337

338338
- name: Upload Image As Artifact
339-
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
339+
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
340340
with:
341341
name: auto-discovery-pull-secret-extractor
342342
path: ./auto-discovery/kubernetes/pull-secret-extractor/auto-discovery-secret-extractor.tar
@@ -389,7 +389,7 @@ jobs:
389389
run: make docker-export
390390

391391
- name: Upload Image As Artifact
392-
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
392+
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
393393
with:
394394
name: auto-discovery-cloud-aws-image
395395
path: ./auto-discovery/cloud-aws/auto-discovery-cloud-aws.tar
@@ -418,7 +418,7 @@ jobs:
418418
run: make docker-export-sdk
419419

420420
- name: Upload Artifact
421-
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
421+
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
422422
with:
423423
name: ${{ matrix.sdk }}-image
424424
path: ./${{ matrix.sdk }}/nodejs/${{ matrix.sdk }}.tar
@@ -463,7 +463,7 @@ jobs:
463463
uses: oven-sh/setup-bun@735343b667d3e6f658f44d0eca948eb6282f2b76 # v2.0.2
464464

465465
- name: Download Task
466-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
466+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
467467
with:
468468
name: task
469469
path: ./task
@@ -473,19 +473,19 @@ jobs:
473473
chmod +x ./task/task && sudo mv ./task/task /usr/local/bin/task
474474
475475
- name: Download Kind
476-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
476+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
477477
with:
478478
name: kind
479479
path: ./kind
480480

481481
- name: Download Kubectl
482-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
482+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
483483
with:
484484
name: kubectl
485485
path: ./kubectl
486486

487487
- name: Download Helm
488-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
488+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
489489
with:
490490
name: helm
491491
path: ./helm
@@ -513,7 +513,7 @@ jobs:
513513
run: task test:unit
514514

515515
- name: Download Parser SDK Image
516-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
516+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
517517
with:
518518
name: parser-sdk-image
519519
path: /tmp
@@ -524,7 +524,7 @@ jobs:
524524
docker images | grep sdk
525525
526526
- name: Download Operator Image
527-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
527+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
528528
with:
529529
name: operator-image
530530
path: ./operator
@@ -535,7 +535,7 @@ jobs:
535535
docker images | grep operator
536536
537537
- name: Download Lurker Image
538-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
538+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
539539
with:
540540
name: lurker-image
541541
path: ./operator
@@ -622,7 +622,7 @@ jobs:
622622
uses: oven-sh/setup-bun@735343b667d3e6f658f44d0eca948eb6282f2b76 # v2.0.2
623623

624624
- name: Download Task
625-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
625+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
626626
with:
627627
name: task
628628
path: ./task
@@ -632,19 +632,19 @@ jobs:
632632
chmod +x ./task/task && sudo mv ./task/task /usr/local/bin/task
633633
634634
- name: Download Kind
635-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
635+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
636636
with:
637637
name: kind
638638
path: ./kind
639639

640640
- name: Download Kubectl
641-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
641+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
642642
with:
643643
name: kubectl
644644
path: ./kubectl
645645

646646
- name: Download Helm
647-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
647+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
648648
with:
649649
name: helm
650650
path: ./helm
@@ -666,7 +666,7 @@ jobs:
666666
run: task test:unit
667667

668668
- name: Download Parser SDK Image
669-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
669+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
670670
with:
671671
name: hook-sdk-image
672672
path: /tmp
@@ -677,7 +677,7 @@ jobs:
677677
docker images | grep sdk
678678
679679
- name: Download Operator Image
680-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
680+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
681681
with:
682682
name: operator-image
683683
path: ./operator
@@ -688,7 +688,7 @@ jobs:
688688
docker images | grep operator
689689
690690
- name: Download Lurker Image
691-
uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
691+
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
692692
with:
693693
name: lurker-image
694694
path: ./operator

.github/workflows/mega-linter.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -57,7 +57,7 @@ jobs:
5757
# Upload MegaLinter artifacts
5858
- name: Archive production artifacts
5959
if: ${{ success() }} || ${{ failure() }}
60-
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
60+
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
6161
with:
6262
name: MegaLinter reports
6363
path: |

.github/workflows/oss-scorecard.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -33,6 +33,6 @@ jobs:
3333

3434
# Upload the results to GitHub's code scanning dashboard.
3535
- name: "Upload to code-scanning"
36-
uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
36+
uses: github/codeql-action/upload-sarif@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8
3737
with:
3838
sarif_file: results.sarif

.github/workflows/release-build.yaml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -425,15 +425,15 @@ jobs:
425425
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
426426

427427
- name: Set ENV Var with Scanner Version
428-
uses: mikefarah/yq@7ccaf8e700ce99eb3f0f6cef7f5930a0b3c827cd # v4.49.2
428+
uses: mikefarah/yq@065b200af9851db0d5132f50bc10b1406ea5c0a8 # v4.50.1
429429
# Notice: The current version of the scanner is provided via the Chart.yaml to ensure
430430
# there is only one place to edit the version of a scanner
431431
with:
432432
cmd: echo scannerVersion=$(yq e .appVersion scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV
433433

434434
# extract the supported cpu architectures from the Chart.yaml
435435
- name: Set ENV Var with Supported Platforms
436-
uses: mikefarah/yq@7ccaf8e700ce99eb3f0f6cef7f5930a0b3c827cd # v4.49.2
436+
uses: mikefarah/yq@065b200af9851db0d5132f50bc10b1406ea5c0a8 # v4.50.1
437437
with:
438438
cmd: echo supportedPlatforms=$(yq e .annotations.supported-platforms scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV
439439

@@ -555,7 +555,7 @@ jobs:
555555
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
556556

557557
- name: Set ENV Var with Demo-Target Version
558-
uses: mikefarah/yq@7ccaf8e700ce99eb3f0f6cef7f5930a0b3c827cd # v4.49.2
558+
uses: mikefarah/yq@065b200af9851db0d5132f50bc10b1406ea5c0a8 # v4.50.1
559559
# Notice: The current version of the demo-target is provided via the Chart.yaml to ensure
560560
# there is only one place to edit the version of a scanner
561561
with:

.github/workflows/scb-bot.yaml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -61,14 +61,14 @@ jobs:
6161
# Fetching scanner version from local chart .appVersion attribute
6262
# this would look like 1.1.1 or v1.1.1 depending on the corresponding Docker image tag
6363
- name: Fetch local scanner version
64-
uses: mikefarah/yq@7ccaf8e700ce99eb3f0f6cef7f5930a0b3c827cd # v4.49.2
64+
uses: mikefarah/yq@065b200af9851db0d5132f50bc10b1406ea5c0a8 # v4.50.1
6565
with:
6666
cmd: echo local=$(yq e .appVersion scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV
6767

6868
# Fetching scanner version API from local chart .annotations.versionApi attribute
6969
# This would look like https://api.github.com/repos/projectdiscovery/nuclei/releases/latest
7070
- name: Fetch scanner's version API
71-
uses: mikefarah/yq@7ccaf8e700ce99eb3f0f6cef7f5930a0b3c827cd # v4.49.2
71+
uses: mikefarah/yq@065b200af9851db0d5132f50bc10b1406ea5c0a8 # v4.50.1
7272
with:
7373
cmd: echo versionApi=$(yq e .annotations.versionApi scanners/${{ matrix.scanner }}/Chart.yaml) >> $GITHUB_ENV
7474

@@ -143,7 +143,7 @@ jobs:
143143
144144
- name: Upgrade Scanner Helm Chart
145145
if: ${{ env.release != env.local && env.prExists == 0 && env.release != null}}
146-
uses: mikefarah/yq@7ccaf8e700ce99eb3f0f6cef7f5930a0b3c827cd # v4.49.2
146+
uses: mikefarah/yq@065b200af9851db0d5132f50bc10b1406ea5c0a8 # v4.50.1
147147
with:
148148
# appVersion value in chart is replaced with release value. Empty lines are deleted in the process
149149
cmd: yq e --inplace '.appVersion = "${{env.release}}"' ./scanners/${{ matrix.scanner }}/Chart.yaml
@@ -189,7 +189,7 @@ jobs:
189189
190190
- name: Create Pull Request
191191
if: ${{ env.release != env.local && env.prExists == 0 && env.release != null }}
192-
uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7.0.11
192+
uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725 # v8.0.0
193193
with:
194194
token: ${{ secrets.SCB_BOT_USER_TOKEN }}
195195
committer: secureCodeBoxBot <securecodebox@iteratec.com>

0 commit comments

Comments
 (0)