From 43bebd9ef6bdcd6cad77f751f69a8a46622f5466 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 28 Aug 2023 11:45:47 +0200 Subject: [PATCH] chore: bump actions/checkout from 3.5.3 to 3.6.0 (#5493) Bumps [actions/checkout](https://github.com/actions/checkout) from 3.5.3 to 3.6.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/c85c95e3d7251135ab7dc9ce3241c5835cc595a9...f43a0e5ff2bd294095638e18286ca9a3d1956744) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 12 ++++++------ .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/coverage.yaml | 2 +- .github/workflows/jekyll-gh-pages.yml | 2 +- .github/workflows/nightly.yml | 6 +++--- .github/workflows/pipenv-update.yml | 2 +- .github/workflows/pr-test.yml | 12 ++++++------ .github/workflows/security-shared.yml | 6 +++--- 8 files changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 90e32be5164..0c53262ca5f 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -48,7 +48,7 @@ jobs: os: [ubuntu-latest, macos-latest, windows-latest] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4 with: python-version: ${{ matrix.python }} @@ -94,7 +94,7 @@ jobs: prisma-tests: runs-on: [ self-hosted, public, linux, x64 ] steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4 with: python-version: 3.7 @@ -123,7 +123,7 @@ jobs: timeout-minutes: 30 runs-on: ubuntu-latest steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Set up Python 3.7 uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4 with: @@ -158,7 +158,7 @@ jobs: id-token: write timeout-minutes: 30 steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: token: ${{ secrets.GH_PAT_SECRET }} - name: Import GPG key @@ -305,7 +305,7 @@ jobs: needs: bump-version environment: release steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Get release version id: versions run: | @@ -327,7 +327,7 @@ jobs: runs-on: [self-hosted, public, linux, x64] environment: release steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: update checkov release run: | curl -X POST "https://jenkins-webhook.bridgecrew.cloud/buildByToken/build?job=Open-Source/upgrade-checkov&token=${{ secrets.BC_JENKINS_TOKEN }}" diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 301439398a2..6959990e200 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -34,7 +34,7 @@ jobs: security-events: write steps: - name: Checkout repository - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Set up Python uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4 with: diff --git a/.github/workflows/coverage.yaml b/.github/workflows/coverage.yaml index 9eba364c0fd..20a0b62a1be 100644 --- a/.github/workflows/coverage.yaml +++ b/.github/workflows/coverage.yaml @@ -15,7 +15,7 @@ jobs: contents: write environment: release steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: token: ${{ secrets.GH_PAT_SECRET }} - name: Import GPG key diff --git a/.github/workflows/jekyll-gh-pages.yml b/.github/workflows/jekyll-gh-pages.yml index d8820ac06b2..8a08eff8c5a 100644 --- a/.github/workflows/jekyll-gh-pages.yml +++ b/.github/workflows/jekyll-gh-pages.yml @@ -27,7 +27,7 @@ jobs: runs-on: [self-hosted, public, linux, x64] steps: - name: Checkout - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Setup Pages uses: actions/configure-pages@f156874f8191504dae5b037505266ed5dda6c382 # v3 - name: Build with Jekyll diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 5a3579f1dad..ad472b32790 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -16,7 +16,7 @@ jobs: permissions: contents: write steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: fetch-depth: 0 token: ${{ secrets.GH_PAT_SECRET }} @@ -88,7 +88,7 @@ jobs: permissions: contents: write steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} @@ -128,7 +128,7 @@ jobs: permissions: contents: write steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: fetch-depth: 0 token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/pipenv-update.yml b/.github/workflows/pipenv-update.yml index 3a1ed278ff1..b4498970d47 100644 --- a/.github/workflows/pipenv-update.yml +++ b/.github/workflows/pipenv-update.yml @@ -14,7 +14,7 @@ jobs: contents: write pull-requests: write steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: ref: ${{ github.head_ref }} token: ${{ secrets.GH_PAT_SECRET }} diff --git a/.github/workflows/pr-test.yml b/.github/workflows/pr-test.yml index 3250e1c918e..b6eac5ac8f0 100644 --- a/.github/workflows/pr-test.yml +++ b/.github/workflows/pr-test.yml @@ -18,7 +18,7 @@ jobs: pull-requests: read steps: - name: Checkout code - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Install Node.js uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3 with: @@ -32,7 +32,7 @@ jobs: cfn-lint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4 with: python-version: 3.7 @@ -54,7 +54,7 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 30 steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Set up Python ${{ matrix.python }} uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4 with: @@ -90,7 +90,7 @@ jobs: os: [ubuntu-latest, macos-latest, windows-latest] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4 with: python-version: ${{ matrix.python }} @@ -143,7 +143,7 @@ jobs: working-directory: ./performance_tests runs-on: [self-hosted, public, linux, x64] steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4 with: python-version: ${{ matrix.python }} @@ -188,7 +188,7 @@ jobs: PYTHON_VERSION: "3.7" WORKING_DIRECTORY: ./dogfood_tests steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - uses: actions/setup-python@61a6322f88396a6271a6ee3565807d608ecaddd1 # v4 with: python-version: ${{ env.PYTHON_VERSION }} diff --git a/.github/workflows/security-shared.yml b/.github/workflows/security-shared.yml index 85a92940a2b..77bf4e1a597 100644 --- a/.github/workflows/security-shared.yml +++ b/.github/workflows/security-shared.yml @@ -14,7 +14,7 @@ jobs: bandit: runs-on: [self-hosted, public, linux, x64] steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: ref: ${{ github.event.pull_request.head.sha }} - name: security test @@ -24,7 +24,7 @@ jobs: trufflehog-secrets: runs-on: [self-hosted, public, linux, x64] steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: ref: ${{ github.event.pull_request.head.sha }} - name: detect secrets @@ -34,7 +34,7 @@ jobs: checkov-secrets: runs-on: [self-hosted, public, linux, x64] steps: - - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: ref: ${{ github.event.pull_request.head.sha }} - name: Scan for secrets