From 259b6d454e546975ede955660bb0cc9bb6f1f467 Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Wed, 25 Sep 2024 08:13:18 +0200 Subject: [PATCH] chore(deps): update workflows (#1264) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/setup-java](https://redirect.github.com/actions/setup-java) | action | minor | `v4.3.0` -> `v4.4.0` | | [github/codeql-action](https://redirect.github.com/github/codeql-action) | action | patch | `v3.26.7` -> `v3.26.9` | | [ruby/setup-ruby](https://redirect.github.com/ruby/setup-ruby) | action | minor | `v1.191.0` -> `v1.193.0` | --- ### Release Notes
actions/setup-java (actions/setup-java) ### [`v4.4.0`](https://redirect.github.com/actions/setup-java/compare/v4.3.0...v4.4.0) [Compare Source](https://redirect.github.com/actions/setup-java/compare/v4.3.0...v4.4.0)
github/codeql-action (github/codeql-action) ### [`v3.26.9`](https://redirect.github.com/github/codeql-action/compare/v3.26.8...v3.26.9) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.26.8...v3.26.9) ### [`v3.26.8`](https://redirect.github.com/github/codeql-action/compare/v3.26.7...v3.26.8) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v3.26.7...v3.26.8)
ruby/setup-ruby (ruby/setup-ruby) ### [`v1.193.0`](https://redirect.github.com/ruby/setup-ruby/releases/tag/v1.193.0) [Compare Source](https://redirect.github.com/ruby/setup-ruby/compare/v1.192.0...v1.193.0) ##### What's Changed - README.md - Windows - clarify installed packages, 2022 vs 2019 by [@​MSP-Greg](https://redirect.github.com/MSP-Greg) in [https://github.com/ruby/setup-ruby/pull/642](https://redirect.github.com/ruby/setup-ruby/pull/642) - Add truffleruby-24.1.0,truffleruby+graalvm-24.1.0 by [@​ruby-builder-bot](https://redirect.github.com/ruby-builder-bot) in [https://github.com/ruby/setup-ruby/pull/643](https://redirect.github.com/ruby/setup-ruby/pull/643) **Full Changelog**: https://github.com/ruby/setup-ruby/compare/v1.192.0...v1.193.0 ### [`v1.192.0`](https://redirect.github.com/ruby/setup-ruby/releases/tag/v1.192.0) [Compare Source](https://redirect.github.com/ruby/setup-ruby/compare/v1.191.0...v1.192.0) #### What's Changed - Update CRuby releases on Windows by [@​ruby-builder-bot](https://redirect.github.com/ruby-builder-bot) in [https://github.com/ruby/setup-ruby/pull/636](https://redirect.github.com/ruby/setup-ruby/pull/636) **Full Changelog**: https://github.com/ruby/setup-ruby/compare/v1.191.0...v1.192.0
--- ### Configuration 📅 **Schedule**: Branch creation - "before 6am on monday" in timezone Australia/Sydney, Automerge - At any time (no schedule defined). đŸšĻ **Automerge**: Disabled by config. Please merge this manually once you are satisfied. â™ģ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. đŸ‘ģ **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/google/osv-scanner). --- .github/workflows/codeql-analysis.yml | 6 +++--- .github/workflows/osv-scanner-reusable-pr.yml | 2 +- .github/workflows/osv-scanner-reusable.yml | 2 +- .github/workflows/scorecards.yml | 2 +- .github/workflows/semantic.yml | 4 ++-- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index e3035eda64..0551982219 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -48,7 +48,7 @@ jobs: go-version-file: go.mod # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 + uses: github/codeql-action/init@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -59,7 +59,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 + uses: github/codeql-action/autobuild@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -73,4 +73,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 + uses: github/codeql-action/analyze@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 diff --git a/.github/workflows/osv-scanner-reusable-pr.yml b/.github/workflows/osv-scanner-reusable-pr.yml index a4252cfc33..d856e0491f 100644 --- a/.github/workflows/osv-scanner-reusable-pr.yml +++ b/.github/workflows/osv-scanner-reusable-pr.yml @@ -108,6 +108,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" if: ${{ !cancelled() && inputs.upload-sarif == true }} - uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 + uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 with: sarif_file: ${{ inputs.results-file-name }} diff --git a/.github/workflows/osv-scanner-reusable.yml b/.github/workflows/osv-scanner-reusable.yml index f786d62b0d..964c6f210b 100644 --- a/.github/workflows/osv-scanner-reusable.yml +++ b/.github/workflows/osv-scanner-reusable.yml @@ -91,6 +91,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" if: "${{ !cancelled() && inputs.upload-sarif == true }}" - uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 + uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 with: sarif_file: ${{ inputs.results-file-name }} diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index db69eb20a2..5baed18d17 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 + uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 with: sarif_file: results.sarif diff --git a/.github/workflows/semantic.yml b/.github/workflows/semantic.yml index 033d5f39e3..26d5a7a284 100644 --- a/.github/workflows/semantic.yml +++ b/.github/workflows/semantic.yml @@ -106,7 +106,7 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: persist-credentials: false - - uses: ruby/setup-ruby@52753b7da854d5c07df37391a986c76ab4615999 # v1.191.0 + - uses: ruby/setup-ruby@f321cf5a4d1533575411f8752cf25b86478b0442 # v1.193.0 with: ruby-version: "3.1" - name: setup dependencies @@ -126,7 +126,7 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: persist-credentials: false - - uses: actions/setup-java@2dfa2011c5b2a0f1489bf9e433881c92c1631f88 # v4.3.0 + - uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0 with: java-version: 17 distribution: oracle