From 55720f1f1d0fcf72f9521cf05479cc4dc972219c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 14 Jul 2024 09:09:13 +0000 Subject: [PATCH 1/6] Bump step-security/harden-runner from 2.6.1 to 2.8.1 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.6.1 to 2.8.1. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/eb238b55efaa70779f274895e782ed17c84f2895...17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/ci-clang-scan.yml | 2 +- .github/workflows/ci-cmake-options.yml | 2 +- .github/workflows/ci-cov-linux-report.yml | 2 +- .github/workflows/ci-cov-linux.yml | 2 +- .github/workflows/ci-cov-python.yml | 2 +- .github/workflows/ci-cov-windows-report.yml | 2 +- .github/workflows/ci-cov-windows.yml | 2 +- .github/workflows/ci-cpack.yml | 4 ++-- .github/workflows/ci-cppcheck.yml | 2 +- .github/workflows/ci-fuzz-micro.yml | 2 +- .github/workflows/ci-fuzz-short.yml | 2 +- .github/workflows/ci-fuzz.yml | 2 +- .github/workflows/ci-gcc10.yml | 2 +- .github/workflows/ci-gcc7.yml | 2 +- .github/workflows/ci-gcc9.yml | 2 +- .github/workflows/ci-test.yml | 2 +- .github/workflows/ci-windows-ip.yml | 2 +- .github/workflows/ci-windows.yml | 2 +- .github/workflows/clang_scan.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/cppcheck.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/docker.yml | 2 +- .github/workflows/freebsd_build.yml | 2 +- .github/workflows/freebsd_scan_build.yml | 2 +- .github/workflows/linux_make.yml | 8 ++++---- .github/workflows/macos-scan-build.yml | 2 +- .github/workflows/macosx_build.yml | 2 +- .github/workflows/scorecard.yml | 2 +- .github/workflows/stats-cron-job.yml | 2 +- 30 files changed, 34 insertions(+), 34 deletions(-) diff --git a/.github/workflows/ci-clang-scan.yml b/.github/workflows/ci-clang-scan.yml index ce5fce19..1fd28b5a 100644 --- a/.github/workflows/ci-clang-scan.yml +++ b/.github/workflows/ci-clang-scan.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/ci-cmake-options.yml b/.github/workflows/ci-cmake-options.yml index 1805aff9..6fa316ec 100644 --- a/.github/workflows/ci-cmake-options.yml +++ b/.github/workflows/ci-cmake-options.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/ci-cov-linux-report.yml b/.github/workflows/ci-cov-linux-report.yml index 1d15abac..9f299859 100644 --- a/.github/workflows/ci-cov-linux-report.yml +++ b/.github/workflows/ci-cov-linux-report.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/ci-cov-linux.yml b/.github/workflows/ci-cov-linux.yml index c8c5c271..61179e13 100644 --- a/.github/workflows/ci-cov-linux.yml +++ b/.github/workflows/ci-cov-linux.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/ci-cov-python.yml b/.github/workflows/ci-cov-python.yml index e2e3d16a..fa5693a5 100644 --- a/.github/workflows/ci-cov-python.yml +++ b/.github/workflows/ci-cov-python.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/ci-cov-windows-report.yml b/.github/workflows/ci-cov-windows-report.yml index 460bfb91..a74dc2fe 100644 --- a/.github/workflows/ci-cov-windows-report.yml +++ b/.github/workflows/ci-cov-windows-report.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/ci-cov-windows.yml b/.github/workflows/ci-cov-windows.yml index 147f55d5..c4d4b779 100644 --- a/.github/workflows/ci-cov-windows.yml +++ b/.github/workflows/ci-cov-windows.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/ci-cpack.yml b/.github/workflows/ci-cpack.yml index 6cad4653..35e619a8 100644 --- a/.github/workflows/ci-cpack.yml +++ b/.github/workflows/ci-cpack.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit @@ -44,7 +44,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/ci-cppcheck.yml b/.github/workflows/ci-cppcheck.yml index 59e2bca8..5dffe6a1 100644 --- a/.github/workflows/ci-cppcheck.yml +++ b/.github/workflows/ci-cppcheck.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/ci-fuzz-micro.yml b/.github/workflows/ci-fuzz-micro.yml index f9b16ebe..7f320045 100644 --- a/.github/workflows/ci-fuzz-micro.yml +++ b/.github/workflows/ci-fuzz-micro.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/ci-fuzz-short.yml b/.github/workflows/ci-fuzz-short.yml index d1437ef5..5b072c13 100644 --- a/.github/workflows/ci-fuzz-short.yml +++ b/.github/workflows/ci-fuzz-short.yml @@ -15,7 +15,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/ci-fuzz.yml b/.github/workflows/ci-fuzz.yml index b8a99417..31376fb0 100644 --- a/.github/workflows/ci-fuzz.yml +++ b/.github/workflows/ci-fuzz.yml @@ -18,7 +18,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/ci-gcc10.yml b/.github/workflows/ci-gcc10.yml index 3875ce0d..c311ebb5 100644 --- a/.github/workflows/ci-gcc10.yml +++ b/.github/workflows/ci-gcc10.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/ci-gcc7.yml b/.github/workflows/ci-gcc7.yml index 1cb4c54e..cbe067eb 100644 --- a/.github/workflows/ci-gcc7.yml +++ b/.github/workflows/ci-gcc7.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/ci-gcc9.yml b/.github/workflows/ci-gcc9.yml index 9747ae22..565999ef 100644 --- a/.github/workflows/ci-gcc9.yml +++ b/.github/workflows/ci-gcc9.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/ci-test.yml b/.github/workflows/ci-test.yml index 63231c9c..ecd75b14 100644 --- a/.github/workflows/ci-test.yml +++ b/.github/workflows/ci-test.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/ci-windows-ip.yml b/.github/workflows/ci-windows-ip.yml index 5a68ae23..d9c40cc7 100644 --- a/.github/workflows/ci-windows-ip.yml +++ b/.github/workflows/ci-windows-ip.yml @@ -14,7 +14,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/ci-windows.yml b/.github/workflows/ci-windows.yml index d83c3d54..aaa08d2b 100644 --- a/.github/workflows/ci-windows.yml +++ b/.github/workflows/ci-windows.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/clang_scan.yml b/.github/workflows/clang_scan.yml index 0dbae717..40d8a1be 100644 --- a/.github/workflows/clang_scan.yml +++ b/.github/workflows/clang_scan.yml @@ -28,7 +28,7 @@ jobs: steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 57d12c32..707ed1cb 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -41,7 +41,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/cppcheck.yml b/.github/workflows/cppcheck.yml index 16fe9192..c61d916e 100644 --- a/.github/workflows/cppcheck.yml +++ b/.github/workflows/cppcheck.yml @@ -27,7 +27,7 @@ jobs: steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index e82880c5..ff74766f 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 2fd02081..1650ea9a 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/freebsd_build.yml b/.github/workflows/freebsd_build.yml index e94468c0..f6ab4c35 100644 --- a/.github/workflows/freebsd_build.yml +++ b/.github/workflows/freebsd_build.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/freebsd_scan_build.yml b/.github/workflows/freebsd_scan_build.yml index 72f625a2..7d135788 100644 --- a/.github/workflows/freebsd_scan_build.yml +++ b/.github/workflows/freebsd_scan_build.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/linux_make.yml b/.github/workflows/linux_make.yml index 17089091..35294743 100644 --- a/.github/workflows/linux_make.yml +++ b/.github/workflows/linux_make.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit @@ -31,7 +31,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit @@ -49,7 +49,7 @@ jobs: container: ubuntu:22.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit @@ -70,7 +70,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/macos-scan-build.yml b/.github/workflows/macos-scan-build.yml index f91f545a..2fac9293 100644 --- a/.github/workflows/macos-scan-build.yml +++ b/.github/workflows/macos-scan-build.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/macosx_build.yml b/.github/workflows/macosx_build.yml index c8b78061..17273652 100644 --- a/.github/workflows/macosx_build.yml +++ b/.github/workflows/macosx_build.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index f8ef1970..1038b766 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit diff --git a/.github/workflows/stats-cron-job.yml b/.github/workflows/stats-cron-job.yml index 99b06fda..71de62c4 100644 --- a/.github/workflows/stats-cron-job.yml +++ b/.github/workflows/stats-cron-job.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Harden Runner - uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 + uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 with: egress-policy: audit From 106d729f05d837063757ce7794cd8a635a2f461a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 14 Jul 2024 10:23:19 +0000 Subject: [PATCH 2/6] Bump actions/checkout from 3.6.0 to 4.1.7 Bumps [actions/checkout](https://github.com/actions/checkout) from 3.6.0 to 4.1.7. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3.6.0...692973e3d937129bcbf40652eb9f2f61becf3332) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/ci-clang-scan.yml | 2 +- .github/workflows/ci-cmake-options.yml | 2 +- .github/workflows/ci-cov-linux-report.yml | 2 +- .github/workflows/ci-cov-linux.yml | 2 +- .github/workflows/ci-cov-python.yml | 2 +- .github/workflows/ci-cov-windows-report.yml | 2 +- .github/workflows/ci-cov-windows.yml | 2 +- .github/workflows/ci-cpack.yml | 4 ++-- .github/workflows/ci-cppcheck.yml | 2 +- .github/workflows/ci-fuzz-micro.yml | 2 +- .github/workflows/ci-fuzz-short.yml | 2 +- .github/workflows/ci-fuzz.yml | 2 +- .github/workflows/ci-gcc10.yml | 2 +- .github/workflows/ci-gcc7.yml | 2 +- .github/workflows/ci-gcc9.yml | 2 +- .github/workflows/ci-test.yml | 2 +- .github/workflows/ci-windows.yml | 2 +- .github/workflows/clang_scan.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/cppcheck.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/docker.yml | 2 +- .github/workflows/freebsd_build.yml | 2 +- .github/workflows/freebsd_scan_build.yml | 2 +- .github/workflows/linux_make.yml | 8 ++++---- .github/workflows/macos-scan-build.yml | 2 +- .github/workflows/macosx_build.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 28 files changed, 32 insertions(+), 32 deletions(-) diff --git a/.github/workflows/ci-clang-scan.yml b/.github/workflows/ci-clang-scan.yml index 1fd28b5a..0923366f 100644 --- a/.github/workflows/ci-clang-scan.yml +++ b/.github/workflows/ci-clang-scan.yml @@ -21,7 +21,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - name: Configure CMake diff --git a/.github/workflows/ci-cmake-options.yml b/.github/workflows/ci-cmake-options.yml index 6fa316ec..abcc6703 100644 --- a/.github/workflows/ci-cmake-options.yml +++ b/.github/workflows/ci-cmake-options.yml @@ -21,7 +21,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive diff --git a/.github/workflows/ci-cov-linux-report.yml b/.github/workflows/ci-cov-linux-report.yml index 9f299859..c97c1c68 100644 --- a/.github/workflows/ci-cov-linux-report.yml +++ b/.github/workflows/ci-cov-linux-report.yml @@ -17,7 +17,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive diff --git a/.github/workflows/ci-cov-linux.yml b/.github/workflows/ci-cov-linux.yml index 61179e13..e4fa3212 100644 --- a/.github/workflows/ci-cov-linux.yml +++ b/.github/workflows/ci-cov-linux.yml @@ -21,7 +21,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - name: coverity-linux diff --git a/.github/workflows/ci-cov-python.yml b/.github/workflows/ci-cov-python.yml index fa5693a5..a1642514 100644 --- a/.github/workflows/ci-cov-python.yml +++ b/.github/workflows/ci-cov-python.yml @@ -21,7 +21,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - name: coverity-python diff --git a/.github/workflows/ci-cov-windows-report.yml b/.github/workflows/ci-cov-windows-report.yml index a74dc2fe..829a1ffa 100644 --- a/.github/workflows/ci-cov-windows-report.yml +++ b/.github/workflows/ci-cov-windows-report.yml @@ -17,7 +17,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive diff --git a/.github/workflows/ci-cov-windows.yml b/.github/workflows/ci-cov-windows.yml index c4d4b779..c207fa1f 100644 --- a/.github/workflows/ci-cov-windows.yml +++ b/.github/workflows/ci-cov-windows.yml @@ -21,7 +21,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive diff --git a/.github/workflows/ci-cpack.yml b/.github/workflows/ci-cpack.yml index 35e619a8..3875be0b 100644 --- a/.github/workflows/ci-cpack.yml +++ b/.github/workflows/ci-cpack.yml @@ -20,7 +20,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - name: Configure CMake @@ -48,7 +48,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - name: Configure CMake diff --git a/.github/workflows/ci-cppcheck.yml b/.github/workflows/ci-cppcheck.yml index 5dffe6a1..2a134b4c 100644 --- a/.github/workflows/ci-cppcheck.yml +++ b/.github/workflows/ci-cppcheck.yml @@ -21,7 +21,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - name: cppcheck_script diff --git a/.github/workflows/ci-fuzz-micro.yml b/.github/workflows/ci-fuzz-micro.yml index 7f320045..4be50628 100644 --- a/.github/workflows/ci-fuzz-micro.yml +++ b/.github/workflows/ci-fuzz-micro.yml @@ -20,7 +20,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive diff --git a/.github/workflows/ci-fuzz-short.yml b/.github/workflows/ci-fuzz-short.yml index 5b072c13..634ad5fa 100644 --- a/.github/workflows/ci-fuzz-short.yml +++ b/.github/workflows/ci-fuzz-short.yml @@ -19,7 +19,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive diff --git a/.github/workflows/ci-fuzz.yml b/.github/workflows/ci-fuzz.yml index 31376fb0..b6fdc5e5 100644 --- a/.github/workflows/ci-fuzz.yml +++ b/.github/workflows/ci-fuzz.yml @@ -22,7 +22,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive diff --git a/.github/workflows/ci-gcc10.yml b/.github/workflows/ci-gcc10.yml index c311ebb5..a7276110 100644 --- a/.github/workflows/ci-gcc10.yml +++ b/.github/workflows/ci-gcc10.yml @@ -21,7 +21,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - name: Configure CMake diff --git a/.github/workflows/ci-gcc7.yml b/.github/workflows/ci-gcc7.yml index cbe067eb..e7c47fb9 100644 --- a/.github/workflows/ci-gcc7.yml +++ b/.github/workflows/ci-gcc7.yml @@ -21,7 +21,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - name: Configure CMake diff --git a/.github/workflows/ci-gcc9.yml b/.github/workflows/ci-gcc9.yml index 565999ef..51d17f15 100644 --- a/.github/workflows/ci-gcc9.yml +++ b/.github/workflows/ci-gcc9.yml @@ -21,7 +21,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - name: Configure CMake diff --git a/.github/workflows/ci-test.yml b/.github/workflows/ci-test.yml index ecd75b14..acf44da6 100644 --- a/.github/workflows/ci-test.yml +++ b/.github/workflows/ci-test.yml @@ -21,7 +21,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - name: Configure CMake diff --git a/.github/workflows/ci-windows.yml b/.github/workflows/ci-windows.yml index aaa08d2b..83796199 100644 --- a/.github/workflows/ci-windows.yml +++ b/.github/workflows/ci-windows.yml @@ -24,7 +24,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - name: Configure CMake diff --git a/.github/workflows/clang_scan.yml b/.github/workflows/clang_scan.yml index 40d8a1be..ba14b47f 100644 --- a/.github/workflows/clang_scan.yml +++ b/.github/workflows/clang_scan.yml @@ -32,7 +32,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 707ed1cb..1c8b5a1e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -46,7 +46,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/cppcheck.yml b/.github/workflows/cppcheck.yml index c61d916e..beac1bc1 100644 --- a/.github/workflows/cppcheck.yml +++ b/.github/workflows/cppcheck.yml @@ -31,7 +31,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index ff74766f..4c601203 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -24,6 +24,6 @@ jobs: egress-policy: audit - name: 'Checkout Repository' - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: 'Dependency Review' uses: actions/dependency-review-action@9129d7d40b8c12c1ed0f60400d00c92d437adcce # v4.1.3 diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 1650ea9a..4807613c 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -26,7 +26,7 @@ jobs: format: YYYY-MM-DD--HH - name: Checkout code - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive diff --git a/.github/workflows/freebsd_build.yml b/.github/workflows/freebsd_build.yml index f6ab4c35..32e0de75 100644 --- a/.github/workflows/freebsd_build.yml +++ b/.github/workflows/freebsd_build.yml @@ -20,7 +20,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - name: build in FreeBSD VM diff --git a/.github/workflows/freebsd_scan_build.yml b/.github/workflows/freebsd_scan_build.yml index 7d135788..8e048e08 100644 --- a/.github/workflows/freebsd_scan_build.yml +++ b/.github/workflows/freebsd_scan_build.yml @@ -20,7 +20,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - name: clang scan build in FreeBSD VM diff --git a/.github/workflows/linux_make.yml b/.github/workflows/linux_make.yml index 35294743..f2e131e7 100644 --- a/.github/workflows/linux_make.yml +++ b/.github/workflows/linux_make.yml @@ -18,7 +18,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: cmake run: | rm -rf ${{ github.workspace }}/build @@ -35,7 +35,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: cmake run: | rm -rf ${{ github.workspace }}/build @@ -53,7 +53,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: install dependencies run: | apt update @@ -74,7 +74,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - name: cmake diff --git a/.github/workflows/macos-scan-build.yml b/.github/workflows/macos-scan-build.yml index 2fac9293..5c9252b5 100644 --- a/.github/workflows/macos-scan-build.yml +++ b/.github/workflows/macos-scan-build.yml @@ -20,7 +20,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - name: cmake diff --git a/.github/workflows/macosx_build.yml b/.github/workflows/macosx_build.yml index 17273652..76360f0a 100644 --- a/.github/workflows/macosx_build.yml +++ b/.github/workflows/macosx_build.yml @@ -20,7 +20,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: submodules: recursive - name: cmake diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 1038b766..5676dfbb 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -38,7 +38,7 @@ jobs: egress-policy: audit - name: "Checkout code" - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: persist-credentials: false From c3d9d93ffc57ac07e92ce1a9ba8e7f4bf3798287 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=D0=90=D1=80=D1=82=D1=91=D0=BC?= Date: Wed, 17 Jul 2024 18:42:55 +0300 Subject: [PATCH 3/6] Fix double free (#790) --- src/utils.cpp | 31 +++++++++++++++++++------------ 1 file changed, 19 insertions(+), 12 deletions(-) diff --git a/src/utils.cpp b/src/utils.cpp index 1723ab23..22904d20 100644 --- a/src/utils.cpp +++ b/src/utils.cpp @@ -2,6 +2,7 @@ // Copyright (c) 2009-2022, Intel Corporation // written by Andrey Semin and many others +#include #include #include #include @@ -125,18 +126,24 @@ const char * setColor (const char * colorStr) return colorEnabled ? colorStr : ""; } -std::vector colorTable = { - ASCII_GREEN, - ASCII_YELLOW, - ASCII_MAGENTA, - ASCII_CYAN, - ASCII_BRIGHT_GREEN, - ASCII_BRIGHT_YELLOW, - ASCII_BRIGHT_BLUE, - ASCII_BRIGHT_MAGENTA, - ASCII_BRIGHT_CYAN, - ASCII_BRIGHT_WHITE -}; +template +constexpr auto make_array(N&&... args) -> std::array +{ + return {std::forward(args)...}; +} + +constexpr auto colorTable{make_array( + ASCII_GREEN, + ASCII_YELLOW, + ASCII_MAGENTA, + ASCII_CYAN, + ASCII_BRIGHT_GREEN, + ASCII_BRIGHT_YELLOW, + ASCII_BRIGHT_BLUE, + ASCII_BRIGHT_MAGENTA, + ASCII_BRIGHT_CYAN, + ASCII_BRIGHT_WHITE +)}; size_t currentColor = 0; const char * setNextColor() From 3da43d82f3337721ccc31d221518d3f8da552a7a Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Wed, 17 Jul 2024 18:39:29 +0200 Subject: [PATCH 4/6] add a test for pcm --color Change-Id: I1b478546153b9c2e5f7b04e92a27bca320d31991 --- tests/test.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tests/test.sh b/tests/test.sh index b31277db..98119c0f 100755 --- a/tests/test.sh +++ b/tests/test.sh @@ -29,6 +29,13 @@ if [ "$?" -ne "0" ]; then exit 1 fi +echo Testing pcm w/o env vars + color +./pcm -r --color -- sleep 1 +if [ "$?" -ne "0" ]; then + echo "Error in pcm" + exit 1 +fi + echo Testing pcm with -pid perl -e ' do {} until (0)' & test_pid="$!" From 79732643a8dae4130a1a074521891506ff67c934 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Sat, 20 Jul 2024 14:04:56 +0200 Subject: [PATCH 5/6] fuzz every monday at midnight Change-Id: I370433b510de22712fa26bc912e597e525e03f0b --- .github/workflows/ci-fuzz.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci-fuzz.yml b/.github/workflows/ci-fuzz.yml index b6fdc5e5..0d9cebdd 100644 --- a/.github/workflows/ci-fuzz.yml +++ b/.github/workflows/ci-fuzz.yml @@ -2,8 +2,8 @@ name: fuzz-job on: schedule: - # every sunday at midnight - - cron: '0 0 * * 0' + # every monday at midnight + - cron: '0 0 * * 1' # also allow manual triggering workflow_dispatch: From 066ed22c61eefe10c2c9e5f7dcb5eca64d69fb15 Mon Sep 17 00:00:00 2001 From: "Dementiev, Roman" Date: Sat, 20 Jul 2024 14:17:00 +0200 Subject: [PATCH 6/6] pcm-tpmi: add -i instances option Change-Id: I67c304949a454b09e0b9a741825654386bc68b79 --- src/pcm-tpmi.cpp | 23 ++++++++++++++++++++--- 1 file changed, 20 insertions(+), 3 deletions(-) diff --git a/src/pcm-tpmi.cpp b/src/pcm-tpmi.cpp index 8d0ef12c..476d3a50 100644 --- a/src/pcm-tpmi.cpp +++ b/src/pcm-tpmi.cpp @@ -29,6 +29,8 @@ void print_usage(const char * progname) std::cout << " -b low:high : read or write only low..high bits of the register\n"; std::cout << " -e entries : perform read/write on specified entries (default is all entries)\n"; std::cout << " (examples: -e 10 -e 10-11 -e 4,6,12-20,6)\n"; + std::cout << " -i instances: perform read/write on specified instances (default is all instances)\n"; + std::cout << " (examples: -i 1 -i 0,1 -i 0,2-3)\n"; std::cout << " -d : output all numbers in dec (default is hex)\n"; std::cout << " -v : verbose ouput\n"; std::cout << " --version : print application version\n"; @@ -51,10 +53,10 @@ int mainThrows(int argc, char * argv[]) bool write = false; bool dec = false; std::pair bits{-1, -1}; - std::list entries; + std::list entries, instances; int my_opt = -1; - while ((my_opt = getopt(argc, argv, "w:dvb:e:")) != -1) + while ((my_opt = getopt(argc, argv, "w:dvb:e:i:")) != -1) { switch (my_opt) { @@ -74,6 +76,9 @@ int mainThrows(int argc, char * argv[]) case 'e': entries = extract_integer_list(optarg); break; + case 'i': + instances = extract_integer_list(optarg); + break; default: print_usage(argv[0]); return -1; @@ -106,8 +111,20 @@ int mainThrows(int argc, char * argv[]) try { - for (size_t i = 0; i < TPMIHandle::getNumInstances(); ++i) + if (instances.empty()) { + for (size_t i = 0; i < TPMIHandle::getNumInstances(); ++i) + { + instances.push_back(i); + } + } + for (const size_t i : instances) + { + if (i >= TPMIHandle::getNumInstances()) + { + std::cerr << "Instance " << i << " does not exist\n"; + continue; + } TPMIHandle h(i, requestedID, requestedRelativeOffset, !write); auto one = [&](const size_t p) {