From 6c65aec6286085bfa70d5d10dc60eb36ad7b09c2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 21 Apr 2024 08:58:54 +0000 Subject: [PATCH] Bump the dependencies group with 5 updates Bumps the dependencies group with 5 updates: | Package | From | To | | --- | --- | --- | | [trunk-io/trunk-action](https://github.com/trunk-io/trunk-action) | `1.1.12` | `1.1.13` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.25.0` | `3.25.1` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.1` | `4.3.2` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4.1.4` | `4.1.5` | | [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) | `1.25.0` | `1.26.0` | Updates `trunk-io/trunk-action` from 1.1.12 to 1.1.13 - [Release notes](https://github.com/trunk-io/trunk-action/releases) - [Commits](https://github.com/trunk-io/trunk-action/compare/540e7fe497a45ae76370d26d95cc249059c4ac3a...da67635060feab46c164bc130690e61864a5d13b) Updates `github/codeql-action` from 3.25.0 to 3.25.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/df5a14dc28094dc936e103b37d749c6628682b60...c7f9125735019aa87cfc361530512d50ea439c71) Updates `actions/upload-artifact` from 4.3.1 to 4.3.2 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/5d5d22a31266ced268874388b861e4b58bb5c2f3...1746f4ab65b179e0ea60a494b83293b640dd5bba) Updates `actions/download-artifact` from 4.1.4 to 4.1.5 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/c850b930e6ba138125429b7e5c93fc707a7f8427...8caf195ad4b1dee92908e23f56eeb0696f1dd42d) Updates `slackapi/slack-github-action` from 1.25.0 to 1.26.0 - [Release notes](https://github.com/slackapi/slack-github-action/releases) - [Commits](https://github.com/slackapi/slack-github-action/compare/6c661ce58804a1a20f6dc5fbee7f0381b469e001...70cd7be8e40a46e8b0eced40b0de447bdb42f68e) --- updated-dependencies: - dependency-name: trunk-io/trunk-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: slackapi/slack-github-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/annotate_pr.yaml | 2 +- .github/workflows/codeql.yml | 6 +++--- .github/workflows/nightly.yaml | 4 ++-- .github/workflows/pr.yaml | 2 +- .github/workflows/scorecard.yml | 4 ++-- .github/workflows/upgrade_trunk.yaml | 2 +- .github/workflows/upload_results.reusable.yaml | 14 +++++++------- 7 files changed, 17 insertions(+), 17 deletions(-) diff --git a/.github/workflows/annotate_pr.yaml b/.github/workflows/annotate_pr.yaml index 2a3c1ccb3..ccd507cf4 100644 --- a/.github/workflows/annotate_pr.yaml +++ b/.github/workflows/annotate_pr.yaml @@ -18,7 +18,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Trunk Check - uses: trunk-io/trunk-action@540e7fe497a45ae76370d26d95cc249059c4ac3a # v1.1.12 + uses: trunk-io/trunk-action@da67635060feab46c164bc130690e61864a5d13b # v1.1.13 with: post-annotations: true # This job may fail when the PR was not run on a fork, and that's okay diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index af3b11dcf..ed448edfb 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -34,7 +34,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0 + uses: github/codeql-action/init@c7f9125735019aa87cfc361530512d50ea439c71 # v3.25.1 # Override language selection by uncommenting this and choosing your languages with: languages: javascript @@ -42,7 +42,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0 + uses: github/codeql-action/autobuild@c7f9125735019aa87cfc361530512d50ea439c71 # v3.25.1 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -56,4 +56,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0 + uses: github/codeql-action/analyze@c7f9125735019aa87cfc361530512d50ea439c71 # v3.25.1 diff --git a/.github/workflows/nightly.yaml b/.github/workflows/nightly.yaml index ba6cc893f..f41a3dc78 100644 --- a/.github/workflows/nightly.yaml +++ b/.github/workflows/nightly.yaml @@ -179,7 +179,7 @@ jobs: - name: Upload Test Outputs for Upload Job # Only upload results from latest. Always run, except when cancelled. if: (failure() || success()) && matrix.linter-version == 'Latest' - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2 with: name: ${{ matrix.results-file }}-test-results path: ${{ matrix.results-file }}-res.json @@ -238,7 +238,7 @@ jobs: - name: Upload Test Outputs for Notification Job # Always run, except when cancelled. if: (failure() || success()) - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2 with: name: tools-${{ matrix.results-file }}-test-results path: ${{ matrix.results-file }}-res.json diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml index 539771169..d1a661a45 100644 --- a/.github/workflows/pr.yaml +++ b/.github/workflows/pr.yaml @@ -228,7 +228,7 @@ jobs: lfs: true - name: Trunk Check - uses: trunk-io/trunk-action@540e7fe497a45ae76370d26d95cc249059c4ac3a + uses: trunk-io/trunk-action@da67635060feab46c164bc130690e61864a5d13b env: TRUNK_GITHUB_CHECK_RUN_TITLE: Trunk Check diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 1ca8497b8..9000fe624 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -57,7 +57,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: Upload artifact - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 + uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2 with: name: SARIF file path: results.sarif @@ -65,6 +65,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0 + uses: github/codeql-action/upload-sarif@c7f9125735019aa87cfc361530512d50ea439c71 # v3.25.1 with: sarif_file: results.sarif diff --git a/.github/workflows/upgrade_trunk.yaml b/.github/workflows/upgrade_trunk.yaml index c5d1bdebc..07cb87ff4 100644 --- a/.github/workflows/upgrade_trunk.yaml +++ b/.github/workflows/upgrade_trunk.yaml @@ -26,7 +26,7 @@ jobs: private_key: ${{ secrets.TRUNK_OPEN_PR_APP_PRIVATE_KEY }} - name: Trunk Upgrade - uses: trunk-io/trunk-action/upgrade@540e7fe497a45ae76370d26d95cc249059c4ac3a + uses: trunk-io/trunk-action/upgrade@da67635060feab46c164bc130690e61864a5d13b with: arguments: -n --bleeding-edge github-token: ${{ steps.generate-token.outputs.token }} diff --git a/.github/workflows/upload_results.reusable.yaml b/.github/workflows/upload_results.reusable.yaml index 40c99007e..bd50432f3 100644 --- a/.github/workflows/upload_results.reusable.yaml +++ b/.github/workflows/upload_results.reusable.yaml @@ -60,21 +60,21 @@ jobs: - name: Retrieve Test Outputs ubuntu id: download-ubuntu - uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 + uses: actions/download-artifact@8caf195ad4b1dee92908e23f56eeb0696f1dd42d # v4.1.5 continue-on-error: true with: name: ${{ inputs.results-prefix }}ubuntu-latest-test-results - name: Retrieve Test Outputs macOS id: download-macos - uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 + uses: actions/download-artifact@8caf195ad4b1dee92908e23f56eeb0696f1dd42d # v4.1.5 continue-on-error: true with: name: ${{ inputs.results-prefix }}macos-latest-test-results - name: Retrieve Test Outputs Windows id: download-windows - uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 + uses: actions/download-artifact@8caf195ad4b1dee92908e23f56eeb0696f1dd42d # v4.1.5 continue-on-error: true with: name: ${{ inputs.results-prefix }}windows-latest-test-results @@ -96,7 +96,7 @@ jobs: echo "::endgroup::" - name: Slack Notification For Missing Artifacts - uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0 + uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 if: steps.download-ubuntu.outcome == 'failure' || steps.download-macos.outcome == 'failure' || steps.download-windows.outcome == 'failure' @@ -179,7 +179,7 @@ jobs: # Slack notifications - name: Slack Notification For Failures - uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0 + uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 if: always() && steps.parse.outputs.failures == 'true' with: channel-id: ${{ env.SLACK_CHANNEL_ID }} @@ -188,7 +188,7 @@ jobs: SLACK_BOT_TOKEN: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} - name: Slack Notification For Staging Upload Failure - uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0 + uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 if: inputs.upload-validated-versions == true && steps.upload-staging.outcome == 'failure' with: channel-id: ${{ env.SLACK_CHANNEL_ID }} @@ -209,7 +209,7 @@ jobs: SLACK_BOT_TOKEN: ${{ secrets.TRUNKBOT_SLACK_BOT_TOKEN }} - name: Slack Notification For Prod Upload Failure - uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0 + uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0 if: inputs.upload-validated-versions == true && steps.upload-prod.outcome == 'failure' with: channel-id: ${{ env.SLACK_CHANNEL_ID }}