From 4a5587101272cc6403df96c3d58468aad81cacb5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Jul 2024 14:31:07 +0200 Subject: [PATCH 1/2] build(dependencies): bump the github-actions group across 1 directory with 8 updates (#11) Bumps the github-actions group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.3` | `4.3.4` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4.1.7` | `4.1.8` | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `3.0.0` | `3.1.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.3.0` | `3.4.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.2.0` | `6.3.0` | | [bridgecrewio/checkov-action](https://github.com/bridgecrewio/checkov-action) | `12.2798.0` | `12.2823.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.25.11` | `3.25.12` | | [actions/setup-node](https://github.com/actions/setup-node) | `4.0.2` | `4.0.3` | Updates `actions/upload-artifact` from 4.3.3 to 4.3.4 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/65462800fd760344b1a7b4382951275a0abb4808...0b2256b8c012f0828dc542b3febcab082c67f72b) Updates `actions/download-artifact` from 4.1.7 to 4.1.8 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/65a9edc5881444af0b9093a5e628f2fe47ea3b2e...fa0a91b85d4f404e444e00e005971372dc801d16) Updates `docker/setup-qemu-action` from 3.0.0 to 3.1.0 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](https://github.com/docker/setup-qemu-action/compare/68827325e0b33c7199eb31dd4e31fbe9023e06e3...5927c834f5b4fdf503fca6f4c7eccda82949e1ee) Updates `docker/setup-buildx-action` from 3.3.0 to 3.4.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/d70bba72b1f3fd22344832f00baa16ece964efeb...4fd812986e6c8c2a69e18311145f9371337f27d4) Updates `docker/build-push-action` from 6.2.0 to 6.3.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/15560696de535e4014efeff63c48f16952e52dd1...1a162644f9a7e87d8f4b053101d1d9a712edc18c) Updates `bridgecrewio/checkov-action` from 12.2798.0 to 12.2823.0 - [Release notes](https://github.com/bridgecrewio/checkov-action/releases) - [Commits](https://github.com/bridgecrewio/checkov-action/compare/1aa570d5235ac1bb571b6ad857c5ca3ba3670b74...4bb67465e1497251e876269c248f3f8efda3bce5) Updates `github/codeql-action` from 3.25.11 to 3.25.12 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/b611370bb5703a7efb587f9d136a52ea24c5c38c...4fa2a7953630fd2f3fb380f21be14ede0169dd4f) Updates `actions/setup-node` from 4.0.2 to 4.0.3 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/60edb5dd545a775178f52524783378180af0d1f8...1e60f620b9541d16bece96c5465dc8ee9832be0b) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: bridgecrewio/checkov-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci-generic.yml | 2 +- .github/workflows/docker-ci-generic.yml | 24 ++++++++++---------- .github/workflows/docker-release-generic.yml | 10 ++++---- .github/workflows/docusaurus-release.yml | 2 +- .github/workflows/release.yml | 2 +- 5 files changed, 20 insertions(+), 20 deletions(-) diff --git a/.github/workflows/ci-generic.yml b/.github/workflows/ci-generic.yml index c186a3a..61ce608 100644 --- a/.github/workflows/ci-generic.yml +++ b/.github/workflows/ci-generic.yml @@ -68,7 +68,7 @@ jobs: version: ${{ inputs.version }} - name: Upload Instance BuildInfo.properties - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 #4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b #4.3.4 with: name: pre-build-instance-buildinfo path: ./*/main/resources/BuildInfo.properties diff --git a/.github/workflows/docker-ci-generic.yml b/.github/workflows/docker-ci-generic.yml index a867304..f821da4 100644 --- a/.github/workflows/docker-ci-generic.yml +++ b/.github/workflows/docker-ci-generic.yml @@ -76,13 +76,13 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #4.1.7 - name: "Download Pre-build Artifacts" - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e #4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 #4.1.8 with: pattern: pre-build-* merge-multiple: true - name: "Download Build Artifacts" - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e #4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 #4.1.8 with: pattern: build-* merge-multiple: true @@ -102,14 +102,14 @@ jobs: latest=false - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #3.0.0 + uses: docker/setup-qemu-action@5927c834f5b4fdf503fca6f4c7eccda82949e1ee #3.1.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb #3.3.0 + uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 #3.4.0 - name: Build and export Docker image id: build - uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 #6.2.0 + uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c #6.3.0 with: context: . platforms: linux/amd64 @@ -121,7 +121,7 @@ jobs: cache-to: type=gha,mode=max - name: "Upload Docker tar" - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 #4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b #4.3.4 with: name: build-docker-image path: ./image.tar @@ -146,7 +146,7 @@ jobs: - name: Lint Dockerfile with Checkov id: checkov - uses: bridgecrewio/checkov-action@1aa570d5235ac1bb571b6ad857c5ca3ba3670b74 #12.2798.0 + uses: bridgecrewio/checkov-action@4bb67465e1497251e876269c248f3f8efda3bce5 #12.2823.0 with: directory: . framework: dockerfile @@ -158,13 +158,13 @@ jobs: output_file_path: reports/checkov-results.sarif - name: Upload Sarif report as artifact - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 #4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b #4.3.4 with: name: checkov-results path: reports/checkov-results.sarif - name: Upload to GitHub Security - uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c #3.25.11 + uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f #3.25.12 if: ${{ inputs.upload-sarif-to-security }} with: sarif_file: 'reports/checkov-results.sarif' @@ -175,7 +175,7 @@ jobs: # steps: # - # name: "Download Docker tar" - # uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e #4.1.7 + # uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 #4.1.8 # with: # name: docker # path: . @@ -201,7 +201,7 @@ jobs: # hide-progress: false # - # name: "Upload Sarif report as artifact" - # uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 #4.3.3 + # uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b #4.3.4 # with: # name: trivy-results # path: trivy-results.sarif @@ -227,7 +227,7 @@ jobs: github.com:443 - name: Download Docker tar - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e #4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 #4.1.8 with: name: build-docker-image diff --git a/.github/workflows/docker-release-generic.yml b/.github/workflows/docker-release-generic.yml index 461f571..9ddb3ed 100644 --- a/.github/workflows/docker-release-generic.yml +++ b/.github/workflows/docker-release-generic.yml @@ -56,13 +56,13 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #4.1.7 - name: "Download Pre-build Artifacts" - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e #4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 #4.1.8 with: pattern: pre-build-* merge-multiple: true - name: "Download Build Artifacts" - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e #4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 #4.1.8 with: pattern: build-* merge-multiple: true @@ -82,10 +82,10 @@ jobs: latest=false - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #3.0.0 + uses: docker/setup-qemu-action@5927c834f5b4fdf503fca6f4c7eccda82949e1ee #3.1.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb #3.3.0 + uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 #3.4.0 - name: Login to Container Registry uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # 3.2.0 @@ -95,7 +95,7 @@ jobs: - name: Build and export Docker image id: build - uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 #6.2.0 + uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c #6.3.0 with: context: . platforms: linux/amd64, linux/arm64 diff --git a/.github/workflows/docusaurus-release.yml b/.github/workflows/docusaurus-release.yml index cdd5ea5..5801e85 100644 --- a/.github/workflows/docusaurus-release.yml +++ b/.github/workflows/docusaurus-release.yml @@ -38,7 +38,7 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Set Up Node.js - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 + uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: node-version: 20.x cache: npm diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index cade920..98cf852 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -37,7 +37,7 @@ jobs: token: ${{ secrets.WEAREFRANK_BOT_PAT }} - name: Setup Node - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 #4.0.2 + uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b #4.0.3 with: node-version: 20.x From e073950d36ffdeb9f018b14b2ca0c13449825b2f Mon Sep 17 00:00:00 2001 From: semantic-release-bot Date: Mon, 15 Jul 2024 12:31:58 +0000 Subject: [PATCH 2/2] chore(patch): release 1.0.3 [skip ci] MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit ## [1.0.3](https://github.com/wearefrank/ci-cd-templates/compare/v1.0.2...v1.0.3) (2024-07-15) ### 🤖 Build System * **dependencies:** bump the github-actions group across 1 directory with 8 updates ([#11](https://github.com/wearefrank/ci-cd-templates/issues/11)) ([4a55871](https://github.com/wearefrank/ci-cd-templates/commit/4a5587101272cc6403df96c3d58468aad81cacb5)) --- CHANGELOG.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 31890c6..a336f78 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,11 @@ [![conventional commits](https://img.shields.io/badge/conventional%20commits-1.0.0-yellow.svg)](https://conventionalcommits.org) [![semantic versioning](https://img.shields.io/badge/semantic%20versioning-2.0.0-green.svg)](https://semver.org) +## [1.0.3](https://github.com/wearefrank/ci-cd-templates/compare/v1.0.2...v1.0.3) (2024-07-15) + +### 🤖 Build System + +* **dependencies:** bump the github-actions group across 1 directory with 8 updates ([#11](https://github.com/wearefrank/ci-cd-templates/issues/11)) ([4a55871](https://github.com/wearefrank/ci-cd-templates/commit/4a5587101272cc6403df96c3d58468aad81cacb5)) + ## [1.0.2](https://github.com/wearefrank/ci-cd-templates/compare/v1.0.1...v1.0.2) (2024-07-01) ### 🤖 Build System