From 313ba3875e73d289aa457a0f4f180b39c2bf01fa Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 6 Aug 2024 16:11:45 +0000 Subject: [PATCH] =?UTF-8?q?=F0=9F=93=A6=20Update=20subpackage=20devDepende?= =?UTF-8?q?ncies=20(#40106)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/cross-platform-builds.yml | 4 ++-- .github/workflows/cut-nightly.yml | 4 ++-- .github/workflows/dependency-review.yml | 4 ++-- .github/workflows/release-tagger.yml | 4 ++-- .github/workflows/scorecard.yml | 8 ++++---- .github/workflows/status-page.yml | 4 ++-- .github/workflows/update-session-issues.yml | 2 +- extensions/amp-access/0.1/iframe-api/package.json | 2 +- third_party/amp-toolbox-cache-url/package.json | 10 +++++----- 10 files changed, 24 insertions(+), 24 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index dd4ba24787f1..a986a5014dfa 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -29,7 +29,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -38,12 +38,12 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 + uses: github/codeql-action/init@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 with: config-file: ./.github/codeql/config.yml languages: ${{ matrix.language }} - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 + uses: github/codeql-action/analyze@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 with: category: '/language:${{matrix.language}}' diff --git a/.github/workflows/cross-platform-builds.yml b/.github/workflows/cross-platform-builds.yml index 3c54f2287437..37616b91c8dc 100644 --- a/.github/workflows/cross-platform-builds.yml +++ b/.github/workflows/cross-platform-builds.yml @@ -19,7 +19,7 @@ jobs: runs-on: ${{ matrix.platform }}-latest steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -44,7 +44,7 @@ jobs: environment: create_issue_on_error steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/cut-nightly.yml b/.github/workflows/cut-nightly.yml index f6b597d590d6..f2b852e60651 100644 --- a/.github/workflows/cut-nightly.yml +++ b/.github/workflows/cut-nightly.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -55,7 +55,7 @@ jobs: environment: create_issue_on_error steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 57c165f479dc..5a65e839097b 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -17,11 +17,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: 'Checkout Repository' uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: 'Dependency Review' - uses: actions/dependency-review-action@72eb03d02c7872a771aacd928f3123ac62ad6d3a # v4.3.3 + uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4 diff --git a/.github/workflows/release-tagger.yml b/.github/workflows/release-tagger.yml index 0ff29eb0abdc..006aaa1dd59c 100644 --- a/.github/workflows/release-tagger.yml +++ b/.github/workflows/release-tagger.yml @@ -26,7 +26,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -56,7 +56,7 @@ jobs: environment: create_issue_on_error steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 8b923512c5db..cddc3ebc849b 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -32,7 +32,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -42,7 +42,7 @@ jobs: persist-credentials: false - name: 'Run analysis' - uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3 + uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 with: results_file: results.sarif results_format: sarif @@ -64,7 +64,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: 'Upload artifact' - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: SARIF file path: results.sarif @@ -72,6 +72,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: 'Upload to code-scanning' - uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 + uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 with: sarif_file: results.sarif diff --git a/.github/workflows/status-page.yml b/.github/workflows/status-page.yml index b01baebd9cb5..3dc5a6b9b433 100644 --- a/.github/workflows/status-page.yml +++ b/.github/workflows/status-page.yml @@ -14,7 +14,7 @@ jobs: environment: status_page steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs @@ -52,7 +52,7 @@ jobs: environment: create_issue_on_error steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/.github/workflows/update-session-issues.yml b/.github/workflows/update-session-issues.yml index 056a15affad9..6937f603d929 100644 --- a/.github/workflows/update-session-issues.yml +++ b/.github/workflows/update-session-issues.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs diff --git a/extensions/amp-access/0.1/iframe-api/package.json b/extensions/amp-access/0.1/iframe-api/package.json index 2c00d2ba33cc..b2dec7a92b83 100644 --- a/extensions/amp-access/0.1/iframe-api/package.json +++ b/extensions/amp-access/0.1/iframe-api/package.json @@ -16,7 +16,7 @@ "devDependencies": { "babel-plugin-external-helpers": "6.22.0", "babel-preset-env": "1.7.0", - "rollup": "4.18.1", + "rollup": "4.20.0", "@rollup/plugin-babel": "6.0.4", "rollup-plugin-cleanup": "3.2.1" } diff --git a/third_party/amp-toolbox-cache-url/package.json b/third_party/amp-toolbox-cache-url/package.json index d8f640eff61c..fe75adaff400 100644 --- a/third_party/amp-toolbox-cache-url/package.json +++ b/third_party/amp-toolbox-cache-url/package.json @@ -33,14 +33,14 @@ }, "devDependencies": { "@ampproject/rollup-plugin-closure-compiler": "0.27.0", - "eslint": "9.6.0", + "eslint": "9.8.0", "eslint-config-google": "0.14.0", - "jasmine": "5.1.0", - "karma": "6.4.3", + "jasmine": "5.2.0", + "karma": "6.4.4", "karma-chrome-launcher": "3.2.0", "karma-jasmine": "5.1.0", "npm-run-all2": "6.2.2", - "rollup": "4.18.1", + "rollup": "4.20.0", "rollup-plugin-commonjs": "10.1.0", "rollup-plugin-filesize": "10.0.0", "rollup-plugin-ignore": "1.0.10", @@ -48,6 +48,6 @@ "rollup-plugin-node-builtins": "2.1.2", "@rollup/plugin-node-resolve": "15.2.3", "rollup-plugin-serve": "3.0.0", - "semver": "7.6.2" + "semver": "7.6.3" } }