From c6da6113a78b0ee9769e51f39eb02a3263a09edc Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 25 Jul 2024 10:35:17 -0400 Subject: [PATCH] chore(deps): update all non-major github action dependencies (#5) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | minor | `v2` -> `v2.7.0` | | [actions/checkout](https://togithub.com/actions/checkout) | action | minor | `v3` -> `v3.6.0` | | [actions/dependency-review-action](https://togithub.com/actions/dependency-review-action) | action | patch | `v1` -> `v1.0.2` | ### Review - [ ] Updates have been tested and work - [ ] If updates are AWS related, versions match the infrastructure (e.g. Lambda runtime, database, etc.) --- ### Release Notes
actions/checkout (actions/checkout) ### [`v2.7.0`](https://togithub.com/actions/checkout/releases/tag/v2.7.0) [Compare Source](https://togithub.com/actions/checkout/compare/v2.6.0...v2.7.0) ##### What's Changed - Add new public key for known_hosts ([#​1237](https://togithub.com/actions/checkout/issues/1237)) by [@​TingluoHuang](https://togithub.com/TingluoHuang) in [https://github.com/actions/checkout/pull/1238](https://togithub.com/actions/checkout/pull/1238) **Full Changelog**: https://github.com/actions/checkout/compare/v2.6.0...v2.7.0 ### [`v2.6.0`](https://togithub.com/actions/checkout/releases/tag/v2.6.0) [Compare Source](https://togithub.com/actions/checkout/compare/v2.5.0...v2.6.0) #### What's Changed - Add backports to v2 branch by [@​cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1040](https://togithub.com/actions/checkout/pull/1040) - Includes backports from the following changes: [https://github.com/actions/checkout/pull/964](https://togithub.com/actions/checkout/pull/964), [https://github.com/actions/checkout/pull/1002](https://togithub.com/actions/checkout/pull/1002), [https://github.com/actions/checkout/pull/1029](https://togithub.com/actions/checkout/pull/1029) - Upgraded the licensed version to match what is used in v3. **Full Changelog**: https://github.com/actions/checkout/compare/v2.5.0...v2.6.0 ### [`v2.5.0`](https://togithub.com/actions/checkout/releases/tag/v2.5.0) [Compare Source](https://togithub.com/actions/checkout/compare/v2.4.2...v2.5.0) ##### What's Changed - Update [@​actions/core](https://togithub.com/actions/core) to 1.10.0 by [@​rentziass](https://togithub.com/rentziass) in [https://github.com/actions/checkout/pull/962](https://togithub.com/actions/checkout/pull/962) **Full Changelog**: https://github.com/actions/checkout/compare/v2...v2.5.0 ### [`v2.4.2`](https://togithub.com/actions/checkout/releases/tag/v2.4.2) [Compare Source](https://togithub.com/actions/checkout/compare/v2.4.1...v2.4.2) ##### What's Changed - Add set-safe-directory input to allow customers to take control. ([#​770](https://togithub.com/actions/checkout/issues/770)) by [@​TingluoHuang](https://togithub.com/TingluoHuang) in [https://github.com/actions/checkout/pull/776](https://togithub.com/actions/checkout/pull/776) - Prepare changelog for v2.4.2. by [@​TingluoHuang](https://togithub.com/TingluoHuang) in [https://github.com/actions/checkout/pull/778](https://togithub.com/actions/checkout/pull/778) **Full Changelog**: https://github.com/actions/checkout/compare/v2...v2.4.2 ### [`v2.4.1`](https://togithub.com/actions/checkout/releases/tag/v2.4.1) [Compare Source](https://togithub.com/actions/checkout/compare/v2.4.0...v2.4.1) - Fixed an issue where checkout failed to run in container jobs due to the new git setting `safe.directory` ### [`v2.4.0`](https://togithub.com/actions/checkout/releases/tag/v2.4.0) [Compare Source](https://togithub.com/actions/checkout/compare/v2.3.5...v2.4.0) - Convert SSH URLs like `org-@​github.com:` to `https://github.com/` - [pr](https://togithub.com/actions/checkout/pull/621) ### [`v2.3.5`](https://togithub.com/actions/checkout/releases/tag/v2.3.5) [Compare Source](https://togithub.com/actions/checkout/compare/v2.3.4...v2.3.5) Update dependencies ### [`v2.3.4`](https://togithub.com/actions/checkout/releases/tag/v2.3.4) [Compare Source](https://togithub.com/actions/checkout/compare/v2.3.3...v2.3.4) - [Add missing `await`s](https://togithub.com/actions/checkout/pull/379) - [Swap to Environment Files](https://togithub.com/actions/checkout/pull/360) ### [`v2.3.3`](https://togithub.com/actions/checkout/releases/tag/v2.3.3) [Compare Source](https://togithub.com/actions/checkout/compare/v2.3.2...v2.3.3) - [Remove Unneeded commit information from build logs](https://togithub.com/actions/checkout/pull/345) - [Add Licensed to verify third party dependencies](https://togithub.com/actions/checkout/pull/326) ### [`v2.3.2`](https://togithub.com/actions/checkout/releases/tag/v2.3.2) [Compare Source](https://togithub.com/actions/checkout/compare/v2.3.1...v2.3.2) [Add Third Party License Information to Dist Files](https://togithub.com/actions/checkout/pull/320) ### [`v2.3.1`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v231) [Compare Source](https://togithub.com/actions/checkout/compare/v2.3.0...v2.3.1) - [Fix default branch resolution for .wiki and when using SSH](https://togithub.com/actions/checkout/pull/284) ### [`v2.3.0`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v230) [Compare Source](https://togithub.com/actions/checkout/compare/v2.2.0...v2.3.0) - [Fallback to the default branch](https://togithub.com/actions/checkout/pull/278) ### [`v2.2.0`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v220) [Compare Source](https://togithub.com/actions/checkout/compare/v2.1.1...v2.2.0) - [Fetch all history for all tags and branches when fetch-depth=0](https://togithub.com/actions/checkout/pull/258) ### [`v2.1.1`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v211) [Compare Source](https://togithub.com/actions/checkout/compare/v2.1.0...v2.1.1) - Changes to support GHES ([here](https://togithub.com/actions/checkout/pull/236) and [here](https://togithub.com/actions/checkout/pull/248)) ### [`v2.1.0`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v210) [Compare Source](https://togithub.com/actions/checkout/compare/v2.0.0...v2.1.0) - [Group output](https://togithub.com/actions/checkout/pull/191) - [Changes to support GHES alpha release](https://togithub.com/actions/checkout/pull/199) - [Persist core.sshCommand for submodules](https://togithub.com/actions/checkout/pull/184) - [Add support ssh](https://togithub.com/actions/checkout/pull/163) - [Convert submodule SSH URL to HTTPS, when not using SSH](https://togithub.com/actions/checkout/pull/179) - [Add submodule support](https://togithub.com/actions/checkout/pull/157) - [Follow proxy settings](https://togithub.com/actions/checkout/pull/144) - [Fix ref for pr closed event when a pr is merged](https://togithub.com/actions/checkout/pull/141) - [Fix issue checking detached when git less than 2.22](https://togithub.com/actions/checkout/pull/128)
actions/dependency-review-action (actions/dependency-review-action) ### [`v1.0.2`](https://togithub.com/actions/dependency-review-action/releases/tag/v1.0.2): 1.0.2 [Compare Source](https://togithub.com/actions/dependency-review-action/compare/v1.0.1...v1.0.2) - Clarify error messages for private repos - Update NPM dependencies. ### [`v1.0.1`](https://togithub.com/actions/dependency-review-action/releases/tag/v1.0.1) [Compare Source](https://togithub.com/actions/dependency-review-action/compare/v1...v1.0.1) We're starting to use semantic versioning for our project.
--- ### Configuration 📅 **Schedule**: Branch creation - "every weekend" in timezone America/Montreal, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View the [repository job log](https://developer.mend.io/github/cds-snc/forms-api). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/dependency-review.yml | 4 ++-- .github/workflows/shellcheck.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 02384c91..05ab7e4d 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - name: Dependency review - uses: actions/dependency-review-action@v1 \ No newline at end of file + uses: actions/dependency-review-action@a9c83d3af6b9031e20feba03b904645bb23d1dab # v1.0.2 \ No newline at end of file diff --git a/.github/workflows/shellcheck.yml b/.github/workflows/shellcheck.yml index 188ac134..057d3963 100644 --- a/.github/workflows/shellcheck.yml +++ b/.github/workflows/shellcheck.yml @@ -8,7 +8,7 @@ jobs: shellcheck: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0 - name: Shellcheck run: | .github/workflows/scripts/run-shellcheck.sh