Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): update github-actions #180

Merged
merged 1 commit into from
Jul 5, 2024
Merged

chore(deps): update github-actions #180

merged 1 commit into from
Jul 5, 2024

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Jul 1, 2024

Mend Renovate

This PR contains the following updates:

Package Type Update Change
actions/checkout action patch v4.1.6 -> v4.1.7
amannn/action-semantic-pull-request action digest e9fabac -> 0723387
github/codeql-action action patch v3.25.7 -> v3.25.11
miracum/.github action minor v1.9.1 -> v1.10.2

Release Notes

actions/checkout (actions/checkout)

v4.1.7

Compare Source

github/codeql-action (github/codeql-action)

v3.25.11

Compare Source

v3.25.10

Compare Source

v3.25.9

Compare Source

v3.25.8

Compare Source

miracum/.github (miracum/.github)

v1.10.2

Compare Source

Bug Fixes

v1.10.1

Compare Source

CI/CD
Miscellaneous Chores

v1.10.0

Compare Source

Features

v1.9.2

Compare Source

Miscellaneous Chores

Configuration

📅 Schedule: Branch creation - "every 3 months on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate. View repository job log here.

@github-actions GitHub Actions
Copy link

github-actions bot commented Jul 1, 2024
edited
Loading

🦙 MegaLinter status: ✅ SUCCESS

Descriptor Linter Files Fixed Errors Elapsed time
✅ ACTION actionlint 5 0 0.08s
✅ BASH bash-exec 2 0 0.05s
✅ BASH shellcheck 2 0 0.03s
✅ BASH shfmt 2 0 0.03s
✅ DOCKERFILE hadolint 2 0 0.25s
✅ JSON jsonlint 17 0 0.45s
✅ JSON npm-package-json-lint yes no 0.6s
✅ JSON prettier 17 0 1.66s
✅ MARKDOWN markdownlint 3 0 0.59s
✅ PYTHON bandit 31 0 2.33s
✅ PYTHON black 31 0 2.56s
✅ PYTHON flake8 31 0 1.38s
✅ PYTHON isort 31 0 0.48s
✅ PYTHON mypy 31 0 11.02s
✅ PYTHON pyright 31 0 10.94s
✅ PYTHON ruff 31 0 0.02s
✅ REPOSITORY checkov yes no 15.32s
✅ REPOSITORY gitleaks yes no 0.14s
✅ REPOSITORY git_diff yes no 0.01s
✅ REPOSITORY grype yes no 15.27s
✅ REPOSITORY kics yes no 31.64s
✅ REPOSITORY secretlint yes no 0.94s
✅ REPOSITORY syft yes no 0.67s
✅ REPOSITORY trivy yes no 9.74s
✅ REPOSITORY trivy-sbom yes no 5.56s
✅ REPOSITORY trufflehog yes no 6.75s
✅ YAML prettier 15 0 0.95s
✅ YAML yamllint 15 0 0.63s

See detailed report in MegaLinter reports

You could have same capabilities but better runtime performances if you request a new MegaLinter flavor.

MegaLinter is graciously provided by OX Security

@renovate renovate bot force-pushed the renovate/github-actions branch from 14c53c9 to cd8ba3c Compare July 3, 2024 09:08
@github-actions GitHub Actions
Copy link

github-actions bot commented Jul 3, 2024

Trivy image scan report

ghcr.io/miracum/ahd2fhir:pr-180 (debian 12.5)

25 known vulnerabilities found (CRITICAL: 0 HIGH: 12 MEDIUM: 13 LOW: 0)

Show detailed table of vulnerabilities
Package ID Severity Installed Version Fixed Version
libc6 CVE-2024-2961 HIGH 2.36-9+deb12u4 2.36-9+deb12u6
libc6 CVE-2024-33599 HIGH 2.36-9+deb12u4 2.36-9+deb12u7
libc6 CVE-2024-33600 MEDIUM 2.36-9+deb12u4 2.36-9+deb12u7
libc6 CVE-2024-33601 MEDIUM 2.36-9+deb12u4 2.36-9+deb12u7
libc6 CVE-2024-33602 MEDIUM 2.36-9+deb12u4 2.36-9+deb12u7
libpython3.11-minimal CVE-2023-24329 HIGH 3.11.2-6 3.11.2-6+deb12u2
libpython3.11-minimal CVE-2023-41105 HIGH 3.11.2-6 3.11.2-6+deb12u2
libpython3.11-minimal CVE-2023-6597 HIGH 3.11.2-6 3.11.2-6+deb12u2
libpython3.11-minimal CVE-2023-40217 MEDIUM 3.11.2-6 3.11.2-6+deb12u2
libpython3.11-minimal CVE-2024-0450 MEDIUM 3.11.2-6 3.11.2-6+deb12u2
libpython3.11-stdlib CVE-2023-24329 HIGH 3.11.2-6 3.11.2-6+deb12u2
libpython3.11-stdlib CVE-2023-41105 HIGH 3.11.2-6 3.11.2-6+deb12u2
libpython3.11-stdlib CVE-2023-6597 HIGH 3.11.2-6 3.11.2-6+deb12u2
libpython3.11-stdlib CVE-2023-40217 MEDIUM 3.11.2-6 3.11.2-6+deb12u2
libpython3.11-stdlib CVE-2024-0450 MEDIUM 3.11.2-6 3.11.2-6+deb12u2
libssl3 CVE-2023-5678 MEDIUM 3.0.11-1~deb12u2 3.0.13-1~deb12u1
libssl3 CVE-2023-6129 MEDIUM 3.0.11-1~deb12u2 3.0.13-1~deb12u1
libssl3 CVE-2023-6237 MEDIUM 3.0.11-1~deb12u2 3.0.13-1~deb12u1
libssl3 CVE-2024-0727 MEDIUM 3.0.11-1~deb12u2 3.0.13-1~deb12u1
libuuid1 CVE-2024-28085 HIGH 2.38.1-5+b1 2.38.1-5+deb12u1
python3.11-minimal CVE-2023-24329 HIGH 3.11.2-6 3.11.2-6+deb12u2
python3.11-minimal CVE-2023-41105 HIGH 3.11.2-6 3.11.2-6+deb12u2
python3.11-minimal CVE-2023-6597 HIGH 3.11.2-6 3.11.2-6+deb12u2
python3.11-minimal CVE-2023-40217 MEDIUM 3.11.2-6 3.11.2-6+deb12u2
python3.11-minimal CVE-2024-0450 MEDIUM 3.11.2-6 3.11.2-6+deb12u2

No Misconfigurations found

Python

No Vulnerabilities found

No Misconfigurations found

@chgl chgl merged commit e586b25 into master Jul 5, 2024
13 checks passed
@miracum-bot
Copy link

🎉 This issue has been resolved in version 3.1.9 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@chgl chgl chgl approved these changes

Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@miracum-bot @chgl