From e47f82d60a6cf82fe5e157750f6929304e65450a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 11 Feb 2024 08:03:53 +0000 Subject: [PATCH] Bump the ci group with 6 updates Bumps the ci group with 6 updates: | Package | From | To | | --- | --- | --- | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `3` | `4` | | [8BitJonny/gh-get-current-pr](https://github.com/8bitjonny/gh-get-current-pr) | `2.2.0` | `3.0.0` | | [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) | `5` | `6` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.15.4` | `0.15.8` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.3.0` | `3.4.0` | | [peter-evans/repository-dispatch](https://github.com/peter-evans/repository-dispatch) | `2` | `3` | Updates `codecov/codecov-action` from 3 to 4 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v3...v4) Updates `8BitJonny/gh-get-current-pr` from 2.2.0 to 3.0.0 - [Release notes](https://github.com/8bitjonny/gh-get-current-pr/releases) - [Commits](https://github.com/8bitjonny/gh-get-current-pr/compare/2.2.0...3.0.0) Updates `release-drafter/release-drafter` from 5 to 6 - [Release notes](https://github.com/release-drafter/release-drafter/releases) - [Commits](https://github.com/release-drafter/release-drafter/compare/v5...v6) Updates `anchore/sbom-action` from 0.15.4 to 0.15.8 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](https://github.com/anchore/sbom-action/compare/41f7a6c033dbcdf78917f23b652c8b8146298c85...b6a39da80722a2cb0ef5d197531764a89b5d48c3) Updates `sigstore/cosign-installer` from 3.3.0 to 3.4.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/v3.3.0...v3.4.0) Updates `peter-evans/repository-dispatch` from 2 to 3 - [Release notes](https://github.com/peter-evans/repository-dispatch/releases) - [Commits](https://github.com/peter-evans/repository-dispatch/compare/v2...v3) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci - dependency-name: 8BitJonny/gh-get-current-pr dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci - dependency-name: release-drafter/release-drafter dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: peter-evans/repository-dispatch dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci ... Signed-off-by: dependabot[bot] --- .github/workflows/codecov.yaml | 2 +- .github/workflows/mend_scan.yaml | 2 +- .github/workflows/release-drafter.yaml | 2 +- .github/workflows/release.yaml | 6 +++--- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/codecov.yaml b/.github/workflows/codecov.yaml index bb9db91bd6..7120276aee 100644 --- a/.github/workflows/codecov.yaml +++ b/.github/workflows/codecov.yaml @@ -8,6 +8,6 @@ jobs: runs-on: ubuntu-latest steps: - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@v3 + uses: codecov/codecov-action@v4 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/mend_scan.yaml b/.github/workflows/mend_scan.yaml index 499c66cc83..ef990a9505 100644 --- a/.github/workflows/mend_scan.yaml +++ b/.github/workflows/mend_scan.yaml @@ -174,7 +174,7 @@ jobs: fi - name: Check if PR exists - uses: 8BitJonny/gh-get-current-pr@2.2.0 + uses: 8BitJonny/gh-get-current-pr@3.0.0 id: pr_exists with: filterOutClosed: true diff --git a/.github/workflows/release-drafter.yaml b/.github/workflows/release-drafter.yaml index 0f91170199..61b592d2d0 100644 --- a/.github/workflows/release-drafter.yaml +++ b/.github/workflows/release-drafter.yaml @@ -33,7 +33,7 @@ jobs: echo "RELEASE_VERSION=$RELEASE_VERSION" >> $GITHUB_ENV - name: Drafter - uses: release-drafter/release-drafter@v5 + uses: release-drafter/release-drafter@v6 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 1e0b8be95e..e33ec08358 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -140,10 +140,10 @@ jobs: go-version-file: '${{ github.workspace }}/go.mod' - name: Setup Syft - uses: anchore/sbom-action/download-syft@41f7a6c033dbcdf78917f23b652c8b8146298c85 # v0.15.4 + uses: anchore/sbom-action/download-syft@b6a39da80722a2cb0ef5d197531764a89b5d48c3 # v0.15.8 - name: Setup Cosign - uses: sigstore/cosign-installer@v3.3.0 + uses: sigstore/cosign-installer@v3.4.0 - name: Setup git config run: | @@ -262,7 +262,7 @@ jobs: - name: Publish Release Event if: inputs.release_candidate == false - uses: peter-evans/repository-dispatch@v2 + uses: peter-evans/repository-dispatch@v3 with: token: ${{ steps.generate_token.outputs.token }} repository: open-component-model/ocm-website