From 1e6eeae47d1cf76855d6bafe2bdbf28fbe614671 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 2 Mar 2022 11:08:11 +0000 Subject: [PATCH 1/2] Bump actions/checkout from 2.4.0 to 3 Bumps [actions/checkout](https://github.com/actions/checkout) from 2.4.0 to 3. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/ec3a7ce113134d7a93b817d10a8272cb61118579...a12a3943b4bdde767164f792f33f40b04645d846) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yml | 2 +- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/main.yml | 6 +++--- .github/workflows/scorecard_action.yml | 2 +- .github/workflows/validate-release.yml | 2 +- .github/workflows/verify.yml | 4 ++-- 6 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 49fea40d9..d44f2adda 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -34,7 +34,7 @@ jobs: contents: read steps: - - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 - uses: sigstore/cosign-installer@179e0f15e70e22ca2e7254fc12d68a9fbab35614 # v2.0.1 - name: Extract version of Go to use diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 986c19e71..3b405f8ae 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -39,7 +39,7 @@ jobs: language: [ 'go' ] steps: - name: Checkout repository - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 37152754f..d894da876 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -29,7 +29,7 @@ jobs: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 @@ -49,7 +49,7 @@ jobs: container-build: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 @@ -70,7 +70,7 @@ jobs: steps: - name: download minisign run: sudo add-apt-repository ppa:dysfunctionalprogramming/minisign && sudo apt-get update && sudo apt-get install minisign - - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 - name: Docker Build run: docker-compose build - name: Extract version of Go to use diff --git a/.github/workflows/scorecard_action.yml b/.github/workflows/scorecard_action.yml index 1990ca63d..01877ad9c 100644 --- a/.github/workflows/scorecard_action.yml +++ b/.github/workflows/scorecard_action.yml @@ -23,7 +23,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 with: persist-credentials: false diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 2e983f43a..2641899b3 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -43,7 +43,7 @@ jobs: COSIGN_IMAGE: gcr.io/projectsigstore/cosign:v1.5.1@sha256:6247b2e693b0e6a62dcfa75eb46b698c1f4cd1aca36aaefafd4bbb2f2b2af717 steps: - - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml index 9c2b03495..14c68328f 100644 --- a/.github/workflows/verify.yml +++ b/.github/workflows/verify.yml @@ -25,7 +25,7 @@ jobs: name: license boilerplate check runs-on: ubuntu-latest steps: - - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 @@ -43,7 +43,7 @@ jobs: name: lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 From d9a61ac1f60d999f27d1f0f0efbc0ad4e46096c6 Mon Sep 17 00:00:00 2001 From: cpanato Date: Wed, 2 Mar 2022 13:08:24 +0100 Subject: [PATCH 2/2] update version comment Signed-off-by: cpanato --- .github/workflows/build.yml | 2 +- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/main.yml | 6 +++--- .github/workflows/scorecard_action.yml | 2 +- .github/workflows/validate-release.yml | 2 +- .github/workflows/verify.yml | 4 ++-- 6 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index d44f2adda..d4d4d7d10 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -34,7 +34,7 @@ jobs: contents: read steps: - - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 - uses: sigstore/cosign-installer@179e0f15e70e22ca2e7254fc12d68a9fbab35614 # v2.0.1 - name: Extract version of Go to use diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 3b405f8ae..b959a8a39 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -39,7 +39,7 @@ jobs: language: [ 'go' ] steps: - name: Checkout repository - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index d894da876..e9795f8e9 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -29,7 +29,7 @@ jobs: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 @@ -49,7 +49,7 @@ jobs: container-build: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 @@ -70,7 +70,7 @@ jobs: steps: - name: download minisign run: sudo add-apt-repository ppa:dysfunctionalprogramming/minisign && sudo apt-get update && sudo apt-get install minisign - - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 - name: Docker Build run: docker-compose build - name: Extract version of Go to use diff --git a/.github/workflows/scorecard_action.yml b/.github/workflows/scorecard_action.yml index 01877ad9c..8221ef73e 100644 --- a/.github/workflows/scorecard_action.yml +++ b/.github/workflows/scorecard_action.yml @@ -23,7 +23,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 with: persist-credentials: false diff --git a/.github/workflows/validate-release.yml b/.github/workflows/validate-release.yml index 2641899b3..1ba9458b6 100644 --- a/.github/workflows/validate-release.yml +++ b/.github/workflows/validate-release.yml @@ -43,7 +43,7 @@ jobs: COSIGN_IMAGE: gcr.io/projectsigstore/cosign:v1.5.1@sha256:6247b2e693b0e6a62dcfa75eb46b698c1f4cd1aca36aaefafd4bbb2f2b2af717 steps: - - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 diff --git a/.github/workflows/verify.yml b/.github/workflows/verify.yml index 14c68328f..5004c4223 100644 --- a/.github/workflows/verify.yml +++ b/.github/workflows/verify.yml @@ -25,7 +25,7 @@ jobs: name: license boilerplate check runs-on: ubuntu-latest steps: - - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0 @@ -43,7 +43,7 @@ jobs: name: lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v2.4.0 + - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3 - name: Extract version of Go to use run: echo "GOVERSION=$(cat Dockerfile|grep golang | awk ' { print $2 } ' | cut -d '@' -f 1 | cut -d ':' -f 2 | uniq)" >> $GITHUB_ENV - uses: actions/setup-go@f6164bd8c8acb4a71fb2791a8b6c4024ff038dab # v3.0.0