Skip to content

Commit

Permalink
fix(deps): update all non-major dependencies
Browse files Browse the repository at this point in the history
  • Loading branch information
@we-renovate @stempler
we-renovate[bot] authored and stempler committed Jun 20, 2024
1 parent a9c893a commit 7b16a5f
Show file tree
Hide file tree
Showing 3 changed files with 7 additions and 7 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/gradle-library.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ jobs:
java-version: ${{ inputs.java-version }}

- name: Setup Gradle
uses: gradle/actions/setup-gradle@31ae3562f68c96d481c31bc1a8a55cc1be162f83 # v3.4.1
uses: gradle/actions/setup-gradle@dbbdc275be76ac10734476cc723d82dfe7ec6eda # v3.4.2

- name: Write dependency lockfile for security scan
env:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/gradle-service.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,7 +81,7 @@ jobs:
java-version: ${{ inputs.java-version }}

- name: Setup Gradle
uses: gradle/actions/setup-gradle@31ae3562f68c96d481c31bc1a8a55cc1be162f83 # v3.4.1
uses: gradle/actions/setup-gradle@dbbdc275be76ac10734476cc723d82dfe7ec6eda # v3.4.2

- name: Build and test with Gradle
env:
Expand Down
10 changes: 5 additions & 5 deletions .github/workflows/scan-images.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,7 +55,7 @@ jobs:
docker pull ${{ matrix.image }}
- name: Vulnerability scan
uses: wetransform/gha-trivy@v2
uses: wetransform/gha-trivy@8a8c1ba0444e4f9308ba94f3d004d67aac8cc65f # v2.0.1
with:
image-ref: ${{ matrix.image }}
create-test-report: ${{ inputs.create-test-report }}
Expand All @@ -69,14 +69,14 @@ jobs:
steps:
- name: Merge SBOM artifacts
if: ${{ inputs.remove-individual-artifacts }}
uses: actions/upload-artifact/merge@v4
uses: actions/upload-artifact/merge@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: SBOM (CycloneDX) [all-individual-results]
pattern: SBOM (CycloneDX) * # name used by gha-trivy action
delete-merged: true

- name: Download all SBOM artifacts
uses: actions/download-artifact@v4
uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
path: sboms
pattern: SBOM (CycloneDX) * # name used by gha-trivy action
Expand Down Expand Up @@ -117,15 +117,15 @@ jobs:
cyclonedx-cli convert --input-file merged/sbom.json --output-file merged/sbom.csv --output-format csv
- name: Upload combined SBOMs
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: Merged SBOMs (CycloneDX)
path: merged/
retention-days: ${{ inputs.report-retention-days }}

- name: Merge HTML report artifacts
if: ${{ inputs.remove-individual-artifacts }}
uses: actions/upload-artifact/merge@v4
uses: actions/upload-artifact/merge@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
with:
name: Vulnerability report (HTML)
pattern: Vulnerability report (HTML)* # name used by gha-trivy action
Expand Down

0 comments on commit 7b16a5f

Please sign in to comment.