From 77ec1cf3cff502d31419e0da3778440bf82203c1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 14 May 2024 10:02:48 +0200 Subject: [PATCH] build(deps): bump actions/checkout from 4.1.1 to 4.1.5 (#314) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/b4ffde65f46336ab88eb53be808477a3936bae11...44c2b7a8a4ea60a981eaca3cf939b5f4305c123b) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 2 +- .github/workflows/checks.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/dependencies.yaml | 2 +- .github/workflows/kics.yml | 2 +- .github/workflows/release-release_candidate.yml | 2 +- .github/workflows/release.yml | 4 ++-- .github/workflows/release_candidate.yml | 2 +- .github/workflows/trivy-main.yml | 4 ++-- .github/workflows/trivy.yml | 4 ++-- 10 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4e8acf8a3..62d8468f6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -41,7 +41,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Dependencies run: yarn diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index a72bdd137..e366bf0e9 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Dependencies run: yarn diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index a00b58771..eede06c74 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -71,7 +71,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/dependencies.yaml b/.github/workflows/dependencies.yaml index 5cc9b5275..c1062cc7c 100644 --- a/.github/workflows/dependencies.yaml +++ b/.github/workflows/dependencies.yaml @@ -40,7 +40,7 @@ jobs: java-version: '17' - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Generate Dependencies file run: java -jar ./scripts/download/org.eclipse.dash.licenses-1.1.1.jar yarn.lock -project automotive.tractusx -summary DEPENDENCIES diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml index 35d8f110b..c1ac1b7a4 100644 --- a/.github/workflows/kics.yml +++ b/.github/workflows/kics.yml @@ -42,7 +42,7 @@ jobs: security-events: write steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: KICS scan uses: checkmarx/kics-github-action@8a44970e3d2eca668be41abe9d4e06709c3b3609 # v1.7.0 diff --git a/.github/workflows/release-release_candidate.yml b/.github/workflows/release-release_candidate.yml index c9e46d9d7..bb955b7a1 100644 --- a/.github/workflows/release-release_candidate.yml +++ b/.github/workflows/release-release_candidate.yml @@ -41,7 +41,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Get npm version id: npm-tag diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0e830e897..8ce88d905 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -42,7 +42,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Get npm version id: npm-tag @@ -128,7 +128,7 @@ jobs: run: echo "RELEASE_VERSION=${{ env.REF_NAME }}" >> $GITHUB_ENV - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Check for hotfix version id: hf-check diff --git a/.github/workflows/release_candidate.yml b/.github/workflows/release_candidate.yml index 5f7b0252e..611233e9b 100644 --- a/.github/workflows/release_candidate.yml +++ b/.github/workflows/release_candidate.yml @@ -41,7 +41,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Install Dependencies run: yarn diff --git a/.github/workflows/trivy-main.yml b/.github/workflows/trivy-main.yml index c590b1e51..ceb995754 100644 --- a/.github/workflows/trivy-main.yml +++ b/.github/workflows/trivy-main.yml @@ -50,7 +50,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Run Trivy vulnerability scanner in repo mode uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # v0.20.0 @@ -76,7 +76,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 # It's also possible to scan your private registry with Trivy's built-in image scan. # All you have to do is set ENV vars. diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 59c422f0a..0c182cf17 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -50,7 +50,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Run Trivy vulnerability scanner in repo mode uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # v0.20.0 @@ -76,7 +76,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 # It's also possible to scan your private registry with Trivy's built-in image scan. # All you have to do is set ENV vars.