From 756daced048606b6d749c3d09f16bfaa1b1177bf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Jul 2024 18:45:24 +0000 Subject: [PATCH 1/2] Bump the actions-minor group across 1 directory with 6 updates Bumps the actions-minor group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [koalalab-inc/bolt](https://github.com/koalalab-inc/bolt) | `1.3.0` | `1.5.0` | | [actions/setup-node](https://github.com/actions/setup-node) | `4.0.2` | `4.0.3` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.1` | `4.3.4` | | [super-linter/super-linter](https://github.com/super-linter/super-linter) | `6.3.1` | `6.7.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.3.1` | `2.4.0` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.0.4` | `2.0.8` | Updates `koalalab-inc/bolt` from 1.3.0 to 1.5.0 - [Release notes](https://github.com/koalalab-inc/bolt/releases) - [Commits](https://github.com/koalalab-inc/bolt/compare/94e2eb518ebc35c98abf2d0bc96baa86a2b15d7c...7bc45c5036a248828c82447f9bb3fea35fe27c93) Updates `actions/setup-node` from 4.0.2 to 4.0.3 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/60edb5dd545a775178f52524783378180af0d1f8...1e60f620b9541d16bece96c5465dc8ee9832be0b) Updates `actions/upload-artifact` from 4.3.1 to 4.3.4 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/5d5d22a31266ced268874388b861e4b58bb5c2f3...0b2256b8c012f0828dc542b3febcab082c67f72b) Updates `super-linter/super-linter` from 6.3.1 to 6.7.0 - [Release notes](https://github.com/super-linter/super-linter/releases) - [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md) - [Commits](https://github.com/super-linter/super-linter/compare/92e2606383320f72e6129f8a50d8537cf9c84ed6...3fe03abab2eafb293ace16d4a3b07aeabcb3f1a0) Updates `ossf/scorecard-action` from 2.3.1 to 2.4.0 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/0864cf19026789058feabb7e87baa5f140aac736...62b2cac7ed8198b15735ed49ab1e5cf35480ba46) Updates `softprops/action-gh-release` from 2.0.4 to 2.0.8 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/9d7c94cfd0a1f3ed45544c887983e9fa900f0564...c062e08bd532815e2082a85e87e3ef29c3e6d191) --- updated-dependencies: - dependency-name: koalalab-inc/bolt dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-minor - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-minor - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-minor - dependency-name: super-linter/super-linter dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-minor - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-minor - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/check-dist.yml | 6 +++--- .github/workflows/ci.yml | 6 +++--- .github/workflows/linter.yml | 6 +++--- .github/workflows/ossf-scorecard.yml | 2 +- .github/workflows/release.yml | 4 ++-- 5 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/check-dist.yml b/.github/workflows/check-dist.yml index bc1c61b..6c2ee32 100644 --- a/.github/workflows/check-dist.yml +++ b/.github/workflows/check-dist.yml @@ -29,14 +29,14 @@ jobs: steps: - name: Setup Bolt - uses: koalalab-inc/bolt@94e2eb518ebc35c98abf2d0bc96baa86a2b15d7c # koalalab-inc/bolt@v1.3.0 | main + uses: koalalab-inc/bolt@7bc45c5036a248828c82447f9bb3fea35fe27c93 # koalalab-inc/bolt@v1.3.0 | main - name: Checkout id: checkout uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # actions/checkout@v4 | 1567,v4.1.2 - name: Setup Node.js id: setup-node - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # actions/setup-node@v4 | v4.0.2 + uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # actions/setup-node@v4 | v4.0.3 with: node-version-file: .node-version cache: npm @@ -64,7 +64,7 @@ jobs: - if: ${{ failure() && steps.diff.outcome == 'failure' }} name: Upload Artifact id: upload - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # actions/upload-artifact@v4 | v4.3.1 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # actions/upload-artifact@v4 | v4.3.4 with: name: dist path: dist/ diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 292323e..0906417 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,14 +16,14 @@ jobs: steps: - name: Setup Bolt - uses: koalalab-inc/bolt@94e2eb518ebc35c98abf2d0bc96baa86a2b15d7c # koalalab-inc/bolt@v1.3.0 | main + uses: koalalab-inc/bolt@7bc45c5036a248828c82447f9bb3fea35fe27c93 # koalalab-inc/bolt@v1.3.0 | main - name: Checkout id: checkout uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # actions/checkout@v4 | 1567,v4.1.2 - name: Setup Node.js id: setup-node - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # actions/setup-node@v4 | v4.0.2 + uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # actions/setup-node@v4 | v4.0.3 with: node-version-file: .node-version cache: npm @@ -50,7 +50,7 @@ jobs: steps: - name: Setup Bolt - uses: koalalab-inc/bolt@94e2eb518ebc35c98abf2d0bc96baa86a2b15d7c # koalalab-inc/bolt@v1.3.0 | main + uses: koalalab-inc/bolt@7bc45c5036a248828c82447f9bb3fea35fe27c93 # koalalab-inc/bolt@v1.3.0 | main - name: Checkout id: checkout uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # actions/checkout@v4 | 1567,v4.1.2 diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 084b2b5..542793c 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -18,7 +18,7 @@ jobs: steps: - name: Setup Bolt - uses: koalalab-inc/bolt@94e2eb518ebc35c98abf2d0bc96baa86a2b15d7c # koalalab-inc/bolt@v1.3.0 | main + uses: koalalab-inc/bolt@7bc45c5036a248828c82447f9bb3fea35fe27c93 # koalalab-inc/bolt@v1.3.0 | main - name: Checkout id: checkout uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # actions/checkout@v4 | 1567,v4.1.2 @@ -27,7 +27,7 @@ jobs: - name: Setup Node.js id: setup-node - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # actions/setup-node@v4 | v4.0.2 + uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # actions/setup-node@v4 | v4.0.3 with: node-version-file: .node-version cache: npm @@ -38,7 +38,7 @@ jobs: - name: Lint Codebase id: super-linter - uses: super-linter/super-linter/slim@92e2606383320f72e6129f8a50d8537cf9c84ed6 # super-linter/super-linter/slim@v6 + uses: super-linter/super-linter/slim@3fe03abab2eafb293ace16d4a3b07aeabcb3f1a0 # super-linter/super-linter/slim@v6 env: DEFAULT_BRANCH: main FILTER_REGEX_EXCLUDE: dist/**/* diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index 1070608..63dc84e 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -33,7 +33,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 + uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 with: results_file: results.sarif results_format: sarif diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8cbc2e7..dd6119f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,7 +18,7 @@ jobs: arch: x86_64 steps: - name: Setup Bolt - uses: koalalab-inc/bolt@94e2eb518ebc35c98abf2d0bc96baa86a2b15d7c # koalalab-inc/bolt@v1.3.0 | main + uses: koalalab-inc/bolt@7bc45c5036a248828c82447f9bb3fea35fe27c93 # koalalab-inc/bolt@v1.3.0 | main - name: Checkout uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # actions/checkout@v4 | 1567,v4.1.2 - name: Get release version @@ -44,7 +44,7 @@ jobs: rm -rf mitmproxy bolt rm mitmproxy-10.2.2-linux-x86_64.tar.gz - name: Release - uses: softprops/action-gh-release@9d7c94cfd0a1f3ed45544c887983e9fa900f0564 # softprops/action-gh-release@v2 + uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # softprops/action-gh-release@v2 with: files: bolt-${{ env.tag }}-${{ env.os }}-${{ env.arch }}.tar.gz tag_name: ${{ env.tag }} From 081cf950425748ea90462378e48b7907fa0eeea9 Mon Sep 17 00:00:00 2001 From: Abhishek Anand Date: Tue, 30 Jul 2024 14:13:00 +0530 Subject: [PATCH 2/2] fixed linting issues --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 35a01b3..e3b6134 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ ![Bolt](assets/imgs/bolt-header-dark.png) -## Secure GitHub actions with 1 line of code +## Secure GitHub Actions with 1 line of code Add this step to jobs in your GitHub workflow file(s) to secure your runner: ```yaml - name: Setup Bolt