From 2eb6f84f5c79464253a4147b492ab7e8bc901519 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 19 Aug 2022 09:11:36 -0300 Subject: [PATCH] chore(deps): bump actions/checkout from 3 to 3.0.2 (#3323) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps actions/checkout from 3 to 3.0.2. Release notes Sourced from actions/checkout's releases. v3.0.2 What's Changed Add set-safe-directory input to allow customers to take control. by @​TingluoHuang in actions/checkout#770 Prepare changelog for v3.0.2. by @​TingluoHuang in actions/checkout#777 Full Changelog: actions/checkout@v3...v3.0.2 v3.0.1 Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory Bumped various npm package versions Changelog Sourced from actions/checkout's changelog. Changelog v3.0.2 Add input set-safe-directory v3.0.1 Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory Bumped various npm package versions v3.0.0 Update to node 16 v2.3.1 Fix default branch resolution for .wiki and when using SSH v2.3.0 Fallback to the default branch v2.2.0 Fetch all history for all tags and branches when fetch-depth=0 v2.1.1 Changes to support GHES (here and here) v2.1.0 Group output Changes to support GHES alpha release Persist core.sshCommand for submodules Add support ssh Convert submodule SSH URL to HTTPS, when not using SSH Add submodule support Follow proxy settings Fix ref for pr closed event when a pr is merged Fix issue checking detached when git less than 2.22 v2.0.0 Do not pass cred on command line Add input persist-credentials Fallback to REST API to download repo v2 (beta) Improved fetch performance ... (truncated) Commits See full diff in compare view Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase. Dependabot commands and options You can trigger Dependabot actions by commenting on this PR: @dependabot rebase will rebase this PR @dependabot recreate will recreate this PR, overwriting any edits that have been made to it @dependabot merge will merge this PR after your CI passes on it @dependabot squash and merge will squash and merge this PR after your CI passes on it @dependabot cancel merge will cancel a previously requested merge and block automerging @dependabot reopen will reopen this PR if it is closed @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Carlos Alexandro Becker --- .github/workflows/build.yml | 4 ++-- .github/workflows/codeql.yml | 2 +- .github/workflows/depsreview.yaml | 2 +- .github/workflows/docs.yml | 2 +- .github/workflows/generate.yml | 2 +- .github/workflows/gitleaks.yml | 2 +- .github/workflows/grype.yml | 2 +- .github/workflows/lint.yml | 2 +- 8 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c1b289c27..0602ae242 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -25,7 +25,7 @@ jobs: matrix: format: [ deb, rpm, apk ] steps: - - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 + - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3 with: fetch-depth: 0 - uses: arduino/setup-task@ca745e18916de727f841ec824ac20a615f1cddea # v1 @@ -46,7 +46,7 @@ jobs: env: DOCKER_CLI_EXPERIMENTAL: "enabled" steps: - - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 + - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3 with: fetch-depth: 0 - uses: arduino/setup-task@ca745e18916de727f841ec824ac20a615f1cddea # v1 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 08ea19f0d..95373f8b5 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -15,7 +15,7 @@ jobs: contents: read steps: - - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 + - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3 - uses: github/codeql-action/init@2ca79b6fa8d3ec278944088b4aa5f46912db5d63 # v2 - uses: github/codeql-action/autobuild@2ca79b6fa8d3ec278944088b4aa5f46912db5d63 # v2 - uses: github/codeql-action/analyze@2ca79b6fa8d3ec278944088b4aa5f46912db5d63 # v2 diff --git a/.github/workflows/depsreview.yaml b/.github/workflows/depsreview.yaml index 2716756a1..80b8a90c5 100644 --- a/.github/workflows/depsreview.yaml +++ b/.github/workflows/depsreview.yaml @@ -8,7 +8,7 @@ jobs: dependency-review: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3 - uses: actions/dependency-review-action@v2 with: allow-licenses: BSD-2-Clause, BSD-3-Clause, MIT, Apache-2.0, MPL-2.0 diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 594bdc17e..a00893aae 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -17,7 +17,7 @@ jobs: htmltest: runs-on: ubuntu-latest steps: - - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 + - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3 - uses: arduino/setup-task@ca745e18916de727f841ec824ac20a615f1cddea # v1 with: repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml index 694b737ff..f94cc4899 100644 --- a/.github/workflows/generate.yml +++ b/.github/workflows/generate.yml @@ -19,7 +19,7 @@ jobs: contents: write # for stefanzweifel/git-auto-commit-action to push code in repo runs-on: ubuntu-latest steps: - - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 + - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3 with: token: ${{ secrets.GH_PAT }} - uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a # v3 diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml index d06b88252..456035e3c 100644 --- a/.github/workflows/gitleaks.yml +++ b/.github/workflows/gitleaks.yml @@ -13,7 +13,7 @@ jobs: gitleaks: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v1 + - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3 - uses: gitleaks/gitleaks-action@v2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/grype.yml b/.github/workflows/grype.yml index 5ab745ddb..ad8421dcd 100644 --- a/.github/workflows/grype.yml +++ b/.github/workflows/grype.yml @@ -15,7 +15,7 @@ jobs: contents: read steps: - - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 + - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3 - uses: anchore/scan-action@v3 with: path: "." diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index dd3ce21ff..4efdb4dd9 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -20,7 +20,7 @@ jobs: - uses: actions/setup-go@84cbf8094393cdc5fe1fe1671ff2647332956b1a # v3 with: go-version: ~1.19 - - uses: actions/checkout@b0e28b5ac45a892f91e7d036f8200cf5ed489415 # v3 + - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3 - name: golangci-lint uses: golangci/golangci-lint-action@537aa1903e5d359d0b27dbc19ddd22c5087f3fbc # v3 with: