From 43e2b3bf6914536cd5f5411770cd2b5a41dc77af Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 13 Dec 2022 09:44:45 -0300
Subject: [PATCH] chore(deps): bump actions/checkout from 3.1.0 to 3.2.0
(#3636)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.1.0
to 3.2.0.
Release notes
Sourced from actions/checkout's
releases.
v3.2.0
What's Changed
New Contributors
Full Changelog: https://github.com/actions/checkout/compare/v3...v3.2.0
Commits
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
.github/workflows/build.yml | 2 +-
.github/workflows/codeql.yml | 2 +-
.github/workflows/depsreview.yaml | 2 +-
.github/workflows/docs.yml | 2 +-
.github/workflows/fig.yml | 2 +-
.github/workflows/generate.yml | 2 +-
.github/workflows/gitleaks.yml | 2 +-
.github/workflows/grype.yml | 2 +-
.github/workflows/lint.yml | 2 +-
.github/workflows/release.yml | 4 ++--
10 files changed, 11 insertions(+), 11 deletions(-)
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 0edaaa27c..37c97c73a 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -34,7 +34,7 @@ jobs:
env:
DOCKER_CLI_EXPERIMENTAL: "enabled"
steps:
- - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3
+ - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
with:
fetch-depth: 0
- uses: arduino/setup-task@d665c6beebae46ff3f699d7b2fd3f1959de7153c # v1
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 60d9b2f12..bc64b38f9 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -15,7 +15,7 @@ jobs:
contents: read
steps:
- - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3
+ - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
- uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 # v3
with:
go-version: '>=1.19.3'
diff --git a/.github/workflows/depsreview.yaml b/.github/workflows/depsreview.yaml
index 68fb1d17a..23715ee12 100644
--- a/.github/workflows/depsreview.yaml
+++ b/.github/workflows/depsreview.yaml
@@ -8,7 +8,7 @@ jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3
+ - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
- uses: actions/dependency-review-action@v3
with:
allow-licenses: BSD-2-Clause, BSD-3-Clause, MIT, Apache-2.0, MPL-2.0
diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
index 592f85b61..99b80dcab 100644
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@@ -17,7 +17,7 @@ jobs:
htmltest:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3
+ - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
- uses: arduino/setup-task@d665c6beebae46ff3f699d7b2fd3f1959de7153c # v1
with:
repo-token: ${{ secrets.GITHUB_TOKEN }}
diff --git a/.github/workflows/fig.yml b/.github/workflows/fig.yml
index 99abbb923..c9c1b0ed8 100644
--- a/.github/workflows/fig.yml
+++ b/.github/workflows/fig.yml
@@ -13,7 +13,7 @@ jobs:
fig:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3
+ - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
- uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 # v3
with:
go-version: '>=1.19.3'
diff --git a/.github/workflows/generate.yml b/.github/workflows/generate.yml
index da59966dd..1c5a63e7b 100644
--- a/.github/workflows/generate.yml
+++ b/.github/workflows/generate.yml
@@ -19,7 +19,7 @@ jobs:
contents: write # for stefanzweifel/git-auto-commit-action to push code in repo
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3
+ - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
with:
token: ${{ secrets.GH_PAT }}
- uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 # v3
diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml
index aab78969c..01c4998db 100644
--- a/.github/workflows/gitleaks.yml
+++ b/.github/workflows/gitleaks.yml
@@ -14,7 +14,7 @@ jobs:
gitleaks:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3
+ - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
with:
fetch-depth: 0
- uses: gitleaks/gitleaks-action@v2
diff --git a/.github/workflows/grype.yml b/.github/workflows/grype.yml
index 03064c836..d4024e530 100644
--- a/.github/workflows/grype.yml
+++ b/.github/workflows/grype.yml
@@ -17,7 +17,7 @@ jobs:
contents: read
steps:
- - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3
+ - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
- uses: anchore/scan-action@v3
with:
path: "."
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index d258f01d8..88035018b 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -20,7 +20,7 @@ jobs:
- uses: actions/setup-go@d0a58c1c4d2b25278816e339b944508c875f3613 # v3
with:
go-version: '>=1.19.3'
- - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3
+ - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
- name: golangci-lint
uses: golangci/golangci-lint-action@0ad9a0988b3973e851ab0a07adf248ec2e100376 # v3
with:
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 052c0d934..6055833a4 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -24,7 +24,7 @@ jobs:
matrix:
format: [ deb, rpm, apk ]
steps:
- - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3
+ - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
with:
fetch-depth: 0
- uses: arduino/setup-task@d665c6beebae46ff3f699d7b2fd3f1959de7153c # v1
@@ -45,7 +45,7 @@ jobs:
env:
DOCKER_CLI_EXPERIMENTAL: "enabled"
steps:
- - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3
+ - uses: actions/checkout@755da8c3cf115ac066823e79a1e1788f8940201b # v3
with:
fetch-depth: 0
- uses: arduino/setup-task@d665c6beebae46ff3f699d7b2fd3f1959de7153c # v1