From 7361e15356bd2819d09fa612888ca1a7da6426f7 Mon Sep 17 00:00:00 2001 From: Mend Renovate Date: Wed, 10 Jul 2024 04:52:33 +0200 Subject: [PATCH] Update github-actions deps (#5722) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/setup-node](https://togithub.com/actions/setup-node) | action | patch | `v4.0.2` -> `v4.0.3` | | [actions/upload-artifact](https://togithub.com/actions/upload-artifact) | action | patch | `v4.3.3` -> `v4.3.4` | | [anchore/sbom-action](https://togithub.com/anchore/sbom-action) | action | patch | `v0.16.0` -> `v0.16.1` | --- ### Release Notes
actions/setup-node (actions/setup-node) ### [`v4.0.3`](https://togithub.com/actions/setup-node/compare/v4.0.2...v4.0.3) [Compare Source](https://togithub.com/actions/setup-node/compare/v4.0.2...v4.0.3)
actions/upload-artifact (actions/upload-artifact) ### [`v4.3.4`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.4) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.3...v4.3.4) ##### What's Changed - Update [@​actions/artifact](https://togithub.com/actions/artifact) version, bump dependencies by [@​robherley](https://togithub.com/robherley) in [https://github.com/actions/upload-artifact/pull/584](https://togithub.com/actions/upload-artifact/pull/584) **Full Changelog**: https://github.com/actions/upload-artifact/compare/v4.3.3...v4.3.4
anchore/sbom-action (anchore/sbom-action) ### [`v0.16.1`](https://togithub.com/anchore/sbom-action/releases/tag/v0.16.1) [Compare Source](https://togithub.com/anchore/sbom-action/compare/v0.16.0...v0.16.1) #### Changes in v0.16.1 - fix: workaround windows install issue ([#​477](https://togithub.com/anchore/sbom-action/issues/477)) \[[willmurphyscode](https://togithub.com/willmurphyscode)] - fix: allow users to properly use the file input over the default path value ([#​471](https://togithub.com/anchore/sbom-action/issues/471)) \[[komish](https://togithub.com/komish)] - chore(deps): update Syft to v1.5.0 ([#​470](https://togithub.com/anchore/sbom-action/issues/470)) \[[anchore-actions-token-generator](https://togithub.com/anchore-actions-token-generator)] - docs: notes for matrix and required permissions ([#​469](https://togithub.com/anchore/sbom-action/issues/469)) \[[kzantow](https://togithub.com/kzantow)] - chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 ([#​466](https://togithub.com/anchore/sbom-action/issues/466)) \[[dependabot](https://togithub.com/dependabot)]
--- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/jaegertracing/jaeger). Signed-off-by: Mend Renovate --- .github/actions/setup-node.js/action.yml | 2 +- .github/workflows/ci-release-testing.yml | 2 +- .github/workflows/ci-release.yml | 2 +- .github/workflows/scorecard.yml | 2 +- 4 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/actions/setup-node.js/action.yml b/.github/actions/setup-node.js/action.yml index 21344f6c734..389604490ac 100644 --- a/.github/actions/setup-node.js/action.yml +++ b/.github/actions/setup-node.js/action.yml @@ -8,7 +8,7 @@ runs: run: | echo "JAEGER_UI_NODE_JS_VERSION=$(cat jaeger-ui/.nvmrc)" >> ${GITHUB_ENV} - - uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2 + - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: node-version: ${{ env.JAEGER_UI_NODE_JS_VERSION }} cache: 'yarn' diff --git a/.github/workflows/ci-release-testing.yml b/.github/workflows/ci-release-testing.yml index 985485ca055..06c25c10ad4 100644 --- a/.github/workflows/ci-release-testing.yml +++ b/.github/workflows/ci-release-testing.yml @@ -88,7 +88,7 @@ jobs: QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }} - name: Generate SBOM - uses: anchore/sbom-action@e8d2a6937ecead383dfe75190d104edd1f9c5751 # v0.16.0 + uses: anchore/sbom-action@95b086ac308035dc0850b3853be5b7ab108236a8 # v0.16.1 with: output-file: jaeger-SBOM.spdx.json upload-release-assets: false diff --git a/.github/workflows/ci-release.yml b/.github/workflows/ci-release.yml index 8390a918f52..1c79cfd2228 100644 --- a/.github/workflows/ci-release.yml +++ b/.github/workflows/ci-release.yml @@ -112,7 +112,7 @@ jobs: QUAY_TOKEN: ${{ secrets.QUAY_TOKEN }} - name: Generate SBOM - uses: anchore/sbom-action@e8d2a6937ecead383dfe75190d104edd1f9c5751 # v0.16.0 + uses: anchore/sbom-action@95b086ac308035dc0850b3853be5b7ab108236a8 # v0.16.1 with: output-file: jaeger-SBOM.spdx.json upload-release-assets: false diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index d9afd92f2de..611e740f498 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -64,7 +64,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 with: name: SARIF file path: results.sarif