From b9d034ce792de7e38a59d041b0fc26f147c85748 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 1 Jun 2024 09:38:15 +0000 Subject: [PATCH] Bump actions/checkout from 4.1.4 to 4.1.6 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.4 to 4.1.6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/0ad4b8fadaa221de15dcec353f45205ec38ea70b...a5ac7e51b41094c92402da3b24376905380afc29) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/actionlint.yml | 2 +- .github/workflows/analysis.yml | 6 +++--- .github/workflows/benchmarks.yml | 2 +- .github/workflows/build.yml | 8 ++++---- .github/workflows/codacy.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/dependency-check.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/dependency-submission-pr-submit.yml | 2 +- .github/workflows/dependency-submission.yml | 2 +- .github/workflows/devskim.yml | 2 +- .github/workflows/examples.yml | 2 +- .github/workflows/gitleaks.yml | 2 +- .github/workflows/gradle-wrapper-validation.yml | 2 +- .github/workflows/qodana.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/scorecards-analysis.yml | 2 +- .github/workflows/semgrep.yml | 2 +- .github/workflows/snyk.yml | 2 +- .github/workflows/spelling.yml | 4 ++-- .github/workflows/trivy.yml | 2 +- 21 files changed, 27 insertions(+), 27 deletions(-) diff --git a/.github/workflows/actionlint.yml b/.github/workflows/actionlint.yml index edbdc11f64..72795bccb2 100644 --- a/.github/workflows/actionlint.yml +++ b/.github/workflows/actionlint.yml @@ -14,7 +14,7 @@ jobs: allowed-endpoints: > api.github.com:443 github.com:443 - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: actionlint uses: reviewdog/action-actionlint@89a03f6ba8c0a9fd238e82c075ffb34b86e40291 # v1.46.0 env: diff --git a/.github/workflows/analysis.yml b/.github/workflows/analysis.yml index 2dbbc248c2..54735e9a92 100644 --- a/.github/workflows/analysis.yml +++ b/.github/workflows/analysis.yml @@ -31,7 +31,7 @@ jobs: disable-sudo: true egress-policy: block allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }} - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Forbidden Apis uses: ./.github/actions/run-gradle with: @@ -49,7 +49,7 @@ jobs: disable-sudo: true egress-policy: block allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }} - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Pmd uses: ./.github/actions/run-gradle with: @@ -67,7 +67,7 @@ jobs: disable-sudo: true egress-policy: block allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }} - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Spotbugs uses: ./.github/actions/run-gradle with: diff --git a/.github/workflows/benchmarks.yml b/.github/workflows/benchmarks.yml index fade092a22..a78a4ae8be 100644 --- a/.github/workflows/benchmarks.yml +++ b/.github/workflows/benchmarks.yml @@ -39,7 +39,7 @@ jobs: raw.githubusercontent.com:443 services.gradle.org:443 www.graalvm.org:443 - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Compute JMH Benchmark uses: ./.github/actions/run-gradle with: diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 3bd5dc75f5..a3a9c4b73c 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -59,7 +59,7 @@ jobs: egress-policy: block allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }} - name: Checkout - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Prepare GraalVM if: env.JAVA_VERSION == 'GraalVM' shell: bash @@ -176,7 +176,7 @@ jobs: egress-policy: block allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }} - name: Checkout - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Run tests (${{ env.JAVA_VERSION }}) uses: ./.github/actions/run-gradle with: @@ -231,7 +231,7 @@ jobs: storage.googleapis.com:443 uploader.codecov.io:443 - name: Checkout - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: fetch-depth: 0 - name: Download Tests Results @@ -342,7 +342,7 @@ jobs: errorprone.info:443 lightbend.github.io:443 guava.dev:443 - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Publish Snapshot uses: ./.github/actions/run-gradle env: diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml index 7b3e4f91a1..234fb2d0b5 100644 --- a/.github/workflows/codacy.yml +++ b/.github/workflows/codacy.yml @@ -29,7 +29,7 @@ jobs: registry-1.docker.io:443 *.blob.core.windows.net:443 - name: Checkout code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Run Codacy Analysis uses: codacy/codacy-analysis-cli-action@master continue-on-error: true diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 8a8e513e60..c9866d5970 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -50,7 +50,7 @@ jobs: uploads.github.com:443 services.gradle.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Setup Gradle uses: ./.github/actions/run-gradle with: diff --git a/.github/workflows/dependency-check.yml b/.github/workflows/dependency-check.yml index b5754d73f8..d824396d85 100644 --- a/.github/workflows/dependency-check.yml +++ b/.github/workflows/dependency-check.yml @@ -42,7 +42,7 @@ jobs: raw.githubusercontent.com:443 services.gradle.org:443 www.cisa.gov:443 - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Run dependency-check uses: ./.github/actions/run-gradle continue-on-error: true diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index e757dcf785..a6e03551b3 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -19,7 +19,7 @@ jobs: api.github.com:443 github.com:443 - name: Checkout Repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Dependency Review uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2 with: diff --git a/.github/workflows/dependency-submission-pr-submit.yml b/.github/workflows/dependency-submission-pr-submit.yml index 8ec41d7873..5eeb81d994 100644 --- a/.github/workflows/dependency-submission-pr-submit.yml +++ b/.github/workflows/dependency-submission-pr-submit.yml @@ -31,7 +31,7 @@ jobs: repo.maven.apache.org:443 repo1.maven.org:443 services.gradle.org:443 - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Set up JDK ${{ env.JAVA_VERSION }} uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1 with: diff --git a/.github/workflows/dependency-submission.yml b/.github/workflows/dependency-submission.yml index 6b4916e40e..710521c40a 100644 --- a/.github/workflows/dependency-submission.yml +++ b/.github/workflows/dependency-submission.yml @@ -31,7 +31,7 @@ jobs: repo.maven.apache.org:443 repo1.maven.org:443 services.gradle.org:443 - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Set up JDK ${{ env.JAVA_VERSION }} uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1 with: diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml index 56ad105b5a..e2460eb1f5 100644 --- a/.github/workflows/devskim.yml +++ b/.github/workflows/devskim.yml @@ -27,7 +27,7 @@ jobs: api.github.com:443 github.com:443 - name: Checkout code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Run DevSkim scanner uses: microsoft/DevSkim-Action@914fa647b406c387000300b2f09bb28691be2b6d # v1.0.14 - name: Upload DevSkim scan results to GitHub Security tab diff --git a/.github/workflows/examples.yml b/.github/workflows/examples.yml index 455f448c4b..a391609f62 100644 --- a/.github/workflows/examples.yml +++ b/.github/workflows/examples.yml @@ -32,7 +32,7 @@ jobs: repo1.maven.org:443 services.gradle.org:443 www.graalvm.org:443 - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Set up JDK ${{ env.JAVA_VERSION }} uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1 with: diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml index ac80d7b39e..a7553edc7b 100644 --- a/.github/workflows/gitleaks.yml +++ b/.github/workflows/gitleaks.yml @@ -23,7 +23,7 @@ jobs: egress-policy: block allowed-endpoints: ${{ env.ALLOWED_ENDPOINTS }} - name: Checkout - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: fetch-depth: 0 - name: Run gitleaks diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml index 39dba82894..ead1e045a8 100644 --- a/.github/workflows/gradle-wrapper-validation.yml +++ b/.github/workflows/gradle-wrapper-validation.yml @@ -17,5 +17,5 @@ jobs: downloads.gradle-dn.com:443 github.com:443 services.gradle.org:443 - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - uses: gradle/actions/wrapper-validation@db19848a5fa7950289d3668fb053140cf3028d43 # v3.3.2 diff --git a/.github/workflows/qodana.yml b/.github/workflows/qodana.yml index 04bccd4727..adc24184df 100644 --- a/.github/workflows/qodana.yml +++ b/.github/workflows/qodana.yml @@ -55,7 +55,7 @@ jobs: resources.jetbrains.com:443 services.gradle.org:443 - name: Checkout - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Build uses: ./.github/actions/run-gradle with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b90fb35bf7..7b2bef9951 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,7 +18,7 @@ jobs: with: disable-sudo: true egress-policy: audit - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Releasing uses: ./.github/actions/run-gradle env: diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index 735c96d9d2..992f5ed523 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -40,7 +40,7 @@ jobs: tuf-repo-cdn.sigstore.dev:443 www.bestpractices.dev:443 - name: Checkout code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: persist-credentials: false - name: Run analysis diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 1e02721c8c..9cdfe3fd9c 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -17,7 +17,7 @@ jobs: # Incompatible with Harden Runner image: returntocorp/semgrep steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - run: semgrep scan --sarif --output=results.sarif env: SEMGREP_RULES: >- diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml index e632bf0bac..990c79f2c4 100644 --- a/.github/workflows/snyk.yml +++ b/.github/workflows/snyk.yml @@ -37,7 +37,7 @@ jobs: repo.maven.apache.org:443 repo1.maven.org:443 services.gradle.org:443 - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Run Snyk test uses: snyk/actions/gradle-jdk17@master continue-on-error: true diff --git a/.github/workflows/spelling.yml b/.github/workflows/spelling.yml index a8a06627bf..e532c2ce81 100644 --- a/.github/workflows/spelling.yml +++ b/.github/workflows/spelling.yml @@ -14,7 +14,7 @@ jobs: allowed-endpoints: > api.github.com:443 github.com:443 - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Misspell uses: reviewdog/action-misspell@5bd7be2fc7ae56a517184f5c4bbcf2fd7afe3927 # v1.17.0 with: @@ -32,6 +32,6 @@ jobs: allowed-endpoints: > github.com:443 objects.githubusercontent.com:443 - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Typos uses: crate-ci/typos@d503507db9c5d116c79135435b149cd0f27d726e # v1.21.0 diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 9df05816c9..913029526f 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -21,7 +21,7 @@ jobs: ghcr.io:443 github.com:443 pkg-containers.githubusercontent.com:443 - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # v0.20.0 with: