From 2c50620accd189b0ca2dabff3cf994ef0120145e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Jun 2024 23:42:05 +1000 Subject: [PATCH] Bump the dependencies group with 4 updates (#7462) Bumps the dependencies group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [docker/build-push-action](https://github.com/docker/build-push-action), [codecov/codecov-action](https://github.com/codecov/codecov-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/checkout` from 4.1.6 to 4.1.7 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/a5ac7e51b41094c92402da3b24376905380afc29...692973e3d937129bcbf40652eb9f2f61becf3332) Updates `docker/build-push-action` from 5.4.0 to 6.0.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/ca052bb54ab0790a636c9b5f226502c73d547a25...c382f710d39a5bb4e430307530a720f50c2d3318) Updates `codecov/codecov-action` from 4.4.1 to 4.5.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/125fc84a9a348dbcf27191600683ec096ec9021c...e28ff129e5465c2c0dcc6f003fc735cb6ae0c673) Updates `github/codeql-action` from 3.25.8 to 3.25.10 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/2e230e8fe0ad3a14a340ad0815ddb96d599d2aff...23acc5c183826b7a8a97bce3cecc52db901f8251) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/check_translations.yaml | 2 +- .github/workflows/docker.yaml | 6 ++-- .github/workflows/qc_checks.yaml | 34 +++++++++++------------ .github/workflows/release.yaml | 4 +-- .github/workflows/scorecard.yaml | 4 +-- .github/workflows/translations.yaml | 2 +- 6 files changed, 26 insertions(+), 26 deletions(-) diff --git a/.github/workflows/check_translations.yaml b/.github/workflows/check_translations.yaml index 8ace00f569..3377460f6e 100644 --- a/.github/workflows/check_translations.yaml +++ b/.github/workflows/check_translations.yaml @@ -30,7 +30,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - name: Environment Setup uses: ./.github/actions/setup with: diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index 800574ab30..7e177aa3d6 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -39,7 +39,7 @@ jobs: docker: ${{ steps.filter.outputs.docker }} steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # pin@v3.0.2 id: filter with: @@ -66,7 +66,7 @@ jobs: steps: - name: Check out repo - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - name: Set Up Python ${{ env.python_version }} uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # pin@v5.1.0 with: @@ -165,7 +165,7 @@ jobs: - name: Push Docker Images id: push-docker if: github.event_name != 'pull_request' - uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # pin@v5.4.0 + uses: docker/build-push-action@c382f710d39a5bb4e430307530a720f50c2d3318 # pin@v6.0.0 with: context: . file: ./contrib/container/Dockerfile diff --git a/.github/workflows/qc_checks.yaml b/.github/workflows/qc_checks.yaml index e1ed0a7a0a..3ffba97dd6 100644 --- a/.github/workflows/qc_checks.yaml +++ b/.github/workflows/qc_checks.yaml @@ -40,7 +40,7 @@ jobs: force: ${{ steps.force.outputs.force }} steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # pin@v3.0.2 id: filter with: @@ -72,7 +72,7 @@ jobs: needs: ["pre-commit"] steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - name: Environment Setup uses: ./.github/actions/setup with: @@ -94,7 +94,7 @@ jobs: if: needs.paths-filter.outputs.server == 'true' || needs.paths-filter.outputs.frontend == 'true' || needs.paths-filter.outputs.force == 'true' steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - name: Set up Python ${{ env.python_version }} uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # pin@v5.1.0 with: @@ -115,7 +115,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - name: Set up Python ${{ env.python_version }} uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # pin@v5.1.0 with: @@ -151,7 +151,7 @@ jobs: version: ${{ steps.version.outputs.version }} steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - name: Environment Setup uses: ./.github/actions/setup with: @@ -201,7 +201,7 @@ jobs: version: ${{ needs.schema.outputs.version }} steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: repository: inventree/schema token: ${{ secrets.SCHEMA_PAT }} @@ -238,7 +238,7 @@ jobs: INVENTREE_SITE_URL: http://127.0.0.1:12345 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - name: Environment Setup uses: ./.github/actions/setup with: @@ -279,7 +279,7 @@ jobs: python_version: ${{ matrix.python_version }} steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - name: Environment Setup uses: ./.github/actions/setup with: @@ -295,7 +295,7 @@ jobs: - name: Coverage Tests run: invoke test --coverage - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@125fc84a9a348dbcf27191600683ec096ec9021c # pin@v4.4.1 + uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # pin@v4.5.0 if: always() with: token: ${{ secrets.CODECOV_TOKEN }} @@ -333,7 +333,7 @@ jobs: - 6379:6379 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - name: Environment Setup uses: ./.github/actions/setup with: @@ -377,7 +377,7 @@ jobs: - 3306:3306 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - name: Environment Setup uses: ./.github/actions/setup with: @@ -416,7 +416,7 @@ jobs: - 5432:5432 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - name: Environment Setup uses: ./.github/actions/setup with: @@ -427,7 +427,7 @@ jobs: - name: Run Tests run: invoke test --migrations --report --coverage - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@125fc84a9a348dbcf27191600683ec096ec9021c # pin@v4.4.1 + uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # pin@v4.5.0 if: always() with: token: ${{ secrets.CODECOV_TOKEN }} @@ -447,7 +447,7 @@ jobs: INVENTREE_PLUGINS_ENABLED: false steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 name: Checkout Code - name: Environment Setup uses: ./.github/actions/setup @@ -504,7 +504,7 @@ jobs: VITE_COVERAGE: true steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - name: Environment Setup uses: ./.github/actions/setup with: @@ -532,7 +532,7 @@ jobs: if: always() run: cd src/frontend && npx nyc report --report-dir ./coverage --temp-dir .nyc_output --reporter=lcov --exclude-after-remap false - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@125fc84a9a348dbcf27191600683ec096ec9021c # pin@v4.4.1 + uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # pin@v4.5.0 if: always() with: token: ${{ secrets.CODECOV_TOKEN }} @@ -545,7 +545,7 @@ jobs: timeout-minutes: 60 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - name: Environment Setup uses: ./.github/actions/setup with: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index f93c99a1ec..2fce80d0dd 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -15,7 +15,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} steps: - name: Checkout Code - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - name: Version Check run: | pip install --require-hashes -r contrib/dev_reqs/requirements.txt @@ -34,7 +34,7 @@ jobs: contents: write pull-requests: write steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - name: Environment Setup uses: ./.github/actions/setup with: diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index 7bc41fc73e..916a3b1bbe 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -32,7 +32,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: persist-credentials: false @@ -67,6 +67,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 + uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 with: sarif_file: results.sarif diff --git a/.github/workflows/translations.yaml b/.github/workflows/translations.yaml index fc2968e479..6ffddb4d02 100644 --- a/.github/workflows/translations.yaml +++ b/.github/workflows/translations.yaml @@ -30,7 +30,7 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # pin@v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # pin@v4.1.7 - name: Environment Setup uses: ./.github/actions/setup with: