From f95a866c60bf788eb5cf74937c89f7d8aee98b45 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 6 Mar 2024 09:24:19 +0100 Subject: [PATCH] chore(ci): bump the ci-deps group with 4 updates (#486) Bumps the ci-deps group with 4 updates: [actions/cache](https://github.com/actions/cache), [actions/download-artifact](https://github.com/actions/download-artifact), [EmbarkStudios/cargo-deny-action](https://github.com/embarkstudios/cargo-deny-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/cache` from 4.0.0 to 4.0.1 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/13aacd865c20de90d75de3b17ebe84f7a17d57d2...ab5e6d0c87105b4c9c2047343972218f562e4319) Updates `actions/download-artifact` from 4.1.3 to 4.1.4 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/87c55149d96e628cc2ef7e6fc2aab372015aec85...c850b930e6ba138125429b7e5c93fc707a7f8427) Updates `EmbarkStudios/cargo-deny-action` from 1.5.15 to 1.6.0 - [Release notes](https://github.com/embarkstudios/cargo-deny-action/releases) - [Commits](https://github.com/embarkstudios/cargo-deny-action/compare/68cd9c5e3e16328a430a37c743167572e3243e7e...c3a7e6783975aaac423f9ee43b4818f51debc638) Updates `github/codeql-action` from 3.24.5 to 3.24.6 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/47b3d888fe66b639e431abf22ebca059152f1eea...8a470fddafa5cbb6266ee11b37ef4d8aae19c571) --- updated-dependencies: - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci-deps - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci-deps - dependency-name: EmbarkStudios/cargo-deny-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-deps - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci-deps ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/book.yml | 2 +- .github/workflows/release.yml | 6 +++--- .github/workflows/rust.yml | 16 ++++++++-------- .github/workflows/scorecards.yml | 2 +- .github/workflows/test-codegen.yml | 2 +- 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/book.yml b/.github/workflows/book.yml index 13c83966..b2db29b8 100644 --- a/.github/workflows/book.yml +++ b/.github/workflows/book.yml @@ -55,7 +55,7 @@ jobs: run: rustup override set stable - name: Cache restore (Cargo) id: cache-restore-cargo - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1 with: path: | ~/.cargo/bin/ diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ce2342d7..e4be109f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -97,7 +97,7 @@ jobs: - name: Cache restore (MinGW) id: cache-restore-mingw if: matrix.needs-mingw != '' - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1 with: path: | C:\ProgramData\chocolatey\lib\mingw @@ -127,7 +127,7 @@ jobs: run: rustup override set stable - name: Cache restore id: cache-restore-cargo - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1 with: path: | ~/.cargo/bin/ @@ -169,7 +169,7 @@ jobs: egress-policy: audit - name: Download artifacts from build - uses: actions/download-artifact@87c55149d96e628cc2ef7e6fc2aab372015aec85 # v4.1.3 + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 with: path: release/ - name: Generate provenance subjects diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index e8d7fb31..fb703ac6 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -95,7 +95,7 @@ jobs: - name: Cache restore (MinGW) id: cache-restore-mingw if: matrix.needs-mingw != '' - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1 with: path: | C:\ProgramData\chocolatey\lib\mingw @@ -128,7 +128,7 @@ jobs: run: rustup override set ${{ matrix.toolchain }} - name: Cache restore (Cargo) id: cache-restore-cargo - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1 with: path: | ~/.cargo/bin/ @@ -147,7 +147,7 @@ jobs: env: RUSTFLAGS: ${{ matrix.rustflags }} - name: Download rsonpath-test artifact - uses: actions/download-artifact@87c55149d96e628cc2ef7e6fc2aab372015aec85 # v4.1.3 + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 with: name: ${{ needs.test-gen.outputs.artifact-name }} path: ${{ needs.test-gen.outputs.artifact-path }} @@ -196,7 +196,7 @@ jobs: target: ${{ matrix.target_triple }} - name: Cache restore (Cargo) id: cache-restore-cargo - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1 with: path: | ~/.cargo/bin/ @@ -210,7 +210,7 @@ jobs: env: RUSTFLAGS: "-C link-arg=-fuse-ld=lld --deny warnings" - name: Download rsonpath-test artifact - uses: actions/download-artifact@87c55149d96e628cc2ef7e6fc2aab372015aec85 # v4.1.3 + uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4 with: name: ${{ needs.test-gen.outputs.artifact-name }} path: ${{ needs.test-gen.outputs.artifact-path }} @@ -251,7 +251,7 @@ jobs: run: rustup override set ${{ matrix.toolchain }} - name: Cache restore id: cache-restore - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1 with: path: | ~/.cargo/bin/ @@ -295,7 +295,7 @@ jobs: run: sudo apt install lld - name: Cache restore id: cache-restore - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1 with: path: | ~/.cargo/bin/ @@ -345,7 +345,7 @@ jobs: egress-policy: audit - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: EmbarkStudios/cargo-deny-action@68cd9c5e3e16328a430a37c743167572e3243e7e # v1.5.15 + - uses: EmbarkStudios/cargo-deny-action@c3a7e6783975aaac423f9ee43b4818f51debc638 # v1.6.0 cargo-msrv: name: Verify MSRV (cargo-msrv) diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index de112ae0..a8bf8e9e 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@47b3d888fe66b639e431abf22ebca059152f1eea # v3.24.5 + uses: github/codeql-action/upload-sarif@8a470fddafa5cbb6266ee11b37ef4d8aae19c571 # v3.24.6 with: sarif_file: results.sarif diff --git a/.github/workflows/test-codegen.yml b/.github/workflows/test-codegen.yml index 85079cc4..8a74c38f 100644 --- a/.github/workflows/test-codegen.yml +++ b/.github/workflows/test-codegen.yml @@ -53,7 +53,7 @@ jobs: run: rustup override set stable - name: Cache restore (Cargo) id: cache-restore-cargo - uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0 + uses: actions/cache@ab5e6d0c87105b4c9c2047343972218f562e4319 # v4.0.1 with: path: | ~/.cargo/bin/