From 44e8804c51ddf44e71a8db180d214ec3cd0051f1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 14 Jan 2025 12:43:57 +0000 Subject: [PATCH] chore(ci): bump the ci-deps group with 6 updates Bumps the ci-deps group with 6 updates: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.10.2` | `2.10.3` | | [actions/setup-java](https://github.com/actions/setup-java) | `4.5.0` | `4.6.0` | | [baptiste0928/cargo-install](https://github.com/baptiste0928/cargo-install) | `3.1.1` | `3.3.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.3` | `4.6.0` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.1.0` | `2.2.1` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.27.9` | `3.28.1` | Updates `step-security/harden-runner` from 2.10.2 to 2.10.3 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/0080882f6c36860b6ba35c610c98ce87d4e2f26f...c95a14d0e5bab51a9f56296a4eb0e416910cd350) Updates `actions/setup-java` from 4.5.0 to 4.6.0 - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](https://github.com/actions/setup-java/compare/8df1039502a15bceb9433410b1a100fbe190c53b...7a6d8a8234af8eb26422e24e3006232cccaa061b) Updates `baptiste0928/cargo-install` from 3.1.1 to 3.3.0 - [Release notes](https://github.com/baptiste0928/cargo-install/releases) - [Changelog](https://github.com/baptiste0928/cargo-install/blob/main/CHANGELOG.md) - [Commits](https://github.com/baptiste0928/cargo-install/compare/904927dbe77864e0f2281519fe9d5bd097a220b3...91c5da15570085bcde6f4d7aed98cb82d6769fd3) Updates `actions/upload-artifact` from 4.4.3 to 4.6.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882...65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08) Updates `softprops/action-gh-release` from 2.1.0 to 2.2.1 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/01570a1f39cb168c169c802c3bceb9e93fb10974...c95fe1489396fe8a9eb87c0abf8aa5b2ef267fda) Updates `github/codeql-action` from 3.27.9 to 3.28.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/df409f7d9260372bd5f19e5b04e83cb3c43714ae...b6a472f63d85b9c78a3ac5e89422239fc15e9b3c) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci-deps - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-deps - dependency-name: baptiste0928/cargo-install dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-deps - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-deps - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-deps - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci-deps ... Signed-off-by: dependabot[bot] --- .github/workflows/benchmarks.yml | 12 ++++++------ .github/workflows/book.yml | 6 +++--- .github/workflows/closed-issue.yml | 2 +- .github/workflows/clusterfuzzlite-batch.yml | 4 ++-- .github/workflows/clusterfuzzlite-cron.yml | 4 ++-- .github/workflows/clusterfuzzlite-pr.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/new-issue.yml | 2 +- .github/workflows/nix-shell.yml | 2 +- .github/workflows/release.yml | 12 ++++++------ .github/workflows/rust.yml | 18 +++++++++--------- .github/workflows/scorecards.yml | 6 +++--- .github/workflows/test-codegen.yml | 4 ++-- .github/workflows/triaged-issue.yml | 2 +- 14 files changed, 39 insertions(+), 39 deletions(-) diff --git a/.github/workflows/benchmarks.yml b/.github/workflows/benchmarks.yml index 88d7fb93..981c9bc5 100644 --- a/.github/workflows/benchmarks.yml +++ b/.github/workflows/benchmarks.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit @@ -27,7 +27,7 @@ jobs: run: sed -i '/^\[patch.crates-io\]/d' ./Cargo.toml && sed -i '/^rsonpath-lib = { path = .*$/d' ./Cargo.toml - name: Install lld run: sudo apt install lld - - uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 + - uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0 name: Setup Java JDK with: distribution: temurin @@ -56,7 +56,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit @@ -65,7 +65,7 @@ jobs: run: sed -i '/^\[patch.crates-io\]/d' ./Cargo.toml && sed -i '/^rsonpath-lib = { path = .*$/d' ./Cargo.toml - name: Install lld run: sudo apt install lld - - uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 + - uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0 name: Setup Java JDK with: distribution: temurin @@ -101,7 +101,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit @@ -110,7 +110,7 @@ jobs: run: sed -i '/^\[patch.crates-io\]/d' ./Cargo.toml && sed -i '/^rsonpath-lib = { path = .*$/d' ./Cargo.toml - name: Install lld run: sudo apt install lld - - uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0 + - uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0 name: Setup Java JDK with: distribution: temurin diff --git a/.github/workflows/book.yml b/.github/workflows/book.yml index 673dd44d..b9456bc5 100644 --- a/.github/workflows/book.yml +++ b/.github/workflows/book.yml @@ -30,7 +30,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: disable-sudo: true egress-policy: block @@ -65,14 +65,14 @@ jobs: target/ key: book-cargo-${{ hashFiles('**/Cargo.toml') }} - name: cargo install mdbook - uses: baptiste0928/cargo-install@904927dbe77864e0f2281519fe9d5bd097a220b3 # v3.1.1 + uses: baptiste0928/cargo-install@91c5da15570085bcde6f4d7aed98cb82d6769fd3 # v3.3.0 with: # Name of the crate to install crate: mdbook env: CARGO_TARGET_DIR: target/ - name: cargo install mdbook-katex - uses: baptiste0928/cargo-install@904927dbe77864e0f2281519fe9d5bd097a220b3 # v3.1.1 + uses: baptiste0928/cargo-install@91c5da15570085bcde6f4d7aed98cb82d6769fd3 # v3.3.0 with: # Name of the crate to install crate: mdbook-katex diff --git a/.github/workflows/closed-issue.yml b/.github/workflows/closed-issue.yml index 928d1821..2228823a 100644 --- a/.github/workflows/closed-issue.yml +++ b/.github/workflows/closed-issue.yml @@ -13,7 +13,7 @@ jobs: issues: write steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/clusterfuzzlite-batch.yml b/.github/workflows/clusterfuzzlite-batch.yml index 076d9c01..8af504aa 100644 --- a/.github/workflows/clusterfuzzlite-batch.yml +++ b/.github/workflows/clusterfuzzlite-batch.yml @@ -23,7 +23,7 @@ jobs: - address steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: disable-sudo: true egress-policy: block @@ -64,7 +64,7 @@ jobs: if: ${{ always() && needs.BatchFuzzing.result == 'failure' }} steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit - name: Checkout sources diff --git a/.github/workflows/clusterfuzzlite-cron.yml b/.github/workflows/clusterfuzzlite-cron.yml index 7e209944..cb33e755 100644 --- a/.github/workflows/clusterfuzzlite-cron.yml +++ b/.github/workflows/clusterfuzzlite-cron.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: disable-sudo: true egress-policy: block @@ -49,7 +49,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit diff --git a/.github/workflows/clusterfuzzlite-pr.yml b/.github/workflows/clusterfuzzlite-pr.yml index 20f02da9..598b4173 100644 --- a/.github/workflows/clusterfuzzlite-pr.yml +++ b/.github/workflows/clusterfuzzlite-pr.yml @@ -23,7 +23,7 @@ jobs: - address steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index cdf8b31c..816eff90 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/new-issue.yml b/.github/workflows/new-issue.yml index a65784d4..643563f4 100644 --- a/.github/workflows/new-issue.yml +++ b/.github/workflows/new-issue.yml @@ -14,7 +14,7 @@ jobs: repository-projects: write steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit diff --git a/.github/workflows/nix-shell.yml b/.github/workflows/nix-shell.yml index c8d5fc57..90f3d463 100644 --- a/.github/workflows/nix-shell.yml +++ b/.github/workflows/nix-shell.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: block allowed-endpoints: > diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 5dc293a2..0038dea3 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit @@ -87,7 +87,7 @@ jobs: rustflags: "-C link-arg=-fuse-ld=lld --deny warnings" steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit @@ -147,7 +147,7 @@ jobs: if: matrix.os == 'windows-latest' run: mv -Force "target/${{ matrix.target_triple }}/distribution/rq.exe" target/distribution/rq-${{ matrix.target_triple }}.exe - name: Upload the binary as artifact - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 with: name: rq-${{ matrix.target_triple }} # The * matches .exe if on windows and nothing otherwise. @@ -164,7 +164,7 @@ jobs: contents: write steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit @@ -179,7 +179,7 @@ jobs: id: hash-sanity run: echo "$(sha256sum release/**/* | base64 -w0)" - name: Create GitHub Release - uses: softprops/action-gh-release@01570a1f39cb168c169c802c3bceb9e93fb10974 # v2.1.0 + uses: softprops/action-gh-release@c95fe1489396fe8a9eb87c0abf8aa5b2ef267fda # v2.2.1 with: name: ${{ github.ref_name }} files: release/**/* @@ -206,7 +206,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index 69bdf703..65a8aeca 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -76,7 +76,7 @@ jobs: rustflags: "-C link-arg=-fuse-ld=lld --deny warnings" steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: block allowed-endpoints: > @@ -138,7 +138,7 @@ jobs: target/ key: ${{ matrix.toolchain }}-${{ matrix.target_triple }}-cargo-${{ hashFiles('**/Cargo.toml') }} - name: cargo install cargo-hack - uses: baptiste0928/cargo-install@904927dbe77864e0f2281519fe9d5bd097a220b3 # v3.1.1 + uses: baptiste0928/cargo-install@91c5da15570085bcde6f4d7aed98cb82d6769fd3 # v3.3.0 with: # Name of the crate to install crate: cargo-hack @@ -181,7 +181,7 @@ jobs: - nosimd;slow_quotes;slow_popcnt steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit @@ -235,7 +235,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit @@ -280,7 +280,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit @@ -320,7 +320,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit @@ -342,7 +342,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit @@ -354,14 +354,14 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: submodules: true - name: cargo install cargo-msrv - uses: baptiste0928/cargo-install@904927dbe77864e0f2281519fe9d5bd097a220b3 # v3.1.1 + uses: baptiste0928/cargo-install@91c5da15570085bcde6f4d7aed98cb82d6769fd3 # v3.3.0 with: # Name of the crate to install crate: cargo-msrv diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 5c6427c6..40ecbb3c 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit @@ -63,7 +63,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 with: name: SARIF file path: results.sarif @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9 + uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1 with: sarif_file: results.sarif diff --git a/.github/workflows/test-codegen.yml b/.github/workflows/test-codegen.yml index 112fb362..dc3bfe64 100644 --- a/.github/workflows/test-codegen.yml +++ b/.github/workflows/test-codegen.yml @@ -27,7 +27,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: block allowed-endpoints: > @@ -66,7 +66,7 @@ jobs: id: build-test-codegen run: cargo build -p rsonpath-test -vv - name: Upload generated tests as artifact - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 with: name: rsonpath-test-documents path: | diff --git a/.github/workflows/triaged-issue.yml b/.github/workflows/triaged-issue.yml index d23c295a..615d1b5d 100644 --- a/.github/workflows/triaged-issue.yml +++ b/.github/workflows/triaged-issue.yml @@ -13,7 +13,7 @@ jobs: issues: write steps: - name: Harden Runner - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 + uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3 with: egress-policy: audit