Skip to content

Commit

Permalink
chore(deps): bump the dependencies group across 1 directory with 8 up…
Browse files Browse the repository at this point in the history 
…dates (#138)

Bumps the dependencies group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `6.9.0` | `6.10.0` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.27.0` | `3.28.0` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.7.1` | `3.8.0` |
| [docker/metadata-action](https://github.com/docker/metadata-action) | `5.5.1` | `5.6.1` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.3` | `4.5.0` |
| [actions/setup-java](https://github.com/actions/setup-java) | `4.5.0` | `4.6.0` |
| [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.28.0` | `0.29.0` |
| [actions/setup-dotnet](https://github.com/actions/setup-dotnet) | `4.1.0` | `4.2.0` |



Updates `docker/build-push-action` from 6.9.0 to 6.10.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@4f58ea7...48aba3b)

Updates `github/codeql-action` from 3.27.0 to 3.28.0
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@6624720...48ab28a)

Updates `docker/setup-buildx-action` from 3.7.1 to 3.8.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@c47758b...6524bf6)

Updates `docker/metadata-action` from 5.5.1 to 5.6.1
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](docker/metadata-action@8e5442c...369eb59)

Updates `actions/upload-artifact` from 4.4.3 to 4.5.0
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@b4b15b8...6f51ac0)

Updates `actions/setup-java` from 4.5.0 to 4.6.0
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](actions/setup-java@8df1039...7a6d8a8)

Updates `aquasecurity/trivy-action` from 0.28.0 to 0.29.0
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](aquasecurity/trivy-action@915b19b...18f2510)

Updates `actions/setup-dotnet` from 4.1.0 to 4.2.0
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](actions/setup-dotnet@3e891b0...87b7050)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: actions/setup-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: actions/setup-dotnet
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Reviewed-by: Phil Schneider <info@philschneider.de>
  • Loading branch information
@dependabot
dependabot[bot] authored Jan 7, 2025
1 parent f622b26 commit a2efc84
Show file tree
Hide file tree
Showing 11 changed files with 33 additions and 33 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/chart-test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ jobs:

- name: Build migration image
id: build-migration-image
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
with:
context: .
file: ./docker/Dockerfile-dim-migrations
Expand All @@ -72,7 +72,7 @@ jobs:

- name: Build service image
id: build-service-image
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
with:
context: .
file: ./docker/Dockerfile-dim-service
Expand All @@ -81,7 +81,7 @@ jobs:

- name: Build processes worker
id: build-processes-worker-image
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
with:
context: .
file: ./docker/Dockerfile-dim-processes-worker
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/codeql.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ jobs:

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@662472033e021d55d94146f66f6058822b0b39fd # v2.227
uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v2.227
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -88,7 +88,7 @@ jobs:
# Automates dependency installation for Python, Ruby, and JavaScript, optimizing the CodeQL analysis setup.
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@662472033e021d55d94146f66f6058822b0b39fd # v2.227
uses: github/codeql-action/autobuild@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v2.227

# ℹ️ Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
Expand All @@ -101,6 +101,6 @@ jobs:
# ./location_of_script_within_repo/buildscript.sh

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@662472033e021d55d94146f66f6058822b0b39fd # v2.227
uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v2.227
with:
category: "/language:${{matrix.language}}"
2 changes: 1 addition & 1 deletion .github/workflows/kics.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,7 +70,7 @@ jobs:
# Upload findings to GitHub Advanced Security Dashboard
- name: Upload SARIF file for GitHub Advanced Security Dashboard
if: always()
uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
with:
sarif_file: kicsResults/results.sarif

6 changes: 3 additions & 3 deletions .github/workflows/migrations-docker.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -59,19 +59,19 @@ jobs:
password: ${{ secrets.GITHUB_TOKEN }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0

- name: Docker meta
id: meta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=main
type=raw,value=${{ github.sha }}
- name: Build and push Docker image
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
with:
context: .
file: ./docker/Dockerfile-dim-migrations
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/owasp-zap.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ jobs:

- name: Build migration image
id: build-migration-image
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
with:
context: .
file: ./docker/Dockerfile-dim-migrations
Expand All @@ -72,7 +72,7 @@ jobs:

- name: Build service image
id: build-service-image
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
with:
context: .
file: ./docker/Dockerfile-dim-service
Expand All @@ -81,7 +81,7 @@ jobs:

- name: Build Worker image
id: build-worker-image
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
with:
context: .
file: ./docker/Dockerfile-dim-processes-worker
Expand Down Expand Up @@ -136,7 +136,7 @@ jobs:
- name: Upload HTML report
if: success() || failure()
uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
with:
name: ZAP scan report
path: ./report_html.html
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/processes-worker-docker.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,19 +58,19 @@ jobs:
password: ${{ secrets.GITHUB_TOKEN }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0

- name: Docker meta
id: meta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1
with:
images: ${{ env.REGISTRY}}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=main
type=raw,value=${{ github.sha }}
- name: Build and push Docker image
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
with:
context: .
file: ./docker/Dockerfile-dim-processes-worker
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -111,12 +111,12 @@ jobs:
password: ${{ secrets.GITHUB_TOKEN }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0

# Create SemVer or ref tags dependent of trigger event
- name: Docker meta
id: meta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1
with:
images: ${{ matrix.image }}
# Automatically prepare image tags; See action docs for more examples.
Expand All @@ -130,7 +130,7 @@ jobs:
type=semver,pattern={{major}}.{{minor}},value=${{ needs.release-helm-chart.outputs.app-version }}
- name: Build and push Docker images
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
with:
context: .
file: ${{ matrix.dockerfile }}
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/service-docker.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,19 +58,19 @@ jobs:
password: ${{ secrets.GITHUB_TOKEN }}

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0

- name: Docker meta
id: meta
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1
with:
images: ${{ env.REGISTRY}}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=main
type=raw,value=${{ github.sha }}
- name: Build and push Docker image
uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
with:
context: .
file: ./docker/Dockerfile-dim-service
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/sonarcloud.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ jobs:

steps:
- name: Set up JDK 17
uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0
uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
with:
distribution: 'temurin'
java-version: '17'
Expand Down
16 changes: 8 additions & 8 deletions .github/workflows/trivy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,7 +57,7 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- name: Run Trivy vulnerability scanner in repo mode
uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # v0.28.0
uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # v0.29.0
with:
scan-type: "config"
hide-progress: false
Expand All @@ -68,7 +68,7 @@ jobs:
timeout: "3600s"

- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
if: always()
with:
sarif_file: "trivy-results1.sarif"
Expand All @@ -91,7 +91,7 @@ jobs:
# For public images, no ENV vars must be set.
- name: Run Trivy vulnerability scanner
if: always()
uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # v0.28.0
uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # v0.29.0
with:
# Path to Docker image
image-ref: "${{ env.REGISTRY}}/${{ env.IMAGE_NAME_SERVICE}}:main"
Expand All @@ -101,7 +101,7 @@ jobs:

- name: Upload Trivy scan results to GitHub Security tab
if: always()
uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
with:
sarif_file: "trivy-results2.sarif"

Expand All @@ -123,7 +123,7 @@ jobs:
# For public images, no ENV vars must be set.
- name: Run Trivy vulnerability scanner
if: always()
uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # v0.28.0
uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # v0.29.0
with:
# Path to Docker image
image-ref: "${{ env.REGISTRY}}/${{ env.IMAGE_NAME_MIGRATIONS}}:main"
Expand All @@ -133,7 +133,7 @@ jobs:

- name: Upload Trivy scan results to GitHub Security tab
if: always()
uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
with:
sarif_file: "trivy-results3.sarif"

Expand All @@ -155,7 +155,7 @@ jobs:
# For public images, no ENV vars must be set.
- name: Run Trivy vulnerability scanner
if: always()
uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # v0.28.0
uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # v0.29.0
with:
# Path to Docker image
image-ref: "${{ env.REGISTRY}}/${{ env.IMAGE_NAME_WORKER}}:main"
Expand All @@ -165,7 +165,7 @@ jobs:

- name: Upload Trivy scan results to GitHub Security tab
if: always()
uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
with:
sarif_file: "trivy-results4.sarif"

2 changes: 1 addition & 1 deletion .github/workflows/unit.tests-formatting.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ jobs:
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup .NET Core SDK ${{ matrix.dotnet-version }}
uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0
uses: actions/setup-dotnet@87b7050bc53ea08284295505d98d2aa94301e852 # v4.2.0
with:
dotnet-version: ${{ matrix.dotnet-version }}
- name: Install dotnet-format
Expand Down

0 comments on commit a2efc84

Please sign in to comment.