Merge branch 'main' into dependabot/npm_and_yarn/ch14/TailwindTraders…

…BotComposer/scripts/npm_and_yarn-security-group-3e9ed88168 Signed-off-by: Michael Kaufmann <5276337+wulfland@users.noreply.github.com>
wulfland · Jan 17, 2024 · 0cb3c28 · 0cb3c28
2 parents 88d2185 + 7d5384b
commit 0cb3c28
Show file tree

Hide file tree

Showing 11 changed files with 17 additions and 17 deletions.
diff --git a/.github/workflows/Deploy-AWS.yml b/.github/workflows/Deploy-AWS.yml
@@ -21,7 +21,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v1
+        uses: aws-actions/configure-aws-credentials@v3
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
@@ -55,7 +55,7 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Configure AWS credentials
-        uses: aws-actions/configure-aws-credentials@v1
+        uses: aws-actions/configure-aws-credentials@v3
         with:
           aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
           aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

diff --git a/.github/workflows/Deploy-Azure.yml b/.github/workflows/Deploy-Azure.yml
@@ -19,7 +19,7 @@ jobs:
         dotnet-version: '5.0.x'
 
     - name: Setup Node
-      uses: actions/setup-node@v2.5.1
+      uses: actions/setup-node@v3.8.1
       with:
         node-version: 10.16.3    
 

diff --git a/.github/workflows/Deploy-GKE.yml b/.github/workflows/Deploy-GKE.yml
@@ -56,7 +56,7 @@ jobs:
         export_default_credentials: true 
 
     # Get the GKE credentials so we can deploy to the cluster
-    - uses: google-github-actions/get-gke-credentials@v0.5.0
+    - uses: google-github-actions/get-gke-credentials@v1.0.2
       with:
         cluster_name: ${{ env.GKE_CLUSTER }}
         location: ${{ env.GKE_ZONE }}

diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml
@@ -12,7 +12,7 @@ jobs:
     steps:
       - name: Dependabot metadata
         id: dependabot-metadata
-        uses: dependabot/fetch-metadata@v1.1.1
+        uses: dependabot/fetch-metadata@v1.6.0
         with:
           github-token: "${{ secrets.GITHUB_TOKEN }}"
 

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -41,7 +41,7 @@ jobs:
         dotnet-version: '5.0.x'
 
     - name: Setup Node
-      uses: actions/setup-node@v2.5.1
+      uses: actions/setup-node@v3.8.1
       with:
         node-version: 10.16.3  
 

diff --git a/.github/workflows/dast.yml b/.github/workflows/dast.yml
@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: ZAP Scan
-        uses: zaproxy/action-baseline@v0.6.1
+        uses: zaproxy/action-baseline@v0.9.0
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           docker_name: 'owasp/zap2docker-stable'
@@ -23,7 +23,7 @@ jobs:
           target: ${{ env.TARGET_URL }}
 
       - name: OWASP ZAP API Scan
-        uses: zaproxy/action-api-scan@v0.1.0
+        uses: zaproxy/action-api-scan@v0.5.0
         with:
           target: ${{ env.TARGET_API }}
 
diff --git a/.github/workflows/openid-connect.yml b/.github/workflows/openid-connect.yml
@@ -23,7 +23,7 @@ jobs:
         dotnet-version: '5.0.x'
 
     - name: Setup Node
-      uses: actions/setup-node@v2.5.1
+      uses: actions/setup-node@v3.8.1
       with:
         node-version: 10.16.3    
 

diff --git a/.github/workflows/pr-validation.yml b/.github/workflows/pr-validation.yml
@@ -16,7 +16,7 @@ jobs:
         dotnet-version: '5.0.x'
 
     - name: Setup Node
-      uses: actions/setup-node@v2.5.1
+      uses: actions/setup-node@v3.8.1
       with:
         node-version: 10.16.3    
 

diff --git a/.github/workflows/release-container.yml b/.github/workflows/release-container.yml
@@ -20,20 +20,20 @@ jobs:
         uses: actions/checkout@v3
 
       - name: Log in to the Container registry
-        uses: docker/login-action@v2.0.0
+        uses: docker/login-action@v2.2.0
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@v3.6.2
+        uses: docker/metadata-action@v4.6.0
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@v2.7.0
+        uses: docker/build-push-action@v4.1.1
         with:
           context: ch8_packages/docker
           push: true

diff --git a/.github/workflows/release-package.yml b/.github/workflows/release-package.yml
@@ -9,7 +9,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3
-      - uses: actions/setup-node@v2.5.1
+      - uses: actions/setup-node@v3.8.1
         with:
           node-version: 12
       - run: |
@@ -31,7 +31,7 @@ jobs:
         with: 
           fetch-depth: 0
 
-      - uses: actions/setup-node@v2.5.1
+      - uses: actions/setup-node@v3.8.1
         with:
           node-version: 12
           registry-url: https://npm.pkg.github.com/
@@ -71,7 +71,7 @@ jobs:
         with: 
           fetch-depth: 0
 
-      - uses: actions/setup-node@v2.5.1
+      - uses: actions/setup-node@v3.8.1
         with:
           node-version: 12
           registry-url: https://registry.npmjs.org

diff --git a/ch9_release/src/Tailwind.Traders.Web/Tailwind.Traders.Web.csproj b/ch9_release/src/Tailwind.Traders.Web/Tailwind.Traders.Web.csproj
@@ -25,7 +25,7 @@
     <PackageReference Include="Microsoft.ML.OnnxRuntime" Version="1.10.0" />
     <PackageReference Include="MongoDB.Driver" Version="2.11.6" />
 	  <PackageReference Include="SixLabors.ImageSharp" Version="1.0.0-beta0006" />
-    <PackageReference Include="System.Data.SqlClient" Version="4.8.3" />
+    <PackageReference Include="System.Data.SqlClient" Version="4.8.6" />
   </ItemGroup>
 
   <ItemGroup>