From 557578a50b1d90f6c130473bf4bc1d755f097e47 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 10 Jan 2025 17:35:57 +0000 Subject: [PATCH] Update CI actions (non-major) --- .github/workflows/build.yml | 2 +- .github/workflows/codeql.yml | 4 ++-- .github/workflows/npm_package.yml | 2 +- .github/workflows/ossf-scorecard.yml | 4 ++-- .github/workflows/prebuilds.yml | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 65c779da..92954a29 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -25,7 +25,7 @@ jobs: - run: npm run ${{ (matrix.node == '' && 'test-coverage') || 'test' }} - name: Submit coverage data to Codecov if: matrix.node == '' - uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a # v5.0.7 + uses: codecov/codecov-action@1e68e06f1dbfde0e4cefc87efeba9e4643565303 # v5.1.2 with: token: ${{ secrets.CODECOV_TOKEN }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 201ca430..60475927 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -39,7 +39,7 @@ jobs: make -C build -j3 Release/obj.target/deps/zstd.a - name: Initialize CodeQL - uses: github/codeql-action/init@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 + uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: languages: ${{ matrix.language }} queries: security-extended,security-and-quality @@ -51,6 +51,6 @@ jobs: JOBS: 3 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 + uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: category: '/language:${{matrix.language}}' diff --git a/.github/workflows/npm_package.yml b/.github/workflows/npm_package.yml index 3fe9bd37..89be95e2 100644 --- a/.github/workflows/npm_package.yml +++ b/.github/workflows/npm_package.yml @@ -24,7 +24,7 @@ jobs: name: Build npm package run: echo "package=$(npm pack -s)" >> "$GITHUB_OUTPUT" - name: Upload NPM package - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 with: name: npm-package path: ${{ steps.npm_pack.outputs.package }} diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index b91253ee..15b2e031 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -30,13 +30,13 @@ jobs: publish_results: true - name: Upload artifact - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 with: name: SARIF file path: results.sarif retention-days: 5 - name: Upload SARIF results to code scanning - uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 + uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: sarif_file: results.sarif diff --git a/.github/workflows/prebuilds.yml b/.github/workflows/prebuilds.yml index 4e983c7e..24aa2a0b 100644 --- a/.github/workflows/prebuilds.yml +++ b/.github/workflows/prebuilds.yml @@ -53,7 +53,7 @@ jobs: run: bash .github/prebuild.sh x64 if: runner.os == 'macOS' - name: Upload prebuilds - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 with: name: prebuilds-${{ matrix.os }} path: prebuilds/