From 03215c695d972a36f408c2f51d7a35171fddc843 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 1 Nov 2024 16:48:27 +0000 Subject: [PATCH] fix(gha)(deps): bump the github-actions group across 1 directory with 25 updates Bumps the github-actions group with 25 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `3` | `4` | | [DoozyX/clang-format-lint-action](https://github.com/doozyx/clang-format-lint-action) | `0.13` | `0.18` | | [jurplel/install-qt-action](https://github.com/jurplel/install-qt-action) | `2` | `4` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `3` | `4` | | [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) | `5.25.0` | `6.0.0` | | [mikepenz/release-changelog-builder-action](https://github.com/mikepenz/release-changelog-builder-action) | `4` | `5` | | [mikepenz/action-gh-release](https://github.com/mikepenz/action-gh-release) | `0.2.0.pre.a03` | `1` | | [codacy/codacy-analysis-cli-action](https://github.com/codacy/codacy-analysis-cli-action) | `4.4.1` | `4.4.5` | | [github/codeql-action](https://github.com/github/codeql-action) | `2` | `3` | | [actions/cache](https://github.com/actions/cache) | `1` | `4` | | [wagoid/commitlint-github-action](https://github.com/wagoid/commitlint-github-action) | `6.0.1` | `6.1.2` | | [microsoft/security-devops-action](https://github.com/microsoft/security-devops-action) | `1.10.0` | `1.11.0` | | [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2.1.0` | `2.2.0` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.3.2` | `4.4.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `5` | `6` | | [eps1lon/actions-label-merge-conflict](https://github.com/eps1lon/actions-label-merge-conflict) | `3.0.1` | `3.0.2` | | [codelytv/pr-size-labeler](https://github.com/codelytv/pr-size-labeler) | `1.10.0` | `1.10.1` | | [oxsecurity/megalinter](https://github.com/oxsecurity/megalinter) | `7.13.0` | `8.1.0` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `6.1.0` | `7.0.5` | | [withastro/action](https://github.com/withastro/action) | `2.0.0` | `3.0.0` | | [actions/configure-pages](https://github.com/actions/configure-pages) | `4.0.0` | `5.0.0` | | [fsfe/reuse-action](https://github.com/fsfe/reuse-action) | `3.0.0` | `4.0.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.3.3` | `2.4.0` | | [check-spelling/check-spelling](https://github.com/check-spelling/check-spelling) | `0.0.22` | `0.0.24` | | [yokawasa/action-sqlcheck](https://github.com/yokawasa/action-sqlcheck) | `1.3.0` | `1.5.0` | Updates `actions/checkout` from 3 to 4 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v3...v4) Updates `DoozyX/clang-format-lint-action` from 0.13 to 0.18 - [Release notes](https://github.com/doozyx/clang-format-lint-action/releases) - [Commits](https://github.com/doozyx/clang-format-lint-action/compare/v0.13...v0.18) Updates `jurplel/install-qt-action` from 2 to 4 - [Release notes](https://github.com/jurplel/install-qt-action/releases) - [Commits](https://github.com/jurplel/install-qt-action/compare/v2.0.0...v4) Updates `codecov/codecov-action` from 3 to 4 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v3...v4) Updates `release-drafter/release-drafter` from 5.25.0 to 6.0.0 - [Release notes](https://github.com/release-drafter/release-drafter/releases) - [Commits](https://github.com/release-drafter/release-drafter/compare/v5.25.0...v6) Updates `mikepenz/release-changelog-builder-action` from 4 to 5 - [Release notes](https://github.com/mikepenz/release-changelog-builder-action/releases) - [Commits](https://github.com/mikepenz/release-changelog-builder-action/compare/v4...v5) Updates `mikepenz/action-gh-release` from 0.2.0.pre.a03 to 1 - [Release notes](https://github.com/mikepenz/action-gh-release/releases) - [Changelog](https://github.com/mikepenz/action-gh-release/blob/main/CHANGELOG.md) - [Commits](https://github.com/mikepenz/action-gh-release/compare/v0.2.0-a03...v1) Updates `codacy/codacy-analysis-cli-action` from 4.4.1 to 4.4.5 - [Release notes](https://github.com/codacy/codacy-analysis-cli-action/releases) - [Commits](https://github.com/codacy/codacy-analysis-cli-action/compare/3ff8e64eb4b714c4bee91b7b4eea31c6fc2c4f93...97bf5df3c09e75f5bcd72695998f96ebd701846e) Updates `github/codeql-action` from 2 to 3 - [Release notes](https://github.com/github/codeql-action/releases) - [Commits](https://github.com/github/codeql-action/compare/v2...v3) Updates `actions/cache` from 1 to 4 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v1...v4) Updates `wagoid/commitlint-github-action` from 6.0.1 to 6.1.2 - [Changelog](https://github.com/wagoid/commitlint-github-action/blob/master/CHANGELOG.md) - [Commits](https://github.com/wagoid/commitlint-github-action/compare/7f0a61df502599e1f1f50880aaa7ec1e2c0592f2...3d28780bbf0365e29b144e272b2121204d5be5f3) Updates `microsoft/security-devops-action` from 1.10.0 to 1.11.0 - [Release notes](https://github.com/microsoft/security-devops-action/releases) - [Commits](https://github.com/microsoft/security-devops-action/compare/v1.10.0...v1.11.0) Updates `dependabot/fetch-metadata` from 2.1.0 to 2.2.0 - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](https://github.com/dependabot/fetch-metadata/compare/5e5f99653a5b510e8555840e80cbf1514ad4af38...dbb049abf0d677abbd7f7eee0375145b417fdd34) Updates `actions/dependency-review-action` from 4.3.2 to 4.4.0 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/0c155c5e8556a497adf53f2c18edabf945ed8e70...4081bf99e2866ebe428fc0477b69eb4fcda7220a) Updates `docker/build-push-action` from 5 to 6 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v5...v6) Updates `eps1lon/actions-label-merge-conflict` from 3.0.1 to 3.0.2 - [Release notes](https://github.com/eps1lon/actions-label-merge-conflict/releases) - [Changelog](https://github.com/eps1lon/actions-label-merge-conflict/blob/main/CHANGELOG.md) - [Commits](https://github.com/eps1lon/actions-label-merge-conflict/compare/6d74047dcef155976a15e4a124dde2c7fe0c5522...1b1b1fcde06a9b3d089f3464c96417961dde1168) Updates `codelytv/pr-size-labeler` from 1.10.0 to 1.10.1 - [Release notes](https://github.com/codelytv/pr-size-labeler/releases) - [Commits](https://github.com/codelytv/pr-size-labeler/compare/56f6f0fc35c7cc0f72963b8467729e1120cb4bed...c7a55a022747628b50f3eb5bf863b9e796b8f274) Updates `oxsecurity/megalinter` from 7.13.0 to 8.1.0 - [Release notes](https://github.com/oxsecurity/megalinter/releases) - [Changelog](https://github.com/oxsecurity/megalinter/blob/main/CHANGELOG.md) - [Commits](https://github.com/oxsecurity/megalinter/compare/bacb5f8674e3730b904ca4d20c8bd477bc51b1a7...b38cdf1f0cbe056fad4112cb7cd99c2b574c9617) Updates `peter-evans/create-pull-request` from 6.1.0 to 7.0.5 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/c5a7806660adbe173f04e3e038b0ccdcd758773c...5e914681df9dc83aa4e4905692ca88beb2f9e91f) Updates `withastro/action` from 2.0.0 to 3.0.0 - [Release notes](https://github.com/withastro/action/releases) - [Commits](https://github.com/withastro/action/compare/acfe56dffc635abfb9506c77d51ce097030360d1...44cbafd43567733e3b007918c6e0711480560516) Updates `actions/configure-pages` from 4.0.0 to 5.0.0 - [Release notes](https://github.com/actions/configure-pages/releases) - [Commits](https://github.com/actions/configure-pages/compare/v4.0.0...v5.0.0) Updates `fsfe/reuse-action` from 3.0.0 to 4.0.0 - [Release notes](https://github.com/fsfe/reuse-action/releases) - [Commits](https://github.com/fsfe/reuse-action/compare/a46482ca367aef4454a87620aa37c2be4b2f8106...3ae3c6bdf1257ab19397fab11fd3312144692083) Updates `ossf/scorecard-action` from 2.3.3 to 2.4.0 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/dc50aa9510b46c811795eb24b2f1ba02a914e534...62b2cac7ed8198b15735ed49ab1e5cf35480ba46) Updates `check-spelling/check-spelling` from 0.0.22 to 0.0.24 - [Release notes](https://github.com/check-spelling/check-spelling/releases) - [Changelog](https://github.com/check-spelling/check-spelling/blob/main/gh-release-downloader) - [Commits](https://github.com/check-spelling/check-spelling/compare/00c989c97749eb0cb2d256bdc55ac61b0096c6d3...67debf50669c7fc76fc8f5d7f996384535a72b77) Updates `yokawasa/action-sqlcheck` from 1.3.0 to 1.5.0 - [Release notes](https://github.com/yokawasa/action-sqlcheck/releases) - [Commits](https://github.com/yokawasa/action-sqlcheck/compare/v1.3.0...v1.5.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: DoozyX/clang-format-lint-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: jurplel/install-qt-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: release-drafter/release-drafter dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: mikepenz/release-changelog-builder-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: mikepenz/action-gh-release dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: codacy/codacy-analysis-cli-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: wagoid/commitlint-github-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: microsoft/security-devops-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: dependabot/fetch-metadata dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: eps1lon/actions-label-merge-conflict dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: codelytv/pr-size-labeler dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: oxsecurity/megalinter dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: withastro/action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/configure-pages dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: fsfe/reuse-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: check-spelling/check-spelling dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: yokawasa/action-sqlcheck dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 10 +++++----- .github/workflows/codacy-analysis.yml | 6 +++--- .github/workflows/codeql-analysis.yml | 8 ++++---- .github/workflows/commitlint.yml | 4 ++-- .github/workflows/defender-for-devops.yml | 2 +- .github/workflows/dependabot-merge.yml | 2 +- .github/workflows/dependency-review.yml | 4 ++-- .github/workflows/devskim-analysis.yml | 4 ++-- .github/workflows/docker-publish.yml | 2 +- .github/workflows/labeler.yml | 4 ++-- .github/workflows/mega-linter.yml | 6 +++--- .github/workflows/pages-astro.yml | 4 ++-- .github/workflows/pages.yml | 2 +- .github/workflows/pr-lint.yaml | 2 +- .github/workflows/release-drafter.yml | 2 +- .github/workflows/reuse-check.yml | 4 ++-- .github/workflows/scorecard.yml | 6 +++--- .github/workflows/spelling.yml | 8 ++++---- .github/workflows/styles.yml | 14 +++++++------- 19 files changed, 47 insertions(+), 47 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 78581ceb..088e2dab 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -69,7 +69,7 @@ jobs: fetch-depth: 0 - name: "🟨 Use clang-format" - uses: DoozyX/clang-format-lint-action@v0.17 + uses: DoozyX/clang-format-lint-action@v0.18 with: source: "." exclude: "./third_party ./external" @@ -277,7 +277,7 @@ jobs: gcovr -j ${{env.nproc}} --delete --root ../ --print-summary --xml-pretty --xml coverage.xml - name: "Publish to codecov" - uses: codecov/codecov-action@v3 + uses: codecov/codecov-action@v4 with: flags: ${{ runner.os }} name: ${{ runner.os }}-coverage @@ -705,7 +705,7 @@ jobs: - name: "Build Releasenotes" id: github_releasenotes - uses: release-drafter/release-drafter@v5.25.0 + uses: release-drafter/release-drafter@v6.0.0 with: publish: "${{ steps.check-version.outputs.tag != '' }}" tag: "${{ steps.check-version.outputs.tag }}" @@ -719,12 +719,12 @@ jobs: steps: - name: Build Changelog id: github_release - uses: mikepenz/release-changelog-builder-action@v4 + uses: mikepenz/release-changelog-builder-action@v5 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Create Release - uses: mikepenz/action-gh-release@v0.2.0-a03 #softprops/action-gh-release + uses: mikepenz/action-gh-release@v1 #softprops/action-gh-release with: body: ${{steps.github_release.outputs.changelog}} diff --git a/.github/workflows/codacy-analysis.yml b/.github/workflows/codacy-analysis.yml index dc994962..e8728316 100644 --- a/.github/workflows/codacy-analysis.yml +++ b/.github/workflows/codacy-analysis.yml @@ -44,11 +44,11 @@ jobs: steps: # Checkout the repository to the GitHub Actions runner - name: 🧰 Checkout Source Code - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis - name: Run Codacy Analysis CLI - uses: codacy/codacy-analysis-cli-action@3ff8e64eb4b714c4bee91b7b4eea31c6fc2c4f93 # v4.3.0 + uses: codacy/codacy-analysis-cli-action@97bf5df3c09e75f5bcd72695998f96ebd701846e # v4.3.0 with: # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository # You can also omit the token and run the tools that support default configurations @@ -64,6 +64,6 @@ jobs: # Upload the SARIF file generated in the previous step - name: 📤 Upload SARIF results file - uses: github/codeql-action/upload-sarif@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3.25.5 + uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 with: sarif_file: codeql-results.sarif \ No newline at end of file diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 1668d1c7..2fdb15fd 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -104,7 +104,7 @@ jobs: steps: - name: "🧰 Checkout Source Code" - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: "🧰 Setup Cache-ID with date for unix-like systems" if: matrix.language == 'cpp' @@ -169,7 +169,7 @@ jobs: - name: "🧰 Install Qt Version ${{ env.QT_VERSION }}" if: matrix.language == 'cpp' - uses: jurplel/install-qt-action@v3 + uses: jurplel/install-qt-action@v4 with: version: ${{ env.QT_VERSION }} host: ${{ matrix.QT_HOST}} @@ -228,7 +228,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -253,4 +253,4 @@ jobs: uses: github/codeql-action/autobuild@v3 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/commitlint.yml b/.github/workflows/commitlint.yml index 512ebf5d..7cebaeec 100644 --- a/.github/workflows/commitlint.yml +++ b/.github/workflows/commitlint.yml @@ -22,7 +22,7 @@ jobs: steps: - name: 🧰 Checkout Source Code - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Check the commits - uses: wagoid/commitlint-github-action@7f0a61df502599e1f1f50880aaa7ec1e2c0592f2 # v6.0.1 + uses: wagoid/commitlint-github-action@3d28780bbf0365e29b144e272b2121204d5be5f3 # v6.1.2 diff --git a/.github/workflows/defender-for-devops.yml b/.github/workflows/defender-for-devops.yml index 66821d0e..c03ad78d 100644 --- a/.github/workflows/defender-for-devops.yml +++ b/.github/workflows/defender-for-devops.yml @@ -39,7 +39,7 @@ jobs: 5.0.x 6.0.x - name: Run Microsoft Security DevOps - uses: microsoft/security-devops-action@v1.10.0 + uses: microsoft/security-devops-action@v1.11.0 id: msdo - name: Upload results to Security tab uses: github/codeql-action/upload-sarif@v3 diff --git a/.github/workflows/dependabot-merge.yml b/.github/workflows/dependabot-merge.yml index 0931e14e..6d55a2f2 100644 --- a/.github/workflows/dependabot-merge.yml +++ b/.github/workflows/dependabot-merge.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@5e5f99653a5b510e8555840e80cbf1514ad4af38 # v2.1.0 + uses: dependabot/fetch-metadata@dbb049abf0d677abbd7f7eee0375145b417fdd34 # v2.2.0 with: github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 3862c321..e862f71a 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -30,9 +30,9 @@ jobs: contents: write steps: - name: 🧰 Checkout Source Code - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Dependency Review Action - uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2 + uses: actions/dependency-review-action@4081bf99e2866ebe428fc0477b69eb4fcda7220a # v4.4.0 # Commonly enabled options, see https://github.com/actions/dependency-review-action#configuration-options for all available options. with: comment-summary-in-pr: always diff --git a/.github/workflows/devskim-analysis.yml b/.github/workflows/devskim-analysis.yml index abfe0e70..2af6d6ef 100644 --- a/.github/workflows/devskim-analysis.yml +++ b/.github/workflows/devskim-analysis.yml @@ -31,11 +31,11 @@ jobs: security-events: write steps: - name: 🧰 Checkout Source Code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Run DevSkim scanner uses: microsoft/DevSkim-Action@914fa647b406c387000300b2f09bb28691be2b6d # v1.0.14 # Upload the results to GitHub's code scanning dashboard. - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 + uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 with: sarif_file: devskim-results.sarif diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 102a92b1..74f9995a 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -79,7 +79,7 @@ jobs: # https://github.com/docker/build-push-action - name: Build and push Docker image id: build-and-push - uses: docker/build-push-action@v5 + uses: docker/build-push-action@v6 with: context: .devcontainer push: ${{ github.event_name != 'pull_request' }} diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml index 43ba50d9..3ae99574 100644 --- a/.github/workflows/labeler.yml +++ b/.github/workflows/labeler.yml @@ -30,7 +30,7 @@ jobs: pull-requests: write steps: - name: Update PRs with conflict labels - uses: eps1lon/actions-label-merge-conflict@6d74047dcef155976a15e4a124dde2c7fe0c5522 # v3.0.1 + uses: eps1lon/actions-label-merge-conflict@1b1b1fcde06a9b3d089f3464c96417961dde1168 # v3.0.2 with: dirtyLabel: conflicts # removeOnDirtyLabel: "PR: ready to ship" @@ -44,7 +44,7 @@ jobs: pull-requests: write runs-on: ubuntu-latest steps: - - uses: codelytv/pr-size-labeler@56f6f0fc35c7cc0f72963b8467729e1120cb4bed # v1.10.0 + - uses: codelytv/pr-size-labeler@c7a55a022747628b50f3eb5bf863b9e796b8f274 # v1.10.1 with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} xs_label: size/xs diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index 5ff46b83..7311c891 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -47,7 +47,7 @@ jobs: steps: # Git Checkout - name: 🧰 Checkout Source Code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: token: ${{ secrets.GITHUB_TOKEN }} fetch-depth: 0 # If you use VALIDATE_ALL_CODEBASE = true, you can remove this line to improve performances @@ -56,7 +56,7 @@ jobs: id: ml # You can override MegaLinter flavor used to have faster performances # More info at https://megalinter.io/flavors/ - uses: oxsecurity/megalinter@bacb5f8674e3730b904ca4d20c8bd477bc51b1a7 # v7.13.0 + uses: oxsecurity/megalinter@b38cdf1f0cbe056fad4112cb7cd99c2b574c9617 # v8.1.0 # All available variables are described in documentation # https://megalinter.io/configuration/ env: @@ -115,7 +115,7 @@ jobs: - name: Create Pull Request with applied fixes id: cpr if: env.APPLY_FIXES_IF_PR == 'true' - uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0 + uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7.0.5 with: token: ${{ secrets.GITHUB_TOKEN }} commit-message: "[MegaLinter] Apply linters automatic fixes" diff --git a/.github/workflows/pages-astro.yml b/.github/workflows/pages-astro.yml index 3db6e925..5780b9f8 100644 --- a/.github/workflows/pages-astro.yml +++ b/.github/workflows/pages-astro.yml @@ -30,9 +30,9 @@ jobs: if: (github.actor != 'dependabot[bot]') steps: - name: 🧰 Checkout Source Code - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Build and Upload Site - uses: withastro/action@acfe56dffc635abfb9506c77d51ce097030360d1 # v2.0.0 + uses: withastro/action@44cbafd43567733e3b007918c6e0711480560516 # v3.0.0 with: path: ./docs # The root location of your Astro project inside the diff --git a/.github/workflows/pages.yml b/.github/workflows/pages.yml index 0130a810..37cd5de5 100644 --- a/.github/workflows/pages.yml +++ b/.github/workflows/pages.yml @@ -33,7 +33,7 @@ jobs: fetch-depth: 0 - name: Setup Pages - uses: actions/configure-pages@v4.0.0 + uses: actions/configure-pages@v5.0.0 - name: Build with Jekyll uses: actions/jekyll-build-pages@v1 with: diff --git a/.github/workflows/pr-lint.yaml b/.github/workflows/pr-lint.yaml index ddcade8c..64226dcc 100644 --- a/.github/workflows/pr-lint.yaml +++ b/.github/workflows/pr-lint.yaml @@ -28,7 +28,7 @@ jobs: steps: - name: 🧰 Checkout Source Code‚ - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Lint pull request title uses: matthiashermsen/lint-pull-request-title@49458c35f9eeaaad64abfb7b1def719350b6a755 # v1.0.0 diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index eee1f4b1..df84b032 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -41,7 +41,7 @@ jobs: # Drafts your next Release notes as Pull Requests are merged # into "master" - name: Release Drafter - uses: release-drafter/release-drafter@3f0f87098bd6b5c5b9a36d49c41d998ea58f9348 # v6.0.0 + uses: release-drafter/release-drafter@aa80724a5d394e0cadaeb0488c488fe21922d6ff # v6.0.0 # (Optional) specify config name to use, relative to .github/. # Default: release-drafter.yml # with: diff --git a/.github/workflows/reuse-check.yml b/.github/workflows/reuse-check.yml index 624c3472..b6510e77 100644 --- a/.github/workflows/reuse-check.yml +++ b/.github/workflows/reuse-check.yml @@ -31,10 +31,10 @@ jobs: steps: - name: 🧰 Checkout Source Code - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: # Full git history is needed to get a proper list of changed files within `super-linter` fetch-depth: 0 - name: REUSE Compliance Check - uses: fsfe/reuse-action@a46482ca367aef4454a87620aa37c2be4b2f8106 # v3.0.0 + uses: fsfe/reuse-action@3ae3c6bdf1257ab19397fab11fd3312144692083 # v4.0.0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 08a57f93..fbda9050 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -38,10 +38,10 @@ jobs: steps: - name: 🧰 Checkout Source Code - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Run analysis - uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3 + uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 with: results_file: scorecard_results.sarif results_format: sarif @@ -56,6 +56,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3.25.5 + uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 with: sarif_file: scorecard_results.sarif diff --git a/.github/workflows/spelling.yml b/.github/workflows/spelling.yml index a7167aaa..043227e5 100644 --- a/.github/workflows/spelling.yml +++ b/.github/workflows/spelling.yml @@ -98,7 +98,7 @@ jobs: steps: - name: check-spelling id: spelling - uses: check-spelling/check-spelling@00c989c97749eb0cb2d256bdc55ac61b0096c6d3 # v0.0.22 + uses: check-spelling/check-spelling@67debf50669c7fc76fc8f5d7f996384535a72b77 # v0.0.24 with: suppress_push_for_open_pull_request: ${{ github.actor != 'dependabot[bot]' && 1 }} checkout: true @@ -122,7 +122,7 @@ jobs: if: (success() || failure()) && needs.spelling.outputs.followup && github.event_name == 'push' steps: - name: comment - uses: check-spelling/check-spelling@00c989c97749eb0cb2d256bdc55ac61b0096c6d3 # v0.0.22 + uses: check-spelling/check-spelling@67debf50669c7fc76fc8f5d7f996384535a72b77 # v0.0.24 with: checkout: true spell_check_this: check-spelling/spell-check-this@prerelease @@ -138,7 +138,7 @@ jobs: if: (success() || failure()) && needs.spelling.outputs.followup && contains(github.event_name, 'pull_request') steps: - name: comment - uses: check-spelling/check-spelling@00c989c97749eb0cb2d256bdc55ac61b0096c6d3 # v0.0.22 + uses: check-spelling/check-spelling@67debf50669c7fc76fc8f5d7f996384535a72b77 # v0.0.24 with: checkout: true spell_check_this: check-spelling/spell-check-this@prerelease @@ -157,7 +157,7 @@ jobs: cancel-in-progress: false steps: - name: apply spelling updates - uses: check-spelling/check-spelling@00c989c97749eb0cb2d256bdc55ac61b0096c6d3 # v0.0.22 + uses: check-spelling/check-spelling@67debf50669c7fc76fc8f5d7f996384535a72b77 # v0.0.24 with: experimental_apply_changes_via_bot: 1 checkout: true diff --git a/.github/workflows/styles.yml b/.github/workflows/styles.yml index 8b77a8d3..d9ce75a0 100644 --- a/.github/workflows/styles.yml +++ b/.github/workflows/styles.yml @@ -71,19 +71,19 @@ jobs: steps: - name: '🧰 Checkout Source Code' if: github.event_name == 'push' - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 ref: master - name: '🧰 Checkout Source Code' if: github.event_name == 'pull_request' - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} - - uses: actions/cache@v2 + - uses: actions/cache@v4 with: path: '**/src' key: ${{ github.workflow }}-src-${{ hashFiles('**/CMakeLists.txt', '**/*.cmake') @@ -101,13 +101,13 @@ jobs: - name: '⚙️ Cache Qt' id: cache-qt - uses: actions/cache@v1 # not v2! + uses: actions/cache@v4 # not v2! with: path: '${{ github.workspace }}/Qt' key: QtCache-${{ matrix.platform }}-{{ matrix.arch }}-${{ env.QT_VERSION }} - name: '⚙️ Install Qt' - uses: jurplel/install-qt-action@v2 + uses: jurplel/install-qt-action@v4 with: version: ${{ env.QT_VERSION }} target: ${{ env.QT_TARGET }} @@ -153,7 +153,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: SQL Check - uses: yokawasa/action-sqlcheck@v1.3.0 + uses: yokawasa/action-sqlcheck@v1.5.0 id: sqlcheck with: post-comment: true @@ -172,7 +172,7 @@ jobs: run: echo "Issues found in previous step" - name: Clang Format - uses: DoozyX/clang-format-lint-action@v0.13 + uses: DoozyX/clang-format-lint-action@v0.18 with: source: './src' clangFormatVersion: 12