From 2822f553df3dd817e5f80d6c4546211b275ec11b Mon Sep 17 00:00:00 2001 From: "cid-workflow[bot]" <142626371+cid-workflow[bot]@users.noreply.github.com> Date: Tue, 23 Jul 2024 23:42:37 +0200 Subject: [PATCH] ci: update cid github actions workflow from 0.0.19 to 0.0.21 (#71) Co-authored-by: cid-workflow[bot] <142626371+cid-workflow[bot]@users.noreply.github.com> --- .github/workflows/cid-ossf.yml | 8 ++++---- .github/workflows/cid-pullrequest.yml | 18 ++++++++--------- .github/workflows/cid.yml | 28 +++++++++++++-------------- 3 files changed, 27 insertions(+), 27 deletions(-) diff --git a/.github/workflows/cid-ossf.yml b/.github/workflows/cid-ossf.yml index 3cfe279..b6f256b 100644 --- a/.github/workflows/cid-ossf.yml +++ b/.github/workflows/cid-ossf.yml @@ -1,4 +1,4 @@ -# cid-workflow-version: 0.0.19 +# cid-workflow-version: 0.0.21 # This file is generated by the CID Workflow GitHub App. # DO NOT EDIT! @@ -36,7 +36,7 @@ jobs: contents: read # required in private repos steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 with: disable-telemetry: true disable-sudo: true @@ -72,13 +72,13 @@ jobs: with: persist-credentials: false - name: OSSF Analysis - uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 + uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3 with: results_file: results.sarif results_format: sarif publish_results: true # publish results to OpenSSF REST API - name: Upload Analysis Result - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 with: name: SARIF file path: results.sarif diff --git a/.github/workflows/cid-pullrequest.yml b/.github/workflows/cid-pullrequest.yml index 3ea2bca..605afcc 100644 --- a/.github/workflows/cid-pullrequest.yml +++ b/.github/workflows/cid-pullrequest.yml @@ -1,4 +1,4 @@ -# cid-workflow-version: 0.0.19 +# cid-workflow-version: 0.0.21 # This file is generated by the CID Workflow GitHub App. # DO NOT EDIT! @@ -99,7 +99,7 @@ jobs: if: ${{ github.event.inputs.loglevel == 'debug' }} steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 with: disable-telemetry: true disable-sudo: true @@ -132,7 +132,7 @@ jobs: timeout-minutes: 30 steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 with: disable-telemetry: true disable-sudo: true @@ -153,7 +153,7 @@ jobs: run: | cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage build - name: upload artifacts - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 with: name: build-${{ github.run_id }} path: .dist @@ -167,7 +167,7 @@ jobs: timeout-minutes: 30 steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 with: disable-telemetry: true disable-sudo: true @@ -188,7 +188,7 @@ jobs: run: | cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage test - name: upload artifacts - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 with: name: test-${{ github.run_id }} path: .dist @@ -204,7 +204,7 @@ jobs: timeout-minutes: 30 steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 with: disable-telemetry: true disable-sudo: true @@ -219,13 +219,13 @@ jobs: with: fetch-depth: 0 - name: download artifacts > build - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: build-${{ github.run_id }} path: .dist continue-on-error: true - name: download artifacts > test - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: test-${{ github.run_id }} path: .dist diff --git a/.github/workflows/cid.yml b/.github/workflows/cid.yml index 1e6b9a7..9451b59 100644 --- a/.github/workflows/cid.yml +++ b/.github/workflows/cid.yml @@ -1,4 +1,4 @@ -# cid-workflow-version: 0.0.19 +# cid-workflow-version: 0.0.21 # This file is generated by the CID Workflow GitHub App. # DO NOT EDIT! @@ -101,7 +101,7 @@ jobs: if: ${{ github.event.inputs.loglevel == 'debug' }} steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 with: disable-telemetry: true disable-sudo: true @@ -134,7 +134,7 @@ jobs: timeout-minutes: 30 steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 with: disable-telemetry: true disable-sudo: true @@ -155,7 +155,7 @@ jobs: run: | cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage build - name: upload artifacts - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 with: name: build-${{ github.run_id }} path: .dist @@ -169,7 +169,7 @@ jobs: timeout-minutes: 30 steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 with: disable-telemetry: true disable-sudo: true @@ -190,7 +190,7 @@ jobs: run: | cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage test - name: upload artifacts - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 with: name: test-${{ github.run_id }} path: .dist @@ -206,7 +206,7 @@ jobs: timeout-minutes: 30 steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 with: disable-telemetry: true disable-sudo: true @@ -221,13 +221,13 @@ jobs: with: fetch-depth: 0 - name: download artifacts > build - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: build-${{ github.run_id }} path: .dist continue-on-error: true - name: download artifacts > test - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: test-${{ github.run_id }} path: .dist @@ -253,7 +253,7 @@ jobs: timeout-minutes: 30 steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 with: disable-telemetry: true disable-sudo: true @@ -268,7 +268,7 @@ jobs: with: fetch-depth: 0 - name: download artifacts > build - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: build-${{ github.run_id }} path: .dist @@ -280,7 +280,7 @@ jobs: run: | cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage package - name: upload artifacts - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 with: name: package-${{ github.run_id }} path: .dist @@ -300,7 +300,7 @@ jobs: timeout-minutes: 30 steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 with: disable-telemetry: true disable-sudo: true @@ -315,7 +315,7 @@ jobs: with: fetch-depth: 0 - name: download artifacts > package - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: package-${{ github.run_id }} path: .dist