From 4a0a4504cf9f6e0e530e4992a1cadb484cb32963 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Apr 2024 08:33:36 +0000 Subject: [PATCH] chore(deps): bump the github-actions group with 22 updates Bumps the github-actions group with 22 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `2` | `4` | | [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment) | `3` | `4` | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `2` | `3` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `2` | `3` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `4.6.0` | `5.5.1` | | [docker/login-action](https://github.com/docker/login-action) | `2` | `3` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `4` | `5` | | [actions/setup-go](https://github.com/actions/setup-go) | `4` | `5` | | [magnetikonline/action-golang-cache](https://github.com/magnetikonline/action-golang-cache) | `4` | `5` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `3` | `4` | | [contributor-assistant/github-action](https://github.com/contributor-assistant/github-action) | `2.3.0` | `2.3.2` | | [github/codeql-action](https://github.com/github/codeql-action) | `2` | `3` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `3` | `4` | | [dessant/lock-threads](https://github.com/dessant/lock-threads) | `4` | `5` | | [alex-page/github-project-automation-plus](https://github.com/alex-page/github-project-automation-plus) | `0.8.3` | `0.9.0` | | [actions/cache](https://github.com/actions/cache) | `3` | `4` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.1.1` | `3.5.0` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.14.3` | `0.15.11` | | [crazy-max/ghaction-upx](https://github.com/crazy-max/ghaction-upx) | `2` | `3` | | [cachix/install-nix-action](https://github.com/cachix/install-nix-action) | `22` | `26` | | [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `4` | `5` | | [actions/stale](https://github.com/actions/stale) | `8` | `9` | Updates `actions/checkout` from 2 to 4 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v4) Updates `peter-evans/create-or-update-comment` from 3 to 4 - [Release notes](https://github.com/peter-evans/create-or-update-comment/releases) - [Commits](https://github.com/peter-evans/create-or-update-comment/compare/v3...v4) Updates `docker/setup-qemu-action` from 2 to 3 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](https://github.com/docker/setup-qemu-action/compare/v2...v3) Updates `docker/setup-buildx-action` from 2 to 3 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v2...v3) Updates `docker/metadata-action` from 4.6.0 to 5.5.1 - [Release notes](https://github.com/docker/metadata-action/releases) - [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md) - [Commits](https://github.com/docker/metadata-action/compare/v4.6.0...v5.5.1) Updates `docker/login-action` from 2 to 3 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v2...v3) Updates `docker/build-push-action` from 4 to 5 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v4...v5) Updates `actions/setup-go` from 4 to 5 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v4...v5) Updates `magnetikonline/action-golang-cache` from 4 to 5 - [Release notes](https://github.com/magnetikonline/action-golang-cache/releases) - [Commits](https://github.com/magnetikonline/action-golang-cache/compare/v4...v5) Updates `codecov/codecov-action` from 3 to 4 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v3...v4) Updates `contributor-assistant/github-action` from 2.3.0 to 2.3.2 - [Release notes](https://github.com/contributor-assistant/github-action/releases) - [Commits](https://github.com/contributor-assistant/github-action/compare/v2.3.0...v2.3.2) Updates `github/codeql-action` from 2 to 3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v2...v3) Updates `actions/dependency-review-action` from 3 to 4 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/v3...v4) Updates `dessant/lock-threads` from 4 to 5 - [Release notes](https://github.com/dessant/lock-threads/releases) - [Changelog](https://github.com/dessant/lock-threads/blob/main/CHANGELOG.md) - [Commits](https://github.com/dessant/lock-threads/compare/v4...v5) Updates `alex-page/github-project-automation-plus` from 0.8.3 to 0.9.0 - [Release notes](https://github.com/alex-page/github-project-automation-plus/releases) - [Commits](https://github.com/alex-page/github-project-automation-plus/compare/v0.8.3...v0.9.0) Updates `actions/cache` from 3 to 4 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v3...v4) Updates `sigstore/cosign-installer` from 3.1.1 to 3.5.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/v3.1.1...v3.5.0) Updates `anchore/sbom-action` from 0.14.3 to 0.15.11 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Commits](https://github.com/anchore/sbom-action/compare/v0.14.3...v0.15.11) Updates `crazy-max/ghaction-upx` from 2 to 3 - [Release notes](https://github.com/crazy-max/ghaction-upx/releases) - [Commits](https://github.com/crazy-max/ghaction-upx/compare/v2...v3) Updates `cachix/install-nix-action` from 22 to 26 - [Release notes](https://github.com/cachix/install-nix-action/releases) - [Commits](https://github.com/cachix/install-nix-action/compare/v22...v26) Updates `goreleaser/goreleaser-action` from 4 to 5 - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](https://github.com/goreleaser/goreleaser-action/compare/v4...v5) Updates `actions/stale` from 8 to 9 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v8...v9) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: peter-evans/create-or-update-comment dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/metadata-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: magnetikonline/action-golang-cache dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: contributor-assistant/github-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: dessant/lock-threads dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: alex-page/github-project-automation-plus dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: crazy-max/ghaction-upx dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: cachix/install-nix-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: goreleaser/goreleaser-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/auto-assign-issue.yml | 2 +- .github/workflows/auto-gh-pr.yml | 2 +- .github/workflows/auto-invite.yml | 2 +- .github/workflows/auto-tag.yml | 2 +- .github/workflows/build-docker-image.yml | 36 ++++++++++++------------ .github/workflows/chatci.yml | 2 +- .github/workflows/check-coverage.yml | 6 ++-- .github/workflows/cla.yml | 2 +- .github/workflows/codeql-analysis.yml | 8 +++--- .github/workflows/depsreview.yaml | 4 +-- .github/workflows/gosec.yml | 2 +- .github/workflows/help-comment-issue.yml | 2 +- .github/workflows/language-check.yml | 2 +- .github/workflows/lock-issue.yml | 2 +- .github/workflows/project-progress.yml | 2 +- .github/workflows/release.yml | 26 ++++++++--------- .github/workflows/scripts-test.yml | 2 +- .github/workflows/stale.yml | 2 +- 18 files changed, 53 insertions(+), 53 deletions(-) diff --git a/.github/workflows/auto-assign-issue.yml b/.github/workflows/auto-assign-issue.yml index d87a571dc..d92fc968c 100644 --- a/.github/workflows/auto-assign-issue.yml +++ b/.github/workflows/auto-assign-issue.yml @@ -27,7 +27,7 @@ jobs: issues: write steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Assign the issue run: | diff --git a/.github/workflows/auto-gh-pr.yml b/.github/workflows/auto-gh-pr.yml index 0913655ca..d6ea7494d 100644 --- a/.github/workflows/auto-gh-pr.yml +++ b/.github/workflows/auto-gh-pr.yml @@ -29,7 +29,7 @@ jobs: if: github.event.pull_request.base.ref == 'main' && github.event.pull_request.merged == true steps: - name: Check out code - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 diff --git a/.github/workflows/auto-invite.yml b/.github/workflows/auto-invite.yml index 9f5597e34..cfec1e04f 100644 --- a/.github/workflows/auto-invite.yml +++ b/.github/workflows/auto-invite.yml @@ -27,7 +27,7 @@ jobs: steps: - name: Invite user to join our group - uses: peter-evans/create-or-update-comment@v3 + uses: peter-evans/create-or-update-comment@v4 with: token: ${{ secrets.BOT_GITHUB_TOKEN }} issue-number: ${{ github.event.issue.number }} diff --git a/.github/workflows/auto-tag.yml b/.github/workflows/auto-tag.yml index e50ab4ed6..69d88c2c6 100644 --- a/.github/workflows/auto-tag.yml +++ b/.github/workflows/auto-tag.yml @@ -26,7 +26,7 @@ jobs: if: startsWith(github.event.comment.body, '/create tag') steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Validate version number and get comment id: validate diff --git a/.github/workflows/build-docker-image.yml b/.github/workflows/build-docker-image.yml index db154c467..9724da2cf 100644 --- a/.github/workflows/build-docker-image.yml +++ b/.github/workflows/build-docker-image.yml @@ -32,16 +32,16 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 # docker.io/openim/openim-chat:latest - name: Extract metadata (tags, labels) for Docker id: meta - uses: docker/metadata-action@v4.6.0 + uses: docker/metadata-action@v5.5.1 with: images: openim/openim-chat # generate Docker tags based on the following events/attributes @@ -57,13 +57,13 @@ jobs: type=sha - name: Log in to Docker Hub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Build and push Docker image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . # linux/ppc64le,linux/s390x @@ -76,15 +76,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 # registry.cn-hangzhou.aliyuncs.com/openimsdk/openim-chat:latest - name: Extract metadata (tags, labels) for Docker id: meta2 - uses: docker/metadata-action@v4.6.0 + uses: docker/metadata-action@v5.5.1 with: images: registry.cn-hangzhou.aliyuncs.com/openimsdk/openim-chat tags: | @@ -99,14 +99,14 @@ jobs: type=sha - name: Log in to AliYun Docker Hub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: registry.cn-hangzhou.aliyuncs.com username: ${{ secrets.ALIREGISTRY_USERNAME }} password: ${{ secrets.ALIREGISTRY_TOKEN }} - name: Build and push Docker image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . # linux/ppc64le,linux/s390x @@ -119,15 +119,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 # ghcr.io/openimsdk/openim-chat:latest - name: Extract metadata (tags, labels) for Docker id: meta3 - uses: docker/metadata-action@v4.6.0 + uses: docker/metadata-action@v5.5.1 with: images: ghcr.io/openimsdk/openim-chat tags: | @@ -142,14 +142,14 @@ jobs: type=sha - name: Log in to GitHub Container Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push Docker image - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . # linux/ppc64le,linux/s390x diff --git a/.github/workflows/chatci.yml b/.github/workflows/chatci.yml index c54e08219..950c76853 100644 --- a/.github/workflows/chatci.yml +++ b/.github/workflows/chatci.yml @@ -52,7 +52,7 @@ jobs: steps: - name: Set up Go ${{ matrix.go_version }} - uses: actions/setup-go@v4 + uses: actions/setup-go@v5 with: go-version: ${{ matrix.go_version }} id: go diff --git a/.github/workflows/check-coverage.yml b/.github/workflows/check-coverage.yml index 7080ef7be..354e5e94a 100644 --- a/.github/workflows/check-coverage.yml +++ b/.github/workflows/check-coverage.yml @@ -41,10 +41,10 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup Golang with cache - uses: magnetikonline/action-golang-cache@v4 + uses: magnetikonline/action-golang-cache@v5 with: go-version: ${{ env.GO_VERSION }} @@ -56,4 +56,4 @@ jobs: continue-on-error: true - name: Upload Coverage to Codecov - uses: codecov/codecov-action@v3 + uses: codecov/codecov-action@v4 diff --git a/.github/workflows/cla.yml b/.github/workflows/cla.yml index 3f658284a..81700153a 100644 --- a/.github/workflows/cla.yml +++ b/.github/workflows/cla.yml @@ -41,7 +41,7 @@ jobs: steps: - name: "CLA Assistant" if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target' - uses: contributor-assistant/github-action@v2.3.0 + uses: contributor-assistant/github-action@v2.3.2 env: GITHUB_TOKEN: ${{ secrets.BOT_GITHUB_TOKEN }} PERSONAL_ACCESS_TOKEN: ${{ secrets.REDBOT_GITHUB_TOKEN }} diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 6233ffcad..600919bc0 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -47,11 +47,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 # Override language selection by uncommenting this and choosing your languages # with: # languages: go, javascript, csharp, python, cpp, java, ruby @@ -59,7 +59,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -73,4 +73,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 \ No newline at end of file + uses: github/codeql-action/analyze@v3 \ No newline at end of file diff --git a/.github/workflows/depsreview.yaml b/.github/workflows/depsreview.yaml index c95afb845..145bfcb63 100644 --- a/.github/workflows/depsreview.yaml +++ b/.github/workflows/depsreview.yaml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-latest steps: - name: 'Checkout Repository' - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: 'Dependency Review' - uses: actions/dependency-review-action@v3 \ No newline at end of file + uses: actions/dependency-review-action@v4 \ No newline at end of file diff --git a/.github/workflows/gosec.yml b/.github/workflows/gosec.yml index 708eca4f8..b99330c05 100644 --- a/.github/workflows/gosec.yml +++ b/.github/workflows/gosec.yml @@ -37,7 +37,7 @@ jobs: GO111MODULE: on steps: - name: Check out code - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Run Gosec Security Scanner uses: securego/gosec@master with: diff --git a/.github/workflows/help-comment-issue.yml b/.github/workflows/help-comment-issue.yml index 755fb035d..34ed3665e 100644 --- a/.github/workflows/help-comment-issue.yml +++ b/.github/workflows/help-comment-issue.yml @@ -25,7 +25,7 @@ jobs: issues: write steps: - name: Add comment - uses: peter-evans/create-or-update-comment@v3 + uses: peter-evans/create-or-update-comment@v4 with: issue-number: ${{ github.event.issue.number }} token: ${{ secrets.BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/language-check.yml b/.github/workflows/language-check.yml index 904323cd9..5d8d553e4 100644 --- a/.github/workflows/language-check.yml +++ b/.github/workflows/language-check.yml @@ -7,7 +7,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Code Language Detector uses: kubecub/comment-lang-detector@v1.0.0 diff --git a/.github/workflows/lock-issue.yml b/.github/workflows/lock-issue.yml index 6a9aed9ba..edf280965 100644 --- a/.github/workflows/lock-issue.yml +++ b/.github/workflows/lock-issue.yml @@ -30,7 +30,7 @@ jobs: action: runs-on: ubuntu-latest steps: - - uses: dessant/lock-threads@v4 + - uses: dessant/lock-threads@v5 with: github-token: ${{ secrets.BOT_GITHUB_TOKEN }} issue-inactive-days: '365' diff --git a/.github/workflows/project-progress.yml b/.github/workflows/project-progress.yml index e6a7156e1..bbe22262c 100644 --- a/.github/workflows/project-progress.yml +++ b/.github/workflows/project-progress.yml @@ -29,7 +29,7 @@ jobs: move-assigned-card: runs-on: ubuntu-latest steps: - - uses: alex-page/github-project-automation-plus@v0.8.3 + - uses: alex-page/github-project-automation-plus@v0.9.0 with: project: OpenIM-V3.1 column: In Progress diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d133b9d07..31226c9fc 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -32,7 +32,7 @@ jobs: DOCKER_CLI_EXPERIMENTAL: "enabled" steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 with: fetch-depth: 0 @@ -44,38 +44,38 @@ jobs: mkdir -p $HOME/.cache/snapcraft/download mkdir -p $HOME/.cache/snapcraft/stage-packages - - uses: actions/setup-go@v4 + - uses: actions/setup-go@v5 with: go-version: stable - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Login to Docker Hub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} - name: Login to GitHub Container Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Log in to AliYun Docker Hub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: registry.cn-hangzhou.aliyuncs.com username: ${{ secrets.ALIREGISTRY_USERNAME }} password: ${{ secrets.ALIREGISTRY_TOKEN }} - name: set action env cache - uses: actions/cache@v3 + uses: actions/cache@v4 with: path: | ./_output/dist/*.deb @@ -83,12 +83,12 @@ jobs: ./_output/dist/*.apk key: ${{ github.ref }} - - uses: sigstore/cosign-installer@v3.1.1 - - uses: anchore/sbom-action/download-syft@v0.14.3 - - uses: crazy-max/ghaction-upx@v2 + - uses: sigstore/cosign-installer@v3.5.0 + - uses: anchore/sbom-action/download-syft@v0.15.11 + - uses: crazy-max/ghaction-upx@v3 with: install-only: true - - uses: cachix/install-nix-action@v22 + - uses: cachix/install-nix-action@v26 with: github_access_token: ${{ secrets.GITHUB_TOKEN }} # - name: snapcraft-login @@ -97,7 +97,7 @@ jobs: # More assembly might be required: Docker logins, GPG, etc. It all depends # on your needs. - - uses: goreleaser/goreleaser-action@v4 + - uses: goreleaser/goreleaser-action@v5 with: # either 'goreleaser' (default) or 'goreleaser-pro': distribution: goreleaser diff --git a/.github/workflows/scripts-test.yml b/.github/workflows/scripts-test.yml index 7da773adb..7777a0b1f 100644 --- a/.github/workflows/scripts-test.yml +++ b/.github/workflows/scripts-test.yml @@ -41,7 +41,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v4 # - name: Install latest Bash (macOS only) # if: runner.os == 'macOS' diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index ca04d0e20..8f760afba 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -32,7 +32,7 @@ jobs: pull-requests: write steps: - - uses: actions/stale@v8 + - uses: actions/stale@v9 with: repo-token: ${{ secrets.BOT_GITHUB_TOKEN }} days-before-stale: 60