Skip to content

Commit 77ffd1a

Browse files
dependabot[bot]dependabot[bot]
authored
Bump the github-actions group with 3 updates (#7)
Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) and [github/codeql-action](https://github.com/github/codeql-action). Updates `step-security/harden-runner` from 2.12.0 to 2.12.1 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@0634a26...002fdce) Updates `actions/attest-build-provenance` from 2.3.0 to 2.4.0 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](actions/attest-build-provenance@db473fd...e8998f9) Updates `github/codeql-action` from 3.28.19 to 3.29.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@fca7ace...ce28f5b) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.12.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/attest-build-provenance dependency-version: 2.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 3.29.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent f038cba commit 77ffd1a

File tree

7 files changed

+14
-14
lines changed

7 files changed

+14
-14
lines changed

.github/workflows/part_dependency_review.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,7 @@ jobs:
1111
runs-on: ubuntu-latest
1212
steps:
1313
- name: Harden the runner (Audit all outbound calls)
14-
uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
14+
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
1515
with:
1616
egress-policy: audit
1717

.github/workflows/part_dependency_submission.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ jobs:
1717

1818
steps:
1919
- name: Harden Runner
20-
uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
20+
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
2121
with:
2222
egress-policy: audit
2323

.github/workflows/part_docs.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ jobs:
3030

3131
steps:
3232
- name: Harden the runner (Audit all outbound calls)
33-
uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
33+
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
3434
with:
3535
egress-policy: audit
3636

@@ -61,7 +61,7 @@ jobs:
6161
tar -czvf docs.tar.gz doc
6262
6363
- name: "Attest docs provenance"
64-
uses: actions/attest-build-provenance@db473fddc028af60658334401dc6fa3ffd8669fd # v2.3.0
64+
uses: actions/attest-build-provenance@e8998f949152b193b063cb0ec769d69d929409be # v2.4.0
6565
id: attest-docs-provenance
6666
if: "${{ inputs.attest }}"
6767
with:

.github/workflows/part_publish.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ jobs:
2323

2424
steps:
2525
- name: Harden Runner
26-
uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
26+
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
2727
with:
2828
egress-policy: audit
2929

.github/workflows/part_release.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ jobs:
2525

2626
steps:
2727
- name: Harden Runner
28-
uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
28+
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
2929
with:
3030
egress-policy: audit
3131

.github/workflows/part_test.yml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ jobs:
1818

1919
steps:
2020
- name: Harden Runner
21-
uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
21+
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
2222
with:
2323
egress-policy: audit
2424

@@ -44,7 +44,7 @@ jobs:
4444

4545
steps:
4646
- name: Harden the runner (Audit all outbound calls)
47-
uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
47+
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
4848
with:
4949
egress-policy: audit
5050

@@ -91,7 +91,7 @@ jobs:
9191

9292
steps:
9393
- name: Harden the runner (Audit all outbound calls)
94-
uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
94+
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
9595
with:
9696
egress-policy: audit
9797

@@ -137,7 +137,7 @@ jobs:
137137

138138
steps:
139139
- name: Harden the runner (Audit all outbound calls)
140-
uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
140+
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
141141
with:
142142
egress-policy: audit
143143

@@ -160,7 +160,7 @@ jobs:
160160
- run: mix compile --warning-as-errors
161161
- run: mix credo --strict --format sarif > results.sarif
162162
- name: Upload SARIF file
163-
uses: github/codeql-action/upload-sarif@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19
163+
uses: github/codeql-action/upload-sarif@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 # v3.29.0
164164
with:
165165
sarif_file: results.sarif
166166
category: credo
@@ -175,7 +175,7 @@ jobs:
175175

176176
steps:
177177
- name: Harden Runner
178-
uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
178+
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
179179
with:
180180
egress-policy: audit
181181

.github/workflows/scorecards.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,7 @@ jobs:
3636

3737
steps:
3838
- name: Harden Runner
39-
uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
39+
uses: step-security/harden-runner@002fdce3c6a235733a90a27c80493a3241e56863 # v2.12.1
4040
with:
4141
egress-policy: audit
4242

@@ -76,6 +76,6 @@ jobs:
7676

7777
# Upload the results to GitHub's code scanning dashboard.
7878
- name: "Upload to code-scanning"
79-
uses: github/codeql-action/upload-sarif@fca7ace96b7d713c7035871441bd52efbe39e27e # v3.28.19
79+
uses: github/codeql-action/upload-sarif@ce28f5bb42b7a9f2c824e633a3f6ee835bab6858 # v3.29.0
8080
with:
8181
sarif_file: results.sarif

0 commit comments

Comments
 (0)