Merge pull request #234 from wneessen/dependabot/github_actions/codecov/codecov-action-5.0.0

Bump codecov/codecov-action from 4.6.0 to 5.0.0
Merge pull request #235 from wneessen/dependabot/github_actions/github/codeql-action-3.27.4
2024-11-24 14:50:50 +01:00 · 2024-11-14 22:57:41 +01:00 · 2024-11-14 22:56:56 +01:00 · 2024-11-14 22:56:36 +01:00 · 2024-11-14 20:07:34 +00:00 · 2024-11-14 20:07:30 +00:00
4 changed files with 5 additions and 5 deletions
--- a/.github/workflows/codecov.yml
+++ b/.github/workflows/codecov.yml
@ -40,6 +40,6 @@ jobs:
        go test -v -race --coverprofile=coverage.coverprofile --covermode=atomic ./...
    - name: Upload coverage to Codecov
      if: success() && matrix.go == '1.22' && matrix.os == 'ubuntu-latest'
-      uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0
+      uses: codecov/codecov-action@968872560f81e7bdde9272853e65f2507c0eca7c # v5.0.0
      with:
        token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -59,7 +59,7 @@ jobs:

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
+      uses: github/codeql-action/init@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
      with:
        languages: ${{ matrix.language }}
        # If you wish to specify custom queries, you can do so here or in a config file.
@ -86,6 +86,6 @@ jobs:
        /usr/bin/env GOTOOLCHAIN=go1.22.1+auto go build -a -installsuffix cgo -ldflags '-w -s -extldflags "-static"' -o apg github.com/wneessen/apg-go/cmd/apg

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
+      uses: github/codeql-action/analyze@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
      with:
        category: "/language:${{matrix.language}}"
--- a/.github/workflows/reuse.yml
+++ b/.github/workflows/reuse.yml
@ -14,4 +14,4 @@ jobs:
    steps: 
    - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
    - name: REUSE Compliance Check
-      uses: fsfe/reuse-action@3ae3c6bdf1257ab19397fab11fd3312144692083 # v4.0.0
+      uses: fsfe/reuse-action@bb774aa972c2a89ff34781233d275075cbddf542 # v5.0.0
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@ -71,6 +71,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
+        uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
        with:
          sarif_file: results.sarif
Author	SHA1	Message	Date
Winni Neessen	74914bb593	Merge pull request #234 from wneessen/dependabot/github_actions/codecov/codecov-action-5.0.0 Bump codecov/codecov-action from 4.6.0 to 5.0.0	2024-11-14 22:57:41 +01:00
Winni Neessen	50fbc1a308	Merge pull request #235 from wneessen/dependabot/github_actions/github/codeql-action-3.27.4 Bump github/codeql-action from 3.27.3 to 3.27.4	2024-11-14 22:56:56 +01:00
Winni Neessen	f27099be30	Merge pull request #236 from wneessen/dependabot/github_actions/fsfe/reuse-action-5.0.0 Bump fsfe/reuse-action from 4.0.0 to 5.0.0	2024-11-14 22:56:36 +01:00
dependabot[bot]	7afcc0848b	Bump fsfe/reuse-action from 4.0.0 to 5.0.0 Bumps [fsfe/reuse-action](https://github.com/fsfe/reuse-action) from 4.0.0 to 5.0.0. - [Release notes](https://github.com/fsfe/reuse-action/releases) - [Commits](`3ae3c6bdf1...bb774aa972`) --- updated-dependencies: - dependency-name: fsfe/reuse-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2024-11-14 20:07:34 +00:00
dependabot[bot]	a5ecaf1675	Bump github/codeql-action from 3.27.3 to 3.27.4 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.27.3 to 3.27.4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`396bb3e453...ea9e4e3799`) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-11-14 20:07:30 +00:00
dependabot[bot]	f8f24681c3	Bump codecov/codecov-action from 4.6.0 to 5.0.0 Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.6.0 to 5.0.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](`b9fd7d16f6...968872560f`) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2024-11-14 20:07:21 +00:00