Merge pull request #83 from wneessen/dependabot/github_actions/docker/setup-buildx-action-3.2.0

Bump docker/setup-buildx-action from 2.10.0 to 3.2.0
Merge pull request #82 from wneessen/dependabot/github_actions/github/codeql-action-3.24.8
2024-11-22 13:50:49 +01:00 · 2024-03-18 22:07:47 +01:00 · 2024-03-18 22:07:32 +01:00 · 2024-03-18 22:07:19 +01:00 · 2024-03-18 22:07:10 +01:00 · 2024-03-18 22:07:00 +01:00
4 changed files with 7 additions and 7 deletions
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -59,7 +59,7 @@ jobs:

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@3ab4101902695724f9365a384f86c1074d94e18c # v3.24.7
+      uses: github/codeql-action/init@05963f47d870e2cb19a537396c1f668a348c7d8f # v3.24.8
      with:
        languages: ${{ matrix.language }}
        # If you wish to specify custom queries, you can do so here or in a config file.
@ -86,6 +86,6 @@ jobs:
        /usr/bin/env GOTOOLCHAIN=go1.22.1+auto go build -a -installsuffix cgo -ldflags '-w -s -extldflags "-static"' -o apg github.com/wneessen/apg-go/cmd/apg

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@3ab4101902695724f9365a384f86c1074d94e18c # v3.24.7
+      uses: github/codeql-action/analyze@05963f47d870e2cb19a537396c1f668a348c7d8f # v3.24.8
      with:
        category: "/language:${{matrix.language}}"
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@ -62,9 +62,9 @@ jobs:
      - name: Checkout
        uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
      - name: Set up QEMU
-        uses: docker/setup-qemu-action@2b82ce82d56a2a04d2637cd93a637ae1b359c0a7 # v2.2.0
+        uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0
+        uses: docker/setup-buildx-action@2b51285047da1547ffb1b2203d8be4c0af6b1f20 # v3.2.0
      - name: Build and push
        uses: docker/build-push-action@1104d471370f9806843c095c1db02b5a90c5f8b6 # v3.3.1
        with:
--- a/.github/workflows/reuse.yml
+++ b/.github/workflows/reuse.yml
@ -14,4 +14,4 @@ jobs:
    steps: 
    - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
    - name: REUSE Compliance Check
-      uses: fsfe/reuse-action@28cf8f33bc50f4c306f52e38fe3826717dea63dc # v1.3.0
+      uses: fsfe/reuse-action@a46482ca367aef4454a87620aa37c2be4b2f8106 # v3.0.0
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@ -63,7 +63,7 @@ jobs:
      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
      # format to the repository Actions tab.
      - name: "Upload artifact"
-        uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
+        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
        with:
          name: SARIF file
          path: results.sarif
@ -71,6 +71,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@3ab4101902695724f9365a384f86c1074d94e18c # v3.24.7
+        uses: github/codeql-action/upload-sarif@05963f47d870e2cb19a537396c1f668a348c7d8f # v3.24.8
        with:
          sarif_file: results.sarif
Author	SHA1	Message	Date
Winni Neessen	760593f248	Merge pull request #83 from wneessen/dependabot/github_actions/docker/setup-buildx-action-3.2.0 Bump docker/setup-buildx-action from 2.10.0 to 3.2.0	2024-03-18 22:07:47 +01:00
Winni Neessen	7d5493c77d	Merge pull request #82 from wneessen/dependabot/github_actions/github/codeql-action-3.24.8 Bump github/codeql-action from 3.24.7 to 3.24.8	2024-03-18 22:07:32 +01:00
Winni Neessen	d4d76a0f0a	Merge pull request #81 from wneessen/dependabot/github_actions/actions/upload-artifact-4.3.1 Bump actions/upload-artifact from 3.1.0 to 4.3.1	2024-03-18 22:07:19 +01:00
Winni Neessen	bac3aa4750	Merge pull request #80 from wneessen/dependabot/github_actions/fsfe/reuse-action-3.0.0 Bump fsfe/reuse-action from 1.3.0 to 3.0.0	2024-03-18 22:07:10 +01:00
Winni Neessen	7e742a4a73	Merge pull request #79 from wneessen/dependabot/github_actions/docker/setup-qemu-action-3.0.0 Bump docker/setup-qemu-action from 2.2.0 to 3.0.0	2024-03-18 22:07:00 +01:00
dependabot[bot]	a0c312f39f	Bump docker/setup-buildx-action from 2.10.0 to 3.2.0 Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.10.0 to 3.2.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](`885d1462b8...2b51285047`) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2024-03-18 19:41:54 +00:00
dependabot[bot]	35cce6e2c7	Bump github/codeql-action from 3.24.7 to 3.24.8 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.7 to 3.24.8. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`3ab4101902...05963f47d8`) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-03-18 19:41:50 +00:00
dependabot[bot]	174ca5da39	Bump actions/upload-artifact from 3.1.0 to 4.3.1 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.0 to 4.3.1. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](`3cea537223...5d5d22a312`) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2024-03-18 19:41:45 +00:00
dependabot[bot]	df816f5ae4	Bump fsfe/reuse-action from 1.3.0 to 3.0.0 Bumps [fsfe/reuse-action](https://github.com/fsfe/reuse-action) from 1.3.0 to 3.0.0. - [Release notes](https://github.com/fsfe/reuse-action/releases) - [Commits](`28cf8f33bc...a46482ca36`) --- updated-dependencies: - dependency-name: fsfe/reuse-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2024-03-18 19:41:42 +00:00
dependabot[bot]	da5ffa7d3d	Bump docker/setup-qemu-action from 2.2.0 to 3.0.0 Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2.2.0 to 3.0.0. - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](`2b82ce82d5...68827325e0`) --- updated-dependencies: - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2024-03-18 19:41:39 +00:00