Merge pull request #143 from wneessen/dependabot/github_actions/sonarsource/sonarqube-scan-action-2.2

Bump sonarsource/sonarqube-scan-action from 2.1.0 to 2.2
Merge pull request #142 from wneessen/dependabot/github_actions/codecov/codecov-action-4.5.0
2024-11-23 22:30:49 +01:00 · 2024-06-14 09:48:43 +02:00 · 2024-06-14 09:48:30 +02:00 · 2024-06-14 09:48:16 +02:00 · 2024-06-14 09:47:59 +02:00 · 2024-06-13 19:36:30 +00:00
5 changed files with 6 additions and 6 deletions
--- a/.github/workflows/codecov.yml
+++ b/.github/workflows/codecov.yml
@ -40,6 +40,6 @@ jobs:
        go test -v -race --coverprofile=coverage.coverprofile --covermode=atomic ./...
    - name: Upload coverage to Codecov
      if: success() && matrix.go == '1.22' && matrix.os == 'ubuntu-latest'
-      uses: codecov/codecov-action@125fc84a9a348dbcf27191600683ec096ec9021c # v4.4.1
+      uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0
      with:
        token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -59,7 +59,7 @@ jobs:
    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@530d4feaa9c62aaab2d250371e2061eb7a172363 # v3.25.9
+      uses: github/codeql-action/init@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10
      with:
        languages: ${{ matrix.language }}
        # If you wish to specify custom queries, you can do so here or in a config file.
@ -86,6 +86,6 @@ jobs:
        /usr/bin/env GOTOOLCHAIN=go1.22.1+auto go build -a -installsuffix cgo -ldflags '-w -s -extldflags "-static"' -o apg github.com/wneessen/apg-go/cmd/apg
    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@530d4feaa9c62aaab2d250371e2061eb7a172363 # v3.25.9
+      uses: github/codeql-action/analyze@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10
      with:
        category: "/language:${{matrix.language}}"
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@ -71,6 +71,6 @@ jobs:
      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@530d4feaa9c62aaab2d250371e2061eb7a172363 # v3.25.9
+        uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10
        with:
          sarif_file: results.sarif
--- a/.github/workflows/sonarqube.yml
+++ b/.github/workflows/sonarqube.yml
@ -21,7 +21,7 @@ jobs:
      - uses: actions/checkout@ee0669bd1cc54295c223e0bb666b733df41de1c5 # v2.7.0
        with:
          fetch-depth: 0
-      - uses: sonarsource/sonarqube-scan-action@86fe81775628f1c6349c28baab87881a2170f495 # master
+      - uses: sonarsource/sonarqube-scan-action@540792c588b5c2740ad2bb4667db5cd46ae678f2 # master
        env:
          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
          SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}
--- a/2
+++ b/2
@ -2,7 +2,7 @@
 #
 # SPDX-License-Identifier: MIT
-FROM golang:latest@sha256:969349b8121a56d51c74f4c273ab974c15b3a8ae246a5cffc1df7d28b66cf978 AS builder
+FROM golang:latest@sha256:0f7691253e132744318ff4b02e0824fec9fa4f3b43b08afd1195599660d51521 AS builder
 RUN mkdir /builddir
 ADD . /builddir/
 WORKDIR /builddir
Author	SHA1	Message	Date
Winni Neessen	c39466b421	Merge pull request #143 from wneessen/dependabot/github_actions/sonarsource/sonarqube-scan-action-2.2 Bump sonarsource/sonarqube-scan-action from 2.1.0 to 2.2	2024-06-14 09:48:43 +02:00
Winni Neessen	1ab0a86e8c	Merge pull request #142 from wneessen/dependabot/github_actions/codecov/codecov-action-4.5.0 Bump codecov/codecov-action from 4.4.1 to 4.5.0	2024-06-14 09:48:30 +02:00
Winni Neessen	569a32cf3d	Merge pull request #141 from wneessen/dependabot/github_actions/github/codeql-action-3.25.10 Bump github/codeql-action from 3.25.9 to 3.25.10	2024-06-14 09:48:16 +02:00
Winni Neessen	939bfd5ca9	Merge pull request #140 from wneessen/dependabot/docker/golang-0f76912 Bump golang from `969349b` to `0f76912`	2024-06-14 09:47:59 +02:00
dependabot[bot]	7d564169e2	Bump sonarsource/sonarqube-scan-action from 2.1.0 to 2.2 Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action) from 2.1.0 to 2.2. - [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases) - [Commits](`86fe817756...540792c588`) --- updated-dependencies: - dependency-name: sonarsource/sonarqube-scan-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-06-13 19:36:30 +00:00
dependabot[bot]	11233525f9	Bump codecov/codecov-action from 4.4.1 to 4.5.0 Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.4.1 to 4.5.0. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](`125fc84a9a...e28ff129e5`) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-06-13 19:36:26 +00:00
dependabot[bot]	b6b61f0c14	Bump github/codeql-action from 3.25.9 to 3.25.10 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.9 to 3.25.10. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`530d4feaa9...23acc5c183`) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-06-13 19:36:22 +00:00
dependabot[bot]	25fd3ecc69	Bump golang from `969349b` to `0f76912` Bumps golang from `969349b` to `0f76912`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2024-06-13 19:16:10 +00:00