Merge pull request #207 from wneessen/dependabot/github_actions/github/codeql-action-3.26.10

Bump github/codeql-action from 3.26.9 to 3.26.10
Merge pull request #208 from wneessen/dependabot/github_actions/docker/build-push-action-6.9.0
2024-10-05 18:25:55 +02:00 · 2024-09-30 21:49:05 +02:00 · 2024-09-30 21:48:45 +02:00 · 2024-09-30 19:42:04 +00:00 · 2024-09-30 19:42:01 +00:00 · 2024-09-30 21:33:31 +02:00
4 changed files with 5 additions and 5 deletions
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -59,7 +59,7 @@ jobs:

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9
+      uses: github/codeql-action/init@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
      with:
        languages: ${{ matrix.language }}
        # If you wish to specify custom queries, you can do so here or in a config file.
@ -86,6 +86,6 @@ jobs:
        /usr/bin/env GOTOOLCHAIN=go1.22.1+auto go build -a -installsuffix cgo -ldflags '-w -s -extldflags "-static"' -o apg github.com/wneessen/apg-go/cmd/apg

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9
+      uses: github/codeql-action/analyze@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
      with:
        category: "/language:${{matrix.language}}"
--- a/.github/workflows/docker-publish.yml
+++ b/.github/workflows/docker-publish.yml
@ -76,7 +76,7 @@ jobs:
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1
      - name: Build and push
-        uses: docker/build-push-action@32945a339266b759abcbdc89316275140b0fc960 # v6.8.0
+        uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
        with:
          context: .
          push: ${{ github.event_name != 'pull_request' }}
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@ -71,6 +71,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9
+        uses: github/codeql-action/upload-sarif@e2b3eafc8d227b0241d48be5f425d47c2d750a13 # v3.26.10
        with:
          sarif_file: results.sarif
--- a/2
+++ b/2
@ -2,7 +2,7 @@
 #
 # SPDX-License-Identifier: MIT

-FROM golang:latest@sha256:68c07ac27294fbdee3130831a4a6af66b9720b3cedd854c07e87e1625d95e848 AS builder
+FROM golang:latest@sha256:4f063a24d429510e512cc730c3330292ff49f3ade3ae79bda8f84a24fa25ecb0 AS builder
 RUN mkdir /builddir
 ADD . /builddir/
 WORKDIR /builddir
Author	SHA1	Message	Date
Winni Neessen	c34e6e15dd	Merge pull request #207 from wneessen/dependabot/github_actions/github/codeql-action-3.26.10 Bump github/codeql-action from 3.26.9 to 3.26.10	2024-09-30 21:49:05 +02:00
Winni Neessen	b9580e7470	Merge pull request #208 from wneessen/dependabot/github_actions/docker/build-push-action-6.9.0 Bump docker/build-push-action from 6.8.0 to 6.9.0	2024-09-30 21:48:45 +02:00
dependabot[bot]	60281762eb	Bump docker/build-push-action from 6.8.0 to 6.9.0 Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.8.0 to 6.9.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](`32945a3392...4f58ea7922`) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2024-09-30 19:42:04 +00:00
dependabot[bot]	a1675b2d90	Bump github/codeql-action from 3.26.9 to 3.26.10 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.9 to 3.26.10. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`461ef6c76d...e2b3eafc8d`) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>	2024-09-30 19:42:01 +00:00
Winni Neessen	064c17ecfc	Merge pull request #206 from wneessen/dependabot/docker/golang-4f063a2 Bump golang from `68c07ac` to `4f063a2`	2024-09-30 21:33:31 +02:00
dependabot[bot]	9e8f655d57	Bump golang from `68c07ac` to `4f063a2` Bumps golang from `68c07ac` to `4f063a2`. --- updated-dependencies: - dependency-name: golang dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2024-09-30 19:18:14 +00:00