From 915a5fdac0b2bee35497b5c860fd0dc2808362f0 Mon Sep 17 00:00:00 2001 From: Thomas Boop Date: Wed, 16 Mar 2022 14:53:01 -0400 Subject: [PATCH 1/5] update actions --- .github/workflows/labeler-triage.yml | 2 +- .github/workflows/stale.yml | 2 +- .github/workflows/sync_ghes.yaml | 4 ++-- .github/workflows/validate-data.yaml | 4 ++-- automation/label.yml | 2 +- automation/stale.yml | 2 +- ci/ada.yml | 2 +- ci/android.yml | 4 ++-- ci/ant.yml | 4 ++-- ci/blank.yml | 2 +- ci/c-cpp.yml | 2 +- ci/clojure.yml | 2 +- ci/cmake.yml | 2 +- ci/crystal.yml | 2 +- ci/d.yml | 2 +- ci/dart.yml | 2 +- ci/deno.yml | 2 +- ci/django.yml | 4 ++-- ci/docker-image.yml | 2 +- ci/docker-publish.yml | 2 +- ci/dotnet-desktop.yml | 4 ++-- ci/dotnet.yml | 4 ++-- ci/elixir.yml | 2 +- ci/erlang.yml | 2 +- ci/gem-push.yml | 2 +- ci/go.yml | 4 ++-- ci/gradle-publish.yml | 4 ++-- ci/gradle.yml | 4 ++-- ci/haskell.yml | 2 +- ci/ios.yml | 2 +- ci/jekyll.yml | 2 +- ci/laravel.yml | 2 +- ci/makefile.yml | 2 +- ci/maven-publish.yml | 4 ++-- ci/maven.yml | 4 ++-- ci/msbuild.yml | 2 +- ci/node.js.yml | 4 ++-- ci/npm-grunt.yml | 4 ++-- ci/npm-gulp.yml | 4 ++-- ci/npm-publish-github-packages.yml | 8 ++++---- ci/npm-publish.yml | 8 ++++---- ci/objective-c-xcode.yml | 2 +- ci/php.yml | 2 +- ci/pylint.yml | 4 ++-- ci/python-app.yml | 4 ++-- ci/python-package-conda.yml | 4 ++-- ci/python-package.yml | 4 ++-- ci/python-publish.yml | 4 ++-- ci/r.yml | 2 +- ci/ruby.yml | 2 +- ci/rubyonrails.yml | 4 ++-- ci/rust.yml | 2 +- ci/scala.yml | 4 ++-- ci/super-linter.yml | 2 +- ci/swift.yml | 2 +- ci/symfony.yml | 2 +- ci/webpack.yml | 4 ++-- code-scanning/anchore.yml | 2 +- code-scanning/brakeman.yml | 2 +- code-scanning/checkmarx.yml | 2 +- code-scanning/cloudrail.yml | 2 +- code-scanning/codacy.yml | 2 +- code-scanning/codeql.yml | 2 +- code-scanning/codescan.yml | 2 +- code-scanning/crunch42.yml | 2 +- code-scanning/detekt.yml | 2 +- code-scanning/devskim.yml | 2 +- code-scanning/flawfinder.yml | 2 +- code-scanning/fortify.yml | 5 +++-- code-scanning/kubesec.yml | 2 +- code-scanning/mayhem-for-api.yml | 2 +- code-scanning/mobsf.yml | 4 ++-- code-scanning/msvc.yml | 2 +- code-scanning/njsscan.yml | 2 +- code-scanning/nowsecure.yml | 2 +- code-scanning/ossar.yml | 4 ++-- code-scanning/pmd.yml | 4 ++-- code-scanning/powershell.yml | 2 +- code-scanning/prisma.yml | 2 +- code-scanning/rubocop.yml | 2 +- code-scanning/scorecards.yml | 2 +- code-scanning/securitycodescan.yml | 2 +- code-scanning/semgrep.yml | 2 +- code-scanning/shiftleft.yml | 2 +- code-scanning/snyk-container.yml | 2 +- code-scanning/snyk-infrastructure.yml | 2 +- code-scanning/stackhawk.yml | 2 +- code-scanning/synopsys-io.yml | 2 +- code-scanning/sysdig-scan.yml | 2 +- code-scanning/tfsec.yml | 2 +- code-scanning/trivy.yml | 2 +- code-scanning/veracode.yml | 5 +++-- code-scanning/xanitizer.yml | 5 +++-- deployments/alibabacloud.yml | 4 ++-- deployments/aws.yml | 2 +- deployments/azure-container-webapp.yml | 2 +- deployments/azure-staticwebapp.yml | 2 +- deployments/azure-webapps-dotnet-core.yml | 4 ++-- deployments/azure-webapps-java-jar.yml | 4 ++-- deployments/azure-webapps-node.yml | 4 ++-- deployments/azure-webapps-php.yml | 2 +- deployments/azure-webapps-python.yml | 4 ++-- deployments/google.yml | 2 +- deployments/ibm.yml | 2 +- deployments/openshift.yml | 2 +- deployments/tencent.yml | 2 +- deployments/terraform.yml | 2 +- 107 files changed, 150 insertions(+), 147 deletions(-) diff --git a/.github/workflows/labeler-triage.yml b/.github/workflows/labeler-triage.yml index eba05f0f49..99fdbc5cdd 100644 --- a/.github/workflows/labeler-triage.yml +++ b/.github/workflows/labeler-triage.yml @@ -11,6 +11,6 @@ jobs: triage: runs-on: ubuntu-latest steps: - - uses: actions/labeler@v3 + - uses: actions/labeler@v4 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" \ No newline at end of file diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 217078a152..c319ce1c3c 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/stale@v3 + - uses: actions/stale@v5 with: stale-issue-message: 'This issue has become stale and will be closed automatically within a period of time. Sorry about that.' stale-pr-message: 'This pull request has become stale and will be closed automatically within a period of time. Sorry about that.' diff --git a/.github/workflows/sync_ghes.yaml b/.github/workflows/sync_ghes.yaml index 946218f572..fb9c623f20 100644 --- a/.github/workflows/sync_ghes.yaml +++ b/.github/workflows/sync_ghes.yaml @@ -11,12 +11,12 @@ jobs: contents: write runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - run: | git fetch --no-tags --prune --depth=1 origin +refs/heads/*:refs/remotes/origin/* git config user.email "cschleiden@github.com" git config user.name "GitHub Actions" - - uses: actions/setup-node@v2 + - uses: actions/setup-node@v3 with: node-version: '12' - name: Check starter workflows for GHES compat diff --git a/.github/workflows/validate-data.yaml b/.github/workflows/validate-data.yaml index 7d5c1ee949..d2ac9a52db 100644 --- a/.github/workflows/validate-data.yaml +++ b/.github/workflows/validate-data.yaml @@ -10,9 +10,9 @@ jobs: contents: read runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - - uses: actions/setup-node@v2 + - uses: actions/setup-node@v3 with: node-version: "12" diff --git a/automation/label.yml b/automation/label.yml index 5cdc45e6d4..a8a1bd725b 100644 --- a/automation/label.yml +++ b/automation/label.yml @@ -17,6 +17,6 @@ jobs: pull-requests: write steps: - - uses: actions/labeler@v2 + - uses: actions/labeler@v4 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/automation/stale.yml b/automation/stale.yml index ff88dc0809..1322eafd69 100644 --- a/automation/stale.yml +++ b/automation/stale.yml @@ -18,7 +18,7 @@ jobs: pull-requests: write steps: - - uses: actions/stale@v3 + - uses: actions/stale@v5 with: repo-token: ${{ secrets.GITHUB_TOKEN }} stale-issue-message: 'Stale issue message' diff --git a/ci/ada.yml b/ci/ada.yml index a27902a5ed..7e94b3855e 100644 --- a/ci/ada.yml +++ b/ci/ada.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Set up GNAT toolchain run: > diff --git a/ci/android.yml b/ci/android.yml index f289bd5c73..221fca5c90 100644 --- a/ci/android.yml +++ b/ci/android.yml @@ -12,9 +12,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: set up JDK 11 - uses: actions/setup-java@v2 + uses: actions/setup-java@v3 with: java-version: '11' distribution: 'temurin' diff --git a/ci/ant.yml b/ci/ant.yml index 0205d40359..16146641ae 100644 --- a/ci/ant.yml +++ b/ci/ant.yml @@ -15,9 +15,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up JDK 11 - uses: actions/setup-java@v2 + uses: actions/setup-java@v3 with: java-version: '11' distribution: 'temurin' diff --git a/ci/blank.yml b/ci/blank.yml index 895e5d1d76..607e2cfaeb 100644 --- a/ci/blank.yml +++ b/ci/blank.yml @@ -23,7 +23,7 @@ jobs: # Steps represent a sequence of tasks that will be executed as part of the job steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 # Runs a single command using the runners shell - name: Run a one-line script diff --git a/ci/c-cpp.yml b/ci/c-cpp.yml index 88d1497621..14d2eb9c34 100644 --- a/ci/c-cpp.yml +++ b/ci/c-cpp.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: configure run: ./configure - name: make diff --git a/ci/clojure.yml b/ci/clojure.yml index 098918a1b8..a76631a5dd 100644 --- a/ci/clojure.yml +++ b/ci/clojure.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Install dependencies run: lein deps - name: Run tests diff --git a/ci/cmake.yml b/ci/cmake.yml index 6c858b9198..6f06f756ca 100644 --- a/ci/cmake.yml +++ b/ci/cmake.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. diff --git a/ci/crystal.yml b/ci/crystal.yml index 6552afa563..18cc825acb 100644 --- a/ci/crystal.yml +++ b/ci/crystal.yml @@ -15,7 +15,7 @@ jobs: image: crystallang/crystal steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Install dependencies run: shards install - name: Run tests diff --git a/ci/d.yml b/ci/d.yml index 6086681203..878716adff 100644 --- a/ci/d.yml +++ b/ci/d.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - uses: dlang-community/setup-dlang@4c99aa991ce7d19dd3064de0a4f2f6b2f152e2d7 - name: 'Build & Test' diff --git a/ci/dart.yml b/ci/dart.yml index 7486577484..7bf352f21b 100644 --- a/ci/dart.yml +++ b/ci/dart.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 # Note: This workflow uses the latest stable version of the Dart SDK. # You can specify other versions if desired, see documentation here: diff --git a/ci/deno.yml b/ci/deno.yml index 25e9e2a510..24d3d9bda6 100644 --- a/ci/deno.yml +++ b/ci/deno.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Setup repo - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Setup Deno # uses: denoland/setup-deno@v1 diff --git a/ci/django.yml b/ci/django.yml index dbde2666b0..79550cc789 100644 --- a/ci/django.yml +++ b/ci/django.yml @@ -16,9 +16,9 @@ jobs: python-version: [3.7, 3.8, 3.9] steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v2 + uses: actions/setup-python@v3 with: python-version: ${{ matrix.python-version }} - name: Install Dependencies diff --git a/ci/docker-image.yml b/ci/docker-image.yml index 78532a335a..cc9cd6ee37 100644 --- a/ci/docker-image.yml +++ b/ci/docker-image.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Build the Docker image run: docker build . --file Dockerfile --tag my-image-name:$(date +%s) diff --git a/ci/docker-publish.yml b/ci/docker-publish.yml index 977635a1b4..7b6add3ce3 100644 --- a/ci/docker-publish.yml +++ b/ci/docker-publish.yml @@ -35,7 +35,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 # Install the cosign tool except on PR # https://github.com/sigstore/cosign-installer diff --git a/ci/dotnet-desktop.yml b/ci/dotnet-desktop.yml index 06ce344fd1..170b3f6487 100644 --- a/ci/dotnet-desktop.yml +++ b/ci/dotnet-desktop.yml @@ -63,13 +63,13 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: fetch-depth: 0 # Install the .NET Core workload - name: Install .NET Core - uses: actions/setup-dotnet@v1 + uses: actions/setup-dotnet@v2 with: dotnet-version: 5.0.x diff --git a/ci/dotnet.yml b/ci/dotnet.yml index c31cf6857f..5974d4a034 100644 --- a/ci/dotnet.yml +++ b/ci/dotnet.yml @@ -12,9 +12,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Setup .NET - uses: actions/setup-dotnet@v1 + uses: actions/setup-dotnet@v2 with: dotnet-version: 5.0.x - name: Restore dependencies diff --git a/ci/elixir.yml b/ci/elixir.yml index afe01beb2f..95ffa6342f 100644 --- a/ci/elixir.yml +++ b/ci/elixir.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Elixir uses: erlef/setup-beam@988e02bfe678367a02564f65ca2e37726dc0268f with: diff --git a/ci/erlang.yml b/ci/erlang.yml index 25cb8939e7..20e269fbad 100644 --- a/ci/erlang.yml +++ b/ci/erlang.yml @@ -16,7 +16,7 @@ jobs: image: erlang:22.0.7 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Compile run: rebar3 compile - name: Run tests diff --git a/ci/gem-push.yml b/ci/gem-push.yml index 3dc62be3cb..8905272015 100644 --- a/ci/gem-push.yml +++ b/ci/gem-push.yml @@ -15,7 +15,7 @@ jobs: packages: write steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Ruby 2.6 uses: actions/setup-ruby@v1 with: diff --git a/ci/go.yml b/ci/go.yml index afff652f99..6f498a6c4c 100644 --- a/ci/go.yml +++ b/ci/go.yml @@ -11,10 +11,10 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Go - uses: actions/setup-go@v2 + uses: actions/setup-go@v3 with: go-version: 1.17 diff --git a/ci/gradle-publish.yml b/ci/gradle-publish.yml index 9fdc8516ea..3149c1c334 100644 --- a/ci/gradle-publish.yml +++ b/ci/gradle-publish.yml @@ -20,9 +20,9 @@ jobs: packages: write steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up JDK 11 - uses: actions/setup-java@v2 + uses: actions/setup-java@v3 with: java-version: '11' distribution: 'temurin' diff --git a/ci/gradle.yml b/ci/gradle.yml index fc8cf2fea8..b37aa73afc 100644 --- a/ci/gradle.yml +++ b/ci/gradle.yml @@ -19,9 +19,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up JDK 11 - uses: actions/setup-java@v2 + uses: actions/setup-java@v3 with: java-version: '11' distribution: 'temurin' diff --git a/ci/haskell.yml b/ci/haskell.yml index c1d7dc7aeb..6392e7fcf8 100644 --- a/ci/haskell.yml +++ b/ci/haskell.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - uses: actions/setup-haskell@v1 with: ghc-version: '8.10.3' diff --git a/ci/ios.yml b/ci/ios.yml index ab92d322ad..5cec5e7648 100644 --- a/ci/ios.yml +++ b/ci/ios.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Set Default Scheme run: | scheme_list=$(xcodebuild -list -json | tr -d "\n") diff --git a/ci/jekyll.yml b/ci/jekyll.yml index 71920c128d..6a98dea142 100644 --- a/ci/jekyll.yml +++ b/ci/jekyll.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Build the site in the jekyll/builder container run: | docker run \ diff --git a/ci/laravel.yml b/ci/laravel.yml index 5f4e6c9023..e778d7b313 100644 --- a/ci/laravel.yml +++ b/ci/laravel.yml @@ -15,7 +15,7 @@ jobs: - uses: shivammathur/setup-php@15c43e89cdef867065b0213be354c2841860869e with: php-version: '8.0' - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Copy .env run: php -r "file_exists('.env') || copy('.env.example', '.env');" - name: Install Dependencies diff --git a/ci/makefile.yml b/ci/makefile.yml index eafe622fd5..0156944cdc 100644 --- a/ci/makefile.yml +++ b/ci/makefile.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: configure run: ./configure diff --git a/ci/maven-publish.yml b/ci/maven-publish.yml index 319f9a1194..dab69fef79 100644 --- a/ci/maven-publish.yml +++ b/ci/maven-publish.yml @@ -16,9 +16,9 @@ jobs: packages: write steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up JDK 11 - uses: actions/setup-java@v2 + uses: actions/setup-java@v3 with: java-version: '11' distribution: 'temurin' diff --git a/ci/maven.yml b/ci/maven.yml index f301fe093e..65e0dff20e 100644 --- a/ci/maven.yml +++ b/ci/maven.yml @@ -15,9 +15,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up JDK 11 - uses: actions/setup-java@v2 + uses: actions/setup-java@v3 with: java-version: '11' distribution: 'temurin' diff --git a/ci/msbuild.yml b/ci/msbuild.yml index e650e2aa34..3cd8f013bc 100644 --- a/ci/msbuild.yml +++ b/ci/msbuild.yml @@ -20,7 +20,7 @@ jobs: runs-on: windows-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Add MSBuild to PATH uses: microsoft/setup-msbuild@v1.0.2 diff --git a/ci/node.js.yml b/ci/node.js.yml index 8d1b9c7001..87ef0d8f5e 100644 --- a/ci/node.js.yml +++ b/ci/node.js.yml @@ -20,9 +20,9 @@ jobs: # See supported Node.js release schedule at https://nodejs.org/en/about/releases/ steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v2 + uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} cache: 'npm' diff --git a/ci/npm-grunt.yml b/ci/npm-grunt.yml index 8c83cb6237..eda97e1fd7 100644 --- a/ci/npm-grunt.yml +++ b/ci/npm-grunt.yml @@ -15,10 +15,10 @@ jobs: node-version: [12.x, 14.x, 16.x] steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v1 + uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} diff --git a/ci/npm-gulp.yml b/ci/npm-gulp.yml index cc5da138f7..504f22ea61 100644 --- a/ci/npm-gulp.yml +++ b/ci/npm-gulp.yml @@ -15,10 +15,10 @@ jobs: node-version: [12.x, 14.x, 16.x] steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v1 + uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} diff --git a/ci/npm-publish-github-packages.yml b/ci/npm-publish-github-packages.yml index 09ff0b3cc7..638ccf806c 100644 --- a/ci/npm-publish-github-packages.yml +++ b/ci/npm-publish-github-packages.yml @@ -11,8 +11,8 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: actions/setup-node@v2 + - uses: actions/checkout@v3 + - uses: actions/setup-node@v3 with: node-version: 16 - run: npm ci @@ -25,8 +25,8 @@ jobs: contents: read packages: write steps: - - uses: actions/checkout@v2 - - uses: actions/setup-node@v2 + - uses: actions/checkout@v3 + - uses: actions/setup-node@v3 with: node-version: 16 registry-url: $registry-url(npm) diff --git a/ci/npm-publish.yml b/ci/npm-publish.yml index ef8c6905aa..c461c85dd9 100644 --- a/ci/npm-publish.yml +++ b/ci/npm-publish.yml @@ -11,8 +11,8 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: actions/setup-node@v2 + - uses: actions/checkout@v3 + - uses: actions/setup-node@v3 with: node-version: 16 - run: npm ci @@ -22,8 +22,8 @@ jobs: needs: build runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - uses: actions/setup-node@v2 + - uses: actions/checkout@v3 + - uses: actions/setup-node@v3 with: node-version: 16 registry-url: https://registry.npmjs.org/ diff --git a/ci/objective-c-xcode.yml b/ci/objective-c-xcode.yml index db009b0f17..13738787b6 100644 --- a/ci/objective-c-xcode.yml +++ b/ci/objective-c-xcode.yml @@ -13,7 +13,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Set Default Scheme run: | scheme_list=$(xcodebuild -list -json | tr -d "\n") diff --git a/ci/php.yml b/ci/php.yml index 6acfdd17d8..4ec199c284 100644 --- a/ci/php.yml +++ b/ci/php.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Validate composer.json and composer.lock run: composer validate --strict diff --git a/ci/pylint.yml b/ci/pylint.yml index 7b555fee49..383e65cd03 100644 --- a/ci/pylint.yml +++ b/ci/pylint.yml @@ -9,9 +9,9 @@ jobs: matrix: python-version: ["3.8", "3.9", "3.10"] steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v2 + uses: actions/setup-python@v3 with: python-version: ${{ matrix.python-version }} - name: Install dependencies diff --git a/ci/python-app.yml b/ci/python-app.yml index 2cfc2a36b5..89823c1c0b 100644 --- a/ci/python-app.yml +++ b/ci/python-app.yml @@ -15,9 +15,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Python 3.10 - uses: actions/setup-python@v2 + uses: actions/setup-python@v3 with: python-version: "3.10" - name: Install dependencies diff --git a/ci/python-package-conda.yml b/ci/python-package-conda.yml index 9bd6d2b617..57940bdb0c 100644 --- a/ci/python-package-conda.yml +++ b/ci/python-package-conda.yml @@ -9,9 +9,9 @@ jobs: max-parallel: 5 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Python 3.10 - uses: actions/setup-python@v2 + uses: actions/setup-python@v3 with: python-version: 3.10 - name: Add conda to system path diff --git a/ci/python-package.yml b/ci/python-package.yml index b0a63cf6a9..583a366774 100644 --- a/ci/python-package.yml +++ b/ci/python-package.yml @@ -19,9 +19,9 @@ jobs: python-version: ["3.8", "3.9", "3.10"] steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v2 + uses: actions/setup-python@v3 with: python-version: ${{ matrix.python-version }} - name: Install dependencies diff --git a/ci/python-publish.yml b/ci/python-publish.yml index 3bfabfc125..f55528c5a5 100644 --- a/ci/python-publish.yml +++ b/ci/python-publish.yml @@ -18,9 +18,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Python - uses: actions/setup-python@v2 + uses: actions/setup-python@v3 with: python-version: '3.x' - name: Install dependencies diff --git a/ci/r.yml b/ci/r.yml index 305c2cf45f..afb870e2fe 100644 --- a/ci/r.yml +++ b/ci/r.yml @@ -22,7 +22,7 @@ jobs: r-version: ['3.6.3', '4.1.1'] steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up R ${{ matrix.r-version }} uses: r-lib/actions/setup-r@f57f1301a053485946083d7a45022b278929a78a with: diff --git a/ci/ruby.yml b/ci/ruby.yml index f6ae1e3573..d8e672abe6 100644 --- a/ci/ruby.yml +++ b/ci/ruby.yml @@ -22,7 +22,7 @@ jobs: ruby-version: ['2.6', '2.7', '3.0'] steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Ruby # To automatically get bug fixes and new Ruby versions for ruby/setup-ruby, # change this to (see https://github.com/ruby/setup-ruby#versioning): diff --git a/ci/rubyonrails.yml b/ci/rubyonrails.yml index b7b3624394..2ad891f479 100644 --- a/ci/rubyonrails.yml +++ b/ci/rubyonrails.yml @@ -27,7 +27,7 @@ jobs: DATABASE_URL: "postgres://rails:password@localhost:5432/rails_test" steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@v3 # Add or replace dependency steps here - name: Install Ruby and gems uses: ruby/setup-ruby@8f312efe1262fb463d906e9bf040319394c18d3e # v1.92 @@ -44,7 +44,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Install Ruby and gems uses: ruby/setup-ruby@8f312efe1262fb463d906e9bf040319394c18d3e # v1.92 with: diff --git a/ci/rust.yml b/ci/rust.yml index 6c82c610fe..d51f1afdb7 100644 --- a/ci/rust.yml +++ b/ci/rust.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Build run: cargo build --verbose - name: Run tests diff --git a/ci/scala.yml b/ci/scala.yml index af6b2ed0bc..ed24363736 100644 --- a/ci/scala.yml +++ b/ci/scala.yml @@ -12,9 +12,9 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up JDK 11 - uses: actions/setup-java@v2 + uses: actions/setup-java@v3 with: java-version: '11' distribution: 'temurin' diff --git a/ci/super-linter.yml b/ci/super-linter.yml index bebd82dd26..275b34f85c 100644 --- a/ci/super-linter.yml +++ b/ci/super-linter.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@v3 with: # Full git history is needed to get a proper list of changed files within `super-linter` fetch-depth: 0 diff --git a/ci/swift.yml b/ci/swift.yml index df062b53e5..3668fc0be6 100644 --- a/ci/swift.yml +++ b/ci/swift.yml @@ -12,7 +12,7 @@ jobs: runs-on: macos-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Build run: swift build -v - name: Run tests diff --git a/ci/symfony.yml b/ci/symfony.yml index 7d1ca7460f..f248e21c7c 100644 --- a/ci/symfony.yml +++ b/ci/symfony.yml @@ -16,7 +16,7 @@ jobs: - uses: shivammathur/setup-php@2cb9b829437ee246e9b3cac53555a39208ca6d28 with: php-version: '8.0' - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Copy .env.test.local run: php -r "file_exists('.env.test.local') || copy('.env.test', '.env.test.local');" - name: Cache Composer packages diff --git a/ci/webpack.yml b/ci/webpack.yml index 8edb34f4bb..6449fe7a7b 100644 --- a/ci/webpack.yml +++ b/ci/webpack.yml @@ -15,10 +15,10 @@ jobs: node-version: [12.x, 14.x, 16.x] steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@v1 + uses: actions/setup-node@v3 with: node-version: ${{ matrix.node-version }} diff --git a/code-scanning/anchore.yml b/code-scanning/anchore.yml index fcca708e99..64264e45a0 100644 --- a/code-scanning/anchore.yml +++ b/code-scanning/anchore.yml @@ -31,7 +31,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the code - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Build the Docker image run: docker build . --file Dockerfile --tag localbuild/testimage:latest - name: Run the Anchore scan action itself with GitHub Advanced Security code scanning integration enabled diff --git a/code-scanning/brakeman.yml b/code-scanning/brakeman.yml index d0b25ac9a3..3237551deb 100644 --- a/code-scanning/brakeman.yml +++ b/code-scanning/brakeman.yml @@ -30,7 +30,7 @@ jobs: steps: # Checkout the repository to the GitHub Actions runner - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 # Customize the ruby version depending on your needs - name: Setup Ruby diff --git a/code-scanning/checkmarx.yml b/code-scanning/checkmarx.yml index d012bce5c8..d86d4f9a8a 100644 --- a/code-scanning/checkmarx.yml +++ b/code-scanning/checkmarx.yml @@ -34,7 +34,7 @@ jobs: # Steps require - checkout code, run CxFlow Action, Upload SARIF report (optional) steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 # Runs the Checkmarx Scan leveraging the latest version of CxFlow - REFER to Action README for list of inputs - name: Checkmarx CxFlow Action uses: checkmarx-ts/checkmarx-cxflow-github-action@9975af7d6b957abec9ee9646effa3fb3b82c5314 diff --git a/code-scanning/cloudrail.yml b/code-scanning/cloudrail.yml index 00e270ad57..0d6b3de959 100644 --- a/code-scanning/cloudrail.yml +++ b/code-scanning/cloudrail.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Clone repo - uses: actions/checkout@v2 + uses: actions/checkout@v3 # For Terraform, Cloudrail requires the plan as input. So we generate it using # the Terraform core binary. diff --git a/code-scanning/codacy.yml b/code-scanning/codacy.yml index 4892930921..8100be89cf 100644 --- a/code-scanning/codacy.yml +++ b/code-scanning/codacy.yml @@ -35,7 +35,7 @@ jobs: steps: # Checkout the repository to the GitHub Actions runner - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@v3 # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis - name: Run Codacy Analysis CLI diff --git a/code-scanning/codeql.yml b/code-scanning/codeql.yml index 57b4b69ad9..cd9a68339a 100644 --- a/code-scanning/codeql.yml +++ b/code-scanning/codeql.yml @@ -38,7 +38,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/code-scanning/codescan.yml b/code-scanning/codescan.yml index 5886843a56..03a0600216 100644 --- a/code-scanning/codescan.yml +++ b/code-scanning/codescan.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Cache files uses: actions/cache@v2 with: diff --git a/code-scanning/crunch42.yml b/code-scanning/crunch42.yml index e8e24472b8..07cd73a62c 100644 --- a/code-scanning/crunch42.yml +++ b/code-scanning/crunch42.yml @@ -43,7 +43,7 @@ jobs: security-events: write # for 42Crunch/api-security-audit-action to upload results to Github Code Scanning runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: 42Crunch REST API Static Security Testing uses: 42Crunch/api-security-audit-action@96228d9c48873fe001354047d47fb62be42abeb1 diff --git a/code-scanning/detekt.yml b/code-scanning/detekt.yml index a8610c32c4..1118c3d474 100644 --- a/code-scanning/detekt.yml +++ b/code-scanning/detekt.yml @@ -45,7 +45,7 @@ jobs: # Steps represent a sequence of tasks that will be executed as part of the job steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 # Gets the download URL associated with the $DETEKT_RELEASE_TAG - name: Get Detekt download URL diff --git a/code-scanning/devskim.yml b/code-scanning/devskim.yml index 3a5c45fb59..e057348414 100644 --- a/code-scanning/devskim.yml +++ b/code-scanning/devskim.yml @@ -23,7 +23,7 @@ jobs: security-events: write steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Run DevSkim scanner uses: microsoft/DevSkim-Action@v1 diff --git a/code-scanning/flawfinder.yml b/code-scanning/flawfinder.yml index 080953ea17..697e56150e 100644 --- a/code-scanning/flawfinder.yml +++ b/code-scanning/flawfinder.yml @@ -24,7 +24,7 @@ jobs: security-events: write steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: flawfinder_scan uses: david-a-wheeler/flawfinder@8e4a779ad59dbfaee5da586aa9210853b701959c diff --git a/code-scanning/fortify.yml b/code-scanning/fortify.yml index d67d194897..4b3f0d635e 100644 --- a/code-scanning/fortify.yml +++ b/code-scanning/fortify.yml @@ -39,14 +39,15 @@ jobs: steps: # Check out source code - name: Check Out Source Code - uses: actions/checkout@v2 + uses: actions/checkout@v3 # Java is required to run the various Fortify utilities. # When scanning a Java application, please use the appropriate Java version for building your application. - name: Setup Java - uses: actions/setup-java@v1 + uses: actions/setup-java@v3 with: java-version: 1.8 + distribution: 'temurin' # Prepare source+dependencies for upload. The default example is for a Maven project that uses pom.xml. # TODO: Update PACKAGE_OPTS based on the ScanCentral Client documentation for your project's included tech stack(s). Helpful hints: diff --git a/code-scanning/kubesec.yml b/code-scanning/kubesec.yml index 1cad70cba8..81ebaa792c 100644 --- a/code-scanning/kubesec.yml +++ b/code-scanning/kubesec.yml @@ -24,7 +24,7 @@ jobs: security-events: write steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Run kubesec scanner uses: controlplaneio/kubesec-action@43d0ddff5ffee89a6bb9f29b64cd865411137b14 diff --git a/code-scanning/mayhem-for-api.yml b/code-scanning/mayhem-for-api.yml index 59d66a003e..ed424f1dab 100644 --- a/code-scanning/mayhem-for-api.yml +++ b/code-scanning/mayhem-for-api.yml @@ -42,7 +42,7 @@ jobs: contents: read security-events: write steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 # Run your API in the background. Ideally, the API would run in debug # mode & send stacktraces back on "500 Internal Server Error" responses diff --git a/code-scanning/mobsf.yml b/code-scanning/mobsf.yml index d8eaa9246b..96655affea 100644 --- a/code-scanning/mobsf.yml +++ b/code-scanning/mobsf.yml @@ -24,10 +24,10 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Setup python - uses: actions/setup-python@v2 + uses: actions/setup-python@v3 with: python-version: 3.8 diff --git a/code-scanning/msvc.yml b/code-scanning/msvc.yml index 0abb40937c..13e58eff77 100644 --- a/code-scanning/msvc.yml +++ b/code-scanning/msvc.yml @@ -33,7 +33,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Configure CMake run: cmake -B ${{ env.build }} diff --git a/code-scanning/njsscan.yml b/code-scanning/njsscan.yml index a6da087b9b..16ade3b2a3 100644 --- a/code-scanning/njsscan.yml +++ b/code-scanning/njsscan.yml @@ -29,7 +29,7 @@ jobs: name: njsscan code scanning steps: - name: Checkout the code - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: nodejsscan scan id: njsscan uses: ajinabraham/njsscan-action@7237412fdd36af517e2745077cedbf9d6900d711 diff --git a/code-scanning/nowsecure.yml b/code-scanning/nowsecure.yml index 92126bdfde..fbca5379b1 100644 --- a/code-scanning/nowsecure.yml +++ b/code-scanning/nowsecure.yml @@ -34,7 +34,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Build your application run: ./gradlew assembleDebug # Update this to build your Android or iOS application diff --git a/code-scanning/ossar.yml b/code-scanning/ossar.yml index b5aefa4b59..a6f6aa7059 100644 --- a/code-scanning/ossar.yml +++ b/code-scanning/ossar.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 # Ensure a compatible version of dotnet is installed. # The [Microsoft Security Code Analysis CLI](https://aka.ms/mscadocs) is built with dotnet v3.1.201. @@ -33,7 +33,7 @@ jobs: # GitHub hosted runners already have a compatible version of dotnet installed and this step may be skipped. # For self-hosted runners, ensure dotnet version 3.1.201 or later is installed by including this action: # - name: Install .NET - # uses: actions/setup-dotnet@v1 + # uses: actions/setup-dotnet@v2 # with: # dotnet-version: '3.1.x' diff --git a/code-scanning/pmd.yml b/code-scanning/pmd.yml index 06047344f7..cd88c3430b 100644 --- a/code-scanning/pmd.yml +++ b/code-scanning/pmd.yml @@ -17,9 +17,9 @@ jobs: pmd-code-scan: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up JDK 11 - uses: actions/setup-java@v2 + uses: actions/setup-java@v3 with: java-version: '11' distribution: 'temurin' diff --git a/code-scanning/powershell.yml b/code-scanning/powershell.yml index dfbf452e2b..e70dd96b2d 100644 --- a/code-scanning/powershell.yml +++ b/code-scanning/powershell.yml @@ -22,7 +22,7 @@ jobs: name: PSScriptAnalyzer runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Run PSScriptAnalyzer uses: microsoft/psscriptanalyzer-action@2044ae068e37d0161fa2127de04c19633882f061 diff --git a/code-scanning/prisma.yml b/code-scanning/prisma.yml index 5b1148202e..07be948b7d 100644 --- a/code-scanning/prisma.yml +++ b/code-scanning/prisma.yml @@ -33,7 +33,7 @@ jobs: name: Run Prisma Cloud IaC Scan to check steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - id: iac-scan name: Run Scan on CFT files in the repository uses: prisma-cloud-shiftleft/iac-scan-action@53278c231c438216d99b463308a3cbed351ba0c3 diff --git a/code-scanning/rubocop.yml b/code-scanning/rubocop.yml index 373d5b689d..4ab8001407 100644 --- a/code-scanning/rubocop.yml +++ b/code-scanning/rubocop.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 # If running on a self-hosted runner, check it meets the requirements # listed at https://github.com/ruby/setup-ruby#using-self-hosted-runners diff --git a/code-scanning/scorecards.yml b/code-scanning/scorecards.yml index d63b4628cc..492868a654 100644 --- a/code-scanning/scorecards.yml +++ b/code-scanning/scorecards.yml @@ -42,7 +42,7 @@ jobs: # Upload the results as artifacts (optional). - name: "Upload artifact" - uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2 # v2.3.1 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 with: name: SARIF file path: results.sarif diff --git a/code-scanning/securitycodescan.yml b/code-scanning/securitycodescan.yml index 3063c7ad7e..0b2fa57a6e 100644 --- a/code-scanning/securitycodescan.yml +++ b/code-scanning/securitycodescan.yml @@ -21,7 +21,7 @@ jobs: SCS: runs-on: windows-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - uses: nuget/setup-nuget@04b0c2b8d1b97922f67eca497d7cf0bf17b8ffe1 - uses: microsoft/setup-msbuild@v1.0.2 diff --git a/code-scanning/semgrep.yml b/code-scanning/semgrep.yml index f99d441f78..86c3647f5c 100644 --- a/code-scanning/semgrep.yml +++ b/code-scanning/semgrep.yml @@ -31,7 +31,7 @@ jobs: runs-on: ubuntu-latest steps: # Checkout project source - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 # Scan code using project's configuration on https://semgrep.dev/manage - uses: returntocorp/semgrep-action@fcd5ab7459e8d91cb1777481980d1b18b4fc6735 diff --git a/code-scanning/shiftleft.yml b/code-scanning/shiftleft.yml index 48b86d3d96..d1154d16de 100644 --- a/code-scanning/shiftleft.yml +++ b/code-scanning/shiftleft.yml @@ -22,7 +22,7 @@ jobs: # Scan runs on ubuntu, mac and windows runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 # Instructions # 1. Setup JDK, Node.js, Python etc depending on your project type # 2. Compile or build the project before invoking scan diff --git a/code-scanning/snyk-container.yml b/code-scanning/snyk-container.yml index 8ff2c9a4b8..48ccbe9fc5 100644 --- a/code-scanning/snyk-container.yml +++ b/code-scanning/snyk-container.yml @@ -26,7 +26,7 @@ jobs: snyk: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Build a Docker image run: docker build -t your/image-to-test . - name: Run Snyk to check Docker image for vulnerabilities diff --git a/code-scanning/snyk-infrastructure.yml b/code-scanning/snyk-infrastructure.yml index b79bf340e4..2799bfccd5 100644 --- a/code-scanning/snyk-infrastructure.yml +++ b/code-scanning/snyk-infrastructure.yml @@ -25,7 +25,7 @@ jobs: snyk: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Run Snyk to check configuration files for security issues # Snyk can be used to break the build when it detects security issues. # In this case we want to upload the issues to GitHub Code Scanning diff --git a/code-scanning/stackhawk.yml b/code-scanning/stackhawk.yml index af220c0810..64e9b9b967 100644 --- a/code-scanning/stackhawk.yml +++ b/code-scanning/stackhawk.yml @@ -49,7 +49,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Start your service run: ./your-service.sh & # ✏️ Update this to run your own service to be scanned diff --git a/code-scanning/synopsys-io.yml b/code-scanning/synopsys-io.yml index 0c1ff16a3a..c73eb173d5 100644 --- a/code-scanning/synopsys-io.yml +++ b/code-scanning/synopsys-io.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Synopsys Intelligent Security Scan id: prescription diff --git a/code-scanning/sysdig-scan.yml b/code-scanning/sysdig-scan.yml index f9b29fc5ea..92082e53a4 100644 --- a/code-scanning/sysdig-scan.yml +++ b/code-scanning/sysdig-scan.yml @@ -27,7 +27,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Build the Docker image # Tag image to be built diff --git a/code-scanning/tfsec.yml b/code-scanning/tfsec.yml index 479f713c96..10a77ab6b2 100644 --- a/code-scanning/tfsec.yml +++ b/code-scanning/tfsec.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Clone repo - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Run tfsec uses: tfsec/tfsec-sarif-action@9a83b5c3524f825c020e356335855741fd02745f diff --git a/code-scanning/trivy.yml b/code-scanning/trivy.yml index 3d5373f22c..d6633bea06 100644 --- a/code-scanning/trivy.yml +++ b/code-scanning/trivy.yml @@ -26,7 +26,7 @@ jobs: runs-on: "ubuntu-18.04" steps: - name: Checkout code - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Build an image from Dockerfile run: | diff --git a/code-scanning/veracode.yml b/code-scanning/veracode.yml index 073d1b6b99..70820c5b66 100644 --- a/code-scanning/veracode.yml +++ b/code-scanning/veracode.yml @@ -31,7 +31,7 @@ jobs: steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it and copies all sources into ZIP file for submitting for analysis. Replace this section with your applications build steps - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 with: repository: '' @@ -41,9 +41,10 @@ jobs: - run: curl --silent --show-error --fail -O https://downloads.veracode.com/securityscan/pipeline-scan-LATEST.zip - run: unzip -o pipeline-scan-LATEST.zip - - uses: actions/setup-java@v1 + - uses: actions/setup-java@v3 with: java-version: 1.8 + distribution: 'temurin' - run: java -jar pipeline-scan.jar --veracode_api_id "${{secrets.VERACODE_API_ID}}" --veracode_api_key "${{secrets.VERACODE_API_KEY}}" --fail_on_severity="Very High, High" --file veracode-scan-target.zip continue-on-error: true - name: Convert pipeline scan output to SARIF format diff --git a/code-scanning/xanitizer.yml b/code-scanning/xanitizer.yml index dc3c9ceed3..c20c741c02 100644 --- a/code-scanning/xanitizer.yml +++ b/code-scanning/xanitizer.yml @@ -50,14 +50,15 @@ jobs: steps: # Check out the repository - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 # Set up the correct Java version for your project # Please comment out, if your project does not contain Java source code. - name: Set up JDK 11 - uses: actions/setup-java@v1 + uses: actions/setup-java@v3 with: java-version: 11 + distribution: 'temurin' # Compile the code for Java projects and get all libraries, e.g. via Maven # Please adapt, if your project uses another build system to compile Java source code. diff --git a/deployments/alibabacloud.yml b/deployments/alibabacloud.yml index ded91780b0..841a2fdda7 100644 --- a/deployments/alibabacloud.yml +++ b/deployments/alibabacloud.yml @@ -47,7 +47,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 # 1.1 Login to ACR - name: Login to ACR with the AccessKey pair @@ -74,7 +74,7 @@ jobs: tag: "${{ env.TAG }}" # 2.1 (Optional) Login to ACR EE - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Login to ACR EE with the AccessKey pair uses: aliyun/acr-login@v1 with: diff --git a/deployments/aws.yml b/deployments/aws.yml index dab851f906..fe5e0765a0 100644 --- a/deployments/aws.yml +++ b/deployments/aws.yml @@ -49,7 +49,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v1 diff --git a/deployments/azure-container-webapp.yml b/deployments/azure-container-webapp.yml index 57fe362ab8..c882bde542 100644 --- a/deployments/azure-container-webapp.yml +++ b/deployments/azure-container-webapp.yml @@ -40,7 +40,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v1 diff --git a/deployments/azure-staticwebapp.yml b/deployments/azure-staticwebapp.yml index 8e1faf7e2a..becfede7cc 100644 --- a/deployments/azure-staticwebapp.yml +++ b/deployments/azure-staticwebapp.yml @@ -34,7 +34,7 @@ jobs: runs-on: ubuntu-latest name: Build and Deploy Job steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 with: submodules: true - name: Build And Deploy diff --git a/deployments/azure-webapps-dotnet-core.yml b/deployments/azure-webapps-dotnet-core.yml index ed45e220f9..4a151f6068 100644 --- a/deployments/azure-webapps-dotnet-core.yml +++ b/deployments/azure-webapps-dotnet-core.yml @@ -35,10 +35,10 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up .NET Core - uses: actions/setup-dotnet@v1 + uses: actions/setup-dotnet@v2 with: dotnet-version: ${{ env.DOTNET_VERSION }} diff --git a/deployments/azure-webapps-java-jar.yml b/deployments/azure-webapps-java-jar.yml index 210fd90ff3..5f58dbfe8d 100644 --- a/deployments/azure-webapps-java-jar.yml +++ b/deployments/azure-webapps-java-jar.yml @@ -34,10 +34,10 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Java version - uses: actions/setup-java@v2.3.1 + uses: actions/setup-java@v3.0.0 with: java-version: ${{ env.JAVA_VERSION }} cache: 'maven' diff --git a/deployments/azure-webapps-node.yml b/deployments/azure-webapps-node.yml index b6089d4ee7..c967bdb94d 100644 --- a/deployments/azure-webapps-node.yml +++ b/deployments/azure-webapps-node.yml @@ -32,10 +32,10 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Node.js - uses: actions/setup-node@v2 + uses: actions/setup-node@v3 with: node-version: ${{ env.NODE_VERSION }} cache: 'npm' diff --git a/deployments/azure-webapps-php.yml b/deployments/azure-webapps-php.yml index a2dd57bf18..d54d805d16 100644 --- a/deployments/azure-webapps-php.yml +++ b/deployments/azure-webapps-php.yml @@ -35,7 +35,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Setup PHP uses: shivammathur/setup-php@7c0b4c8c8ebed23eca9ec2802474895d105b11bc diff --git a/deployments/azure-webapps-python.yml b/deployments/azure-webapps-python.yml index 8605e0a11a..af6a9dd29b 100644 --- a/deployments/azure-webapps-python.yml +++ b/deployments/azure-webapps-python.yml @@ -34,10 +34,10 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3 - name: Set up Python version - uses: actions/setup-python@v2.2.2 + uses: actions/setup-python@v3.0.0 with: python-version: ${{ env.PYTHON_VERSION }} cache: 'pip' diff --git a/deployments/google.yml b/deployments/google.yml index 003e53be29..6150672b31 100644 --- a/deployments/google.yml +++ b/deployments/google.yml @@ -38,7 +38,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 # Configure Workload Identity Federation and generate an access token. - id: 'auth' diff --git a/deployments/ibm.yml b/deployments/ibm.yml index 216b04d587..cb3080fdcc 100644 --- a/deployments/ibm.yml +++ b/deployments/ibm.yml @@ -33,7 +33,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 # Download and Install IBM Cloud CLI - name: Install IBM Cloud CLI diff --git a/deployments/openshift.yml b/deployments/openshift.yml index 46ff961ddb..8f5d90dc5a 100644 --- a/deployments/openshift.yml +++ b/deployments/openshift.yml @@ -109,7 +109,7 @@ jobs: } - name: Check out repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Determine app name if: env.APP_NAME == '' diff --git a/deployments/tencent.yml b/deployments/tencent.yml index 83bde94579..2bf2a68872 100644 --- a/deployments/tencent.yml +++ b/deployments/tencent.yml @@ -35,7 +35,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 # Build - name: Build Docker image diff --git a/deployments/terraform.yml b/deployments/terraform.yml index 589f1f30fc..96e44e03d3 100644 --- a/deployments/terraform.yml +++ b/deployments/terraform.yml @@ -64,7 +64,7 @@ jobs: steps: # Checkout the repository to the GitHub Actions runner - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v3 # Install the latest version of Terraform CLI and configure the Terraform CLI configuration file with a Terraform Cloud user API token - name: Setup Terraform From 9acd7f741102cf42fc2997061a424df8017375c1 Mon Sep 17 00:00:00 2001 From: Thomas Boop Date: Wed, 16 Mar 2022 14:57:43 -0400 Subject: [PATCH 2/5] address merge conflicts --- code-scanning/scorecards.yml | 2 +- deployments/azure-kubernetes-service-helm.yml | 2 +- deployments/azure-kubernetes-service-kompose.yml | 2 +- deployments/azure-kubernetes-service-kustomize.yml | 2 +- deployments/azure-kubernetes-service.yml | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/code-scanning/scorecards.yml b/code-scanning/scorecards.yml index 492868a654..a6bde3a8b9 100644 --- a/code-scanning/scorecards.yml +++ b/code-scanning/scorecards.yml @@ -22,7 +22,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3.0.0 with: persist-credentials: false diff --git a/deployments/azure-kubernetes-service-helm.yml b/deployments/azure-kubernetes-service-helm.yml index 506819d2a2..948e7db84e 100644 --- a/deployments/azure-kubernetes-service-helm.yml +++ b/deployments/azure-kubernetes-service-helm.yml @@ -57,7 +57,7 @@ jobs: runs-on: ubuntu-latest steps: # Checks out the repository this file is in - - uses: actions/checkout@master + - uses: actions/checkout@v3 # Logs in with your Azure credentials - name: Azure login diff --git a/deployments/azure-kubernetes-service-kompose.yml b/deployments/azure-kubernetes-service-kompose.yml index 1d33fe30e9..7c25319019 100644 --- a/deployments/azure-kubernetes-service-kompose.yml +++ b/deployments/azure-kubernetes-service-kompose.yml @@ -49,7 +49,7 @@ jobs: runs-on: ubuntu-latest steps: # Checks out the repository this file is in - - uses: actions/checkout@master + - uses: actions/checkout@v3 # Logs in with your Azure credentials - name: Azure login diff --git a/deployments/azure-kubernetes-service-kustomize.yml b/deployments/azure-kubernetes-service-kustomize.yml index 51b7d69846..f6928d0523 100644 --- a/deployments/azure-kubernetes-service-kustomize.yml +++ b/deployments/azure-kubernetes-service-kustomize.yml @@ -55,7 +55,7 @@ jobs: runs-on: ubuntu-latest steps: # Checks out the repository this file is in - - uses: actions/checkout@master + - uses: actions/checkout@v3 # Logs in with your Azure credentials - name: Azure login diff --git a/deployments/azure-kubernetes-service.yml b/deployments/azure-kubernetes-service.yml index e61e64ec51..bb513d4892 100644 --- a/deployments/azure-kubernetes-service.yml +++ b/deployments/azure-kubernetes-service.yml @@ -52,7 +52,7 @@ jobs: runs-on: ubuntu-latest steps: # Checks out the repository this file is in - - uses: actions/checkout@master + - uses: actions/checkout@v3 # Logs in with your Azure credentials - name: Azure login From 24fdf2d912b9b02145fb5a3019b16710fc425fbf Mon Sep 17 00:00:00 2001 From: Thomas Boop Date: Thu, 17 Mar 2022 16:01:51 -0400 Subject: [PATCH 3/5] fix java updates --- code-scanning/fortify.yml | 2 +- code-scanning/veracode.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/code-scanning/fortify.yml b/code-scanning/fortify.yml index 4b3f0d635e..83f99c1a02 100644 --- a/code-scanning/fortify.yml +++ b/code-scanning/fortify.yml @@ -46,7 +46,7 @@ jobs: - name: Setup Java uses: actions/setup-java@v3 with: - java-version: 1.8 + java-version: 8 distribution: 'temurin' # Prepare source+dependencies for upload. The default example is for a Maven project that uses pom.xml. diff --git a/code-scanning/veracode.yml b/code-scanning/veracode.yml index 70820c5b66..2ce32123fb 100644 --- a/code-scanning/veracode.yml +++ b/code-scanning/veracode.yml @@ -43,7 +43,7 @@ jobs: - uses: actions/setup-java@v3 with: - java-version: 1.8 + java-version: 8 distribution: 'temurin' - run: java -jar pipeline-scan.jar --veracode_api_id "${{secrets.VERACODE_API_ID}}" --veracode_api_key "${{secrets.VERACODE_API_KEY}}" --fail_on_severity="Very High, High" --file veracode-scan-target.zip continue-on-error: true From d1774135ab9033c03609484293d7f2e0137fea56 Mon Sep 17 00:00:00 2001 From: Thomas Boop Date: Tue, 22 Mar 2022 15:52:07 -0400 Subject: [PATCH 4/5] update github script --- deployments/openshift.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/deployments/openshift.yml b/deployments/openshift.yml index 8f5d90dc5a..5775cb0c95 100644 --- a/deployments/openshift.yml +++ b/deployments/openshift.yml @@ -71,7 +71,7 @@ jobs: steps: - name: Check for required secrets - uses: actions/github-script@v4 + uses: actions/github-script@v6 with: script: | const secrets = { From 6edd5d1ea8e922e27a03fdaf9e49d5d9b5f1e84b Mon Sep 17 00:00:00 2001 From: Thomas Boop Date: Tue, 22 Mar 2022 15:55:25 -0400 Subject: [PATCH 5/5] update cache to v3 --- ci/elixir.yml | 62 +++++++++++------------ ci/haskell.yml | 2 +- ci/php.yml | 2 +- ci/symfony.yml | 2 +- code-scanning/codescan.yml | 2 +- deployments/azure-webapps-dotnet-core.yml | 2 +- deployments/azure-webapps-php.yml | 2 +- 7 files changed, 37 insertions(+), 37 deletions(-) diff --git a/ci/elixir.yml b/ci/elixir.yml index 95ffa6342f..5b5aabbe06 100644 --- a/ci/elixir.yml +++ b/ci/elixir.yml @@ -1,31 +1,31 @@ -name: Elixir CI - -on: - push: - branches: [ $default-branch ] - pull_request: - branches: [ $default-branch ] - -jobs: - build: - - name: Build and test - runs-on: ubuntu-latest - - steps: - - uses: actions/checkout@v3 - - name: Set up Elixir - uses: erlef/setup-beam@988e02bfe678367a02564f65ca2e37726dc0268f - with: - elixir-version: '1.12.3' # Define the elixir version [required] - otp-version: '24.1' # Define the OTP version [required] - - name: Restore dependencies cache - uses: actions/cache@v2 - with: - path: deps - key: ${{ runner.os }}-mix-${{ hashFiles('**/mix.lock') }} - restore-keys: ${{ runner.os }}-mix- - - name: Install dependencies - run: mix deps.get - - name: Run tests - run: mix test +name: Elixir CI + +on: + push: + branches: [ $default-branch ] + pull_request: + branches: [ $default-branch ] + +jobs: + build: + + name: Build and test + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v3 + - name: Set up Elixir + uses: erlef/setup-beam@988e02bfe678367a02564f65ca2e37726dc0268f + with: + elixir-version: '1.12.3' # Define the elixir version [required] + otp-version: '24.1' # Define the OTP version [required] + - name: Restore dependencies cache + uses: actions/cache@v3 + with: + path: deps + key: ${{ runner.os }}-mix-${{ hashFiles('**/mix.lock') }} + restore-keys: ${{ runner.os }}-mix- + - name: Install dependencies + run: mix deps.get + - name: Run tests + run: mix test diff --git a/ci/haskell.yml b/ci/haskell.yml index 6392e7fcf8..827d177f91 100644 --- a/ci/haskell.yml +++ b/ci/haskell.yml @@ -19,7 +19,7 @@ jobs: cabal-version: '3.2' - name: Cache - uses: actions/cache@v1 + uses: actions/cache@v3 env: cache-name: cache-cabal with: diff --git a/ci/php.yml b/ci/php.yml index 4ec199c284..ba84657dab 100644 --- a/ci/php.yml +++ b/ci/php.yml @@ -19,7 +19,7 @@ jobs: - name: Cache Composer packages id: composer-cache - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: vendor key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }} diff --git a/ci/symfony.yml b/ci/symfony.yml index f248e21c7c..533d379513 100644 --- a/ci/symfony.yml +++ b/ci/symfony.yml @@ -21,7 +21,7 @@ jobs: run: php -r "file_exists('.env.test.local') || copy('.env.test', '.env.test.local');" - name: Cache Composer packages id: composer-cache - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: vendor key: ${{ runner.os }}-php-${{ hashFiles('**/composer.lock') }} diff --git a/code-scanning/codescan.yml b/code-scanning/codescan.yml index 03a0600216..bc65eb0634 100644 --- a/code-scanning/codescan.yml +++ b/code-scanning/codescan.yml @@ -24,7 +24,7 @@ jobs: - name: Checkout repository uses: actions/checkout@v3 - name: Cache files - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: | ~/.sonar diff --git a/deployments/azure-webapps-dotnet-core.yml b/deployments/azure-webapps-dotnet-core.yml index 4a151f6068..3357dc8252 100644 --- a/deployments/azure-webapps-dotnet-core.yml +++ b/deployments/azure-webapps-dotnet-core.yml @@ -43,7 +43,7 @@ jobs: dotnet-version: ${{ env.DOTNET_VERSION }} - name: Set up dependency caching for faster builds - uses: actions/cache@v2 + uses: actions/cache@v3 with: path: ~/.nuget/packages key: ${{ runner.os }}-nuget-${{ hashFiles('**/packages.lock.json') }} diff --git a/deployments/azure-webapps-php.yml b/deployments/azure-webapps-php.yml index d54d805d16..04f55f4978 100644 --- a/deployments/azure-webapps-php.yml +++ b/deployments/azure-webapps-php.yml @@ -55,7 +55,7 @@ jobs: echo "::set-output name=dir::$(composer config cache-files-dir)" - name: Set up dependency caching for faster installs - uses: actions/cache@v2 + uses: actions/cache@v3 if: steps.check_files.outputs.files_exists == 'true' with: path: ${{ steps.composer-cache.outputs.dir }}