From 1a2f19f2c95b723dbbcaad604a8559540b3a28b7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 2 Mar 2023 09:05:48 +0000 Subject: [PATCH 1/3] Bump bridgecrewio/checkov-action from 12.2164.0 to 12.2170.0 Bumps [bridgecrewio/checkov-action](https://github.com/bridgecrewio/checkov-action) from 12.2164.0 to 12.2170.0. - [Release notes](https://github.com/bridgecrewio/checkov-action/releases) - [Commits](https://github.com/bridgecrewio/checkov-action/compare/bdd279e269cbd4e5b5e31ec5f1a2568e82c93a57...312dd93cdf05cc4264026b8fca8630bb6496288a) --- updated-dependencies: - dependency-name: bridgecrewio/checkov-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/code-scanning.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/code-scanning.yml b/.github/workflows/code-scanning.yml index 7dff8b62..9997826f 100644 --- a/.github/workflows/code-scanning.yml +++ b/.github/workflows/code-scanning.yml @@ -78,7 +78,7 @@ jobs: fetch-depth: 0 - name: Run Checkov action id: checkov - uses: bridgecrewio/checkov-action@bdd279e269cbd4e5b5e31ec5f1a2568e82c93a57 # v12.2164.0 + uses: bridgecrewio/checkov-action@312dd93cdf05cc4264026b8fca8630bb6496288a # v12.2170.0 with: directory: ./ framework: terraform From d1e1508347948554d6831f492a17d01e9c3ffc65 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 3 Mar 2023 09:02:43 +0000 Subject: [PATCH 2/3] Bump golang.org/x/crypto in /test Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.0.0-20210921155107-089bfa567519 to 0.1.0. - [Release notes](https://github.com/golang/crypto/releases) - [Commits](https://github.com/golang/crypto/commits/v0.1.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: indirect ... Signed-off-by: dependabot[bot] --- test/go.mod | 2 +- test/go.sum | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/test/go.mod b/test/go.mod index 21010da2..811535eb 100644 --- a/test/go.mod +++ b/test/go.mod @@ -38,7 +38,7 @@ require ( github.com/ulikunitz/xz v0.5.10 // indirect github.com/zclconf/go-cty v1.9.1 // indirect go.opencensus.io v0.23.0 // indirect - golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 // indirect + golang.org/x/crypto v0.1.0 // indirect golang.org/x/net v0.7.0 // indirect golang.org/x/oauth2 v0.1.0 // indirect golang.org/x/sys v0.5.0 // indirect diff --git a/test/go.sum b/test/go.sum index 5344610f..2bf7346d 100644 --- a/test/go.sum +++ b/test/go.sum @@ -437,8 +437,9 @@ golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8U golang.org/x/crypto v0.0.0-20190605123033-f99c8df09eb5/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519 h1:7I4JAnoQBe7ZtJcBaYHi5UtiO8tQHbUSXxL+pnGRANg= golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= +golang.org/x/crypto v0.1.0 h1:MDRAIl0xIo9Io2xV565hzXHw3zVseKrJKodhohM5CjU= +golang.org/x/crypto v0.1.0/go.mod h1:RecgLatLF4+eUMCP1PoPZQb+cVrJcOPbHkTkbkB9sbw= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= From ef185951be67ea9207f279c2cd3f833f9820dc1e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 3 Mar 2023 09:14:35 +0000 Subject: [PATCH 3/3] Bump bridgecrewio/checkov-action from 12.2170.0 to 12.2172.0 Bumps [bridgecrewio/checkov-action](https://github.com/bridgecrewio/checkov-action) from 12.2170.0 to 12.2172.0. - [Release notes](https://github.com/bridgecrewio/checkov-action/releases) - [Commits](https://github.com/bridgecrewio/checkov-action/compare/312dd93cdf05cc4264026b8fca8630bb6496288a...cc85d6a591395cae646fc76672068770fbbfbcb8) --- updated-dependencies: - dependency-name: bridgecrewio/checkov-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/code-scanning.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/code-scanning.yml b/.github/workflows/code-scanning.yml index 9997826f..09fdfaf3 100644 --- a/.github/workflows/code-scanning.yml +++ b/.github/workflows/code-scanning.yml @@ -78,7 +78,7 @@ jobs: fetch-depth: 0 - name: Run Checkov action id: checkov - uses: bridgecrewio/checkov-action@312dd93cdf05cc4264026b8fca8630bb6496288a # v12.2170.0 + uses: bridgecrewio/checkov-action@cc85d6a591395cae646fc76672068770fbbfbcb8 # v12.2172.0 with: directory: ./ framework: terraform