From a355103b11f5e9e52a8e205e87b68d40b6c606ad Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Fri, 11 Aug 2023 01:16:37 +0000
Subject: [PATCH] chore(deps): update webfactory/ssh-agent action to v0.8.0
 (#4064)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [webfactory/ssh-agent](https://togithub.com/webfactory/ssh-agent) |
action | minor | `v0.5.3` -> `v0.8.0` |

---

### Release Notes

<details>
<summary>webfactory/ssh-agent (webfactory/ssh-agent)</summary>

###
[`v0.8.0`](https://togithub.com/webfactory/ssh-agent/releases/tag/v0.8.0):
SSH host keys no longer managed – read below 👇

[Compare
Source](https://togithub.com/webfactory/ssh-agent/compare/v0.7.0...v0.8.0)

Starting with this release, this action no longer writes GitHub's SSH
host keys into the `known_hosts` SSH config file upon start.

GitHub changed their host keys on short notice this morning, see
https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/. We took
this as an opportunity to stop maintaining GH SSH keys in the code
shipped with this action
([#&#8203;171](https://togithub.com/webfactory/ssh-agent/issues/171)).

What you need to do:

- On GitHub hosted runners, nothing. ✔︎ These runners ship with SSH host
keys (for `github.com`) maintained by directly by GitHub.
-   On self-hosted runners, review and fix your SSH `known_hosts` file:
- First, you'll find it bloated with redundant entries for `github.com`,
as described in
[#&#8203;106](https://togithub.com/webfactory/ssh-agent/issues/106).
Remove these entries.
- Review
https://github.blog/2023-03-23-we-updated-our-rsa-ssh-host-key/. You
probably removed the old (invalid) SSH key in the previous step.
- Configure GitHub's current SSH keys as documented on
https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/githubs-ssh-key-fingerprints
- As long as versions before `v0.8.0` of this action here are run on the
self-hosted runner, the old entries will come back. Keep an eye on it,
possibly you'll have to rinse & repeat.

##### Other code changes in this release

- Update to `actions/checkout@v3` by
[@&#8203;mpdude](https://togithub.com/mpdude) in
[https://github.com/webfactory/ssh-agent/pull/143](https://togithub.com/webfactory/ssh-agent/pull/143)
- Allow the user to override the commands for `git`, `ssh-agent`, and
`ssh-add` by [@&#8203;DilumAluthge](https://togithub.com/DilumAluthge)
in
[https://github.com/webfactory/ssh-agent/pull/154](https://togithub.com/webfactory/ssh-agent/pull/154)

##### New Contributors

- [@&#8203;prhiggins](https://togithub.com/prhiggins) made their first
contribution in
[https://github.com/webfactory/ssh-agent/pull/153](https://togithub.com/webfactory/ssh-agent/pull/153)
- [@&#8203;kjarkur](https://togithub.com/kjarkur) made their first
contribution in
[https://github.com/webfactory/ssh-agent/pull/147](https://togithub.com/webfactory/ssh-agent/pull/147)
- [@&#8203;DilumAluthge](https://togithub.com/DilumAluthge) made their
first contribution in
[https://github.com/webfactory/ssh-agent/pull/154](https://togithub.com/webfactory/ssh-agent/pull/154)

**Full Changelog**:
https://github.com/webfactory/ssh-agent/compare/v0.7.0...v0.8.0

###
[`v0.7.0`](https://togithub.com/webfactory/ssh-agent/blob/HEAD/CHANGELOG.md#v070-2022-10-19)

[Compare
Source](https://togithub.com/webfactory/ssh-agent/compare/v0.6.0...v0.7.0)

##### Added

- Add the `log-public-key` input that can be used to turn off logging
key identities
([#&#8203;122](https://togithub.com/webfactory/ssh-agent/issues/122))

##### Fixed

- Fix path to `git` binary on Windows, assuming GitHub-hosted runners
([#&#8203;136](https://togithub.com/webfactory/ssh-agent/issues/136),
[#&#8203;137](https://togithub.com/webfactory/ssh-agent/issues/137))
- Fix a nonsensical log message
([#&#8203;139](https://togithub.com/webfactory/ssh-agent/issues/139))

###
[`v0.6.0`](https://togithub.com/webfactory/ssh-agent/blob/HEAD/CHANGELOG.md#v060-2022-10-19)

[Compare
Source](https://togithub.com/webfactory/ssh-agent/compare/v0.5.4...v0.6.0)

##### Changed

- Update the version of Node used by the action from 12 to 16
(https://github.blog/changelog/2022-09-22-github-actions-all-actions-will-begin-running-on-node16-instead-of-node12/).

###
[`v0.5.4`](https://togithub.com/webfactory/ssh-agent/blob/HEAD/CHANGELOG.md#v054-2021-11-21)

[Compare
Source](https://togithub.com/webfactory/ssh-agent/compare/v0.5.3...v0.5.4)

##### Fixed

- Update changed GitHub Host Keys
([#&#8203;102](https://togithub.com/webfactory/ssh-agent/issues/102),
[#&#8203;101](https://togithub.com/webfactory/ssh-agent/issues/101))

##### Changed

-   Various documentation (README) improvements and additions
- Change logging to more precisely state that *public* keys are being
printed

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "after 5pm,every weekend" in timezone
America/Los_Angeles, Automerge - "after 5pm,every weekend" in timezone
America/Los_Angeles.

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/valora-inc/wallet).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi40MC4zIiwidXBkYXRlZEluVmVyIjoiMzYuNDAuMyIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 .github/workflows/bump-app-version.yml           | 2 +-
 .github/workflows/update-licenses-disclaimer.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/bump-app-version.yml b/.github/workflows/bump-app-version.yml
index b00c0086224..57fbbbf8afb 100644
--- a/.github/workflows/bump-app-version.yml
+++ b/.github/workflows/bump-app-version.yml
@@ -27,7 +27,7 @@ jobs:
           secrets: |-
             BOT_SSH_KEY:projects/1027349420744/secrets/BOT_SSH_PRIVATE_KEY
             VALORA_BOT_TOKEN:projects/1027349420744/secrets/VALORA_BOT_TOKEN
-      - uses: webfactory/ssh-agent@v0.5.3
+      - uses: webfactory/ssh-agent@v0.8.0
         with:
           ssh-private-key: ${{ steps.google-secrets.outputs.BOT_SSH_KEY }}
       - uses: actions/checkout@v3
diff --git a/.github/workflows/update-licenses-disclaimer.yml b/.github/workflows/update-licenses-disclaimer.yml
index 67bb009a4f9..64411c8e91d 100644
--- a/.github/workflows/update-licenses-disclaimer.yml
+++ b/.github/workflows/update-licenses-disclaimer.yml
@@ -27,7 +27,7 @@ jobs:
           secrets: |-
             BOT_SSH_KEY:projects/1027349420744/secrets/BOT_SSH_PRIVATE_KEY
             VALORA_BOT_TOKEN:projects/1027349420744/secrets/VALORA_BOT_TOKEN
-      - uses: webfactory/ssh-agent@v0.5.3
+      - uses: webfactory/ssh-agent@v0.8.0
         with:
           ssh-private-key: ${{ steps.google-secrets.outputs.BOT_SSH_KEY }}
       - uses: actions/checkout@v3