From d847d49372b3e53336ebad4cba050e72b370f041 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 31 Mar 2024 19:45:23 +0000 Subject: [PATCH] Bump the github-deps group with 3 updates Bumps the github-deps group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [actions/setup-go](https://github.com/actions/setup-go) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/checkout` from 3 to 4 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) Updates `actions/setup-go` from 3 to 5 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v3...v5) Updates `github/codeql-action` from 2 to 3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-deps - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-deps - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-deps ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 10 +++++----- .github/workflows/release.yml | 2 +- .github/workflows/security.yml | 4 ++-- .github/workflows/vpp.yml | 2 +- 4 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d8086fd6..6e3d6262 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -12,8 +12,8 @@ jobs: check: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 with: go-version: 1.20.x - run: go mod tidy -v @@ -24,8 +24,8 @@ jobs: build: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 - - uses: actions/setup-go@v3 + - uses: actions/checkout@v4 + - uses: actions/setup-go@v5 with: go-version: 1.20.x - run: go mod download @@ -36,7 +36,7 @@ jobs: test: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: "Enable VRF kernel module" run: | sudo apt-get update && \ diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d9e32c7a..7522e0e8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -13,7 +13,7 @@ jobs: packages: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: "Build images" run: make images diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 71067ba7..6f7f6931 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -7,7 +7,7 @@ jobs: name: Snyk runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Run Snyk to check for vulnerabilities uses: snyk/actions/golang@master continue-on-error: true # To make sure that SARIF upload gets called @@ -16,6 +16,6 @@ jobs: with: args: --sarif-file-output=snyk.sarif - name: Upload result to GitHub Code Scanning - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@v3 with: sarif_file: snyk.sarif diff --git a/.github/workflows/vpp.yml b/.github/workflows/vpp.yml index f1852704..a001344b 100644 --- a/.github/workflows/vpp.yml +++ b/.github/workflows/vpp.yml @@ -6,6 +6,6 @@ jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: "Run VPP Tests" run: make test-vpp-plugins