From 1c80e27bf73abd0ec160782a1e2909d775015ed0 Mon Sep 17 00:00:00 2001 From: Taras Drozdovskyi Date: Mon, 3 Jun 2024 21:43:53 +0300 Subject: [PATCH] Update 3rd-party components Signed-off-by: Taras Drozdovskyi --- .github/workflows/build.yml | 4 ++-- .github/workflows/codeql.yml | 8 ++++---- .github/workflows/fossology-check.yml | 2 +- .github/workflows/go-fuzz-test.yml | 4 ++-- .github/workflows/lint-vet-gofmt-staticcheck-analysis.yml | 4 ++-- .github/workflows/publish.yml | 8 ++++---- .github/workflows/scorecards-analysis.yml | 8 ++++---- .github/workflows/test-suite.yml | 4 ++-- go.mod | 2 +- 9 files changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 0783c861..589c54fc 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -13,10 +13,10 @@ jobs: os: [ubuntu-20.04] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 - name: Setup Golang - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 with: go-version: '1.19' diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 223cd1b3..a590bc92 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -22,18 +22,18 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@d39d31e687223d841ef683f52467bd88e9b21c14 + uses: github/codeql-action/init@f079b8493333aace61c81488f8bd40919487bd9f with: languages: ${{ matrix.language }} - name: Setup Golang - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 with: go-version: '1.19' - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@d39d31e687223d841ef683f52467bd88e9b21c14 + uses: github/codeql-action/analyze@f079b8493333aace61c81488f8bd40919487bd9f diff --git a/.github/workflows/fossology-check.yml b/.github/workflows/fossology-check.yml index e4deb949..a968c230 100644 --- a/.github/workflows/fossology-check.yml +++ b/.github/workflows/fossology-check.yml @@ -9,7 +9,7 @@ jobs: name: Check license, copyright, keyword runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 - run: | docker run --rm --name "fossologyscanner" -w "/opt/repo" -v ${PWD}:/opt/repo \ -e GITHUB_TOKEN=${{ github.token }} \ diff --git a/.github/workflows/go-fuzz-test.yml b/.github/workflows/go-fuzz-test.yml index beba16ab..ea8241ea 100644 --- a/.github/workflows/go-fuzz-test.yml +++ b/.github/workflows/go-fuzz-test.yml @@ -13,10 +13,10 @@ jobs: os: [ubuntu-20.04] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 - name: Setup Golang - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 with: go-version: '1.19' diff --git a/.github/workflows/lint-vet-gofmt-staticcheck-analysis.yml b/.github/workflows/lint-vet-gofmt-staticcheck-analysis.yml index 8ca2ca2a..e04442e2 100644 --- a/.github/workflows/lint-vet-gofmt-staticcheck-analysis.yml +++ b/.github/workflows/lint-vet-gofmt-staticcheck-analysis.yml @@ -8,10 +8,10 @@ jobs: lintvetanalysis: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 - name: Setup Golang - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 with: go-version: '1.19' diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 46bce83a..7ad94329 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -12,10 +12,10 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Check out the repo - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 - name: Setup Golang - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 with: go-version: '1.19' @@ -34,7 +34,7 @@ jobs: uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb - name: Log in to Docker Hub - uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 + uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} @@ -63,7 +63,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 with: egress-policy: audit diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index 53f083d7..ef8c1f46 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -32,17 +32,17 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 with: egress-policy: audit - name: "Checkout code" - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 + uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3 with: results_file: results.sarif results_format: sarif @@ -72,6 +72,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@d39d31e687223d841ef683f52467bd88e9b21c14 + uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f with: sarif_file: results.sarif \ No newline at end of file diff --git a/.github/workflows/test-suite.yml b/.github/workflows/test-suite.yml index 5bc2abec..6878c592 100644 --- a/.github/workflows/test-suite.yml +++ b/.github/workflows/test-suite.yml @@ -12,10 +12,10 @@ jobs: os: [ubuntu-20.04] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 - name: Setup Golang - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 with: go-version: '1.19' diff --git a/go.mod b/go.mod index e3556900..86fbb802 100644 --- a/go.mod +++ b/go.mod @@ -28,7 +28,7 @@ require ( github.com/spf13/pflag v1.0.5 github.com/stretchr/testify v1.9.0 github.com/vishvananda/netlink v1.2.1-beta.2 - go.etcd.io/bbolt v1.3.9 + go.etcd.io/bbolt v1.3.10 gopkg.in/ini.v1 v1.67.0 gopkg.in/yaml.v3 v3.0.1 gotest.tools/v3 v3.5.1