From 2b2d3089c169ddf5c95959495b905d340edd2565 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 Nov 2024 21:31:02 +0000 Subject: [PATCH] Bump the actions group across 1 directory with 2 updates Bumps the actions group with 2 updates in the / directory: [github/codeql-action](https://github.com/github/codeql-action) and [codecov/codecov-action](https://github.com/codecov/codecov-action). Updates `github/codeql-action` from 3.27.1 to 3.27.4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/4f3212b61783c3c68e8309a0f18a699764811cda...ea9e4e37992a54ee68a9622e985e60c8e8f12d9f) Updates `codecov/codecov-action` from 4.6.0 to 5.0.2 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238...5c47607acb93fed5485fdbf7232e8a31425f672a) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/ossar-scan.yml | 2 +- .github/workflows/reusable-build.yml | 4 ++-- .github/workflows/reusable-test.yml | 8 ++++---- .github/workflows/scorecards-analysis.yml | 2 +- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/ossar-scan.yml b/.github/workflows/ossar-scan.yml index 5c7ce116d9..041a7983a9 100644 --- a/.github/workflows/ossar-scan.yml +++ b/.github/workflows/ossar-scan.yml @@ -81,6 +81,6 @@ jobs: - name: Upload results to Security tab if: steps.skip_check.outputs.should_skip != 'true' - uses: github/codeql-action/upload-sarif@4f3212b61783c3c68e8309a0f18a699764811cda + uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f with: sarif_file: ${{ steps.ossar.outputs.sarifFile }} diff --git a/.github/workflows/reusable-build.yml b/.github/workflows/reusable-build.yml index b2e9e9e3b1..42aa1b6d7c 100644 --- a/.github/workflows/reusable-build.yml +++ b/.github/workflows/reusable-build.yml @@ -135,7 +135,7 @@ jobs: - name: Initialize CodeQL if: inputs.build_codeql == true && steps.skip_check.outputs.should_skip != 'true' - uses: github/codeql-action/init@4f3212b61783c3c68e8309a0f18a699764811cda + uses: github/codeql-action/init@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f with: languages: 'cpp' @@ -294,4 +294,4 @@ jobs: - name: Perform CodeQL Analysis if: inputs.build_codeql == true && steps.skip_check.outputs.should_skip != 'true' - uses: github/codeql-action/analyze@4f3212b61783c3c68e8309a0f18a699764811cda + uses: github/codeql-action/analyze@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f diff --git a/.github/workflows/reusable-test.yml b/.github/workflows/reusable-test.yml index 1524df1a79..3853f572bf 100644 --- a/.github/workflows/reusable-test.yml +++ b/.github/workflows/reusable-test.yml @@ -321,7 +321,7 @@ jobs: - name: Upload Report to Codecov attempt 1 if: (steps.skip_check.outputs.should_skip != 'true') && (steps.check_coverage.outputs.files_exists == 'true') - uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 + uses: codecov/codecov-action@5c47607acb93fed5485fdbf7232e8a31425f672a id: upload_code_coverage_report_1 continue-on-error: true with: @@ -336,7 +336,7 @@ jobs: - name: Upload Report to Codecov attempt 2 if: (steps.skip_check.outputs.should_skip != 'true') && (steps.upload_code_coverage_report_1.outcome == 'failure') - uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 + uses: codecov/codecov-action@5c47607acb93fed5485fdbf7232e8a31425f672a id: upload_code_coverage_report_2 continue-on-error: true with: @@ -351,7 +351,7 @@ jobs: - name: Upload Report to Codecov attempt 3 if: (steps.skip_check.outputs.should_skip != 'true') && (steps.upload_code_coverage_report_2.outcome == 'failure') - uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 + uses: codecov/codecov-action@5c47607acb93fed5485fdbf7232e8a31425f672a id: upload_code_coverage_report_3 continue-on-error: true with: @@ -366,7 +366,7 @@ jobs: - name: Upload Report to Codecov attempt 4 if: (steps.skip_check.outputs.should_skip != 'true') && (steps.upload_code_coverage_report_3.outcome == 'failure') - uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 + uses: codecov/codecov-action@5c47607acb93fed5485fdbf7232e8a31425f672a id: upload_code_coverage_report_4 continue-on-error: true with: diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index fd7e431ca7..0b31973818 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -76,6 +76,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" if: github.ref_name == 'main' - uses: github/codeql-action/upload-sarif@4f3212b61783c3c68e8309a0f18a699764811cda + uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f with: sarif_file: results.sarif