Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(deps): update all non-major dependencies #1961

Merged
merged 17 commits into from
Sep 20, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/actions/golang/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ description: "Setup Go binary and caching"
runs:
using: composite
steps:
- uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
- uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
with:
go-version: 1.20.x
go-version: 1.21.x
cache: true
2 changes: 1 addition & 1 deletion .github/actions/install-tools/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -11,4 +11,4 @@ runs:
- run: "curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin --tag v0.64.2"
shell: bash

- uses: docker/setup-buildx-action@16c0bc4a6e6ada2cfd8afd41d22d95379cf7c32a # v2.8.0
- uses: docker/setup-buildx-action@885d1462b80bc1c1c7f0b00334ad271f09369c55 # v2.10.0
2 changes: 1 addition & 1 deletion .github/actions/node/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ description: "Node cache"
runs:
using: composite
steps:
- uses: actions/setup-node@e33196f7422957bea03ed53f6fbb155025ffc7b8 # v3.7.0
- uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3.8.1
with:
node-version: 18
cache: "npm"
Expand Down
2 changes: 1 addition & 1 deletion .github/actions/save-logs/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ runs:
sudo chown $USER /tmp/zarf-*.log || echo ""
shell: bash

- uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: debug-log
path: /tmp/zarf-*.log
6 changes: 3 additions & 3 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@ jobs:

# Upload the contents of the build directory for later stages to use
- name: Upload build artifacts
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: build-artifacts
path: build/
Expand Down Expand Up @@ -157,7 +157,7 @@ jobs:
# Create the GitHub release notes, upload artifact backups to S3, publish homebrew recipe
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@336e29918d653399e599bfca99fadc1d7ffbc9f7 # v4.3.0
uses: goreleaser/goreleaser-action@5fdedb94abba051217030cc86d4523cf3f02243d # v4.6.0
with:
distribution: goreleaser
version: latest
Expand All @@ -167,7 +167,7 @@ jobs:
HOMEBREW_TAP_GITHUB_TOKEN: ${{ secrets.ZARF_ORG_PROJECT_TOKEN }}

- name: Save CVE report
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: cve-report
path: build/zarf-known-cves.csv
4 changes: 2 additions & 2 deletions .github/workflows/scan-codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ jobs:

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@004c5de30b6423267685b897a3d595e944f7fed5 # v2.20.2
uses: github/codeql-action/init@04daf014b50eaf774287bf3f0f1869d4b4c4b913 # v2.21.7
env:
CODEQL_EXTRACTOR_GO_BUILD_TRACING: on
with:
Expand All @@ -57,6 +57,6 @@ jobs:
run: make build-cli-linux-amd

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@004c5de30b6423267685b897a3d595e944f7fed5 # v2.20.2
uses: github/codeql-action/analyze@04daf014b50eaf774287bf3f0f1869d4b4c4b913 # v2.21.7
with:
category: "/language:${{matrix.language}}"
4 changes: 2 additions & 2 deletions .github/workflows/scorecard.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -37,14 +37,14 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: SARIF file
path: results.sarif
retention-days: 5

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@004c5de30b6423267685b897a3d595e944f7fed5 # v2.20.2
uses: github/codeql-action/upload-sarif@04daf014b50eaf774287bf3f0f1869d4b4c4b913 # v2.21.7
with:
sarif_file: results.sarif
2 changes: 1 addition & 1 deletion .github/workflows/test-bigbang.yml
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ jobs:

# Upload the contents of the build directory for later stages to use
- name: Upload build artifacts
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: build-artifacts
path: build/
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/test-e2e.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ jobs:

# Upload the contents of the build directory for later stages to use
- name: Upload build artifacts
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: build-artifacts
path: build/
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/test-upgrade.yml
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ jobs:

# Upload the contents of the build directory for later stages to use
- name: Upload build artifacts
uses: actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce # v3.1.2
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
with:
name: build-artifacts
path: build/
Expand Down
3 changes: 3 additions & 0 deletions .grype.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -12,3 +12,6 @@ ignore:

# From semver - This comes through nodemon which is only used for development
- vulnerability: GHSA-c2qf-rxjj-qqgw

# From k8s.io/apiserver - This is a false positive due to the difference in versioning between the library / binary k8s versioning
- vulnerability: GHSA-82hx-w2r5-c2wq
14 changes: 7 additions & 7 deletions docs-website/package-lock.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion docs-website/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@
"@docusaurus/core": "2.4.1",
"@docusaurus/preset-classic": "2.4.1",
"@docusaurus/theme-mermaid": "2.4.1",
"@easyops-cn/docusaurus-search-local": "^0.35.0",
"@easyops-cn/docusaurus-search-local": "^0.36.0",
"prism-react-renderer": "2.0.6",
"custom-loaders": "file:plugins/custom-loaders"
},
Expand Down
6 changes: 3 additions & 3 deletions examples/argocd/zarf.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -8,20 +8,20 @@ components:
required: true
charts:
- name: argo-cd
version: 5.38.1
version: 5.46.5
namespace: argocd
url: https://argoproj.github.io/argo-helm
releaseName: argocd-baseline
valuesFiles:
- baseline/values.yaml
images:
- quay.io/argoproj/argocd:v2.7.7
- public.ecr.aws/docker/library/redis:7.0.11-alpine
- quay.io/argoproj/argocd:v2.8.4
- name: argocd-apps
required: true
charts:
- name: argocd-apps
version: 1.3.0
version: 1.4.1
namespace: podinfo
url: https://argoproj.github.io/argo-helm
releaseName: argocd-apps
Expand Down
4 changes: 2 additions & 2 deletions examples/big-bang/yolo/zarf.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ metadata:
name: yolo-big-bang
description: Deploy Big Bang Core in YOLO mode
# renovate: datasource=gitlab-releases depName=big-bang/bigbang versioning=semver registryUrl=https://repo1.dso.mil/
version: 2.5.0
version: 2.10.0
url: https://p1.dso.mil/products/big-bang
architecture: amd64
yolo: true
Expand Down Expand Up @@ -33,7 +33,7 @@ components:
extensions:
bigbang:
# renovate: datasource=gitlab-releases depName=big-bang/bigbang versioning=semver registryUrl=https://repo1.dso.mil/
version: 2.5.0
version: 2.10.0
valuesFiles:
- credentials.yaml
- ../config/ingress.yaml
Expand Down
4 changes: 2 additions & 2 deletions examples/big-bang/zarf.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ metadata:
name: big-bang-example
description: Deploy Big Bang Core
# renovate: datasource=gitlab-releases depName=big-bang/bigbang versioning=semver registryUrl=https://repo1.dso.mil/
version: 2.5.0
version: 2.10.0
url: https://p1.dso.mil/products/big-bang
# Big Bang / Iron Bank are only amd64
architecture: amd64
Expand Down Expand Up @@ -44,7 +44,7 @@ components:
extensions:
bigbang:
# renovate: datasource=gitlab-releases depName=big-bang/bigbang versioning=semver registryUrl=https://repo1.dso.mil/
version: 2.5.0
version: 2.10.0
valuesFiles:
# Istio configs
- config/ingress.yaml
Expand Down
2 changes: 1 addition & 1 deletion examples/variables/simple-terraform.tf
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@ terraform {
required_providers {
aws = {
source = "hashicorp/aws"
version = "~> 5.6.0"
version = "~> 5.17.0"
}
}
}
Loading
Loading