From e74c771a618e32f64467fbe014b13f8f38d2027f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 28 Jun 2024 19:33:21 +0000 Subject: [PATCH] Bump the github-actions group across 1 directory with 8 updates Bumps the github-actions group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.6` | `4.1.7` | | [docker/login-action](https://github.com/docker/login-action) | `3.1.0` | `3.2.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `5.3.0` | `6.2.0` | | [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) | `1.8.14` | `1.9.0` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `6.0.5` | `6.1.0` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.0.5` | `2.0.6` | | [reviewdog/action-suggester](https://github.com/reviewdog/action-suggester) | `1.12.0` | `1.15.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.25.6` | `3.25.11` | Updates `actions/checkout` from 4.1.6 to 4.1.7 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/a5ac7e51b41094c92402da3b24376905380afc29...692973e3d937129bcbf40652eb9f2f61becf3332) Updates `docker/login-action` from 3.1.0 to 3.2.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/e92390c5fb421da1463c202d546fed0ec5c39f20...0d4c9c5ea7693da7b068278f7b52bda2a190a446) Updates `docker/build-push-action` from 5.3.0 to 6.2.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/2cdde995de11925a030ce8070c3d77a52ffcf1c0...15560696de535e4014efeff63c48f16952e52dd1) Updates `pypa/gh-action-pypi-publish` from 1.8.14 to 1.9.0 - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](https://github.com/pypa/gh-action-pypi-publish/compare/81e9d935c883d0b210363ab89cf05f3894778450...ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0) Updates `peter-evans/create-pull-request` from 6.0.5 to 6.1.0 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/6d6857d36972b65feb161a90e484f2984215f83e...c5a7806660adbe173f04e3e038b0ccdcd758773c) Updates `softprops/action-gh-release` from 2.0.5 to 2.0.6 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/69320dbe05506a9a39fc8ae11030b214ec2d1f87...a74c6b72af54cfa997e81df42d94703d6313a2d0) Updates `reviewdog/action-suggester` from 1.12.0 to 1.15.0 - [Release notes](https://github.com/reviewdog/action-suggester/releases) - [Commits](https://github.com/reviewdog/action-suggester/compare/185c9c06d0a28fbe43b50aca4b32777b649e7cbd...a1d57ff096639094e0ba35ef3039e79316364796) Updates `github/codeql-action` from 3.25.6 to 3.25.11 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/9fdb3e49720b44c48891d036bb502feb25684276...b611370bb5703a7efb587f9d136a52ea24c5c38c) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: pypa/gh-action-pypi-publish dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: peter-evans/create-pull-request dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: reviewdog/action-suggester dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/api.yml | 6 ++-- .github/workflows/benchmarks.yml | 4 +-- .github/workflows/build.arm64.yml | 10 +++---- .github/workflows/build.yml | 46 +++++++++++++++--------------- .github/workflows/release.note.yml | 4 +-- .github/workflows/release.yml | 8 +++--- .github/workflows/reviewdog.yml | 16 +++++------ .github/workflows/scorecard.yml | 4 +-- 8 files changed, 49 insertions(+), 49 deletions(-) diff --git a/.github/workflows/api.yml b/.github/workflows/api.yml index 2a7eb1b42..60b0f61c7 100644 --- a/.github/workflows/api.yml +++ b/.github/workflows/api.yml @@ -22,7 +22,7 @@ jobs: python: ['3.8'] version: ['tensorflow:tensorflow-io-nightly', 'tf-nightly:tensorflow-io', 'tf-nightly:tensorflow-io-nightly'] steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: python-version: ${{ matrix.python }} @@ -65,7 +65,7 @@ jobs: python: ['3.8'] version: ['tensorflow:tensorflow-io-nightly', 'tf-nightly:tensorflow-io', 'tf-nightly:tensorflow-io-nightly'] steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: python-version: ${{ matrix.python }} @@ -120,7 +120,7 @@ jobs: python: ['3.8'] version: ['tensorflow:tensorflow-io-nightly', 'tf-nightly:tensorflow-io', 'tf-nightly:tensorflow-io-nightly'] steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: python-version: ${{ matrix.python }} diff --git a/.github/workflows/benchmarks.yml b/.github/workflows/benchmarks.yml index 0e5c8a31e..5ce00d202 100644 --- a/.github/workflows/benchmarks.yml +++ b/.github/workflows/benchmarks.yml @@ -19,7 +19,7 @@ jobs: python: ['3.8'] version: ['tensorflow:tensorflow-io-nightly', 'tensorflow:tensorflow-io'] steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: python-version: ${{ matrix.python }} @@ -58,7 +58,7 @@ jobs: python: ['3.8'] version: ['tensorflow:tensorflow-io-nightly', 'tensorflow:tensorflow-io'] steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 diff --git a/.github/workflows/build.arm64.yml b/.github/workflows/build.arm64.yml index 715bbc027..e638756fc 100644 --- a/.github/workflows/build.arm64.yml +++ b/.github/workflows/build.arm64.yml @@ -11,7 +11,7 @@ jobs: name: Bazel arm64 on macOS runs-on: macos-13-xlarge steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 - name: Bazel on macOS @@ -36,7 +36,7 @@ jobs: matrix: python: ['3.9', '3.10', '3.11', '3.12'] steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: ${{ runner.os }}-arm64-bazel-bin @@ -108,7 +108,7 @@ jobs: needs: release-macos-arm64 runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: tensorflow-io-release-macos-arm64 @@ -132,11 +132,11 @@ jobs: COPY wheelhouse.version /wheelhouse.version EOF - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - - uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0 + - uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 with: username: tfsigio password: ${{ secrets.DOCKER_PASSWORD }} - - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + - uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 # v6.2.0 with: context: . push: true diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index ad7d3e2f7..9b41f0df5 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -20,7 +20,7 @@ jobs: name: Lint runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Run Lint Script for Bazel/Pyupgrade/Black/Clang run: | set -x -e @@ -32,7 +32,7 @@ jobs: name: Lint for Docs runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Run Lint Script for Docs run: | set -x -e @@ -54,7 +54,7 @@ jobs: name: macOS runs-on: macOS-11 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: GCP run: | cat > service_account_creds.json << EOF @@ -87,7 +87,7 @@ jobs: REPO_NAME: ${{ env.REPO_NAME }} EVENT_NAME: ${{ env.EVENT_NAME }} steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: GCP run: | cat > service_account_creds.json << EOF @@ -111,7 +111,7 @@ jobs: name: Bazel macOS runs-on: macOS-11 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: GCP run: | cat > service_account_creds.json << EOF @@ -147,7 +147,7 @@ jobs: matrix: python: ['3.9', '3.10', '3.11', '3.12'] steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: ${{ runner.os }}-bazel-bin @@ -188,7 +188,7 @@ jobs: matrix: python: ['3.9'] steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: ${{ runner.os }}-${{ matrix.python }}-wheel @@ -225,7 +225,7 @@ jobs: name: Bazel Linux runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: GCP run: | cat > service_account_creds.json << EOF @@ -286,7 +286,7 @@ jobs: matrix: python: ['3.9', '3.10', '3.11', '3.12'] steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: ${{ runner.os }}-bazel-bin @@ -320,7 +320,7 @@ jobs: matrix: python: ['3.9'] steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: python-version: ${{ matrix.python }} @@ -355,7 +355,7 @@ jobs: name: Bazel Windows runs-on: windows-2022 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: egor-tensin/vs-shell@9a932a62d05192eae18ca370155cf877eecc2202 # v2 with: arch: x64 @@ -402,7 +402,7 @@ jobs: matrix: python: ['3.9', '3.10', '3.11', '3.12'] steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: ${{ runner.os }}-bazel-bin @@ -433,7 +433,7 @@ jobs: matrix: python: ['3.9'] steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: ${{ runner.os }}-${{ matrix.python }}-wheel @@ -563,7 +563,7 @@ jobs: needs: [release] runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: tensorflow-io-release @@ -587,11 +587,11 @@ jobs: COPY wheelhouse.version /wheelhouse.version EOF - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 - - uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0 + - uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 with: username: tfsigio password: ${{ secrets.DOCKER_PASSWORD }} - - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + - uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 # v6.2.0 with: context: . push: true @@ -603,7 +603,7 @@ jobs: needs: [lint, linux-test, macos-test, windows-test] runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: python-version: 3.8 @@ -647,7 +647,7 @@ jobs: name: BUILD_NUMBER - uses: einaregilsson/build-number@46decf22c413b48c8923e98b2b5836f8aaf7781e # v3 - run: echo "Build number is $BUILD_NUMBER" - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: ${{ runner.os }}-bazel-bin @@ -694,7 +694,7 @@ jobs: name: BUILD_NUMBER - uses: einaregilsson/build-number@46decf22c413b48c8923e98b2b5836f8aaf7781e # v3 - run: echo "Build number is $BUILD_NUMBER" - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: ${{ runner.os }}-bazel-bin @@ -734,7 +734,7 @@ jobs: name: BUILD_NUMBER - uses: einaregilsson/build-number@46decf22c413b48c8923e98b2b5836f8aaf7781e # v3 - run: echo "Build number is $BUILD_NUMBER" - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: ${{ runner.os }}-bazel-bin @@ -828,7 +828,7 @@ jobs: cp Windows-3.12-nightly/tensorflow_io_nightly*.whl dist/ ls -la dist/ sha256sum dist/*.whl - - uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # v1.8.14 + - uses: pypa/gh-action-pypi-publish@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0 # v1.9.0 with: user: __token__ password: ${{ secrets.github_tensorflow_io_nightly }} @@ -850,7 +850,7 @@ jobs: cp Windows-3.12-nightly/tensorflow_io_gcs_filesystem_nightly*.whl dist/ ls -la dist/ sha256sum dist/*.whl - - uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # v1.8.14 + - uses: pypa/gh-action-pypi-publish@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0 # v1.9.0 with: user: __token__ password: ${{ secrets.tensorflow_io_gcs_filesystem_nightly }} @@ -861,7 +861,7 @@ jobs: needs: [linux-nightly, macos-nightly, windows-nightly] runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: python-version: 3.8 diff --git a/.github/workflows/release.note.yml b/.github/workflows/release.note.yml index e232aec51..3533732b7 100644 --- a/.github/workflows/release.note.yml +++ b/.github/workflows/release.note.yml @@ -16,7 +16,7 @@ jobs: name: README.md runs-on: ubuntu-latest steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 - run: git tag @@ -24,7 +24,7 @@ jobs: - run: git diff - run: python3 tools/release/note_update.py - run: git diff - - uses: peter-evans/create-pull-request@6d6857d36972b65feb161a90e484f2984215f83e # v6.0.5 + - uses: peter-evans/create-pull-request@c5a7806660adbe173f04e3e038b0ccdcd758773c # v6.1.0 with: commit-message: Update RELEASE.md [bot] branch: bot-RELEASE.md diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f2bc151a1..33f203981 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -20,7 +20,7 @@ jobs: name: Release runs-on: ubuntu-latest steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: fetch-depth: 0 - run: | @@ -63,19 +63,19 @@ jobs: echo ${{ steps.info.outputs.name }} echo ${{ steps.info.outputs.commit }} cat CURRENT.md - - uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 # v2.0.5 + - uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6 with: body_path: CURRENT.md name: ${{ steps.info.outputs.name }} tag_name: ${{ steps.info.outputs.tag }} target_commitish: ${{ steps.info.outputs.commit }} draft: true - - uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # master + - uses: pypa/gh-action-pypi-publish@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0 # master with: user: __token__ password: ${{ secrets.TEST_PYPI_TOKEN }} repository_url: https://test.pypi.org/legacy/ - #- uses: pypa/gh-action-pypi-publish@81e9d935c883d0b210363ab89cf05f3894778450 # master + #- uses: pypa/gh-action-pypi-publish@ec4db0b4ddc65acdf4bff5fa45ac92d78b56bdf0 # master # with: # user: __token__ # password: ${{ secrets.PYPI_TOKEN }} diff --git a/.github/workflows/reviewdog.yml b/.github/workflows/reviewdog.yml index aad8d8c77..298f49e97 100644 --- a/.github/workflows/reviewdog.yml +++ b/.github/workflows/reviewdog.yml @@ -16,11 +16,11 @@ jobs: name: Bazel Buildifier runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - run: | sudo python3 -m pip install -U numpy pip black pyupgrade bazel run -s --verbose_failures --experimental_repo_remote_exec //tools/lint:lint -- bazel - - uses: reviewdog/action-suggester@185c9c06d0a28fbe43b50aca4b32777b649e7cbd # v1.12.0 + - uses: reviewdog/action-suggester@a1d57ff096639094e0ba35ef3039e79316364796 # v1.15.0 black: permissions: checks: write # for reviewdog/action-suggester to report issues using checks @@ -28,11 +28,11 @@ jobs: name: Python Black runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - run: | sudo python3 -m pip install -U numpy pip black pyupgrade bazel run -s --verbose_failures --experimental_repo_remote_exec //tools/lint:lint -- black - - uses: reviewdog/action-suggester@185c9c06d0a28fbe43b50aca4b32777b649e7cbd # v1.12.0 + - uses: reviewdog/action-suggester@a1d57ff096639094e0ba35ef3039e79316364796 # v1.15.0 clang: permissions: checks: write # for reviewdog/action-suggester to report issues using checks @@ -40,11 +40,11 @@ jobs: name: Clang Format runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - run: | sudo python3 -m pip install -U numpy pip black pyupgrade bazel run -s --verbose_failures --experimental_repo_remote_exec //tools/lint:lint -- clang - - uses: reviewdog/action-suggester@185c9c06d0a28fbe43b50aca4b32777b649e7cbd # v1.12.0 + - uses: reviewdog/action-suggester@a1d57ff096639094e0ba35ef3039e79316364796 # v1.15.0 pyupgrade: permissions: checks: write # for reviewdog/action-suggester to report issues using checks @@ -52,8 +52,8 @@ jobs: name: Python Pyupgrade runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - run: | sudo python3 -m pip install -U numpy pip black pyupgrade bazel run -s --verbose_failures --experimental_repo_remote_exec //tools/lint:lint -- pyupgrade - - uses: reviewdog/action-suggester@185c9c06d0a28fbe43b50aca4b32777b649e7cbd # v1.12.0 + - uses: reviewdog/action-suggester@a1d57ff096639094e0ba35ef3039e79316364796 # v1.15.0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index ab2b9a923..bd84cd48d 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -29,7 +29,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: persist-credentials: false @@ -59,6 +59,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: sarif_file: results.sarif