Bump super-linter/super-linter from 6 to 7 (#93)
* Bump super-linter/super-linter from 6 to 7 Bumps [super-linter/super-linter](https://github.com/super-linter/super-linter) from 6 to 7. - [Release notes](https://github.com/super-linter/super-linter/releases) - [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md) - [Commits](https://github.com/super-linter/super-linter/compare/v6...v7) --- updated-dependencies: - dependency-name: super-linter/super-linter dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * fix json-prettier error Signed-off-by: Brian DeHamer <bdehamer@github.com> * fix markdown-prettier error Signed-off-by: Brian DeHamer <bdehamer@github.com> * fix yaml-prettier errors Signed-off-by: Brian DeHamer <bdehamer@github.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Brian DeHamer <bdehamer@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Brian DeHamer <bdehamer@github.com>
This commit is contained in:
@@ -10,7 +10,7 @@ updates:
|
|||||||
- minor
|
- minor
|
||||||
- patch
|
- patch
|
||||||
ignore:
|
ignore:
|
||||||
- dependency-name: "actions/attest-sbom"
|
- dependency-name: 'actions/attest-sbom'
|
||||||
|
|
||||||
- package-ecosystem: npm
|
- package-ecosystem: npm
|
||||||
directory: /
|
directory: /
|
||||||
|
|||||||
@@ -47,7 +47,7 @@ jobs:
|
|||||||
run: npm run ci-test
|
run: npm run ci-test
|
||||||
|
|
||||||
test-attest-sbom:
|
test-attest-sbom:
|
||||||
name: Test attest-sbom action with local sbom file
|
name: Test attest-sbom action with local sbom file
|
||||||
runs-on: ubuntu-latest
|
runs-on: ubuntu-latest
|
||||||
permissions:
|
permissions:
|
||||||
attestations: write
|
attestations: write
|
||||||
|
|||||||
@@ -38,7 +38,7 @@ jobs:
|
|||||||
|
|
||||||
- name: Lint Codebase
|
- name: Lint Codebase
|
||||||
id: super-linter
|
id: super-linter
|
||||||
uses: super-linter/super-linter/slim@v6
|
uses: super-linter/super-linter/slim@v7
|
||||||
env:
|
env:
|
||||||
DEFAULT_BRANCH: main
|
DEFAULT_BRANCH: main
|
||||||
FILTER_REGEX_EXCLUDE: dist/**/*
|
FILTER_REGEX_EXCLUDE: dist/**/*
|
||||||
|
|||||||
+8
-9
@@ -1,12 +1,12 @@
|
|||||||
# Release Instructions
|
# Release Instructions
|
||||||
|
|
||||||
Follow the steps below to tag a new release for the
|
Follow the steps below to tag a new release for the `actions/attest-sbom`
|
||||||
`actions/attest-sbom` action.
|
action.
|
||||||
|
|
||||||
If changes were made to the internal `actions/attest-sbom/predicate`
|
If changes were made to the internal `actions/attest-sbom/predicate` action (any
|
||||||
action (any updates to [`./predicate/action.yaml`](./predicate/action.yml) or
|
updates to [`./predicate/action.yaml`](./predicate/action.yml) or any of the
|
||||||
any of the code in the [`./src`](./src) directory), start with step #1;
|
code in the [`./src`](./src) directory), start with step #1; otherwise, skip
|
||||||
otherwise, skip directly to step #5.
|
directly to step #5.
|
||||||
|
|
||||||
1. Merge the latest changes to the `main` branch.
|
1. Merge the latest changes to the `main` branch.
|
||||||
1. Create and push a new predicate tag of the form `predicate@X.X.X` following
|
1. Create and push a new predicate tag of the form `predicate@X.X.X` following
|
||||||
@@ -17,9 +17,8 @@ otherwise, skip directly to step #5.
|
|||||||
git push --tags
|
git push --tags
|
||||||
```
|
```
|
||||||
|
|
||||||
1. Update the reference to the `actions/attest-sbom/predicate`
|
1. Update the reference to the `actions/attest-sbom/predicate` action in
|
||||||
action in [`action.yml`](./action.yml) to point to the SHA of the newly
|
[`action.yml`](./action.yml) to point to the SHA of the newly created tag.
|
||||||
created tag.
|
|
||||||
1. Push the `action.yml` change and open a PR. Once it has been reviewed, merge
|
1. Push the `action.yml` change and open a PR. Once it has been reviewed, merge
|
||||||
the PR and proceed with the release instructions.
|
the PR and proceed with the release instructions.
|
||||||
1. Create a new release for the top-level action using a tag of the form
|
1. Create a new release for the top-level action using a tag of the form
|
||||||
|
|||||||
+37
-40
@@ -1,41 +1,38 @@
|
|||||||
{
|
{
|
||||||
"spdxVersion": "SPDX-2.3",
|
"spdxVersion": "SPDX-2.3",
|
||||||
"dataLicense": "CC0-1.0",
|
"dataLicense": "CC0-1.0",
|
||||||
"SPDXID": "SPDXRef-DOCUMENT",
|
"SPDXID": "SPDXRef-DOCUMENT",
|
||||||
"name": "./",
|
"name": "./",
|
||||||
"documentNamespace": "https://anchore.com/syft/dir/80b363b6-87f4-4162-853f-60d402537d20",
|
"documentNamespace": "https://anchore.com/syft/dir/80b363b6-87f4-4162-853f-60d402537d20",
|
||||||
"creationInfo": {
|
"creationInfo": {
|
||||||
"licenseListVersion": "3.22",
|
"licenseListVersion": "3.22",
|
||||||
"creators": [
|
"creators": ["Organization: Anchore, Inc", "Tool: syft-0.103.1"],
|
||||||
"Organization: Anchore, Inc",
|
"created": "2024-01-31T18:22:50Z"
|
||||||
"Tool: syft-0.103.1"
|
},
|
||||||
],
|
"packages": [
|
||||||
"created": "2024-01-31T18:22:50Z"
|
{
|
||||||
},
|
"name": "@ampproject/remapping",
|
||||||
"packages": [
|
"SPDXID": "SPDXRef-Package-npm--ampproject-remapping-5266573ba4f24a42",
|
||||||
{
|
"versionInfo": "2.2.1",
|
||||||
"name": "@ampproject/remapping",
|
"supplier": "NOASSERTION",
|
||||||
"SPDXID": "SPDXRef-Package-npm--ampproject-remapping-5266573ba4f24a42",
|
"downloadLocation": "NOASSERTION",
|
||||||
"versionInfo": "2.2.1",
|
"filesAnalyzed": false,
|
||||||
"supplier": "NOASSERTION",
|
"sourceInfo": "acquired package info from installed node module manifest file: /yarn.lock",
|
||||||
"downloadLocation": "NOASSERTION",
|
"licenseConcluded": "NOASSERTION",
|
||||||
"filesAnalyzed": false,
|
"licenseDeclared": "Apache-2.0",
|
||||||
"sourceInfo": "acquired package info from installed node module manifest file: /yarn.lock",
|
"copyrightText": "NOASSERTION",
|
||||||
"licenseConcluded": "NOASSERTION",
|
"externalRefs": [
|
||||||
"licenseDeclared": "Apache-2.0",
|
{
|
||||||
"copyrightText": "NOASSERTION",
|
"referenceCategory": "SECURITY",
|
||||||
"externalRefs": [
|
"referenceType": "cpe23Type",
|
||||||
{
|
"referenceLocator": "cpe:2.3:a:\\@ampproject\\/remapping:\\@ampproject\\/remapping:2.2.1:*:*:*:*:*:*:*"
|
||||||
"referenceCategory": "SECURITY",
|
},
|
||||||
"referenceType": "cpe23Type",
|
{
|
||||||
"referenceLocator": "cpe:2.3:a:\\@ampproject\\/remapping:\\@ampproject\\/remapping:2.2.1:*:*:*:*:*:*:*"
|
"referenceCategory": "PACKAGE-MANAGER",
|
||||||
},
|
"referenceType": "purl",
|
||||||
{
|
"referenceLocator": "pkg:npm/%40ampproject/remapping@2.2.1"
|
||||||
"referenceCategory": "PACKAGE-MANAGER",
|
}
|
||||||
"referenceType": "purl",
|
]
|
||||||
"referenceLocator": "pkg:npm/%40ampproject/remapping@2.2.1"
|
}
|
||||||
}
|
]
|
||||||
]
|
}
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
|
|||||||
Reference in New Issue
Block a user