dependabot[bot]
b81d5bf895
Bump actions/cache from 3 to 4
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3 to 4.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com >
2024-04-25 16:53:16 +00:00
Dan Rigby
2435e57601
Merge pull request #2270 from jsoref/bump-actions
...
Checkout: Update all workflows to use Checkout V4
2024-04-25 12:52:18 -04:00
Dan Rigby
8ff5c7e7bb
Merge branch 'main' into bump-actions
2024-04-25 12:51:52 -04:00
mponaws
ac9c407320
Add starter-workflows for Policy Validator ( #2375 )
...
* Add starter-workflows for Policy Validator
* Add starter-workflows for Policy Validator
* Add starter-workflows for Policy Validator, removed references to GitHub secrets & S3 to keep it simple
2024-04-18 14:39:17 -05:00
Marco Gario
9963e8cd28
Merge pull request #2372 from actions/codeql-packages-read
...
Update CodeQL workflow to use packages:read permission.
2024-04-11 13:17:21 +02:00
Marco Gario
a3194f5b47
Update CodeQL workflow to use packages:read permission.
...
Co-authored-by: Anders Starcke Henriksen <starcke@github.com >
2024-04-11 09:42:21 +02:00
Rex P
ca5bcdc693
Add OSV-Scanner code scanning workflow ( #2350 )
...
* Add OSV-Scanner code scanning workflow
* Update code-scanning/osv-scanner.yml
Co-authored-by: Alexis Abril <alexisabril@github.com >
---------
Co-authored-by: Alexis Abril <alexisabril@github.com >
2024-04-09 22:21:33 -05:00
Josh Soref
cd4b67d0b4
Checkout: Update all workflows to use Checkout V4
2024-04-05 15:29:37 -04:00
Issy Long
607f368fb0
Merge pull request #2363 from actions/larger-runners-not-ghes
...
codeql: Clarify that hosted larger runners only exist on GHEC
2024-04-03 16:22:33 +01:00
Issy Long
31a3e00dab
codeql: Clarify that hosted larger runners only exist on GHEC
...
- Part of https://github.com/github/code-scanning/issues/13748 .
2024-04-03 10:23:11 +01:00
Charly Garcia
b53d05e4b0
ci: use artisan command to run test, because this ci/laravel.yml does not work properly in laravel when uses Pest instead of PHPUnit ( #2284 )
...
Co-authored-by: Alexis Abril <alexisabril@github.com >
2024-04-01 15:12:02 -05:00
SOOS-GSteen
efd31e5f0f
update soos dash action commit hash / sarif action version / logo ( #2317 )
...
* Update soos-dast-scan.yml
* Update soos-dast-scan.yml
* Update soos.svg
* Update code-scanning/soos-dast-scan.yml
Co-authored-by: Alexis Abril <alexisabril@github.com >
---------
Co-authored-by: Alexis Abril <alexisabril@github.com >
2024-04-01 15:11:05 -05:00
James M. Greene
e4837fa768
Improve step name for Next.js build
2024-03-29 20:19:38 -05:00
James M. Greene
eeef7a773c
Merge pull request #2360 from actions/configure-pages-v5
...
Update all Pages workflows to use `actions/configure-pages@v5`
2024-03-29 20:09:51 -05:00
James M. Greene
c9a0122a59
Update all Pages workflows to use actions/configure-pages@v5
2024-03-29 19:57:20 -05:00
Cameron Booth
e6175cb011
Merge pull request #2359 from actions/alexisabril-patch-1
...
Update CODEOWNERS
2024-03-29 15:32:18 -07:00
Alexis Abril
87efe4c91d
Update CODEOWNERS
...
Adding @actions/starter-workflows to each category to minimize notification pollution.
2024-03-29 15:20:42 -07:00
Alexis Abril
4ca845b387
Update CODEOWNERS
...
Simplifying the CODEOWNERS file to allow respective teams the capabilities to manage PRs as responsibilities have been updated recently. In the short term, this will add notifications to folks for each team.
2024-03-29 13:23:28 -07:00
James M. Greene
539cde590c
Merge pull request #2351 from cclinet/update-astro-for-yarn
...
Fix: astro.yml for yarn based project
2024-03-27 22:40:13 -05:00
James M. Greene
0ac8e61930
Merge branch 'main' into update-astro-for-yarn
2024-03-27 22:39:47 -05:00
Spencer Schrock
4620c76b38
update Scorecard Action hashes and version comments ( #2348 )
...
* update action hashes and version comments
ossf/scorecard-action v2.1.2 is old and doesnt work after a Sigstore
change. https://blog.sigstore.dev/tuf-root-update/
Signed-off-by: Spencer Schrock <sschrock@google.com >
* downgrade actions/upload-artifact to node20 version of v3
dependabot will suggest upgrade to v4.3.1 for repos that can upgrade.
note: v3.pre.node20 is how dependabot refers to the pinned hash, so
use that so it can upgrade the comment
Signed-off-by: Spencer Schrock <sschrock@google.com >
* upgrade github/codeql-action/upload-sarif to v3.24.9
Signed-off-by: Spencer Schrock <sschrock@google.com >
---------
Signed-off-by: Spencer Schrock <sschrock@google.com >
Co-authored-by: Alexis Abril <alexisabril@github.com >
2024-03-27 13:25:03 -07:00
Andreas Deininger
831e9cb8e4
Bump workflow actions of various starter files ( #2210 )
2024-03-27 10:51:41 -07:00
Marco Gario
4ccc742286
Merge pull request #2306 from actions/update_codeql_template
...
Code Scanning Update codeql.yml with new build-mode
2024-03-26 14:13:08 +01:00
Marco Gario
fdbad9c74f
Update codeql.yml
...
links to docs
2024-03-26 13:45:32 +01:00
Marco Gario
97c6254b5e
Merge branch 'main' into update_codeql_template
2024-03-26 13:35:12 +01:00
Marco Gario
aad9272438
Update codeql.yml
...
Limit matrix information in the job name to language by default
2024-03-26 13:18:17 +01:00
카기자판
61cdce264d
Updating nextjs.yml for Next.js 14 Support ( #2204 )
...
* Update nextjs.yml
* Update nextjs.yml
---------
Co-authored-by: Alexis Abril <alexisabril@github.com >
2024-03-25 16:26:55 -07:00
cclin
0f4d22325b
Update astro.yml for yarn based project
2024-03-25 16:05:58 +08:00
Tim Heuer
3fb9f82449
Updating dotnet CI starter workflows ( #2333 )
...
* Update dotnet.yml
Updating versions
* Update dotnet-desktop.yml
Bumping versions
* Update ci/dotnet-desktop.yml
Co-authored-by: Alexis Abril <alexisabril@github.com >
---------
Co-authored-by: Alexis Abril <alexisabril@github.com >
2024-03-12 14:08:25 -05:00
Chad Bentz
03277899f0
tfsec latest v0.1.4 ( #2318 )
2024-03-06 15:46:46 -06:00
Marco Gario
4a8c4e08b0
Update code-scanning/codeql.yml
...
Co-authored-by: Henry Mercer <henrymercer@github.com >
2024-02-19 15:57:02 +01:00
Marco Gario
8a973982d1
Update code-scanning/codeql.yml
...
Co-authored-by: Henry Mercer <henrymercer@github.com >
2024-02-19 15:54:06 +01:00
Marco Gario
05e4581159
Update codeql.yml with new build-mode
2024-02-15 09:01:39 +01:00
Jon Janego
be552580a6
Merge pull request #2305 from bigdaz/main
...
Update for `gradle/actions@v3.1.0` release
2024-02-14 10:03:12 -06:00
daz
d303234ad7
Update for gradle/actions@v3.1.0 release
...
- Bump version hashes to use `gradle/actions/setup-gradle@v3.1.0`
- Bump version hash to use `gradle/actions/dependency-submission@v3.1.0`
2024-02-13 14:00:27 -07:00
Sam Partington
2b5d980659
Merge pull request #2299 from actions/dependency-review-ownership
...
Code Scanning shouldn't own `dependency-review.yml`
2024-02-09 17:37:50 +00:00
Sam Partington
813dc76266
Merge branch 'main' into dependency-review-ownership
2024-02-09 17:33:22 +00:00
Jon Janego
da7a61e43c
Merge pull request #2297 from actions/jonjanego-patch-1
...
Changing default behavior to include comment summary in PR
2024-02-07 12:19:42 -06:00
Sam Partington
c4f5db6260
Code Scanning shouldn't own dependency-review.yml
2024-02-07 17:33:08 +00:00
Jon Janego
8aab15dd49
Update code-scanning/dependency-review.yml
...
begone, whitespace
Co-authored-by: Chad Bentz <1760475+felickz@users.noreply.github.com >
2024-02-07 09:06:01 -06:00
Jon Janego
ba9d3788e4
Changing default behavior to include comment summary in PR
...
also gave the workflow the appropriate permissions required, pull-requests: write
2024-02-06 12:55:25 -06:00
SOOS-GSteen
6e4aae97ef
soos-dast-scan.yml update ( #2240 )
...
* Update soos-dast-scan.yml
* use major version syntax
* code review
* lint
* Update soos-dast-scan.yml
2024-02-06 10:44:04 -06:00
Jon Janego
aecd7f349b
Merge pull request #2290 from bigdaz/main
...
Update for `gradle/actions@v3.0.0` release
2024-01-31 16:13:33 -06:00
daz
6c7819814a
Fix typo
2024-01-31 15:07:12 -07:00
daz
51848d8b15
Remove trailing whitespace
2024-01-31 13:38:44 -07:00
daz
b0b88404ff
Improve documentation in starter workflow
...
- Remove "optional" flag from dependency-submission
- Add example of running without Gradle wrapper
- Link to action docs
2024-01-31 13:29:02 -07:00
daz
2d30c1b64c
Update for gradle/actions@v3.0.0 release
...
- Bump version hashes to use `v3.0.0` of Gradle action
- Bump to Node20-compatible versions of `actions/checkout` and `actions/setup-java`
- Replace uses of `gradle/gradle-build-action` with `gradle/actions/setup-gradle`
- Split "Setup Gradle" step out of "Run Gradle" steps
- Add separate Job using `gradle/actions/dependency-submission` (flagged as optional)
- Bump to setup JDK 17
2024-01-31 05:34:15 -07:00
Jon Janego
0753b8da50
Merge pull request #2242 from ctcampbell/patch-1
...
Update dependency-review.yml actions/checkout version, add common with: options, and add comments for dependency submission
2024-01-29 14:40:24 -06:00
Jon Janego
cea0111003
Update dependency-review.yml
...
removing extra whitespace
2024-01-29 14:38:17 -06:00
Jon Janego
c969459da2
Merge branch 'main' into patch-1
2024-01-29 14:34:36 -06:00