build(deps): bump the all-actions group with 3 updates (#1989)

author dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Mon, 9 Oct 2023 22:43:09 +0000 (00:43 +0200)

committer GitHub <noreply@github.com>

Mon, 9 Oct 2023 22:43:09 +0000 (00:43 +0200)
author dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Mon, 9 Oct 2023 22:43:09 +0000 (00:43 +0200)
committer GitHub <noreply@github.com>
Mon, 9 Oct 2023 22:43:09 +0000 (00:43 +0200)
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml

index acebda3ac1e21d12759ecd8159ded521ae8c582f..ca5bf0e1ba1535f7ebc52556850f4d10cf761b3f 100644 (file)
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -12,7 +12,7 @@ jobs:
        matrix:
          bs: [autotools, cmake]
      steps:
-    - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+    - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
      - name: Install dependencies
        run: ./build/ci/github_actions/macos.sh prepare
      - name: Autogen
@@ -56,7 +56,7 @@ jobs:
          bs: [autotools, cmake]
          crypto: [mbedtls, nettle, openssl]
      steps:
-    - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+    - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
      - name: Update apt cache
        run: sudo apt-get update
      - name: Install dependencies
@@ -96,7 +96,7 @@ jobs:
    Ubuntu-distcheck:
      runs-on: ubuntu-22.04
      steps:
-    - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+    - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
      - name: Update package definitions
        run: sudo apt-get update
      - name: Install dependencies
@@ -122,7 +122,7 @@ jobs:
        matrix:
          be: [mingw-gcc, msvc]
      steps:
-    - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+    - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
      - name: Install dependencies
        run: ./build/ci/github_actions/ci.cmd deplibs
        shell: cmd
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml

index 63706a6522a65e303cc459a1f9ed65cbc40daaaa..0ab09246de118af0b441bead568ebf826ef9776d 100644 (file)
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -26,18 +26,18 @@ jobs:
  
      steps:
        - name: Checkout
-        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
  
        - name: Initialize CodeQL
-        uses: github/codeql-action/init@04daf014b50eaf774287bf3f0f1869d4b4c4b913 # v2.21.7
+        uses: github/codeql-action/init@fdcae64e1484d349b3366718cdfef3d404390e85 # v2.22.1
          with:
            languages: ${{ matrix.language }}
            queries: +security-and-quality
  
        - name: Autobuild
-        uses: github/codeql-action/autobuild@04daf014b50eaf774287bf3f0f1869d4b4c4b913 # v2.21.7
+        uses: github/codeql-action/autobuild@fdcae64e1484d349b3366718cdfef3d404390e85 # v2.22.1
  
        - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@04daf014b50eaf774287bf3f0f1869d4b4c4b913 # v2.21.7
+        uses: github/codeql-action/analyze@fdcae64e1484d349b3366718cdfef3d404390e85 # v2.22.1
          with:
            category: "/language:${{ matrix.language }}"
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml

index 3dd8e7152c74fa69d95a073c99bb7bf64151f49d..61cd632d002af7a12744feb3881fbf3ea14e2e92 100644 (file)
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -29,12 +29,12 @@ jobs:
  
      steps:
        - name: "Checkout code"
-        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
          with:
            persist-credentials: false
  
        - name: "Run analysis"
-        uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0
+        uses: ossf/scorecard-action@483ef80eb98fb506c348f7d62e28055e49fe2398 # v2.3.0
          with:
            results_file: results.sarif
            results_format: sarif
@@ -60,6 +60,6 @@ jobs:
  
        # Upload the results to GitHub's code scanning dashboard.
        - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@04daf014b50eaf774287bf3f0f1869d4b4c4b913 # v2.21.7
+        uses: github/codeql-action/upload-sarif@fdcae64e1484d349b3366718cdfef3d404390e85 # v2.22.1
          with:
            sarif_file: results.sarif
author	dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
	Mon, 9 Oct 2023 22:43:09 +0000 (00:43 +0200)
committer	GitHub <noreply@github.com>
	Mon, 9 Oct 2023 22:43:09 +0000 (00:43 +0200)
.github/workflows/ci.yml		patch \| blob \| blame \| history
.github/workflows/codeql.yml		patch \| blob \| blame \| history
.github/workflows/scorecard.yml		patch \| blob \| blame \| history