From 107d6dd6a1f071ae0839fcf4263fc43b8af4bceb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 24 Mar 2025 14:00:18 +0000 Subject: [PATCH] ci: bump the github-actions group across 1 directory with 7 updates Bumps the github-actions group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [crate-ci/typos](https://github.com/crate-ci/typos) | `1.19.0` | `1.30.2` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `4` | `5` | | [chromaui/action](https://github.com/chromaui/action) | `10` | `11` | | [contributor-assistant/github-action](https://github.com/contributor-assistant/github-action) | `2.3.2` | `2.6.1` | | [toshimaru/auto-author-assign](https://github.com/toshimaru/auto-author-assign) | `2.1.0` | `2.1.1` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.18.0` | `0.30.0` | | [beatlabs/delete-old-branches-action](https://github.com/beatlabs/delete-old-branches-action) | `0.0.10` | `0.0.11` | Updates `crate-ci/typos` from 1.19.0 to 1.30.2 - [Release notes](https://github.com/crate-ci/typos/releases) - [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md) - [Commits](https://github.com/crate-ci/typos/compare/v1.19.0...v1.30.2) Updates `codecov/codecov-action` from 4 to 5 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v4...v5) Updates `chromaui/action` from 10 to 11 - [Release notes](https://github.com/chromaui/action/releases) - [Commits](https://github.com/chromaui/action/compare/v10...v11) Updates `contributor-assistant/github-action` from 2.3.2 to 2.6.1 - [Release notes](https://github.com/contributor-assistant/github-action/releases) - [Commits](https://github.com/contributor-assistant/github-action/compare/v2.3.2...v2.6.1) Updates `toshimaru/auto-author-assign` from 2.1.0 to 2.1.1 - [Release notes](https://github.com/toshimaru/auto-author-assign/releases) - [Changelog](https://github.com/toshimaru/auto-author-assign/blob/main/CHANGELOG.md) - [Commits](https://github.com/toshimaru/auto-author-assign/compare/v2.1.0...v2.1.1) Updates `aquasecurity/trivy-action` from 0.18.0 to 0.30.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/062f2592684a31eb3aa050cc61e7ca1451cecd3d...6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5) Updates `beatlabs/delete-old-branches-action` from 0.0.10 to 0.0.11 - [Release notes](https://github.com/beatlabs/delete-old-branches-action/releases) - [Commits](https://github.com/beatlabs/delete-old-branches-action/compare/v0.0.10...v0.0.11) --- updated-dependencies: - dependency-name: crate-ci/typos dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: chromaui/action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: contributor-assistant/github-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: toshimaru/auto-author-assign dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: beatlabs/delete-old-branches-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yaml | 12 ++++++------ .github/workflows/contrib.yaml | 2 +- .github/workflows/pr-auto-assign.yaml | 2 +- .github/workflows/security.yaml | 2 +- .github/workflows/stale.yaml | 2 +- 5 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 7c58dce1e..48e970865 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -142,7 +142,7 @@ jobs: # Check for any typos - name: Check for typos - uses: crate-ci/typos@v1.19.0 + uses: crate-ci/typos@v1.30.2 with: config: .github/workflows/typos.toml @@ -308,7 +308,7 @@ jobs: api-key: ${{ secrets.DATADOG_API_KEY }} - name: Check code coverage - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@v5 # This action has a tendency to error out unexpectedly, it has # the `fail_ci_if_error` option that defaults to `false`, but # that is no guarantee, see: @@ -356,7 +356,7 @@ jobs: api-key: ${{ secrets.DATADOG_API_KEY }} - name: Check code coverage - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@v5 # This action has a tendency to error out unexpectedly, it has # the `fail_ci_if_error` option that defaults to `false`, but # that is no guarantee, see: @@ -415,7 +415,7 @@ jobs: working-directory: site - name: Check code coverage - uses: codecov/codecov-action@v4 + uses: codecov/codecov-action@v5 # This action has a tendency to error out unexpectedly, it has # the `fail_ci_if_error` option that defaults to `false`, but # that is no guarantee, see: @@ -514,7 +514,7 @@ jobs: # the check to pass. This is desired in PRs, but not in mainline. - name: Publish to Chromatic (non-mainline) if: github.ref != 'refs/heads/main' && github.repository_owner == 'coder' - uses: chromaui/action@v10 + uses: chromaui/action@v11 env: NODE_OPTIONS: "--max_old_space_size=4096" STORYBOOK: true @@ -545,7 +545,7 @@ jobs: # infinitely "in progress" in mainline unless we re-review each build. - name: Publish to Chromatic (mainline) if: github.ref == 'refs/heads/main' && github.repository_owner == 'coder' - uses: chromaui/action@v10 + uses: chromaui/action@v11 env: NODE_OPTIONS: "--max_old_space_size=4096" STORYBOOK: true diff --git a/.github/workflows/contrib.yaml b/.github/workflows/contrib.yaml index 64262c840..28bad337d 100644 --- a/.github/workflows/contrib.yaml +++ b/.github/workflows/contrib.yaml @@ -34,7 +34,7 @@ jobs: steps: - name: cla if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target' - uses: contributor-assistant/github-action@v2.3.2 + uses: contributor-assistant/github-action@v2.6.1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # the below token should have repo scope and must be manually added by you in the repository's secret diff --git a/.github/workflows/pr-auto-assign.yaml b/.github/workflows/pr-auto-assign.yaml index e042124d0..d8210637f 100644 --- a/.github/workflows/pr-auto-assign.yaml +++ b/.github/workflows/pr-auto-assign.yaml @@ -14,4 +14,4 @@ jobs: runs-on: ubuntu-latest steps: - name: Assign author - uses: toshimaru/auto-author-assign@v2.1.0 + uses: toshimaru/auto-author-assign@v2.1.1 diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml index 3acc98725..87fdbb885 100644 --- a/.github/workflows/security.yaml +++ b/.github/workflows/security.yaml @@ -114,7 +114,7 @@ jobs: echo "image=$(cat "$image_job")" >> $GITHUB_OUTPUT - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@062f2592684a31eb3aa050cc61e7ca1451cecd3d + uses: aquasecurity/trivy-action@6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5 with: image-ref: ${{ steps.build.outputs.image }} format: sarif diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml index e1008e75e..c31ee1b83 100644 --- a/.github/workflows/stale.yaml +++ b/.github/workflows/stale.yaml @@ -82,7 +82,7 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 - name: Run delete-old-branches-action - uses: beatlabs/delete-old-branches-action@v0.0.10 + uses: beatlabs/delete-old-branches-action@v0.0.11 with: repo_token: ${{ github.token }} date: "6 months ago"