Align files (#1125)

* Align files * Fix dependencies --------- Co-authored-by: github-actions <action@github.com> Co-authored-by: Marian Steinbach <marian@giantswarm.io>
giantswarm · Apr 2, 2024 · b440840 · b440840
1 parent 91b5ac8
commit b440840
Show file tree

Hide file tree

Showing 12 changed files with 35 additions and 41 deletions.
diff --git a/.github/workflows/zz_generated.check_values_schema.yaml b/.github/workflows/zz_generated.check_values_schema.yaml
@@ -1,6 +1,6 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@6.23.2
+#    devctl@6.23.3
 #
 name: 'Values and schema'
 on:
@@ -21,7 +21,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           fetch-depth: 0
 

diff --git a/.github/workflows/zz_generated.create_release.yaml b/.github/workflows/zz_generated.create_release.yaml
@@ -1,6 +1,6 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@6.23.2
+#    devctl@6.23.3
 #
 name: Create Release
 on:
@@ -52,7 +52,7 @@ jobs:
           echo "version=${version}" >> $GITHUB_OUTPUT
       - name: Checkout code
         if: ${{ steps.get_version.outputs.version != '' }}
-        uses: actions/checkout@v4
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: Get project.go path
         id: get_project_go_path
         if: ${{ steps.get_version.outputs.version != '' }}
@@ -88,20 +88,20 @@ jobs:
       - gather_facts
     steps:
       - name: Install architect
-        uses: giantswarm/install-binary-action@v2.0.0
+        uses: giantswarm/install-binary-action@033b1a657eea23d9c42e77312b370e6125e4e38f  # v2.0.0
         with:
           binary: "architect"
           version: "6.14.1"
       - name: Install semver
-        uses: giantswarm/install-binary-action@v2.0.0
+        uses: giantswarm/install-binary-action@033b1a657eea23d9c42e77312b370e6125e4e38f  # v2.0.0
         with:
           binary: "semver"
           version: "3.2.0"
           download_url: "https://github.com/fsaintjacques/${binary}-tool/archive/${version}.tar.gz"
           tarball_binary_path: "*/src/${binary}"
           smoke_test: "${binary} --version"
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: Update project.go
         id: update_project_go
         env:
@@ -161,7 +161,7 @@ jobs:
       upload_url: ${{ steps.create_gh_release.outputs.upload_url }}
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           ref: ${{ github.sha }}
       - name: Ensure correct version in project.go
@@ -172,7 +172,7 @@ jobs:
           grep -qE "version[[:space:]]*=[[:space:]]*\"$version\"" $file
       - name: Get Changelog Entry
         id: changelog_reader
-        uses: mindsers/changelog-reader-action@v2
+        uses: mindsers/changelog-reader-action@32aa5b4c155d76c94e4ec883a223c947b2f02656  # v2.2.3
         with:
           version: ${{ needs.gather_facts.outputs.version }}
           path: ./CHANGELOG.md
@@ -191,7 +191,7 @@ jobs:
           git push "${REMOTE_REPO}" --tags
       - name: Create release
         id: create_gh_release
-        uses: ncipollo/release-action@v1
+        uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5  # v1.14.0
         env:
           GITHUB_TOKEN: "${{ secrets.TAYLORBOT_GITHUB_ACTION }}"
         with:
@@ -206,15 +206,15 @@ jobs:
     if: ${{ needs.gather_facts.outputs.version }}
     steps:
       - name: Install semver
-        uses: giantswarm/install-binary-action@v2.0.0
+        uses: giantswarm/install-binary-action@033b1a657eea23d9c42e77312b370e6125e4e38f  # v2.0.0
         with:
           binary: "semver"
           version: "3.0.0"
           download_url: "https://github.com/fsaintjacques/${binary}-tool/archive/${version}.tar.gz"
           tarball_binary_path: "*/src/${binary}"
           smoke_test: "${binary} --version"
       - name: Check out the repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           fetch-depth: 0  # Clone the whole history, not just the most recent commit.
       - name: Fetch all tags and branches

diff --git a/.github/workflows/zz_generated.create_release_pr.yaml b/.github/workflows/zz_generated.create_release_pr.yaml
@@ -1,6 +1,6 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@6.23.2
+#    devctl@6.23.3
 #
 name: Create Release PR
 on:
@@ -147,12 +147,12 @@ jobs:
         with:
           go-version: '=1.18.1'
       - name: Install architect
-        uses: giantswarm/install-binary-action@v2.0.0
+        uses: giantswarm/install-binary-action@033b1a657eea23d9c42e77312b370e6125e4e38f  # v2.0.0
         with:
           binary: "architect"
           version: "6.11.0"
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           ref: ${{ needs.gather_facts.outputs.branch }}
       - name: Prepare release changes

diff --git a/.github/workflows/zz_generated.gitleaks.yaml b/.github/workflows/zz_generated.gitleaks.yaml
@@ -1,6 +1,6 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@6.23.2
+#    devctl@6.23.3
 #
 name: gitleaks
 
@@ -10,7 +10,7 @@ jobs:
   gitleaks:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v4
+    - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       with:
         fetch-depth: '0'
     - name: gitleaks-action

diff --git a/.github/workflows/zz_generated.run_ossf_scorecard.yaml b/.github/workflows/zz_generated.run_ossf_scorecard.yaml
@@ -1,6 +1,6 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@6.23.2
+#    devctl@6.23.3
 #
 
 # This workflow uses actions that are not certified by GitHub. They are provided
@@ -38,7 +38,7 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           persist-credentials: false
 
@@ -73,6 +73,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@05963f47d870e2cb19a537396c1f668a348c7d8f # v3.24.8
+        uses: github/codeql-action/upload-sarif@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9
         with:
           sarif_file: results.sarif
diff --git a/.nancy-ignore b/.nancy-ignore
@@ -1,15 +1,7 @@
-# pkg:golang/google.golang.org/protobuf@v1.32.0
-CVE-2024-24786 until=2024-03-31
-
-# pkg:golang/github.com/containerd/containerd@v1.6.12
-CVE-2023-25173 until=2024-03-31
-CVE-2023-25153 until=2024-03-31
-
-# pkg:golang/k8s.io/apiserver@v0.25.2
-CVE-2020-8561 until=2024-03-31
-
-# pkg:golang/helm.sh/helm/v3@v3.10.3
-CVE-2019-25210 until=2024-03-31
-CVE-2023-25165 until=2024-03-31
-CVE-2024-25620 until=2024-03-31
-CVE-2024-26147 until=2024-03-31
+CVE-2019-25210 until=2024-05-02 # helm.sh/helm/v3@v3.10.3
+CVE-2023-25165 until=2024-05-02 # helm.sh/helm/v3@v3.10.3
+CVE-2024-25620 until=2024-05-02 # helm.sh/helm/v3@v3.10.3
+CVE-2024-26147 until=2024-05-02 # helm.sh/helm/v3@v3.10.3
+CVE-2023-25153 until=2024-05-02 # github.com/containerd/containerd@v1.6.12
+CVE-2023-25173 until=2024-05-02 # github.com/containerd/containerd@v1.6.12
+CVE-2020-8561 until=2024-05-02 # k8s.io/apiserver@v0.25.2
diff --git a/Makefile b/Makefile
@@ -1,6 +1,6 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@6.23.2
+#    devctl@6.23.3
 #
 
 include Makefile.*.mk

diff --git a/Makefile.gen.app.mk b/Makefile.gen.app.mk
@@ -1,6 +1,6 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@6.23.2
+#    devctl@6.23.3
 #
 
 ##@ App

diff --git a/Makefile.gen.go.mk b/Makefile.gen.go.mk
@@ -1,6 +1,6 @@
 # DO NOT EDIT. Generated with:
 #
-#    devctl@6.23.2
+#    devctl@6.23.3
 #
 
 APPLICATION    := $(shell go list -m | cut -d '/' -f 3)

diff --git a/SECURITY.md b/SECURITY.md
@@ -2,4 +2,4 @@
 
 ## Reporting a Vulnerability
 
-Please visit https://www.giantswarm.io/responsible-disclosure for information on reporting security issues.
+Please visit <https://www.giantswarm.io/responsible-disclosure> for information on reporting security issues.
diff --git a/go.mod b/go.mod
@@ -186,3 +186,5 @@ replace (
 	golang.org/x/net => golang.org/x/net v0.22.0
 	google.golang.org/grpc => google.golang.org/grpc v1.62.1
 )
+
+replace google.golang.org/protobuf v1.32.0 => google.golang.org/protobuf v1.33.0
diff --git a/go.sum b/go.sum
@@ -2915,8 +2915,8 @@ google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqw
 google.golang.org/protobuf v1.29.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
 google.golang.org/protobuf v1.30.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
 google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
-google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I=
-google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
+google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI=
+google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
 gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=