From a9ba64600bcb5616e8e9e8f1d8e19143f8d9ead8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Mar 2024 13:28:16 +0000 Subject: [PATCH] build(deps): Bump actions/checkout from 4.1.1 to 4.1.2 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/b4ffde65f46336ab88eb53be808477a3936bae11...9bb56186c3b09b4f86b1c65136769dd318469633) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/cosign-test.yml | 2 +- .github/workflows/delegation-pop-verify.yml | 2 +- .github/workflows/initialize.yml | 6 +++--- .github/workflows/release.yml | 2 +- .github/workflows/reuseable-snapshot-timestamp.yml | 4 ++-- .github/workflows/review-snapshot-timestamp.yml | 2 +- .github/workflows/stable-snapshot-timestamp.yml | 2 +- .github/workflows/stable-timestamp.yml | 2 +- .github/workflows/sync-ceremony-to-main.yml | 4 ++-- .github/workflows/sync-main-to-preprod-and-prod.yml | 2 +- .github/workflows/test.yml | 12 ++++++------ .github/workflows/tuf_client_tests.yml | 4 ++-- .github/workflows/validate.yml | 2 +- 13 files changed, 23 insertions(+), 23 deletions(-) diff --git a/.github/workflows/cosign-test.yml b/.github/workflows/cosign-test.yml index 658ab016..f02a03f4 100644 --- a/.github/workflows/cosign-test.yml +++ b/.github/workflows/cosign-test.yml @@ -35,7 +35,7 @@ jobs: - uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 with: python-version: '3.x' - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 2 - run: | diff --git a/.github/workflows/delegation-pop-verify.yml b/.github/workflows/delegation-pop-verify.yml index 7b119196..661b9cb7 100644 --- a/.github/workflows/delegation-pop-verify.yml +++ b/.github/workflows/delegation-pop-verify.yml @@ -34,7 +34,7 @@ jobs: PR_NUMBER: ${{ github.event.pull_request.number }} steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 0 diff --git a/.github/workflows/initialize.yml b/.github/workflows/initialize.yml index a1d9ebd8..e710f226 100644 --- a/.github/workflows/initialize.yml +++ b/.github/workflows/initialize.yml @@ -44,7 +44,7 @@ jobs: check_branch: runs-on: ubuntu-latest steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 0 - name: Check if remote branch exists @@ -64,7 +64,7 @@ jobs: permissions: id-token: 'write' steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 0 # TODO(https://github.com/sigstore/root-signing/issues/98): Use a common configuration checked into source control @@ -121,7 +121,7 @@ jobs: pull-requests: 'write' contents: 'write' steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: ref: ${{ inputs.branch }} fetch-depth: 0 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8a1d9516..e5a12c83 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -31,7 +31,7 @@ jobs: outputs: hashes: ${{ steps.hash.outputs.hashes }} steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: diff --git a/.github/workflows/reuseable-snapshot-timestamp.yml b/.github/workflows/reuseable-snapshot-timestamp.yml index a1a6b33d..70b64ab7 100644 --- a/.github/workflows/reuseable-snapshot-timestamp.yml +++ b/.github/workflows/reuseable-snapshot-timestamp.yml @@ -73,7 +73,7 @@ jobs: permissions: id-token: 'write' steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 0 ref: ${{ inputs.branch }} @@ -178,7 +178,7 @@ jobs: pull-requests: 'write' contents: 'write' steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 0 ref: ${{ inputs.branch }} diff --git a/.github/workflows/review-snapshot-timestamp.yml b/.github/workflows/review-snapshot-timestamp.yml index 841b636e..0aae2e46 100644 --- a/.github/workflows/review-snapshot-timestamp.yml +++ b/.github/workflows/review-snapshot-timestamp.yml @@ -33,7 +33,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.SIGSTORE_REVIEW_BOT_FINE_GRAINED_PAT }} steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - run: | set -euo pipefail ./.github/workflows/scripts/review-pull-request.sh diff --git a/.github/workflows/stable-snapshot-timestamp.yml b/.github/workflows/stable-snapshot-timestamp.yml index 00e2c8c8..4e23f1f1 100644 --- a/.github/workflows/stable-snapshot-timestamp.yml +++ b/.github/workflows/stable-snapshot-timestamp.yml @@ -50,7 +50,7 @@ jobs: env: FORCE_SNAPSHOT: ${{ inputs.force_snapshot }} steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 0 - name: Determine whether to run a snapshot/timestamp diff --git a/.github/workflows/stable-timestamp.yml b/.github/workflows/stable-timestamp.yml index 7cc77e74..982e8160 100644 --- a/.github/workflows/stable-timestamp.yml +++ b/.github/workflows/stable-timestamp.yml @@ -44,7 +44,7 @@ jobs: env: FORCE_TIMESTAMP: ${{ inputs.force_timestamp }} steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 0 - name: Determine whether to create a timestamp diff --git a/.github/workflows/sync-ceremony-to-main.yml b/.github/workflows/sync-ceremony-to-main.yml index 29e6bf3f..b7dd0fd1 100644 --- a/.github/workflows/sync-ceremony-to-main.yml +++ b/.github/workflows/sync-ceremony-to-main.yml @@ -47,7 +47,7 @@ jobs: contents: 'write' runs-on: ubuntu-latest steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 0 ref: ${{ github.event.repository.default_branch }} @@ -68,7 +68,7 @@ jobs: id-token: 'write' runs-on: ubuntu-latest steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 0 - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 diff --git a/.github/workflows/sync-main-to-preprod-and-prod.yml b/.github/workflows/sync-main-to-preprod-and-prod.yml index 99d98e08..a4557ab6 100644 --- a/.github/workflows/sync-main-to-preprod-and-prod.yml +++ b/.github/workflows/sync-main-to-preprod-and-prod.yml @@ -42,7 +42,7 @@ jobs: permissions: id-token: 'write' steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 0 - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index d98e1c24..669f32d7 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -28,7 +28,7 @@ jobs: name: lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: go-version-file: './go.mod' @@ -43,7 +43,7 @@ jobs: yamllint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Set up Python uses: actions/setup-python@0a5c61591373683505ea898e09a3ea4f39ef2b9c # v5.0.0 with: @@ -60,7 +60,7 @@ jobs: actionlint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Check workflow files uses: reviewdog/action-actionlint@c6ee1eb0a5d47b2af53a203652b5dac0b6c4016e # v1.43.0 # TODO(asraa): Re-enable shellcheck from actionlint @@ -70,7 +70,7 @@ jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: go-version-file: './go.mod' @@ -86,7 +86,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: go-version-file: './go.mod' @@ -105,7 +105,7 @@ jobs: name: Shellcheck runs-on: ubuntu-latest steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Run ShellCheck uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # v2.0.0 env: diff --git a/.github/workflows/tuf_client_tests.yml b/.github/workflows/tuf_client_tests.yml index b784ce86..3c1fcd8d 100644 --- a/.github/workflows/tuf_client_tests.yml +++ b/.github/workflows/tuf_client_tests.yml @@ -30,7 +30,7 @@ jobs: - uses: actions/setup-python@v5 with: python-version: '3.x' - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 2 - run: | @@ -83,7 +83,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 - name: Setup node uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3 with: diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 8607d113..f4af7779 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -26,7 +26,7 @@ jobs: validate: runs-on: ubuntu-latest steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2 with: fetch-depth: 2 - run: |