From ac3bc39de6e63b5d49c9648d4fcec4e3b6aba64a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 Nov 2024 03:53:32 +0000 Subject: [PATCH] build(deps): bump the minor-updates group across 1 directory with 7 updates Bumps the minor-updates group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.9.1` | `2.10.2` | | [actions/checkout](https://github.com/actions/checkout) | `4.1.7` | `4.2.2` | | [actions/cache](https://github.com/actions/cache) | `4.0.2` | `4.1.2` | | [mozilla-actions/sccache-action](https://github.com/mozilla-actions/sccache-action) | `0.0.5` | `0.0.6` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.0` | `4.4.3` | | [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.42.37` | `2.45.6` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.26.6` | `3.27.5` | Updates `step-security/harden-runner` from 2.9.1 to 2.10.2 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde...0080882f6c36860b6ba35c610c98ce87d4e2f26f) Updates `actions/checkout` from 4.1.7 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/692973e3d937129bcbf40652eb9f2f61becf3332...11bd71901bbe5b1630ceea73d27597364c9af683) Updates `actions/cache` from 4.0.2 to 4.1.2 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/0c45773b623bea8c8e75f6c82b208c3cf94ea4f9...6849a6489940f00c2f30c0fb92c6274307ccb58a) Updates `mozilla-actions/sccache-action` from 0.0.5 to 0.0.6 - [Release notes](https://github.com/mozilla-actions/sccache-action/releases) - [Commits](https://github.com/mozilla-actions/sccache-action/compare/89e9040de88b577a072e3760aaf59f585da083af...9e326ebed976843c9932b3aa0e021c6f50310eb4) Updates `actions/upload-artifact` from 4.4.0 to 4.4.3 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/50769540e7f4bd5e21e526ee35c689e35e0d6874...b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882) Updates `taiki-e/install-action` from 2.42.37 to 2.45.6 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/f2b65a3e67b2ba5ed3b4a631b5e460896e975708...6da51af62171044932d435033daa70a0eb3383ba) Updates `github/codeql-action` from 3.26.6 to 3.27.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/4dd16135b69a43b6c8efb853346f8437d92d3c93...f09c1c0a94de965c15400f5634aa42fac8fb8f88) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-updates - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-updates - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-updates - dependency-name: mozilla-actions/sccache-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-updates - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-updates - dependency-name: taiki-e/install-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-updates - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-updates ... Signed-off-by: dependabot[bot] --- .github/workflows/docs.yml | 8 ++++---- .github/workflows/release.yml | 26 +++++++++++++------------- .github/workflows/rust.yml | 20 ++++++++++---------- .github/workflows/scorecard.yml | 8 ++++---- 4 files changed, 31 insertions(+), 31 deletions(-) diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index dd82121..9d243d3 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -30,15 +30,15 @@ jobs: name: Build Documentation runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Install Dependencies run: sudo apt-get update; sudo apt-get install --no-install-recommends libasound2-dev libudev-dev - name: Cache - uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4 + uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 with: path: | ~/.cargo/bin/ @@ -74,7 +74,7 @@ jobs: pages: write id-token: write steps: - - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit - name: Deploy to GitHub Pages diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2b4e474..d028f21 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -36,12 +36,12 @@ jobs: contents: write steps: - - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Run sccache-cache - uses: mozilla-actions/sccache-action@89e9040de88b577a072e3760aaf59f585da083af # 0.0.5 + uses: mozilla-actions/sccache-action@9e326ebed976843c9932b3aa0e021c6f50310eb4 # 0.0.6 - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # master with: targets: x86_64-unknown-linux-gnu @@ -70,7 +70,7 @@ jobs: zip --recurse-paths ../${{ env.binary }}.zip . - name: Upload binaries to artifacts - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4 with: path: ${{ env.binary }}.zip name: linux @@ -94,12 +94,12 @@ jobs: contents: write steps: - - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Run sccache-cache - uses: mozilla-actions/sccache-action@89e9040de88b577a072e3760aaf59f585da083af # 0.0.5 + uses: mozilla-actions/sccache-action@9e326ebed976843c9932b3aa0e021c6f50310eb4 # 0.0.6 - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # master with: targets: x86_64-pc-windows-msvc @@ -124,7 +124,7 @@ jobs: Compress-Archive -Path windows/* -DestinationPath ${{ env.binary }}.zip - name: Upload binaries to artifacts - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4 with: path: ${{ env.binary }}.zip name: windows @@ -148,12 +148,12 @@ jobs: contents: write steps: - - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Run sccache-cache - uses: mozilla-actions/sccache-action@89e9040de88b577a072e3760aaf59f585da083af # 0.0.5 + uses: mozilla-actions/sccache-action@9e326ebed976843c9932b3aa0e021c6f50310eb4 # 0.0.6 - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # master with: targets: x86_64-apple-darwin, aarch64-apple-darwin @@ -193,7 +193,7 @@ jobs: hdiutil create -fs HFS+ -volname "${{ env.binary }}" -srcfolder ${{ env.binary }}.app ${{ env.binary }}-macOS.dmg - name: Upload binaries to artifacts - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4 with: path: ${{ env.binary }}-macOS.dmg name: macOS-intel @@ -234,7 +234,7 @@ jobs: if: ${{ needs.check-if-upload-to-itch-is-configured.outputs.should-upload == 'yes' }} steps: - - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit - name: Download artifacts diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index 230c0fb..260b635 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -28,14 +28,14 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 30 steps: - - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Install Dependencies run: sudo apt-get update; sudo apt-get install --no-install-recommends libasound2-dev libudev-dev - name: Run sccache-cache - uses: mozilla-actions/sccache-action@89e9040de88b577a072e3760aaf59f585da083af # 0.0.5 + uses: mozilla-actions/sccache-action@9e326ebed976843c9932b3aa0e021c6f50310eb4 # 0.0.6 - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # master with: targets: x86_64-unknown-linux-gnu @@ -56,14 +56,14 @@ jobs: runs-on: ubuntu-latest needs: build steps: - - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Install Dependencies run: sudo apt-get update; sudo apt-get install --no-install-recommends libasound2-dev libudev-dev - name: Run sccache-cache - uses: mozilla-actions/sccache-action@89e9040de88b577a072e3760aaf59f585da083af # 0.0.5 + uses: mozilla-actions/sccache-action@9e326ebed976843c9932b3aa0e021c6f50310eb4 # 0.0.6 - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # master with: targets: x86_64-unknown-linux-gnu @@ -81,19 +81,19 @@ jobs: needs: build runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 - name: Install Dependencies run: sudo apt-get update; sudo apt-get install --no-install-recommends libasound2-dev libudev-dev - name: Run sccache-cache - uses: mozilla-actions/sccache-action@89e9040de88b577a072e3760aaf59f585da083af # 0.0.5 + uses: mozilla-actions/sccache-action@9e326ebed976843c9932b3aa0e021c6f50310eb4 # 0.0.6 - uses: dtolnay/rust-toolchain@7b1c307e0dcbda6122208f10795a713336a9b35a # master with: targets: x86_64-unknown-linux-gnu toolchain: ${{ env.nightly_toolchain }} - - uses: taiki-e/install-action@f2b65a3e67b2ba5ed3b4a631b5e460896e975708 # v2.42.37 + - uses: taiki-e/install-action@6da51af62171044932d435033daa70a0eb3383ba # v2.45.6 with: tool: cargo-nextest - name: Run tests diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 078b68c..8a20dd7 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -31,11 +31,11 @@ jobs: # actions: read steps: - - uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 + - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 with: egress-policy: audit - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false @@ -62,7 +62,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: Upload artifact - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 with: name: SARIF file path: results.sarif @@ -70,6 +70,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6 + uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5 with: sarif_file: results.sarif