From c34e17466b06e54fe2f18b2207a55c51eb0a1274 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 16 Nov 2023 23:00:18 +0000 Subject: [PATCH] chore(deps): update all non-major dependencies --- .github/workflows/bundle-analysis.yml | 14 +++++++------- .github/workflows/cache-clear.yml | 2 +- .github/workflows/codeql.yml | 8 ++++---- .github/workflows/comment-issue.yml | 2 +- .github/workflows/dependency-review.yml | 4 ++-- .github/workflows/greetings.yml | 4 ++-- .github/workflows/introspect.yml | 2 +- .github/workflows/lint.yml | 14 +++++++------- .github/workflows/scorecards.yml | 8 ++++---- .github/workflows/semantic-pull-request.yml | 4 ++-- .github/workflows/semantic-release.yml | 8 ++++---- .github/workflows/stale-issues.yml | 8 ++++---- .github/workflows/test.yml | 8 ++++---- package.json | 2 +- 14 files changed, 44 insertions(+), 44 deletions(-) diff --git a/.github/workflows/bundle-analysis.yml b/.github/workflows/bundle-analysis.yml index ccfba65..a54276a 100644 --- a/.github/workflows/bundle-analysis.yml +++ b/.github/workflows/bundle-analysis.yml @@ -32,7 +32,7 @@ jobs: steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" @@ -57,7 +57,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" @@ -71,7 +71,7 @@ jobs: - uses: "pnpm/action-setup@d882d12c64e032187b2edb46d3a0d003b7a43598" # v2.4.0 - name: "Set node version to 18" - uses: "actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d" # v3.8.1 + uses: "actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7" # v3.8.2 with: node-version: "18" cache: "pnpm" @@ -82,7 +82,7 @@ jobs: SKIP_CHECK: "true" - name: "Restore Next.js Build" - uses: "actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8" # v3.3.1 + uses: "actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84" # v3.3.2 id: "restore-build-cache" env: cache-name: "cache-next-build" @@ -106,13 +106,13 @@ jobs: run: "cd examples/nextra && npx -p nextjs-bundle-analysis@0.5.0 report" - name: "Upload Bundle" - uses: "actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce" # v3.1.2 + uses: "actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32" # v3.1.3 with: name: "bundle" path: "examples/nextra/.next/analyze/__bundle_analysis.json" - name: "Download Base Branch Bundle Stats" - uses: "dawidd6/action-download-artifact@246dbf436b23d7c49e21a7ab8204ca9ecd1fe615" # v2.27.0 + uses: "dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e" # v2.28.0 if: "success() && github.event.number" with: workflow: "nextjs-bundle-analysis.yml" @@ -175,7 +175,7 @@ jobs: # If any jobs we depend on fail, we will fail since this is a required check # NOTE: A timeout is considered a failure - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" diff --git a/.github/workflows/cache-clear.yml b/.github/workflows/cache-clear.yml index 29300a7..739f5f1 100644 --- a/.github/workflows/cache-clear.yml +++ b/.github/workflows/cache-clear.yml @@ -10,7 +10,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 0564abc..f18b9a8 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -43,7 +43,7 @@ jobs: steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" @@ -52,7 +52,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: "Initialize CodeQL" - uses: "github/codeql-action/init@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8" # v2.21.5 + uses: "github/codeql-action/init@66b90a5db151a8042fa97405c6cf843bbe433f7b" # v2.22.7 with: languages: "${{ matrix.language }}" # If you wish to specify custom queries, you can do so here or in a config file. @@ -62,7 +62,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: "Autobuild" - uses: "github/codeql-action/autobuild@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8" # v2.21.5 + uses: "github/codeql-action/autobuild@66b90a5db151a8042fa97405c6cf843bbe433f7b" # v2.22.7 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -75,6 +75,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: "Perform CodeQL Analysis" - uses: "github/codeql-action/analyze@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8" # v2.21.5 + uses: "github/codeql-action/analyze@66b90a5db151a8042fa97405c6cf843bbe433f7b" # v2.22.7 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/comment-issue.yml b/.github/workflows/comment-issue.yml index a6ae804..26bea94 100644 --- a/.github/workflows/comment-issue.yml +++ b/.github/workflows/comment-issue.yml @@ -16,7 +16,7 @@ jobs: issues: "write" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index c48c96c..e2fabc9 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -20,7 +20,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" @@ -32,4 +32,4 @@ jobs: EMAIL: "github-actions[bot]@users.noreply.github.com" - name: "Dependency Review" - uses: "actions/dependency-review-action@f6fff72a3217f580d5afd49a46826795305b63c7" # v3.0.8 + uses: "actions/dependency-review-action@7bbfa034e752445ea40215fff1c3bf9597993d3f" # v3.1.3 diff --git a/.github/workflows/greetings.yml b/.github/workflows/greetings.yml index d4d8966..c6614be 100644 --- a/.github/workflows/greetings.yml +++ b/.github/workflows/greetings.yml @@ -16,11 +16,11 @@ jobs: steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" - - uses: "actions/first-interaction@1d8459ca65b335265f1285568221e229d45a995e" # v1.1.1 + - uses: "actions/first-interaction@1dbfe1ba5525b8257e1f259b09745bee346d62d8" # v1.2.0 with: repo-token: "${{ secrets.GITHUB_TOKEN }}" issue-message: "Awesome! Thank you for taking the time to create your first issue! Please review the [guidelines](https://narrowspark.com/docs/current/contributing)" diff --git a/.github/workflows/introspect.yml b/.github/workflows/introspect.yml index 948cc83..da18f77 100644 --- a/.github/workflows/introspect.yml +++ b/.github/workflows/introspect.yml @@ -21,7 +21,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 33de02e..618c2e3 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -28,7 +28,7 @@ jobs: yaml_lintable: "${{ steps.changes.outputs.yaml_lintable }}" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" @@ -53,7 +53,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" @@ -71,7 +71,7 @@ jobs: run_install: false - name: "Use Node.js 20.6.1" - uses: "actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d" # v3.8.1 + uses: "actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7" # v3.8.2 with: node-version: "20.6.1" cache: "pnpm" @@ -92,7 +92,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" @@ -119,7 +119,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" @@ -137,7 +137,7 @@ jobs: run_install: false - name: "Use Node.js 20.6.1" - uses: "actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d" # v3.8.1 + uses: "actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7" # v3.8.2 with: node-version: "20.6.1" cache: "pnpm" @@ -170,7 +170,7 @@ jobs: # If any jobs we depend on fail, we will fail since this is a required check # NOTE: A timeout is considered a failure - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index dbdeb1c..1031f87 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -33,7 +33,7 @@ jobs: steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" @@ -43,7 +43,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: "ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031" # v2.2.0 + uses: "ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736" # v2.3.1 with: results_file: "results.sarif" results_format: "sarif" @@ -65,7 +65,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: "actions/upload-artifact@0b7f8abb1508181956e8e162db84b466c27e18ce" # v3.1.2 + uses: "actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32" # v3.1.3 with: name: "SARIF file" path: "results.sarif" @@ -73,6 +73,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: "github/codeql-action/upload-sarif@00e563ead9f72a8461b24876bee2d0c2e8bd2ee8" # v2.21.5 + uses: "github/codeql-action/upload-sarif@66b90a5db151a8042fa97405c6cf843bbe433f7b" # v2.22.7 with: sarif_file: "results.sarif" diff --git a/.github/workflows/semantic-pull-request.yml b/.github/workflows/semantic-pull-request.yml index 34fd71d..ea22485 100644 --- a/.github/workflows/semantic-pull-request.yml +++ b/.github/workflows/semantic-pull-request.yml @@ -21,13 +21,13 @@ jobs: name: "Semantic Pull Request" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" - name: "Validate PR title" id: "lint_pr_title" - uses: "amannn/action-semantic-pull-request@c3cd5d1ea3580753008872425915e343e351ab54" # v5.2.0 + uses: "amannn/action-semantic-pull-request@e9fabac35e210fea40ca5b14c0da95a099eff26f" # v5.4.0 env: GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" with: diff --git a/.github/workflows/semantic-release.yml b/.github/workflows/semantic-release.yml index 45c90d5..219f3a1 100644 --- a/.github/workflows/semantic-release.yml +++ b/.github/workflows/semantic-release.yml @@ -27,7 +27,7 @@ jobs: steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" @@ -56,7 +56,7 @@ jobs: run_install: false - name: "Use Node.js 20.6.1" - uses: "actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d" # v3.8.1 + uses: "actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7" # v3.8.2 with: node-version: "20.6.1" cache: "pnpm" @@ -106,7 +106,7 @@ jobs: contents: "write" # to be able to publish steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" @@ -122,7 +122,7 @@ jobs: - uses: "pnpm/action-setup@d882d12c64e032187b2edb46d3a0d003b7a43598" # v2.4.0 - name: "Use Node.js 20.6.1" - uses: "actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d" # v3.8.1 + uses: "actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7" # v3.8.2 with: node-version: "20.6.1" diff --git a/.github/workflows/stale-issues.yml b/.github/workflows/stale-issues.yml index 2e5a80b..e11dc38 100644 --- a/.github/workflows/stale-issues.yml +++ b/.github/workflows/stale-issues.yml @@ -18,7 +18,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" @@ -43,7 +43,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" @@ -66,7 +66,7 @@ jobs: runs-on: "ubuntu-latest" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" @@ -91,7 +91,7 @@ jobs: steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0691080..5a1eff6 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -26,7 +26,7 @@ jobs: packages: "${{ steps.changes.outputs.packages }}" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" @@ -56,7 +56,7 @@ jobs: runs-on: "${{ matrix.os }}" steps: - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" @@ -72,7 +72,7 @@ jobs: run_install: false - name: "Set node version to ${{ matrix.node_version }}" - uses: "actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d" # v3.8.1 + uses: "actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7" # v3.8.2 with: node-version: "${{ matrix.node_version }}" cache: "pnpm" @@ -106,7 +106,7 @@ jobs: # If any jobs we depend on fail, we will fail since this is a required check # NOTE: A timeout is considered a failure - name: "Harden Runner" - uses: "step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09" # v2.5.1 + uses: "step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895" # v2.6.1 with: egress-policy: "audit" diff --git a/package.json b/package.json index d759996..f33b612 100644 --- a/package.json +++ b/package.json @@ -219,7 +219,7 @@ "optional": true } }, - "packageManager": "pnpm@8.8.0", + "packageManager": "pnpm@8.10.5", "engines": { "node": ">=18.0.0" },