From 9d3a31078e05be1ed5cfbbe135b97986b80a5591 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 19 Sep 2024 18:01:00 +0000 Subject: [PATCH] chore(workflows): update github actions (#1415) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Type | Update | Change | OpenSSF | |---|---|---|---|---| | [actions/setup-node](https://redirect.github.com/actions/setup-node) | action | digest | `1e60f62` -> `0a44ba7` | [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/actions/setup-node/badge)](https://securityscorecards.dev/viewer/?uri=github.com/actions/setup-node) | | [github/codeql-action](https://redirect.github.com/github/codeql-action) | action | digest | `8214744` -> `294a9d9` | [![OpenSSF Scorecard](https://api.securityscorecards.dev/projects/github.com/github/codeql-action/badge)](https://securityscorecards.dev/viewer/?uri=github.com/github/codeql-action) | --- ### Configuration ๐Ÿ“… **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). ๐Ÿšฆ **Automerge**: Disabled by config. Please merge this manually once you are satisfied. โ™ป **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. ๐Ÿ‘ป **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/weareinreach/InReach). Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/chromatic.yml | 2 +- .github/workflows/codeql.yml | 4 ++-- .github/workflows/crowdin.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/nextjs_bundle_analysis.yml | 2 +- .github/workflows/njsscan.yml | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/chromatic.yml b/.github/workflows/chromatic.yml index f6ec22d53b..48404aa6e5 100644 --- a/.github/workflows/chromatic.yml +++ b/.github/workflows/chromatic.yml @@ -38,7 +38,7 @@ jobs: with: run_install: false - name: Install Node.js - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4 + uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4 with: node-version-file: .nvmrc cache: pnpm diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index b32d20030b..82993f1f7a 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -25,6 +25,6 @@ jobs: - name: โคต๏ธ Check out code from GitHub uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: ๐Ÿ— Initialize CodeQL - uses: github/codeql-action/init@8214744c546c1e5c8f03dde8fab3a7353211988d # v3 + uses: github/codeql-action/init@294a9d92911152fe08befb9ec03e240add280cb3 # v3 - name: ๐Ÿš€ Perform CodeQL Analysis - uses: github/codeql-action/analyze@8214744c546c1e5c8f03dde8fab3a7353211988d # v3 + uses: github/codeql-action/analyze@294a9d92911152fe08befb9ec03e240add280cb3 # v3 diff --git a/.github/workflows/crowdin.yml b/.github/workflows/crowdin.yml index 286a29a87c..5798a7f6e2 100644 --- a/.github/workflows/crowdin.yml +++ b/.github/workflows/crowdin.yml @@ -53,7 +53,7 @@ jobs: - name: Install Node.js if: github.event_name != 'pull_request' && !startsWith(github.ref_name, 'l10n_') - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4 + uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4 with: node-version-file: .nvmrc cache: pnpm diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index bf3171a80e..6b8c809f4f 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -39,7 +39,7 @@ jobs: # standalone: true - name: Install Node.js - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4 + uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4 with: node-version-file: .nvmrc cache: pnpm diff --git a/.github/workflows/nextjs_bundle_analysis.yml b/.github/workflows/nextjs_bundle_analysis.yml index 9410fec465..783f01a0ff 100644 --- a/.github/workflows/nextjs_bundle_analysis.yml +++ b/.github/workflows/nextjs_bundle_analysis.yml @@ -41,7 +41,7 @@ jobs: run_install: false - name: Install Node.js - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4 + uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4 with: node-version-file: .nvmrc cache: pnpm diff --git a/.github/workflows/njsscan.yml b/.github/workflows/njsscan.yml index ac475ee181..99c6413971 100644 --- a/.github/workflows/njsscan.yml +++ b/.github/workflows/njsscan.yml @@ -37,6 +37,6 @@ jobs: with: args: '. --sarif --output results.sarif || true' - name: Upload njsscan report - uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3 + uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3 with: sarif_file: results.sarif