Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update github-actions (major) #46

Merged

Conversation

mend-for-github-com[bot]
Copy link
Contributor

This PR contains the following updates:

Package Type Update Change
actions/checkout action major v3 -> v4
aquaproj/aqua-installer action major v1.2.0 -> v2.2.0
docker/login-action action major v2 -> v3

Release Notes

actions/checkout (actions/checkout)

v4

Compare Source

aquaproj/aqua-installer (aquaproj/aqua-installer)

v2.2.0

Compare Source

Issues | Pull Requests | aquaproj/aqua-installer@v2.1.3...v2.2.0

Features

#​365 #​550 #​551 Output the guide to set the environment variable PATH

aqua-installer outputs the following guide.

===============================================================
[INFO] aqua is installed into /root/.local/share/aquaproj-aqua/bin/aqua
[INFO] Please add the path to the environment variable "PATH"
[INFO] export PATH=${AQUA_ROOT_DIR:-${XDG_DATA_HOME:-$HOME/.local/share}/aquaproj-aqua}/bin:$PATH
===============================================================

#​551 Use wget if curl isn't found

v2.1.3

Compare Source

Issues | Pull Requests | aquaproj/aqua-installer@v2.1.2...v2.1.3

#​545 Update the bootstrap version to v2.16.4

To support aqua v2.17.0 or later on Windows.

https://github.com/aquaproj/aqua/releases/tag/v2.16.1

To upgrade aqua to v2.17.0 or later on Windows, you need to upgrade aqua to v2.16.1 or later first.

v2.1.2

Compare Source

Issues | Pull Requests | aquaproj/aqua-installer@v2.1.1...v2.1.2

Fixes

#​432 Fix typo
#​461 #​463 Fix a bug that action doesn't work in a container

Fix a bug that action doesn't work in a container

#​461 #​463

GitHub Actions supports running a job in a container.

https://docs.github.com/en/actions/using-jobs/running-jobs-in-a-container

But in a container the variable ${{ github.action_path }} is wrong, so action can't access the script aqua-installer.
This is a known issue of GitHub Actions.

To solve the issue, we copy the content of the script aqua-installer into action itself, then action don't have to access the script aqua-installer.

v2.1.1

Compare Source

Issues | Pull Requests | aquaproj/aqua-installer@v2.1.0...v2.1.1

Others

#​411 Update the bootstrapping aqua v1.26.2 to v2.2.3

This update enables to verify prerelease versions by Cosign and slsa-verifier.

ref. https://aquaproj.github.io/docs/reference/upgrade-guide/v2/change-semver

v2.1.0

Compare Source

Issues | Pull Requests | aquaproj/aqua-installer@v2.0.2...v2.1.0

Features

#​403 Add an input policy_allow to run aqua policy allow

aqua >= v2.3.0

If policy_allow is true, aqua policy allow command is run.
If a Policy file path is set, aqua policy allow "${{inputs.policy_allow}}" is run.

See also

v2.0.2

Compare Source

Issues | Pull Requests | aquaproj/aqua-installer@v2.0.1...v2.0.2

Bug Fixes

#​303 Update aqua for bootstrap to v1.26.2

v2.0.1

Compare Source

Issues | Pull Requests | aquaproj/aqua-installer@v2.0.0...v2.0.1

Bug Fixes

#​300 Use shasum instead of sha256sum if sha256sum isn't found and skip checksum verification if they aren't found

  • Use shasum instead of sha256sum if sha256sum isn't found
  • If shasum and sha256sum aren't found, the checksum verification is skipped

v2.0.0

Compare Source

Issues | Pull Requests | aquaproj/aqua-installer@v1.2.0...v2.0.0

⚠️ Breaking Changes ⚠️

aqua-installer v2 doesn't support specifying the install path anymore.

Features

#​277 Verify aqua with slsa-verifier

By this feature, you can install aqua securely.

docker/login-action (docker/login-action)

v3

Compare Source


Configuration

📅 Schedule: Branch creation - "every weekday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

@mend-for-github-com mend-for-github-com bot requested a review from a team as a code owner January 16, 2024 12:53
@mend-for-github-com mend-for-github-com bot enabled auto-merge (squash) January 16, 2024 12:53
Copy link

codecov bot commented Jan 16, 2024

Codecov Report

Attention: 4 lines in your changes are missing coverage. Please review.

Comparison is base (e16cc43) 14.15% compared to head (78e8c98) 32.62%.
Report is 28 commits behind head on main.

❗ Current head 78e8c98 differs from pull request most recent head d03bef0. Consider uploading reports for the commit d03bef0 to get more accurate results

Files Patch % Lines
dga/dga.go 0.00% 4 Missing ⚠️
Additional details and impacted files
@@             Coverage Diff             @@
##             main      #46       +/-   ##
===========================================
+ Coverage   14.15%   32.62%   +18.46%     
===========================================
  Files           4        1        -3     
  Lines         431      187      -244     
===========================================
  Hits           61       61               
+ Misses        366      122      -244     
  Partials        4        4               

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@mend-for-github-com mend-for-github-com bot force-pushed the whitesource-remediate/major-github-actions branch from 78e8c98 to d03bef0 Compare January 16, 2024 12:57
Copy link
Contributor

@sheldonhull sheldonhull left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

@mend-for-github-com mend-for-github-com bot merged commit 7fe45b8 into main Jan 16, 2024
6 of 7 checks passed
@mend-for-github-com mend-for-github-com bot deleted the whitesource-remediate/major-github-actions branch January 16, 2024 12:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant