From d9ecd319c84d3f572829fe4a07327cdcea46b05e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 7 Aug 2024 13:04:48 +0000 Subject: [PATCH] Bump the github-actions group with 12 updates Bumps the github-actions group with 12 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `2` | `4` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `1` | `3` | | [docker/login-action](https://github.com/docker/login-action) | `1` | `3` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `2` | `6` | | [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `39` | `44` | | [actions/setup-python](https://github.com/actions/setup-python) | `4` | `5` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `2` | `4` | | [actions/setup-node](https://github.com/actions/setup-node) | `3` | `4` | | [actions/github-script](https://github.com/actions/github-script) | `6` | `7` | | [actions/labeler](https://github.com/actions/labeler) | `4` | `5` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.1.2` | `2.4.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `2.2.4` | `3.26.0` | Updates `actions/checkout` from 2 to 4 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v2...v4) Updates `docker/setup-buildx-action` from 1 to 3 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v1...v3) Updates `docker/login-action` from 1 to 3 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v1...v3) Updates `docker/build-push-action` from 2 to 6 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/v2...v6) Updates `tj-actions/changed-files` from 39 to 44 - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](https://github.com/tj-actions/changed-files/compare/v39...v44) Updates `actions/setup-python` from 4 to 5 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v4...v5) Updates `actions/upload-artifact` from 2 to 4 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v2...v4) Updates `actions/setup-node` from 3 to 4 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v3...v4) Updates `actions/github-script` from 6 to 7 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v6...v7) Updates `actions/labeler` from 4 to 5 - [Release notes](https://github.com/actions/labeler/releases) - [Commits](https://github.com/actions/labeler/compare/v4...v5) Updates `ossf/scorecard-action` from 2.1.2 to 2.4.0 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/e38b1902ae4f44df626f11ba0734b14fb91f8f86...62b2cac7ed8198b15735ed49ab1e5cf35480ba46) Updates `github/codeql-action` from 2.2.4 to 3.26.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/17573ee1cc1b9d061760f3a006fc4aac4f944fd5...eb055d739abdc2e8de2e5f4ba1a8b246daa779aa) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: tj-actions/changed-files dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/labeler dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/build_push_docker_image_Ubuntu.yml | 8 ++++---- .github/workflows/docs.yml | 4 ++-- .github/workflows/flang-tests.yml | 2 +- .github/workflows/libcxx-build-and-test.yaml | 6 +++--- .github/workflows/llvm-bugs.yml | 4 ++-- .github/workflows/llvm-project-tests.yml | 2 +- .github/workflows/new-prs.yml | 2 +- .github/workflows/pr-code-format.yml | 4 ++-- .github/workflows/pre-compile_llvm.yml | 6 +++--- .github/workflows/release-binaries.yml | 6 +++--- .github/workflows/release-documentation.yml | 8 ++++---- .github/workflows/release-doxygen.yml | 4 ++-- .github/workflows/release-lit.yml | 2 +- .github/workflows/release-tasks.yml | 2 +- .github/workflows/scorecard.yml | 8 ++++---- 15 files changed, 34 insertions(+), 34 deletions(-) diff --git a/.github/workflows/build_push_docker_image_Ubuntu.yml b/.github/workflows/build_push_docker_image_Ubuntu.yml index 9098fa7088e8..4c382d3e4db7 100644 --- a/.github/workflows/build_push_docker_image_Ubuntu.yml +++ b/.github/workflows/build_push_docker_image_Ubuntu.yml @@ -23,20 +23,20 @@ jobs: id: extract_branch - name: Checkout - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v1 + uses: docker/setup-buildx-action@v3 - name: Log in - uses: docker/login-action@v1 + uses: docker/login-action@v3 with: registry: ghcr.io username: ${{ github.repository_owner }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and push - uses: docker/build-push-action@v2 + uses: docker/build-push-action@v6 with: file: .github/workflows/UbuntuDockerfile push: true diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 5936cdc46a90..2fb947424f39 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -63,7 +63,7 @@ jobs: fetch-depth: 1 - name: Get subprojects that have doc changes id: docs-changed-subprojects - uses: tj-actions/changed-files@v39 + uses: tj-actions/changed-files@v44 with: files_yaml: | llvm: @@ -98,7 +98,7 @@ jobs: with: fetch-depth: 1 - name: Setup Python env - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: '3.11' cache: 'pip' diff --git a/.github/workflows/flang-tests.yml b/.github/workflows/flang-tests.yml index 216d5711e8d0..aa5996da24aa 100644 --- a/.github/workflows/flang-tests.yml +++ b/.github/workflows/flang-tests.yml @@ -23,7 +23,7 @@ jobs: version: 12 steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v4 - if: matrix.cc == 'clang' run: | diff --git a/.github/workflows/libcxx-build-and-test.yaml b/.github/workflows/libcxx-build-and-test.yaml index 5727b956dc6d..ac19fca40b4d 100644 --- a/.github/workflows/libcxx-build-and-test.yaml +++ b/.github/workflows/libcxx-build-and-test.yaml @@ -75,7 +75,7 @@ jobs: CC: ${{ matrix.cc }} CXX: ${{ matrix.cxx }} ENABLE_CLANG_TIDY: ${{ matrix.clang_tidy }} - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@v4 if: always() with: name: ${{ matrix.config }}-${{ matrix.cxx }}-results @@ -124,7 +124,7 @@ jobs: CC: ${{ matrix.cc }} CXX: ${{ matrix.cxx }} ENABLE_CLANG_TIDY: ${{ matrix.clang_tidy }} - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@v4 if: always() # Upload artifacts even if the build or test suite fails with: name: ${{ matrix.config }}-results @@ -189,7 +189,7 @@ jobs: CC: clang-18 CXX: clang++-18 ENABLE_CLANG_TIDY: "OFF" - - uses: actions/upload-artifact@v3 + - uses: actions/upload-artifact@v4 if: always() with: name: ${{ matrix.config }}-results diff --git a/.github/workflows/llvm-bugs.yml b/.github/workflows/llvm-bugs.yml index f592dd6ccd90..4797eea4e3d3 100644 --- a/.github/workflows/llvm-bugs.yml +++ b/.github/workflows/llvm-bugs.yml @@ -14,13 +14,13 @@ jobs: runs-on: ubuntu-latest if: github.repository == 'llvm/llvm-project' steps: - - uses: actions/setup-node@v3 + - uses: actions/setup-node@v4 with: node-version: 18 check-latest: true - run: npm install mailgun.js form-data - name: Send notification - uses: actions/github-script@v6 + uses: actions/github-script@v7 env: MAILGUN_API_KEY: ${{ secrets.LLVM_BUGS_KEY }} with: diff --git a/.github/workflows/llvm-project-tests.yml b/.github/workflows/llvm-project-tests.yml index 3d905ba5c4b2..8a41d82a7c4d 100644 --- a/.github/workflows/llvm-project-tests.yml +++ b/.github/workflows/llvm-project-tests.yml @@ -90,7 +90,7 @@ jobs: # Using this setup-python action to make 3.11 (64bit) the default - name: Setup Python if: ${{ matrix.os != 'self-hosted' }} - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: ${{ inputs.python_version }} - name: Install Ninja diff --git a/.github/workflows/new-prs.yml b/.github/workflows/new-prs.yml index a60f82ce35d1..b6b64b468367 100644 --- a/.github/workflows/new-prs.yml +++ b/.github/workflows/new-prs.yml @@ -67,7 +67,7 @@ jobs: github.event.pull_request.draft == false && github.event.pull_request.commits < 10 steps: - - uses: actions/labeler@v4 + - uses: actions/labeler@v5 with: configuration-path: .github/new-prs-labeler.yml # workaround for https://github.com/actions/labeler/issues/112 diff --git a/.github/workflows/pr-code-format.yml b/.github/workflows/pr-code-format.yml index 3d0c23917bd4..879c84ddcd9c 100644 --- a/.github/workflows/pr-code-format.yml +++ b/.github/workflows/pr-code-format.yml @@ -26,7 +26,7 @@ jobs: - name: Get changed files id: changed-files - uses: tj-actions/changed-files@v39 + uses: tj-actions/changed-files@v44 with: separator: "," skip_initial_fetch: true @@ -56,7 +56,7 @@ jobs: clangformat: 17.0.1 - name: Setup Python env - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: python-version: '3.11' cache: 'pip' diff --git a/.github/workflows/pre-compile_llvm.yml b/.github/workflows/pre-compile_llvm.yml index 1f8959539378..f735795767c6 100644 --- a/.github/workflows/pre-compile_llvm.yml +++ b/.github/workflows/pre-compile_llvm.yml @@ -71,7 +71,7 @@ jobs: mv llvm_build.tar.gz classic-flang-llvm-project/classic-flang-llvm-project/. - name: Upload llvm - uses: actions/upload-artifact@v2 + uses: actions/upload-artifact@v4 with: name: llvm_build_${{ matrix.target }}_${{ matrix.cc }}_${{ matrix.version }}_${{ steps.extract_branch.outputs.branch }} path: llvm_build.tar.gz @@ -92,7 +92,7 @@ jobs: # target: AArch64 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Setup Windows uses: llvm/actions/setup-windows@main @@ -124,7 +124,7 @@ jobs: Copy-Item llvm_build.7z -Destination $pwd/classic-flang-llvm-project/ - name: Upload llvm - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: llvm_build_win_${{ matrix.arch }}_clangcl_${{ steps.extract_branch.outputs.branch }} path: ${{ github.workspace }}\llvm_build.7z diff --git a/.github/workflows/release-binaries.yml b/.github/workflows/release-binaries.yml index ebf6fa41898d..282e2b781467 100644 --- a/.github/workflows/release-binaries.yml +++ b/.github/workflows/release-binaries.yml @@ -45,7 +45,7 @@ jobs: steps: - name: Checkout LLVM - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 # v4.1.1 - name: Check Permissions env: @@ -91,7 +91,7 @@ jobs: - ubuntu-22.04 steps: - name: Checkout LLVM - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 # v4.1.1 with: ref: ${{ needs.prepare.outputs.ref }} @@ -133,7 +133,7 @@ jobs: steps: - name: Checkout LLVM - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 # v4.1.1 with: ref: ${{ needs.prepare.outputs.ref }} path: ${{ needs.prepare.outputs.build-dir }}/llvm-project diff --git a/.github/workflows/release-documentation.yml b/.github/workflows/release-documentation.yml index 64572906988b..ade7adab8c52 100644 --- a/.github/workflows/release-documentation.yml +++ b/.github/workflows/release-documentation.yml @@ -34,10 +34,10 @@ jobs: upload: ${{ inputs.upload && !contains(inputs.release-version, 'rc') }} steps: - name: Checkout LLVM - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 # v4.1.1 - name: Setup Python env - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: cache: 'pip' cache-dependency-path: './llvm/docs/requirements.txt' @@ -59,14 +59,14 @@ jobs: ./llvm/utils/release/build-docs.sh -release "${{ inputs.release-version }}" -no-doxygen - name: Create Release Notes Artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: release-notes path: docs-build/html-export/ - name: Clone www-releases if: env.upload - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 # v4.1.1 with: repository: ${{ github.repository_owner }}/www-releases ref: main diff --git a/.github/workflows/release-doxygen.yml b/.github/workflows/release-doxygen.yml index 5e322849a1d0..692370774548 100644 --- a/.github/workflows/release-doxygen.yml +++ b/.github/workflows/release-doxygen.yml @@ -36,10 +36,10 @@ jobs: upload: ${{ inputs.upload && !contains(inputs.release-version, 'rc') }} steps: - name: Checkout LLVM - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 # v4.1.1 - name: Setup Python env - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: cache: 'pip' cache-dependency-path: './llvm/docs/requirements.txt' diff --git a/.github/workflows/release-lit.yml b/.github/workflows/release-lit.yml index 36b0b6edd518..210ad0ac6526 100644 --- a/.github/workflows/release-lit.yml +++ b/.github/workflows/release-lit.yml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout LLVM - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 # v4.1.1 with: ref: "llvmorg-${{ inputs.release-version }}" diff --git a/.github/workflows/release-tasks.yml b/.github/workflows/release-tasks.yml index 53da8662b020..57b1486259e2 100644 --- a/.github/workflows/release-tasks.yml +++ b/.github/workflows/release-tasks.yml @@ -36,7 +36,7 @@ jobs: sudo apt-get install python3-github - name: Checkout LLVM - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 # v4.1.1 - name: Create Release env: diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index b8e8ab26c3ff..a4e1290c2008 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -31,12 +31,12 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 # v3.1.0 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2 + uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 with: results_file: results.sarif results_format: sarif @@ -49,7 +49,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: SARIF file path: results.sarif @@ -57,6 +57,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4 + uses: github/codeql-action/upload-sarif@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 with: sarif_file: results.sarif