From abb33b62461210a597d5d5c5e4e2316c236f1555 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 28 Sep 2023 12:43:04 +0000 Subject: [PATCH 1/2] chore(deps): bump github/codeql-action from 2.21.7 to 2.21.9 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.21.7 to 2.21.9. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/04daf014b50eaf774287bf3f0f1869d4b4c4b913...ddccb873888234080b77e9bc2d4764d5ccaaccf9) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/linting-formatting.yml | 2 +- .github/workflows/vulnerability-scan.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/linting-formatting.yml b/.github/workflows/linting-formatting.yml index dc242f96..7ff8ffce 100644 --- a/.github/workflows/linting-formatting.yml +++ b/.github/workflows/linting-formatting.yml @@ -30,7 +30,7 @@ jobs: APPLY_FIXES: all VALIDATE_ALL_CODEBASE: true GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - uses: github/codeql-action/upload-sarif@04daf014b50eaf774287bf3f0f1869d4b4c4b913 # v2.21.7 + - uses: github/codeql-action/upload-sarif@ddccb873888234080b77e9bc2d4764d5ccaaccf9 # v2.21.9 if: ${{ success() || failure() }} with: sarif_file: megalinter-reports/megalinter-report.sarif diff --git a/.github/workflows/vulnerability-scan.yml b/.github/workflows/vulnerability-scan.yml index a4c67761..c1cdd34b 100644 --- a/.github/workflows/vulnerability-scan.yml +++ b/.github/workflows/vulnerability-scan.yml @@ -19,7 +19,7 @@ jobs: with: image: ghcr.io/${{ github.repository }}:latest dockerfile: .devcontainer/Dockerfile - - uses: github/codeql-action/upload-sarif@04daf014b50eaf774287bf3f0f1869d4b4c4b913 # v2.21.7 + - uses: github/codeql-action/upload-sarif@ddccb873888234080b77e9bc2d4764d5ccaaccf9 # v2.21.9 if: ${{ steps.scan.outputs.sarif != '' }} with: sarif_file: ${{ steps.scan.outputs.sarif }} From 0ba9b0fe611ad96a8620c429a48a3ab17a9400e1 Mon Sep 17 00:00:00 2001 From: Ron <45816308+rjaegers@users.noreply.github.com> Date: Thu, 28 Sep 2023 15:12:06 +0200 Subject: [PATCH 2/2] chore: fix line-endings --- .github/workflows/vulnerability-scan.yml | 46 ++++++++++++------------ 1 file changed, 23 insertions(+), 23 deletions(-) diff --git a/.github/workflows/vulnerability-scan.yml b/.github/workflows/vulnerability-scan.yml index c1cdd34b..3bae7fe0 100644 --- a/.github/workflows/vulnerability-scan.yml +++ b/.github/workflows/vulnerability-scan.yml @@ -1,25 +1,25 @@ ---- -name: Vulnerability Scan - -on: - schedule: - - cron: "30 2 * * *" - workflow_dispatch: - -permissions: {} - -jobs: - vulnerability-scan: - runs-on: ubuntu-latest - permissions: - security-events: write - steps: +--- +name: Vulnerability Scan + +on: + schedule: + - cron: "30 2 * * *" + workflow_dispatch: + +permissions: {} + +jobs: + vulnerability-scan: + runs-on: ubuntu-latest + permissions: + security-events: write + steps: - uses: crazy-max/ghaction-container-scan@3e9c23f89cd6b0bda949ffe14f28a3ce282323b7 # v3.0.0 - id: scan - with: - image: ghcr.io/${{ github.repository }}:latest - dockerfile: .devcontainer/Dockerfile + id: scan + with: + image: ghcr.io/${{ github.repository }}:latest + dockerfile: .devcontainer/Dockerfile - uses: github/codeql-action/upload-sarif@ddccb873888234080b77e9bc2d4764d5ccaaccf9 # v2.21.9 - if: ${{ steps.scan.outputs.sarif != '' }} - with: - sarif_file: ${{ steps.scan.outputs.sarif }} + if: ${{ steps.scan.outputs.sarif != '' }} + with: + sarif_file: ${{ steps.scan.outputs.sarif }}