From d73025053bdece7c4128177b8679e7de171b3de7 Mon Sep 17 00:00:00 2001 From: John Wesley Walker III <81404201+jww3@users.noreply.github.com> Date: Fri, 18 Oct 2024 13:23:42 +0200 Subject: [PATCH 01/11] Revise `isGhes` logic --- src/utils/actionUtils.ts | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/src/utils/actionUtils.ts b/src/utils/actionUtils.ts index dc18fa4..5796702 100644 --- a/src/utils/actionUtils.ts +++ b/src/utils/actionUtils.ts @@ -4,10 +4,16 @@ import * as core from "@actions/core"; import { RefKey } from "../constants"; export function isGhes(): boolean { - const ghUrl = new URL( - process.env["GITHUB_SERVER_URL"] || "https://github.com" - ); - return ghUrl.hostname.toUpperCase() !== "GITHUB.COM"; + const ghUrl = new URL( + process.env['GITHUB_SERVER_URL'] || 'https://github.com' + ); + + const hostname = ghUrl.hostname.trimEnd().toUpperCase() + const isGitHubHost = hostname === 'GITHUB.COM' + const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM') + const isLocalHost = hostname.endsWith('.LOCALHOST') + + return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost } export function isExactKeyMatch(key: string, cacheKey?: string): boolean { From 25942a73ac3e07f428f6787a5b11c9d84dd7c80d Mon Sep 17 00:00:00 2001 From: John Wesley Walker III <81404201+jww3@users.noreply.github.com> Date: Fri, 18 Oct 2024 13:25:07 +0000 Subject: [PATCH 02/11] ran `npm run build` --- dist/restore-only/index.js | 8 ++++++-- dist/restore/index.js | 8 ++++++-- dist/save-only/index.js | 8 ++++++-- dist/save/index.js | 8 ++++++-- 4 files changed, 24 insertions(+), 8 deletions(-) diff --git a/dist/restore-only/index.js b/dist/restore-only/index.js index 14e97b1..b7f7a4e 100644 --- a/dist/restore-only/index.js +++ b/dist/restore-only/index.js @@ -59585,8 +59585,12 @@ const cache = __importStar(__nccwpck_require__(7799)); const core = __importStar(__nccwpck_require__(2186)); const constants_1 = __nccwpck_require__(9042); function isGhes() { - const ghUrl = new URL(process.env["GITHUB_SERVER_URL"] || "https://github.com"); - return ghUrl.hostname.toUpperCase() !== "GITHUB.COM"; + const ghUrl = new URL(process.env['GITHUB_SERVER_URL'] || 'https://github.com'); + const hostname = ghUrl.hostname.trimEnd().toUpperCase(); + const isGitHubHost = hostname === 'GITHUB.COM'; + const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM'); + const isLocalHost = hostname.endsWith('.LOCALHOST'); + return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost; } exports.isGhes = isGhes; function isExactKeyMatch(key, cacheKey) { diff --git a/dist/restore/index.js b/dist/restore/index.js index 29b70b2..70ff2ca 100644 --- a/dist/restore/index.js +++ b/dist/restore/index.js @@ -59585,8 +59585,12 @@ const cache = __importStar(__nccwpck_require__(7799)); const core = __importStar(__nccwpck_require__(2186)); const constants_1 = __nccwpck_require__(9042); function isGhes() { - const ghUrl = new URL(process.env["GITHUB_SERVER_URL"] || "https://github.com"); - return ghUrl.hostname.toUpperCase() !== "GITHUB.COM"; + const ghUrl = new URL(process.env['GITHUB_SERVER_URL'] || 'https://github.com'); + const hostname = ghUrl.hostname.trimEnd().toUpperCase(); + const isGitHubHost = hostname === 'GITHUB.COM'; + const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM'); + const isLocalHost = hostname.endsWith('.LOCALHOST'); + return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost; } exports.isGhes = isGhes; function isExactKeyMatch(key, cacheKey) { diff --git a/dist/save-only/index.js b/dist/save-only/index.js index f542b2c..04f0fa0 100644 --- a/dist/save-only/index.js +++ b/dist/save-only/index.js @@ -59598,8 +59598,12 @@ const cache = __importStar(__nccwpck_require__(7799)); const core = __importStar(__nccwpck_require__(2186)); const constants_1 = __nccwpck_require__(9042); function isGhes() { - const ghUrl = new URL(process.env["GITHUB_SERVER_URL"] || "https://github.com"); - return ghUrl.hostname.toUpperCase() !== "GITHUB.COM"; + const ghUrl = new URL(process.env['GITHUB_SERVER_URL'] || 'https://github.com'); + const hostname = ghUrl.hostname.trimEnd().toUpperCase(); + const isGitHubHost = hostname === 'GITHUB.COM'; + const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM'); + const isLocalHost = hostname.endsWith('.LOCALHOST'); + return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost; } exports.isGhes = isGhes; function isExactKeyMatch(key, cacheKey) { diff --git a/dist/save/index.js b/dist/save/index.js index f137655..3b9658a 100644 --- a/dist/save/index.js +++ b/dist/save/index.js @@ -59598,8 +59598,12 @@ const cache = __importStar(__nccwpck_require__(7799)); const core = __importStar(__nccwpck_require__(2186)); const constants_1 = __nccwpck_require__(9042); function isGhes() { - const ghUrl = new URL(process.env["GITHUB_SERVER_URL"] || "https://github.com"); - return ghUrl.hostname.toUpperCase() !== "GITHUB.COM"; + const ghUrl = new URL(process.env['GITHUB_SERVER_URL'] || 'https://github.com'); + const hostname = ghUrl.hostname.trimEnd().toUpperCase(); + const isGitHubHost = hostname === 'GITHUB.COM'; + const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM'); + const isLocalHost = hostname.endsWith('.LOCALHOST'); + return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost; } exports.isGhes = isGhes; function isExactKeyMatch(key, cacheKey) { From 71d826cc3307623babdbd7bef45bf9d6f1207d39 Mon Sep 17 00:00:00 2001 From: John Wesley Walker III <81404201+jww3@users.noreply.github.com> Date: Fri, 18 Oct 2024 13:52:16 +0000 Subject: [PATCH 03/11] appease the linter --- dist/restore-only/index.js | 8 ++++---- dist/restore/index.js | 8 ++++---- dist/save-only/index.js | 8 ++++---- dist/save/index.js | 8 ++++---- src/utils/actionUtils.ts | 16 ++++++++-------- 5 files changed, 24 insertions(+), 24 deletions(-) diff --git a/dist/restore-only/index.js b/dist/restore-only/index.js index b7f7a4e..828dbd1 100644 --- a/dist/restore-only/index.js +++ b/dist/restore-only/index.js @@ -59585,11 +59585,11 @@ const cache = __importStar(__nccwpck_require__(7799)); const core = __importStar(__nccwpck_require__(2186)); const constants_1 = __nccwpck_require__(9042); function isGhes() { - const ghUrl = new URL(process.env['GITHUB_SERVER_URL'] || 'https://github.com'); + const ghUrl = new URL(process.env["GITHUB_SERVER_URL"] || "https://github.com"); const hostname = ghUrl.hostname.trimEnd().toUpperCase(); - const isGitHubHost = hostname === 'GITHUB.COM'; - const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM'); - const isLocalHost = hostname.endsWith('.LOCALHOST'); + const isGitHubHost = hostname === "GITHUB.COM"; + const isGitHubEnterpriseCloudHost = hostname.endsWith(".GHE.COM"); + const isLocalHost = hostname.endsWith(".LOCALHOST"); return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost; } exports.isGhes = isGhes; diff --git a/dist/restore/index.js b/dist/restore/index.js index 70ff2ca..dbf9432 100644 --- a/dist/restore/index.js +++ b/dist/restore/index.js @@ -59585,11 +59585,11 @@ const cache = __importStar(__nccwpck_require__(7799)); const core = __importStar(__nccwpck_require__(2186)); const constants_1 = __nccwpck_require__(9042); function isGhes() { - const ghUrl = new URL(process.env['GITHUB_SERVER_URL'] || 'https://github.com'); + const ghUrl = new URL(process.env["GITHUB_SERVER_URL"] || "https://github.com"); const hostname = ghUrl.hostname.trimEnd().toUpperCase(); - const isGitHubHost = hostname === 'GITHUB.COM'; - const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM'); - const isLocalHost = hostname.endsWith('.LOCALHOST'); + const isGitHubHost = hostname === "GITHUB.COM"; + const isGitHubEnterpriseCloudHost = hostname.endsWith(".GHE.COM"); + const isLocalHost = hostname.endsWith(".LOCALHOST"); return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost; } exports.isGhes = isGhes; diff --git a/dist/save-only/index.js b/dist/save-only/index.js index 04f0fa0..434fac7 100644 --- a/dist/save-only/index.js +++ b/dist/save-only/index.js @@ -59598,11 +59598,11 @@ const cache = __importStar(__nccwpck_require__(7799)); const core = __importStar(__nccwpck_require__(2186)); const constants_1 = __nccwpck_require__(9042); function isGhes() { - const ghUrl = new URL(process.env['GITHUB_SERVER_URL'] || 'https://github.com'); + const ghUrl = new URL(process.env["GITHUB_SERVER_URL"] || "https://github.com"); const hostname = ghUrl.hostname.trimEnd().toUpperCase(); - const isGitHubHost = hostname === 'GITHUB.COM'; - const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM'); - const isLocalHost = hostname.endsWith('.LOCALHOST'); + const isGitHubHost = hostname === "GITHUB.COM"; + const isGitHubEnterpriseCloudHost = hostname.endsWith(".GHE.COM"); + const isLocalHost = hostname.endsWith(".LOCALHOST"); return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost; } exports.isGhes = isGhes; diff --git a/dist/save/index.js b/dist/save/index.js index 3b9658a..b8828f3 100644 --- a/dist/save/index.js +++ b/dist/save/index.js @@ -59598,11 +59598,11 @@ const cache = __importStar(__nccwpck_require__(7799)); const core = __importStar(__nccwpck_require__(2186)); const constants_1 = __nccwpck_require__(9042); function isGhes() { - const ghUrl = new URL(process.env['GITHUB_SERVER_URL'] || 'https://github.com'); + const ghUrl = new URL(process.env["GITHUB_SERVER_URL"] || "https://github.com"); const hostname = ghUrl.hostname.trimEnd().toUpperCase(); - const isGitHubHost = hostname === 'GITHUB.COM'; - const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM'); - const isLocalHost = hostname.endsWith('.LOCALHOST'); + const isGitHubHost = hostname === "GITHUB.COM"; + const isGitHubEnterpriseCloudHost = hostname.endsWith(".GHE.COM"); + const isLocalHost = hostname.endsWith(".LOCALHOST"); return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost; } exports.isGhes = isGhes; diff --git a/src/utils/actionUtils.ts b/src/utils/actionUtils.ts index 5796702..260d4fd 100644 --- a/src/utils/actionUtils.ts +++ b/src/utils/actionUtils.ts @@ -4,16 +4,16 @@ import * as core from "@actions/core"; import { RefKey } from "../constants"; export function isGhes(): boolean { - const ghUrl = new URL( - process.env['GITHUB_SERVER_URL'] || 'https://github.com' - ); + const ghUrl = new URL( + process.env["GITHUB_SERVER_URL"] || "https://github.com" + ); - const hostname = ghUrl.hostname.trimEnd().toUpperCase() - const isGitHubHost = hostname === 'GITHUB.COM' - const isGitHubEnterpriseCloudHost = hostname.endsWith('.GHE.COM') - const isLocalHost = hostname.endsWith('.LOCALHOST') + const hostname = ghUrl.hostname.trimEnd().toUpperCase(); + const isGitHubHost = hostname === "GITHUB.COM"; + const isGitHubEnterpriseCloudHost = hostname.endsWith(".GHE.COM"); + const isLocalHost = hostname.endsWith(".LOCALHOST"); - return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost + return !isGitHubHost && !isGitHubEnterpriseCloudHost && !isLocalHost; } export function isExactKeyMatch(key: string, cacheKey?: string): boolean { From e7e2547a8838154c29f0db50c6dc7866b71a8ac2 Mon Sep 17 00:00:00 2001 From: John Wesley Walker III <81404201+jww3@users.noreply.github.com> Date: Fri, 18 Oct 2024 17:22:08 +0000 Subject: [PATCH 04/11] added unit tests --- __tests__/actionUtils.test.ts | 36 ++++++++++++++++++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) diff --git a/__tests__/actionUtils.test.ts b/__tests__/actionUtils.test.ts index f98a76e..c2e6823 100644 --- a/__tests__/actionUtils.test.ts +++ b/__tests__/actionUtils.test.ts @@ -8,17 +8,26 @@ import * as testUtils from "../src/utils/testUtils"; jest.mock("@actions/core"); jest.mock("@actions/cache"); +let pristineEnv: NodeJS.ProcessEnv; + beforeAll(() => { + pristineEnv = process.env; jest.spyOn(core, "getInput").mockImplementation((name, options) => { return jest.requireActual("@actions/core").getInput(name, options); }); }); -afterEach(() => { +beforeEach(() => { + jest.resetModules(); + process.env = pristineEnv; delete process.env[Events.Key]; delete process.env[RefKey]; }); +afterAll(() => { + process.env = pristineEnv; +}); + test("isGhes returns true if server url is not github.com", () => { try { process.env["GITHUB_SERVER_URL"] = "http://example.com"; @@ -231,3 +240,28 @@ test("isCacheFeatureAvailable for ac disabled on dotcom", () => { delete process.env["GITHUB_SERVER_URL"]; } }); + +test("isGhes returns false when the GITHUB_SERVER_URL environment variable is not defined", async () => { + delete process.env["GITHUB_SERVER_URL"]; + expect(actionUtils.isGhes()).toBeFalsy(); +}); + +test("isGhes returns false when the GITHUB_SERVER_URL environment variable is set to github.com", async () => { + process.env["GITHUB_SERVER_URL"] = "https://github.com"; + expect(actionUtils.isGhes()).toBeFalsy(); +}); + +test("isGhes returns false when the GITHUB_SERVER_URL environment variable is set to a GitHub Enterprise Cloud-style URL", async () => { + process.env["GITHUB_SERVER_URL"] = "https://contoso.ghe.com"; + expect(actionUtils.isGhes()).toBeFalsy(); +}); + +test("isGhes returns false when the GITHUB_SERVER_URL environment variable has a .localhost suffix", async () => { + process.env["GITHUB_SERVER_URL"] = "https://mock-github.localhost"; + expect(actionUtils.isGhes()).toBeFalsy(); +}); + +test("isGhes returns true when the GITHUB_SERVER_URL environment variable is set to some other URL", async () => { + process.env["GITHUB_SERVER_URL"] = "https://src.onpremise.fabrikam.com"; + expect(actionUtils.isGhes()).toBeTruthy(); +}); From 8585f2ac5c35871385bd153f184fa6d6b3a6e5c3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 22 Oct 2024 09:52:18 +0000 Subject: [PATCH 05/11] Bump braces from 3.0.2 to 3.0.3 Bumps [braces](https://github.com/micromatch/braces) from 3.0.2 to 3.0.3. - [Changelog](https://github.com/micromatch/braces/blob/master/CHANGELOG.md) - [Commits](https://github.com/micromatch/braces/compare/3.0.2...3.0.3) --- updated-dependencies: - dependency-name: braces dependency-type: indirect ... Signed-off-by: dependabot[bot] --- package-lock.json | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/package-lock.json b/package-lock.json index fb36255..b3e6311 100644 --- a/package-lock.json +++ b/package-lock.json @@ -3521,12 +3521,12 @@ } }, "node_modules/braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "dependencies": { - "fill-range": "^7.0.1" + "fill-range": "^7.1.1" }, "engines": { "node": ">=8" @@ -4622,9 +4622,9 @@ } }, "node_modules/fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, "dependencies": { "to-regex-range": "^5.0.1" @@ -12302,12 +12302,12 @@ } }, "braces": { - "version": "3.0.2", - "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.2.tgz", - "integrity": "sha512-b8um+L1RzM3WDSzvhm6gIz1yfTbBt6YTlcEKAvsmqCZZFw46z626lVj9j1yEPW33H5H+lBQpZMP1k8l+78Ha0A==", + "version": "3.0.3", + "resolved": "https://registry.npmjs.org/braces/-/braces-3.0.3.tgz", + "integrity": "sha512-yQbXgO/OSZVD2IsiLlro+7Hf6Q18EJrKSEsdoMzKePKXct3gvD8oLcOQdIzGupr5Fj+EDe8gO/lxc1BzfMpxvA==", "dev": true, "requires": { - "fill-range": "^7.0.1" + "fill-range": "^7.1.1" } }, "browserslist": { @@ -13127,9 +13127,9 @@ } }, "fill-range": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.0.1.tgz", - "integrity": "sha512-qOo9F+dMUmC2Lcb4BbVvnKJxTPjCm+RRpe4gDuGrzkL7mEVl/djYSu2OdQ2Pa302N4oqkSg9ir6jaLWJ2USVpQ==", + "version": "7.1.1", + "resolved": "https://registry.npmjs.org/fill-range/-/fill-range-7.1.1.tgz", + "integrity": "sha512-YsGpe3WHLK8ZYi4tWDg2Jy3ebRz2rXowDxnld4bkQB00cc/1Zw9AWnC0i9ztDJitivtQvaI9KaLyKrc+hBW0yg==", "dev": true, "requires": { "to-regex-range": "^5.0.1" From 772385291fdf13835d5d4d108c82004ca6ae5c72 Mon Sep 17 00:00:00 2001 From: Bassem Dghaidi <568794+Link-@users.noreply.github.com> Date: Tue, 22 Oct 2024 12:34:45 +0200 Subject: [PATCH 06/11] Create dependabot.yml --- .github/dependabot.yml | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 .github/dependabot.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..8b18d47 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,22 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://docs.github.com/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file + +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + groups: + minor-actions-dependencies: + update-types: [minor, patch] + + - package-ecosystem: "npm" + directory: "/" + schedule: + interval: "daily" + allow: + - dependency-type: direct + - dependency-type: production From aa55e5f34442977606949c0b1e1e3b63b01825e8 Mon Sep 17 00:00:00 2001 From: Bassem Dghaidi <568794+Link-@users.noreply.github.com> Date: Tue, 22 Oct 2024 03:54:14 -0700 Subject: [PATCH 07/11] Prepare release 4.1.2 --- RELEASES.md | 7 +++++++ package.json | 4 ++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/RELEASES.md b/RELEASES.md index b490d02..3188c6b 100644 --- a/RELEASES.md +++ b/RELEASES.md @@ -1,9 +1,16 @@ # Releases +### 4.1.2 + +- Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - [#1474](https://github.com/actions/cache/pull/1474) +- Security fix: Bump braces from 3.0.2 to 3.0.3 - [#1475](https://github.com/actions/cache/pull/1475) + ### 4.1.1 + - Restore original behavior of `cache-hit` output - [#1467](https://github.com/actions/cache/pull/1467) ### 4.1.0 + - Ensure `cache-hit` output is set when a cache is missed - [#1404](https://github.com/actions/cache/pull/1404) - Deprecate `save-always` input - [#1452](https://github.com/actions/cache/pull/1452) diff --git a/package.json b/package.json index ce050e5..f6e72fd 100644 --- a/package.json +++ b/package.json @@ -1,6 +1,6 @@ { "name": "cache", - "version": "4.1.1", + "version": "4.1.2", "private": true, "description": "Cache dependencies and build outputs", "main": "dist/restore/index.js", @@ -48,4 +48,4 @@ "ts-jest": "^28.0.8", "typescript": "^4.9.3" } -} +} \ No newline at end of file From 5d692d65f4372bbc45a7a8c6e7e1b46c6be8b566 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 22 Oct 2024 11:04:20 +0000 Subject: [PATCH 08/11] Bump actions/checkout from 3 to 4 Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 2 +- .github/workflows/workflow.yml | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f699c5f..74745e9 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/workflow.yml b/.github/workflows/workflow.yml index 2a53c19..5af7599 100644 --- a/.github/workflows/workflow.yml +++ b/.github/workflows/workflow.yml @@ -20,7 +20,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Setup Node.js 20.x uses: actions/setup-node@v3 with: @@ -43,7 +43,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Generate files in working directory shell: bash run: __tests__/create-cache-files.sh ${{ runner.os }} test-cache @@ -66,7 +66,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Restore cache uses: ./ with: @@ -96,7 +96,7 @@ jobs: https_proxy: http://squid-proxy:3128 steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Generate files run: __tests__/create-cache-files.sh proxy test-cache - name: Save cache @@ -119,7 +119,7 @@ jobs: https_proxy: http://squid-proxy:3128 steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Restore cache uses: ./ with: From 4ca707157697cfa3bd51f50ab35604404479c890 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 22 Oct 2024 11:04:21 +0000 Subject: [PATCH 09/11] Bump actions/stale from 3 to 9 Bumps [actions/stale](https://github.com/actions/stale) from 3 to 9. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v3...v9) --- updated-dependencies: - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/close-inactive-issues.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/close-inactive-issues.yml b/.github/workflows/close-inactive-issues.yml index aea77e9..fe6d19f 100644 --- a/.github/workflows/close-inactive-issues.yml +++ b/.github/workflows/close-inactive-issues.yml @@ -10,7 +10,7 @@ jobs: issues: write pull-requests: write steps: - - uses: actions/stale@v3 + - uses: actions/stale@v9 with: days-before-issue-stale: 200 days-before-issue-close: 5 From 255c8ff30658bb5ca07bacfa4da0607b1473f6c3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 22 Oct 2024 11:12:37 +0000 Subject: [PATCH 10/11] Bump actions/setup-node from 3 to 4 Bumps [actions/setup-node](https://github.com/actions/setup-node) from 3 to 4. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/workflow.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/workflow.yml b/.github/workflows/workflow.yml index 5af7599..5fd1dab 100644 --- a/.github/workflows/workflow.yml +++ b/.github/workflows/workflow.yml @@ -22,7 +22,7 @@ jobs: - name: Checkout uses: actions/checkout@v4 - name: Setup Node.js 20.x - uses: actions/setup-node@v3 + uses: actions/setup-node@v4 with: node-version: 20.x cache: npm From 02bf31969bcc471fd5f91b5896ae17beb0973413 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 22 Oct 2024 11:14:30 +0000 Subject: [PATCH 11/11] Bump github/codeql-action from 2 to 3 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v2...v3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 74745e9..5c352e3 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -21,7 +21,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 # Override language selection by uncommenting this and choosing your languages # with: # languages: go, javascript, csharp, python, cpp, java, ruby @@ -29,7 +29,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -43,4 +43,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3