From cf446a2285a28c928f33307033fb93646f3a4beb Mon Sep 17 00:00:00 2001 From: "m.semalaiappan" Date: Tue, 13 Feb 2024 23:00:53 -0600 Subject: [PATCH 1/3] Security Vulnerability Check on Release Tags Workflow Added --- ...ty Vulnerability Check on Release Tags.yml | 75 +++++++++++++++++++ 1 file changed, 75 insertions(+) create mode 100644 .github/workflows/Security Vulnerability Check on Release Tags.yml diff --git a/.github/workflows/Security Vulnerability Check on Release Tags.yml b/.github/workflows/Security Vulnerability Check on Release Tags.yml new file mode 100644 index 0000000000..39641b87bd --- /dev/null +++ b/.github/workflows/Security Vulnerability Check on Release Tags.yml @@ -0,0 +1,75 @@ +# SPDX-License-Identifier: Apache-2.0 +# Licensed to the Ed-Fi Alliance under one or more agreements. +# The Ed-Fi Alliance licenses this file to you under the Apache License, Version 2.0. +# See the LICENSE and NOTICES files in the project root for more information. + +name: Security Vulnerability Check on Release Tags + +on: + schedule: + - cron: '0 0 * * *' + pull_request: + branches: [main] + +env: + EDFI_ODS_IMP_TOKEN: ${{ secrets.REPO_DISPATCH_TOKEN }} + REPOSITORY_OWNER: ${{ GITHUB.REPOSITORY_OWNER }} +jobs: + Security-Vulnerability-Check-Each-Release-Tag: + runs-on: ubuntu-latest + strategy: + matrix: + tag: ["v5.3-patch5","v6.1-patch3","v7.1-patch1"] + name: ${{ matrix.tag }} Security-Vulnerabilities Check + outputs: + tag-status: ${{ steps.check-vulnerabilities.outputs.tag-status }} + continue-on-error: true + steps: + - name: Checkout Ed-Fi-ODS + uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + with: + repository: Ed-Fi-Alliance-OSS/Ed-Fi-ODS + path: Ed-Fi-ODS/ + ref: ${{ matrix.tag }} + - name: Make Dependency-Check-HTML-report-${{ matrix.tag }} folder + run: | + Set-Location $env:GITHUB_WORKSPACE + New-Item -ItemType Directory -Path ("Dependency-Check-HTML-report-" + "${{ matrix.tag }}") -Force + shell: pwsh + - name: Run dependency-check + uses: dependency-check/Dependency-Check_Action@main + with: + project: 'Ed-Fi-ODS' + path: './Ed-Fi-ODS/Application/' + format: 'HTML' + out: './Dependency-Check-HTML-report-${{ matrix.tag }}' + args: '--failOnCVSS 7' + - name: Upload Dependency-Check HTML report Artifacts + if: success() || failure() + uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + with: + name: Dependency-Check-HTML-report-${{ matrix.tag }}-Artifacts + path: ${{ github.workspace }}/Dependency-Check-HTML-report-${{ matrix.tag }}/dependency-check-report.html + Final-Check: + runs-on: ubuntu-latest + needs: Security-Vulnerability-Check-Each-Release-Tag + steps: + - name: Get job statuses for each tag + run: | + $token = $env:EDFI_ODS_IMP_TOKEN + $repositoryOwner = $env:REPOSITORY_OWNER + $repositoryName = "Ed-Fi-ODS" + $workflowRunId = $env:GITHUB_RUN_ID + + $url = "https://api.github.com/repos/$repositoryOwner/$repositoryName/actions/runs/$workflowRunId/jobs" + $jobs = Invoke-RestMethod -Uri $url -Headers @{Authorization="Bearer $token"} + + $failedJobs = $jobs.jobs | Where-Object { $_.conclusion -eq "failure" } + if ($failedJobs) { + $failedJobNames = $failedJobs | ForEach-Object { $_.name } + Write-Host "Failed jobs: $($failedJobNames -join ', ')" + exit 1 + } else { + Write-Host "All jobs passed" + } + shell: pwsh \ No newline at end of file From 8c6735b10ad2d93449a5f2d6e66d57d0c95d4a17 Mon Sep 17 00:00:00 2001 From: "m.semalaiappan" Date: Wed, 14 Feb 2024 10:27:46 -0600 Subject: [PATCH 2/3] Empty-Commit From 934010992057a1dbf3e809175bde8e7c3f0c3f7e Mon Sep 17 00:00:00 2001 From: "m.semalaiappan" Date: Wed, 14 Feb 2024 10:52:12 -0600 Subject: [PATCH 3/3] Node.js 16 actions are deprecated - Warming Code Fix --- .github/workflows/Lib edFi.admin.dataaccess manual.yml | 2 +- .github/workflows/Lib edFi.common manual.yml | 2 +- .github/workflows/Lib edFi.loadtools manual.yml | 2 +- .github/workflows/Lib edFi.ods.api manual.yml | 2 +- .github/workflows/Lib edFi.ods.common manual.yml | 2 +- .github/workflows/Lib edFi.ods.standard manual.yml | 2 +- .github/workflows/Lib edFi.security.dataaccess manual.yml | 2 +- .github/workflows/Pkg EdFi.Database.Admin.yml | 2 +- .github/workflows/Pkg EdFi.Database.Security.yml | 2 +- .github/workflows/Pkg EdFi.Ods.CodeGen.yml | 2 +- .../workflows/Pkg EdFi.Ods.Minimal.Template.PostgreSQL.yml | 4 ++-- .../Pkg EdFi.Ods.Minimal.Template.TPDM.PostgreSQL.yml | 4 ++-- .github/workflows/Pkg EdFi.Ods.Minimal.Template.TPDM.yml | 4 ++-- .github/workflows/Pkg EdFi.Ods.Minimal.Template.yml | 4 ++-- .../workflows/Pkg EdFi.Ods.Populated.Template.PostgreSQL.yml | 4 ++-- .../Pkg EdFi.Ods.Populated.Template.TPDM.PostgreSQL.yml | 4 ++-- .github/workflows/Pkg EdFi.Ods.Populated.Template.TPDM.yml | 4 ++-- .github/workflows/Pkg EdFi.Ods.Populated.Template.yml | 4 ++-- .../Security Vulnerability Check on Release Tags.yml | 2 +- 19 files changed, 27 insertions(+), 27 deletions(-) diff --git a/.github/workflows/Lib edFi.admin.dataaccess manual.yml b/.github/workflows/Lib edFi.admin.dataaccess manual.yml index 6ac098e963..dd319bac6b 100644 --- a/.github/workflows/Lib edFi.admin.dataaccess manual.yml +++ b/.github/workflows/Lib edFi.admin.dataaccess manual.yml @@ -81,7 +81,7 @@ jobs: shell: pwsh - name: Upload EdFi.Suite3.Admin.DataAccess Artifacts if: success() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: NugetPackages.Artifacts path: ${{ github.workspace }}/NugetPackages/*.nupkg \ No newline at end of file diff --git a/.github/workflows/Lib edFi.common manual.yml b/.github/workflows/Lib edFi.common manual.yml index 6d6fd096ff..591109191d 100644 --- a/.github/workflows/Lib edFi.common manual.yml +++ b/.github/workflows/Lib edFi.common manual.yml @@ -81,7 +81,7 @@ jobs: shell: pwsh - name: Upload EdFi.Suite3.Common Artifacts if: success() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: NugetPackages.Artifacts path: ${{ github.workspace }}/NugetPackages/*.nupkg \ No newline at end of file diff --git a/.github/workflows/Lib edFi.loadtools manual.yml b/.github/workflows/Lib edFi.loadtools manual.yml index 076ef5b623..0fae70a413 100644 --- a/.github/workflows/Lib edFi.loadtools manual.yml +++ b/.github/workflows/Lib edFi.loadtools manual.yml @@ -99,7 +99,7 @@ jobs: shell: pwsh - name: Upload EdFi.LoadTools Artifacts if: success() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: NugetPackages.Artifacts path: ${{ github.workspace }}/NugetPackages/*.nupkg \ No newline at end of file diff --git a/.github/workflows/Lib edFi.ods.api manual.yml b/.github/workflows/Lib edFi.ods.api manual.yml index 7b71cc97fc..00be705667 100644 --- a/.github/workflows/Lib edFi.ods.api manual.yml +++ b/.github/workflows/Lib edFi.ods.api manual.yml @@ -81,7 +81,7 @@ jobs: shell: pwsh - name: Upload EdFi.Ods.Api Artifacts if: success() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: NugetPackages.Artifacts path: ${{ github.workspace }}/NugetPackages/*.* diff --git a/.github/workflows/Lib edFi.ods.common manual.yml b/.github/workflows/Lib edFi.ods.common manual.yml index ad2ea0f2e0..dc29abe56a 100644 --- a/.github/workflows/Lib edFi.ods.common manual.yml +++ b/.github/workflows/Lib edFi.ods.common manual.yml @@ -81,7 +81,7 @@ jobs: shell: pwsh - name: Upload EdFi.Ods.Common Artifacts if: success() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: NugetPackages.Artifacts path: ${{ github.workspace }}/NugetPackages/*.* \ No newline at end of file diff --git a/.github/workflows/Lib edFi.ods.standard manual.yml b/.github/workflows/Lib edFi.ods.standard manual.yml index 83d9f9c40f..51fa5cfb1d 100644 --- a/.github/workflows/Lib edFi.ods.standard manual.yml +++ b/.github/workflows/Lib edFi.ods.standard manual.yml @@ -114,7 +114,7 @@ jobs: shell: pwsh - name: Upload EdFi.Ods.Standard Artifacts if: success() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: NugetPackages.Artifacts path: ${{ github.workspace }}/Ed-Fi-ODS/NugetPackages/EdFi.Suite3.Ods.Standard.*.nupkg diff --git a/.github/workflows/Lib edFi.security.dataaccess manual.yml b/.github/workflows/Lib edFi.security.dataaccess manual.yml index 5d1bd7aa1f..fa1135e0b0 100644 --- a/.github/workflows/Lib edFi.security.dataaccess manual.yml +++ b/.github/workflows/Lib edFi.security.dataaccess manual.yml @@ -81,7 +81,7 @@ jobs: shell: pwsh - name: Upload EdFi.Suite3.Security.DataAccess Artifacts if: success() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: NugetPackages.Artifacts path: ${{ github.workspace }}/NugetPackages/*.nupkg \ No newline at end of file diff --git a/.github/workflows/Pkg EdFi.Database.Admin.yml b/.github/workflows/Pkg EdFi.Database.Admin.yml index 443eeeb14f..99e6d1215b 100644 --- a/.github/workflows/Pkg EdFi.Database.Admin.yml +++ b/.github/workflows/Pkg EdFi.Database.Admin.yml @@ -128,7 +128,7 @@ jobs: .\build.githubactions.ps1 publish -InformationalVersion ${{ env.INFORMATIONAL_VERSION }} -BuildCounter ${{ github.run_number }} -BuildIncrementer ${{env.BUILD_INCREMENTER}} -NuGetApiKey ${{ env.AZURE_ARTIFACT_NUGET_KEY }} -EdFiNuGetFeed ${{env.AZURE_ARTIFACT_URL}} -PackageName "EdFi.Database.Admin.PostgreSQL.Standard.${{ matrix.StandardVersion }}" - name: Upload EdFi.Database.Admin Artifacts if: success() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: NugetPackages.Artifacts path: ${{ github.workspace }}/Ed-Fi-ODS/NugetPackages/*.nupkg diff --git a/.github/workflows/Pkg EdFi.Database.Security.yml b/.github/workflows/Pkg EdFi.Database.Security.yml index 63df06b208..955e013a09 100644 --- a/.github/workflows/Pkg EdFi.Database.Security.yml +++ b/.github/workflows/Pkg EdFi.Database.Security.yml @@ -129,7 +129,7 @@ jobs: shell: powershell - name: Upload EdFi.Database.Security Artifacts if: success() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: NugetPackages.Artifacts path: ${{ github.workspace }}/Ed-Fi-ODS/NugetPackages/*.nupkg diff --git a/.github/workflows/Pkg EdFi.Ods.CodeGen.yml b/.github/workflows/Pkg EdFi.Ods.CodeGen.yml index 50fc071785..b5d3def83f 100644 --- a/.github/workflows/Pkg EdFi.Ods.CodeGen.yml +++ b/.github/workflows/Pkg EdFi.Ods.CodeGen.yml @@ -129,7 +129,7 @@ jobs: shell: pwsh - name: Upload EdFi.Ods.CodeGen NugetPackage if: success() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: NugetPackage.Artifacts path: ${{ github.workspace }}/Ed-Fi-ODS/NugetPackages/*.nupkg diff --git a/.github/workflows/Pkg EdFi.Ods.Minimal.Template.PostgreSQL.yml b/.github/workflows/Pkg EdFi.Ods.Minimal.Template.PostgreSQL.yml index 10064504c7..1558c6ac38 100644 --- a/.github/workflows/Pkg EdFi.Ods.Minimal.Template.PostgreSQL.yml +++ b/.github/workflows/Pkg EdFi.Ods.Minimal.Template.PostgreSQL.yml @@ -161,7 +161,7 @@ jobs: shell: pwsh - name: Upload EdFi.Ods.Minimal.Template Artifacts if: success() || failure() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: NugetPackages.Artifacts path: ${{ github.workspace }}/Ed-Fi-ODS/NugetPackages/EdFi.Suite3.Ods.Minimal.Template.PostgreSQL*.nupkg @@ -182,7 +182,7 @@ jobs: shell: pwsh - name: Upload Create Database Template Logs if: success() || failure() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: Create Database Template Logs path: | diff --git a/.github/workflows/Pkg EdFi.Ods.Minimal.Template.TPDM.PostgreSQL.yml b/.github/workflows/Pkg EdFi.Ods.Minimal.Template.TPDM.PostgreSQL.yml index 143e1aa4a7..8a2de621ba 100644 --- a/.github/workflows/Pkg EdFi.Ods.Minimal.Template.TPDM.PostgreSQL.yml +++ b/.github/workflows/Pkg EdFi.Ods.Minimal.Template.TPDM.PostgreSQL.yml @@ -168,7 +168,7 @@ jobs: shell: pwsh - name: Upload EdFi.Ods.Minimal.Template.TPDM.PostgreSQL Artifacts if: success() || failure() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: NugetPackages.Artifacts path: | @@ -190,7 +190,7 @@ jobs: shell: pwsh - name: Upload Create Database Template Logs if: success() || failure() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: Create Database Template Logs path: | diff --git a/.github/workflows/Pkg EdFi.Ods.Minimal.Template.TPDM.yml b/.github/workflows/Pkg EdFi.Ods.Minimal.Template.TPDM.yml index a290fc0da8..ad49d7ff9b 100644 --- a/.github/workflows/Pkg EdFi.Ods.Minimal.Template.TPDM.yml +++ b/.github/workflows/Pkg EdFi.Ods.Minimal.Template.TPDM.yml @@ -189,7 +189,7 @@ jobs: shell: powershell - name: Upload EdFi.Ods.Minimal.Template.TPDM.Core Artifacts if: success() || failure() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: EdFi.Ods.Minimal.Template.TPDM.Core.Artifacts path: | @@ -211,7 +211,7 @@ jobs: shell: pwsh - name: Upload Create Database Template Logs if: success() || failure() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: Create Database Template Logs path: | diff --git a/.github/workflows/Pkg EdFi.Ods.Minimal.Template.yml b/.github/workflows/Pkg EdFi.Ods.Minimal.Template.yml index d04a815652..a3354b3aec 100644 --- a/.github/workflows/Pkg EdFi.Ods.Minimal.Template.yml +++ b/.github/workflows/Pkg EdFi.Ods.Minimal.Template.yml @@ -181,7 +181,7 @@ jobs: shell: powershell - name: Upload EdFi.Ods.Minimal.Template Artifacts if: success() || failure() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: NugetPackages.Artifacts path: ${{ github.workspace }}/Ed-Fi-ODS/NugetPackages/EdFi.Suite3.Ods.Minimal.Template.*.nupkg @@ -202,7 +202,7 @@ jobs: shell: pwsh - name: Upload Create Database Template Logs if: success() || failure() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: Create Database Template Logs path: | diff --git a/.github/workflows/Pkg EdFi.Ods.Populated.Template.PostgreSQL.yml b/.github/workflows/Pkg EdFi.Ods.Populated.Template.PostgreSQL.yml index 9492847499..6aaa07ebe2 100644 --- a/.github/workflows/Pkg EdFi.Ods.Populated.Template.PostgreSQL.yml +++ b/.github/workflows/Pkg EdFi.Ods.Populated.Template.PostgreSQL.yml @@ -161,7 +161,7 @@ jobs: shell: pwsh - name: Upload EdFi.Ods.Populated.Template Artifacts if: success() || failure() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: NugetPackages.Artifacts path: ${{ github.workspace }}/Ed-Fi-ODS/NugetPackages/EdFi.Suite3.Ods.Populated.Template.PostgreSQL*.nupkg @@ -182,7 +182,7 @@ jobs: shell: pwsh - name: Upload Create Database Template Logs if: success() || failure() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: Create Database Template Logs path: | diff --git a/.github/workflows/Pkg EdFi.Ods.Populated.Template.TPDM.PostgreSQL.yml b/.github/workflows/Pkg EdFi.Ods.Populated.Template.TPDM.PostgreSQL.yml index afd9469927..2049fc8443 100644 --- a/.github/workflows/Pkg EdFi.Ods.Populated.Template.TPDM.PostgreSQL.yml +++ b/.github/workflows/Pkg EdFi.Ods.Populated.Template.TPDM.PostgreSQL.yml @@ -167,7 +167,7 @@ jobs: shell: pwsh - name: Upload EdFi.Ods.Populated.Template.TPDM.PostgreSQL Artifacts if: success() || failure() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: NugetPackages.Artifacts path: | @@ -189,7 +189,7 @@ jobs: shell: pwsh - name: Upload Create Database Template Logs if: success() || failure() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: Create Database Template Logs path: | diff --git a/.github/workflows/Pkg EdFi.Ods.Populated.Template.TPDM.yml b/.github/workflows/Pkg EdFi.Ods.Populated.Template.TPDM.yml index a123eff833..03a6591fbe 100644 --- a/.github/workflows/Pkg EdFi.Ods.Populated.Template.TPDM.yml +++ b/.github/workflows/Pkg EdFi.Ods.Populated.Template.TPDM.yml @@ -189,7 +189,7 @@ jobs: shell: powershell - name: Upload EdFi.Ods.Populated.Template.TPDM.Core Artifacts if: success() || failure() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: EdFi.Ods.Populated.Template.TPDM.Core.Artifacts path: | @@ -211,7 +211,7 @@ jobs: shell: pwsh - name: Upload Create Database Template Logs if: success() || failure() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: Create Database Template Logs path: | diff --git a/.github/workflows/Pkg EdFi.Ods.Populated.Template.yml b/.github/workflows/Pkg EdFi.Ods.Populated.Template.yml index b48a21f5be..c813b3b7b5 100644 --- a/.github/workflows/Pkg EdFi.Ods.Populated.Template.yml +++ b/.github/workflows/Pkg EdFi.Ods.Populated.Template.yml @@ -181,7 +181,7 @@ jobs: shell: powershell - name: Upload EdFi.Ods.Populated.Template Artifacts if: success() || failure() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: NugetPackages.Artifacts path: ${{ github.workspace }}/Ed-Fi-ODS/NugetPackages/EdFi.Suite3.Ods.Populated.Template.*.nupkg @@ -202,7 +202,7 @@ jobs: shell: pwsh - name: Upload Create Database Template Logs if: success() || failure() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: Create Database Template Logs path: | diff --git a/.github/workflows/Security Vulnerability Check on Release Tags.yml b/.github/workflows/Security Vulnerability Check on Release Tags.yml index 39641b87bd..2919be3411 100644 --- a/.github/workflows/Security Vulnerability Check on Release Tags.yml +++ b/.github/workflows/Security Vulnerability Check on Release Tags.yml @@ -46,7 +46,7 @@ jobs: args: '--failOnCVSS 7' - name: Upload Dependency-Check HTML report Artifacts if: success() || failure() - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 with: name: Dependency-Check-HTML-report-${{ matrix.tag }}-Artifacts path: ${{ github.workspace }}/Dependency-Check-HTML-report-${{ matrix.tag }}/dependency-check-report.html