From 522ce8b17030a3f1e93db4c1f5b01be018e41001 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 Nov 2024 00:59:35 +0000 Subject: [PATCH] build(deps): bump the github-actions group with 2 updates Bumps the github-actions group with 2 updates: [codecov/codecov-action](https://github.com/codecov/codecov-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `codecov/codecov-action` from 4.6.0 to 5.0.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238...968872560f81e7bdde9272853e65f2507c0eca7c) Updates `github/codeql-action` from 3.27.3 to 3.27.4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/396bb3e45325a47dd9ef434068033c6d5bb0d11a...ea9e4e37992a54ee68a9622e985e60c8e8f12d9f) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/at_client_sdk.yaml | 8 ++++---- .github/workflows/scorecards.yml | 2 +- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/at_client_sdk.yaml b/.github/workflows/at_client_sdk.yaml index decba1ea4..b258a3de1 100644 --- a/.github/workflows/at_client_sdk.yaml +++ b/.github/workflows/at_client_sdk.yaml @@ -55,7 +55,7 @@ jobs: run: dart run coverage:format_coverage --check-ignore --lcov --in=coverage --out=unit_test_coverage.lcov --report-on=lib - name: Upload at_client coverage to Codecov - uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 + uses: codecov/codecov-action@968872560f81e7bdde9272853e65f2507c0eca7c # v5.0.0 with: file: packages/at_client/unit_test_coverage.lcov flags: at_client_unit_tests @@ -86,7 +86,7 @@ jobs: run: dart run coverage:format_coverage --lcov --check-ignore --in=coverage --out=unit_test_coverage.lcov --report-on=lib - name: Upload at_client_mobile coverage to Codecov - uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 + uses: codecov/codecov-action@968872560f81e7bdde9272853e65f2507c0eca7c # v5.0.0 with: file: packages/at_client_mobile/unit_test_coverage.lcov flags: at_client_mobile_unit_tests @@ -153,7 +153,7 @@ jobs: run: dart run coverage:format_coverage --check-ignore --lcov --in=coverage --out=functional_test_coverage.lcov --report-on=../../packages/at_client/lib - name: Upload coverage to Codecov - uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 + uses: codecov/codecov-action@968872560f81e7bdde9272853e65f2507c0eca7c # v5.0.0 with: file: tests/at_functional_test/functional_test_coverage.lcov flags: functional_tests @@ -228,7 +228,7 @@ jobs: - name: Upload coverage to Codecov # Needs LCOV report to upload, so don't run for Dependabot PRs if: ${{ github.actor != 'dependabot[bot]' }} - uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0 + uses: codecov/codecov-action@968872560f81e7bdde9272853e65f2507c0eca7c # v5.0.0 with: file: tests/at_end2end_test/end2end_test_coverage.lcov flags: end2end_tests diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index b885c3261..7e302bc54 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -67,6 +67,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3 + uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4 with: sarif_file: results.sarif