From a39d38e2575ec001dd3323aad342f841f2e96638 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 19 Jan 2024 04:20:49 +0000 Subject: [PATCH 1/4] build(deps): Bump dart from 3.2.4 to 3.2.5 in /tests/end2end_tests/image Bumps dart from 3.2.4 to 3.2.5. --- updated-dependencies: - dependency-name: dart dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- tests/end2end_tests/image/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/end2end_tests/image/Dockerfile b/tests/end2end_tests/image/Dockerfile index 462ddac10..1f081bce5 100644 --- a/tests/end2end_tests/image/Dockerfile +++ b/tests/end2end_tests/image/Dockerfile @@ -26,7 +26,7 @@ RUN set -eux ; \ # BRANCH # BUILD BRANCH -FROM dart:3.2.4@sha256:b3cc32bdac7251e7a18e16e6ec9f6934025308de10690edd7c42d6078f5c27f9 AS build-branch +FROM dart:3.2.5@sha256:622d0e15b24a1f060ef3b968f22f9ee5cb5e424dff94a2dcb3824f609780ec25 AS build-branch ENV URL=https://github.com/atsign-foundation/noports.git ENV REPO_DIR=/app/repo @@ -65,7 +65,7 @@ ENTRYPOINT cp -r /mount/. ${HOMEDIR} && sudo service ssh start && sh ${HOMEDIR}/ # LOCAL # BUILD LOCAL -FROM dart:3.2.4@sha256:b3cc32bdac7251e7a18e16e6ec9f6934025308de10690edd7c42d6078f5c27f9 AS build-local +FROM dart:3.2.5@sha256:622d0e15b24a1f060ef3b968f22f9ee5cb5e424dff94a2dcb3824f609780ec25 AS build-local ENV REPO_DIR=/app/repo ENV PACKAGE_DIR=${REPO_DIR}/packages/dart/sshnoports From 78737ff27bc917888bd47471fd7c9bd18b3e19f6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 19 Jan 2024 04:23:17 +0000 Subject: [PATCH 2/4] build(deps): Bump dart in /packages/dart/sshnoports/tools Bumps dart from 3.2.4 to 3.2.5. --- updated-dependencies: - dependency-name: dart dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- packages/dart/sshnoports/tools/Dockerfile | 2 +- packages/dart/sshnoports/tools/Dockerfile.activate | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/packages/dart/sshnoports/tools/Dockerfile b/packages/dart/sshnoports/tools/Dockerfile index d4649db36..6cc89d344 100644 --- a/packages/dart/sshnoports/tools/Dockerfile +++ b/packages/dart/sshnoports/tools/Dockerfile @@ -1,7 +1,7 @@ # Dockerfile # Build image for a containerized instance of sshnpd -FROM dart:3.2.4@sha256:b3cc32bdac7251e7a18e16e6ec9f6934025308de10690edd7c42d6078f5c27f9 AS buildimage +FROM dart:3.2.5@sha256:622d0e15b24a1f060ef3b968f22f9ee5cb5e424dff94a2dcb3824f609780ec25 AS buildimage ENV PACKAGEDIR=packages/dart/sshnoports ENV BINARYDIR=/usr/local/at SHELL ["/bin/bash", "-c"] diff --git a/packages/dart/sshnoports/tools/Dockerfile.activate b/packages/dart/sshnoports/tools/Dockerfile.activate index 1816f34f8..509facad9 100644 --- a/packages/dart/sshnoports/tools/Dockerfile.activate +++ b/packages/dart/sshnoports/tools/Dockerfile.activate @@ -1,6 +1,6 @@ # Dockerfile.activate # Build image for a containerized call of the at_activate binary -FROM dart:3.2.4@sha256:b3cc32bdac7251e7a18e16e6ec9f6934025308de10690edd7c42d6078f5c27f9 AS buildimage +FROM dart:3.2.5@sha256:622d0e15b24a1f060ef3b968f22f9ee5cb5e424dff94a2dcb3824f609780ec25 AS buildimage ENV PACKAGEDIR=packages/dart/sshnoports ENV BINARYDIR=/usr/local/at SHELL ["/bin/bash", "-c"] From 1ff8bbd84907c38734e35e48429699fac9e54bef Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 19 Jan 2024 04:56:13 +0000 Subject: [PATCH 3/4] build(deps): Bump actions/dependency-review-action from 3.1.5 to 4.0.0 Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 3.1.5 to 4.0.0. - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/c74b580d73376b7750d3d2a50bfb8adc2c937507...4901385134134e04cec5fbe5ddfe3b2c5bd5d976) --- updated-dependencies: - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/dependency-review.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 130191f0f..3fa8b859b 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -24,4 +24,4 @@ jobs: - name: 'Checkout Repository' uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: 'Dependency Review' - uses: actions/dependency-review-action@c74b580d73376b7750d3d2a50bfb8adc2c937507 # v3.1.5 + uses: actions/dependency-review-action@4901385134134e04cec5fbe5ddfe3b2c5bd5d976 # v4.0.0 From 4d636d6aa9a2e45ed811feb889af435f240275b4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 19 Jan 2024 04:56:20 +0000 Subject: [PATCH 4/4] build(deps): Bump actions/upload-artifact from 4.1.0 to 4.2.0 Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.1.0 to 4.2.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/1eb3cb2b3e0f29609092a73eb033bb759a334595...694cdabd8bdb0f10b2cea11669e1bf5453eed0a6) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/multibuild.yaml | 4 ++-- .github/workflows/python-sshnpd-build-publish.yml | 2 +- .github/workflows/scorecards.yml | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/multibuild.yaml b/.github/workflows/multibuild.yaml index e1073cdb5..1d9491df0 100644 --- a/.github/workflows/multibuild.yaml +++ b/.github/workflows/multibuild.yaml @@ -64,7 +64,7 @@ jobs: - run: cp -r bundles/${{ matrix.bundle }}/* sshnp/ - run: cp LICENSE sshnp - run: tar -cvzf tarball/${{ matrix.output-name }}.tgz sshnp - - uses: actions/upload-artifact@1eb3cb2b3e0f29609092a73eb033bb759a334595 # v4.1.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: ${{ matrix.output-name }}-upload path: ./packages/dart/sshnoports/tarball/${{ matrix.output-name }}.tgz @@ -96,7 +96,7 @@ jobs: --platform ${{ matrix.platform }} -o type=tar,dest=bins.tar . - run: mkdir tarballs - run: tar -xvf bins.tar -C tarballs - - uses: actions/upload-artifact@1eb3cb2b3e0f29609092a73eb033bb759a334595 # v4.1.0 + - uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: ${{ matrix.output-name }}-upload path: ./packages/dart/sshnoports/tarballs/${{ matrix.output-name }}.tgz diff --git a/.github/workflows/python-sshnpd-build-publish.yml b/.github/workflows/python-sshnpd-build-publish.yml index 33e39b1b9..148141680 100644 --- a/.github/workflows/python-sshnpd-build-publish.yml +++ b/.github/workflows/python-sshnpd-build-publish.yml @@ -36,7 +36,7 @@ jobs: cp -r dist/ $GITHUB_WORKSPACE - name: Store the distribution packages - uses: actions/upload-artifact@1eb3cb2b3e0f29609092a73eb033bb759a334595 # v4.1.0 + uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: sshnpd-python-package path: dist/ diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 495611758..67034f1b5 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -59,7 +59,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@1eb3cb2b3e0f29609092a73eb033bb759a334595 # v4.1.0 + uses: actions/upload-artifact@694cdabd8bdb0f10b2cea11669e1bf5453eed0a6 # v4.2.0 with: name: SARIF file path: results.sarif