chore(#1059): update checkout and upload-sarif versions

also added github-actions to dependabot.yml
holunda-io · Oct 10, 2024 · 4e18fc5 · 4e18fc5
1 parent ccee997
commit 4e18fc5
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 11 deletions.
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -1,10 +1,15 @@
 version: 2
 updates:
-- package-ecosystem: maven
-  directory: "/"
-  schedule:
-    interval: daily
-  open-pull-requests-limit: 10
-  labels:
-  - "Type: dependencies"
-
+  - package-ecosystem: maven
+    directory: "/"
+    schedule:
+      interval: "daily"
+    open-pull-requests-limit: 19
+    labels:
+      - "Type: dependencies"
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+    labels:
+      - "Type: dependencies"
diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml
@@ -38,7 +38,7 @@ jobs:
     steps:
       # Checkout the repository to the GitHub Actions runner
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
       - name: Run Codacy Analysis CLI
@@ -58,6 +58,6 @@ jobs:
 
       # Upload the SARIF file generated in the previous step
       - name: Upload SARIF results file
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Set up Python
         uses: actions/setup-python@v4