dependabot[bot]
68571fb887
build(deps): bump actions/download-artifact from 3.0.0 to 3.0.1
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](fb598a63ae...9782bd6a98
2022-10-21 11:14:31 +00:00
dependabot[bot]
5fffbb0485
build(deps): bump github/codeql-action from 2.1.27 to 2.1.28
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.27 to 2.1.28.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](807578363a...cc7986c02b
2022-10-19 10:17:35 +00:00
Jussi Kukkonen
852f7a4101
Merge pull request #2139 from theupdateframework/dependabot/github_actions/actions/dependency-review-action-2.5.0
...
build(deps): bump actions/dependency-review-action from 2.4.1 to 2.5.0
2022-10-18 16:17:15 +03:00
dependabot[bot]
b8976bfd51
build(deps): bump actions/dependency-review-action from 2.4.1 to 2.5.0
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 2.4.1 to 2.5.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](9c96258789...fd675ced9c
2022-10-14 10:16:58 +00:00
dependabot[bot]
67a5fca932
build(deps): bump actions/github-script from 6.3.2 to 6.3.3
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.3.2 to 6.3.3.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](100527700e...d556feaca3
2022-10-14 10:16:54 +00:00
Lukas Pühringer
7e51f356b3
Merge pull request #2134 from theupdateframework/dependabot/github_actions/actions/github-script-6.3.2
...
build(deps): bump actions/github-script from 6.3.1 to 6.3.2
2022-10-12 14:21:06 +02:00
dependabot[bot]
2c56fc3532
build(deps): bump actions/dependency-review-action from 2.4.0 to 2.4.1
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](375c537008...9c96258789
2022-10-12 10:19:15 +00:00
dependabot[bot]
39b823afe4
build(deps): bump actions/github-script from 6.3.1 to 6.3.2
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.3.1 to 6.3.2.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](7dff1a8764...100527700e
2022-10-12 10:19:05 +00:00
dependabot[bot]
76c0d6cec0
build(deps): bump actions/setup-python from 4.2.0 to 4.3.0
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](b55428b188...13ae5bb136
2022-10-11 10:29:56 +00:00
Kairo de Araujo
869d23a9f2
Fix typo CD.yml
...
Fixed typo in CD.yml: 'candidate' instead ' candidate'.
Signed-off-by: Kairo de Araujo <kdearaujo@vmware.com>
2022-10-10 09:56:25 +02:00
dependabot[bot]
45f8096d97
build(deps): bump github/codeql-action from 2.1.26 to 2.1.27
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.26 to 2.1.27.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](e0e5ded33c...807578363a
2022-10-07 10:43:05 +00:00
dependabot[bot]
9907d4d38a
build(deps): bump actions/checkout from 3.0.2 to 3.1.0
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.0.2 to 3.1.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](2541b1294d...93ea575cb5
2022-10-04 10:45:28 +00:00
dependabot[bot]
903ad61a8e
build(deps): bump actions/github-script from 6.2.0 to 6.3.1
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.2.0 to 6.3.1.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](c713e510db...7dff1a8764
2022-10-03 09:39:02 +00:00
dependabot[bot]
99b9246db7
build(deps): bump github/codeql-action from 2.1.25 to 2.1.26
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.25 to 2.1.26.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](86f3159a69...e0e5ded33c
2022-09-30 10:18:27 +00:00
dependabot[bot]
e7ab8d56b6
build(deps): bump actions/dependency-review-action from 2.1.0 to 2.4.0
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 2.1.0 to 2.4.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](23d1ffffb6...375c537008
2022-09-26 10:56:29 +00:00
dependabot[bot]
849a44d655
build(deps): bump github/codeql-action from 2.1.24 to 2.1.25
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.24 to 2.1.25.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](904260d7d9...86f3159a69
2022-09-22 10:33:20 +00:00
dependabot[bot]
6b89263932
build(deps): bump github/codeql-action from 2.1.22 to 2.1.24
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.22 to 2.1.24.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b398f525a5...904260d7d9
2022-09-19 10:21:33 +00:00
dependabot[bot]
afd47391f4
build(deps): bump actions/checkout from 3.0.0 to 3.0.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.0.0 to 3.0.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...2541b1294d2704b0964813337f33b291d3f8596b )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-09-09 10:25:06 +00:00
dependabot[bot]
a2cbdd23a1
build(deps): bump github/codeql-action from 2.1.21 to 2.1.22
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.21 to 2.1.22.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](c7f292ea4f...b398f525a5
2022-09-02 10:22:03 +00:00
Lukas Puehringer
b83c738373
chore: fix error in spec version check workflow
...
Use `--upgrade` option to upgrade pip with pip in workflow, instead
of non-existing `-u` option (-U would also be possible).
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2022-08-30 14:19:12 +02:00
Lukas Puehringer
7baf1d3376
chore: misc setup-python changes in spec check job
...
1. update action/setup-python to latest version
2. pin major version to be used to 3.x
3. upgrade pip before using it
1 and 2 were suggested in #2089
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2022-08-30 09:44:19 +02:00
Radoslav Dimitrov
53f1611b74
chore: limit the permissions for the job calling the version check workflow
...
Signed-off-by: Radoslav Dimitrov <dimitrovr@vmware.com>
2022-08-30 09:37:01 +02:00
Radoslav Dimitrov
0e6b928d9a
chore: update the workflow responsible for notifying of new TUF spec release
...
Signed-off-by: Radoslav Dimitrov <dimitrovr@vmware.com>
2022-08-30 09:36:59 +02:00
dependabot[bot]
de8f97f283
build(deps): bump actions/github-script from 6.1.1 to 6.2.0
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.1.1 to 6.2.0.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](d50f485531...c713e510db
2022-08-29 10:24:16 +00:00
dependabot[bot]
3d1786da74
build(deps): bump github/codeql-action from 2.1.20 to 2.1.21
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.20 to 2.1.21.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](7fee4ca032...c7f292ea4f
2022-08-26 10:16:29 +00:00
dependabot[bot]
90a2ec4804
build(deps): bump github/codeql-action from 2.1.19 to 2.1.20
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.19 to 2.1.20.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f5d217be74...7fee4ca032
2022-08-24 10:18:21 +00:00
Lukas Pühringer
0e04e3307f
Merge pull request #2080 from theupdateframework/dependabot/github_actions/github/codeql-action-2.1.19
...
build(deps): bump github/codeql-action from 2.1.18 to 2.1.19
2022-08-22 09:07:24 +02:00
dependabot[bot]
789dcef5f1
build(deps): bump actions/dependency-review-action from 2.0.4 to 2.1.0
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 2.0.4 to 2.1.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](94145f3150...23d1ffffb6
2022-08-19 10:14:19 +00:00
dependabot[bot]
4528289ea2
build(deps): bump github/codeql-action from 2.1.18 to 2.1.19
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.18 to 2.1.19.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2ca79b6fa8...f5d217be74
2022-08-19 10:14:16 +00:00
dependabot[bot]
e27dce0f5f
build(deps): bump actions/github-script from 6.1.0 to 6.1.1
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 6.1.0 to 6.1.1.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](7a5c598405...d50f485531
2022-08-15 10:19:37 +00:00
dependabot[bot]
d442fa2d56
build(deps): bump github/codeql-action from 2.1.17 to 2.1.18
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.17 to 2.1.18.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0c670bbf04...2ca79b6fa8
2022-08-04 10:27:31 +00:00
dependabot[bot]
c524984be4
build(deps): bump actions/setup-python from 4.1.0 to 4.2.0
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.1.0 to 4.2.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](c4e89fac7e...b55428b188
2022-08-03 10:19:48 +00:00
Lukas Pühringer
3108998f75
Merge pull request #2066 from theupdateframework/dependabot/github_actions/github/codeql-action-2.1.17
...
build(deps): bump github/codeql-action from 2.1.16 to 2.1.17
2022-08-01 12:11:25 +02:00
dependabot[bot]
3e1fa8b47e
build(deps): bump github/codeql-action from 2.1.16 to 2.1.17
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.16 to 2.1.17.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3e7e3b32d0...0c670bbf04
2022-07-29 10:19:57 +00:00
dependabot[bot]
6edf9191de
build(deps): bump pypa/gh-action-pypi-publish from 1.5.0 to 1.5.1
...
Bumps [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish ) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases )
- [Commits](717ba43cfb...37f50c210e
2022-07-27 16:36:56 +00:00
Lukas Pühringer
e00e854841
Merge pull request #2054 from theupdateframework/dependabot/github_actions/actions/setup-python-4.1.0
...
build(deps): bump actions/setup-python from 4.0.0 to 4.1.0
2022-07-19 11:26:37 +02:00
Lukas Pühringer
43f5db694d
Merge pull request #2057 from theupdateframework/dependabot/github_actions/actions/dependency-review-action-2.0.4
...
build(deps): bump actions/dependency-review-action from 2.0.2 to 2.0.4
2022-07-19 11:23:47 +02:00
dependabot[bot]
a49d8cbc8d
build(deps): bump github/codeql-action from 2.1.15 to 2.1.16
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.15 to 2.1.16.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3f62b754e2...3e7e3b32d0
2022-07-14 10:21:41 +00:00
dependabot[bot]
f617ae5d77
build(deps): bump actions/dependency-review-action from 2.0.2 to 2.0.4
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 2.0.2 to 2.0.4.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](1c59cdf2a9...94145f3150
2022-07-14 10:21:36 +00:00
dependabot[bot]
deb9633879
build(deps): bump actions/setup-python from 4.0.0 to 4.1.0
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](d09bd5e600...c4e89fac7e
2022-07-12 10:20:32 +00:00
dependabot[bot]
b869320624
build(deps): bump github/codeql-action from 2.1.14 to 2.1.15
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.14 to 2.1.15.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](41a4ada31b...3f62b754e2
2022-06-29 10:37:50 +00:00
dependabot[bot]
fbe30683dd
build(deps): bump github/codeql-action from 2.1.13 to 2.1.14
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.13 to 2.1.14.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](d00e8c09a3...41a4ada31b
2022-06-23 12:59:20 +00:00
dependabot[bot]
efc530a932
build(deps): bump github/codeql-action from 2.1.12 to 2.1.13
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.12 to 2.1.13.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](27ea8f8fe5...d00e8c09a3
2022-06-21 10:21:08 +00:00
dependabot[bot]
190e9e1f69
build(deps): bump actions/dependency-review-action from 2.0.0 to 2.0.2
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 2.0.0 to 2.0.2.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](97790d29c7...1c59cdf2a9
2022-06-16 10:24:53 +00:00
Jussi Kukkonen
c89cb50b83
Merge pull request #2026 from theupdateframework/dependabot/github_actions/actions/dependency-review-action-2
...
build(deps): bump actions/dependency-review-action from 1.0.2 to 2
2022-06-16 09:47:16 +03:00
dependabot[bot]
d05a2f8d2f
build(deps): bump actions/dependency-review-action from 1.0.2 to 2
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 1.0.2 to 2.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](a9c83d3af6...97790d29c7
2022-06-15 10:27:51 +00:00
Joshua Lock
6678d2f76a
Add workflow for codeql analysis
...
Signed-off-by: Joshua Lock <jlock@vmware.com>
2022-06-15 10:19:35 +01:00
dependabot[bot]
94b08faade
build(deps): bump actions/setup-python from 3.1.2 to 4
...
Bumps [actions/setup-python](https://github.com/actions/setup-python ) from 3.1.2 to 4.
- [Release notes](https://github.com/actions/setup-python/releases )
- [Commits](https://github.com/actions/setup-python/compare/v3.1.2...d09bd5e6005b175076f227b13d9730d56e9dcfcb )
---
updated-dependencies:
- dependency-name: actions/setup-python
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-06-09 10:22:16 +00:00
Jussi Kukkonen
cfcc0c3f0f
Merge pull request #1974 from naveensrinivasan/Dependency-Review-Action
...
chore: Dependency Review Action
2022-06-06 16:30:12 +03:00
naveensrinivasan
a5afebd1ab
Changed the tags to SHA
...
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-06-02 07:01:45 -05:00
