From c3d8724e309abd3411e550c938f6fb5f9529828f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 6 Oct 2022 00:21:06 +0000 Subject: [PATCH] Bump actions/checkout from 2 to 3.1.0 Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.1.0. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v3.1.0) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yml | 2 +- .github/workflows/main.yml | 2 +- .github/workflows/rebase.yml | 2 +- .github/workflows/release.yml | 4 ++-- .github/workflows/sonarcloud1.yml | 2 +- .github/workflows/sonarcuberun1.yml | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index a05c2d5b6..4a17446ee 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -8,7 +8,7 @@ jobs: - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by GitHub!" - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}." - name: Check out repository code - uses: actions/checkout@v2 + uses: actions/checkout@v3.1.0 - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner." - run: echo "🖥️ The workflow is now ready to test your code on the runner." - name: List files in the repository diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 1c85af4ac..ad7e15433 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -16,7 +16,7 @@ jobs: NextGen-Static-Analysis: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3.1.0 - name: Download ShiftLeft CLI run: | curl https://cdn.shiftleft.io/download/sl > ${GITHUB_WORKSPACE}/sl && chmod a+rx ${GITHUB_WORKSPACE}/sl diff --git a/.github/workflows/rebase.yml b/.github/workflows/rebase.yml index e1012a97a..332fd1a59 100644 --- a/.github/workflows/rebase.yml +++ b/.github/workflows/rebase.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the latest code - uses: actions/checkout@v2 + uses: actions/checkout@v3.1.0 with: token: ${{ secrets.GITHUB_TOKEN }} fetch-depth: 0 # otherwise, you will fail to push refs to dest repo diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1af644c2c..805c5d542 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -10,7 +10,7 @@ jobs: environment: name: release steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3.1.0 - name: "Get tag name" id: tag @@ -106,7 +106,7 @@ jobs: environment: name: release steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3.1.0 with: ref: develop token: ${{ secrets.WEBGOAT_DEPLOYER_TOKEN }} diff --git a/.github/workflows/sonarcloud1.yml b/.github/workflows/sonarcloud1.yml index 520736ce5..a38972b2d 100644 --- a/.github/workflows/sonarcloud1.yml +++ b/.github/workflows/sonarcloud1.yml @@ -12,7 +12,7 @@ jobs: sonarqube: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3.1.0 with: # Disabling shallow clone is recommended for improving relevancy of reporting fetch-depth: 0 diff --git a/.github/workflows/sonarcuberun1.yml b/.github/workflows/sonarcuberun1.yml index a6abacac1..9dd14cc6f 100644 --- a/.github/workflows/sonarcuberun1.yml +++ b/.github/workflows/sonarcuberun1.yml @@ -9,7 +9,7 @@ jobs: name: Build runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v3.1.0 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - name: Set up JDK 11