Skip to content

Commit a4c55e2

Browse files
authored
chore: fix dependabot alerts (#4082)
Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com>
1 parent 08b2687 commit a4c55e2

5 files changed

Lines changed: 9 additions & 9 deletions

File tree

.github/workflows/codeql-analysis.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -57,7 +57,7 @@ jobs:
5757

5858
# Initializes the CodeQL tools for scanning.
5959
- name: Initialize CodeQL
60-
uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
60+
uses: github/codeql-action/init@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3
6161
with:
6262
languages: ${{ matrix.language }}
6363
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -68,7 +68,7 @@ jobs:
6868
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
6969
# If this step fails, then you should remove it and run the build manually (see below)
7070
- name: Autobuild
71-
uses: github/codeql-action/autobuild@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
71+
uses: github/codeql-action/autobuild@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3
7272

7373
# ℹ️ Command-line programs to run using the OS shell.
7474
# 📚 https://git.io/JvXDl
@@ -81,4 +81,4 @@ jobs:
8181
# make release
8282

8383
- name: Perform CodeQL Analysis
84-
uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
84+
uses: github/codeql-action/analyze@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3

.github/workflows/publish.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -275,7 +275,7 @@ jobs:
275275
TRIVY_USERNAME: ${{ github.actor }}
276276
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
277277
- name: Upload Trivy scan results to GitHub Security tab
278-
uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
278+
uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3
279279
with:
280280
sarif_file: 'trivy-results.sarif'
281281

@@ -312,7 +312,7 @@ jobs:
312312
TRIVY_USERNAME: ${{ github.actor }}
313313
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
314314
- name: Upload Trivy scan results to GitHub Security tab
315-
uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
315+
uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3
316316
with:
317317
sarif_file: 'trivy-results.sarif'
318318

.github/workflows/scorecards.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -57,6 +57,6 @@ jobs:
5757

5858
# Upload the results to GitHub's code scanning dashboard.
5959
- name: "Upload to code-scanning"
60-
uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
60+
uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3
6161
with:
6262
sarif_file: results.sarif

go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -261,7 +261,7 @@ require (
261261
github.com/go-errors/errors v1.5.1 // indirect
262262
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
263263
github.com/go-git/go-billy/v5 v5.9.0 // indirect
264-
github.com/go-git/go-git/v5 v5.19.0 // indirect
264+
github.com/go-git/go-git/v5 v5.19.1 // indirect
265265
github.com/go-gorp/gorp/v3 v3.1.0 // indirect
266266
github.com/go-ini/ini v1.67.0 // indirect
267267
github.com/go-jose/go-jose/v3 v3.0.5 // indirect

go.sum

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -541,8 +541,8 @@ github.com/go-git/go-billy/v5 v5.9.0 h1:jItGXszUDRtR/AlferWPTMN4j38BQ88XnXKbilmm
541541
github.com/go-git/go-billy/v5 v5.9.0/go.mod h1:jCnQMLj9eUgGU7+ludSTYoZL/GGmii14RxKFj7ROgHw=
542542
github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399 h1:eMje31YglSBqCdIqdhKBW8lokaMrL3uTkpGYlE2OOT4=
543543
github.com/go-git/go-git-fixtures/v4 v4.3.2-0.20231010084843-55a94097c399/go.mod h1:1OCfN199q1Jm3HZlxleg+Dw/mwps2Wbk9frAWm+4FII=
544-
github.com/go-git/go-git/v5 v5.19.0 h1:+WkVUQZSy/F1Gb13udrMKjIM2PrzsNfDKFSfo5tkMtc=
545-
github.com/go-git/go-git/v5 v5.19.0/go.mod h1:Pb1v0c7/g8aGQJwx9Us09W85yGoyvSwuhEGMH7zjDKQ=
544+
github.com/go-git/go-git/v5 v5.19.1 h1:nX27AnaU43/K5bKktKwgBmR9lawoYVe1Ckg0rgzzN00=
545+
github.com/go-git/go-git/v5 v5.19.1/go.mod h1:Pb1v0c7/g8aGQJwx9Us09W85yGoyvSwuhEGMH7zjDKQ=
546546
github.com/go-gorp/gorp/v3 v3.1.0 h1:ItKF/Vbuj31dmV4jxA1qblpSwkl9g1typ24xoe70IGs=
547547
github.com/go-gorp/gorp/v3 v3.1.0/go.mod h1:dLEjIyyRNiXvNZ8PSmzpt1GsWAUK8kjVhEpjH8TixEw=
548548
github.com/go-ini/ini v1.67.0 h1:z6ZrTEZqSWOTyH2FlglNbNgARyHG8oLW9gMELqKr06A=

0 commit comments

Comments
 (0)