Skip to content

chore(deps): bump actions/github-script from 8 to 9 in the utilities group across 1 directory #211

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
dependabot wants to merge 1 commit into
base: develop
Choose a base branch
from
+2 −2
Open

chore(deps): bump actions/github-script from 8 to 9 in the utilities group across 1 directory #211

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/frontend-pr-analysis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -443,7 +443,7 @@ jobs:

- name: Post coverage comment
if: github.event_name == 'pull_request'
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0
with:
github-token: ${{ secrets.MANAGE_TOKEN || github.token }}
script: |
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/go-pr-analysis.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
name: "Go PR Analysis"

# Reusable workflow for Go PR analysis in monorepos
Expand Down Expand Up @@ -102,14 +102,14 @@
has_changes: ${{ steps.set-matrix.outputs.has_changes }}
steps:
- name: Checkout code
uses: actions/checkout@v6

Check failure on line 105 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Pinned Actions Check 

External action not pinned by SHA: uses: actions/checkout@v6 (use full commit SHA with a # vX.Y.Z comment)
with:
fetch-depth: 0

- name: Get changed files
id: changed
shell: bash
run: |

Check failure on line 112 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Action Lint 

shellcheck reported issue in this script: SC2181:style:9:9: Check exit code directly with e.g. 'if mycmd;', not indirectly with $?

Check failure on line 112 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Action Lint 

shellcheck reported issue in this script: SC2086:info:10:34: Double quote to prevent globbing and word splitting
if [[ "${{ github.event_name }}" == "pull_request" ]]; then
# For PRs, compare base and head
BASE_SHA="${{ github.event.pull_request.base.sha }}"
Expand Down Expand Up @@ -232,10 +232,10 @@
app: ${{ fromJson(needs.detect-changes.outputs.matrix) }}
steps:
- name: Checkout code
uses: actions/checkout@v6

Check failure on line 235 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Pinned Actions Check 

External action not pinned by SHA: uses: actions/checkout@v6 (use full commit SHA with a # vX.Y.Z comment)

- name: Setup Go
uses: actions/setup-go@v6

Check failure on line 238 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Pinned Actions Check 

External action not pinned by SHA: uses: actions/setup-go@v6 (use full commit SHA with a # vX.Y.Z comment)
with:
go-version: ${{ inputs.go_version }}
cache: true
Expand All @@ -248,14 +248,14 @@
GOPRIVATE: ${{ inputs.go_private_modules }}

- name: Install golangci-lint
run: |

Check failure on line 251 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Action Lint 

shellcheck reported issue in this script: SC2086:info:2:32: Double quote to prevent globbing and word splitting

Check failure on line 251 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Action Lint 

shellcheck reported issue in this script: SC2046:warning:1:101: Quote this to prevent word splitting
curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh | sh -s -- -b $(go env GOPATH)/bin ${{ inputs.golangci_lint_version }}
echo "$(go env GOPATH)/bin" >> $GITHUB_PATH

- name: Detect Makefile lint target
id: detect-make
working-directory: ${{ matrix.app.working_dir }}
run: |

Check failure on line 258 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Action Lint 

shellcheck reported issue in this script: SC2086:info:7:30: Double quote to prevent globbing and word splitting

Check failure on line 258 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Action Lint 

shellcheck reported issue in this script: SC2086:info:4:29: Double quote to prevent globbing and word splitting

Check failure on line 258 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Action Lint 

shellcheck reported issue in this script: SC2086:info:11:28: Double quote to prevent globbing and word splitting
if [[ -f "Makefile" ]] || [[ -f "makefile" ]] || [[ -f "GNUmakefile" ]]; then
if make -n lint >/dev/null 2>&1; then
echo "Makefile with 'lint' target detected"
Expand Down Expand Up @@ -293,10 +293,10 @@
app: ${{ fromJson(needs.detect-changes.outputs.matrix) }}
steps:
- name: Checkout code
uses: actions/checkout@v6

Check failure on line 296 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Pinned Actions Check 

External action not pinned by SHA: uses: actions/checkout@v6 (use full commit SHA with a # vX.Y.Z comment)

- name: Setup Go
uses: actions/setup-go@v6

Check failure on line 299 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Pinned Actions Check 

External action not pinned by SHA: uses: actions/setup-go@v6 (use full commit SHA with a # vX.Y.Z comment)
with:
go-version: ${{ inputs.go_version }}
cache: true
Expand All @@ -311,7 +311,7 @@
- name: Detect Makefile sec target
id: detect-make
working-directory: ${{ matrix.app.working_dir }}
run: |

Check failure on line 314 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Action Lint 

shellcheck reported issue in this script: SC2086:info:7:30: Double quote to prevent globbing and word splitting

Check failure on line 314 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Action Lint 

shellcheck reported issue in this script: SC2086:info:4:29: Double quote to prevent globbing and word splitting

Check failure on line 314 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Action Lint 

shellcheck reported issue in this script: SC2086:info:11:28: Double quote to prevent globbing and word splitting
if [[ -f "Makefile" ]] || [[ -f "makefile" ]] || [[ -f "GNUmakefile" ]]; then
if make -n sec >/dev/null 2>&1; then
echo "Makefile with 'sec' target detected"
Expand All @@ -333,13 +333,13 @@

- name: Run Gosec for SARIF
id: gosec-sarif
uses: securego/gosec@v2.25.0

Check failure on line 336 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Pinned Actions Check 

External action not pinned by SHA: uses: securego/gosec@v2.25.0 (use full commit SHA with a # vX.Y.Z comment)
with:
args: -no-fail -fmt sarif -out gosec-${{ matrix.app.name }}.sarif ./${{ matrix.app.working_dir }}/...

- name: Upload Gosec SARIF
if: always()
uses: github/codeql-action/upload-sarif@v4

Check failure on line 342 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Pinned Actions Check 

External action not pinned by SHA: uses: github/codeql-action/upload-sarif@v4 (use full commit SHA with a # vX.Y.Z comment)
with:
sarif_file: gosec-${{ matrix.app.name }}.sarif
category: gosec-${{ matrix.app.name }}
Expand Down Expand Up @@ -367,10 +367,10 @@
app: ${{ fromJson(needs.detect-changes.outputs.matrix) }}
steps:
- name: Checkout code
uses: actions/checkout@v6

Check failure on line 370 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Pinned Actions Check 

External action not pinned by SHA: uses: actions/checkout@v6 (use full commit SHA with a # vX.Y.Z comment)

- name: Setup Go
uses: actions/setup-go@v6

Check failure on line 373 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Pinned Actions Check 

External action not pinned by SHA: uses: actions/setup-go@v6 (use full commit SHA with a # vX.Y.Z comment)
with:
go-version: ${{ inputs.go_version }}
cache: true
Expand Down Expand Up @@ -476,7 +476,7 @@
echo "$PACKAGES" | xargs go test -v -race -coverprofile=coverage.txt -covermode=atomic

- name: Upload coverage artifact
uses: actions/upload-artifact@v7

Check failure on line 479 in .github/workflows/go-pr-analysis.yml

View workflow job for this annotation

GitHub Actions / Pinned Actions Check 

External action not pinned by SHA: uses: actions/upload-artifact@v7 (use full commit SHA with a # vX.Y.Z comment)
with:
name: coverage-${{ matrix.app.name }}
path: ${{ matrix.app.working_dir }}/coverage.txt
Expand Down Expand Up @@ -632,7 +632,7 @@

- name: Post coverage comment
if: github.event_name == 'pull_request'
uses: actions/github-script@v8
uses: actions/github-script@v9
with:
github-token: ${{ secrets.MANAGE_TOKEN || github.token }}
script: |
Expand Down
Loading