From 535258256cd1714f55e643075ae15919316e4aec Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 12 Jul 2024 08:12:47 -0600 Subject: [PATCH] chore(deps): update maru support dependencies (#127) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/dependency-review-action](https://togithub.com/actions/dependency-review-action) | action | patch | `v4.3.3` -> `v4.3.4` | | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | | minor | `v0.35.0` -> `v0.36.0` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.11` -> `v3.25.12` | --- ### Release Notes
actions/dependency-review-action (actions/dependency-review-action) ### [`v4.3.4`](https://togithub.com/actions/dependency-review-action/compare/v4.3.3...v4.3.4) [Compare Source](https://togithub.com/actions/dependency-review-action/compare/v4.3.3...v4.3.4)
defenseunicorns/zarf (defenseunicorns/zarf) ### [`v0.36.0`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.36.0) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.35.0...v0.36.0) ##### What's Changed - refactor: remove unused constants and variables by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2633](https://togithub.com/defenseunicorns/zarf/pull/2633) - docs: fixed wrong link in zarf site nerd notes page by [@​joelmccoy](https://togithub.com/joelmccoy) in [https://github.com/defenseunicorns/zarf/pull/2639](https://togithub.com/defenseunicorns/zarf/pull/2639) - chore: s3 cleanup by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2632](https://togithub.com/defenseunicorns/zarf/pull/2632) - refactor: change UpdateZarfAgentValues to rolling restart by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2644](https://togithub.com/defenseunicorns/zarf/pull/2644) - chore: make less by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2648](https://togithub.com/defenseunicorns/zarf/pull/2648) - fix: docs links by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2650](https://togithub.com/defenseunicorns/zarf/pull/2650) - refactor: remove use of reflections by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2634](https://togithub.com/defenseunicorns/zarf/pull/2634) - refactor: remove use of message.Fatal in tools by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2602](https://togithub.com/defenseunicorns/zarf/pull/2602) - refactor: remove k8s package by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2627](https://togithub.com/defenseunicorns/zarf/pull/2627) - feat: add context to pull and data injections by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2654](https://togithub.com/defenseunicorns/zarf/pull/2654) - test: move creator tests into one file by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2658](https://togithub.com/defenseunicorns/zarf/pull/2658) - test: site and links by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2656](https://togithub.com/defenseunicorns/zarf/pull/2656) - chore: run unit tests on main by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2653](https://togithub.com/defenseunicorns/zarf/pull/2653) - fix(docs): update help docs for zarf connect to add clarity by [@​chaospuppy](https://togithub.com/chaospuppy) in [https://github.com/defenseunicorns/zarf/pull/2662](https://togithub.com/defenseunicorns/zarf/pull/2662) - chore!: remove logging from init package by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2625](https://togithub.com/defenseunicorns/zarf/pull/2625) - chore: patch CVE-2024-6104 by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2669](https://togithub.com/defenseunicorns/zarf/pull/2669) - chore: patch CVE-2024-35255 by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2670](https://togithub.com/defenseunicorns/zarf/pull/2670) - chore: patch CVE-2024-6257 by [@​lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2671](https://togithub.com/defenseunicorns/zarf/pull/2671) - docs: data injection by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2668](https://togithub.com/defenseunicorns/zarf/pull/2668) - feat: flux OCI support in Zarf Agent by [@​cmwylie19](https://togithub.com/cmwylie19) in [https://github.com/defenseunicorns/zarf/pull/2005](https://togithub.com/defenseunicorns/zarf/pull/2005) - refactor: make lint use more accessible data type by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2660](https://togithub.com/defenseunicorns/zarf/pull/2660) - fix: remove helpers v1 by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2679](https://togithub.com/defenseunicorns/zarf/pull/2679) - refactor: test and cleanup injector by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2629](https://togithub.com/defenseunicorns/zarf/pull/2629) - refactor: remove use message.Fatal in cmd package by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2664](https://togithub.com/defenseunicorns/zarf/pull/2664) - ci: cleanup windows github action by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2673](https://togithub.com/defenseunicorns/zarf/pull/2673) - refactor: remove message.Fatal and spinner.Fatal by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2676](https://togithub.com/defenseunicorns/zarf/pull/2676) - ci: add merge groups by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2680](https://togithub.com/defenseunicorns/zarf/pull/2680) - ci: remove dependency review merge queue and add label merge queue by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2688](https://togithub.com/defenseunicorns/zarf/pull/2688) - refactor: remove warnings property from packager by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2687](https://togithub.com/defenseunicorns/zarf/pull/2687) - refactor: remove sbom view files property from packager by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2695](https://togithub.com/defenseunicorns/zarf/pull/2695) - fix: remove ignore label when adopting resource by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2699](https://togithub.com/defenseunicorns/zarf/pull/2699) - fix: revert fix: remove ignore label when adopting resource by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2711](https://togithub.com/defenseunicorns/zarf/pull/2711) - ci: run e2e tests by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2710](https://togithub.com/defenseunicorns/zarf/pull/2710) - refactor: test and refactor split file by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2708](https://togithub.com/defenseunicorns/zarf/pull/2708) - refactor: remove unused message functions and verbose logging by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2712](https://togithub.com/defenseunicorns/zarf/pull/2712) - refactor: connect command list printing by [@​phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2703](https://togithub.com/defenseunicorns/zarf/pull/2703) - docs: add contributing doc to root and add tsc by [@​salaxander](https://togithub.com/salaxander) in [https://github.com/defenseunicorns/zarf/pull/2706](https://togithub.com/defenseunicorns/zarf/pull/2706) - fix: remove unpinned image warning in lint for cosign signatures by [@​jasonwashburn](https://togithub.com/jasonwashburn) in [https://github.com/defenseunicorns/zarf/pull/2681](https://togithub.com/defenseunicorns/zarf/pull/2681) ##### New Contributors - [@​joelmccoy](https://togithub.com/joelmccoy) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2639](https://togithub.com/defenseunicorns/zarf/pull/2639) - [@​chaospuppy](https://togithub.com/chaospuppy) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2662](https://togithub.com/defenseunicorns/zarf/pull/2662) - [@​jasonwashburn](https://togithub.com/jasonwashburn) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2681](https://togithub.com/defenseunicorns/zarf/pull/2681) **Full Changelog**: https://github.com/defenseunicorns/zarf/compare/v0.35.0...v0.36.0
github/codeql-action (github/codeql-action) ### [`v3.25.12`](https://togithub.com/github/codeql-action/compare/v3.25.11...v3.25.12) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.11...v3.25.12)
--- ### Configuration 📅 **Schedule**: Branch creation - "after 12pm every weekday,before 11am every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/maru-runner). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Wayne Starr --- .github/actions/zarf/action.yaml | 2 +- .github/workflows/dependency-review.yaml | 2 +- .github/workflows/scan-codeql.yaml | 4 ++-- .github/workflows/scorecard.yaml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/actions/zarf/action.yaml b/.github/actions/zarf/action.yaml index 8cc235f..21255d7 100644 --- a/.github/actions/zarf/action.yaml +++ b/.github/actions/zarf/action.yaml @@ -7,4 +7,4 @@ runs: - uses: defenseunicorns/setup-zarf@main with: # renovate: datasource=github-tags depName=defenseunicorns/zarf - version: v0.35.0 + version: v0.36.0 diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml index ae4d4d5..8990f9f 100644 --- a/.github/workflows/dependency-review.yaml +++ b/.github/workflows/dependency-review.yaml @@ -12,4 +12,4 @@ jobs: uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Dependency Review - uses: actions/dependency-review-action@72eb03d02c7872a771aacd928f3123ac62ad6d3a # v4.3.3 + uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4 diff --git a/.github/workflows/scan-codeql.yaml b/.github/workflows/scan-codeql.yaml index a261f3e..f13b49a 100644 --- a/.github/workflows/scan-codeql.yaml +++ b/.github/workflows/scan-codeql.yaml @@ -45,7 +45,7 @@ jobs: run: make build-cli-linux-amd - name: Initialize CodeQL - uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 + uses: github/codeql-action/init@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12 env: CODEQL_EXTRACTOR_GO_BUILD_TRACING: on with: @@ -54,6 +54,6 @@ jobs: - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 + uses: github/codeql-action/analyze@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index f94ede9..f64b7ec 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -45,6 +45,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 + uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12 with: sarif_file: results.sarif