From 4d02ccc60a267e47a3581b1866145d29e6a975ec Mon Sep 17 00:00:00 2001 From: Taras Drozdovskyi Date: Fri, 3 Jan 2025 11:22:22 +0200 Subject: [PATCH] Update 3rd-party components Signed-off-by: Taras Drozdovskyi --- .github/workflows/build.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/fossology-check.yml | 2 +- .github/workflows/go-fuzz-test.yml | 2 +- .github/workflows/lint-vet-gofmt-staticcheck-analysis.yml | 2 +- .github/workflows/publish.yml | 6 +++--- .github/workflows/scorecards-analysis.yml | 4 ++-- .github/workflows/test-suite.yml | 2 +- go.mod | 4 ++-- 9 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2463e9c3..631f1af3 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -13,7 +13,7 @@ jobs: os: [ ubuntu-24.04 ] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup Golang uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 29decd0f..8ef10119 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/fossology-check.yml b/.github/workflows/fossology-check.yml index 69412469..ace0a8c2 100644 --- a/.github/workflows/fossology-check.yml +++ b/.github/workflows/fossology-check.yml @@ -9,7 +9,7 @@ jobs: name: Check license, copyright, keyword runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - run: | docker run --rm --name "fossologyscanner" -w "/opt/repo" -v ${PWD}:/opt/repo \ -e GITHUB_TOKEN=${{ github.token }} \ diff --git a/.github/workflows/go-fuzz-test.yml b/.github/workflows/go-fuzz-test.yml index 47f2457c..17d9f01e 100644 --- a/.github/workflows/go-fuzz-test.yml +++ b/.github/workflows/go-fuzz-test.yml @@ -13,7 +13,7 @@ jobs: os: [ ubuntu-24.04 ] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup Golang uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 diff --git a/.github/workflows/lint-vet-gofmt-staticcheck-analysis.yml b/.github/workflows/lint-vet-gofmt-staticcheck-analysis.yml index 8f4490c8..e55ff3ff 100644 --- a/.github/workflows/lint-vet-gofmt-staticcheck-analysis.yml +++ b/.github/workflows/lint-vet-gofmt-staticcheck-analysis.yml @@ -8,7 +8,7 @@ jobs: lintvetanalysis: runs-on: ubuntu-latest steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup Golang uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 16798f24..83e15f6e 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out the repo - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup Golang uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 @@ -45,7 +45,7 @@ jobs: cp configs/defdockerfiles/ubuntu_multistage Dockerfile - name: Build and push - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 + uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 with: context: . build-args: TARGETVERSION=v${{ steps.meta.outputs.version }} @@ -63,7 +63,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 with: egress-policy: audit diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index 054848b3..0d9d3b18 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -32,12 +32,12 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c + uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 with: egress-policy: audit - name: "Checkout code" - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 with: persist-credentials: false diff --git a/.github/workflows/test-suite.yml b/.github/workflows/test-suite.yml index 94e17ce6..d740ec1c 100644 --- a/.github/workflows/test-suite.yml +++ b/.github/workflows/test-suite.yml @@ -12,7 +12,7 @@ jobs: os: [ubuntu-24.04] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup Golang uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 diff --git a/go.mod b/go.mod index 293076dc..c1263730 100644 --- a/go.mod +++ b/go.mod @@ -11,8 +11,8 @@ require ( github.com/eclipse/paho.mqtt.golang v1.4.3 github.com/edgexfoundry/device-sdk-go v1.4.0 github.com/edgexfoundry/go-mod-core-contracts v0.1.115 - github.com/fsnotify/fsnotify v1.7.0 - github.com/golang-jwt/jwt/v4 v4.5.0 + github.com/fsnotify/fsnotify v1.8.0 + github.com/golang-jwt/jwt/v4 v4.5.1 github.com/golang/mock v1.4.4 github.com/gomodule/redigo v1.9.2 github.com/gorilla/mux v1.8.1