github/zot
1
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2026-06-15 20:07:55 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: fix dependabot alerts (#1763)

Browse Source 
Signed-off-by: Ramkumar Chinchani <rchincha@cisco.com>
This commit is contained in:
Ramkumar Chinchani
2023-09-05 12:30:49 -07:00
committed by GitHub
parent 59dc4c3229
commit 75a76005b4
20 changed files with 50 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/benchmark.yaml
+1 -1
View File
@@ -14,7 +14,7 @@ jobs:
name: Performance regression check
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
cache: false
.github/workflows/branch-cov.yml
+1 -1
View File
@@ -18,7 +18,7 @@ jobs:
arch: [amd64]
name: coverage
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
cache: false
.github/workflows/ci-cd.yml
+5 -5
View File
@@ -25,7 +25,7 @@ jobs:
arch: [amd64, arm64]
steps:
- name: Check out source code
uses: actions/checkout@v3
uses: actions/checkout@v4
- uses: ./.github/actions/clean-runner
- name: Install go
uses: actions/setup-go@v4
@@ -185,7 +185,7 @@ jobs:
arch: [amd64, arm64]
steps:
- name: Check out the repo
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Log in to GitHub Docker Registry
uses: docker/login-action@v2
with:
@@ -380,7 +380,7 @@ jobs:
TRIVY_USERNAME: ${{ github.actor }}
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2.21.4
uses: github/codeql-action/upload-sarif@v2.21.5
with:
sarif_file: 'trivy-results.sarif'
@@ -393,13 +393,13 @@ jobs:
packages: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
with:
ref: main
fetch-depth: '0'
- name: Checkout project-zot/helm-charts
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
repository: project-zot/helm-charts
ref: main
.github/workflows/cloc.yml
+1 -1
View File
@@ -23,7 +23,7 @@ jobs:
cache: false
go-version: 1.20.x
- name: Check out source code
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Install dependencies
run: |
cd $GITHUB_WORKSPACE
.github/workflows/cluster.yaml
+1 -1
View File
@@ -27,7 +27,7 @@ jobs:
# - /tmp/data:/data
# options: --name=minio --health-cmd "curl http://localhost:9000/minio/health/live"
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
cache: false
.github/workflows/codeql-analysis.yml
+4 -4
View File
@@ -43,7 +43,7 @@ jobs:
steps:
- name: Checkout repository
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Install go
uses: actions/setup-go@v4
@@ -62,7 +62,7 @@ jobs:
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v2.21.4
uses: github/codeql-action/init@v2.21.5
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -73,7 +73,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v2.21.4
uses: github/codeql-action/autobuild@v2.21.5
# ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
@@ -86,4 +86,4 @@ jobs:
# make release
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v2.21.4
uses: github/codeql-action/analyze@v2.21.5
.github/workflows/commit-msg.yaml
+1 -1
View File
@@ -18,7 +18,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
uses: actions/checkout@v4
- name: Check Commit Type
uses: gsactions/commit-message-checker@v2
with:
.github/workflows/dco.yml
+1 -1
View File
@@ -11,7 +11,7 @@ jobs:
check:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- name: Set up Python 3.x
uses: actions/setup-python@v4
with:
.github/workflows/ecosystem-tools.yaml
+1 -1
View File
@@ -16,7 +16,7 @@ jobs:
name: Check client tools
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- uses: ./.github/actions/clean-runner
- uses: actions/setup-go@v4
with:
.github/workflows/gc-stress-test.yaml
+2 -2
View File
@@ -16,7 +16,7 @@ jobs:
name: GC(with referrers) on filesystem with short interval
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- uses: ./.github/actions/clean-runner
- uses: actions/setup-go@v4
with:
@@ -40,7 +40,7 @@ jobs:
name: GC(without referrers) on filesystem with short interval
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- uses: ./.github/actions/clean-runner
- uses: actions/setup-go@v4
with:
.github/workflows/golangci-lint.yaml
+1 -1
View File
@@ -20,7 +20,7 @@ jobs:
with:
cache: false
go-version: '1.20'
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- name: golangci-lint
uses: golangci/golangci-lint-action@v3
with:
.github/workflows/gqlgen.yaml
+2 -2
View File
@@ -21,7 +21,7 @@ jobs:
name: Check GQL generation
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
cache: false
@@ -40,7 +40,7 @@ jobs:
name: Check GQL schema follows best practices
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- name: Install dependencies
run: |
cd $GITHUB_WORKSPACE
.github/workflows/license.yaml
+1 -1
View File
@@ -18,7 +18,7 @@ jobs:
runs-on: ubuntu-latest
name: License Check
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
cache: false
.github/workflows/nightly.yaml
+4 -4
View File
@@ -16,7 +16,7 @@ jobs:
name: Dedupe/restore blobs
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- uses: ./.github/actions/clean-runner
- uses: actions/setup-go@v3
with:
@@ -61,7 +61,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out source code
uses: actions/checkout@v3
uses: actions/checkout@v4
- uses: ./.github/actions/clean-runner
- uses: actions/setup-go@v3
with:
@@ -78,7 +78,7 @@ jobs:
name: GC(with referrers) on S3 with short interval
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- uses: ./.github/actions/clean-runner
- uses: actions/setup-go@v4
with:
@@ -119,7 +119,7 @@ jobs:
name: GC(without referrers) on S3 with short interval
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- uses: ./.github/actions/clean-runner
- uses: actions/setup-go@v4
with:
.github/workflows/oci-conformance-action.yml
+2 -2
View File
@@ -26,7 +26,7 @@ jobs:
cache: false
go-version: 1.20.x
- name: Checkout this PR
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Start zot server
run: |
cd $GITHUB_WORKSPACE
@@ -34,7 +34,7 @@ jobs:
RUNNER_TRACKING_ID="" && ./bin/zot-linux-amd64 serve examples/config-conformance.json &
IP=`hostname -I | awk '{print $1}'`
echo "SERVER_URL=http://${IP}:8080" >> $GITHUB_ENV
- uses: actions/checkout@v3
- uses: actions/checkout@v4
with:
repository: opencontainers/distribution-spec
ref: main
.github/workflows/scorecards.yml
+2 -2
View File
@@ -25,7 +25,7 @@ jobs:
steps:
- name: "Checkout code"
uses: actions/checkout@v3 # v3.0.0
uses: actions/checkout@v4 # v3.0.0
with:
persist-credentials: false
@@ -57,6 +57,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@v2.21.4 # v1.0.26
uses: github/codeql-action/upload-sarif@v2.21.5 # v1.0.26
with:
sarif_file: results.sarif
.github/workflows/tls.yaml
+1 -1
View File
@@ -18,7 +18,7 @@ jobs:
arch: [amd64]
name: TLS check
steps:
- uses: actions/checkout@v3
- uses: actions/checkout@v4
- uses: actions/setup-go@v4
with:
cache: false
.github/workflows/web-scan.yml
+1 -1
View File
@@ -27,7 +27,7 @@ jobs:
cache: false
go-version: 1.20.x
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4
- name: Build zot
run: |
echo "Building $FLAVOR"