github/zot
1
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2026-06-17 12:58:02 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: fix dependabot alerts (#3380)

Browse Source 
* chore: fix dependabot alerts

Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com>

* ci: bump up golang version to 1.24.x

Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com>

---------

Signed-off-by: Ramkumar Chinchani <rchincha.dev@gmail.com>
This commit is contained in:
Ramkumar Chinchani
2025-09-11 01:11:38 -07:00
committed by GitHub
parent 9bb73d43b4
commit 97ab0e2568
24 changed files with 152 additions and 152 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/benchmark.yaml
+3 -3
View File
@@ -15,10 +15,10 @@ jobs:
runs-on: oracle-vm-8cpu-32gb-x86-64
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
# Run benchmark with `go test -bench` and stores the output to a file
- name: Run benchmark
run: make BENCH_OUTPUT=ci-cd run-bench
@@ -30,7 +30,7 @@ jobs:
key: ${{ runner.os }}-gen1-benchmark
# Run `github-action-benchmark` action
- name: Store benchmark result
uses: benchmark-action/github-action-benchmark@v1.20.4
uses: benchmark-action/github-action-benchmark@v1.20.7
with:
# What benchmark tool the output.txt came from
tool: 'customBiggerIsBetter'
.github/workflows/branch-cov.yaml
+2 -2
View File
@@ -15,10 +15,10 @@ jobs:
name: coverage
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Install dependencies
run: |
cd $GITHUB_WORKSPACE
.github/workflows/build.yaml
+2 -2
View File
@@ -27,10 +27,10 @@ jobs:
- name: Check out source code
uses: actions/checkout@v4
- name: Install go
uses: actions/setup-go@v5
uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Cache go dependencies
id: cache-go-dependencies
uses: actions/cache@v4
.github/workflows/cloc.yaml
+2 -2
View File
@@ -18,10 +18,10 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Install go
uses: actions/setup-go@v5
uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Check out source code
uses: actions/checkout@v4
- name: Install dependencies
.github/workflows/cluster.yaml
+6 -6
View File
@@ -17,10 +17,10 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Install dependencies
run: |
cd $GITHUB_WORKSPACE
@@ -253,7 +253,7 @@ jobs:
key: ${{ runner.os }}-gen1-benchmark-stateless-cluster
# Run `github-action-benchmark` action
- name: Store benchmark result
uses: benchmark-action/github-action-benchmark@v1.20.4
uses: benchmark-action/github-action-benchmark@v1.20.7
with:
# What benchmark tool the output.txt came from
tool: 'customBiggerIsBetter'
@@ -272,10 +272,10 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Install dependencies
run: |
cd $GITHUB_WORKSPACE
@@ -517,7 +517,7 @@ jobs:
key: ${{ runner.os }}-gen1-benchmark-stateless-cluster-redis
# Run `github-action-benchmark` action
- name: Store benchmark result
uses: benchmark-action/github-action-benchmark@v1.20.4
uses: benchmark-action/github-action-benchmark@v1.20.7
with:
# What benchmark tool the output.txt came from
tool: 'customBiggerIsBetter'
.github/workflows/codeql-analysis.yml
+5 -5
View File
@@ -46,14 +46,14 @@ jobs:
uses: actions/checkout@v4
- name: Install go
uses: actions/setup-go@v5
uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@v3.30.0
uses: github/codeql-action/init@v3.30.1
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -64,7 +64,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@v3.30.0
uses: github/codeql-action/autobuild@v3.30.1
# ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
@@ -77,4 +77,4 @@ jobs:
# make release
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3.30.0
uses: github/codeql-action/analyze@v3.30.1
.github/workflows/compare-binary-size.yaml
+2 -2
View File
@@ -11,10 +11,10 @@ jobs:
name: compare-with-main
steps:
- uses: actions/checkout@v3
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Checkout zot (main branch)
run: |
mkdir -p $GITHUB_WORKSPACE/zot_main
.github/workflows/dco.yaml
+1 -1
View File
@@ -12,7 +12,7 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: Set up Python 3.x
uses: actions/setup-python@v5
uses: actions/setup-python@v6
with:
python-version: '3.x'
- name: Check DCO
.github/workflows/ecosystem-tools.yaml
+3 -3
View File
@@ -17,10 +17,10 @@ jobs:
runs-on: ubuntu-latest-16-cores
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Install dependencies
run: |
cd $GITHUB_WORKSPACE
@@ -72,7 +72,7 @@ jobs:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ github.token }}
- uses: actions/setup-python@v5
- uses: actions/setup-python@v6
with:
python-version: '3.11'
- name: Install localstack
.github/workflows/gc-stress-test.yaml
+8 -8
View File
@@ -17,10 +17,10 @@ jobs:
runs-on: oracle-vm-8cpu-32gb-x86-64
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Run zb
id: bench
@@ -56,10 +56,10 @@ jobs:
runs-on: oracle-vm-8cpu-32gb-x86-64
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Run zb
id: bench
@@ -95,10 +95,10 @@ jobs:
runs-on: oracle-vm-8cpu-32gb-x86-64
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- uses: ./.github/actions/setup-localstack
- name: Setup minio service
run: |
@@ -179,10 +179,10 @@ jobs:
runs-on: oracle-vm-8cpu-32gb-x86-64
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- uses: ./.github/actions/setup-localstack
- name: Setup minio service
run: |
.github/workflows/golangci-lint.yaml
+2 -2
View File
@@ -15,10 +15,10 @@ jobs:
name: lint
runs-on: ubuntu-latest
steps:
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: '1.23'
go-version: 1.24.x
- uses: actions/checkout@v4
- name: Run linter with GH action
uses: golangci/golangci-lint-action@v8
.github/workflows/gqlgen.yaml
+2 -2
View File
@@ -22,10 +22,10 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Install dependencies
run: |
cd $GITHUB_WORKSPACE
.github/workflows/license.yaml
+2 -2
View File
@@ -19,10 +19,10 @@ jobs:
name: License Check
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Install go-licenses
run: go install github.com/google/go-licenses@latest
- name: Check for forbidden licenses
.github/workflows/nightly.yaml
+17 -17
View File
@@ -19,9 +19,9 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
go-version: 1.23.x
go-version: 1.24.x
- name: Install dependencies
run: |
cd $GITHUB_WORKSPACE
@@ -41,7 +41,7 @@ jobs:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ github.token }}
- uses: actions/setup-python@v5
- uses: actions/setup-python@v6
with:
python-version: '3.11'
- name: Install localstack
@@ -70,9 +70,9 @@ jobs:
steps:
- name: Check out source code
uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
go-version: 1.23.x
go-version: 1.24.x
- name: Install dependencies
run: |
cd $GITHUB_WORKSPACE
@@ -87,10 +87,10 @@ jobs:
runs-on: oracle-vm-16cpu-64gb-x86-64
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- uses: ./.github/actions/setup-localstack
- name: Run zb
@@ -124,10 +124,10 @@ jobs:
runs-on: oracle-vm-16cpu-64gb-x86-64
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- uses: ./.github/actions/setup-localstack
- name: Run zb
@@ -173,9 +173,9 @@ jobs:
runs-on: oracle-vm-8cpu-32gb-x86-64
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
go-version: 1.23.x
go-version: 1.24.x
- name: Install dependencies
run: |
cd $GITHUB_WORKSPACE
@@ -204,10 +204,10 @@ jobs:
runs-on: oracle-vm-16cpu-64gb-x86-64
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Install dependencies
run: |
cd $GITHUB_WORKSPACE
@@ -228,7 +228,7 @@ jobs:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ github.token }}
- uses: actions/setup-python@v5
- uses: actions/setup-python@v6
with:
python-version: '3.11'
- name: Install localstack
@@ -290,10 +290,10 @@ jobs:
runs-on: oracle-vm-16cpu-64gb-x86-64
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Install dependencies
run: |
cd $GITHUB_WORKSPACE
@@ -314,7 +314,7 @@ jobs:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ github.token }}
- uses: actions/setup-python@v5
- uses: actions/setup-python@v6
with:
python-version: '3.11'
- name: Install localstack
.github/workflows/oci-conformance-action.yaml
+2 -2
View File
@@ -21,10 +21,10 @@ jobs:
# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- name: Install go 1.23
uses: actions/setup-go@v5
uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Checkout this PR
uses: actions/checkout@v4
- name: Start zot server
.github/workflows/publish.yaml
+2 -2
View File
@@ -253,7 +253,7 @@ jobs:
TRIVY_USERNAME: ${{ github.actor }}
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3.30.0
uses: github/codeql-action/upload-sarif@v3.30.1
with:
sarif_file: 'trivy-results.sarif'
@@ -290,7 +290,7 @@ jobs:
TRIVY_USERNAME: ${{ github.actor }}
TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v3.30.0
uses: github/codeql-action/upload-sarif@v3.30.1
with:
sarif_file: 'trivy-results.sarif'
.github/workflows/scorecards.yaml
+1 -1
View File
@@ -57,6 +57,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@v3.30.0
uses: github/codeql-action/upload-sarif@v3.30.1
with:
sarif_file: results.sarif
.github/workflows/stale.yaml
+1 -1
View File
@@ -12,7 +12,7 @@ jobs:
stale:
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v9
- uses: actions/stale@v10
with:
stale-issue-message: 'This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days.'
stale-pr-message: 'This PR is stale because it has been open 45 days with no activity. Remove stale label or comment or this will be closed in 10 days.'
.github/workflows/test.yaml
+8 -8
View File
@@ -18,10 +18,10 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: Install go
uses: actions/setup-go@v5
uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Cache go dependencies
id: cache-go-dependencies
uses: actions/cache@v4
@@ -57,10 +57,10 @@ jobs:
runs-on: oracle-vm-16cpu-64gb-x86-64
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Cache go dependencies
id: cache-go-dependencies
uses: actions/cache@v4
@@ -96,10 +96,10 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Cache go dependencies
id: cache-go-dependencies
uses: actions/cache@v4
@@ -130,10 +130,10 @@ jobs:
needs: [test-run-minimal,test-run-extensions,test-run-devmode]
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: download all workflow coverage files
uses: actions/download-artifact@v5
- name: merge code coverage
.github/workflows/tls.yaml
+2 -2
View File
@@ -15,10 +15,10 @@ jobs:
name: TLS check
steps:
- uses: actions/checkout@v4
- uses: actions/setup-go@v5
- uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Install dependencies
run: |
cd $GITHUB_WORKSPACE
.github/workflows/verify-config.yaml
+2 -2
View File
@@ -21,10 +21,10 @@ jobs:
steps:
- uses: actions/checkout@v4
- name: Install go
uses: actions/setup-go@v5
uses: actions/setup-go@v6
with:
cache: false
go-version: 1.21.x
go-version: 1.24.x
- name: Cache go dependencies
id: cache-go-dependencies
uses: actions/cache@v4
.github/workflows/web-scan.yaml
+2 -2
View File
@@ -22,10 +22,10 @@ jobs:
flavor: [zot-linux-amd64-minimal, zot-linux-amd64]
steps:
- name: Install go
uses: actions/setup-go@v5
uses: actions/setup-go@v6
with:
cache: false
go-version: 1.23.x
go-version: 1.24.x
- name: Checkout
uses: actions/checkout@v4
- name: Build zot