From f4a04631cd079ff141176f3c4d523198f151eb9e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 1 Aug 2024 13:51:41 +0000 Subject: [PATCH] ICU-22722 Bump the github-actions group across 1 directory with 4 updates See #3075 --- .github/workflows/cifuzz.yml | 4 ++-- .github/workflows/icu_merge_ci.yml | 8 ++++---- .github/workflows/scorecard.yml | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml index d4e6b5d6a4cc..bedc6b22a4f6 100644 --- a/.github/workflows/cifuzz.yml +++ b/.github/workflows/cifuzz.yml @@ -38,14 +38,14 @@ jobs: output-sarif: true sanitizer: ${{ matrix.sanitizer }} - name: Upload Crash - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 if: failure() && steps.build.outcome == 'success' with: name: ${{ matrix.sanitizer }}-artifacts path: ./out/artifacts - name: Upload Sarif if: always() && steps.build.outcome == 'success' - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@v3 with: # Path to SARIF file relative to the root of the repository sarif_file: cifuzz-sarif/results.sarif diff --git a/.github/workflows/icu_merge_ci.yml b/.github/workflows/icu_merge_ci.yml index 23b2d5315bce..a7090564c0c9 100644 --- a/.github/workflows/icu_merge_ci.yml +++ b/.github/workflows/icu_merge_ci.yml @@ -109,7 +109,7 @@ jobs: cd lib; cp -Ps ../tools/ctestfw/libicutest* . - name: Upload ICU libraries - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 with: name: icu-perf-libs path: icu4c/source/lib @@ -144,7 +144,7 @@ jobs: - name: Create directory for lib files run: mkdir icu4c/source/perflib - name: Get ICU libs - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: icu-perf-libs path: icu4c/source/lib @@ -218,7 +218,7 @@ jobs: - name: Create directory for lib files run: mkdir icu4c/source/perflib - name: Get ICU libs - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: icu-perf-libs path: icu4c/source/lib @@ -283,7 +283,7 @@ jobs: - name: Create directory for lib files run: mkdir icu4c/source/perflib - name: Get ICU libs - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: icu-perf-libs path: icu4c/source/lib diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 3eed9497fd41..6f669feae9a8 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -34,7 +34,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3 + uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 with: results_file: results.sarif results_format: sarif @@ -51,7 +51,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 with: name: SARIF file path: results.sarif @@ -59,6 +59,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@3e0e84636c6f5df46a2cb232ae1dd1384713150d # v2.25.15 with: sarif_file: results.sarif