Skip to content

Commit f28c208

Browse files
dependabot[bot]Google Java Core Libraries
dependabot[bot]
authored and
Google Java Core Libraries
committed
Bump the github-actions group with 3 updates
And fix the version comment on `upload-sarif`, which Dependabot missed updating in #7962 / #7968, apparently because of dependabot/dependabot-core#13197. Bumps the github-actions group with 3 updates: [gradle/actions](https://github.com/gradle/actions), [ossf/scorecard-action](https://github.com/ossf/scorecard-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `gradle/actions` from 4.4.2 to 5.0.0 - [Release notes](https://github.com/gradle/actions/releases) - [Commits](gradle/actions@017a9ef...4d9f0ba) Updates `ossf/scorecard-action` from 2.4.2 to 2.4.3 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@05b42c6...4eaacf0) Updates `github/codeql-action` from 3.30.0 to 3.30.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@2d92b76...3599b3b) Fixes #8038 RELNOTES=n/a PiperOrigin-RevId: 813762400
1 parent acf5bb5 commit f28c208

File tree

2 files changed

+3
-3
lines changed

2 files changed

+3
-3
lines changed

.github/workflows/ci.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -62,7 +62,7 @@ jobs:
6262
run: ./util/print_surefire_reports.sh
6363
- name: 'Set up Gradle'
6464
if: matrix.java == 11 # used only by the integration tests below
65-
uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2
65+
uses: gradle/actions/setup-gradle@4d9f0ba0025fe599b4ebab900eb7f3a1d93ef4c2 # v5.0.0
6666
- name: 'Integration Test'
6767
if: matrix.java == 11
6868
shell: bash

.github/workflows/scorecard.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ jobs:
3737
persist-credentials: false
3838

3939
- name: "Run analysis"
40-
uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2
40+
uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3
4141
with:
4242
results_file: results.sarif
4343
results_format: sarif
@@ -67,6 +67,6 @@ jobs:
6767

6868
# Upload the results to GitHub's code scanning dashboard.
6969
- name: "Upload to code-scanning"
70-
uses: github/codeql-action/upload-sarif@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3.29.5
70+
uses: github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5
7171
with:
7272
sarif_file: results.sarif

0 commit comments

Comments
 (0)