mirror of
https://github.com/zebrajr/tensorflow.git
synced 2025-12-06 12:20:11 +01:00
Bump the github-actions group with 6 updates
Bumps the github-actions group with 6 updates: | Package | From | To | | --- | --- | --- | | [google/osv-scanner-action](https://github.com/google/osv-scanner-action) | `1.8.2` | `1.8.4` | | [actions/setup-python](https://github.com/actions/setup-python) | `5.1.1` | `5.2.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.4` | `4.4.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.25.15` | `3.26.6` | | [docker/login-action](https://github.com/docker/login-action) | `3.2.0` | `3.3.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.5.0` | `6.7.0` | Updates `google/osv-scanner-action` from 1.8.2 to 1.8.4 - [Release notes](https://github.com/google/osv-scanner-action/releases) - [Commits](https://github.com/google/osv-scanner-action/compare/v1.8.2...v1.8.4) Updates `actions/setup-python` from 5.1.1 to 5.2.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](39cd14951b...f677139bbe) Updates `actions/upload-artifact` from 4.3.4 to 4.4.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](0b2256b8c0...50769540e7) Updates `github/codeql-action` from 3.25.15 to 3.26.6 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](afb54ba388...4dd16135b6) Updates `docker/login-action` from 3.2.0 to 3.3.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v3.2.0...9780b0c442fbb1117ed29e0efdff1e18412f7567) Updates `docker/build-push-action` from 6.5.0 to 6.7.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](5176d81f87...5cd11c3a4c) --- updated-dependencies: - dependency-name: google/osv-scanner-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
This commit is contained in:
dependabot[bot]
GitHub
parent
a2b5fefd91
commit
f43de6599e
2
.github/workflows/osv-scanner-scheduled.yml
vendored
2
.github/workflows/osv-scanner-scheduled.yml
vendored
|
|
@ -28,7 +28,7 @@ permissions:
|
|||
jobs:
|
||||
scan-scheduled:
|
||||
if: github.repository == 'tensorflow/tensorflow'
|
||||
uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v1.8.2"
|
||||
uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v1.8.4"
|
||||
with:
|
||||
scan-args: |-
|
||||
--lockfile=requirements.txt:./requirements_lock_3_9.txt
|
||||
|
|
|
|||
2
.github/workflows/pylint-presubmit.yml
vendored
2
.github/workflows/pylint-presubmit.yml
vendored
|
|
@ -38,7 +38,7 @@ jobs:
|
|||
run: |
|
||||
echo Changed files: ${{ steps.get_file_changes.outputs.files }}
|
||||
- name: Set up Python 3.9
|
||||
uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
|
||||
uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
|
||||
with:
|
||||
python-version: "3.9"
|
||||
- name: Install Python dependencies
|
||||
|
|
|
|||
4
.github/workflows/scorecards-analysis.yml
vendored
4
.github/workflows/scorecards-analysis.yml
vendored
|
|
@ -55,7 +55,7 @@ jobs:
|
|||
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
|
||||
# format to the repository Actions tab.
|
||||
- name: "Upload artifact"
|
||||
uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
|
||||
uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
|
||||
with:
|
||||
name: SARIF file
|
||||
path: results.sarif
|
||||
|
|
@ -64,6 +64,6 @@ jobs:
|
|||
# Upload the results to GitHub's code scanning dashboard (optional).
|
||||
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
|
||||
- name: "Upload to code-scanning"
|
||||
uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
|
||||
uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
|
||||
with:
|
||||
sarif_file: results.sarif
|
||||
|
|
|
|||
2
.github/workflows/sigbuild-docker-branch.yml
vendored
2
.github/workflows/sigbuild-docker-branch.yml
vendored
|
|
@ -67,7 +67,7 @@ jobs:
|
|||
-
|
||||
name: Build and push
|
||||
id: docker_build
|
||||
uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0
|
||||
uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
|
||||
with:
|
||||
push: true
|
||||
context: ./tensorflow/tools/tf_sig_build_dockerfiles
|
||||
|
|
|
|||
|
|
@ -60,7 +60,7 @@ jobs:
|
|||
name: Login to AR
|
||||
# Once this is verified, change the label's name. For now, we will piggyback on gcr.io actions.
|
||||
if: contains(github.event.pull_request.labels.*.name, 'build and push to gcr.io for staging')
|
||||
uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
|
||||
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
|
||||
with:
|
||||
registry: us-central1-docker.pkg.dev
|
||||
username: _json_key
|
||||
|
|
@ -73,7 +73,7 @@ jobs:
|
|||
-
|
||||
name: Build containers, and push to GCR only if the 'build and push to gcr.io for staging' label is applied
|
||||
id: docker_build
|
||||
uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0
|
||||
uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
|
||||
with:
|
||||
push: ${{ contains(github.event.pull_request.labels.*.name, 'build and push to gcr.io for staging') }}
|
||||
context: ./tensorflow/tools/tf_sig_build_dockerfiles
|
||||
|
|
|
|||
2
.github/workflows/sigbuild-docker.yml
vendored
2
.github/workflows/sigbuild-docker.yml
vendored
|
|
@ -82,7 +82,7 @@ jobs:
|
|||
-
|
||||
name: Build and push
|
||||
id: docker_build
|
||||
uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0
|
||||
uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
|
||||
with:
|
||||
push: true
|
||||
context: ./tensorflow/tools/tf_sig_build_dockerfiles
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user