From 11d8f088406b485108ad54aa134aa7808a416afe Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 May 2024 17:29:38 +0000 Subject: [PATCH 1/2] build(deps): bump github.com/rs/zerolog from 1.32.0 to 1.33.0 Bumps [github.com/rs/zerolog](https://github.com/rs/zerolog) from 1.32.0 to 1.33.0. - [Commits](https://github.com/rs/zerolog/compare/v1.32.0...v1.33.0) --- updated-dependencies: - dependency-name: github.com/rs/zerolog dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index ae8094671..9c4b87c26 100644 --- a/go.mod +++ b/go.mod @@ -16,7 +16,7 @@ require ( github.com/magefile/mage v1.15.0 github.com/pelletier/go-toml/v2 v2.2.2 github.com/robfig/cron/v3 v3.0.1 - github.com/rs/zerolog v1.32.0 + github.com/rs/zerolog v1.33.0 github.com/shirou/gopsutil/v3 v3.24.4 github.com/sourcegraph/conc v0.3.0 github.com/stretchr/testify v1.9.0 diff --git a/go.sum b/go.sum index 7a4eec7ac..1bda0a251 100644 --- a/go.sum +++ b/go.sum @@ -340,8 +340,8 @@ github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/f github.com/rogpeppe/go-internal v1.12.0 h1:exVL4IDcn6na9z1rAb56Vxr+CgyK3nn3O+epU5NdKM8= github.com/rogpeppe/go-internal v1.12.0/go.mod h1:E+RYuTGaKKdloAfM02xzb0FW3Paa99yedzYV+kq4uf4= github.com/rs/xid v1.5.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg= -github.com/rs/zerolog v1.32.0 h1:keLypqrlIjaFsbmJOBdB/qvyF8KEtCWHwobLp5l/mQ0= -github.com/rs/zerolog v1.32.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss= +github.com/rs/zerolog v1.33.0 h1:1cU2KZkvPxNyfgEmhHAz/1A9Bz+llsdYzklWFzgp0r8= +github.com/rs/zerolog v1.33.0/go.mod h1:/7mN4D5sKwJLZQ2b/znpjC3/GQWY/xaDXUM0kKWRHss= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts= github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc= From ca4b842d47960706393d95a595480bb4ba988378 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 28 May 2024 00:48:31 +0000 Subject: [PATCH 2/2] build(deps): bump step-security/harden-runner from 2.7.1 to 2.8.0 Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.7.1 to 2.8.0. - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/a4aa98b93cab29d9b1101a6143fb8bce00e2eac4...f086349bfa2bd1361f7909c78558e816508cdc10) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yml | 4 ++-- .github/workflows/codeql.yml | 2 +- .github/workflows/test.yml | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index bb8857c87..bf2b5d679 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -26,7 +26,7 @@ jobs: release_tag: ${{ steps.release_please.outputs.tag_name }} steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v1 + uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Run release please @@ -44,7 +44,7 @@ jobs: arch: [amd64,arm,arm64] steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v1 + uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Set app version for release diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 6cf221994..83043b883 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -32,7 +32,7 @@ jobs: build-mode: manual steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v1 + uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout repository diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 20a405527..de752ce75 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v1 + uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v1 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout @@ -52,7 +52,7 @@ jobs: permissions: pull-requests: read # Use with `only-new-issues` option. steps: - - uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1 + - uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10 # v2.8.0 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6