Skip to content

Update GitHub Actions #154

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
fjudith merged 1 commit into from
May 19, 2025
Merged

Update GitHub Actions #154

fjudith merged 1 commit into from
May 19, 2025

Conversation

@alithya-oss-backstage-ci
Copy link
Contributor

@alithya-oss-backstage-ci alithya-oss-backstage-ci bot commented May 10, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change
actions/cache action digest 1bd1e32 -> 5a3ec84
actions/create-github-app-token action digest 0d56448 -> d72941d
actions/setup-node action digest 1d0ff46 -> 49933ea
actions/upload-artifact action digest 65c4c4a -> ea165f8
backstage/changesets-action action patch v2.3.1 -> v2.3.2
github/codeql-action action digest 9e8d078 -> ff0a06e
github/codeql-action action patch v3.28.9 -> v3.28.18
ossf/scorecard-action action patch v2.4.0 -> v2.4.1
renovatebot/github-action action patch v41.0.13 -> v41.0.22
step-security/harden-runner action minor v2.11.0 -> v2.12.0

Release Notes

backstage/changesets-action (backstage/changesets-action)

v2.3.2

Compare Source

Patch Changes
github/codeql-action (github/codeql-action)

v3.28.18

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.18 - 16 May 2025
  • Update default CodeQL bundle version to 2.21.3. #​2893
  • Skip validating SARIF produced by CodeQL for improved performance. #​2894
  • The number of threads and amount of RAM used by CodeQL can now be set via the CODEQL_THREADS and CODEQL_RAM runner environment variables. If set, these environment variables override the threads and ram inputs respectively. #​2891

See the full CHANGELOG.md for more information.

v3.28.17

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.17 - 02 May 2025
  • Update default CodeQL bundle version to 2.21.2. #​2872

See the full CHANGELOG.md for more information.

v3.28.16

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.16 - 23 Apr 2025
  • Update default CodeQL bundle version to 2.21.1. #​2863

See the full CHANGELOG.md for more information.

v3.28.15

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.15 - 07 Apr 2025
  • Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #​2842

See the full CHANGELOG.md for more information.

v3.28.14

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.14 - 07 Apr 2025
  • Update default CodeQL bundle version to 2.21.0. #​2838

See the full CHANGELOG.md for more information.

v3.28.13

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.13 - 24 Mar 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.12

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.12 - 19 Mar 2025
  • Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
  • Update default CodeQL bundle version to 2.20.7. #​2810

See the full CHANGELOG.md for more information.

v3.28.11

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.11 - 07 Mar 2025
  • Update default CodeQL bundle version to 2.20.6. #​2793

See the full CHANGELOG.md for more information.

v3.28.10

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.10 - 21 Feb 2025
  • Update default CodeQL bundle version to 2.20.5. #​2772
  • Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #​2768

See the full CHANGELOG.md for more information.

ossf/scorecard-action (ossf/scorecard-action)

v2.4.1

Compare Source

What's Changed

Docs

New Contributors

renovatebot/github-action (renovatebot/github-action)

v41.0.22

Compare Source

Documentation
  • update references to ghcr.io/renovatebot/renovate to v39.261.4 (5526141)
  • update references to renovatebot/github-action to v41.0.21 (1e46a7d)
Miscellaneous Chores
  • deps: update dependency typescript-eslint to v8.30.0 (66dd8a5)
  • deps: update dependency typescript-eslint to v8.30.1 (6fb49f5)
  • deps: update linters to v9.25.0 (d010471)
  • deps: update node.js to v20.19.1 (badc3e1)
  • deps: update pnpm to v10.8.1 (b24ada0)
Build System
  • deps: lock file maintenance (0223cc4)
Continuous Integration
  • deps: update renovate docker tag to v39.253.0 (6679e4e)
  • deps: update renovate docker tag to v39.253.2 (071e449)
  • deps: update renovate docker tag to v39.253.4 (25ac773)
  • deps: update renovate docker tag to v39.253.5 (f48db0d)
  • deps: update renovate docker tag to v39.254.1 (d93cc05)
  • deps: update renovate docker tag to v39.254.2 (c4a43a6)
  • deps: update renovate docker tag to v39.254.3 (c8ea932)
  • deps: update renovate docker tag to v39.256.1 (f2eb480)
  • deps: update renovate docker tag to v39.257.1 (f3fb8c3)
  • deps: update renovate docker tag to v39.257.2 (2f43374)
  • deps: update renovate docker tag to v39.257.3 (b5d8e73)
  • deps: update renovate docker tag to v39.257.5 (a5a1463)
  • deps: update renovate docker tag to v39.257.8 (d447a00)
  • deps: update renovate docker tag to v39.258.0 (d21eea7)
  • deps: update renovate docker tag to v39.258.1 (6ec1a48)
  • deps: update renovate docker tag to v39.258.3 (9aea284)
  • deps: update renovate docker tag to v39.259.0 (282c11e)
  • deps: update renovate docker tag to v39.260.0 (c6da673)
  • deps: update renovate docker tag to v39.261.0 (0326f6f)
  • deps: update renovate docker tag to v39.261.4 (e1ec512)

v41.0.21

Compare Source

Documentation
  • update references to ghcr.io/renovatebot/renovate to v39.252.0 (fe2955a)
  • update references to renovatebot/github-action to v41.0.20 (89b3b61)
Miscellaneous Chores
  • deps: update actions/setup-node action to v4.4.0 (ac5bd2a)
  • deps: update dependency eslint-config-prettier to v10.1.2 (fa34e11)
  • deps: update dependency lint-staged to v15.5.1 (56e3aa6)
  • deps: update dependency typescript-eslint to v8.29.1 (c759b05)
  • deps: update pnpm to v10.8.0 (84ba316)
Build System
  • deps: lock file maintenance (74e3f00)
Continuous Integration
  • deps: update renovate docker tag to v39.241.1 (5bbb6b5)
  • deps: update renovate docker tag to v39.241.2 (21af2c0)
  • deps: update renovate docker tag to v39.242.0 (855234f)
  • deps: update renovate docker tag to v39.242.2 (69a56f0)
  • deps: update renovate docker tag to v39.243.0 (7997835)
  • deps: update renovate docker tag to v39.244.0 (a78adc1)
  • deps: update renovate docker tag to v39.245.0 (b5ae000)
  • deps: update renovate docker tag to v39.245.1 (bb396f2)
  • deps: update renovate docker tag to v39.245.2 (24a608e)
  • deps: update renovate docker tag to v39.245.3 (81225b8)
  • deps: update renovate docker tag to v39.246.0 (41f7342)
  • deps: update renovate docker tag to v39.248.0 (b1056a5)
  • deps: update renovate docker tag to v39.248.1 (513f7bf)
  • deps: update renovate docker tag to v39.248.2 (48c5879)
  • deps: update renovate docker tag to v39.248.3 (6a78942)
  • deps: update renovate docker tag to v39.250.0 (4a71d2f)
  • deps: update renovate docker tag to v39.250.2 (d0ca66d)
  • deps: update renovate docker tag to v39.250.3 (bbfbdcf)
  • deps: update renovate docker tag to v39.251.0 (a990447)
  • deps: update renovate docker tag to v39.251.2 (2812119)
  • deps: update renovate docker tag to v39.252.0 (5f8b8a7)

v41.0.20

Compare Source

Documentation
  • update references to ghcr.io/renovatebot/renovate to v39.240.1 (e1c431a)
  • update references to renovatebot/github-action to v41.0.19 (1207b8c)
Build System
  • deps: lock file maintenance (d904e5f)
Continuous Integration
  • deps: update renovate docker tag to v39.240.0 (40a6a27)
  • deps: update renovate docker tag to v39.240.1 (a6086b4)

v41.0.19

Compare Source

Documentation
  • update references to renovatebot/github-action to v41.0.18 (0eee01a)
Miscellaneous Chores
Build System
  • deps: update dependency typescript to v5.8.3 (e354eb9)
Continuous Integration
  • deps: update renovate docker tag to v39.222.3 (8241db2)
  • deps: update renovate docker tag to v39.222.4 (653bb91)
  • deps: update renovate docker tag to v39.223.0 (4ffff8f)
  • deps: update renovate docker tag to v39.227.1 (a9bd9ca)
  • deps: update renovate docker tag to v39.227.2 (98fa37b)
  • deps: update renovate docker tag to v39.238.0 (2f605bc)
  • deps: update renovate docker tag to v39.238.1 (788014e)
  • deps: update renovate docker tag to v39.238.2 (109aeac)

v41.0.18

Compare Source

Documentation
  • add github app account install step (#​922) (0ced26a)
  • update references to ghcr.io/renovatebot/renovate to v39.222.1 (25e0f9c)
  • update references to renovatebot/github-action to v41.0.17 (af57dd6)
Miscellaneous Chores
  • deps: update dependency @​types/node to v20.17.25 (b0922d9)
  • deps: update dependency typescript-eslint to v8.27.0 (4aabd2f)
  • deps: update linters to v9.23.0 (06e0506)
  • deps: update pnpm to v10.6.4 (3f80068)
  • deps: update pnpm to v10.6.5 (b0a0fd1)
Build System
  • deps: lock file maintenance (6250e41)
Continuous Integration
  • deps: update renovate docker tag to v39.212.2 (4efe6dc)
  • deps: update renovate docker tag to v39.213.0 (a480666)
  • deps: update renovate docker tag to v39.213.4 (254f31f)
  • deps: update renovate docker tag to v39.213.5 (2fd09d6)
  • deps: update renovate docker tag to v39.213.6 (9828b5c)
  • deps: update renovate docker tag to v39.214.0 (8672965)
  • deps: update renovate docker tag to v39.215.2 (dd5ec68)
  • deps: update renovate docker tag to v39.220.0 (78a91db)
  • deps: update renovate docker tag to v39.220.2 (eab1f45)
  • deps: update renovate docker tag to v39.220.3 (e3a0da8)
  • deps: update renovate docker tag to v39.220.4 (7e1c54e)
  • deps: update renovate docker tag to v39.220.6 (148060c)
  • deps: update renovate docker tag to v39.220.7 (edb66ff)
  • deps: update renovate docker tag to v39.221.0 (49fcdae)
  • deps: update renovate docker tag to v39.222.0 (0a3405a)
  • deps: update renovate docker tag to v39.222.1 (686118d)

v41.0.17

Compare Source

Documentation
  • update references to ghcr.io/renovatebot/renovate to v39.212.0 (5048e7e)
  • update references to renovatebot/github-action to v41.0.16 (dd4ff22)
Miscellaneous Chores
  • deps: update actions/cache action to v4.2.3 (e6e004f)
  • deps: update actions/setup-node action to v4.3.0 (b281145)
  • deps: update dependency esbuild to v0.25.1 (c73ae27)
  • deps: update dependency lint-staged to v15.5.0 (bec0276)
  • deps: update dependency typescript-eslint to v8.26.1 (9a724c3)
  • deps: update pnpm to v10.6.2 (39e87cb)
  • deps: update pnpm to v10.6.3 (b8e205e)
Build System
  • deps: lock file maintenance (d8fb9a0)
Continuous Integration
  • deps: update renovate docker tag to v39.206.0 (5fa0075)
  • deps: update renovate docker tag to v39.207.1 (57d45dc)
  • deps: update renovate docker tag to v39.207.2 (dc19c4c)
  • deps: update renovate docker tag to v39.211.2 (be6cc08)
  • deps: update renovate docker tag to v39.212.0 (d8ed84a)

v41.0.16

Compare Source

Documentation
  • update references to ghcr.io/renovatebot/renovate to v39.205.1 (3c6cbdd)
  • update references to renovatebot/github-action to v41.0.15 (8fe0b33)
Miscellaneous Chores
  • deps: update commitlint monorepo to v19.8.0 (a3fe721)
  • deps: update linters (396f1fe)
  • deps: update node.js to v20.19.0 (b07360d)
  • deps: update pnpm to v10.6.1 (a64f16a)
Build System
  • deps: lock file maintenance (1e746b3)
Continuous Integration
  • deps: update renovate docker tag to v39.205.0 (cb6e5dd)
  • deps: update renovate docker tag to v39.205.1 (1ac6c97)

v41.0.15

Compare Source

Miscellaneous Chores
  • deps: update actions/cache action to v4.2.2 (7a58c68)
  • deps: update dependency globals to v16 (#​913) (bf9cb67)
  • deps: update dependency typescript-eslint to v8.24.1 (c7e6881)
  • deps: update linters to v9.21.0 (a45cba2)
  • deps: update prettier packages (662cc4c)
Build System
  • deps: update dependency typescript to v5.8.2 (0e77c3e)
Continuous Integration
  • deps: update renovate docker tag to v39.179.0 (02e1045)
  • deps: update renovate docker tag to v39.179.1 (1fb769c)
  • deps: update renovate docker tag to v39.180.2 (f63f763)
  • deps: update renovate docker tag to v39.181.0 (08306b9)
  • deps: update renovate docker tag to v39.182.3 (edcae37)
  • deps: update renovate docker tag to v39.182.4 (11ae7a1)
  • deps: update renovate docker tag to v39.182.5 (735bb48)
  • deps: update renovate docker tag to v39.183.0 (f08a9de)
  • deps: update renovate docker tag to v39.184.0 (4542046)
  • deps: update renovate docker tag to v39.185.0 (527c18d)

v41.0.14

Compare Source

Documentation
  • update references to ghcr.io/renovatebot/renovate to v39.178.1 (17fa1e9)
  • update references to renovatebot/github-action to v41.0.13 (58aac03)
Miscellaneous Chores
  • deps: update actions/cache action to v4.2.1 (1ee5437)
  • deps: update dependency @​types/node to v20.17.17 (ea40c31)
  • deps: update dependency @​types/node to v20.17.18 (52ba51e)
  • deps: update dependency @​types/node to v20.17.19 (1388382)
  • deps: update dependency esbuild to v0.25.0 [security] (fb99143)
  • deps: update dependency eslint to v9.20.1 (65d13a9)
  • deps: update dependency eslint-config-prettier to v10 (#​908) (e34bd40)
  • deps: update dependency globals to v15.15.0 (6d88ab4)
  • deps: update dependency prettier to v3.5.1 (8759b41)
  • deps: update dependency semantic-release to v24.2.2 (99cd7eb)
  • deps: update dependency semantic-release to v24.2.3 (86e5553)
  • deps: update dependency typescript-eslint to v8.23.0 (5992837)
  • deps: update dependency typescript-eslint to v8.24.0 (04b9f02)
  • deps: update linters to v9.20.0 (35e307a)
  • deps: update node.js to v20.18.3 (6d1eb01)
  • deps: update pnpm to v10 (#​909) (991f371)
  • deps: update pnpm to v10.4.0 (2ac10bf)
  • deps: update pnpm to v10.4.1 (3eaac9b)
  • deps: update prettier packages (#​904) (273f85a)
Build System
  • deps: lock file maintenance (46379b2)
Continuous Integration
  • deps: update renovate docker tag to v39.165.0 (f50bca7)
  • deps: update renovate docker tag to v39.165.1 (2fe53fb)
  • deps: update renovate docker tag to v39.165.3 (1b71abb)
  • deps: update renovate docker tag to v39.166.0 (9e1233d)
  • deps: update renovate docker tag to v39.166.1 (3fe0378)
  • deps: update renovate docker tag to v39.167.0 (c695064)
  • deps: update renovate docker tag to v39.167.1 (7c05aaa)
  • deps: update renovate docker tag to v39.168.0 (b729cc5)
  • deps: update renovate docker tag to v39.169.0 (c51d997)
  • deps: update renovate docker tag to v39.169.1 (3d6cfdb)
  • deps: update renovate docker tag to v39.169.2 (9bdfb10)
  • deps: update renovate docker tag to v39.169.3 (73876d3)
  • deps: update renovate docker tag to v39.170.1 (8531df4)
  • deps: update renovate docker tag to v39.171.0 (2711691)
  • deps: update renovate docker tag to v39.173.1 (8210ab4)
  • deps: update renovate docker tag to v39.176.4 (48b26b5)
  • deps: update renovate docker tag to v39.177.1 (86ebd6a)
  • deps: update renovate docker tag to v39.178.1 (a057401)
step-security/harden-runner (step-security/harden-runner)

v2.12.0

Compare Source

What's Changed

  1. A new option, disable-sudo-and-containers, is now available to replace the disable-sudo policy, addressing Docker-based privilege escalation (CVE-2025-32955). More details can be found in this blog post.

  2. New detections have been added based on insights from the tj-actions and reviewdog actions incidents.

Full Changelog: step-security/harden-runner@v2...v2.12.0

v2.11.1

Compare Source

What's Changed

Full Changelog: step-security/harden-runner@v2...v2.11.1

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@alithya-oss-backstage-ci alithya-oss-backstage-ci bot requested a review from a team as a code owner May 10, 2025 04:13
@alithya-oss-backstage-ci alithya-oss-backstage-ci bot added the dependencies Pull requests that update a dependency file label May 10, 2025
@alithya-oss-backstage-ci alithya-oss-backstage-ci bot force-pushed the renovate/github-actions branch from 26737c0 to 0dacf4d Compare May 12, 2025 13:27
@alithya-oss-backstage-ci
Update GitHub Actions
96942b1 
Signed-off-by: Renovate Bot <[email protected]>
@alithya-oss-backstage-ci alithya-oss-backstage-ci bot force-pushed the renovate/github-actions branch from 0dacf4d to 96942b1 Compare May 16, 2025 11:11
@fjudith fjudith merged commit a13da9f into main May 19, 2025
6 of 7 checks passed
@alithya-oss-backstage-ci alithya-oss-backstage-ci bot deleted the renovate/github-actions branch May 19, 2025 06:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@fjudith