From 4d218014291a7fee8dff4930c4582c950ca686a1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Aug 2025 06:17:19 +0000 Subject: [PATCH] Bump the github-actions-dependency group across 1 directory with 4 updates Bumps the github-actions-dependency group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [actions/download-artifact](https://github.com/actions/download-artifact), [github/codeql-action](https://github.com/github/codeql-action) and [open-edge-platform/anomalib](https://github.com/open-edge-platform/anomalib). Updates `actions/checkout` from 4.2.2 to 5.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...08c6903cd8c0fde910a37f88322edcfb5dd907a8) Updates `actions/download-artifact` from 4 to 5 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v4...v5) Updates `github/codeql-action` from 3.29.2 to 3.29.8 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/181d5eefc20863364f96762470ba6f862bdef56b...76621b61decf072c1cee8dd1ce2d2a82d33c17ed) Updates `open-edge-platform/anomalib` from 90e1192dd7d420cb243a93ce17809e43f23fc36d to f6ec1c57363a9894ff57184a5bfb78efa8f3de1b - [Release notes](https://github.com/open-edge-platform/anomalib/releases) - [Changelog](https://github.com/open-edge-platform/anomalib/blob/main/CHANGELOG.md) - [Commits](https://github.com/open-edge-platform/anomalib/compare/90e1192dd7d420cb243a93ce17809e43f23fc36d...f6ec1c57363a9894ff57184a5bfb78efa8f3de1b) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-dependency - dependency-name: actions/download-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-dependency - dependency-name: github/codeql-action dependency-version: 3.29.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-dependency - dependency-name: open-edge-platform/anomalib dependency-version: f6ec1c57363a9894ff57184a5bfb78efa8f3de1b dependency-type: direct:production dependency-group: github-actions-dependency ... Signed-off-by: dependabot[bot] --- .github/workflows/build-and-test.yml | 12 ++++++------ .github/workflows/build-linux-bindings.yml | 2 +- .github/workflows/build-macos-bindings.yml | 2 +- .github/workflows/build-ui.yml | 2 +- .github/workflows/build-windows-bindings.yml | 2 +- .github/workflows/codeql.yml | 6 +++--- .github/workflows/lint.yaml | 2 +- .github/workflows/security-scan.yaml | 8 ++++---- 8 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/build-and-test.yml b/.github/workflows/build-and-test.yml index c285c9cb..f4b9f806 100644 --- a/.github/workflows/build-and-test.yml +++ b/.github/workflows/build-and-test.yml @@ -48,7 +48,7 @@ jobs: os: [linux, windows, macos] steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -59,12 +59,12 @@ jobs: echo "SANITIZED_FILENAME=OpenVINO-TestDrive-${SAFE_REF_NAME}-${{ matrix.os }}" >> $GITHUB_ENV - name: Download bindings build artifact - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v5 with: name: "${{ matrix.os }}_bindings.${{ matrix.os == 'windows' && 'tar' || 'tgz' }}" - name: Download flutter build artifact - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v5 with: name: "OpenVINO-TestDrive-no-bindings-${{ matrix.os }}" path: flutter @@ -95,7 +95,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -130,7 +130,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -138,7 +138,7 @@ jobs: run: sudo apt-get update && sudo apt-get install -y clang cmake ninja-build pkg-config libgtk-3-dev liblzma-dev libmpv-dev libglu1-mesa xvfb - name: Download OpenVINO bindings - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v5 with: name: "linux_bindings.tgz" diff --git a/.github/workflows/build-linux-bindings.yml b/.github/workflows/build-linux-bindings.yml index 7daa48fe..cef07b61 100644 --- a/.github/workflows/build-linux-bindings.yml +++ b/.github/workflows/build-linux-bindings.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/build-macos-bindings.yml b/.github/workflows/build-macos-bindings.yml index 951e3f67..9a6ff8a1 100644 --- a/.github/workflows/build-macos-bindings.yml +++ b/.github/workflows/build-macos-bindings.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/build-ui.yml b/.github/workflows/build-ui.yml index 67a8f2d0..34e8be6b 100644 --- a/.github/workflows/build-ui.yml +++ b/.github/workflows/build-ui.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/build-windows-bindings.yml b/.github/workflows/build-windows-bindings.yml index 6226e257..2d7c0406 100644 --- a/.github/workflows/build-windows-bindings.yml +++ b/.github/workflows/build-windows-bindings.yml @@ -14,7 +14,7 @@ jobs: steps: # Step 1: Checkout the repository - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index dcffb761..98111228 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -28,19 +28,19 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2 + uses: github/codeql-action/init@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3.29.8 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} queries: security-extended - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2 + uses: github/codeql-action/analyze@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3.29.8 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 65f72c14..96a2d927 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -18,7 +18,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/security-scan.yaml b/.github/workflows/security-scan.yaml index 8b74ee4c..fe1df8f1 100644 --- a/.github/workflows/security-scan.yaml +++ b/.github/workflows/security-scan.yaml @@ -18,11 +18,11 @@ jobs: security-events: write # Needed to upload the results to code-scanning dashboard steps: - name: Checkout code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Run Zizmor scan - uses: open-edge-platform/anomalib/.github/actions/security/zizmor@90e1192dd7d420cb243a93ce17809e43f23fc36d + uses: open-edge-platform/anomalib/.github/actions/security/zizmor@f6ec1c57363a9894ff57184a5bfb78efa8f3de1b with: scan-scope: "all" severity-level: "LOW" @@ -37,12 +37,12 @@ jobs: security-events: write # Needed to upload the results to code-scanning dashboard steps: - name: Checkout code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Run Trivy scan id: trivy - uses: open-edge-platform/anomalib/.github/actions/security/trivy@90e1192dd7d420cb243a93ce17809e43f23fc36d + uses: open-edge-platform/anomalib/.github/actions/security/trivy@f6ec1c57363a9894ff57184a5bfb78efa8f3de1b with: scan_type: "fs" scan-scope: all