diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 24954826..eccff2eb 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -32,7 +32,7 @@ jobs: strategy: fail-fast: false matrix: - language: [ 'javascript', 'ruby', 'csharp' ] + language: [ 'ruby' ] # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] # Use only 'java' to analyze code written in Java, Kotlin or both # Use only 'javascript' to analyze code written in JavaScript, TypeScript or both diff --git a/.github/workflows/updater.yml b/.github/workflows/updater.yml index 9b47dbc5..1196afb0 100644 --- a/.github/workflows/updater.yml +++ b/.github/workflows/updater.yml @@ -102,21 +102,7 @@ jobs: . - name: Log into registry - if: ${{ (github.ref == 'refs/heads/main') || (!startsWith(github.ref, 'refs/pull')) || startsWith(github.ref, 'refs/tags') }} run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login https://ghcr.io -u ${{ github.actor }} --password-stdin - - name: Push image (latest, ShortSha) - if: ${{ (github.ref == 'refs/heads/main') || startsWith(github.ref, 'refs/tags') }} - run: | - docker push "ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME:latest" - docker push "ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME:$GITVERSION_SHORTSHA" - - name: Push image (NuGetVersionV2) - if: ${{ !startsWith(github.ref, 'refs/pull') }} run: docker push "ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME:$GITVERSION_NUGETVERSIONV2" - - - name: Push image (major, minor) - if: startsWith(github.ref, 'refs/tags') - run: | - docker push "ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME:$GITVERSION_MAJOR.$GITVERSION_MINOR" - docker push "ghcr.io/${{ github.repository_owner }}/$IMAGE_NAME:$GITVERSION_MAJOR" diff --git a/updater/Gemfile b/updater/Gemfile index 8d297883..7f9b588f 100644 --- a/updater/Gemfile +++ b/updater/Gemfile @@ -8,10 +8,10 @@ source "https://rubygems.org" # They are so many, our reference won't be found for it to be updated. # Hence adding the branch. -gem "dependabot-omnibus", "~>0.240.0" +# gem "dependabot-omnibus", "~>0.240.0" # gem "dependabot-omnibus", github: "dependabot/dependabot-core", branch: "main" # gem "dependabot-omnibus", github: "dependabot/dependabot-core", tag: "v0.232.0" -# gem "dependabot-omnibus", github: "dependabot/dependabot-core", ref: "ffde6f6" +gem "dependabot-omnibus", github: "dependabot/dependabot-core", ref: "9eee7bf" gem "http", "~> 5.1" gem "octokit", "6.1.1" diff --git a/updater/Gemfile.lock b/updater/Gemfile.lock index b15800f0..cc246da6 100644 --- a/updater/Gemfile.lock +++ b/updater/Gemfile.lock @@ -1,3 +1,86 @@ +GIT + remote: https://github.com/dependabot/dependabot-core.git + revision: 9eee7bf62ae6c91e659bdea4c40a3548db070ed7 + ref: 9eee7bf + specs: + dependabot-bundler (0.242.1) + dependabot-common (= 0.242.1) + dependabot-cargo (0.242.1) + dependabot-common (= 0.242.1) + dependabot-common (0.242.1) + aws-sdk-codecommit (~> 1.28) + aws-sdk-ecr (~> 1.5) + bundler (>= 1.16, < 3.0.0) + commonmarker (>= 0.20.1, < 0.24.0) + docker_registry2 (~> 1.18.0) + excon (~> 0.109) + faraday (= 2.7.11) + faraday-retry (= 2.2.0) + gitlab (= 4.19.0) + json (< 2.7) + nokogiri (~> 1.8) + octokit (>= 4.6, < 7.0) + opentelemetry-sdk (~> 1.3) + parser (>= 2.5, < 4.0) + psych (~> 5.0) + sorbet-runtime (~> 0.5.11178) + toml-rb (>= 1.1.2, < 3.0) + dependabot-composer (0.242.1) + dependabot-common (= 0.242.1) + dependabot-devcontainers (0.242.1) + dependabot-common (= 0.242.1) + dependabot-docker (0.242.1) + dependabot-common (= 0.242.1) + dependabot-elm (0.242.1) + dependabot-common (= 0.242.1) + dependabot-git_submodules (0.242.1) + dependabot-common (= 0.242.1) + parseconfig (~> 1.0, < 1.1.0) + dependabot-github_actions (0.242.1) + dependabot-common (= 0.242.1) + dependabot-go_modules (0.242.1) + dependabot-common (= 0.242.1) + dependabot-gradle (0.242.1) + dependabot-common (= 0.242.1) + dependabot-maven (= 0.242.1) + dependabot-hex (0.242.1) + dependabot-common (= 0.242.1) + dependabot-maven (0.242.1) + dependabot-common (= 0.242.1) + dependabot-npm_and_yarn (0.242.1) + dependabot-common (= 0.242.1) + dependabot-nuget (0.242.1) + dependabot-common (= 0.242.1) + rubyzip (>= 2.3.2, < 3.0) + dependabot-omnibus (0.242.1) + dependabot-bundler (= 0.242.1) + dependabot-cargo (= 0.242.1) + dependabot-common (= 0.242.1) + dependabot-composer (= 0.242.1) + dependabot-devcontainers (= 0.242.1) + dependabot-docker (= 0.242.1) + dependabot-elm (= 0.242.1) + dependabot-git_submodules (= 0.242.1) + dependabot-github_actions (= 0.242.1) + dependabot-go_modules (= 0.242.1) + dependabot-gradle (= 0.242.1) + dependabot-hex (= 0.242.1) + dependabot-maven (= 0.242.1) + dependabot-npm_and_yarn (= 0.242.1) + dependabot-nuget (= 0.242.1) + dependabot-pub (= 0.242.1) + dependabot-python (= 0.242.1) + dependabot-swift (= 0.242.1) + dependabot-terraform (= 0.242.1) + dependabot-pub (0.242.1) + dependabot-common (= 0.242.1) + dependabot-python (0.242.1) + dependabot-common (= 0.242.1) + dependabot-swift (0.242.1) + dependabot-common (= 0.242.1) + dependabot-terraform (0.242.1) + dependabot-common (= 0.242.1) + GEM remote: https://rubygems.org/ specs: @@ -5,11 +88,11 @@ GEM public_suffix (>= 2.0.2, < 6.0) ast (2.4.2) aws-eventstream (1.3.0) - aws-partitions (1.880.0) + aws-partitions (1.883.0) aws-sdk-codecommit (1.63.0) aws-sdk-core (~> 3, >= 3.188.0) aws-sigv4 (~> 1.1) - aws-sdk-core (3.190.2) + aws-sdk-core (3.190.3) aws-eventstream (~> 1, >= 1.3.0) aws-partitions (~> 1, >= 1.651.0) aws-sigv4 (~> 1.8) @@ -24,85 +107,11 @@ GEM commonmarker (0.23.10) crack (0.4.5) rexml - dependabot-bundler (0.240.0) - dependabot-common (= 0.240.0) - dependabot-cargo (0.240.0) - dependabot-common (= 0.240.0) - dependabot-common (0.240.0) - aws-sdk-codecommit (~> 1.28) - aws-sdk-ecr (~> 1.5) - bundler (>= 1.16, < 3.0.0) - commonmarker (>= 0.20.1, < 0.24.0) - docker_registry2 (~> 1.18.0) - excon (~> 0.96, < 0.105) - faraday (= 2.7.11) - faraday-retry (= 2.2.0) - gitlab (= 4.19.0) - json (< 2.7) - nokogiri (~> 1.8) - octokit (>= 4.6, < 7.0) - opentelemetry-sdk (~> 1.3) - parser (>= 2.5, < 4.0) - psych (~> 5.0) - sorbet-runtime (~> 0.5.11178) - toml-rb (>= 1.1.2, < 3.0) - dependabot-composer (0.240.0) - dependabot-common (= 0.240.0) - dependabot-docker (0.240.0) - dependabot-common (= 0.240.0) - dependabot-elm (0.240.0) - dependabot-common (= 0.240.0) - dependabot-git_submodules (0.240.0) - dependabot-common (= 0.240.0) - parseconfig (~> 1.0, < 1.1.0) - dependabot-github_actions (0.240.0) - dependabot-common (= 0.240.0) - dependabot-go_modules (0.240.0) - dependabot-common (= 0.240.0) - dependabot-gradle (0.240.0) - dependabot-common (= 0.240.0) - dependabot-maven (= 0.240.0) - dependabot-hex (0.240.0) - dependabot-common (= 0.240.0) - dependabot-maven (0.240.0) - dependabot-common (= 0.240.0) - dependabot-npm_and_yarn (0.240.0) - dependabot-common (= 0.240.0) - dependabot-nuget (0.240.0) - dependabot-common (= 0.240.0) - rubyzip (>= 2.3.2, < 3.0) - dependabot-omnibus (0.240.0) - dependabot-bundler (= 0.240.0) - dependabot-cargo (= 0.240.0) - dependabot-common (= 0.240.0) - dependabot-composer (= 0.240.0) - dependabot-docker (= 0.240.0) - dependabot-elm (= 0.240.0) - dependabot-git_submodules (= 0.240.0) - dependabot-github_actions (= 0.240.0) - dependabot-go_modules (= 0.240.0) - dependabot-gradle (= 0.240.0) - dependabot-hex (= 0.240.0) - dependabot-maven (= 0.240.0) - dependabot-npm_and_yarn (= 0.240.0) - dependabot-nuget (= 0.240.0) - dependabot-pub (= 0.240.0) - dependabot-python (= 0.240.0) - dependabot-swift (= 0.240.0) - dependabot-terraform (= 0.240.0) - dependabot-pub (0.240.0) - dependabot-common (= 0.240.0) - dependabot-python (0.240.0) - dependabot-common (= 0.240.0) - dependabot-swift (0.240.0) - dependabot-common (= 0.240.0) - dependabot-terraform (0.240.0) - dependabot-common (= 0.240.0) diff-lcs (1.5.0) docker_registry2 (1.18.0) rest-client (>= 1.8.0) domain_name (0.6.20240107) - excon (0.104.0) + excon (0.109.0) faraday (2.7.11) base64 faraday-net_http (>= 2.0, < 3.1) @@ -156,7 +165,7 @@ GEM opentelemetry-api (~> 1.0) opentelemetry-registry (0.3.0) opentelemetry-api (~> 1.1) - opentelemetry-sdk (1.3.1) + opentelemetry-sdk (1.3.2) opentelemetry-api (~> 1.1) opentelemetry-common (~> 0.20) opentelemetry-registry (~> 0.2) @@ -218,7 +227,7 @@ GEM faraday (>= 0.17.3, < 3) sentry-raven (3.1.2) faraday (>= 1.0) - sorbet-runtime (0.5.11193) + sorbet-runtime (0.5.11216) stringio (3.1.0) terminal-table (3.0.2) unicode-display_width (>= 1.1.1, < 3) @@ -234,10 +243,11 @@ GEM PLATFORMS aarch64-linux arm64-darwin-22 + arm64-darwin-23 x86_64-linux DEPENDENCIES - dependabot-omnibus (~> 0.240.0) + dependabot-omnibus! http (~> 5.1) octokit (= 6.1.1) rspec