From 27580ef8ded5e1eccf932b2f67f30600d5c96fd3 Mon Sep 17 00:00:00 2001 From: Zongle Wang Date: Tue, 12 Nov 2024 22:35:19 -0500 Subject: [PATCH 1/4] Configure dependabot to check github-actions updates (#3333) * Configure dependabot to check github-actions updates Some actions based on Node 16 are deprecated. See https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20. * Under /.github https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot#example-dependabotyml-file-for-github-actions * Try /.github/workflows * Update .github/dependabot.yml Co-authored-by: Zongle Wang --------- Co-authored-by: Tingluo Huang --- .github/dependabot.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 6c718529ced..685264a75d2 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -5,6 +5,11 @@ updates: schedule: interval: "daily" target-branch: "main" +- package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" + target-branch: "main" - package-ecosystem: "nuget" directory: "/src" schedule: From 4700649bb51c642bb2a34170d6a0cc0237839e02 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Nov 2024 23:01:57 -0500 Subject: [PATCH 2/4] Bump actions/checkout from 3 to 4 (#3556) Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/dotnet-upgrade.yml | 4 ++-- .github/workflows/publish-image.yml | 2 +- .github/workflows/release.yml | 8 ++++---- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c041cf336a7..c1d350b8988 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -50,7 +50,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 # Build runner layout - name: Build & Layout Release diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 5b6e0523689..2f0d03dc7f7 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/dotnet-upgrade.yml b/.github/workflows/dotnet-upgrade.yml index 63f50424a1c..12dc8be0246 100644 --- a/.github/workflows/dotnet-upgrade.yml +++ b/.github/workflows/dotnet-upgrade.yml @@ -15,7 +15,7 @@ jobs: DOTNET_CURRENT_MAJOR_MINOR_VERSION: ${{ steps.fetch_current_version.outputs.DOTNET_CURRENT_MAJOR_MINOR_VERSION }} steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Get current major minor version id: fetch_current_version shell: bash @@ -89,7 +89,7 @@ jobs: if: ${{ needs.dotnet-update.outputs.SHOULD_UPDATE == 1 && needs.dotnet-update.outputs.BRANCH_EXISTS == 0 }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: ref: feature/dotnetsdk-upgrade/${{ needs.dotnet-update.outputs.DOTNET_LATEST_MAJOR_MINOR_PATCH_VERSION }} - name: Create Pull Request diff --git a/.github/workflows/publish-image.yml b/.github/workflows/publish-image.yml index 2932a268663..cadee26d266 100644 --- a/.github/workflows/publish-image.yml +++ b/.github/workflows/publish-image.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Compute image version id: image diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f4571b6cb8f..d7342ccba69 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,7 +11,7 @@ jobs: if: startsWith(github.ref, 'refs/heads/releases/') || github.ref == 'refs/heads/main' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 # Make sure ./releaseVersion match ./src/runnerversion # Query GitHub release ensure version is not used @@ -87,7 +87,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 # Build runner layout - name: Build & Layout Release @@ -130,7 +130,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 # Download runner package tar.gz/zip produced by 'build' job - name: Download Artifact (win-x64) @@ -296,7 +296,7 @@ jobs: IMAGE_NAME: ${{ github.repository_owner }}/actions-runner steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Compute image version id: image From 79ceac75340c8615e35735803b66290e626222d4 Mon Sep 17 00:00:00 2001 From: Zongle Wang Date: Tue, 12 Nov 2024 22:35:19 -0500 Subject: [PATCH 3/4] Configure dependabot to check github-actions updates (#3333) * Configure dependabot to check github-actions updates Some actions based on Node 16 are deprecated. See https://github.blog/changelog/2023-09-22-github-actions-transitioning-from-node-16-to-node-20. * Under /.github https://docs.github.com/en/code-security/dependabot/working-with-dependabot/keeping-your-actions-up-to-date-with-dependabot#example-dependabotyml-file-for-github-actions * Try /.github/workflows * Update .github/dependabot.yml Co-authored-by: Zongle Wang --------- Co-authored-by: Tingluo Huang --- .github/dependabot.yml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 43ffc172d7f..74a5a0dafe0 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -10,6 +10,11 @@ updates: schedule: interval: "daily" target-branch: "main" +- package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "daily" + target-branch: "main" - package-ecosystem: "nuget" directory: "/src" schedule: From 52224f9f514030947f4e6f19cdfea6f9d4f90c1c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 Nov 2024 23:01:57 -0500 Subject: [PATCH 4/4] Bump actions/checkout from 3 to 4 (#3556) Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/build.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/dotnet-upgrade.yml | 4 ++-- .github/workflows/publish-image.yml | 2 +- .github/workflows/release.yml | 8 ++++---- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 297c429e91f..57e92fc3999 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -50,7 +50,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 # Build runner layout - name: Build & Layout Release diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 5b6e0523689..2f0d03dc7f7 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/dotnet-upgrade.yml b/.github/workflows/dotnet-upgrade.yml index 63f50424a1c..12dc8be0246 100644 --- a/.github/workflows/dotnet-upgrade.yml +++ b/.github/workflows/dotnet-upgrade.yml @@ -15,7 +15,7 @@ jobs: DOTNET_CURRENT_MAJOR_MINOR_VERSION: ${{ steps.fetch_current_version.outputs.DOTNET_CURRENT_MAJOR_MINOR_VERSION }} steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Get current major minor version id: fetch_current_version shell: bash @@ -89,7 +89,7 @@ jobs: if: ${{ needs.dotnet-update.outputs.SHOULD_UPDATE == 1 && needs.dotnet-update.outputs.BRANCH_EXISTS == 0 }} runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: ref: feature/dotnetsdk-upgrade/${{ needs.dotnet-update.outputs.DOTNET_LATEST_MAJOR_MINOR_PATCH_VERSION }} - name: Create Pull Request diff --git a/.github/workflows/publish-image.yml b/.github/workflows/publish-image.yml index 648363099a8..7b7c34ca8c4 100644 --- a/.github/workflows/publish-image.yml +++ b/.github/workflows/publish-image.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Compute image version id: image diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index f4571b6cb8f..d7342ccba69 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -11,7 +11,7 @@ jobs: if: startsWith(github.ref, 'refs/heads/releases/') || github.ref == 'refs/heads/main' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 # Make sure ./releaseVersion match ./src/runnerversion # Query GitHub release ensure version is not used @@ -87,7 +87,7 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 # Build runner layout - name: Build & Layout Release @@ -130,7 +130,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 # Download runner package tar.gz/zip produced by 'build' job - name: Download Artifact (win-x64) @@ -296,7 +296,7 @@ jobs: IMAGE_NAME: ${{ github.repository_owner }}/actions-runner steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Compute image version id: image