From 403fd4eb6127b1f231d4229523c49b59a84a82c9 Mon Sep 17 00:00:00 2001 From: Ramkumar Chinchani <45800463+rchincha@users.noreply.github.com> Date: Wed, 30 Oct 2024 04:09:36 -0700 Subject: [PATCH] chore: fix dependabot alerts (#2750) --- .github/workflows/benchmark.yaml | 2 +- .github/workflows/cluster.yaml | 2 +- .github/workflows/codeql-analysis.yml | 6 +++--- .github/workflows/publish.yaml | 4 ++-- .github/workflows/scorecards.yaml | 2 +- go.mod | 2 +- go.sum | 4 ++-- 7 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/benchmark.yaml b/.github/workflows/benchmark.yaml index 5ebb16b9..a8cf2556 100644 --- a/.github/workflows/benchmark.yaml +++ b/.github/workflows/benchmark.yaml @@ -30,7 +30,7 @@ jobs: key: ${{ runner.os }}-gen1-benchmark # Run `github-action-benchmark` action - name: Store benchmark result - uses: benchmark-action/github-action-benchmark@v1.20.3 + uses: benchmark-action/github-action-benchmark@v1.20.4 with: # What benchmark tool the output.txt came from tool: 'customBiggerIsBetter' diff --git a/.github/workflows/cluster.yaml b/.github/workflows/cluster.yaml index d0ef442f..5e1bca20 100644 --- a/.github/workflows/cluster.yaml +++ b/.github/workflows/cluster.yaml @@ -185,7 +185,7 @@ jobs: key: ${{ runner.os }}-gen1-benchmark-stateless-cluster # Run `github-action-benchmark` action - name: Store benchmark result - uses: benchmark-action/github-action-benchmark@v1.20.3 + uses: benchmark-action/github-action-benchmark@v1.20.4 with: # What benchmark tool the output.txt came from tool: 'customBiggerIsBetter' diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 65c1ad64..5a537a71 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -53,7 +53,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v3.26.13 + uses: github/codeql-action/init@v3.27.0 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -64,7 +64,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v3.26.13 + uses: github/codeql-action/autobuild@v3.27.0 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -77,4 +77,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3.26.13 + uses: github/codeql-action/analyze@v3.27.0 diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 002e087a..584acc9a 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -237,7 +237,7 @@ jobs: TRIVY_USERNAME: ${{ github.actor }} TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v3.26.13 + uses: github/codeql-action/upload-sarif@v3.27.0 with: sarif_file: 'trivy-results.sarif' @@ -274,7 +274,7 @@ jobs: TRIVY_USERNAME: ${{ github.actor }} TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }} - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v3.26.13 + uses: github/codeql-action/upload-sarif@v3.27.0 with: sarif_file: 'trivy-results.sarif' diff --git a/.github/workflows/scorecards.yaml b/.github/workflows/scorecards.yaml index ec9dc72e..9430b090 100644 --- a/.github/workflows/scorecards.yaml +++ b/.github/workflows/scorecards.yaml @@ -57,6 +57,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@v3.26.13 + uses: github/codeql-action/upload-sarif@v3.27.0 with: sarif_file: results.sarif diff --git a/go.mod b/go.mod index 9af27771..5602413f 100644 --- a/go.mod +++ b/go.mod @@ -58,7 +58,7 @@ require ( github.com/swaggo/http-swagger v1.3.4 github.com/swaggo/swag v1.16.4 github.com/vektah/gqlparser/v2 v2.5.18 - github.com/zitadel/oidc/v3 v3.30.1 + github.com/zitadel/oidc/v3 v3.31.0 go.etcd.io/bbolt v1.3.11 golang.org/x/crypto v0.28.0 golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 diff --git a/go.sum b/go.sum index 6729a40d..6e57c10a 100644 --- a/go.sum +++ b/go.sum @@ -1568,8 +1568,8 @@ github.com/zeebo/errs v1.3.0 h1:hmiaKqgYZzcVgRL1Vkc1Mn2914BbzB0IBxs+ebeutGs= github.com/zeebo/errs v1.3.0/go.mod h1:sgbWHsvVuTPHcqJJGQ1WhI5KbWlHYz+2+2C/LSEtCw4= github.com/zitadel/logging v0.6.1 h1:Vyzk1rl9Kq9RCevcpX6ujUaTYFX43aa4LkvV1TvUk+Y= github.com/zitadel/logging v0.6.1/go.mod h1:Y4CyAXHpl3Mig6JOszcV5Rqqsojj+3n7y2F591Mp/ow= -github.com/zitadel/oidc/v3 v3.30.1 h1:CCi9qDjleuRYbECfUoVKrrN97KdheNCHAs33X8XnIRg= -github.com/zitadel/oidc/v3 v3.30.1/go.mod h1:N5p02vx+mLUwf+WFNpDsNp+8DS8+jlgFBwpz7NIQjrg= +github.com/zitadel/oidc/v3 v3.31.0 h1:XQcTVHTYpSkNxjGccEb6pRfrGJdUhkTgXOIzSqRXdo0= +github.com/zitadel/oidc/v3 v3.31.0/go.mod h1:DyE/XClysRK/ozFaZSqlYamKVnTh4l6Ln25ihSNI03w= github.com/zitadel/schema v1.3.0 h1:kQ9W9tvIwZICCKWcMvCEweXET1OcOyGEuFbHs4o5kg0= github.com/zitadel/schema v1.3.0/go.mod h1:NptN6mkBDFvERUCvZHlvWmmME+gmZ44xzwRXwhzsbtc= go.etcd.io/bbolt v1.3.11 h1:yGEzV1wPz2yVCLsD8ZAiGHhHVlczyC9d1rP43/VCRJ0=