diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 9a9ab73..490ecb2 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -35,11 +35,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -50,7 +50,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -64,4 +64,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 4db9356..f9cfbfc 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -14,7 +14,7 @@ jobs: outputs: has-docker: ${{ steps.info.outputs.has-docker }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: '0' - uses: moul/repoman-action@v1 @@ -27,15 +27,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Build the container image - uses: docker/build-push-action@v3.1.0 + uses: docker/build-push-action@v5.1.0 with: repository: berty-discord-webhook - name: Push to GitHub Packages - uses: docker/build-push-action@v3.1.0 + uses: docker/build-push-action@v5.1.0 if: github.event_name == 'release' || github.event_name == 'push' with: username: ${{ github.actor }} @@ -66,7 +66,7 @@ jobs: if: | (github.event_name == 'release' || github.event_name == 'push') && contains(steps.check_dockerhub_credentials.outputs.missingsecrets, 'no') - uses: docker/build-push-action@v3.1.0 + uses: docker/build-push-action@v5.1.0 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index b784ddd..7b54d84 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -32,7 +32,7 @@ jobs: outputs: has-go-binary: ${{ steps.info.outputs.has-go-binary }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: fetch-depth: '0' - uses: moul/repoman-action@v1 @@ -47,19 +47,19 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Set up Go - uses: actions/setup-go@v3 + uses: actions/setup-go@v5 with: go-version: ${{ matrix.golang }} - name: Cache Go modules - uses: actions/cache@v3.0.7 + uses: actions/cache@v4.0.0 with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ matrix.golang }}-v1-${{ hashFiles('**/go.sum') }} restore-keys: ${{ runner.os }}-go-${{ matrix.golang }}-v1- - name: Run GoReleaser (Dry Run) - uses: goreleaser/goreleaser-action@v3.0.0 + uses: goreleaser/goreleaser-action@v5.0.0 with: version: latest args: release --rm-dist --snapshot --skip-publish @@ -71,9 +71,9 @@ jobs: matrix: golangci_lint: [v1.38] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: golangci-lint - uses: golangci/golangci-lint-action@v3.2.0 + uses: golangci/golangci-lint-action@v4.0.0 with: version: ${{ matrix.golangci_lint }} #github-token: ${{ secrets.GITHUB_TOKEN }} @@ -88,9 +88,9 @@ jobs: golang: - 1.18.x steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Install Go - uses: actions/setup-go@v3 + uses: actions/setup-go@v5 with: go-version: ${{ matrix.golang }} - name: Run tests on Windows @@ -107,12 +107,12 @@ jobs: OS: macos-latest GOLANG: ${{ matrix.golang }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Install Go - uses: actions/setup-go@v3 + uses: actions/setup-go@v5 with: go-version: ${{ matrix.golang }} - - uses: actions/cache@v3.0.7 + - uses: actions/cache@v4.0.0 with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ matrix.golang }}-v1-${{ hashFiles('**/go.sum') }} @@ -128,7 +128,7 @@ jobs: git --no-pager diff go.mod go.sum git --no-pager diff --quiet go.mod go.sum - name: Upload coverage to Codecov - uses: codecov/codecov-action@v3.1.0 + uses: codecov/codecov-action@v4.0.1 with: #token: ${{ secrets.CODECOV_TOKEN }} file: ./coverage.txt @@ -151,12 +151,12 @@ jobs: OS: ubuntu-latest GOLANG: ${{ matrix.golang }} steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - name: Install Go - uses: actions/setup-go@v3 + uses: actions/setup-go@v5 with: go-version: ${{ matrix.golang }} - - uses: actions/cache@v3.0.7 + - uses: actions/cache@v4.0.0 with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ matrix.golang }}-v1-${{ hashFiles('**/go.sum') }} @@ -172,7 +172,7 @@ jobs: - name: Run tests on Unix-like operating systems run: make unittest - name: Upload coverage to Codecov - uses: codecov/codecov-action@v3.1.0 + uses: codecov/codecov-action@v4.0.1 with: #token: ${{ secrets.CODECOV_TOKEN }} file: ./coverage.txt diff --git a/.github/workflows/label-sponsors.yml b/.github/workflows/label-sponsors.yml index b5c7479..bfcac08 100644 --- a/.github/workflows/label-sponsors.yml +++ b/.github/workflows/label-sponsors.yml @@ -9,6 +9,6 @@ jobs: name: is-sponsor-label runs-on: ubuntu-latest steps: - - uses: JasonEtco/is-sponsor-label-action@v1.2.0 + - uses: JasonEtco/is-sponsor-label-action@v2.0.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 57b79d7..6280b20 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -12,7 +12,7 @@ jobs: name: Release-Notes Preview runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - run: | git fetch --prune --unshallow --tags - uses: snyk/release-notes-preview@v1.6.2 @@ -26,7 +26,7 @@ jobs: name: Documentation runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 with: depth: 1 - uses: nosborn/github-action-markdown-cli@master diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ed43658..9bd328f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,7 +15,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Unshallow run: git fetch --prune --unshallow @@ -25,19 +25,19 @@ jobs: - name: Run Semantic Release id: semantic - uses: docker://ghcr.io/codfish/semantic-release-action:v1 + uses: docker://ghcr.io/codfish/semantic-release-action:v3 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Set up Go if: steps.semantic.outputs.new-release-published == 'true' && steps.repoman.outputs.has-go-binary == 'true' - uses: actions/setup-go@v3 + uses: actions/setup-go@v5 with: go-version: ${{ matrix.golang }} - name: Cache Go modules if: steps.semantic.outputs.new-release-published == 'true' && steps.repoman.outputs.has-go-binary == 'true' - uses: actions/cache@v3.0.7 + uses: actions/cache@v4.0.0 with: path: ~/go/pkg/mod key: ${{ runner.os }}-go-${{ matrix.golang }}-v1-${{ hashFiles('**/go.sum') }} @@ -45,7 +45,7 @@ jobs: - name: Run GoReleaser if: steps.semantic.outputs.new-release-published == 'true' && steps.repoman.outputs.has-go-binary == 'true' - uses: goreleaser/goreleaser-action@v3.0.0 + uses: goreleaser/goreleaser-action@v5.0.0 with: version: latest args: release --rm-dist diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 4271825..fd4233f 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -22,7 +22,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: persist-credentials: false @@ -30,7 +30,7 @@ jobs: env: SCORECARD_READ_TOKEN: ${{ secrets.SCORECARD_READ_TOKEN }} if: env.SCORECARD_READ_TOKEN != null - uses: ossf/scorecard-action@68bf5b3327e4fd443d2add8ab122280547b4a16d # v1.0.4 + uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 with: results_file: results.sarif results_format: sarif @@ -48,7 +48,7 @@ jobs: env: SCORECARD_READ_TOKEN: ${{ secrets.SCORECARD_READ_TOKEN }} if: env.SCORECARD_READ_TOKEN != null - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.0.0 + uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1 with: name: SARIF file path: results.sarif @@ -59,6 +59,6 @@ jobs: env: SCORECARD_READ_TOKEN: ${{ secrets.SCORECARD_READ_TOKEN }} if: env.SCORECARD_READ_TOKEN != null - uses: github/codeql-action/upload-sarif@v2 # v1.0.26 + uses: github/codeql-action/upload-sarif@v3 with: sarif_file: results.sarif diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 9677d30..8ff6ccb 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -11,11 +11,11 @@ name: Semgrep jobs: semgrep: name: Scan - runs-on: ubuntu-20.04 + runs-on: ubuntu-22.04 env: SEMGREP_APP_TOKEN: ${{ secrets.SEMGREP_APP_TOKEN }} container: image: returntocorp/semgrep steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v4 - run: semgrep ci diff --git a/tool/lint/package.json b/tool/lint/package.json index 81b1272..6c5acdf 100644 --- a/tool/lint/package.json +++ b/tool/lint/package.json @@ -1,6 +1,6 @@ { "dependencies": { - "alex": "10.0.0", + "alex": "11.0.1", "markdown-spellcheck": "1.3.1", "markdownlint-cli": "0.31.1", "remark-cli": "11.0.0",