mirror of
https://github.com/mattermost/mattermost.git
synced 2026-05-27 03:52:19 -04:00
8c30aeadbf
Bumps the github-actions-updates group with 19 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.2.2` | `6.0.2` | | [actions/setup-node](https://github.com/actions/setup-node) | `6.3.0` | `6.4.0` | | [docker/login-action](https://github.com/docker/login-action) | `4.0.0` | `4.2.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `7.0.0` | `7.2.0` | | [chainguard-dev/setup-chainctl](https://github.com/chainguard-dev/setup-chainctl) | `0.5.0` | `0.5.1` | | [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) | `1.0.70` | `1.0.133` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.32.6` | `4.36.0` | | [actions/setup-go](https://github.com/actions/setup-go) | `6.3.0` | `6.4.0` | | [actions/github-script](https://github.com/actions/github-script) | `7.0.1` | `9.0.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `8.0.0` | `8.0.1` | | [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | `6.0.0` | `6.1.1` | | [actions/cache](https://github.com/actions/cache) | `4.2.3` | `5.0.5` | | [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `47.0.5` | `47.0.6` | | [getsentry/action-release](https://github.com/getsentry/action-release) | `3.5.0` | `3.6.0` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `4.0.0` | `4.1.2` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `4.0.0` | `4.1.0` | | [mikepenz/action-junit-report](https://github.com/mikepenz/action-junit-report) | `6.3.1` | `6.4.1` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.5.2` | `6.0.1` | Updates `actions/checkout` from 4.2.2 to 6.0.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.2.2...de0fac2e4500dabe0009e67214ff5f5447ce83dd) Updates `actions/setup-node` from 6.3.0 to 6.4.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](53b83947a5...48b55a011b) Updates `docker/login-action` from 4.0.0 to 4.2.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](b45d80f862...650006c6eb) Updates `docker/build-push-action` from 7.0.0 to 7.2.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](d08e5c354a...f9f3042f7e) Updates `chainguard-dev/setup-chainctl` from 0.5.0 to 0.5.1 - [Release notes](https://github.com/chainguard-dev/setup-chainctl/releases) - [Commits](c125f765e8...2cddd35a2f) Updates `anthropics/claude-code-action` from 1.0.70 to 1.0.133 - [Release notes](https://github.com/anthropics/claude-code-action/releases) - [Commits](26ec041249...787c5a0ce9) Updates `github/codeql-action` from 4.32.6 to 4.36.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](0d579ffd05...7211b7c807) Updates `actions/setup-go` from 6.3.0 to 6.4.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](4b73464bb3...4a3601121d) Updates `actions/github-script` from 7.0.1 to 9.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v7.0.1...3a2844b7e9c422d3c10d287c895573f7108da1b3) Updates `actions/upload-artifact` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](bbbca2ddaa...043fb46d1a) Updates `actions/download-artifact` from 8.0.0 to 8.0.1 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](70fc10c6e5...3e5f45b2cf) Updates `aws-actions/configure-aws-credentials` from 6.0.0 to 6.1.1 - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](8df5847569...d979d5b3a7) Updates `actions/cache` from 4.2.3 to 5.0.5 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4.2.3...27d5ce7f107fe9357f9df03efb73ab90386fccae) Updates `tj-actions/changed-files` from 47.0.5 to 47.0.6 - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](22103cc46b...9426d40962) Updates `getsentry/action-release` from 3.5.0 to 3.6.0 - [Release notes](https://github.com/getsentry/action-release/releases) - [Changelog](https://github.com/getsentry/action-release/blob/master/CHANGELOG.md) - [Commits](dab6548b3c...5657c9e888) Updates `sigstore/cosign-installer` from 4.0.0 to 4.1.2 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](faadad0cce...6f9f177880) Updates `docker/setup-buildx-action` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](4d04d5d948...d7f5e7f509) Updates `mikepenz/action-junit-report` from 6.3.1 to 6.4.1 - [Release notes](https://github.com/mikepenz/action-junit-report/releases) - [Commits](49b2ca06f6...3a81627bfa) Updates `codecov/codecov-action` from 5.5.2 to 6.0.1 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](671740ac38...e79a6962e0) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 5.0.5 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: actions/download-artifact dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-updates - dependency-name: actions/github-script dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: actions/setup-go dependency-version: 6.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: actions/setup-node dependency-version: 6.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-updates - dependency-name: anthropics/claude-code-action dependency-version: 1.0.133 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-updates - dependency-name: aws-actions/configure-aws-credentials dependency-version: 6.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: chainguard-dev/setup-chainctl dependency-version: 0.5.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-updates - dependency-name: codecov/codecov-action dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-updates - dependency-name: docker/build-push-action dependency-version: 7.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: docker/login-action dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: docker/setup-buildx-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: getsentry/action-release dependency-version: 3.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: github/codeql-action dependency-version: 4.36.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: mikepenz/action-junit-report dependency-version: 6.4.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: sigstore/cosign-installer dependency-version: 4.1.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-updates - dependency-name: tj-actions/changed-files dependency-version: 47.0.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-updates ... Signed-off-by: dependabot[bot] <support@github.com>
57 lines
1.6 KiB
YAML
57 lines
1.6 KiB
YAML
name: "CodeQL"
|
|
|
|
on:
|
|
pull_request:
|
|
# The branches below must be a subset of the branches above
|
|
branches: [master]
|
|
schedule:
|
|
- cron: "30 5,17 * * *"
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
analyze:
|
|
permissions:
|
|
security-events: write # for github/codeql-action/autobuild to send a status report
|
|
name: Analyze
|
|
if: github.repository_owner == 'mattermost'
|
|
runs-on: ubuntu-24.04
|
|
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
language: ["go", "javascript"]
|
|
|
|
steps:
|
|
- name: Checkout repository
|
|
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
|
|
|
# Initializes the CodeQL tools for scanning.
|
|
- name: Initialize CodeQL
|
|
uses: github/codeql-action/init@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0
|
|
with:
|
|
languages: ${{ matrix.language }}
|
|
debug: false
|
|
config-file: ./.github/codeql/codeql-config.yml
|
|
|
|
- name: Build JavaScript
|
|
uses: github/codeql-action/autobuild@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0
|
|
if: ${{ matrix.language == 'javascript' }}
|
|
|
|
- name: Setup go
|
|
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
|
|
with:
|
|
go-version-file: server/go.mod
|
|
if: ${{ matrix.language == 'go' }}
|
|
|
|
- name: Build Golang
|
|
run: |
|
|
cd server
|
|
make setup-go-work
|
|
make build-linux-amd64
|
|
if: ${{ matrix.language == 'go' }}
|
|
|
|
# Perform Analysis
|
|
- name: Perform CodeQL Analysis
|
|
uses: github/codeql-action/analyze@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0
|