From 184445f4a45c602887ca0624c5295a7b6fea2d21 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 13 Dec 2023 14:02:24 -0600 Subject: Bump the github-actions group with 4 updates (#3894) Bumps the github-actions group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [ossf/scorecard-action](https://github.com/ossf/scorecard-action), [github/codeql-action](https://github.com/github/codeql-action) and [actions/setup-python](https://github.com/actions/setup-python). Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/clang-format-check.yml | 2 +- .github/workflows/codespell.yml | 2 +- .github/workflows/cve.yml | 4 ++-- .github/workflows/h5py.yml | 2 +- .github/workflows/hdfeos5.yml | 2 +- .github/workflows/intel-auto.yml | 2 +- .github/workflows/intel-cmake.yml | 4 ++-- .github/workflows/linux-auto-aocc-ompi.yml | 2 +- .github/workflows/main-auto-par.yml | 4 ++-- .github/workflows/main-auto-spc.yml | 16 ++++++++-------- .github/workflows/main-auto.yml | 4 ++-- .github/workflows/main-cmake.yml | 4 ++-- .github/workflows/netcdf.yml | 4 ++-- .github/workflows/nvhpc-auto.yml | 2 +- .github/workflows/nvhpc-cmake.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/scorecard.yml | 6 +++--- .github/workflows/tarball.yml | 2 +- .github/workflows/vol_adios2.yml | 4 ++-- .github/workflows/vol_async.yml | 4 ++-- .github/workflows/vol_cache.yml | 4 ++-- .github/workflows/vol_ext_passthru.yml | 4 ++-- .github/workflows/vol_log.yml | 4 ++-- .github/workflows/vol_rest.yml | 6 +++--- 24 files changed, 46 insertions(+), 46 deletions(-) diff --git a/.github/workflows/clang-format-check.yml b/.github/workflows/clang-format-check.yml index cde27c1..c96e78d 100644 --- a/.github/workflows/clang-format-check.yml +++ b/.github/workflows/clang-format-check.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest if: "!contains(github.event.head_commit.message, 'skip-ci')" steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.1.1 - name: Run clang-format style check for C and Java code uses: DoozyX/clang-format-lint-action@v0.13 with: diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml index fba4b12..cb68361 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/codespell.yml @@ -10,7 +10,7 @@ jobs: name: Check for spelling errors runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.1.1 - uses: codespell-project/actions-codespell@master with: skip: ./.github/workflows/codespell.yml,./bin/trace,./hl/tools/h5watch/h5watch.c,./tools/test/h5jam/tellub.c,./config/sanitizer/LICENSE,./config/sanitizer/sanitizers.cmake,./tools/test/h5repack/testfiles/*.dat,./test/API/driver,./configure,./bin/ltmain.sh,./bin/depcomp,./bin/config.guess,./bin/config.sub,./autom4te.cache,./m4/libtool.m4,./c++/src/*.html,./HDF5Examples/depcomp diff --git a/.github/workflows/cve.yml b/.github/workflows/cve.yml index 372518a..b0564d8 100644 --- a/.github/workflows/cve.yml +++ b/.github/workflows/cve.yml @@ -27,7 +27,7 @@ jobs: name: CVE regression runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.1.1 - name: Install Autotools Dependencies (Linux) run: | @@ -40,7 +40,7 @@ jobs: make sudo make install - name: Checkout CVE test repository - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 with: repository: HDFGroup/cve_hdf5 path: cve_hdf5 diff --git a/.github/workflows/h5py.yml b/.github/workflows/h5py.yml index 316a71d..cf29c7e 100644 --- a/.github/workflows/h5py.yml +++ b/.github/workflows/h5py.yml @@ -17,7 +17,7 @@ jobs: compiler: gcc version: 13 - name: Checkout Spack - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 with: repository: spack/spack path: ./spack diff --git a/.github/workflows/hdfeos5.yml b/.github/workflows/hdfeos5.yml index dad262d..19692b7 100644 --- a/.github/workflows/hdfeos5.yml +++ b/.github/workflows/hdfeos5.yml @@ -27,7 +27,7 @@ jobs: name: Build hdfeos5 runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.1.1 - name: Install Autotools Dependencies (Linux) run: | diff --git a/.github/workflows/intel-auto.yml b/.github/workflows/intel-auto.yml index d63262f..7bd457c 100644 --- a/.github/workflows/intel-auto.yml +++ b/.github/workflows/intel-auto.yml @@ -16,7 +16,7 @@ jobs: name: "Intel ${{ inputs.build_mode }}" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.1.1 - name: Install Dependencies run: | diff --git a/.github/workflows/intel-cmake.yml b/.github/workflows/intel-cmake.yml index 94dc6cf..47f16a5 100644 --- a/.github/workflows/intel-cmake.yml +++ b/.github/workflows/intel-cmake.yml @@ -19,7 +19,7 @@ jobs: name: "ubuntu-oneapi ${{ inputs.build_mode }}" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.1.1 # Only CMake need ninja-build, but we just install it unilaterally # libssl, etc. are needed for the ros3 VFD @@ -77,7 +77,7 @@ jobs: name: "windows-oneapi ${{ inputs.build_mode }}" runs-on: windows-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.1.1 - name: Install Dependencies (Windows) run: choco install ninja diff --git a/.github/workflows/linux-auto-aocc-ompi.yml b/.github/workflows/linux-auto-aocc-ompi.yml index c370014..68f94dd 100644 --- a/.github/workflows/linux-auto-aocc-ompi.yml +++ b/.github/workflows/linux-auto-aocc-ompi.yml @@ -26,7 +26,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.1.1 - name: Install System dependencies run: | diff --git a/.github/workflows/main-auto-par.yml b/.github/workflows/main-auto-par.yml index 790b20a..70cf4bd 100644 --- a/.github/workflows/main-auto-par.yml +++ b/.github/workflows/main-auto-par.yml @@ -40,7 +40,7 @@ jobs: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Get Sources - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 # AUTOTOOLS CONFIGURE - name: Autotools Configure @@ -98,7 +98,7 @@ jobs: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Get Sources - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 # AUTOTOOLS CONFIGURE - name: Autotools Configure diff --git a/.github/workflows/main-auto-spc.yml b/.github/workflows/main-auto-spc.yml index 825a6de..3a7f72d 100644 --- a/.github/workflows/main-auto-spc.yml +++ b/.github/workflows/main-auto-spc.yml @@ -43,7 +43,7 @@ jobs: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Get Sources - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 # AUTOTOOLS CONFIGURE - name: Autotools Configure @@ -104,7 +104,7 @@ jobs: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Get Sources - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 # AUTOTOOLS CONFIGURE - name: Autotools Configure @@ -165,7 +165,7 @@ jobs: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Get Sources - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 # AUTOTOOLS CONFIGURE - name: Autotools Configure @@ -226,7 +226,7 @@ jobs: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Get Sources - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 # AUTOTOOLS CONFIGURE - name: Autotools Configure @@ -287,7 +287,7 @@ jobs: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Get Sources - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 # AUTOTOOLS CONFIGURE - name: Autotools Configure @@ -348,7 +348,7 @@ jobs: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Get Sources - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 # AUTOTOOLS CONFIGURE - name: Autotools Configure @@ -409,7 +409,7 @@ jobs: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Get Sources - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 # AUTOTOOLS CONFIGURE - name: Autotools Configure @@ -470,7 +470,7 @@ jobs: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Get Sources - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 # AUTOTOOLS CONFIGURE - name: Autotools Configure diff --git a/.github/workflows/main-auto.yml b/.github/workflows/main-auto.yml index 3ad0399..57b1c3d 100644 --- a/.github/workflows/main-auto.yml +++ b/.github/workflows/main-auto.yml @@ -49,7 +49,7 @@ jobs: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Get Sources - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 # AUTOTOOLS CONFIGURE - name: Autotools Configure @@ -153,7 +153,7 @@ jobs: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Get Sources - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 # AUTOTOOLS CONFIGURE - name: Autotools Configure diff --git a/.github/workflows/main-cmake.yml b/.github/workflows/main-cmake.yml index 18d4a39..7669bd9 100644 --- a/.github/workflows/main-cmake.yml +++ b/.github/workflows/main-cmake.yml @@ -163,7 +163,7 @@ jobs: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Get Sources - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 # # CMAKE CONFIGURE @@ -281,7 +281,7 @@ jobs: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Get Sources - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 # CMAKE CONFIGURE - name: CMake Configure diff --git a/.github/workflows/netcdf.yml b/.github/workflows/netcdf.yml index 0ea6137..f34be41 100644 --- a/.github/workflows/netcdf.yml +++ b/.github/workflows/netcdf.yml @@ -31,7 +31,7 @@ jobs: sudo apt update sudo apt install -y libaec-dev zlib1g-dev automake autoconf libcurl4-openssl-dev libjpeg-dev wget curl bzip2 m4 flex bison cmake libzip-dev doxygen openssl libtool libtool-bin - name: Checkout HDF5 - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 - name: Install HDF5 run: | ./autogen.sh @@ -39,7 +39,7 @@ jobs: make -j sudo make install -j - name: Checkout netCDF - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 with: repository: unidata/netcdf-c path: netcdf-c diff --git a/.github/workflows/nvhpc-auto.yml b/.github/workflows/nvhpc-auto.yml index 0b6f64a..158a861 100644 --- a/.github/workflows/nvhpc-auto.yml +++ b/.github/workflows/nvhpc-auto.yml @@ -16,7 +16,7 @@ jobs: name: "nvhpc ${{ inputs.build_mode }}" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.1.1 - name: Install Dependencies run: | diff --git a/.github/workflows/nvhpc-cmake.yml b/.github/workflows/nvhpc-cmake.yml index 1b0dbeb..b81446c 100644 --- a/.github/workflows/nvhpc-cmake.yml +++ b/.github/workflows/nvhpc-cmake.yml @@ -16,7 +16,7 @@ jobs: name: "nvhpc ${{ inputs.build_mode }}" runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v4.1.1 - name: Install Linux dependencies shell: bash diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8774331..2c2eeef 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -50,7 +50,7 @@ jobs: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Get Sources - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 with: path: hdfsrc diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 7825a5c..9d8e456 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -32,12 +32,12 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2 + uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 with: results_file: results.sarif results_format: sarif @@ -67,6 +67,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4 + uses: github/codeql-action/upload-sarif@305f6546310b9203e892c28c1484e82977f4f63d # v2.22.10 with: sarif_file: results.sarif diff --git a/.github/workflows/tarball.yml b/.github/workflows/tarball.yml index 5ee0f49..5a08305 100644 --- a/.github/workflows/tarball.yml +++ b/.github/workflows/tarball.yml @@ -83,7 +83,7 @@ jobs: steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - name: Get Sources - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 with: path: hdfsrc diff --git a/.github/workflows/vol_adios2.yml b/.github/workflows/vol_adios2.yml index 35fde5e..5349a73 100644 --- a/.github/workflows/vol_adios2.yml +++ b/.github/workflows/vol_adios2.yml @@ -26,7 +26,7 @@ jobs: sudo apt-get install automake autoconf libtool libtool-bin libopenmpi-dev - name: Checkout HDF5 - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 with: repository: HDFGroup/hdf5 path: hdf5 @@ -73,7 +73,7 @@ jobs: - if: ${{ steps.cache-adios2.outputs.cache-hit != 'true' }} name: Checkout ADIOS2 (${{ env.ADIOS2_COMMIT_SHORT }}) - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 with: repository: ornladios/ADIOS2 ref: ${{ env.ADIOS2_COMMIT }} diff --git a/.github/workflows/vol_async.yml b/.github/workflows/vol_async.yml index bb4c3a1..b537864 100644 --- a/.github/workflows/vol_async.yml +++ b/.github/workflows/vol_async.yml @@ -22,13 +22,13 @@ jobs: sudo apt-get install automake autoconf libtool libtool-bin libopenmpi-dev - name: Checkout HDF5 - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 with: repository: HDFGroup/hdf5 path: hdf5 - name: Checkout Argobots - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 with: repository: pmodels/argobots path: abt diff --git a/.github/workflows/vol_cache.yml b/.github/workflows/vol_cache.yml index 1a8c40c..98eac44 100644 --- a/.github/workflows/vol_cache.yml +++ b/.github/workflows/vol_cache.yml @@ -35,13 +35,13 @@ jobs: sudo apt-get install automake autoconf libtool libtool-bin libopenmpi-dev - name: Checkout HDF5 - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 with: repository: HDFGroup/hdf5 path: hdf5 - name: Checkout Argobots - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 with: repository: pmodels/argobots path: abt diff --git a/.github/workflows/vol_ext_passthru.yml b/.github/workflows/vol_ext_passthru.yml index 337130b..ec774d6 100644 --- a/.github/workflows/vol_ext_passthru.yml +++ b/.github/workflows/vol_ext_passthru.yml @@ -22,13 +22,13 @@ jobs: sudo apt-get install automake autoconf libtool libtool-bin libopenmpi-dev - name: Checkout HDF5 - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 with: repository: HDFGroup/hdf5 path: hdf5 - name: Checkout vol-external-passthrough - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 with: repository: hpc-io/vol-external-passthrough path: vol-external-passthrough diff --git a/.github/workflows/vol_log.yml b/.github/workflows/vol_log.yml index 0a35578..c566547 100644 --- a/.github/workflows/vol_log.yml +++ b/.github/workflows/vol_log.yml @@ -23,7 +23,7 @@ jobs: #mpich - name: Checkout HDF5 - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 with: repository: HDFGroup/hdf5 path: hdf5 @@ -56,7 +56,7 @@ jobs: echo "PATH=${{ runner.workspace }}/hdf5_build/bin:${PATH}" >> $GITHUB_ENV - name: Checkout Log-based VOL - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 with: repository: DataLib-ECP/vol-log-based path: vol-log-based diff --git a/.github/workflows/vol_rest.yml b/.github/workflows/vol_rest.yml index 188e80d..6d46678 100644 --- a/.github/workflows/vol_rest.yml +++ b/.github/workflows/vol_rest.yml @@ -42,7 +42,7 @@ jobs: sudo apt-get install automake autoconf libtool libtool-bin libcurl4-openssl-dev libyajl-dev - name: Checkout HDF5 - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 with: repository: HDFGroup/hdf5 path: hdf5 @@ -78,12 +78,12 @@ jobs: echo "LD_LIBRARY_PATH=${{ github.workspace }}/hdf5/build/bin" >> $GITHUB_ENV - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v3 + uses: actions/setup-python@v5 with: python-version: ${{ matrix.python-version }} - name: Checkout HSDS - uses: actions/checkout@v4 + uses: actions/checkout@v4.1.1 with: repository: HDFGroup/hsds path: ${{github.workspace}}/hsds -- cgit v0.12