diff --git a/.github/renovate.json5 b/.github/renovate.json5 index 74f73533..db6093c6 100755 --- a/.github/renovate.json5 +++ b/.github/renovate.json5 @@ -1,7 +1,7 @@ { "$schema": "https://docs.renovatebot.com/renovate-schema.json", "extends": [ - "config:base", + "config:recommended", "docker:enableMajor", ":disableRateLimiting", ":dependencyDashboard", @@ -22,8 +22,9 @@ "pre-commit": { "enabled": true }, - "regexManagers": [ + "customManagers": [ { + "customType": "regex", "fileMatch": [ ".sh$" ], diff --git a/.github/renovate/autoMerge.json5 b/.github/renovate/autoMerge.json5 index af255114..75b2b06b 100755 --- a/.github/renovate/autoMerge.json5 +++ b/.github/renovate/autoMerge.json5 @@ -9,6 +9,17 @@ "ignoreTests": true, "automergeType": "pr", "matchUpdateTypes": ["minor", "patch", "digest"] + }, + { + "matchDatasources": ["go"], + "matchPackageNames": ["github.com/spf13/afero"], + "allowedVersions": "1.2.1" + }, + { + "description": "Preserve Go 1.18", + "paths": ["go.mod"], + "matchDatasources": ["go-version"], + "allowedVersions": "1.18.x" } ] } diff --git a/.github/workflows/codeql-analysis.yaml b/.github/workflows/codeql-analysis.yaml index db6489f4..fdfa18f6 100644 --- a/.github/workflows/codeql-analysis.yaml +++ b/.github/workflows/codeql-analysis.yaml @@ -25,15 +25,15 @@ jobs: steps: - name: Set up git repository - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Initialize CodeQL - uses: github/codeql-action/init@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2 + uses: github/codeql-action/init@49abf0ba24d0b7953cb586944e918a0b92074c80 # v2 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2 + uses: github/codeql-action/autobuild@49abf0ba24d0b7953cb586944e918a0b92074c80 # v2 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2 + uses: github/codeql-action/analyze@49abf0ba24d0b7953cb586944e918a0b92074c80 # v2 diff --git a/.github/workflows/container.yaml b/.github/workflows/container.yaml index 384e55d9..4952306a 100644 --- a/.github/workflows/container.yaml +++ b/.github/workflows/container.yaml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up git repository - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Set up QEMU uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3 diff --git a/.github/workflows/goreleaser.yaml b/.github/workflows/goreleaser.yaml index 25432b20..2abcf3e7 100755 --- a/.github/workflows/goreleaser.yaml +++ b/.github/workflows/goreleaser.yaml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up git repository - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 - name: Fetch all tags run: git fetch --force --tags diff --git a/.github/workflows/meta-sync-labels.yaml b/.github/workflows/meta-sync-labels.yaml index ac7bf515..b4de4035 100755 --- a/.github/workflows/meta-sync-labels.yaml +++ b/.github/workflows/meta-sync-labels.yaml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up git repository - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: token: "${{ secrets.BOT_TOKEN }}" diff --git a/.github/workflows/nancy.yaml b/.github/workflows/nancy.yaml index 18821630..51829ec4 100644 --- a/.github/workflows/nancy.yaml +++ b/.github/workflows/nancy.yaml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up git repository - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Set up Go uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4 diff --git a/.github/workflows/pre-commit.yaml b/.github/workflows/pre-commit.yaml index 61ade602..878f5a68 100644 --- a/.github/workflows/pre-commit.yaml +++ b/.github/workflows/pre-commit.yaml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up git repository - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Set up Python uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 # v4 diff --git a/.github/workflows/renovate.yaml b/.github/workflows/renovate.yaml index f02c3817..20c9f60d 100755 --- a/.github/workflows/renovate.yaml +++ b/.github/workflows/renovate.yaml @@ -1,7 +1,7 @@ --- name: Renovate on: - pull_request: + pull_request_target: branches: ["main"] paths: - .github/renovate-bot.json5 @@ -39,7 +39,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up git repository - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: token: "${{ secrets.BOT_TOKEN }}" @@ -60,7 +60,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.BOT_TOKEN }} - name: Renovate - uses: renovatebot/github-action@3cef36a9aba515d8726b491905b3bc766832e221 # v39.0.5 + uses: renovatebot/github-action@89c8a9b60f5bc8395658abab8f40f96e4b490ebf # v39.1.0 with: configurationFile: "${{ env.RENOVATE_CONFIG_FILE }}" token: "${{ secrets.BOT_TOKEN }}" diff --git a/.github/workflows/semgrep.yaml b/.github/workflows/semgrep.yaml index 94a8bc62..eb54c110 100755 --- a/.github/workflows/semgrep.yaml +++ b/.github/workflows/semgrep.yaml @@ -14,7 +14,7 @@ jobs: steps: - name: Set up git repository - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 - uses: returntocorp/semgrep-action@549796168c0ddcb9149b10a0e79e5f6522f50797 # v1 with: diff --git a/.github/workflows/tests.yaml b/.github/workflows/tests.yaml index 1bee02b8..6f0831ca 100755 --- a/.github/workflows/tests.yaml +++ b/.github/workflows/tests.yaml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Set up git repository - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Set up Go uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4 diff --git a/go.mod b/go.mod index 92eabd0e..4db3ac38 100644 --- a/go.mod +++ b/go.mod @@ -26,4 +26,5 @@ require ( gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect ) +// Lock afero to v1.2.1 replace github.com/spf13/afero => github.com/spf13/afero v1.2.1 diff --git a/magefiles/go.mod b/magefiles/go.mod index d19922e3..897190d4 100755 --- a/magefiles/go.mod +++ b/magefiles/go.mod @@ -46,4 +46,5 @@ require ( mvdan.cc/sh/v3 v3.6.0 // indirect ) +// Lock afero to v1.2.1 replace github.com/spf13/afero => github.com/spf13/afero v1.2.1