From 0721527cae1a26211d1a87952d2788731b13834e Mon Sep 17 00:00:00 2001 From: ModeSevenIndustrialSolutions <93649628+ModeSevenIndustrialSolutions@users.noreply.github.com> Date: Fri, 6 Sep 2024 12:12:10 +0000 Subject: [PATCH] Chore: Update DevOps tooling from central repository [skip ci] Signed-off-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 14 ++++++++------ .github/workflows/dependencies.yaml | 7 ++++++- .github/workflows/security.yaml | 2 +- 3 files changed, 15 insertions(+), 8 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 808a860b..876fb543 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -9,7 +9,7 @@ # the `language` matrix defined below to confirm you have the correct set of # supported CodeQL languages. # -name: "CodeQL" +name: "🔐 CodeQL" on: push: @@ -17,7 +17,7 @@ on: pull_request: branches: [ "main", "gh-pages", "master" ] schedule: - - cron: '26 1 * * 2' + - cron: '39 20 * * 6' jobs: analyze: @@ -44,10 +44,11 @@ jobs: fail-fast: false matrix: include: - - language: javascript-typescript - build-mode: none - language: python build-mode: none + # CodeQL supports the following values keywords for 'language': + # 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift' + steps: - name: Checkout repository uses: actions/checkout@v4 @@ -58,13 +59,14 @@ jobs: with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. # If the analyze step fails for one of the languages you are analyzing with # "We were unable to automatically build your code", modify the matrix above # to set the build mode to "manual" for that language. Then modify this step # to build your code. - # ℹī¸ Command-line programs to run using the OS shell. - # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun - if: matrix.build-mode == 'manual' shell: bash run: | diff --git a/.github/workflows/dependencies.yaml b/.github/workflows/dependencies.yaml index 8edd9818..97f50faa 100644 --- a/.github/workflows/dependencies.yaml +++ b/.github/workflows/dependencies.yaml @@ -7,6 +7,9 @@ on: schedule: - cron: "0 8 1 * *" +env: + DEFAULT-PYTHON: "3.11" + jobs: update-dependencies: name: "Update dependencies" @@ -27,9 +30,11 @@ jobs: - name: "Set up Python" uses: actions/setup-python@v5 + with: + python-version: ${{ env.default-python }} - name: "Update Python dependencies" - uses: pdm-project/update-deps-action@v1 + uses: pdm-project/update-deps-action@v1.9 with: sign-off-commit: "true" token: ${{ secrets.GH_TOKEN }} diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml index 92e54b29..89c57f11 100644 --- a/.github/workflows/security.yaml +++ b/.github/workflows/security.yaml @@ -65,4 +65,4 @@ jobs: pdm list --graph - name: "Run: pip-audit" - uses: pypa/gh-action-pip-audit@v1.1.0 + uses: pypa/gh-action-pip-audit@v1.0.8