Chore: Prepare TX 2412 E2E tests #247
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bumps [peter-evans/dockerhub-description](https://github.com/peter-evans/dockerhub-description) from 3.4.2 to 4.0.0. - [Release notes](https://github.com/peter-evans/dockerhub-description/releases) - [Commits](peter-evans/dockerhub-description@dc67fad...e98e4d1) --- updated-dependencies: - dependency-name: peter-evans/dockerhub-description dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.7. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@b4ffde6...692973e) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.1.0 to 6.7.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@4a13e50...5cd11c3) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <[email protected]>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.23.0 to 3.26.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3.23.0...883d858) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
…ocker/build-push-action-6.7.0' into feature/2412-upgrade
…ctions/checkout-4.1.7' into feature/2412-upgrade
…eter-evans/dockerhub-description-4.0.0' into feature/2412-upgrade
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
|
|
||
| - name: TruffleHog OSS | ||
| id: trufflehog | ||
| uses: trufflesecurity/trufflehog@main |
Check warning
Code scanning / KICS
Unpinned Actions Full Length Commit SHA Warning
almadigabor
reviewed
Oct 18, 2024
There was a problem hiding this comment.
Looks good, although a release can't be created until all the dependencies are approved. I created the following issues for the Eclipse IP team to check licences. Once they are approved, the DEPENDENCIES file should be updated.
[INFO] License information could not be automatically verified for the following content:
[INFO]
[INFO] maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-toml/2.18.0
[INFO] maven/mavencentral/org.flywaydb/flyway-database-postgresql/10.18.0
[INFO]
[INFO] This content is either not correctly mapped by the system, or requires review.
[INFO] A review is required for maven/mavencentral/com.fasterxml.jackson.dataformat/jackson-dataformat-toml/2.18.0.
[INFO] A review request was created https://gitlab.eclipse.org/eclipsefdn/emo-team/iplab/-/issues/16800 .
[INFO] A review is required for maven/mavencentral/org.flywaydb/flyway-database-postgresql/10.18.0.
[INFO] A review request was created https://gitlab.eclipse.org/eclipsefdn/emo-team/iplab/-/issues/16801 .
|
Hey @drcgjung, All dependencies have been approved. I don't have permissions to push to you branch so please update the DEPENDENCIES file and then I can merge this PR. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
WHAT
Contains all version and dependency updates necessary to enter the E2E phase of TX/CX 2412 release.
Also checked with latest TRGs and issues around that.
WHY
We need to synchronize against TX EDC 0.8.0-rc4 (und its upstream snapshot).
At the same time we mitigate new CVEs and care for the TRGs.
FURTHER NOTES
Closes #246
Closes #245