Skip to content

Commit 63558e8

Browse files
authored
Merge branch 'main' into amazon-linux-2023-arm
2 parents 187deb1 + 1d57199 commit 63558e8

91 files changed

Lines changed: 3175 additions & 1632 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.github/pull_request_template.md

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,19 @@
1+
## Description
2+
3+
<!-- Briefly describe the changes in this PR. -->
4+
5+
## Test Plan
6+
7+
<!--
8+
Please describe how you tested these changes. This helps reviewers understand
9+
the scope and confidence level of the change. Examples:
10+
11+
- Ran `terraform plan` against an existing deployment
12+
- Added/updated unit tests (link to test file or describe coverage)
13+
- Deployed to a test environment and triggered a workflow run
14+
- Validated with `terraform validate` and `tflint`
15+
-->
16+
17+
## Related Issues
18+
19+
<!-- Link any related issues, e.g. Fixes #123, Closes #456 -->

.github/workflows/codeql.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -31,23 +31,23 @@ jobs:
3131

3232
steps:
3333
- name: Harden the runner (Audit all outbound calls)
34-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
34+
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
3535
with:
3636
egress-policy: audit
3737

3838
- name: Checkout repository
39-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
39+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
4040
with:
4141
persist-credentials: false
4242

4343
# Initializes the CodeQL tools for scanning.
4444
- name: Initialize CodeQL
45-
uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
45+
uses: github/codeql-action/init@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
4646
with:
4747
languages: ${{ matrix.language }}
4848
build-mode: none
4949

5050
- name: Perform CodeQL Analysis
51-
uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
51+
uses: github/codeql-action/analyze@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
5252
with:
5353
category: "/language:${{matrix.language}}"

.github/workflows/dependency-review.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -24,15 +24,15 @@ jobs:
2424
pull-requests: write # for actions/dependency-review-action to comment on PRs
2525
steps:
2626
- name: Harden the runner (Audit all outbound calls)
27-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
27+
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
2828
with:
2929
egress-policy: audit
3030

3131
- name: 'Checkout Repository'
32-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
32+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
3333
with:
3434
persist-credentials: false
3535
- name: 'Dependency Review'
36-
uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2
36+
uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4.9.0
3737
with:
3838
comment-summary-in-pr: always

.github/workflows/lambda.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -27,11 +27,11 @@ jobs:
2727

2828
steps:
2929
- name: Harden the runner (Audit all outbound calls)
30-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
30+
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
3131
with:
3232
egress-policy: audit
3333

34-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
34+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
3535
with:
3636
persist-credentials: false
3737
- name: Install dependencies
@@ -46,7 +46,7 @@ jobs:
4646
- name: Build distribution
4747
run: yarn build
4848
- name: Upload coverage report
49-
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
49+
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
5050
if: ${{ failure() }}
5151
with:
5252
name: coverage-reports
Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1 @@
1-
mkdocs-material==9.7.1
1+
mkdocs-material==9.7.3

.github/workflows/mkdocs/requirements.txt

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -223,9 +223,9 @@ mkdocs-get-deps==0.2.0 \
223223
--hash=sha256:162b3d129c7fad9b19abfdcb9c1458a651628e4b1dea628ac68790fb3061c60c \
224224
--hash=sha256:2bf11d0b133e77a0dd036abeeb06dec8775e46efa526dc70667d8863eefc6134
225225
# via mkdocs
226-
mkdocs-material==9.7.1 \
227-
--hash=sha256:3f6100937d7d731f87f1e3e3b021c97f7239666b9ba1151ab476cabb96c60d5c \
228-
--hash=sha256:89601b8f2c3e6c6ee0a918cc3566cb201d40bf37c3cd3c2067e26fadb8cce2b8
226+
mkdocs-material==9.7.3 \
227+
--hash=sha256:37ebf7b4788c992203faf2e71900be3c197c70a4be9b0d72aed537b08a91dd9d \
228+
--hash=sha256:e5f0a18319699da7e78c35e4a8df7e93537a888660f61a86bd773a7134798f22
229229
# via -r requirements.in
230230
mkdocs-material-extensions==1.3.1 \
231231
--hash=sha256:10c9511cea88f568257f960358a467d12b970e1f7b2c0e5fb2bb48cab1928443 \
@@ -247,9 +247,9 @@ platformdirs==4.3.8 \
247247
--hash=sha256:3d512d96e16bcb959a814c9f348431070822a6496326a4be0911c40b5a74c2bc \
248248
--hash=sha256:ff7059bb7eb1179e2685604f4aaf157cfd9535242bd23742eadc3c13542139b4
249249
# via mkdocs-get-deps
250-
pygments==2.19.2 \
251-
--hash=sha256:636cb2477cec7f8952536970bc533bc43743542f70392ae026374600add5b887 \
252-
--hash=sha256:86540386c03d588bb81d44bc3928634ff26449851e99741617ecb9037ee5ec0b
250+
pygments==2.20.0 \
251+
--hash=sha256:6757cd03768053ff99f3039c1a36d6c0aa0b263438fcab17520b30a303a82b5f \
252+
--hash=sha256:81a9e26dd42fd28a23a2d169d86d7ac03b46e2f8b59ed4698fb4785f946d0176
253253
# via mkdocs-material
254254
pymdown-extensions==10.16.1 \
255255
--hash=sha256:aace82bcccba3efc03e25d584e6a22d27a8e17caa3f4dd9f207e49b787aa9a91 \
@@ -322,9 +322,9 @@ pyyaml-env-tag==1.1 \
322322
--hash=sha256:17109e1a528561e32f026364712fee1264bc2ea6715120891174ed1b980d2e04 \
323323
--hash=sha256:2eb38b75a2d21ee0475d6d97ec19c63287a7e140231e4214969d0eac923cd7ff
324324
# via mkdocs
325-
requests==2.32.4 \
326-
--hash=sha256:27babd3cda2a6d50b30443204ee89830707d396671944c998b5975b031ac2b2c \
327-
--hash=sha256:27d0316682c8a29834d3264820024b62a36942083d52caf2f14c0591336d3422
325+
requests==2.33.0 \
326+
--hash=sha256:3324635456fa185245e24865e810cecec7b4caf933d7eb133dcde67d48cee69b \
327+
--hash=sha256:c7ebc5e8b0f21837386ad0e1c8fe8b829fa5f544d8df3b2253bff14ef29d7652
328328
# via mkdocs-material
329329
six==1.17.0 \
330330
--hash=sha256:4721f391ed90541fddacab5acf947aa0d3dc7d27b2e1e8eda2be8970586c3274 \

.github/workflows/ossf-scorecard.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -25,12 +25,12 @@ jobs:
2525

2626
steps:
2727
- name: Harden the runner (Audit all outbound calls)
28-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
28+
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
2929
with:
3030
egress-policy: audit
3131

3232
- name: "Checkout code"
33-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
33+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
3434
with:
3535
persist-credentials: false
3636

@@ -44,7 +44,7 @@ jobs:
4444
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
4545
# format to the repository Actions tab.
4646
- name: "Upload artifact"
47-
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
47+
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
4848
with:
4949
name: SARIF file
5050
path: results.sarif
@@ -53,6 +53,6 @@ jobs:
5353
# Upload the results to GitHub's code scanning dashboard (optional).
5454
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
5555
- name: "Upload to code-scanning"
56-
uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9
56+
uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
5757
with:
5858
sarif_file: results.sarif

.github/workflows/ovs.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,4 +17,4 @@ jobs:
1717
actions: read # Required to upload SARIF file to CodeQL
1818
security-events: write # Require writing security events to upload
1919
contents: read # for checkout
20-
uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@375a0e8ebdc98e99b02ac4338a724f5750f21213" # v2.3.1
20+
uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@c5996e0193a3df57d695c1b8a1dec2a4c62e8730" # v2.3.3

.github/workflows/packer-build.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -34,12 +34,12 @@ jobs:
3434
working-directory: images/${{ matrix.image }}
3535
steps:
3636
- name: Harden the runner (Audit all outbound calls)
37-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
37+
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
3838
with:
3939
egress-policy: audit
4040

4141
- name: "Checkout"
42-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
42+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
4343
with:
4444
persist-credentials: false
4545
- name: packer init

.github/workflows/release.yml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -24,22 +24,22 @@ jobs:
2424
environment: release
2525
steps:
2626
- name: Harden the runner (Audit all outbound calls)
27-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
27+
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
2828
with:
2929
egress-policy: audit
3030

31-
- uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
31+
- uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
3232
with:
3333
node-version: 24
3434
package-manager-cache: false
35-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
35+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
3636
with:
3737
persist-credentials: false
3838
- name: Build dist
3939
working-directory: lambdas
4040
run: yarn install --frozen-lockfile && yarn run test && yarn dist
4141
- name: Get installation token
42-
uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
42+
uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
4343
id: token
4444
with:
4545
app-id: ${{ vars.RELEASER_APP_ID }}
@@ -58,7 +58,7 @@ jobs:
5858
- name: Attest
5959
if: ${{ steps.release.outputs.releases_created == 'true' }}
6060
id: attest
61-
uses: actions/attest-build-provenance@00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8 # v3.1.0
61+
uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0
6262
with:
6363
subject-path: '${{ github.workspace }}/lambdas/functions/**/*.zip'
6464
- name: Update release notes with attestation

0 commit comments

Comments
 (0)