chore(deps): bump the github-actions group with 12 updates

Bumps the github-actions group with 12 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `2` | `4` | | [actions/github-script](https://github.com/actions/github-script) | `6` | `7` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `5.0.0` | `5.5.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `2` | `3` | | [ad-m/github-push-action](https://github.com/ad-m/github-push-action) | `0.6.0` | `0.8.0` | | [actions/setup-go](https://github.com/actions/setup-go) | `4` | `5` | | [actions/first-interaction](https://github.com/actions/first-interaction) | `1.2.0` | `1.3.0` | | [lycheeverse/lychee-action](https://github.com/lycheeverse/lychee-action) | `1.8.0` | `1.9.0` | | [dessant/lock-threads](https://github.com/dessant/lock-threads) | `4` | `5` | | [actions/setup-node](https://github.com/actions/setup-node) | `2` | `4` | | [alex-page/github-project-automation-plus](https://github.com/alex-page/github-project-automation-plus) | `0.8.3` | `0.9.0` | | [actions/stale](https://github.com/actions/stale) | `8` | `9` | Updates `actions/checkout` from 2 to 4 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v2...v4) Updates `actions/github-script` from 6 to 7 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v6...v7) Updates `docker/metadata-action` from 5.0.0 to 5.5.0 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](https://github.com/docker/metadata-action/compare/v5.0.0...v5.5.0) Updates `github/codeql-action` from 2 to 3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v2...v3) Updates `ad-m/github-push-action` from 0.6.0 to 0.8.0 - [Release notes](https://github.com/ad-m/github-push-action/releases) - [Commits](https://github.com/ad-m/github-push-action/compare/v0.6.0...v0.8.0) Updates `actions/setup-go` from 4 to 5 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v4...v5) Updates `actions/first-interaction` from 1.2.0 to 1.3.0 - [Release notes](https://github.com/actions/first-interaction/releases) - [Commits](https://github.com/actions/first-interaction/compare/v1.2.0...v1.3.0) Updates `lycheeverse/lychee-action` from 1.8.0 to 1.9.0 - [Release notes](https://github.com/lycheeverse/lychee-action/releases) - [Commits](https://github.com/lycheeverse/lychee-action/compare/v1.8.0...v1.9.0) Updates `dessant/lock-threads` from 4 to 5 - [Release notes](https://github.com/dessant/lock-threads/releases) - [Changelog](https://github.com/dessant/lock-threads/blob/main/CHANGELOG.md) - [Commits](https://github.com/dessant/lock-threads/compare/v4...v5) Updates `actions/setup-node` from 2 to 4 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v2...v4) Updates `alex-page/github-project-automation-plus` from 0.8.3 to 0.9.0 - [Release notes](https://github.com/alex-page/github-project-automation-plus/releases) - [Commits](https://github.com/alex-page/github-project-automation-plus/compare/v0.8.3...v0.9.0) Updates `actions/stale` from 8 to 9 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/v8...v9) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/github-script dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/metadata-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: ad-m/github-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/first-interaction dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: lycheeverse/lychee-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: dessant/lock-threads dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: alex-page/github-project-automation-plus dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
2 years ago · 09702d868d
parent f27b1e43f5
commit 09702d868d
18 changed files with 39 additions and 39 deletions
--- a/.github/workflows/auto-gh-pr.yml
+++ b/.github/workflows/auto-gh-pr.yml
@ -28,7 +28,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v4
      - name: Sync Issue to PR
        if: github.event_name == 'pull_request' && github.event.pull_request.base.ref == 'main'
--- a/.github/workflows/bot-auto-cherry-pick.yml
+++ b/.github/workflows/bot-auto-cherry-pick.yml
@ -23,7 +23,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Comment cherry-pick command
-        uses: actions/github-script@v6
+        uses: actions/github-script@v7
        with:
          script: |
            const pr = context.payload.pull_request;
--- a/.github/workflows/build-docker-image.yml
+++ b/.github/workflows/build-docker-image.yml
@ -43,7 +43,7 @@ jobs:
 # docker.io/openim/openim-server:latest
      - name: Extract metadata (tags, labels) for Docker
        id: meta
-        uses: docker/metadata-action@v5.0.0
+        uses: docker/metadata-action@v5.5.0
        with:
          images: openim/openim-server
          # generate Docker tags based on the following events/attributes
@ -86,7 +86,7 @@ jobs:
 # registry.cn-hangzhou.aliyuncs.com/openimsdk/openim-server:latest
      - name: Extract metadata (tags, labels) for Docker
        id: meta2
-        uses: docker/metadata-action@v5.0.0
+        uses: docker/metadata-action@v5.5.0
        with:
          images: registry.cn-hangzhou.aliyuncs.com/openimsdk/openim-server
          # generate Docker tags based on the following events/attributes
@ -130,7 +130,7 @@ jobs:
 # ghcr.io/openimsdk/openim-server:latest
      - name: Extract metadata (tags, labels) for Docker
        id: meta3
-        uses: docker/metadata-action@v5.0.0
+        uses: docker/metadata-action@v5.5.0
        with:
          images: ghcr.io/openimsdk/openim-server
          # generate Docker tags based on the following events/attributes
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@ -51,7 +51,7 @@ jobs:
      # Initializes the CodeQL tools for scanning.
      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@v3
        # Override language selection by uncommenting this and choosing your languages
        with:
          languages: go
@ -59,7 +59,7 @@ jobs:
      # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java).
      # If this step fails, then you should remove it and run the build manually (see below).
      - name: Autobuild
-        uses: github/codeql-action/autobuild@v2
+        uses: github/codeql-action/autobuild@v3
      # ℹ️ Command-line programs to run using the OS shell.
      # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@ -73,4 +73,4 @@ jobs:
    #       make release
      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v3
--- a/.github/workflows/create-branch-on-tag.yml
+++ b/.github/workflows/create-branch-on-tag.yml
@ -70,7 +70,7 @@ jobs:
    - name: Push CHANGELOG to Main
      if: steps.create-and-commit-changelog.outputs.changes == 'true'
-      uses: ad-m/github-push-action@v0.6.0
+      uses: ad-m/github-push-action@v0.8.0
      with:
        github_token: ${{ secrets.BOT_GITHUB_TOKEN }}
        branch: main
--- a/.github/workflows/docker-buildx.yml
+++ b/.github/workflows/docker-buildx.yml
@ -100,7 +100,7 @@ jobs:
      - name: Extract metadata (tags, labels) for Docker openim-api
        id: meta1
-        uses: docker/metadata-action@v5.0.0
+        uses: docker/metadata-action@v5.5.0
        with:
          images: |
            ghcr.io/openimsdk/openim-api
@ -131,7 +131,7 @@ jobs:
      - name: Extract metadata (tags, labels) for Docker openim-cmdutils
        id: meta2
-        uses: docker/metadata-action@v5.0.0
+        uses: docker/metadata-action@v5.5.0
        with:
          images: |
            ghcr.io/openimsdk/openim-cmdutils
@ -162,7 +162,7 @@ jobs:
      - name: Extract metadata (tags, labels) for Docker openim-crontask
        id: meta3
-        uses: docker/metadata-action@v5.0.0
+        uses: docker/metadata-action@v5.5.0
        with:
          images: |
            ghcr.io/openimsdk/openim-crontask
@ -193,7 +193,7 @@ jobs:
      - name: Extract metadata (tags, labels) for Docker openim-msggateway
        id: meta4
-        uses: docker/metadata-action@v5.0.0
+        uses: docker/metadata-action@v5.5.0
        with:
          images: |
            ghcr.io/openimsdk/openim-msggateway
@ -224,7 +224,7 @@ jobs:
      - name: Extract metadata (tags, labels) for Docker openim-msgtransfer
        id: meta5
-        uses: docker/metadata-action@v5.0.0
+        uses: docker/metadata-action@v5.5.0
        with:
          images: |
            ghcr.io/openimsdk/openim-msgtransfer
@ -255,7 +255,7 @@ jobs:
      - name: Extract metadata (tags, labels) for Docker openim-push
        id: meta6
-        uses: docker/metadata-action@v5.0.0
+        uses: docker/metadata-action@v5.5.0
        with:
          images: |
            ghcr.io/openimsdk/openim-push
@ -286,7 +286,7 @@ jobs:
      - name: Extract metadata (tags, labels) for Docker openim-rpc-auth
        id: meta7
-        uses: docker/metadata-action@v5.0.0
+        uses: docker/metadata-action@v5.5.0
        with:
          images: |
            ghcr.io/openimsdk/openim-rpc-auth
@ -317,7 +317,7 @@ jobs:
      - name: Extract metadata (tags, labels) for Docker openim-rpc-conversation
        id: meta8
-        uses: docker/metadata-action@v5.0.0
+        uses: docker/metadata-action@v5.5.0
        with:
          images: |
            ghcr.io/openimsdk/openim-rpc-conversation
@ -348,7 +348,7 @@ jobs:
      - name: Extract metadata (tags, labels) for Docker openim-rpc-friend
        id: meta9
-        uses: docker/metadata-action@v5.0.0
+        uses: docker/metadata-action@v5.5.0
        with:
          images: |
            ghcr.io/openimsdk/openim-rpc-friend
@ -379,7 +379,7 @@ jobs:
      - name: Extract metadata (tags, labels) for Docker openim-rpc-group
        id: meta10
-        uses: docker/metadata-action@v5.0.0
+        uses: docker/metadata-action@v5.5.0
        with:
          images: |
            ghcr.io/openimsdk/openim-rpc-group
@ -410,7 +410,7 @@ jobs:
      - name: Extract metadata (tags, labels) for Docker openim-rpc-msg
        id: meta11
-        uses: docker/metadata-action@v5.0.0
+        uses: docker/metadata-action@v5.5.0
        with:
          images: |
            ghcr.io/openimsdk/openim-rpc-msg
@ -441,7 +441,7 @@ jobs:
      - name: Extract metadata (tags, labels) for Docker openim-rpc-third
        id: meta12
-        uses: docker/metadata-action@v5.0.0
+        uses: docker/metadata-action@v5.5.0
        with:
          images: |
            ghcr.io/openimsdk/openim-rpc-third
@ -472,7 +472,7 @@ jobs:
      - name: Extract metadata (tags, labels) for Docker openim-rpc-user
        id: meta13
-        uses: docker/metadata-action@v5.0.0
+        uses: docker/metadata-action@v5.5.0
        with:
          images: |
            ghcr.io/openimsdk/openim-rpc-user
--- a/.github/workflows/e2e-test.yml
+++ b/.github/workflows/e2e-test.yml
@ -34,7 +34,7 @@ jobs:
    steps:
      - name: Set up Go 1.21
-        uses: actions/setup-go@v4
+        uses: actions/setup-go@v5
        with:
          go-version: 1.21
        id: go
@ -60,7 +60,7 @@ jobs:
      uses: actions/checkout@v4
    - name: Set up Go ${{ matrix.go_version }}
-      uses: actions/setup-go@v4
+      uses: actions/setup-go@v5
      with:
        go-version: ${{ matrix.go_version }}
      id: go
--- a/.github/workflows/golangci-lint.yml
+++ b/.github/workflows/golangci-lint.yml
@ -24,7 +24,7 @@ jobs:
      runs-on: ubuntu-latest
      steps:
        - uses: actions/checkout@v4
-        - uses: actions/setup-go@v4
+        - uses: actions/setup-go@v5
          with:
            go-version: '1.21'
            cache: false
--- a/.github/workflows/greetings.yml
+++ b/.github/workflows/greetings.yml
@ -26,7 +26,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
-      - uses: actions/first-interaction@v1.2.0
+      - uses: actions/first-interaction@v1.3.0
        with:
          repo-token: ${{ secrets.BOT_GITHUB_TOKEN }}
          pr-message: |
--- a/.github/workflows/link-pr.yml
+++ b/.github/workflows/link-pr.yml
@ -27,7 +27,7 @@ jobs:
      - name: Link Checker
        id: lychee
-        uses: lycheeverse/lychee-action@v1.8.0
+        uses: lycheeverse/lychee-action@v1.9.0
        with:
            # For parameter description, see https://github.com/lycheeverse/lychee#commandline-parameters
            # Actions Link address -> https://github.com/lycheeverse/lychee-action
--- a/.github/workflows/lock-issue.yml
+++ b/.github/workflows/lock-issue.yml
@ -30,7 +30,7 @@ jobs:
  action:
    runs-on: ubuntu-latest
    steps:
-      - uses: dessant/lock-threads@v4
+      - uses: dessant/lock-threads@v5
        with:
          github-token: ${{ secrets.BOT_GITHUB_TOKEN }}
          issue-inactive-days: '365'
--- a/.github/workflows/milestone.yml
+++ b/.github/workflows/milestone.yml
@ -39,7 +39,7 @@ jobs:
      statuses: none
    steps:
-      - uses: actions/github-script@v6 # v6
+      - uses: actions/github-script@v7 # v6
        with:
          script: |
            if (!context.payload.pull_request.merged) {
--- a/.github/workflows/opencommit.yml
+++ b/.github/workflows/opencommit.yml
@ -28,10 +28,10 @@ jobs:
    permissions: write-all
    steps:
      - name: Setup Node.js Environment
-        uses: actions/setup-node@v2
+        uses: actions/setup-node@v4
        with:
          node-version: '16'
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
        with:
          fetch-depth: 0
      - uses: di-sukharev/opencommit@github-action-v1.0.4
--- a/.github/workflows/openimci.yml
+++ b/.github/workflows/openimci.yml
@ -54,7 +54,7 @@ jobs:
      uses: actions/checkout@v4
    - name: Set up Go ${{ matrix.go_version }}
-      uses: actions/setup-go@v4
+      uses: actions/setup-go@v5
      with:
        go-version: ${{ matrix.go_version }}
      id: go
@ -180,7 +180,7 @@ jobs:
      uses: actions/checkout@v4
    - name: Set up Go ${{ matrix.go_version }}
-      uses: actions/setup-go@v4
+      uses: actions/setup-go@v5
      with:
        go-version: ${{ matrix.go_version }}
      id: go
@ -265,7 +265,7 @@ jobs:
    - name: Checkout code
      uses: actions/checkout@v4
    - name: Set up Go ${{ matrix.go_version }}
-      uses: actions/setup-go@v4
+      uses: actions/setup-go@v5
      with:
        go-version: ${{ matrix.go_version }}
      id: go
--- a/.github/workflows/project-progress.yml
+++ b/.github/workflows/project-progress.yml
@ -29,7 +29,7 @@ jobs:
  move-assigned-card:
    runs-on: ubuntu-latest
    steps:
-      - uses: alex-page/github-project-automation-plus@v0.8.3
+      - uses: alex-page/github-project-automation-plus@v0.9.0
        with:
          project: openim-powerful
          column: In Progress
--- a/.github/workflows/pull-request.yml
+++ b/.github/workflows/pull-request.yml
@ -46,7 +46,7 @@ jobs:
      - uses: actions/setup-node@v4
      - name: Setup Go
-        uses: actions/setup-go@v4
+        uses: actions/setup-go@v5
      - name: Run go modules tidy
        run: |
          sudo make tidy
@ -79,7 +79,7 @@ jobs:
        continue-on-error: true
      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v3
      - name: OpenIM verify copyright
        run: |
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -33,7 +33,7 @@ jobs:
        with:
          fetch-depth: 0
      - run: git fetch --force --tags
-      - uses: actions/setup-go@v4
+      - uses: actions/setup-go@v5
        with:
          go-version: stable
      # More assembly might be required: Docker logins, GPG, etc. It all depends
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@ -32,7 +32,7 @@ jobs:
      pull-requests: write
    steps:
-    - uses: actions/stale@v8
+    - uses: actions/stale@v9
      with:
        repo-token: ${{ secrets.BOT_GITHUB_TOKEN }}
        days-before-stale: 60