chore(deps): update sonarqube support dependencies (#69)

renovate[bot] · web-flow · commit ca5c73c3cb93 · 2024-05-09T22:07:25.000-04:00
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.4` -> `v4.1.5` | | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | | patch | `v0.33.1` -> `v0.33.2` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.3` -> `v3.25.4` | | [golangci/golangci-lint](https://togithub.com/golangci/golangci-lint) | repository | patch | `v1.58.0` -> `v1.58.1` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.1` -> `v2.3.3` | | [python-jsonschema/check-jsonschema](https://togithub.com/python-jsonschema/check-jsonschema) | repository | patch | `0.28.2` -> `0.28.3` | | [renovatebot/pre-commit-hooks](https://togithub.com/renovatebot/pre-commit-hooks) | repository | minor | `37.342.1` -> `37.353.1` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. Note: The `pre-commit` manager in Renovate is not supported by the `pre-commit` maintainers or community. Please do not report any problems there, instead [create a Discussion in the Renovate repository](https://togithub.com/renovatebot/renovate/discussions/new) if you have any questions. --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@&#8203;cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703) - Bump github/codeql-action from 2 to 3 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694) - Bump actions/setup-node from 1 to 4 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696) - Bump actions/upload-artifact from 2 to 4 by [@&#8203;dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695) - README: Suggest `user.email` to be `41898282+github-actions[bot]@&#8203;users.noreply.github.com` by [@&#8203;cory-miller](https://togithub.com/cory-miller) in [https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707) **Full Changelog**: actions/checkout@v4.1.4...v4.1.5 </details> <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.33.2`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.2) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.1...v0.33.2) ##### What's Changed - fix: schema integration by [@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2463](https://togithub.com/defenseunicorns/zarf/pull/2463) - docs: add contributor covenant code of conduct by [@&#8203;salaxander](https://togithub.com/salaxander) in [https://github.com/defenseunicorns/zarf/pull/2462](https://togithub.com/defenseunicorns/zarf/pull/2462) - docs: fix casing on code of conduct badge by [@&#8203;salaxander](https://togithub.com/salaxander) in [https://github.com/defenseunicorns/zarf/pull/2466](https://togithub.com/defenseunicorns/zarf/pull/2466) - fix(deps): update github.com/anchore/clio digest to [`3c4abf8`](https://togithub.com/defenseunicorns/zarf/commit/3c4abf8) by [@&#8203;renovate](https://togithub.com/renovate) in [https://github.com/defenseunicorns/zarf/pull/2424](https://togithub.com/defenseunicorns/zarf/pull/2424) - fix: update docker media type in registry by [@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in [https://github.com/defenseunicorns/zarf/pull/2476](https://togithub.com/defenseunicorns/zarf/pull/2476) - fix: adds GetVariableConfig function for packager by [@&#8203;decleaver](https://togithub.com/decleaver) in [https://github.com/defenseunicorns/zarf/pull/2475](https://togithub.com/defenseunicorns/zarf/pull/2475) - test: add tests for remove copies from components to enable refactoring by [@&#8203;phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2473](https://togithub.com/defenseunicorns/zarf/pull/2473) - fix!: do not uninstall helm chart after failed install or upgrade by [@&#8203;lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2456](https://togithub.com/defenseunicorns/zarf/pull/2456) - feat: inspect --list-images by [@&#8203;Noxsios](https://togithub.com/Noxsios) in [https://github.com/defenseunicorns/zarf/pull/2478](https://togithub.com/defenseunicorns/zarf/pull/2478) - refactor: remove copies from components to a filter by [@&#8203;phillebaba](https://togithub.com/phillebaba) in [https://github.com/defenseunicorns/zarf/pull/2474](https://togithub.com/defenseunicorns/zarf/pull/2474) - chore: add support.md by [@&#8203;schristoff](https://togithub.com/schristoff) in [https://github.com/defenseunicorns/zarf/pull/2480](https://togithub.com/defenseunicorns/zarf/pull/2480) - chore: add a check for go mod tidy by [@&#8203;lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2481](https://togithub.com/defenseunicorns/zarf/pull/2481) - fix: use correct sha256 checksum for arm64 injector binary by [@&#8203;lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2483](https://togithub.com/defenseunicorns/zarf/pull/2483) - fix: simplify go mod tidy check by [@&#8203;lucasrod16](https://togithub.com/lucasrod16) in [https://github.com/defenseunicorns/zarf/pull/2482](https://togithub.com/defenseunicorns/zarf/pull/2482) ##### New Contributors - [@&#8203;salaxander](https://togithub.com/salaxander) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2462](https://togithub.com/defenseunicorns/zarf/pull/2462) - [@&#8203;phillebaba](https://togithub.com/phillebaba) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2473](https://togithub.com/defenseunicorns/zarf/pull/2473) - [@&#8203;schristoff](https://togithub.com/schristoff) made their first contribution in [https://github.com/defenseunicorns/zarf/pull/2480](https://togithub.com/defenseunicorns/zarf/pull/2480) **Full Changelog**: zarf-dev/zarf@v0.33.1...v0.33.2 </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) </details> <details> <summary>golangci/golangci-lint (golangci/golangci-lint)</summary> ### [`v1.58.1`](https://togithub.com/golangci/golangci-lint/compare/v1.58.0...v1.58.1) [Compare Source](https://togithub.com/golangci/golangci-lint/compare/v1.58.0...v1.58.1) </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) </details> <details> <summary>python-jsonschema/check-jsonschema (python-jsonschema/check-jsonschema)</summary> ### [`v0.28.3`](https://togithub.com/python-jsonschema/check-jsonschema/blob/HEAD/CHANGELOG.rst#0283) [Compare Source](https://togithub.com/python-jsonschema/check-jsonschema/compare/0.28.2...0.28.3) - Update vendored schemas: dependabot, github-workflows, gitlab-ci, renovate, woodpecker-ci (2024-05-05) - Update Cloud Build pre-commit hook to support JSON Cloud Build config. Thanks :user:`jrdnbradford`! (:pr:`427`) </details> <details> <summary>renovatebot/pre-commit-hooks (renovatebot/pre-commit-hooks)</summary> ### [`v37.353.1`](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.353.0...37.353.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.353.0...37.353.1) ### [`v37.353.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.353.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.352.0...37.353.0) See https://github.com/renovatebot/renovate/releases/tag/37.353.0 for more changes ### [`v37.352.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.352.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.351.4...37.352.0) See https://github.com/renovatebot/renovate/releases/tag/37.352.0 for more changes ### [`v37.351.4`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.351.4) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.351.2...37.351.4) See https://github.com/renovatebot/renovate/releases/tag/37.351.4 for more changes ### [`v37.351.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.351.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.351.1...37.351.2) See https://github.com/renovatebot/renovate/releases/tag/37.351.2 for more changes ### [`v37.351.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.351.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.351.0...37.351.1) See https://github.com/renovatebot/renovate/releases/tag/37.351.1 for more changes ### [`v37.351.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.351.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.349.3...37.351.0) See https://github.com/renovatebot/renovate/releases/tag/37.351.0 for more changes ### [`v37.349.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.349.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.349.2...37.349.3) See https://github.com/renovatebot/renovate/releases/tag/37.349.3 for more changes ### [`v37.349.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.349.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.349.0...37.349.2) See https://github.com/renovatebot/renovate/releases/tag/37.349.2 for more changes ### [`v37.349.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.349.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.347.2...37.349.0) See https://github.com/renovatebot/renovate/releases/tag/37.349.0 for more changes ### [`v37.347.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.347.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.347.0...37.347.2) See https://github.com/renovatebot/renovate/releases/tag/37.347.2 for more changes ### [`v37.347.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.347.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.345.0...37.347.0) See https://github.com/renovatebot/renovate/releases/tag/37.347.0 for more changes ### [`v37.345.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.345.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.344.0...37.345.0) See https://github.com/renovatebot/renovate/releases/tag/37.345.0 for more changes ### [`v37.344.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.344.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.342.1...37.344.0) See https://github.com/renovatebot/renovate/releases/tag/37.344.0 for more changes </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-package-sonarqube).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Release-As: v9.9.2-uds.0
diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
@@ -15,7 +15,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
         with:
           fetch-depth: 0
 
diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml
@@ -22,12 +22,12 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
+        uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
         with:
           results_file: results.sarif
           results_format: sarif
@@ -45,6 +45,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3
+        uses: github/codeql-action/upload-sarif@ccf74c947955fd1cf117aef6a0e4e66191ef6f61 # v3.25.4
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml
@@ -33,7 +33,7 @@ jobs:
       packages: write
 
     steps:
-      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+      - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
 
       - name: Environment setup
         uses: defenseunicorns/uds-common/.github/actions/setup@b2e8b25930c953ef893e7c787fe350f0d8679ee2 # v0.4.2
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -42,7 +42,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
+        uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
 
       - name: Environment setup
         uses: defenseunicorns/uds-common/.github/actions/setup@b2e8b25930c953ef893e7c787fe350f0d8679ee2 # v0.4.2
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -31,7 +31,7 @@ repos:
     hooks:
       - id: fix-smartquotes
   - repo: https://github.com/python-jsonschema/check-jsonschema
-    rev: 0.28.2
+    rev: 0.28.3
     hooks:
       - id: check-jsonschema
         name: "Validate Zarf Configs Against Schema"
@@ -40,14 +40,14 @@ repos:
         args:
           [
             "--schemafile",
-            "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.33.1/zarf.schema.json",
+            "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.33.2/zarf.schema.json",
             "--no-cache"
           ]
   - repo: https://github.com/golangci/golangci-lint
-    rev: v1.58.0
+    rev: v1.58.1
     hooks:
       - id: golangci-lint
   - repo: https://github.com/renovatebot/pre-commit-hooks
-    rev: 37.342.1
+    rev: 37.353.1
     hooks:
       - id: renovate-config-validator
