From f50e31f79531b6548fd00281b46d6a474d656370 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 1 Oct 2023 17:30:28 -0400
Subject: [PATCH 1/8] Bump coverlet.collector from 3.1.2 to 6.0.0 in /src (#65)
---
.../MorganStanley.Fdc3.AppDirectory.Tests.csproj | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/Tests/MorganStanley.Fdc3.AppDirectory.Tests/MorganStanley.Fdc3.AppDirectory.Tests.csproj b/src/Tests/MorganStanley.Fdc3.AppDirectory.Tests/MorganStanley.Fdc3.AppDirectory.Tests.csproj
index 92c0977..234b439 100644
--- a/src/Tests/MorganStanley.Fdc3.AppDirectory.Tests/MorganStanley.Fdc3.AppDirectory.Tests.csproj
+++ b/src/Tests/MorganStanley.Fdc3.AppDirectory.Tests/MorganStanley.Fdc3.AppDirectory.Tests.csproj
@@ -25,7 +25,7 @@
runtime; build; native; contentfiles; analyzers; buildtransitive
all
-
+
runtime; build; native; contentfiles; analyzers; buildtransitive
all
From 988f4f59ac56f1a470732c286fc7fb79fa6f26e7 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 1 Oct 2023 17:48:25 -0400
Subject: [PATCH 2/8] Bump xunit.runner.visualstudio from 2.5.0 to 2.5.1 in
/src (#64)
---
.../MorganStanley.Fdc3.AppDirectory.Tests.csproj | 2 +-
.../MorganStanley.Fdc3.NewtonsoftJson.Tests.csproj | 2 +-
.../MorganStanley.Fdc3.Tests/MorganStanley.Fdc3.Tests.csproj | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/Tests/MorganStanley.Fdc3.AppDirectory.Tests/MorganStanley.Fdc3.AppDirectory.Tests.csproj b/src/Tests/MorganStanley.Fdc3.AppDirectory.Tests/MorganStanley.Fdc3.AppDirectory.Tests.csproj
index 234b439..6dde0c8 100644
--- a/src/Tests/MorganStanley.Fdc3.AppDirectory.Tests/MorganStanley.Fdc3.AppDirectory.Tests.csproj
+++ b/src/Tests/MorganStanley.Fdc3.AppDirectory.Tests/MorganStanley.Fdc3.AppDirectory.Tests.csproj
@@ -21,7 +21,7 @@
-
+
runtime; build; native; contentfiles; analyzers; buildtransitive
all
diff --git a/src/Tests/MorganStanley.Fdc3.NewtonsoftJson.Tests/MorganStanley.Fdc3.NewtonsoftJson.Tests.csproj b/src/Tests/MorganStanley.Fdc3.NewtonsoftJson.Tests/MorganStanley.Fdc3.NewtonsoftJson.Tests.csproj
index ddde2b6..c730800 100644
--- a/src/Tests/MorganStanley.Fdc3.NewtonsoftJson.Tests/MorganStanley.Fdc3.NewtonsoftJson.Tests.csproj
+++ b/src/Tests/MorganStanley.Fdc3.NewtonsoftJson.Tests/MorganStanley.Fdc3.NewtonsoftJson.Tests.csproj
@@ -23,7 +23,7 @@
-
+
runtime; build; native; contentfiles; analyzers; buildtransitive
all
diff --git a/src/Tests/MorganStanley.Fdc3.Tests/MorganStanley.Fdc3.Tests.csproj b/src/Tests/MorganStanley.Fdc3.Tests/MorganStanley.Fdc3.Tests.csproj
index 4c5827a..08151fa 100644
--- a/src/Tests/MorganStanley.Fdc3.Tests/MorganStanley.Fdc3.Tests.csproj
+++ b/src/Tests/MorganStanley.Fdc3.Tests/MorganStanley.Fdc3.Tests.csproj
@@ -11,7 +11,7 @@
-
+
runtime; build; native; contentfiles; analyzers; buildtransitive
all
From 89ee75be3d43cccb75bfedae4bc9f69e10a4fa3a Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 1 Oct 2023 18:10:11 -0400
Subject: [PATCH 3/8] Bump Microsoft.NET.Test.Sdk from 17.3.2 to 17.7.2 in /src
(#63)
---
.../MorganStanley.Fdc3.AppDirectory.Tests.csproj | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/Tests/MorganStanley.Fdc3.AppDirectory.Tests/MorganStanley.Fdc3.AppDirectory.Tests.csproj b/src/Tests/MorganStanley.Fdc3.AppDirectory.Tests/MorganStanley.Fdc3.AppDirectory.Tests.csproj
index 6dde0c8..9c29f98 100644
--- a/src/Tests/MorganStanley.Fdc3.AppDirectory.Tests/MorganStanley.Fdc3.AppDirectory.Tests.csproj
+++ b/src/Tests/MorganStanley.Fdc3.AppDirectory.Tests/MorganStanley.Fdc3.AppDirectory.Tests.csproj
@@ -19,7 +19,7 @@
-
+
runtime; build; native; contentfiles; analyzers; buildtransitive
From 1e9d4620a5c6d019aed6af434396a40b6391e84c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 2 Oct 2023 07:06:01 -0400
Subject: [PATCH 4/8] Bump xunit from 2.4.2 to 2.5.1 in /src (#62)
Bumps [xunit](https://github.com/xunit/xunit) from 2.4.2 to 2.5.1.
- [Commits](https://github.com/xunit/xunit/compare/2.4.2...2.5.1)
---
updated-dependencies:
- dependency-name: xunit
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot]
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
.../MorganStanley.Fdc3.AppDirectory.Tests.csproj | 2 +-
.../MorganStanley.Fdc3.NewtonsoftJson.Tests.csproj | 2 +-
.../MorganStanley.Fdc3.Tests/MorganStanley.Fdc3.Tests.csproj | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/Tests/MorganStanley.Fdc3.AppDirectory.Tests/MorganStanley.Fdc3.AppDirectory.Tests.csproj b/src/Tests/MorganStanley.Fdc3.AppDirectory.Tests/MorganStanley.Fdc3.AppDirectory.Tests.csproj
index 9c29f98..993b39d 100644
--- a/src/Tests/MorganStanley.Fdc3.AppDirectory.Tests/MorganStanley.Fdc3.AppDirectory.Tests.csproj
+++ b/src/Tests/MorganStanley.Fdc3.AppDirectory.Tests/MorganStanley.Fdc3.AppDirectory.Tests.csproj
@@ -20,7 +20,7 @@
-
+
runtime; build; native; contentfiles; analyzers; buildtransitive
all
diff --git a/src/Tests/MorganStanley.Fdc3.NewtonsoftJson.Tests/MorganStanley.Fdc3.NewtonsoftJson.Tests.csproj b/src/Tests/MorganStanley.Fdc3.NewtonsoftJson.Tests/MorganStanley.Fdc3.NewtonsoftJson.Tests.csproj
index c730800..1be459d 100644
--- a/src/Tests/MorganStanley.Fdc3.NewtonsoftJson.Tests/MorganStanley.Fdc3.NewtonsoftJson.Tests.csproj
+++ b/src/Tests/MorganStanley.Fdc3.NewtonsoftJson.Tests/MorganStanley.Fdc3.NewtonsoftJson.Tests.csproj
@@ -22,7 +22,7 @@
-
+
runtime; build; native; contentfiles; analyzers; buildtransitive
all
diff --git a/src/Tests/MorganStanley.Fdc3.Tests/MorganStanley.Fdc3.Tests.csproj b/src/Tests/MorganStanley.Fdc3.Tests/MorganStanley.Fdc3.Tests.csproj
index 08151fa..83aa389 100644
--- a/src/Tests/MorganStanley.Fdc3.Tests/MorganStanley.Fdc3.Tests.csproj
+++ b/src/Tests/MorganStanley.Fdc3.Tests/MorganStanley.Fdc3.Tests.csproj
@@ -10,7 +10,7 @@
-
+
runtime; build; native; contentfiles; analyzers; buildtransitive
all
From 4a9572f893f92651f40ddb9992def3c29859fb51 Mon Sep 17 00:00:00 2001
From: bingenito <28159742+bingenito@users.noreply.github.com>
Date: Tue, 3 Oct 2023 13:43:35 -0400
Subject: [PATCH 5/8] Scope GitHub Actions into dependabot
---
.github/dependabot.yml | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
index 6ac73f0..e2b2086 100644
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -5,7 +5,14 @@
version: 2
updates:
- - package-ecosystem: "nuget" # See documentation for possible values
- directory: "/src" # Location of package manifests
+ # Maintain dependencies for .NET
+ - package-ecosystem: "nuget"
+ directory: "/src"
schedule:
interval: "monthly"
+
+ # Maintain dependencies for GitHub Actions
+ - package-ecosystem: "github-actions"
+ directory: "/"
+ schedule:
+ interval: "monthly"
\ No newline at end of file
From 946bb2008ae73e117f821683dc468ddd04f2d052 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 4 Oct 2023 04:55:06 -0400
Subject: [PATCH 6/8] Bump ossf/scorecard-action from 2.1.2 to 2.2.0 (#67)
---
.github/workflows/scorecards.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index 6537aba..3d347bd 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -37,7 +37,7 @@ jobs:
persist-credentials: false
- name: "Run analysis"
- uses: ossf/scorecard-action@e38b1902ae4f44df626f11ba0734b14fb91f8f86 # v2.1.2
+ uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0
with:
results_file: results.sarif
results_format: sarif
From b90f2d723a5d7faaf3661df82904c1865f261ffa Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 4 Oct 2023 05:04:02 -0400
Subject: [PATCH 7/8] Bump codecov/codecov-action from 3.1.1 to 3.1.4 (#68)
---
.github/workflows/build.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 77571b6..729491a 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -50,4 +50,4 @@ jobs:
if-no-files-found: error
- name: Codecov
- uses: codecov/codecov-action@v3.1.1
\ No newline at end of file
+ uses: codecov/codecov-action@v3.1.4
\ No newline at end of file
From f7255527908a875809735295bb431d7fda60b98c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 4 Oct 2023 05:29:16 -0400
Subject: [PATCH 8/8] Bump actions/checkout from 3 to 4 (#69)
---
.github/workflows/build.yml | 2 +-
.github/workflows/codeql.yml | 2 +-
.github/workflows/scorecards.yml | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 729491a..c530bdb 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -12,7 +12,7 @@ jobs:
runs-on: windows-latest
steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@v4
with:
fetch-depth: 0
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index edad40a..30829c3 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -41,7 +41,7 @@ jobs:
steps:
- name: Checkout repository
- uses: actions/checkout@v3
+ uses: actions/checkout@v4
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index 3d347bd..8363de3 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -32,7 +32,7 @@ jobs:
steps:
- name: "Checkout code"
- uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0
+ uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
with:
persist-credentials: false