search

bitwarden / android

Bitwarden mobile app for Android.
https://bitwarden.com
GNU General Public License v3.0
5.86k stars 763 forks source link

[deps]: Update gh minor #3342

Closed renovate[bot] closed 1 week ago

renovate[bot] commented 1 week ago

Mend Renovate

This PR contains the following updates:

Package Type Update Change
actions/checkout action patch v4.1.6 -> v4.1.7
actions/checkout action patch v4.1.3 -> v4.1.7
checkmarx/ast-github-action action patch 2.0.28 -> 2.0.29
crowdin/github-action action patch v1.20.2 -> v1.20.4
github/codeql-action action patch v3.25.6 -> v3.25.10
sonarsource/sonarcloud-github-action action minor v2.2.0 -> v2.3.0

[!WARNING] Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Release Notes

actions/checkout (actions/checkout) ### [`v4.1.7`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v417) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.6...v4.1.7) - Bump the minor-npm-dependencies group across 1 directory with 4 updates by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1739](https://togithub.com/actions/checkout/pull/1739) - Bump actions/checkout from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1697](https://togithub.com/actions/checkout/pull/1697) - Check out other refs/\* by commit by [@​orhantoy](https://togithub.com/orhantoy) in [https://github.com/actions/checkout/pull/1774](https://togithub.com/actions/checkout/pull/1774) - Pin actions/checkout's own workflows to a known, good, stable version. by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1776](https://togithub.com/actions/checkout/pull/1776)
checkmarx/ast-github-action (checkmarx/ast-github-action) ### [`v2.0.29`](https://togithub.com/Checkmarx/ast-github-action/releases/tag/2.0.29) [Compare Source](https://togithub.com/checkmarx/ast-github-action/compare/2.0.28...2.0.29) #### What's Changed ##### Dependencies Updates 🛠 - Bump checkmarx/ast-cli from 2.1.2 to 2.1.5 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/Checkmarx/ast-github-action/pull/184](https://togithub.com/Checkmarx/ast-github-action/pull/184) **Full Changelog**: https://github.com/Checkmarx/ast-github-action/compare/2.0.28...2.0.29
crowdin/github-action (crowdin/github-action) ### [`v1.20.4`](https://togithub.com/crowdin/github-action/releases/tag/v1.20.4) [Compare Source](https://togithub.com/crowdin/github-action/compare/v1.20.3...v1.20.4) #### What's Changed - CLI [3.19.4](https://togithub.com/crowdin/crowdin-cli/releases/tag/3.19.4) by [@​andrii-bodnar](https://togithub.com/andrii-bodnar) - ci: upgrade actions by [@​andrii-bodnar](https://togithub.com/andrii-bodnar) in [https://github.com/crowdin/github-action/pull/226](https://togithub.com/crowdin/github-action/pull/226) **Full Changelog**: https://github.com/crowdin/github-action/compare/v1.20.3...v1.20.4 ### [`v1.20.3`](https://togithub.com/crowdin/github-action/releases/tag/v1.20.3) [Compare Source](https://togithub.com/crowdin/github-action/compare/v1.20.2...v1.20.3) #### What's Changed - CLI [3.19.3](https://togithub.com/crowdin/crowdin-cli/releases/tag/3.19.3) by [@​andrii-bodnar](https://togithub.com/andrii-bodnar) - chore: deprecate the 'identity' option by [@​andrii-bodnar](https://togithub.com/andrii-bodnar) in [https://github.com/crowdin/github-action/pull/224](https://togithub.com/crowdin/github-action/pull/224) **Full Changelog**: https://github.com/crowdin/github-action/compare/v1.20.2...v1.20.3
github/codeql-action (github/codeql-action) ### [`v3.25.10`](https://togithub.com/github/codeql-action/compare/v3.25.9...v3.25.10) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.9...v3.25.10) ### [`v3.25.9`](https://togithub.com/github/codeql-action/compare/v3.25.8...v3.25.9) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.8...v3.25.9) ### [`v3.25.8`](https://togithub.com/github/codeql-action/compare/v3.25.7...v3.25.8) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.7...v3.25.8) ### [`v3.25.7`](https://togithub.com/github/codeql-action/compare/v3.25.6...v3.25.7) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.6...v3.25.7)
sonarsource/sonarcloud-github-action (sonarsource/sonarcloud-github-action) ### [`v2.3.0`](https://togithub.com/SonarSource/sonarcloud-github-action/releases/tag/v2.3.0) [Compare Source](https://togithub.com/sonarsource/sonarcloud-github-action/compare/v2.2.0...v2.3.0) #### What's Changed - SCSCANGHA-18 Add workflow to automate tags creation upon release by [@​antoine-vinot-sonarsource](https://togithub.com/antoine-vinot-sonarsource) in [https://github.com/SonarSource/sonarcloud-github-action/pull/81](https://togithub.com/SonarSource/sonarcloud-github-action/pull/81) - SCSCANGHA-22 Revert "SCSCANGHA-16 Support passing args with spaces ([#​79](https://togithub.com/sonarsource/sonarcloud-github-action/issues/79))" by [@​csaba-feher-sonarsource](https://togithub.com/csaba-feher-sonarsource) in [https://github.com/SonarSource/sonarcloud-github-action/pull/83](https://togithub.com/SonarSource/sonarcloud-github-action/pull/83) #### New Contributors - [@​csaba-feher-sonarsource](https://togithub.com/csaba-feher-sonarsource) made their first contribution in [https://github.com/SonarSource/sonarcloud-github-action/pull/83](https://togithub.com/SonarSource/sonarcloud-github-action/pull/83) **Full Changelog**: https://github.com/SonarSource/sonarcloud-github-action/compare/v2...v2.3.0

Configuration

📅 Schedule: Branch creation - "every 2nd week starting on the 2 week of the year before 4am on Monday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

â™» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

This PR has been generated by Mend Renovate. View repository job log here.

github-actions[bot] commented 1 week ago

🧛 App Code Coverage: 88.61%

Coverage of Modified Files:

File Coverage

Modified Files Not Found In Coverage Report:

crowdin-pull.yml crowdin-push.yml scan.yml

Codebase cunningly covered by count Shroud 🧛

Generated by :no_entry_sign: Danger

github-actions[bot] commented 1 week ago

Logo Checkmarx One – Scan Summary & Details – 62d98cbf-5233-42dc-a05b-35257c4c671e

Fixed Issues

Severity Issue Source File / Package
MEDIUM Privacy_Violation /app/src/main/java/com/x8bit/bitwarden/ui/vault/feature/vault/VaultViewModel.kt: 369
MEDIUM Privacy_Violation /app/src/main/java/com/x8bit/bitwarden/ui/vault/feature/item/VaultItemViewModel.kt: 581
MEDIUM Privacy_Violation /app/src/main/java/com/x8bit/bitwarden/data/autofill/manager/AutofillCompletionManagerImpl.kt: 110
MEDIUM Privacy_Violation /app/src/main/java/com/x8bit/bitwarden/ui/vault/feature/itemlisting/VaultItemListingViewModel.kt: 661
MEDIUM Privacy_Violation /app/src/main/java/com/x8bit/bitwarden/ui/vault/feature/itemlisting/VaultItemListingViewModel.kt: 661
MEDIUM Privacy_Violation /app/src/main/java/com/x8bit/bitwarden/ui/vault/feature/itemlisting/VaultItemListingViewModel.kt: 661
MEDIUM Privacy_Violation /app/src/main/java/com/x8bit/bitwarden/ui/vault/feature/itemlisting/VaultItemListingViewModel.kt: 661
MEDIUM Privacy_Violation /app/src/main/java/com/x8bit/bitwarden/ui/vault/feature/itemlisting/VaultItemListingViewModel.kt: 661
MEDIUM Privacy_Violation /app/src/main/java/com/x8bit/bitwarden/ui/vault/feature/itemlisting/VaultItemListingViewModel.kt: 347
MEDIUM Privacy_Violation /app/src/main/java/com/x8bit/bitwarden/ui/platform/feature/search/SearchViewModel.kt: 348