search

miracum / fhir-pseudonymizer

A REST service to pseudonymize and anonymize FHIR® resources.
MIT License
15 stars 2 forks source link

chore(deps): update github-actions #175

Closed renovate[bot] closed 4 months ago

renovate[bot] commented 4 months ago

Mend Renovate

This PR contains the following updates:

Package Type Update Change
actions/checkout action patch v4.1.6 -> v4.1.7
amannn/action-semantic-pull-request action digest e9fabac -> e32d7e6
github/codeql-action action patch v3.25.8 -> v3.25.10
miracum/.github action minor v1.9.1 -> v1.10.0

Release Notes

actions/checkout (actions/checkout) ### [`v4.1.7`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v417) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.6...v4.1.7) - Bump the minor-npm-dependencies group across 1 directory with 4 updates by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1739](https://togithub.com/actions/checkout/pull/1739) - Bump actions/checkout from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/actions/checkout/pull/1697](https://togithub.com/actions/checkout/pull/1697) - Check out other refs/\* by commit by [@​orhantoy](https://togithub.com/orhantoy) in [https://github.com/actions/checkout/pull/1774](https://togithub.com/actions/checkout/pull/1774) - Pin actions/checkout's own workflows to a known, good, stable version. by [@​jww3](https://togithub.com/jww3) in [https://github.com/actions/checkout/pull/1776](https://togithub.com/actions/checkout/pull/1776)
github/codeql-action (github/codeql-action) ### [`v3.25.10`](https://togithub.com/github/codeql-action/compare/v3.25.9...v3.25.10) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.9...v3.25.10) ### [`v3.25.9`](https://togithub.com/github/codeql-action/compare/v3.25.8...v3.25.9) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.8...v3.25.9)
miracum/.github (miracum/.github) ### [`v1.10.0`](https://togithub.com/miracum/.github/releases/tag/v1.10.0) [Compare Source](https://togithub.com/miracum/.github/compare/v1.9.2...v1.10.0) ##### Features - harden runner for build and release jobs ([#​61](https://togithub.com/miracum/.github/issues/61)) ([d53f448](https://togithub.com/miracum/.github/commit/d53f448b46aa81c7c877e45a0ae641bb93d5fd7c)) ### [`v1.9.2`](https://togithub.com/miracum/.github/releases/tag/v1.9.2) [Compare Source](https://togithub.com/miracum/.github/compare/v1.9.1...v1.9.2) ##### Miscellaneous Chores - **deps:** update all non-major dependencies ([#​57](https://togithub.com/miracum/.github/issues/57)) ([54ebc8d](https://togithub.com/miracum/.github/commit/54ebc8d668bc1882e69e92b58ae29eb542cd3fad)) - **deps:** update gcr.io/distroless/python3-debian12:nonroot docker digest to [`14c62b8`](https://togithub.com/miracum/.github/commit/14c62b8) ([#​56](https://togithub.com/miracum/.github/issues/56)) ([5eab4c7](https://togithub.com/miracum/.github/commit/5eab4c7bf6a5b1475f0c8b4d1e38e379a48f7a0a)) - **deps:** update github-actions ([#​60](https://togithub.com/miracum/.github/issues/60)) ([dee5806](https://togithub.com/miracum/.github/commit/dee5806b344d4370c1edc52ac4fd196c3160aec7))

Configuration

📅 Schedule: Branch creation - "every 3 months on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

This PR has been generated by Mend Renovate. View repository job log here.

github-actions[bot] commented 4 months ago

Trivy image scan report

ghcr.io/miracum/fhir-pseudonymizer:pr-175 (ubuntu 24.04)

8 known vulnerabilities found (CRITICAL: 0 HIGH: 0 MEDIUM: 4 LOW: 4)

Show detailed table of vulnerabilities
Package ID Severity Installed Version Fixed Version
libc6 CVE-2024-33599 MEDIUM 2.39-0ubuntu8.1 2.39-0ubuntu8.2
libc6 CVE-2024-33600 MEDIUM 2.39-0ubuntu8.1 2.39-0ubuntu8.2
libc6 CVE-2024-33601 MEDIUM 2.39-0ubuntu8.1 2.39-0ubuntu8.2
libc6 CVE-2024-33602 MEDIUM 2.39-0ubuntu8.1 2.39-0ubuntu8.2
libc6 CVE-2016-20013 LOW 2.39-0ubuntu8.1
libssl3t64 CVE-2024-2511 LOW 3.0.13-0ubuntu3.1
libssl3t64 CVE-2024-4603 LOW 3.0.13-0ubuntu3.1
libssl3t64 CVE-2024-4741 LOW 3.0.13-0ubuntu3.1

No Misconfigurations found

opt/fhir-pseudonymizer/FhirPseudonymizer.deps.json

No Vulnerabilities found

No Misconfigurations found

opt/fhir-pseudonymizer/packages.lock.json

No Vulnerabilities found

No Misconfigurations found

usr/share/dotnet/shared/Microsoft.AspNetCore.App/8.0.6/Microsoft.AspNetCore.App.deps.json

No Vulnerabilities found

No Misconfigurations found

usr/share/dotnet/shared/Microsoft.NETCore.App/8.0.6/Microsoft.NETCore.App.deps.json

No Vulnerabilities found

No Misconfigurations found

github-actions[bot] commented 4 months ago

Code Coverage

Package Line Rate Branch Rate Health
FhirPseudonymizer 74% 65%
FhirPseudonymizer.Tests 100% 100%
Summary 81% (816 / 1008) 68% (93 / 136)

Minimum allowed line rate is 50%

iter8 report


Experiment summary:
*******************

  Experiment completed: true
  No task failures: true
  Total number of tasks: 7
  Number of completed tasks: 7
  Number of completed loops: 1

Whether or not service level objectives (SLOs) are satisfied:
*************************************************************

  SLO Conditions                 | Satisfied
  --------------                 | ---------
  http/error-count <= 0          | true
  http/latency-mean (msec) <= 25 | true
  http/latency-p99 (msec) <= 85  | true

Latest observed values for metrics:
***********************************

  Metric                     | value
  -------                    | -----
  http/error-count           | 0.00
  http/error-rate            | 0.00
  http/latency-max (msec)    | 836.54
  http/latency-mean (msec)   | 15.69
  http/latency-min (msec)    | 2.31
  http/latency-p50 (msec)    | 6.95
  http/latency-p75 (msec)    | 10.00
  http/latency-p90 (msec)    | 59.21
  http/latency-p95 (msec)    | 69.10
  http/latency-p99 (msec)    | 79.30
  http/latency-p99.9 (msec)  | 120.00
  http/latency-stddev (msec) | 23.94
  http/request-count         | 25000.00
github-actions[bot] commented 4 months ago

🦙 MegaLinter status: ⚠️ WARNING

Descriptor Linter Files Fixed Errors Elapsed time
✅ ACTION actionlint 5 0 0.08s
✅ BASH bash-exec 1 0 0.01s
✅ BASH shellcheck 1 0 0.01s
✅ BASH shfmt 1 0 0.01s
✅ CSHARP csharpier 95 0 5.6s
⚠️ CSHARP roslynator 3 2 47.23s
✅ DOCKERFILE hadolint 1 0 0.13s
✅ EDITORCONFIG editorconfig-checker 181 0 2.7s
✅ JSON jsonlint 27 0 0.69s
✅ JSON prettier 27 0 5.16s
✅ JSON v8r 27 0 9.91s
✅ MARKDOWN markdownlint 4 0 1.7s
✅ PROTOBUF protolint 4 0 6.68s
✅ REPOSITORY checkov yes no 15.1s
✅ REPOSITORY dustilock yes no 0.06s
✅ REPOSITORY gitleaks yes no 0.75s
✅ REPOSITORY git_diff yes no 0.06s
✅ REPOSITORY grype yes no 19.0s
✅ REPOSITORY kics yes no 16.31s
✅ REPOSITORY secretlint yes no 1.29s
✅ REPOSITORY syft yes no 0.64s
✅ REPOSITORY trivy yes no 7.93s
✅ REPOSITORY trivy-sbom yes no 6.58s
✅ REPOSITORY trufflehog yes no 4.11s
✅ XML xmllint 2 0 0.05s
✅ YAML prettier 29 0 2.65s
✅ YAML v8r 29 0 31.98s
✅ YAML yamllint 29 0 1.14s

See detailed report in MegaLinter reports

You could have same capabilities but better runtime performances if you request a new MegaLinter flavor.

_MegaLinter is graciously provided by OX Security_

miracum-bot commented 4 months ago

:tada: This PR is included in version 2.21.11 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket: