chore(deps): update github-actions

renovate[bot] commented 1 month ago

This PR contains the following updates:

Package	Type	Update	Change
actions/upload-artifact	action	patch	`v4.3.4` -> `v4.3.5`
docker/setup-buildx-action	action	minor	`v3.4.0` -> `v3.6.1`
github/codeql-action	action	patch	`v3.25.11` -> `v3.25.15`
miracum/.github	action	patch	`v1.11.2` -> `v1.11.4`
ossf/scorecard-action	action	minor	`v2.3.3` -> `v2.4.0`

Release Notes

actions/upload-artifact (actions/upload-artifact)

### [`v4.3.5`](https://togithub.com/actions/upload-artifact/compare/v4.3.4...v4.3.5) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.4...v4.3.5)

docker/setup-buildx-action (docker/setup-buildx-action)

### [`v3.6.1`](https://togithub.com/docker/setup-buildx-action/releases/tag/v3.6.1) [Compare Source](https://togithub.com/docker/setup-buildx-action/compare/v3.6.0...v3.6.1) - Check for malformed docker context by [@crazy-max](https://togithub.com/crazy-max) in [https://github.com/docker/setup-buildx-action/pull/347](https://togithub.com/docker/setup-buildx-action/pull/347) **Full Changelog**: https://github.com/docker/setup-buildx-action/compare/v3.6.0...v3.6.1 ### [`v3.6.0`](https://togithub.com/docker/setup-buildx-action/releases/tag/v3.6.0) [Compare Source](https://togithub.com/docker/setup-buildx-action/compare/v3.5.0...v3.6.0) - Create temp docker context if default one has TLS data loaded before creating a container builder by [@crazy-max](https://togithub.com/crazy-max) in [https://github.com/docker/setup-buildx-action/pull/341](https://togithub.com/docker/setup-buildx-action/pull/341) **Full Changelog**: https://github.com/docker/setup-buildx-action/compare/v3.5.0...v3.6.0 ### [`v3.5.0`](https://togithub.com/docker/setup-buildx-action/compare/v3.4.0...v3.5.0) [Compare Source](https://togithub.com/docker/setup-buildx-action/compare/v3.4.0...v3.5.0)

github/codeql-action (github/codeql-action)

### [`v3.25.15`](https://togithub.com/github/codeql-action/compare/v3.25.14...v3.25.15) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.14...v3.25.15) ### [`v3.25.14`](https://togithub.com/github/codeql-action/compare/v3.25.13...v3.25.14) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.13...v3.25.14) ### [`v3.25.13`](https://togithub.com/github/codeql-action/compare/v3.25.12...v3.25.13) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.12...v3.25.13) ### [`v3.25.12`](https://togithub.com/github/codeql-action/compare/v3.25.11...v3.25.12) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.11...v3.25.12)

miracum/.github (miracum/.github)

### [`v1.11.4`](https://togithub.com/miracum/.github/releases/tag/v1.11.4) [Compare Source](https://togithub.com/miracum/.github/compare/v1.11.3...v1.11.4) ##### Miscellaneous Chores - **deps:** update dependency gradle to v8.9 ([#73](https://togithub.com/miracum/.github/issues/73)) ([1965a6a](https://togithub.com/miracum/.github/commit/1965a6a256d06cb1195ea55b0c66fc56d0045f4f)) - **deps:** update docker.io/library/python:3.12.4-slim docker digest to [`1ef6f4d`](https://togithub.com/miracum/.github/commit/1ef6f4d) ([#71](https://togithub.com/miracum/.github/issues/71)) ([94bc59a](https://togithub.com/miracum/.github/commit/94bc59ad38688cdadd85572c9079a812dc2f3476)) - **deps:** update gcr.io/distroless/python3-debian12:nonroot docker digest to [`fdb3a04`](https://togithub.com/miracum/.github/commit/fdb3a04) ([#72](https://togithub.com/miracum/.github/issues/72)) ([cde023d](https://togithub.com/miracum/.github/commit/cde023da3ffba8ed29d617aa4aa7a6539dbbfb4b)) - **deps:** update github-actions ([#74](https://togithub.com/miracum/.github/issues/74)) ([8bd8b2e](https://togithub.com/miracum/.github/commit/8bd8b2ed7eae0c866d830fc8dd8cabf39d346ae5)) ### [`v1.11.3`](https://togithub.com/miracum/.github/releases/tag/v1.11.3) [Compare Source](https://togithub.com/miracum/.github/compare/v1.11.2...v1.11.3) ##### Miscellaneous Chores - **deps:** update github-actions ([#70](https://togithub.com/miracum/.github/issues/70)) ([6e79e87](https://togithub.com/miracum/.github/commit/6e79e87ffce2b28fa1052cbe3ac78f9ab7a2ea77))

ossf/scorecard-action (ossf/scorecard-action)

### [`v2.4.0`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.4.0) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.3...v2.4.0) #### What's Changed This update bumps the Scorecard version to the v5 release. For a complete list of changes, please refer to the [v5.0.0 release notes](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0). Of special note to Scorecard Action is the Maintainer Annotation feature, which can be used to suppress some Code Scanning false positives. Alerts will not be generated for any Scorecard Check with an annotation. - :seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0 by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1410](https://togithub.com/ossf/scorecard-action/pull/1410) - :bug: lower license sarif alert threshold to 9 by [@spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1411](https://togithub.com/ossf/scorecard-action/pull/1411) ##### Documentation - docs: dogfooding badge by [@jkowalleck](https://togithub.com/jkowalleck) in [https://github.com/ossf/scorecard-action/pull/1399](https://togithub.com/ossf/scorecard-action/pull/1399) #### New Contributors - [@jkowalleck](https://togithub.com/jkowalleck) made their first contribution in [https://github.com/ossf/scorecard-action/pull/1399](https://togithub.com/ossf/scorecard-action/pull/1399) **Full Changelog**: https://github.com/ossf/scorecard-action/compare/v2.3.3...v2.4.0

Configuration

📅 Schedule: Branch creation - "every 3 months on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

[ ] If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

github-actions[bot] commented 1 month ago

🦙 MegaLinter status: ⚠️ WARNING

Descriptor	Linter	Files	Errors	Elapsed time
✅ ACTION	actionlint	5	0	0.12s
✅ BASH	bash-exec	1	0	0.0s
✅ BASH	shellcheck	1	0	0.01s
✅ BASH	shfmt	1	0	0.03s
✅ CSHARP	csharpier	95	0	4.67s
⚠️ CSHARP	roslynator	3	2	46.33s
✅ DOCKERFILE	hadolint	1	0	0.14s
✅ EDITORCONFIG	editorconfig-checker	181	0	1.52s
✅ JSON	jsonlint	27	0	0.42s
✅ JSON	prettier	27	0	3.91s
✅ JSON	v8r	27	0	10.95s
✅ MARKDOWN	markdownlint	4	0	1.24s
✅ PROTOBUF	protolint	4	0	7.11s
✅ REPOSITORY	checkov	yes	no	14.65s
✅ REPOSITORY	dustilock	yes	no	0.06s
✅ REPOSITORY	gitleaks	yes	no	0.63s
✅ REPOSITORY	git_diff	yes	no	0.07s
✅ REPOSITORY	grype	yes	no	15.07s
✅ REPOSITORY	kics	yes	no	17.7s
✅ REPOSITORY	secretlint	yes	no	1.34s
✅ REPOSITORY	syft	yes	no	0.4s
✅ REPOSITORY	trivy	yes	no	8.84s
✅ REPOSITORY	trivy-sbom	yes	no	1.17s
✅ REPOSITORY	trufflehog	yes	no	5.65s
✅ XML	xmllint	2	0	0.01s
✅ YAML	prettier	29	0	2.52s
✅ YAML	v8r	29	0	39.99s
✅ YAML	yamllint	29	0	1.0s

See detailed report in MegaLinter reports

You could have same capabilities but better runtime performances if you request a new MegaLinter flavor.

Click here to request the new flavor

_MegaLinter is graciously provided by _

github-actions[bot] commented 1 month ago

Trivy image scan report

`ghcr.io/miracum/fhir-pseudonymizer:pr-193 (ubuntu 24.04)`

4 known vulnerabilities found (CRITICAL: 0 HIGH: 0 MEDIUM: 0 LOW: 4)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
`libssl3t64`	CVE-2024-2511	LOW	3.0.13-0ubuntu3.1	3.0.13-0ubuntu3.2
`libssl3t64`	CVE-2024-4603	LOW	3.0.13-0ubuntu3.1	3.0.13-0ubuntu3.2
`libssl3t64`	CVE-2024-4741	LOW	3.0.13-0ubuntu3.1	3.0.13-0ubuntu3.2
`libssl3t64`	CVE-2024-5535	LOW	3.0.13-0ubuntu3.1	3.0.13-0ubuntu3.2

No Misconfigurations found

`opt/fhir-pseudonymizer/FhirPseudonymizer.deps.json`

No Vulnerabilities found

No Misconfigurations found

`opt/fhir-pseudonymizer/packages.lock.json`

No Vulnerabilities found

No Misconfigurations found

`usr/share/dotnet/shared/Microsoft.AspNetCore.App/8.0.7/Microsoft.AspNetCore.App.deps.json`

No Vulnerabilities found

No Misconfigurations found

`usr/share/dotnet/shared/Microsoft.NETCore.App/8.0.7/Microsoft.NETCore.App.deps.json`

No Vulnerabilities found

No Misconfigurations found

github-actions[bot] commented 1 month ago

Package	Line Rate	Branch Rate	Health
FhirPseudonymizer.Tests	100%	100%	✔
FhirPseudonymizer	74%	65%	✔
Summary	81% (816 / 1008)	68% (93 / 136)	✔

Minimum allowed line rate is 50%

iter8 report


Experiment summary:
*******************

  Experiment completed: true
  No task failures: true
  Total number of tasks: 7
  Number of completed tasks: 7
  Number of completed loops: 1

Whether or not service level objectives (SLOs) are satisfied:
*************************************************************

  SLO Conditions                 | Satisfied
  --------------                 | ---------
  http/error-count <= 0          | true
  http/latency-mean (msec) <= 25 | true
  http/latency-p99 (msec) <= 85  | true

Latest observed values for metrics:
***********************************

  Metric                     | value
  -------                    | -----
  http/error-count           | 0.00
  http/error-rate            | 0.00
  http/latency-max (msec)    | 843.82
  http/latency-mean (msec)   | 14.71
  http/latency-min (msec)    | 2.16
  http/latency-p50 (msec)    | 7.35
  http/latency-p75 (msec)    | 13.07
  http/latency-p90 (msec)    | 45.88
  http/latency-p95 (msec)    | 55.56
  http/latency-p99 (msec)    | 71.06
  http/latency-p99.9 (msec)  | 113.33
  http/latency-stddev (msec) | 20.46
  http/request-count         | 25000.00

miracum-bot commented 1 month ago

:tada: This issue has been resolved in version 2.21.14 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket:

miracum / fhir-pseudonymizer