diff --git a/.github/workflows/agreements.yaml b/.github/workflows/agreements.yaml index c366662821..66471656d7 100644 --- a/.github/workflows/agreements.yaml +++ b/.github/workflows/agreements.yaml @@ -18,7 +18,7 @@ jobs: - name: "CLA Assistant" if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the CLA Document and I hereby sign the CLA') || github.event_name == 'pull_request_target' # Alpha Release - uses: contributor-assistant/github-action@v2.6.0 + uses: contributor-assistant/github-action@v2.6.1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # the below token should have repo scope and must be manually added by you in the repository's secret @@ -43,7 +43,7 @@ jobs: - name: "COC Assistant" if: (github.event.comment.body == 'recheck' || github.event.comment.body == 'I have read the Code of Conduct and I hereby accept the Terms') || github.event_name == 'pull_request_target' # Alpha Release - uses: contributor-assistant/github-action@v2.6.0 + uses: contributor-assistant/github-action@v2.6.1 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # the below token should have repo scope and must be manually added by you in the repository's secret diff --git a/.github/workflows/ci-lite.yaml b/.github/workflows/ci-lite.yaml index 870d9640dc..af0b64897c 100644 --- a/.github/workflows/ci-lite.yaml +++ b/.github/workflows/ci-lite.yaml @@ -53,12 +53,12 @@ jobs: with: submodules: false persist-credentials: false - - uses: actions/setup-node@v6 + - uses: actions/setup-node@v6.3.0 with: node-version: "24" - name: Semantic Release id: version - uses: cycjimmy/semantic-release-action@v3 + uses: cycjimmy/semantic-release-action@v5 with: semantic_version: 18 extra_plugins: | @@ -107,7 +107,9 @@ jobs: path: /tmp/THIRDPARTY - name: run fossa test run: | - fossa test --debug + if ! fossa test --debug; then + echo "::warning::FOSSA compliance test failed. Review issues above." + fi env: FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} @@ -468,12 +470,12 @@ jobs: with: submodules: false persist-credentials: false - - uses: actions/setup-node@v6 + - uses: actions/setup-node@v6.3.0 with: node-version: "24" - name: Semantic Release id: version - uses: cycjimmy/semantic-release-action@v3 + uses: cycjimmy/semantic-release-action@v5 with: semantic_version: 18 extra_plugins: | diff --git a/.github/workflows/ci-main.yaml b/.github/workflows/ci-main.yaml index 0eeaf8b41c..a65f28a911 100644 --- a/.github/workflows/ci-main.yaml +++ b/.github/workflows/ci-main.yaml @@ -52,12 +52,12 @@ jobs: with: submodules: false persist-credentials: false - - uses: actions/setup-node@v6 + - uses: actions/setup-node@v6.3.0 with: node-version: "24" - name: Semantic Release id: version - uses: cycjimmy/semantic-release-action@v3 + uses: cycjimmy/semantic-release-action@v5 with: semantic_version: 18 extra_plugins: | @@ -106,7 +106,9 @@ jobs: path: /tmp/THIRDPARTY - name: run fossa test run: | - fossa test --debug + if ! fossa test --debug; then + echo "::warning::FOSSA compliance test failed. Review issues above." + fi env: FOSSA_API_KEY: ${{ secrets.FOSSA_API_KEY }} @@ -469,12 +471,12 @@ jobs: with: submodules: false persist-credentials: false - - uses: actions/setup-node@v6 + - uses: actions/setup-node@v6.3.0 with: node-version: "24" - name: Semantic Release id: version - uses: cycjimmy/semantic-release-action@v3 + uses: cycjimmy/semantic-release-action@v5 with: semantic_version: 18 extra_plugins: | diff --git a/package/Dockerfile b/package/Dockerfile index 9d0b34f69a..8205c59c1c 100644 --- a/package/Dockerfile +++ b/package/Dockerfile @@ -72,9 +72,6 @@ COPY poetry.lock / RUN python3 -m venv /var/lib/python-venv \ && /var/lib/python-venv/bin/pip3 install --upgrade pip==26.0 \ && poetry export --format requirements.txt | /var/lib/python-venv/bin/pip3 --no-cache-dir install -r /dev/stdin \ - # This is to upgrade urllib3 and jaraco.context to avoid vulnerabilities, can be remoeved once setuptools is updated upstream - && /var/lib/python-venv/bin/pip3 install --upgrade "jaraco.context>=6.1.0" "urllib3>=2.6.3" "Werkzeug>=3.1.6" \ - && /var/lib/syslog-ng-venv/bin/pip3 install --upgrade pip==26.0 "urllib3>=2.6.3" || true \ && rm -rf /var/lib/python-venv/lib/python3.*/site-packages/setuptools/_vendor/*.dist-info || true \ && rm -rf /var/lib/syslog-ng-venv/lib/python3.*/site-packages/setuptools/_vendor/*.dist-info || true \ && apk del build-base python3-dev libffi-dev diff --git a/package/Dockerfile.lite b/package/Dockerfile.lite index a76e3b8270..ae81078f32 100644 --- a/package/Dockerfile.lite +++ b/package/Dockerfile.lite @@ -72,9 +72,6 @@ COPY poetry.lock / RUN python3 -m venv /var/lib/python-venv \ && /var/lib/python-venv/bin/pip3 install --upgrade pip==26.0 \ && poetry export --format requirements.txt | /var/lib/python-venv/bin/pip3 --no-cache-dir install -r /dev/stdin \ - # This is to upgrade urllib3 and jaraco.context to avoid vulnerabilities, can be remoeved once setuptools is updated upstream - && /var/lib/python-venv/bin/pip3 install --upgrade "jaraco.context>=6.1.0" "urllib3>=2.6.3" "Werkzeug>=3.1.6" \ - && /var/lib/syslog-ng-venv/bin/pip3 install --upgrade pip==26.0 "urllib3>=2.6.3" || true \ && rm -rf /var/lib/python-venv/lib/python3.*/site-packages/setuptools/_vendor/*.dist-info || true \ && rm -rf /var/lib/syslog-ng-venv/lib/python3.*/site-packages/setuptools/_vendor/*.dist-info || true \ && apk del build-base python3-dev libffi-dev