From d5fdedff4aa9696f5e014273e181844222f49bdf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 31 Mar 2026 09:54:09 +1100 Subject: [PATCH] chore(deps): bump the dependencies group with 3 updates (#11639) Bumps the dependencies group with 3 updates: [oasdiff/oasdiff-action](https://github.com/oasdiff/oasdiff-action), [CodSpeedHQ/action](https://github.com/codspeedhq/action) and [anchore/sbom-action](https://github.com/anchore/sbom-action). Updates `oasdiff/oasdiff-action` from 0.0.21 to 0.0.37 - [Release notes](https://github.com/oasdiff/oasdiff-action/releases) - [Commits](https://github.com/oasdiff/oasdiff-action/compare/1c611ffb1253a72924624aa4fb662e302b3565d3...1f38ea5ea0b4a2e4e49901c3bcdf4386a05e9ea1) Updates `CodSpeedHQ/action` from 4.11.1 to 4.12.1 - [Release notes](https://github.com/codspeedhq/action/releases) - [Changelog](https://github.com/CodSpeedHQ/action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codspeedhq/action/compare/281164b0f014a4e7badd2c02cecad9b595b70537...1c8ae4843586d3ba879736b7f6b7b0c990757fab) Updates `anchore/sbom-action` from 0.23.1 to 0.24.0 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](https://github.com/anchore/sbom-action/compare/57aae528053a48a3f6235f2d9461b05fbcb7366d...e22c389904149dbc22b58101806040fa8d37a610) --- updated-dependencies: - dependency-name: oasdiff/oasdiff-action dependency-version: 0.0.37 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: CodSpeedHQ/action dependency-version: 4.12.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: anchore/sbom-action dependency-version: 0.24.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/qc_checks.yaml | 6 +++--- .github/workflows/release.yaml | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/qc_checks.yaml b/.github/workflows/qc_checks.yaml index ddb8d63769..25f6af9867 100644 --- a/.github/workflows/qc_checks.yaml +++ b/.github/workflows/qc_checks.yaml @@ -222,7 +222,7 @@ jobs: echo "Downloaded api.yaml" - name: Running OpenAPI Spec diff action id: breaking_changes - uses: oasdiff/oasdiff-action/diff@1c611ffb1253a72924624aa4fb662e302b3565d3 # pin@main + uses: oasdiff/oasdiff-action/diff@1f38ea5ea0b4a2e4e49901c3bcdf4386a05e9ea1 # pin@main with: base: "api.yaml" revision: "src/backend/InvenTree/schema.yml" @@ -363,7 +363,7 @@ jobs: pip install . if: needs.paths-filter.outputs.submit-performance == 'true' - name: Performance Reporting - uses: CodSpeedHQ/action@281164b0f014a4e7badd2c02cecad9b595b70537 # pin@v4 + uses: CodSpeedHQ/action@1c8ae4843586d3ba879736b7f6b7b0c990757fab # pin@v4 # check if we are in inventree/inventree - reporting only works in that OIDC context if: github.repository == 'inventree/InvenTree' && needs.paths-filter.outputs.submit-performance == 'true' with: @@ -454,7 +454,7 @@ jobs: env: node_version: '>=20.19.0' - name: Performance Reporting - uses: CodSpeedHQ/action@281164b0f014a4e7badd2c02cecad9b595b70537 # pin@v4 + uses: CodSpeedHQ/action@1c8ae4843586d3ba879736b7f6b7b0c990757fab # pin@v4 with: mode: walltime run: inv dev.test --pytest diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 87a2e701d9..aa77d5282c 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -55,7 +55,7 @@ jobs: - name: Build frontend run: cd src/frontend && npm run compile && npm run build - name: Create SBOM for frontend - uses: anchore/sbom-action@57aae528053a48a3f6235f2d9461b05fbcb7366d # pin@v0 + uses: anchore/sbom-action@e22c389904149dbc22b58101806040fa8d37a610 # pin@v0 with: artifact-name: frontend-build.spdx path: src/frontend