Merge branch 'master' into dependabot/github_actions/step-security/ha…

…rden-runner-2.9.1
4k4xs4pH1r3 · Aug 16, 2024 · d13d470 · d13d470
2 parents d592c69 + 1d40883
commit d13d470
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 3 deletions.
diff --git a/.github/workflows/auto_merge.yml b/.github/workflows/auto_merge.yml
@@ -0,0 +1,31 @@
+name: Auto Update and Merge
+
+on:
+  schedule:
+    - cron: '*/45 * * * *' # Run every 45 minutes
+  pull_request_target:
+    types: [assigned, unassigned, labeled, unlabeled, opened, edited, reopened, synchronize, ready_for_review, locked, unlocked, review_requested, review_request_removed, auto_merge_enabled, auto_merge_disabled]
+    branches:
+      - master  # Replace 'target-branch' with your actual branch name      
+
+
+jobs:
+  auto-merge:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout code
+        uses: actions/[email protected]
+        with:
+          fetch-depth: 0  # Fetch all history for merging
+          ref: ${{ github.event.pull_request.head.ref }} # Checkout the PR's branch
+
+      - name: Merge PR into master
+        run: |
+          git config --global user.name 'github-actions[bot]'
+          git config --global user.email 'github-actions[bot]@users.noreply.github.com'
+          git checkout master 
+          git pull origin master  # Ensure master is up-to-date
+          git merge ${{ github.event.pull_request.head.ref }} --no-ff # Merge the PR's branch
+
+      - name: Push changes
+        run: git push origin master
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -24,4 +24,4 @@ jobs:
       - name: 'Checkout Repository'
         uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
       - name: 'Dependency Review'
-        uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2
+        uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4
diff --git a/.github/workflows/trivy-analysis.yml b/.github/workflows/trivy-analysis.yml
@@ -27,7 +27,7 @@ jobs:
           docker build -t docker.io/my-organization/my-app:${{ github.sha }} .
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # master
+        uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # master
         with:
           image-ref: 'docker.io/my-organization/my-app:${{ github.sha }}'
           format: 'template'

diff --git a/scripts/docker/Dockerfile b/scripts/docker/Dockerfile
@@ -6,7 +6,7 @@
 ##   docker push xeffyr/termux-advanced-builder
 ##
 
-FROM ubuntu:24.04@sha256:3f85b7caad41a95462cf5b787d8a04604c8262cdcdf9a472b8c52ef83375fe15
+FROM ubuntu:24.04@sha256:e3f92abc0967a6c19d0dfa2d55838833e947b9d74edbcb0113e48535ad4be12a
 
 # Fix locale to avoid warnings:
 ENV LANG en_US.UTF-8