security-tools/sigma-rules
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Pin dependencies (#5086)

Browse Source 
Co-authored-by: Shashank K S <Shashank.Suryanarayana@elastic.co>
This commit is contained in:
elastic-renovate-prod[bot]
2025-09-12 22:46:24 +05:30
committed by GitHub
parent 1dedea798a
commit 39b6f19eb9
14 changed files with 42 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/add-guidelines.yml
+3 -3
View File
@@ -9,7 +9,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check out the repository
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
- name: Set environment variable for early exit control
id: check_label
@@ -47,14 +47,14 @@ jobs:
- name: Fail if no relevant labels are found
if: env.GUIDELINES_FILE == ''
uses: actions/github-script@v7
uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7
with:
script: |
core.setFailed('No appropriate GitHub label found in the PR. Failing the job.')
- name: Add Guidelines Comment
if: env.CONTINUE_JOB == 'true' && (github.event.action == 'opened' || github.event.action == 'labeled')
uses: mshick/add-pr-comment@v2
uses: mshick/add-pr-comment@b8f338c590a895d50bcbfa6c5859251edc8952fc # v2
with:
message-path: ${{ env.GUIDELINES_FILE }}
repo-token: ${{ secrets.GITHUB_TOKEN }}
.github/workflows/backport.yml
+5 -5
View File
@@ -21,7 +21,7 @@ jobs:
github.event.pull_request.state == 'open' && !github.event.pull_request.draft
steps:
- name: 'Apply default "backport: auto" label'
uses: actions/github-script@v4
uses: actions/github-script@10b53a9ec6c222bb4ce97aa6bd2b5f739696b536 # v4
if: |
!contains(github.event.pull_request.labels.*.name, 'backport: auto') &&
!contains(github.event.pull_request.labels.*.name, 'backport: skip')
@@ -34,7 +34,7 @@ jobs:
labels: ['backport: auto']
})
- name: 'Remove "backport: auto" if "backport: skip" is set'
uses: actions/github-script@v4
uses: actions/github-script@10b53a9ec6c222bb4ce97aa6bd2b5f739696b536 # v4
if: |
contains(github.event.pull_request.labels.*.name, 'backport: auto') &&
contains(github.event.pull_request.labels.*.name, 'backport: skip')
@@ -65,7 +65,7 @@ jobs:
steps:
- name: Checkout repo
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
token: ${{ secrets.WRITE_TRADEBOT_DETECTION_RULES_TOKEN }}
ref: main
@@ -91,7 +91,7 @@ jobs:
git reset --soft HEAD^
- name: Setup Python 3.12
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
with:
python-version: '3.12'
@@ -159,7 +159,7 @@ jobs:
git push
- name: "Notify slack on failure"
uses: craftech-io/slack-action@v1
uses: craftech-io/slack-action@fb1d4e50375d7758efb90fa0564734bae931f84f # v1
with:
slack_webhook_url: ${{ secrets.EXTERNAL_SLACK_DETECTION_RULES_URL }}
status: failure
.github/workflows/branch-status-checks.yml
+2 -2
View File
@@ -18,14 +18,14 @@ jobs:
steps:
- name: Get Backport Status
id: get_backport_status
uses: fjogeleit/http-request-action@v1
uses: fjogeleit/http-request-action@bf78da14118941f7e940279dd58f67e863cbeff6 # v1
with:
url: "https://api.github.com/repos/elastic/detection-rules/actions/workflows/pythonpackage.yml/runs?per_page=1&branch=${{matrix.target_branch}}"
method: 'GET'
bearerToken: ${{ secrets.READ_ELASTIC_DETECTION_RULES_ORG_TOKEN }}
- name: Check Backport Status
uses: actions/github-script@v6
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6
with:
script: |
const workflow_status = ${{ toJSON(fromJSON(steps.get_backport_status.outputs.response).workflow_runs[0].status) }}
.github/workflows/code-checks.yml
+2 -2
View File
@@ -17,12 +17,12 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
fetch-depth: 1
- name: Set up Python 3.13
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
with:
python-version: '3.13'
.github/workflows/community.yml
+2 -2
View File
@@ -12,7 +12,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Check if member of elastic org
uses: actions/github-script@v6
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6
id: membership
with:
github-token: ${{ secrets.READ_ELASTIC_DETECTION_RULES_ORG_TOKEN }}
@@ -40,7 +40,7 @@ jobs:
- name: Add label for community members
uses: actions/github-script@v6
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6
if: ${{ steps.membership.outputs.result == 'notMember' }}
with:
script: |
.github/workflows/get-target-branches.yml
+2 -2
View File
@@ -14,10 +14,10 @@ jobs:
outputs:
matrix: ${{ steps.get-branch-list.outputs.matrix }}
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
- name: Set up Python 3.12
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
with:
python-version: '3.12'
.github/workflows/kibana-mitre-update.yml
+1 -1
View File
@@ -14,7 +14,7 @@ jobs:
KIBANA_ISSUE_NUMBER: 166152 # Define the Kibana issue number as a variable
steps:
- name: Checkout code
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
- name: Get MITRE Attack changed files
id: changed-attack-files
.github/workflows/lock-versions.yml
+5 -5
View File
@@ -14,7 +14,7 @@ jobs:
steps:
- name: Validate the source branch
uses: actions/github-script@v3
uses: actions/github-script@ffc2c79a5b2490bd33e0a41c1de74b877714d736 # v3
with:
script: |
if ('refs/heads/main' !== '${{github.event.ref}}') {
@@ -22,12 +22,12 @@ jobs:
}
- name: Checkout detection-rules
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
fetch-depth: 0
- name: Set up Python 3.12
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
with:
python-version: '3.12'
@@ -62,7 +62,7 @@ jobs:
- name: Create Pull Request
id: cpr
uses: peter-evans/create-pull-request@v3
uses: peter-evans/create-pull-request@18f7dc018cc2cd597073088f7c7591b9d1c02672 # v3
with:
assignees: '${{github.actor}}'
delete-branch: true
@@ -78,7 +78,7 @@ jobs:
labels: "backport: auto"
- name: Archive production artifacts
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
with:
name: release-files
path: |
.github/workflows/manual-backport.yml
+3 -3
View File
@@ -19,7 +19,7 @@ jobs:
steps:
- name: Checkout detection-rules
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
token: ${{ secrets.WRITE_TRADEBOT_DETECTION_RULES_TOKEN }}
fetch-depth: 0
@@ -46,7 +46,7 @@ jobs:
git reset --soft HEAD^
- name: Setup Python 3.12
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
with:
python-version: '3.12'
@@ -79,7 +79,7 @@ jobs:
./detection_rules/etc/commit-and-push.sh $TARGET_BRANCH $COMMIT_SHA
- name: "Notify slack on failure"
uses: craftech-io/slack-action@v1
uses: craftech-io/slack-action@fb1d4e50375d7758efb90fa0564734bae931f84f # v1
with:
slack_webhook_url: ${{ secrets.READ_DETECTION_RULES_SLACK_WEBHOOK_TOKEN }}
status: failure
.github/workflows/pythonpackage.yml
+3 -3
View File
@@ -12,7 +12,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
fetch-depth: 1
@@ -21,7 +21,7 @@ jobs:
git fetch origin main:refs/remotes/origin/main
- name: Set up Python 3.13
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
with:
python-version: '3.13'
@@ -48,7 +48,7 @@ jobs:
python -m detection_rules dev build-release $GENERATE_NAVIGATOR_FILES
- name: Archive production artifacts for branch builds
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
if: |
github.event_name == 'push'
with:
.github/workflows/release-docs.yml
+3 -3
View File
@@ -23,13 +23,13 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout detection-rules
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
path: detection-rules
fetch-depth: 0
- name: Checkout elastic/security-docs
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
token: ${{ secrets.WRITE_SECURITY_DOCS_DETECTION_RULES_TOKEN }}
repository: "elastic/security-docs"
@@ -38,7 +38,7 @@ jobs:
ref: ${{ github.event.inputs.target_branch }}
- name: Set up Python 3.12
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
with:
python-version: '3.12'
.github/workflows/release-fleet.yml
+6 -6
View File
@@ -39,14 +39,14 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Validate the source branch
uses: actions/github-script@v3
uses: actions/github-script@ffc2c79a5b2490bd33e0a41c1de74b877714d736 # v3
with:
script: |
if ('refs/heads/main' === '${{github.ref}}') {
core.setFailed('Forbidden branch')
}
- name: Checkout detection-rules
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
path: detection-rules
fetch-depth: 0
@@ -66,7 +66,7 @@ jobs:
git checkout $COMMIT_HASH
- name: Checkout elastic/integrations
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
token: ${{ secrets.WRITE_INTEGRATIONS_DETECTION_RULES_TOKEN }}
repository: ${{github.event.inputs.target_repo}}
@@ -74,7 +74,7 @@ jobs:
fetch-depth: 0
- name: Set up Python 3.12
uses: actions/setup-python@v5
uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5
with:
python-version: '3.12'
@@ -123,7 +123,7 @@ jobs:
git config --global user.name "tradebot-elastic"
- name: Setup go
uses: actions/setup-go@v3
uses: actions/setup-go@be3c94b385c4f180051c996d336f57a34c397495 # v3
with:
go-version: '^1.20.1'
check-latest: true
@@ -149,7 +149,7 @@ jobs:
$DRAFT_ARGS
- name: Archive production artifacts
uses: actions/upload-artifact@v4
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4
with:
name: release-files
path: |
.github/workflows/version-code-and-release.yml
+3 -3
View File
@@ -27,7 +27,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Ensure PR has Version Bump Label
uses: actions/github-script@v6
uses: actions/github-script@d7906e4ad0b1822421a7e6a35d5ca353c962f410 # v6
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
script: |
@@ -44,7 +44,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout repository
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
fetch-depth: 0
@@ -75,7 +75,7 @@ jobs:
contents: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4
with:
fetch-depth: 0