Bump the dependencies group with 1 update (#419)

* Bump the dependencies group with 1 update Bumps the dependencies group with 1 update: [github.com/jpsim/yams](https://github.com/jpsim/Yams). - [Release notes](https://github.com/jpsim/Yams/releases) - [Commits](jpsim/Yams@4.0.6...5.0.6) --- updated-dependencies: - dependency-name: github.com/jpsim/yams dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com> * Add CodeQL run to CI --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Gwynne Raskind <gwynne@vapor.codes>
vapor · Oct 9, 2023 · 60110a6 · 60110a6
1 parent 2e4dfca
commit 60110a6
Show file tree

Hide file tree

Showing 4 changed files with 40 additions and 10 deletions.
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -71,3 +71,33 @@ jobs:
                 ${FLUENTFLAGS} ${LEAFFLAGS}
       - name: Test new project
         run: swift test --package-path /tmp/toolbox-test
+
+  gh-codeql:
+    strategy:
+      fail-fast: false
+      matrix:
+        runner-os: ['ubuntu-latest', 'macos-13']
+    runs-on: ${{ matrix.runner-os }}
+    permissions: { actions: write, contents: read, security-events: write }
+    timeout-minutes: 60
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+      - name: Select Swift 5.8 on Linux
+        if: ${{ startsWith(matrix.runner-os, 'ubuntu') }}
+        uses: vapor/swiftly-action@v0.1
+        with:
+          toolchain: 5.8
+      - name: Select Swift 5.8 on macOS
+        if: ${{ startsWith(matrix.runner-os, 'macos') }}
+        uses: maxim-lobanov/setup-xcode@v1
+        with:
+          xcode-version: '~14.3'
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with: { languages: swift }
+      - name: Perform build
+        run: swift build
+      - name: Run CodeQL analyze
+        uses: github/codeql-action/analyze@v2
+
diff --git a/.github/workflows/update-hombrew.yml b/.github/workflows/update-hombrew.yml
@@ -8,16 +8,16 @@ jobs:
     runs-on: ubuntu-latest
     steps:
 
-      - name: Get token
-        id: get-token
-        uses: tibdex/github-app-token@v1
-        with:
-          app_id: ${{ vars.PENNY_APP_ID }}
-          private_key: ${{ secrets.PENNY_APP_PRIVATE_KEY }}
+#       - name: Get token
+#         id: get-token
+#         uses: tibdex/github-app-token@v1
+#         with:
+#           app_id: ${{ vars.PENNY_APP_ID }}
+#           private_key: ${{ secrets.PENNY_APP_PRIVATE_KEY }}
 
       - name: Update Homebrew formula
         id: update-formula
         uses: dawidd6/action-homebrew-bump-formula@v3
         with:
-          token: ${{ steps.get-token.outputs.token }}
+          token: ${{ secrets.BOT_GITHUB_TOKEN }}
           formula: vapor
diff --git a/Package.resolved b/Package.resolved
@@ -60,8 +60,8 @@
         "repositoryURL": "https://github.com/jpsim/Yams.git",
         "state": {
           "branch": null,
-          "revision": "9ff1cc9327586db4e0c8f46f064b6a82ec1566fa",
-          "version": "4.0.6"
+          "revision": "0d9ee7ea8c4ebd4a489ad7a73d5c6cad55d6fed3",
+          "version": "5.0.6"
         }
       }
     ]

diff --git a/Package.swift b/Package.swift
@@ -11,7 +11,7 @@ let package = Package(
     ],
     dependencies: [
         .package(url: "https://github.com/apple/swift-nio.git", from: "2.18.0"),
-        .package(url: "https://github.com/jpsim/Yams.git", from: "4.0.0"),
+        .package(url: "https://github.com/jpsim/Yams.git", from: "5.0.6"),
         .package(url: "https://github.com/tanner0101/mustache.git", from: "0.1.0"),
         .package(url: "https://github.com/vapor/console-kit.git", from: "4.2.0"),
     ],