From f65ad208c9fccfab82a1856cae2a57ff856a420b Mon Sep 17 00:00:00 2001 From: Jhovan Escobidal <105746199+JhovanEscobidal@users.noreply.github.com> Date: Thu, 19 May 2022 21:39:57 -0500 Subject: [PATCH 1/2] Create SECURITY.md --- SECURITY.md | 21 +++++++++++++++++++++ 1 file changed, 21 insertions(+) create mode 100644 SECURITY.md diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000000..034e84803209 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,21 @@ +# Security Policy + +## Supported Versions + +Use this section to tell people about which versions of your project are +currently being supported with security updates. + +| Version | Supported | +| ------- | ------------------ | +| 5.1.x | :white_check_mark: | +| 5.0.x | :x: | +| 4.0.x | :white_check_mark: | +| < 4.0 | :x: | + +## Reporting a Vulnerability + +Use this section to tell people how to report a vulnerability. + +Tell them where to go, how often they can expect to get an update on a +reported vulnerability, what to expect if the vulnerability is accepted or +declined, etc. From e8ce1cf055cf0d5fc740d19c52c8542c9f4f3839 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Jan 2023 01:01:55 +0000 Subject: [PATCH 2/2] Bump actions/setup-node from 2.5.1 to 3.6.0 Bumps [actions/setup-node](https://github.com/actions/setup-node) from 2.5.1 to 3.6.0. - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/1f8c6b94b26d0feae1e387ca63ccbdc44d27b561...64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c) --- updated-dependencies: - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/autoupdate-branch.yml | 2 +- .github/workflows/azure-prod-build-deploy.yml | 2 +- .github/workflows/browser-test.yml | 2 +- .github/workflows/check-all-english-links.yml | 2 +- .github/workflows/check-broken-links-github-github.yml | 2 +- .github/workflows/code-lint.yml | 2 +- .github/workflows/content-changes-table-comment.yml | 2 +- .github/workflows/create-translation-batch-pr.yml | 2 +- .github/workflows/crowdin-cleanup.yml | 2 +- .github/workflows/docs-review-collect.yml | 2 +- .github/workflows/enterprise-dates.yml | 2 +- .github/workflows/enterprise-release-sync-search-index.yml | 2 +- .github/workflows/link-check-all.yml | 2 +- .github/workflows/open-enterprise-issue.yml | 2 +- .github/workflows/openapi-decorate.yml | 2 +- .github/workflows/openapi-schema-check.yml | 2 +- .github/workflows/orphaned-assets-check.yml | 2 +- .github/workflows/os-ready-for-review.yml | 2 +- .github/workflows/pa11y.yml | 2 +- .github/workflows/package-lock-lint.yml | 2 +- .github/workflows/ready-for-doc-review.yml | 2 +- .github/workflows/remove-unused-assets.yml | 2 +- .github/workflows/repo-sync.yml | 2 +- .github/workflows/sync-search-indices.yml | 2 +- .github/workflows/sync-search-pr.yml | 2 +- .github/workflows/test.yml | 2 +- .github/workflows/triage-unallowed-internal-changes.yml | 2 +- .github/workflows/update-graphql-files.yml | 2 +- 28 files changed, 28 insertions(+), 28 deletions(-) diff --git a/.github/workflows/autoupdate-branch.yml b/.github/workflows/autoupdate-branch.yml index 281ad5363c90..def410259897 100644 --- a/.github/workflows/autoupdate-branch.yml +++ b/.github/workflows/autoupdate-branch.yml @@ -43,7 +43,7 @@ jobs: uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/azure-prod-build-deploy.yml b/.github/workflows/azure-prod-build-deploy.yml index 2ee8931ccf24..cd3ce740ec4c 100644 --- a/.github/workflows/azure-prod-build-deploy.yml +++ b/.github/workflows/azure-prod-build-deploy.yml @@ -60,7 +60,7 @@ jobs: run: git lfs checkout - name: Setup node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/browser-test.yml b/.github/workflows/browser-test.yml index 60b728d8e455..311d8815b8b2 100644 --- a/.github/workflows/browser-test.yml +++ b/.github/workflows/browser-test.yml @@ -40,7 +40,7 @@ jobs: run: git lfs checkout - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/check-all-english-links.yml b/.github/workflows/check-all-english-links.yml index cc163d320e56..7ce444b64dcd 100644 --- a/.github/workflows/check-all-english-links.yml +++ b/.github/workflows/check-all-english-links.yml @@ -28,7 +28,7 @@ jobs: - name: Check out repo's default branch uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/check-broken-links-github-github.yml b/.github/workflows/check-broken-links-github-github.yml index 020039f1056d..499314dfb1ce 100644 --- a/.github/workflows/check-broken-links-github-github.yml +++ b/.github/workflows/check-broken-links-github-github.yml @@ -42,7 +42,7 @@ jobs: uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/code-lint.yml b/.github/workflows/code-lint.yml index 1aa9279a2a21..fd1001d98c4d 100644 --- a/.github/workflows/code-lint.yml +++ b/.github/workflows/code-lint.yml @@ -37,7 +37,7 @@ jobs: uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 - name: Setup node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/content-changes-table-comment.yml b/.github/workflows/content-changes-table-comment.yml index 08ded81b7369..43f6fc438053 100644 --- a/.github/workflows/content-changes-table-comment.yml +++ b/.github/workflows/content-changes-table-comment.yml @@ -57,7 +57,7 @@ jobs: run: .github/actions-scripts/get-preview-app-info.sh - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/create-translation-batch-pr.yml b/.github/workflows/create-translation-batch-pr.yml index a836bca6ad16..a682d76ffcde 100644 --- a/.github/workflows/create-translation-batch-pr.yml +++ b/.github/workflows/create-translation-batch-pr.yml @@ -116,7 +116,7 @@ jobs: git commit -m "Add crowdin translations" || echo "Nothing to commit" - name: 'Setup node' - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x diff --git a/.github/workflows/crowdin-cleanup.yml b/.github/workflows/crowdin-cleanup.yml index 377c9e4bac49..8814dddcad60 100644 --- a/.github/workflows/crowdin-cleanup.yml +++ b/.github/workflows/crowdin-cleanup.yml @@ -29,7 +29,7 @@ jobs: uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/docs-review-collect.yml b/.github/workflows/docs-review-collect.yml index 821a86108cd5..ed358021790d 100644 --- a/.github/workflows/docs-review-collect.yml +++ b/.github/workflows/docs-review-collect.yml @@ -23,7 +23,7 @@ jobs: uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/enterprise-dates.yml b/.github/workflows/enterprise-dates.yml index b970978fa29d..9c2a4266e3a9 100644 --- a/.github/workflows/enterprise-dates.yml +++ b/.github/workflows/enterprise-dates.yml @@ -39,7 +39,7 @@ jobs: uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/enterprise-release-sync-search-index.yml b/.github/workflows/enterprise-release-sync-search-index.yml index e053c74f1c89..c0e8d3cb1c95 100644 --- a/.github/workflows/enterprise-release-sync-search-index.yml +++ b/.github/workflows/enterprise-release-sync-search-index.yml @@ -50,7 +50,7 @@ jobs: token: ${{ secrets.DOCUBOT_REPO_PAT }} - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/link-check-all.yml b/.github/workflows/link-check-all.yml index 23817594c803..0d49cc4c891d 100644 --- a/.github/workflows/link-check-all.yml +++ b/.github/workflows/link-check-all.yml @@ -30,7 +30,7 @@ jobs: uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 - name: Setup node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/open-enterprise-issue.yml b/.github/workflows/open-enterprise-issue.yml index 17229bf0d060..8e7006db1a60 100644 --- a/.github/workflows/open-enterprise-issue.yml +++ b/.github/workflows/open-enterprise-issue.yml @@ -22,7 +22,7 @@ jobs: uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/openapi-decorate.yml b/.github/workflows/openapi-decorate.yml index f7d85db1c46a..f394ca019af8 100644 --- a/.github/workflows/openapi-decorate.yml +++ b/.github/workflows/openapi-decorate.yml @@ -42,7 +42,7 @@ jobs: token: ${{ secrets.DOCUBOT_REPO_PAT }} - name: Setup node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/openapi-schema-check.yml b/.github/workflows/openapi-schema-check.yml index 68bcf982af88..d0ec0905c4f6 100644 --- a/.github/workflows/openapi-schema-check.yml +++ b/.github/workflows/openapi-schema-check.yml @@ -42,7 +42,7 @@ jobs: uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 - name: Setup node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/orphaned-assets-check.yml b/.github/workflows/orphaned-assets-check.yml index 275dec0c533e..4010ab6adb5f 100644 --- a/.github/workflows/orphaned-assets-check.yml +++ b/.github/workflows/orphaned-assets-check.yml @@ -25,7 +25,7 @@ jobs: token: ${{ secrets.DOCUBOT_REPO_PAT }} - name: Setup node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/os-ready-for-review.yml b/.github/workflows/os-ready-for-review.yml index c1036f04306d..04d2cae5e470 100644 --- a/.github/workflows/os-ready-for-review.yml +++ b/.github/workflows/os-ready-for-review.yml @@ -47,7 +47,7 @@ jobs: uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/pa11y.yml b/.github/workflows/pa11y.yml index 918d1f9e473d..15d8b406c82b 100644 --- a/.github/workflows/pa11y.yml +++ b/.github/workflows/pa11y.yml @@ -21,7 +21,7 @@ jobs: uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/package-lock-lint.yml b/.github/workflows/package-lock-lint.yml index 5c652e8412a9..615ed3917c2c 100644 --- a/.github/workflows/package-lock-lint.yml +++ b/.github/workflows/package-lock-lint.yml @@ -27,7 +27,7 @@ jobs: uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x diff --git a/.github/workflows/ready-for-doc-review.yml b/.github/workflows/ready-for-doc-review.yml index 049aba3ef0bc..465ad7c0c0d5 100644 --- a/.github/workflows/ready-for-doc-review.yml +++ b/.github/workflows/ready-for-doc-review.yml @@ -23,7 +23,7 @@ jobs: uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/remove-unused-assets.yml b/.github/workflows/remove-unused-assets.yml index 1b70808363a2..49c9698bee65 100644 --- a/.github/workflows/remove-unused-assets.yml +++ b/.github/workflows/remove-unused-assets.yml @@ -27,7 +27,7 @@ jobs: - name: Checkout uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/repo-sync.yml b/.github/workflows/repo-sync.yml index b6f95a5090f7..dc1e14aef888 100644 --- a/.github/workflows/repo-sync.yml +++ b/.github/workflows/repo-sync.yml @@ -102,7 +102,7 @@ jobs: # Set up npm and run npm ci to run husky to get githooks for LFS - name: Setup node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/sync-search-indices.yml b/.github/workflows/sync-search-indices.yml index 0e9a235ea8b6..0bb314d17e8a 100644 --- a/.github/workflows/sync-search-indices.yml +++ b/.github/workflows/sync-search-indices.yml @@ -56,7 +56,7 @@ jobs: token: ${{ secrets.DOCS_BOT_FR }} - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/sync-search-pr.yml b/.github/workflows/sync-search-pr.yml index a582e44b433b..9e7498b28b54 100644 --- a/.github/workflows/sync-search-pr.yml +++ b/.github/workflows/sync-search-pr.yml @@ -29,7 +29,7 @@ jobs: uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 - name: Setup node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 0fc88729c807..69e692613028 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -123,7 +123,7 @@ jobs: echo "${{ steps.get_diff_files.outputs.files }}" > get_diff_files.txt - name: Setup node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/triage-unallowed-internal-changes.yml b/.github/workflows/triage-unallowed-internal-changes.yml index 308e6f75d75d..0f05fab129d0 100644 --- a/.github/workflows/triage-unallowed-internal-changes.yml +++ b/.github/workflows/triage-unallowed-internal-changes.yml @@ -59,7 +59,7 @@ jobs: token: ${{ secrets.DOCUBOT_REPO_PAT }} - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm diff --git a/.github/workflows/update-graphql-files.yml b/.github/workflows/update-graphql-files.yml index c545d1c6dc57..28ecc3f9a0b3 100644 --- a/.github/workflows/update-graphql-files.yml +++ b/.github/workflows/update-graphql-files.yml @@ -34,7 +34,7 @@ jobs: - name: Checkout uses: actions/checkout@dcd71f646680f2efd8db4afa5ad64fdcba30e748 - name: Setup Node - uses: actions/setup-node@1f8c6b94b26d0feae1e387ca63ccbdc44d27b561 + uses: actions/setup-node@64ed1c7eab4cce3362f8c340dee64e5eaeef8f7c with: node-version: 16.14.x cache: npm