From f83bfea33d822caf336b8c1065ad0fd23f9b3ce5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 4 Feb 2024 10:49:46 +0000
Subject: [PATCH 1/2] build(deps): Bump the ci-dependencies group with 10
 updates

Bumps the ci-dependencies group with 10 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4.1.0` | `4.1.1` |
| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.1.2` | `3.4.0` |
| [docker/metadata-action](https://github.com/docker/metadata-action) | `5.0.0` | `5.5.1` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `5.0.0` | `5.1.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `3.1.3` | `4.3.0` |
| [actions/download-artifact](https://github.com/actions/download-artifact) | `3.0.2` | `4.1.1` |
| [Swatinem/rust-cache](https://github.com/swatinem/rust-cache) | `2.7.0` | `2.7.3` |
| [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact) | `2.0.0` | `3.0.0` |
| [actions/deploy-pages](https://github.com/actions/deploy-pages) | `2.0.4` | `4.0.3` |
| [actions/cache](https://github.com/actions/cache) | `3.3.2` | `4.0.0` |


Updates `actions/checkout` from 4.1.0 to 4.1.1
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/8ade135a41bc03ea155e62e844d188df1ea18608...b4ffde65f46336ab88eb53be808477a3936bae11)

Updates `sigstore/cosign-installer` from 3.1.2 to 3.4.0
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](https://github.com/sigstore/cosign-installer/compare/11086d25041f77fe8fe7b9ea4e48e3b9192b8f19...e1523de7571e31dbe865fd2e80c5c7c23ae71eb4)

Updates `docker/metadata-action` from 5.0.0 to 5.5.1
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](https://github.com/docker/metadata-action/compare/96383f45573cb7f253c731d3b3ab81c87ef81934...8e5442c4ef9f78752691e2d8f8d19755c6f78e81)

Updates `docker/build-push-action` from 5.0.0 to 5.1.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/0565240e2d4ab88bba5387d719585280857ece09...4a13e500e55cf31b7a5d59a38ab2040ab0f42f56)

Updates `actions/upload-artifact` from 3.1.3 to 4.3.0
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/a8a3f3ad30e3422c9c7b888a15615d19a852ae32...26f96dfa697d77e81fd5907df203aa23a56210a8)

Updates `actions/download-artifact` from 3.0.2 to 4.1.1
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/9bc31d5ccc31df68ecc42ccf4149144866c47d8a...6b208ae046db98c579e8a3aa621ab581ff575935)

Updates `Swatinem/rust-cache` from 2.7.0 to 2.7.3
- [Release notes](https://github.com/swatinem/rust-cache/releases)
- [Changelog](https://github.com/Swatinem/rust-cache/blob/master/CHANGELOG.md)
- [Commits](https://github.com/swatinem/rust-cache/compare/a95ba195448af2da9b00fb742d14ffaaf3c21f43...23bce251a8cd2ffc3c1075eaa2367cf899916d84)

Updates `actions/upload-pages-artifact` from 2.0.0 to 3.0.0
- [Release notes](https://github.com/actions/upload-pages-artifact/releases)
- [Commits](https://github.com/actions/upload-pages-artifact/compare/a753861a5debcf57bf8b404356158c8e1e33150c...0252fc4ba7626f0298f0cf00902a25c6afc77fa8)

Updates `actions/deploy-pages` from 2.0.4 to 4.0.3
- [Release notes](https://github.com/actions/deploy-pages/releases)
- [Commits](https://github.com/actions/deploy-pages/compare/9dbe3824824f8a1377b8e298bafde1a50ede43e5...87c3283f01cd6fe19a0ab93a23b2f6fcba5a8e42)

Updates `actions/cache` from 3.3.2 to 4.0.0
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/704facf57e6136b1bc63b828d79edcd491f0ee84...13aacd865c20de90d75de3b17ebe84f7a17d57d2)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci-dependencies
- dependency-name: sigstore/cosign-installer
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci-dependencies
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci-dependencies
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci-dependencies
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci-dependencies
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci-dependencies
- dependency-name: Swatinem/rust-cache
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci-dependencies
- dependency-name: actions/upload-pages-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci-dependencies
- dependency-name: actions/deploy-pages
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci-dependencies
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/container-build-push.yaml | 14 ++++++------
 .github/workflows/rust-ci.yaml              | 24 ++++++++++-----------
 .github/workflows/yara.yaml                 |  4 ++--
 3 files changed, 21 insertions(+), 21 deletions(-)

diff --git a/.github/workflows/container-build-push.yaml b/.github/workflows/container-build-push.yaml
index 41636d3..9e5ae90 100644
--- a/.github/workflows/container-build-push.yaml
+++ b/.github/workflows/container-build-push.yaml
@@ -35,10 +35,10 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout repository
-        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608  # v4.1.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11  # v4.1.1
 
       - name: Install cosign
-        uses: sigstore/cosign-installer@11086d25041f77fe8fe7b9ea4e48e3b9192b8f19  # v3.1.2
+        uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4  # v3.4.0
         with:
           cosign-release: v1.13.1
 
@@ -68,7 +68,7 @@ jobs:
 
       - name: Extract Docker metadata
         id: docker_meta
-        uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934  # v5.0.0
+        uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81  # v5.5.1
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
           tags: |
@@ -91,7 +91,7 @@ jobs:
 
       - name: Build and push Docker image
         id: docker_build_push
-        uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09  # v5.0.0
+        uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56  # v5.1.0
         with:
           builder: ${{ steps.buildx.outputs.name }}
           cache-from: type=gha,scope=${{ matrix.platform }}
@@ -133,7 +133,7 @@ jobs:
 
       - name: Upload digest
         if: ${{ github.ref == 'refs/heads/main' || startswith(github.event.ref, 'refs/tags/v') }}
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32  # v3.1.3
+        uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8  # v4.3.0
         with:
           if-no-files-found: error
           name: digests
@@ -147,7 +147,7 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Download digests
-        uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a  # v3.0.2
+        uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935  # v4.1.1
         with:
           name: digests
           path: /tmp/digests
@@ -164,7 +164,7 @@ jobs:
 
       - name: Extract Docker metadata
         id: docker_meta
-        uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934  # v5.0.0
+        uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81  # v5.5.1
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
           tags: |
diff --git a/.github/workflows/rust-ci.yaml b/.github/workflows/rust-ci.yaml
index afde8ad..005fd13 100644
--- a/.github/workflows/rust-ci.yaml
+++ b/.github/workflows/rust-ci.yaml
@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout repository
-        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Setup Rust
         run: |
@@ -39,10 +39,10 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout repository
-        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Download YARA
-        uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
+        uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1
         with:
           name: ${{ needs.yara.outputs.artifacts }}
           path: .yara
@@ -54,7 +54,7 @@ jobs:
           rustup default stable
 
       - name: Cache dependencies
-        uses: Swatinem/rust-cache@a95ba195448af2da9b00fb742d14ffaaf3c21f43 # v2.7.0
+        uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # v2.7.3
         with:
           key: x86_64-unknown-linux-gnu
 
@@ -103,10 +103,10 @@ jobs:
     runs-on: ${{ matrix.triple.runs-on }}
     steps:
       - name: Checkout repository
-        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Download YARA
-        uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
+        uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1
         with:
           name: ${{ fromJson(needs.yara-test-output.outputs.result).artifacts[matrix.triple.runs-on] }}
           path: .yara
@@ -118,7 +118,7 @@ jobs:
           rustup default stable
 
       - name: Cache dependencies
-        uses: Swatinem/rust-cache@a95ba195448af2da9b00fb742d14ffaaf3c21f43 # v2.7.0
+        uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # v2.7.3
         with:
           key: ${{ matrix.triple.target }}
 
@@ -135,15 +135,15 @@ jobs:
 
     steps:
       - name: "Checkout repository"
-        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Cache dependencies
-        uses: Swatinem/rust-cache@a95ba195448af2da9b00fb742d14ffaaf3c21f43 # v2.7.0
+        uses: Swatinem/rust-cache@23bce251a8cd2ffc3c1075eaa2367cf899916d84 # v2.7.3
         with:
           key: x86_64-unknown-linux-gnu
 
       - name: Download YARA
-        uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
+        uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1
         with:
           name: ${{ needs.yara.outputs.artifacts }}
           path: .yara
@@ -160,7 +160,7 @@ jobs:
         run: rm ./target/doc/.lock
 
       - name: "Upload artifact"
-        uses: actions/upload-pages-artifact@a753861a5debcf57bf8b404356158c8e1e33150c # v2.0.0
+        uses: actions/upload-pages-artifact@0252fc4ba7626f0298f0cf00902a25c6afc77fa8 # v3.0.0
         with:
           path: ./target/doc
 
@@ -184,4 +184,4 @@ jobs:
     steps:
       - name: "Deploy to GitHub Pages"
         id: deployment
-        uses: actions/deploy-pages@9dbe3824824f8a1377b8e298bafde1a50ede43e5 # v2.0.4
+        uses: actions/deploy-pages@87c3283f01cd6fe19a0ab93a23b2f6fcba5a8e42 # v4.0.3
diff --git a/.github/workflows/yara.yaml b/.github/workflows/yara.yaml
index f1009af..1184bc4 100644
--- a/.github/workflows/yara.yaml
+++ b/.github/workflows/yara.yaml
@@ -29,7 +29,7 @@ jobs:
     steps:
       - name: Cache YARA
         id: cache-yara
-        uses: actions/cache@704facf57e6136b1bc63b828d79edcd491f0ee84 # v3.3.2
+        uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
         with:
           key: yara-${{ inputs.version }}-${{ runner.os }}-${{ runner.arch }}
           path: yara-${{ inputs.version }}
@@ -42,7 +42,7 @@ jobs:
           tar -xzf yara-${{ inputs.version }}.tar.gz && cd yara-${{ inputs.version }} && ./bootstrap.sh && ./configure && make
 
       - name: Upload YARA
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+        uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
         with:
           if-no-files-found: error
           name: yara-${{ inputs.version }}-${{ runner.os }}-${{ runner.arch }}

From 6d0ca277eebf43ff263fcd9d365b7e6004eaecc9 Mon Sep 17 00:00:00 2001
From: Siddhesh Mhadnak <10049286+sid-maddy@users.noreply.github.com>
Date: Sun, 18 Feb 2024 23:23:09 +0530
Subject: [PATCH 2/2] ci(yara): overwrite the artifact when uploading (#105)

---
 .github/workflows/yara.yaml | 26 ++++++++++++++++++++------
 1 file changed, 20 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/yara.yaml b/.github/workflows/yara.yaml
index 1184bc4..e060e5b 100644
--- a/.github/workflows/yara.yaml
+++ b/.github/workflows/yara.yaml
@@ -1,3 +1,4 @@
+---
 name: YARA
 
 on:
@@ -9,7 +10,7 @@ on:
         type: string
       version:
         description: YARA version
-        default: "4.3.1"
+        default: 4.3.1
         required: false
         type: string
     outputs:
@@ -23,26 +24,38 @@ on:
         description: YARA Library Path
         value: .libs
 
+defaults:
+  run:
+    shell: bash
+
 jobs:
   yara:
     runs-on: ${{ inputs.runs-on }}
     steps:
       - name: Cache YARA
         id: cache-yara
-        uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2 # v4.0.0
+        uses: actions/cache@13aacd865c20de90d75de3b17ebe84f7a17d57d2  # v4.0.0
         with:
           key: yara-${{ inputs.version }}-${{ runner.os }}-${{ runner.arch }}
           path: yara-${{ inputs.version }}
 
       - name: Compile YARA
-        if: steps.cache-yara.outputs.cache-hit != 'true' && runner.os == 'Linux'
         run: |
+          #/usr/bin/env bash
           set -e
-          curl -sL https://github.com/VirusTotal/yara/archive/refs/tags/v${{ inputs.version }}.tar.gz -o yara-${{ inputs.version }}.tar.gz
-          tar -xzf yara-${{ inputs.version }}.tar.gz && cd yara-${{ inputs.version }} && ./bootstrap.sh && ./configure && make
+
+          curl -sL \
+              https://github.com/VirusTotal/yara/archive/refs/tags/v${{ inputs.version }}.tar.gz \
+              -o yara-${{ inputs.version }}.tar.gz
+          tar -xzf yara-${{ inputs.version }}.tar.gz
+          cd yara-${{ inputs.version }}
+          ./bootstrap.sh
+          ./configure
+          make
+        if: steps.cache-yara.outputs.cache-hit != 'true' && runner.os == 'Linux'
 
       - name: Upload YARA
-        uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0
+        uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8  # v4.3.0
         with:
           if-no-files-found: error
           name: yara-${{ inputs.version }}-${{ runner.os }}-${{ runner.arch }}
@@ -51,6 +64,7 @@ jobs:
             yara-${{ inputs.version }}/libyara/include/yara.h
             yara-${{ inputs.version }}/.libs/libyara*
           retention-days: 1
+          overwrite: true
 
     outputs:
       artifacts: yara-${{ inputs.version }}-${{ runner.os }}-${{ runner.arch }}