Skip to content

Commit befa994

Browse files
chore(actions)(deps): bump the actions group across 1 directory with 6 updates
Bumps the actions group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6` | `7` | | [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) | `4.1.0` | `4.1.1` | | [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `7.2.1` | `7.2.2` | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.19.2` | `2.19.4` | | [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) | `4.35.4` | `4.36.2` | | [actions/setup-python](https://github.com/actions/setup-python) | `6.2.0` | `6.3.0` | Updates `actions/checkout` from 6 to 7 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](actions/checkout@v6...v7) Updates `actions/attest-build-provenance` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](actions/attest-build-provenance@a2bbfa2...0f67c3f) Updates `goreleaser/goreleaser-action` from 7.2.1 to 7.2.2 - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](goreleaser/goreleaser-action@1a80836...5daf1e9) Updates `step-security/harden-runner` from 2.19.2 to 2.19.4 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@9ca718d...9af89fc) Updates `github/codeql-action/upload-sarif` from 4.35.4 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@68bde55...8aad20d) Updates `actions/setup-python` from 6.2.0 to 6.3.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@a309ff8...ece7cb0) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/attest-build-provenance dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: goreleaser/goreleaser-action dependency-version: 7.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: step-security/harden-runner dependency-version: 2.19.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: github/codeql-action/upload-sarif dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/setup-python dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>
1 parent e7b0c26 commit befa994

6 files changed

Lines changed: 17 additions & 17 deletions

File tree

.github/workflows/go-ci.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ jobs:
2121
env:
2222
CGO_ENABLED: "1"
2323
steps:
24-
- uses: actions/checkout@v6
24+
- uses: actions/checkout@v7
2525
- uses: actions/setup-go@v6
2626
with:
2727
# Pin to 1.25.x — 1.26+ isn't on enough developer machines yet.

.github/workflows/perf-gate.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -42,7 +42,7 @@ jobs:
4242
# regression is documented in a PR.
4343
MAX_ENRICH_RSS_KB: '307200'
4444
steps:
45-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
45+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
4646
- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
4747
with:
4848
go-version: '1.25.10'

.github/workflows/release-darwin.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@ jobs:
3333
name: release (darwin / arm64)
3434
runs-on: macos-14
3535
steps:
36-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
36+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
3737
with:
3838
fetch-depth: 0
3939
- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
@@ -134,6 +134,6 @@ jobs:
134134
fi
135135
exit 1
136136
- name: Attest darwin archive (build provenance)
137-
uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0
137+
uses: actions/attest-build-provenance@0f67c3f4856b2e3261c31976d6725780e5e4c373 # v4.1.1
138138
with:
139139
subject-path: 'codeiq_*_darwin_arm64.tar.gz'

.github/workflows/release-go.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ jobs:
3131
name: release
3232
runs-on: ubuntu-latest
3333
steps:
34-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
34+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
3535
with:
3636
fetch-depth: 0
3737
- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
@@ -47,14 +47,14 @@ jobs:
4747
uses: anchore/sbom-action/download-syft@e22c389904149dbc22b58101806040fa8d37a610 # v0.24.0
4848
- name: Install Cosign (signing)
4949
uses: sigstore/cosign-installer@6f9f17788090df1f26f669e9d70d6ae9567deba6 # v4.1.2
50-
- uses: goreleaser/goreleaser-action@1a80836c5c9d9e5755a25cb59ec6f45a3b5f41a8 # v7.2.1
50+
- uses: goreleaser/goreleaser-action@5daf1e915a5f0af01ddbcd89a43b8061ff4f1a89 # v7.2.2
5151
with:
5252
distribution: goreleaser
5353
version: '~> v2'
5454
args: release --clean
5555
env:
5656
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
5757
- name: Attest release artifacts (build provenance)
58-
uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0
58+
uses: actions/attest-build-provenance@0f67c3f4856b2e3261c31976d6725780e5e4c373 # v4.1.1
5959
with:
6060
subject-path: 'dist/codeiq_*.tar.gz'

.github/workflows/scorecard.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -32,13 +32,13 @@ jobs:
3232
steps:
3333
- name: Harden runner egress
3434
# step-security/harden-runner v2.19.0
35-
uses: step-security/harden-runner@9ca718d3bf646d6534007c269a635b3e54cadf99
35+
uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411
3636
with:
3737
egress-policy: audit
3838

3939
- name: Checkout code
4040
# actions/checkout v6.0.2
41-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
41+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
4242
with:
4343
persist-credentials: false
4444

@@ -61,6 +61,6 @@ jobs:
6161

6262
- name: Upload SARIF to GitHub code-scanning
6363
# github/codeql-action/upload-sarif v3.35.2
64-
uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e
64+
uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e
6565
with:
6666
sarif_file: results.sarif

.github/workflows/security.yml

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ jobs:
2626
OSV_SCANNER_VERSION: 2.3.5
2727
GH_TOKEN: ${{ github.token }}
2828
steps:
29-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4.2.2
29+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v4.2.2
3030
# Install osv-scanner from the official GitHub release (binary, not the
3131
# action — google/osv-scanner-action's `action.yml` is composite-only and
3232
# fails when invoked as a job step). Using the preinstalled `gh` CLI
@@ -58,7 +58,7 @@ jobs:
5858
permissions:
5959
contents: read
6060
steps:
61-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4.2.2
61+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v4.2.2
6262
- uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0
6363
with:
6464
scan-type: fs
@@ -73,8 +73,8 @@ jobs:
7373
permissions:
7474
contents: read
7575
steps:
76-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4.2.2
77-
- uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0
76+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v4.2.2
77+
- uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0
7878
with:
7979
python-version: '3.12'
8080
- name: Install semgrep (pinned for reproducibility)
@@ -106,7 +106,7 @@ jobs:
106106
GITLEAKS_VERSION: 8.30.1
107107
GH_TOKEN: ${{ github.token }}
108108
steps:
109-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4.2.2
109+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v4.2.2
110110
with:
111111
fetch-depth: 0
112112
# The official `gitleaks/gitleaks-action` requires a paid license for
@@ -130,7 +130,7 @@ jobs:
130130
permissions:
131131
contents: read
132132
steps:
133-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4.2.2
133+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v4.2.2
134134
- uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
135135
with:
136136
node-version: '20'
@@ -168,7 +168,7 @@ jobs:
168168
permissions:
169169
contents: read
170170
steps:
171-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4.2.2
171+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v4.2.2
172172
- name: Generate SPDX SBOM
173173
uses: anchore/sbom-action@e22c389904149dbc22b58101806040fa8d37a610 # v0.24.0
174174
with:

0 commit comments

Comments
 (0)