From 06be95ccb012313c2e6cae5dd05c68e52c1d08e3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 4 Jun 2026 01:46:55 +0000 Subject: [PATCH] deps: bump the actions group across 1 directory with 3 updates Bumps the actions group with 3 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [github/codeql-action](https://github.com/github/codeql-action) and [jessehouwing/actions-dependency-submission](https://github.com/jessehouwing/actions-dependency-submission). Updates `actions/checkout` from 6 to 6.0.2 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v6...v6.0.2) Updates `github/codeql-action` from 4 to 4.36.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v4...v4.36.0) Updates `jessehouwing/actions-dependency-submission` from 1.0.14 to 1.0.15 - [Release notes](https://github.com/jessehouwing/actions-dependency-submission/releases) - [Commits](https://github.com/jessehouwing/actions-dependency-submission/compare/19481049f19a8b6d54adbde7c323de5184b8bab5...d4ed9fd03b1c91e31a62d9a4095440128ec1316b) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: github/codeql-action dependency-version: 4.36.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: jessehouwing/actions-dependency-submission dependency-version: 1.0.15 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-dynamic.yml | 8 ++++---- .github/workflows/codeql-iac.yml | 4 ++-- .github/workflows/codeql-packs.yml | 2 +- .github/workflows/codeql-ql.yml | 4 ++-- .github/workflows/container-publish.yml | 2 +- .github/workflows/container-security.yml | 4 ++-- .github/workflows/container.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/dependency-submission.yml | 2 +- .github/workflows/labeler.yml | 2 +- .github/workflows/language-detection-and-assignment.yml | 2 +- .github/workflows/markdown-lint.yml | 2 +- .github/workflows/python-build.yml | 2 +- .github/workflows/python-linting.yml | 2 +- .github/workflows/python-release.yml | 2 +- .github/workflows/python-testing.yml | 2 +- .github/workflows/python-vendor.yml | 4 ++-- .github/workflows/sec-opengrep.yml | 4 ++-- .github/workflows/self-release.yml | 4 ++-- .github/workflows/self-wiki.yml | 2 +- 20 files changed, 29 insertions(+), 29 deletions(-) diff --git a/.github/workflows/codeql-dynamic.yml b/.github/workflows/codeql-dynamic.yml index 130d9f4..332c273 100644 --- a/.github/workflows/codeql-dynamic.yml +++ b/.github/workflows/codeql-dynamic.yml @@ -41,19 +41,19 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v4 + uses: github/codeql-action/init@v4.36.0 with: languages: ${{ matrix.language }} # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). - name: Autobuild - uses: github/codeql-action/autobuild@v4 + uses: github/codeql-action/autobuild@v4.36.0 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v4 + uses: github/codeql-action/analyze@v4.36.0 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/codeql-iac.yml b/.github/workflows/codeql-iac.yml index 2c4a138..e4f21c0 100644 --- a/.github/workflows/codeql-iac.yml +++ b/.github/workflows/codeql-iac.yml @@ -14,13 +14,13 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: Initialize and Analyze IaC id: codeql_iac uses: advanced-security/codeql-extractor-iac@main - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@v4 + uses: github/codeql-action/upload-sarif@v4.36.0 with: sarif_file: ${{ steps.codeql_iac.outputs.sarif }} diff --git a/.github/workflows/codeql-packs.yml b/.github/workflows/codeql-packs.yml index e1184ad..498635a 100644 --- a/.github/workflows/codeql-packs.yml +++ b/.github/workflows/codeql-packs.yml @@ -44,7 +44,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: "Build and Publish CodeQL Packs" env: diff --git a/.github/workflows/codeql-ql.yml b/.github/workflows/codeql-ql.yml index f2754a4..0d29c54 100644 --- a/.github/workflows/codeql-ql.yml +++ b/.github/workflows/codeql-ql.yml @@ -18,7 +18,7 @@ jobs: steps: - name: "Checkout repository" - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: "Set up Rust" uses: dtolnay/rust-toolchain@3c5f7ea28cd621ae0bf5283f0e981fb97b8a7af9 # v1.85.1 @@ -111,7 +111,7 @@ jobs: mv updated_sarif.sarif ${{ steps.run_ql.outputs.sarif }} - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@v4 + uses: github/codeql-action/upload-sarif@v4.36.0 with: sarif_file: ${{ steps.run_ql.outputs.sarif }} category: "/codeql:ql" diff --git a/.github/workflows/container-publish.yml b/.github/workflows/container-publish.yml index d452873..e25c9cd 100644 --- a/.github/workflows/container-publish.yml +++ b/.github/workflows/container-publish.yml @@ -40,7 +40,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0 diff --git a/.github/workflows/container-security.yml b/.github/workflows/container-security.yml index 5affc55..0ae2655 100644 --- a/.github/workflows/container-security.yml +++ b/.github/workflows/container-security.yml @@ -35,7 +35,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: Set up Docker Buildx uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0 @@ -66,6 +66,6 @@ jobs: path: ${{ steps.scan.outputs.sarif }} - name: Upload vulnerability report - uses: github/codeql-action/upload-sarif@v4 + uses: github/codeql-action/upload-sarif@v4.36.0 with: sarif_file: ${{ steps.scan.outputs.sarif }} diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml index f424ddc..7ae599f 100644 --- a/.github/workflows/container.yml +++ b/.github/workflows/container.yml @@ -63,7 +63,7 @@ jobs: steps: - name: "Checkout" - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: "Get and Set version" id: set-version env: diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index b2d151b..82d1652 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -30,7 +30,7 @@ jobs: runs-on: ubuntu-latest steps: - name: 'Checkout Repository' - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 # [optional] This setup isn't required but if your repository have a configuration, # we use that versus the centralised config. diff --git a/.github/workflows/dependency-submission.yml b/.github/workflows/dependency-submission.yml index cc2a108..fe1b317 100644 --- a/.github/workflows/dependency-submission.yml +++ b/.github/workflows/dependency-submission.yml @@ -70,7 +70,7 @@ jobs: - name: Submit Actions dependencies if: steps.detect.outputs.is-action-repo == 'true' || steps.detect.outputs.has-workflows == 'true' - uses: jessehouwing/actions-dependency-submission@19481049f19a8b6d54adbde7c323de5184b8bab5 # v1 + uses: jessehouwing/actions-dependency-submission@d4ed9fd03b1c91e31a62d9a4095440128ec1316b # v1 with: token: ${{ github.token }} additional-paths: ${{ inputs.actions-additional-paths }} diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml index 67b86c8..3103033 100644 --- a/.github/workflows/labeler.yml +++ b/.github/workflows/labeler.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 # Check if the .github/labeler.yml file exists - name: Check for labeler configuration diff --git a/.github/workflows/language-detection-and-assignment.yml b/.github/workflows/language-detection-and-assignment.yml index 6af5a43..c6f81f5 100644 --- a/.github/workflows/language-detection-and-assignment.yml +++ b/.github/workflows/language-detection-and-assignment.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: Detect languages id: detect-languages diff --git a/.github/workflows/markdown-lint.yml b/.github/workflows/markdown-lint.yml index bea67a0..8109691 100644 --- a/.github/workflows/markdown-lint.yml +++ b/.github/workflows/markdown-lint.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: 'Checkout Repository' - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: "Filter Changes" uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d diff --git a/.github/workflows/python-build.yml b/.github/workflows/python-build.yml index d5e4e8c..b58f249 100644 --- a/.github/workflows/python-build.yml +++ b/.github/workflows/python-build.yml @@ -43,7 +43,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v6 diff --git a/.github/workflows/python-linting.yml b/.github/workflows/python-linting.yml index 02f087b..05ec1cd 100644 --- a/.github/workflows/python-linting.yml +++ b/.github/workflows/python-linting.yml @@ -51,7 +51,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v6 diff --git a/.github/workflows/python-release.yml b/.github/workflows/python-release.yml index 339f1ba..40a1b5f 100644 --- a/.github/workflows/python-release.yml +++ b/.github/workflows/python-release.yml @@ -27,7 +27,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: "Check release" id: check_release diff --git a/.github/workflows/python-testing.yml b/.github/workflows/python-testing.yml index f724814..de0e252 100644 --- a/.github/workflows/python-testing.yml +++ b/.github/workflows/python-testing.yml @@ -45,7 +45,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@v6 diff --git a/.github/workflows/python-vendor.yml b/.github/workflows/python-vendor.yml index fcf5c11..1d30f2f 100644 --- a/.github/workflows/python-vendor.yml +++ b/.github/workflows/python-vendor.yml @@ -26,7 +26,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: "Get Custom Property" id: get_custom_property env: @@ -51,7 +51,7 @@ jobs: pull-requests: write steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: Set up Python ${{ inputs.version }} uses: actions/setup-python@v6 diff --git a/.github/workflows/sec-opengrep.yml b/.github/workflows/sec-opengrep.yml index b0d914f..9f4e00f 100644 --- a/.github/workflows/sec-opengrep.yml +++ b/.github/workflows/sec-opengrep.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: "Checkout code" - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: "Download / Install Opengrep" env: @@ -55,7 +55,7 @@ jobs: run: opengrep scan --sarif-output ./results.sarif . - name: "Upload SARIF file" - uses: github/codeql-action/upload-sarif@v4 + uses: github/codeql-action/upload-sarif@v4.36.0 with: sarif_file: results.sarif if: always() diff --git a/.github/workflows/self-release.yml b/.github/workflows/self-release.yml index ee1065c..7b4b7e8 100644 --- a/.github/workflows/self-release.yml +++ b/.github/workflows/self-release.yml @@ -37,7 +37,7 @@ jobs: # cannot modify workflow files. Pass a custom token via secrets if needed. steps: - name: "Checkout" - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: "Patch Release Me" uses: 42ByteLabs/patch-release-me@04ea0a696abfc3cfbdfadb279bd9c9dd0b1652a2 # 0.6.5 @@ -64,7 +64,7 @@ jobs: version: ${{ steps.version-changes.outputs.version }} steps: - name: "Checkout" - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - name: "Fetch Release" id: version-changes diff --git a/.github/workflows/self-wiki.yml b/.github/workflows/self-wiki.yml index ccce472..a3b828e 100644 --- a/.github/workflows/self-wiki.yml +++ b/.github/workflows/self-wiki.yml @@ -16,6 +16,6 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v6.0.2 - uses: Andrew-Chen-Wang/github-wiki-action@64efa0a9436db17670a2259e0ac249d6f08bb352