From 6d67637e19d4f5f3fa09ea24f97a49f96f4859c9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 Dec 2025 14:28:34 +0000 Subject: [PATCH] build(deps): bump the actions group across 1 directory with 2 updates Bumps the actions group with 2 updates in the / directory: [actions/checkout](https://github.com/actions/checkout) and [actions/upload-artifact](https://github.com/actions/upload-artifact). Updates `actions/checkout` from 5 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v5...v6) Updates `actions/upload-artifact` from 5 to 6 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 10 +++++----- .github/workflows/dependency-review.yml | 2 +- .github/workflows/security.yml | 8 ++++---- 3 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index da00732..36e85c0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,7 +18,7 @@ jobs: name: Lint runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Set up Go uses: actions/setup-go@v6 @@ -35,7 +35,7 @@ jobs: name: Format Check runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Set up Go uses: actions/setup-go@v6 @@ -67,7 +67,7 @@ jobs: name: Test runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Set up Go uses: actions/setup-go@v6 @@ -85,7 +85,7 @@ jobs: go tool cover -func=coverage.out - name: Upload coverage reports as artifacts - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: name: coverage-reports path: | @@ -97,7 +97,7 @@ jobs: runs-on: ubuntu-latest needs: [lint, format, test] steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Set up Go uses: actions/setup-go@v6 diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index c70f70f..fa8d799 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -9,6 +9,6 @@ jobs: runs-on: ubuntu-latest steps: - name: 'Checkout Repository' - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: 'Dependency Review' uses: actions/dependency-review-action@v4 \ No newline at end of file diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 3dc8c30..2762825 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -31,7 +31,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: # Fetch full history for better analysis fetch-depth: 0 @@ -63,7 +63,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Set up Go uses: actions/setup-go@v6 @@ -82,7 +82,7 @@ jobs: govulncheck -json ./... > govulncheck-results.json 2>&1 || true - name: Upload vulnerability report - uses: actions/upload-artifact@v5 + uses: actions/upload-artifact@v6 with: name: vulnerability-report path: govulncheck-results.json @@ -93,7 +93,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@0.33.1