From ce527971d14906c7653db6f4be1dad654aee8759 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 6 Aug 2025 14:35:09 +0000 Subject: [PATCH 1/3] chore(deps): bump actions/download-artifact from 4 to 5 Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 4 to 5. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/deployment.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml index 17758a3e616..29744553b49 100644 --- a/.github/workflows/deployment.yml +++ b/.github/workflows/deployment.yml @@ -256,7 +256,7 @@ jobs: - name: Checkout cli/cli uses: actions/checkout@v4 - name: Merge built artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v5 - name: Checkout documentation site uses: actions/checkout@v4 with: From 275741442561218e0460d3c7296bacc57d49c49a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 8 Aug 2025 13:39:30 +0000 Subject: [PATCH 2/3] chore(deps): bump github.com/yuin/goldmark from 1.7.12 to 1.7.13 Bumps [github.com/yuin/goldmark](https://github.com/yuin/goldmark) from 1.7.12 to 1.7.13. - [Release notes](https://github.com/yuin/goldmark/releases) - [Commits](https://github.com/yuin/goldmark/compare/v1.7.12...v1.7.13) --- updated-dependencies: - dependency-name: github.com/yuin/goldmark dependency-version: 1.7.13 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index c1e32233114..6953b690699 100644 --- a/go.mod +++ b/go.mod @@ -50,7 +50,7 @@ require ( github.com/spf13/pflag v1.0.7 github.com/stretchr/testify v1.10.0 github.com/theupdateframework/go-tuf/v2 v2.1.1 - github.com/yuin/goldmark v1.7.12 + github.com/yuin/goldmark v1.7.13 github.com/zalando/go-keyring v0.2.6 golang.org/x/crypto v0.40.0 golang.org/x/sync v0.16.0 diff --git a/go.sum b/go.sum index cd23474dc81..b84c4dee31d 100644 --- a/go.sum +++ b/go.sum @@ -1424,8 +1424,8 @@ github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9dec github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.1/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= -github.com/yuin/goldmark v1.7.12 h1:YwGP/rrea2/CnCtUHgjuolG/PnMxdQtPMO5PvaE2/nY= -github.com/yuin/goldmark v1.7.12/go.mod h1:ip/1k0VRfGynBgxOz0yCqHrbZXhcjxyuS66Brc7iBKg= +github.com/yuin/goldmark v1.7.13 h1:GPddIs617DnBLFFVJFgpo1aBfe/4xcvMc3SB5t/D0pA= +github.com/yuin/goldmark v1.7.13/go.mod h1:ip/1k0VRfGynBgxOz0yCqHrbZXhcjxyuS66Brc7iBKg= github.com/yuin/goldmark-emoji v1.0.6 h1:QWfF2FYaXwL74tfGOW5izeiZepUDroDJfWubQI9HTHs= github.com/yuin/goldmark-emoji v1.0.6/go.mod h1:ukxJDKFpdFb5x0a5HqbdlcKtebh086iJpI31LTKmWuA= github.com/zalando/go-keyring v0.2.6 h1:r7Yc3+H+Ux0+M72zacZoItR3UDxeWfKTcabvkI8ua9s= From 6710bbc2be41604a2ed66563461333a33b170267 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 14 Aug 2025 15:35:09 +0000 Subject: [PATCH 3/3] chore(deps): bump actions/checkout from 4 to 5 Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/bump-go.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/deployment.yml | 10 +++++----- .github/workflows/detect-spam.yml | 2 +- .github/workflows/go.yml | 4 ++-- .github/workflows/govulncheck.yml | 2 +- .github/workflows/lint.yml | 4 ++-- .github/workflows/pr-help-wanted.yml | 2 +- .github/workflows/third-party-licenses.yml | 2 +- 9 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/bump-go.yml b/.github/workflows/bump-go.yml index 3358b81aa50..41a1a6a81a1 100644 --- a/.github/workflows/bump-go.yml +++ b/.github/workflows/bump-go.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ac32a67af3a..6d101184fba 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Setup Go if: matrix.language == 'go' diff --git a/.github/workflows/deployment.yml b/.github/workflows/deployment.yml index 29744553b49..1510ac22a63 100644 --- a/.github/workflows/deployment.yml +++ b/.github/workflows/deployment.yml @@ -44,7 +44,7 @@ jobs: if: contains(inputs.platforms, 'linux') steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 with: @@ -79,7 +79,7 @@ jobs: if: contains(inputs.platforms, 'macos') steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 with: @@ -151,7 +151,7 @@ jobs: if: contains(inputs.platforms, 'windows') steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 with: @@ -254,11 +254,11 @@ jobs: if: inputs.release steps: - name: Checkout cli/cli - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Merge built artifacts uses: actions/download-artifact@v5 - name: Checkout documentation site - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: repository: github/cli.github.com path: site diff --git a/.github/workflows/detect-spam.yml b/.github/workflows/detect-spam.yml index 3e8c4a61880..a7d25ae0b73 100644 --- a/.github/workflows/detect-spam.yml +++ b/.github/workflows/detect-spam.yml @@ -14,7 +14,7 @@ jobs: environment: cli-automation steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Run spam detection env: GH_TOKEN: ${{ secrets.AUTOMATION_TOKEN }} diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 7772b381455..41b0ed00db3 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -18,7 +18,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 @@ -45,7 +45,7 @@ jobs: steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 diff --git a/.github/workflows/govulncheck.yml b/.github/workflows/govulncheck.yml index abd9c101183..f82df951a77 100644 --- a/.github/workflows/govulncheck.yml +++ b/.github/workflows/govulncheck.yml @@ -10,7 +10,7 @@ jobs: security-events: write steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 5afe6cd2ff7..162c8499b52 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 @@ -51,7 +51,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set up Go uses: actions/setup-go@v5 diff --git a/.github/workflows/pr-help-wanted.yml b/.github/workflows/pr-help-wanted.yml index 264b7bcf058..a895ecdeb12 100644 --- a/.github/workflows/pr-help-wanted.yml +++ b/.github/workflows/pr-help-wanted.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v5 - name: Set PR variables for workflow_dispatch event id: pr-vars-dispatch diff --git a/.github/workflows/third-party-licenses.yml b/.github/workflows/third-party-licenses.yml index 3cdc5858e1d..b57639c897d 100644 --- a/.github/workflows/third-party-licenses.yml +++ b/.github/workflows/third-party-licenses.yml @@ -21,7 +21,7 @@ jobs: contents: write steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v5 with: ref: trunk