Skip to content

Commit a1eab5c

Browse files
CHORE bump github-actions group with 18 updates (#28)
Bumps the github-actions group with 18 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4` | `6` | | [actions/setup-node](https://github.com/actions/setup-node) | `4` | `6` | | [snyk/actions](https://github.com/snyk/actions) | `0.4.0` | `1.0.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3` | `4` | | [actions/setup-go](https://github.com/actions/setup-go) | `5` | `6` | | [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `7` | `9` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `7` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3` | `4` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6` | `7` | | [superfly/flyctl-actions](https://github.com/superfly/flyctl-actions) | `1.5` | `1.6` | | [treosh/lighthouse-ci-action](https://github.com/treosh/lighthouse-ci-action) | `11` | `12` | | [geekyeggo/delete-artifact](https://github.com/geekyeggo/delete-artifact) | `4` | `6` | | [actions/first-interaction](https://github.com/actions/first-interaction) | `1` | `3` | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `3` | `4` | | [docker/login-action](https://github.com/docker/login-action) | `3` | `4` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `5` | `6` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.35.0` | `0.36.0` | | [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) | `2` | `4` | Updates `actions/checkout` from 4 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4...v6) Updates `actions/setup-node` from 4 to 6 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@v4...v6) Updates `snyk/actions` from 0.4.0 to 1.0.0 - [Release notes](https://github.com/snyk/actions/releases) - [Commits](snyk/actions@0.4.0...v1.0.0) Updates `github/codeql-action` from 3 to 4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) Updates `actions/setup-go` from 5 to 6 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v5...v6) Updates `golangci/golangci-lint-action` from 7 to 9 - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@v7...v9) Updates `actions/upload-artifact` from 4 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4...v7) Updates `docker/setup-buildx-action` from 3 to 4 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v3...v4) Updates `docker/build-push-action` from 6 to 7 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@v6...v7) Updates `superfly/flyctl-actions` from 1.5 to 1.6 - [Release notes](https://github.com/superfly/flyctl-actions/releases) - [Commits](superfly/flyctl-actions@1.5...1.6) Updates `treosh/lighthouse-ci-action` from 11 to 12 - [Release notes](https://github.com/treosh/lighthouse-ci-action/releases) - [Commits](treosh/lighthouse-ci-action@v11...v12) Updates `geekyeggo/delete-artifact` from 4 to 6 - [Release notes](https://github.com/geekyeggo/delete-artifact/releases) - [Changelog](https://github.com/GeekyEggo/delete-artifact/blob/main/CHANGELOG.md) - [Commits](GeekyEggo/delete-artifact@v4...v6) Updates `actions/first-interaction` from 1 to 3 - [Release notes](https://github.com/actions/first-interaction/releases) - [Commits](actions/first-interaction@v1...v3) Updates `docker/setup-qemu-action` from 3 to 4 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@v3...v4) Updates `docker/login-action` from 3 to 4 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v3...v4) Updates `docker/metadata-action` from 5 to 6 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@v5...v6) Updates `aquasecurity/trivy-action` from 0.35.0 to 0.36.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@v0.35.0...v0.36.0) Updates `actions/attest-build-provenance` from 2 to 4 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](actions/attest-build-provenance@v2...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-node dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: snyk/actions dependency-version: 1.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: golangci/golangci-lint-action dependency-version: '9' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/build-push-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: superfly/flyctl-actions dependency-version: '1.6' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: treosh/lighthouse-ci-action dependency-version: '12' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: geekyeggo/delete-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/first-interaction dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/setup-qemu-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/login-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/metadata-action dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: aquasecurity/trivy-action dependency-version: 0.36.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/attest-build-provenance dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent 5c5e2c3 commit a1eab5c

6 files changed

Lines changed: 54 additions & 54 deletions

File tree

.github/workflows/ci-cd.yml

Lines changed: 32 additions & 32 deletions
Original file line numberDiff line numberDiff line change
@@ -26,10 +26,10 @@ jobs:
2626

2727
steps:
2828
- name: Checkout code
29-
uses: actions/checkout@v4
29+
uses: actions/checkout@v6
3030

3131
- name: Set up Node.js
32-
uses: actions/setup-node@v4
32+
uses: actions/setup-node@v6
3333
with:
3434
node-version: ${{ env.NODE_VERSION }}
3535
cache: 'npm'
@@ -47,7 +47,7 @@ jobs:
4747
continue-on-error: false
4848

4949
- name: Run Snyk Security Scan (Frontend)
50-
uses: snyk/actions/node@0.4.0
50+
uses: snyk/actions/node@v1.0.0
5151
continue-on-error: true
5252
env:
5353
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
@@ -103,10 +103,10 @@ jobs:
103103

104104
steps:
105105
- name: Checkout code
106-
uses: actions/checkout@v4
106+
uses: actions/checkout@v6
107107

108108
- name: Set up Go
109-
uses: actions/setup-go@v5
109+
uses: actions/setup-go@v6
110110
with:
111111
go-version: ${{ env.GO_VERSION }}
112112
cache-dependency-path: backend/go.sum
@@ -116,7 +116,7 @@ jobs:
116116
run: go mod download
117117

118118
- name: Run Snyk Security Scan (Backend)
119-
uses: snyk/actions/golang@0.4.0
119+
uses: snyk/actions/golang@v1.0.0
120120
continue-on-error: true
121121
env:
122122
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
@@ -172,10 +172,10 @@ jobs:
172172

173173
steps:
174174
- name: Checkout code
175-
uses: actions/checkout@v4
175+
uses: actions/checkout@v6
176176

177177
- name: Run Snyk Code Analysis
178-
uses: snyk/actions/node@0.4.0
178+
uses: snyk/actions/node@v1.0.0
179179
continue-on-error: true
180180
env:
181181
SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
@@ -230,10 +230,10 @@ jobs:
230230

231231
steps:
232232
- name: Checkout code
233-
uses: actions/checkout@v4
233+
uses: actions/checkout@v6
234234

235235
- name: Set up Node.js
236-
uses: actions/setup-node@v4
236+
uses: actions/setup-node@v6
237237
with:
238238
node-version: ${{ env.NODE_VERSION }}
239239
cache: 'npm'
@@ -264,10 +264,10 @@ jobs:
264264

265265
steps:
266266
- name: Checkout code
267-
uses: actions/checkout@v4
267+
uses: actions/checkout@v6
268268

269269
- name: Set up Go
270-
uses: actions/setup-go@v5
270+
uses: actions/setup-go@v6
271271
with:
272272
go-version: ${{ env.GO_VERSION }}
273273
cache-dependency-path: backend/go.sum
@@ -281,7 +281,7 @@ jobs:
281281
run: go vet ./...
282282

283283
- name: Run golangci-lint
284-
uses: golangci/golangci-lint-action@v7
284+
uses: golangci/golangci-lint-action@v9
285285
with:
286286
version: v2.4.0
287287
working-directory: backend
@@ -295,10 +295,10 @@ jobs:
295295

296296
steps:
297297
- name: Checkout code
298-
uses: actions/checkout@v4
298+
uses: actions/checkout@v6
299299

300300
- name: Set up Go
301-
uses: actions/setup-go@v5
301+
uses: actions/setup-go@v6
302302
with:
303303
go-version: ${{ env.GO_VERSION }}
304304
cache-dependency-path: backend/go.sum
@@ -312,7 +312,7 @@ jobs:
312312
run: go test -v -race -coverprofile=coverage.out ./...
313313

314314
- name: Upload coverage report
315-
uses: actions/upload-artifact@v4
315+
uses: actions/upload-artifact@v7
316316
with:
317317
name: backend-coverage
318318
path: backend/coverage.out
@@ -328,10 +328,10 @@ jobs:
328328

329329
steps:
330330
- name: Checkout code
331-
uses: actions/checkout@v4
331+
uses: actions/checkout@v6
332332

333333
- name: Set up Node.js
334-
uses: actions/setup-node@v4
334+
uses: actions/setup-node@v6
335335
with:
336336
node-version: ${{ env.NODE_VERSION }}
337337
cache: 'npm'
@@ -357,7 +357,7 @@ jobs:
357357
CI: true
358358

359359
- name: Upload frontend build artifacts
360-
uses: actions/upload-artifact@v4
360+
uses: actions/upload-artifact@v7
361361
with:
362362
name: frontend-dist
363363
path: frontend/dist/
@@ -373,10 +373,10 @@ jobs:
373373

374374
steps:
375375
- name: Checkout code
376-
uses: actions/checkout@v4
376+
uses: actions/checkout@v6
377377

378378
- name: Set up Go
379-
uses: actions/setup-go@v5
379+
uses: actions/setup-go@v6
380380
with:
381381
go-version: ${{ env.GO_VERSION }}
382382
cache-dependency-path: backend/go.sum
@@ -391,7 +391,7 @@ jobs:
391391
CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -ldflags="-s -w" -o server ./cmd/server
392392
393393
- name: Upload backend build artifacts
394-
uses: actions/upload-artifact@v4
394+
uses: actions/upload-artifact@v7
395395
with:
396396
name: backend-binary
397397
path: backend/server
@@ -407,13 +407,13 @@ jobs:
407407

408408
steps:
409409
- name: Checkout code
410-
uses: actions/checkout@v4
410+
uses: actions/checkout@v6
411411

412412
- name: Set up Docker Buildx
413-
uses: docker/setup-buildx-action@v3
413+
uses: docker/setup-buildx-action@v4
414414

415415
- name: Build Docker image (test)
416-
uses: docker/build-push-action@v6
416+
uses: docker/build-push-action@v7
417417
with:
418418
context: .
419419
file: docker/Dockerfile.fly
@@ -436,10 +436,10 @@ jobs:
436436

437437
steps:
438438
- name: Checkout code
439-
uses: actions/checkout@v4
439+
uses: actions/checkout@v6
440440

441441
- name: Set up Fly.io CLI
442-
uses: superfly/flyctl-actions/setup-flyctl@1.5
442+
uses: superfly/flyctl-actions/setup-flyctl@1.6
443443

444444
- name: Deploy to Fly.io
445445
run: flyctl deploy --remote-only
@@ -464,10 +464,10 @@ jobs:
464464

465465
steps:
466466
- name: Checkout code
467-
uses: actions/checkout@v4
467+
uses: actions/checkout@v6
468468

469469
- name: Set up Fly.io CLI
470-
uses: superfly/flyctl-actions/setup-flyctl@1.5
470+
uses: superfly/flyctl-actions/setup-flyctl@1.6
471471

472472
- name: Validate wallet Fly token
473473
run: |
@@ -586,13 +586,13 @@ jobs:
586586

587587
steps:
588588
- name: Checkout code
589-
uses: actions/checkout@v4
589+
uses: actions/checkout@v6
590590

591591
- name: Wait for deployment to be ready
592592
run: sleep 30
593593

594594
- name: Run Lighthouse CI
595-
uses: treosh/lighthouse-ci-action@v11
595+
uses: treosh/lighthouse-ci-action@v12
596596
with:
597597
urls: |
598598
https://protocolsoup.com
@@ -610,7 +610,7 @@ jobs:
610610

611611
steps:
612612
- name: Delete PR artifacts
613-
uses: geekyeggo/delete-artifact@v4
613+
uses: geekyeggo/delete-artifact@v6
614614
with:
615615
name: |
616616
frontend-dist

.github/workflows/docs-deploy.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -25,10 +25,10 @@ jobs:
2525

2626
steps:
2727
- name: Checkout code
28-
uses: actions/checkout@v4
28+
uses: actions/checkout@v6
2929

3030
- name: Set up Node.js
31-
uses: actions/setup-node@v4
31+
uses: actions/setup-node@v6
3232
with:
3333
node-version: ${{ env.NODE_VERSION }}
3434

@@ -56,10 +56,10 @@ jobs:
5656

5757
steps:
5858
- name: Checkout code
59-
uses: actions/checkout@v4
59+
uses: actions/checkout@v6
6060

6161
- name: Set up Fly.io CLI
62-
uses: superfly/flyctl-actions/setup-flyctl@1.5
62+
uses: superfly/flyctl-actions/setup-flyctl@1.6
6363

6464
- name: Validate Fly token
6565
run: |

.github/workflows/docs-quality.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -24,10 +24,10 @@ jobs:
2424

2525
steps:
2626
- name: Checkout code
27-
uses: actions/checkout@v4
27+
uses: actions/checkout@v6
2828

2929
- name: Set up Node.js
30-
uses: actions/setup-node@v4
30+
uses: actions/setup-node@v6
3131
with:
3232
node-version: ${{ env.NODE_VERSION }}
3333

@@ -41,10 +41,10 @@ jobs:
4141

4242
steps:
4343
- name: Checkout code
44-
uses: actions/checkout@v4
44+
uses: actions/checkout@v6
4545

4646
- name: Set up Node.js
47-
uses: actions/setup-node@v4
47+
uses: actions/setup-node@v6
4848
with:
4949
node-version: ${{ env.NODE_VERSION }}
5050

.github/workflows/first-time-contributor.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ jobs:
1616
runs-on: ubuntu-latest
1717
steps:
1818
- name: Post first interaction guidance
19-
uses: actions/first-interaction@v1
19+
uses: actions/first-interaction@v3
2020
with:
2121
repo-token: "${{ secrets.GITHUB_TOKEN }}"
2222
issue-message: |

.github/workflows/ghcr-publish.yml

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -108,7 +108,7 @@ jobs:
108108

109109
steps:
110110
- name: Checkout code
111-
uses: actions/checkout@v4
111+
uses: actions/checkout@v6
112112

113113
# GHCR requires lowercase image names
114114
- name: Set lowercase image name
@@ -117,21 +117,21 @@ jobs:
117117
echo "name=${{ env.REGISTRY }}/${{ github.repository_owner }}/${{ matrix.image }}" | tr '[:upper:]' '[:lower:]' >> $GITHUB_OUTPUT
118118
119119
- name: Set up QEMU
120-
uses: docker/setup-qemu-action@v3
120+
uses: docker/setup-qemu-action@v4
121121

122122
- name: Set up Docker Buildx
123-
uses: docker/setup-buildx-action@v3
123+
uses: docker/setup-buildx-action@v4
124124

125125
- name: Log in to GitHub Container Registry
126-
uses: docker/login-action@v3
126+
uses: docker/login-action@v4
127127
with:
128128
registry: ${{ env.REGISTRY }}
129129
username: ${{ github.actor }}
130130
password: ${{ secrets.GITHUB_TOKEN }}
131131

132132
- name: Extract metadata (tags, labels)
133133
id: meta
134-
uses: docker/metadata-action@v5
134+
uses: docker/metadata-action@v6
135135
with:
136136
images: ${{ steps.image.outputs.name }}
137137
tags: |
@@ -151,7 +151,7 @@ jobs:
151151
152152
- name: Build and push Docker image
153153
id: build
154-
uses: docker/build-push-action@v6
154+
uses: docker/build-push-action@v7
155155
with:
156156
context: ${{ matrix.context }}
157157
file: ${{ matrix.dockerfile }}
@@ -168,7 +168,7 @@ jobs:
168168

169169
# Security: Scan image for vulnerabilities
170170
- name: Scan image for vulnerabilities
171-
uses: aquasecurity/trivy-action@v0.35.0
171+
uses: aquasecurity/trivy-action@v0.36.0
172172
with:
173173
image-ref: ${{ steps.image.outputs.name }}:latest
174174
format: 'sarif'
@@ -177,7 +177,7 @@ jobs:
177177
exit-code: '0' # Don't fail build, but report issues
178178

179179
- name: Upload Trivy scan results
180-
uses: github/codeql-action/upload-sarif@v3
180+
uses: github/codeql-action/upload-sarif@v4
181181
with:
182182
sarif_file: 'trivy-results-${{ matrix.name }}.sarif'
183183
category: 'container-${{ matrix.name }}'
@@ -196,7 +196,7 @@ jobs:
196196

197197
# Supply chain: Generate attestation
198198
- name: Generate artifact attestation
199-
uses: actions/attest-build-provenance@v2
199+
uses: actions/attest-build-provenance@v4
200200
with:
201201
subject-name: ${{ steps.image.outputs.name }}
202202
subject-digest: ${{ steps.build.outputs.digest }}

.github/workflows/protocol-conformance.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -24,10 +24,10 @@ jobs:
2424

2525
steps:
2626
- name: Checkout code
27-
uses: actions/checkout@v4
27+
uses: actions/checkout@v6
2828

2929
- name: Set up Go
30-
uses: actions/setup-go@v5
30+
uses: actions/setup-go@v6
3131
with:
3232
go-version: ${{ env.GO_VERSION }}
3333
cache-dependency-path: backend/go.sum
@@ -63,11 +63,11 @@ jobs:
6363
6464
- name: Checkout code
6565
if: steps.external_ready.outputs.ready == 'true'
66-
uses: actions/checkout@v4
66+
uses: actions/checkout@v6
6767

6868
- name: Set up Go
6969
if: steps.external_ready.outputs.ready == 'true'
70-
uses: actions/setup-go@v5
70+
uses: actions/setup-go@v6
7171
with:
7272
go-version: ${{ env.GO_VERSION }}
7373
cache-dependency-path: backend/go.sum

0 commit comments

Comments
 (0)