From 569f370a7a131c830c0bce86fcf329fdd492497c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Jun 2026 16:06:08 +0000 Subject: [PATCH] ci(deps): bump the actions group with 5 updates Bumps the actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action) | `1.0.134` | `1.0.140` | | [dataaxiom/ghcr-cleanup-action](https://github.com/dataaxiom/ghcr-cleanup-action) | `1.2.1` | `1.2.2` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `6.0.1` | `7.0.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.36.1` | `4.36.2` | | [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.81.2` | `2.81.8` | Updates `anthropics/claude-code-action` from 1.0.134 to 1.0.140 - [Release notes](https://github.com/anthropics/claude-code-action/releases) - [Commits](https://github.com/anthropics/claude-code-action/compare/36a69b6a90b850823f86de06fdfd56264772ad98...fbda2eb1bdc90d319b8d853f5deb53bca199a7c1) Updates `dataaxiom/ghcr-cleanup-action` from 1.2.1 to 1.2.2 - [Release notes](https://github.com/dataaxiom/ghcr-cleanup-action/releases) - [Commits](https://github.com/dataaxiom/ghcr-cleanup-action/compare/f092b48ba3b604b2a83690dc4b2bbb3392e1045f...d52806a0dc70b430571a37da1fde39733ffd640f) Updates `codecov/codecov-action` from 6.0.1 to 7.0.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/e79a6962e0d4c0c17b229090214935d2e33f8354...fb8b3582c8e4def4969c97caa2f19720cb33a72f) Updates `github/codeql-action` from 4.36.1 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/87557b9c84dde89fdd9b10e88954ac2f4248e463...8aad20d150bbac5944a9f9d289da16a4b0d87c1e) Updates `taiki-e/install-action` from 2.81.2 to 2.81.8 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/6887963ccf37a9ddcd8c5fa4baeb3e1e5fd61fa1...0631aa6515c7d545823c67cfae7ef4fc7f490154) --- updated-dependencies: - dependency-name: anthropics/claude-code-action dependency-version: 1.0.140 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: dataaxiom/ghcr-cleanup-action dependency-version: 1.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: codecov/codecov-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: github/codeql-action dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: taiki-e/install-action dependency-version: 2.81.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/claude-code-review.yml | 2 +- .github/workflows/claude.yml | 2 +- .github/workflows/cleanup-images.yml | 2 +- .github/workflows/e2e-test.yml | 4 ++-- .github/workflows/security.yml | 6 ++--- .github/workflows/test.yml | 28 ++++++++++++------------ 6 files changed, 22 insertions(+), 22 deletions(-) diff --git a/.github/workflows/claude-code-review.yml b/.github/workflows/claude-code-review.yml index 146c509b..66d0bc9c 100644 --- a/.github/workflows/claude-code-review.yml +++ b/.github/workflows/claude-code-review.yml @@ -29,7 +29,7 @@ jobs: - name: Run Claude Code Review id: claude-review - uses: anthropics/claude-code-action@36a69b6a90b850823f86de06fdfd56264772ad98 # v1.0.134 + uses: anthropics/claude-code-action@fbda2eb1bdc90d319b8d853f5deb53bca199a7c1 # v1.0.140 with: claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} plugin_marketplaces: 'https://github.com/anthropics/claude-code.git' diff --git a/.github/workflows/claude.yml b/.github/workflows/claude.yml index bf0c1948..edb4a44a 100644 --- a/.github/workflows/claude.yml +++ b/.github/workflows/claude.yml @@ -33,7 +33,7 @@ jobs: - name: Run Claude Code id: claude - uses: anthropics/claude-code-action@36a69b6a90b850823f86de06fdfd56264772ad98 # v1.0.134 + uses: anthropics/claude-code-action@fbda2eb1bdc90d319b8d853f5deb53bca199a7c1 # v1.0.140 with: claude_code_oauth_token: ${{ secrets.CLAUDE_CODE_OAUTH_TOKEN }} diff --git a/.github/workflows/cleanup-images.yml b/.github/workflows/cleanup-images.yml index 59486cc2..d0ad51ca 100644 --- a/.github/workflows/cleanup-images.yml +++ b/.github/workflows/cleanup-images.yml @@ -30,7 +30,7 @@ jobs: steps: - name: ๐Ÿงน Cleanup Docker Images - ${{ matrix.package }} - uses: dataaxiom/ghcr-cleanup-action@f092b48ba3b604b2a83690dc4b2bbb3392e1045f # v1.2.1 + uses: dataaxiom/ghcr-cleanup-action@d52806a0dc70b430571a37da1fde39733ffd640f # v1.2.2 with: delete-partial-images: true delete-untagged: true diff --git a/.github/workflows/e2e-test.yml b/.github/workflows/e2e-test.yml index cd80216f..1992c17a 100644 --- a/.github/workflows/e2e-test.yml +++ b/.github/workflows/e2e-test.yml @@ -187,7 +187,7 @@ jobs: - name: ๐Ÿ“Š Upload E2E coverage to Codecov if: always() # Upload coverage even if tests fail - uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 with: token: ${{ secrets.CODECOV_TOKEN }} slug: SimplicityGuy/discogsography @@ -203,7 +203,7 @@ jobs: - name: "๐Ÿ“Š Upload E2E JS coverage to Codecov" if: always() - uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 with: token: ${{ secrets.CODECOV_TOKEN }} slug: SimplicityGuy/discogsography diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 35c43499..628d00f9 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -88,7 +88,7 @@ jobs: if: always() - name: ๐Ÿ“ค Upload SARIF to GitHub Advanced Security - uses: github/codeql-action/upload-sarif@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1 + uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 with: sarif_file: semgrep.sarif if: always() @@ -122,7 +122,7 @@ jobs: ${{ runner.os }}-cargo- - name: ๐Ÿ“ฆ Install cargo-audit and cargo-deny - uses: taiki-e/install-action@6887963ccf37a9ddcd8c5fa4baeb3e1e5fd61fa1 # v2.81.2 + uses: taiki-e/install-action@0631aa6515c7d545823c67cfae7ef4fc7f490154 # v2.81.8 with: tool: cargo-audit,cargo-deny @@ -173,7 +173,7 @@ jobs: severity: HIGH,CRITICAL - name: ๐Ÿ“ค Upload trivy SARIF results to GitHub Security tab - uses: github/codeql-action/upload-sarif@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1 + uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 if: always() with: sarif_file: trivy-results.sarif diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index f64549c2..ef8badc7 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -49,7 +49,7 @@ jobs: - name: ๐Ÿ“Š Upload coverage (api) if: always() - uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 with: token: ${{ secrets.CODECOV_TOKEN }} slug: SimplicityGuy/discogsography @@ -89,7 +89,7 @@ jobs: - name: ๐Ÿ“Š Upload coverage (common) if: always() - uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 with: token: ${{ secrets.CODECOV_TOKEN }} slug: SimplicityGuy/discogsography @@ -134,7 +134,7 @@ jobs: - name: ๐Ÿ“Š Upload coverage (dashboard) if: always() - uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 with: token: ${{ secrets.CODECOV_TOKEN }} slug: SimplicityGuy/discogsography @@ -174,7 +174,7 @@ jobs: - name: ๐Ÿ“Š Upload coverage (explore) if: always() - uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 with: token: ${{ secrets.CODECOV_TOKEN }} slug: SimplicityGuy/discogsography @@ -214,7 +214,7 @@ jobs: - name: "๐Ÿ“Š Upload coverage (insights)" if: always() - uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 with: token: ${{ secrets.CODECOV_TOKEN }} slug: SimplicityGuy/discogsography @@ -254,7 +254,7 @@ jobs: - name: "๐Ÿ“Š Upload coverage (mcp-server)" if: always() - uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 with: token: ${{ secrets.CODECOV_TOKEN }} slug: SimplicityGuy/discogsography @@ -294,7 +294,7 @@ jobs: - name: "๐Ÿ“Š Upload coverage (brainzgraphinator)" if: always() - uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 with: token: ${{ secrets.CODECOV_TOKEN }} slug: SimplicityGuy/discogsography @@ -334,7 +334,7 @@ jobs: - name: ๐Ÿ“Š Upload coverage (graphinator) if: always() - uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 with: token: ${{ secrets.CODECOV_TOKEN }} slug: SimplicityGuy/discogsography @@ -374,7 +374,7 @@ jobs: - name: ๐Ÿ“Š Upload coverage (schema-init) if: always() - uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 with: token: ${{ secrets.CODECOV_TOKEN }} slug: SimplicityGuy/discogsography @@ -414,7 +414,7 @@ jobs: - name: ๐Ÿ“Š Upload coverage (tableinator) if: always() - uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 with: token: ${{ secrets.CODECOV_TOKEN }} slug: SimplicityGuy/discogsography @@ -454,7 +454,7 @@ jobs: - name: "๐Ÿ“Š Upload coverage (brainztableinator)" if: always() - uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 with: token: ${{ secrets.CODECOV_TOKEN }} slug: SimplicityGuy/discogsography @@ -494,7 +494,7 @@ jobs: - name: "๐Ÿ“Š Upload coverage (explore-js)" if: always() - uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 with: token: ${{ secrets.CODECOV_TOKEN }} slug: SimplicityGuy/discogsography @@ -548,7 +548,7 @@ jobs: - name: ๐Ÿ“ฆ Install cargo-llvm-cov if: steps.check-rust.outputs.exists == 'true' - uses: taiki-e/install-action@6887963ccf37a9ddcd8c5fa4baeb3e1e5fd61fa1 # v2.81.2 + uses: taiki-e/install-action@0631aa6515c7d545823c67cfae7ef4fc7f490154 # v2.81.8 with: tool: cargo-llvm-cov @@ -573,7 +573,7 @@ jobs: - name: ๐Ÿ“Š Upload Rust coverage reports if: steps.check-rust.outputs.exists == 'true' - uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 with: token: ${{ secrets.CODECOV_TOKEN }} slug: SimplicityGuy/discogsography