From 0bb4028ec9b488ee1ae4ae38d942c0110f34c161 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 8 Jul 2026 21:04:11 +0000 Subject: [PATCH] Bump the dependencies group across 1 directory with 5 updates Bumps the dependencies group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.19.4` | `2.20.0` | | [actions/checkout](https://github.com/actions/checkout) | `6` | `7` | | [actions/cache](https://github.com/actions/cache) | `4` | `6` | | [actions/setup-go](https://github.com/actions/setup-go) | `5` | `6` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `6` | `7` | Updates `step-security/harden-runner` from 2.19.4 to 2.20.0 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/v2.19.4...v2.20.0) Updates `actions/checkout` from 6 to 7 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v6...v7) Updates `actions/cache` from 4 to 6 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4...v6) Updates `actions/setup-go` from 5 to 6 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v5...v6) Updates `codecov/codecov-action` from 6 to 7 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v6...v7) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: actions/checkout dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: actions/cache dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: codecov/codecov-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/benchmarks.yml | 6 +++--- .github/workflows/code-review.yml | 2 +- .github/workflows/docker.yml | 4 ++-- .github/workflows/integration-tests.yml | 4 ++-- .github/workflows/release.yml | 2 +- .github/workflows/rust.yml | 12 ++++++------ .github/workflows/staging.yml | 4 ++-- 7 files changed, 17 insertions(+), 17 deletions(-) diff --git a/.github/workflows/benchmarks.yml b/.github/workflows/benchmarks.yml index 0c2f5d7..b6ed5b6 100644 --- a/.github/workflows/benchmarks.yml +++ b/.github/workflows/benchmarks.yml @@ -19,12 +19,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@v2.19.4 + uses: step-security/harden-runner@v2.20.0 with: egress-policy: audit - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v7 - name: Log toolchain versions run: rustup --version && rustc --version && cargo --version @@ -34,7 +34,7 @@ jobs: run: cargo bench --bench benchmark -- --output-format bencher | tee ../bench-result.txt - name: Download previous benchmark data - uses: actions/cache@v4 + uses: actions/cache@v6 with: path: ./cache key: benchmark-${{ runner.os }}-${{ github.run_id }} diff --git a/.github/workflows/code-review.yml b/.github/workflows/code-review.yml index 4ffaae8..a89b553 100644 --- a/.github/workflows/code-review.yml +++ b/.github/workflows/code-review.yml @@ -17,7 +17,7 @@ jobs: actions: read id-token: write steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 1 diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index bb70e23..59f7bb9 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -24,12 +24,12 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@v2.19.4 + uses: step-security/harden-runner@v2.20.0 with: egress-policy: audit - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v7 - name: Build the Docker image uses: docker/build-push-action@v7 diff --git a/.github/workflows/integration-tests.yml b/.github/workflows/integration-tests.yml index 75d2646..ecd63a8 100644 --- a/.github/workflows/integration-tests.yml +++ b/.github/workflows/integration-tests.yml @@ -35,7 +35,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@v2.19.4 + uses: step-security/harden-runner@v2.20.0 with: egress-policy: audit @@ -51,7 +51,7 @@ jobs: env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v7 with: ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.sha }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 10a0aa3..4a94cee 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -37,7 +37,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index 8948651..6dcf59f 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -23,14 +23,14 @@ jobs: runs-on: ${{ matrix.os }} steps: - name: Harden Runner - uses: step-security/harden-runner@v2.19.4 + uses: step-security/harden-runner@v2.20.0 with: egress-policy: audit - name: Checkout - uses: actions/checkout@v6 + uses: actions/checkout@v7 - name: Restore cached dependencies - uses: actions/cache/restore@v5 + uses: actions/cache/restore@v6 id: cache-restore with: path: | @@ -52,7 +52,7 @@ jobs: uses: ilammy/setup-nasm@v1 - name: Install Go (macOS) if: runner.os == 'macOS' - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version: 'stable' - name: Install Cargo binaries @@ -68,7 +68,7 @@ jobs: - name: Code Coverage run: cargo llvm-cov --all-features --workspace --exclude integration-tests --codecov --output-path ./codecov.json - name: Publish Code Coverage - uses: codecov/codecov-action@v6 + uses: codecov/codecov-action@v7 with: files: ./codecov.json fail_ci_if_error: true @@ -78,7 +78,7 @@ jobs: - name: Clippy run: cargo clippy --all-targets --all-features - name: Cache dependencies - uses: actions/cache/save@v5 + uses: actions/cache/save@v6 if: steps.cache-restore.outputs.cache-hit != 'true' with: path: | diff --git a/.github/workflows/staging.yml b/.github/workflows/staging.yml index 298acd1..0e941ba 100644 --- a/.github/workflows/staging.yml +++ b/.github/workflows/staging.yml @@ -31,12 +31,12 @@ jobs: runs-on: ${{ matrix.runner }} steps: - name: Harden Runner - uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 + uses: step-security/harden-runner@bf7454d06d71f1098171f2acdf0cd4708d7b5920 # v2.20.0 with: egress-policy: audit - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 1