From a20cefd3ed51c4f2b6d33a463e08e8ff3e630c1b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 3 Jun 2026 22:45:03 +0000 Subject: [PATCH] chore(deps): bump the all group with 3 updates Bumps the all group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [github/codeql-action](https://github.com/github/codeql-action) and [chainguard-dev/actions](https://github.com/chainguard-dev/actions). Updates `actions/checkout` from 6.0.2 to 6.0.3 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...df4cb1c069e1874edd31b4311f1884172cec0e10) Updates `github/codeql-action` from 4.36.0 to 4.36.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/7211b7c8077ea37d8641b6271f6a365a22a5fbfa...87557b9c84dde89fdd9b10e88954ac2f4248e463) Updates `chainguard-dev/actions` from 1.6.19 to 1.6.21 - [Release notes](https://github.com/chainguard-dev/actions/releases) - [Commits](https://github.com/chainguard-dev/actions/compare/c69a264ec2a5934c3186c618f368fc1c86f16cff...05fbd381f7c158bd33c9bbf3a28f67852269fdf8) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github/codeql-action dependency-version: 4.36.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: chainguard-dev/actions dependency-version: 1.6.21 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] --- .github/workflows/actionlint.yaml | 2 +- .github/workflows/codeql.yaml | 14 +++++++------- .github/workflows/digestabot.yaml | 4 ++-- .github/workflows/fuzz.yaml | 4 ++-- .github/workflows/go-tests.yaml | 4 ++-- .github/workflows/release.yaml | 4 ++-- .github/workflows/scorecard.yml | 4 ++-- .github/workflows/style.yaml | 14 +++++++------- .github/workflows/third-party.yaml | 4 ++-- .github/workflows/update-yara-x.yaml | 6 +++--- .github/workflows/version.yaml | 4 ++-- .github/workflows/zizmor.yaml | 2 +- 12 files changed, 33 insertions(+), 33 deletions(-) diff --git a/.github/workflows/actionlint.yaml b/.github/workflows/actionlint.yaml index 171f84295..6060492bf 100644 --- a/.github/workflows/actionlint.yaml +++ b/.github/workflows/actionlint.yaml @@ -36,7 +36,7 @@ jobs: release-assets.githubusercontent.com:443 - name: Check out code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index f22373e63..e6b2943e4 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -46,7 +46,7 @@ jobs: storage.googleapis.com:443 sum.golang.org:443 uploads.github.com:443 - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false - name: Cache yara-x-capi installation @@ -57,7 +57,7 @@ jobs: key: yara-x-capi-v${{ env.YARA_X_RELEASE }}-${{ runner.os }} - name: Checkout virusTotal/yara-x if: steps.yara-x-capi.outputs.cache-hit != 'true' - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false fetch-depth: 0 @@ -100,7 +100,7 @@ jobs: check-latest: true cache: true - name: Initialize CodeQL - uses: github/codeql-action/init@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0 + uses: github/codeql-action/init@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1 with: languages: go build-mode: manual @@ -111,7 +111,7 @@ jobs: PKG_CONFIG_PATH: ${{ github.workspace }}/yara-x-install LD_LIBRARY_PATH: ${{ github.workspace }}/yara-x-install - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0 + uses: github/codeql-action/analyze@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1 with: category: "/language:go" analyze-actions: @@ -140,15 +140,15 @@ jobs: sum.golang.org:443 uploads.github.com:443 - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false - name: Initialize CodeQL - uses: github/codeql-action/init@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0 + uses: github/codeql-action/init@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1 with: languages: actions build-mode: none - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0 + uses: github/codeql-action/analyze@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1 with: category: "/language:actions" diff --git a/.github/workflows/digestabot.yaml b/.github/workflows/digestabot.yaml index c6528fdc8..0000ba791 100644 --- a/.github/workflows/digestabot.yaml +++ b/.github/workflows/digestabot.yaml @@ -36,7 +36,7 @@ jobs: release-assets.githubusercontent.com:443 tuf-repo-cdn.sigstore.dev:443 - - uses: chainguard-dev/actions/setup-gitsign@c69a264ec2a5934c3186c618f368fc1c86f16cff # main + - uses: chainguard-dev/actions/setup-gitsign@05fbd381f7c158bd33c9bbf3a28f67852269fdf8 # main - uses: octo-sts/action@f603d3be9d8dd9871a265776e625a27b00effe05 # v1.1.1 id: octo-sts @@ -44,7 +44,7 @@ jobs: scope: ${{ github.repository }} identity: digestabot - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 # zizmor: ignore[artipacked] - credentials needed for digestabot to push and create PRs with: token: ${{ steps.octo-sts.outputs.token }} diff --git a/.github/workflows/fuzz.yaml b/.github/workflows/fuzz.yaml index 36fc67f66..db6d9fce5 100644 --- a/.github/workflows/fuzz.yaml +++ b/.github/workflows/fuzz.yaml @@ -55,7 +55,7 @@ jobs: github.com:443 - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false @@ -129,7 +129,7 @@ jobs: apk add curl findutils gcc git gnutar "${GO_RELEASE}" make nodejs pkgconf upx xz "yara-x~${YARA_X_RELEASE}" - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false diff --git a/.github/workflows/go-tests.yaml b/.github/workflows/go-tests.yaml index ee825c0f4..d971a5f24 100644 --- a/.github/workflows/go-tests.yaml +++ b/.github/workflows/go-tests.yaml @@ -45,7 +45,7 @@ jobs: apk add curl findutils gcc git gnutar "${GO_RELEASE}" make nodejs pkgconf upx xz "yara-x~${YARA_X_RELEASE}" - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false @@ -96,7 +96,7 @@ jobs: apk add curl findutils gcc git gnutar "${GO_RELEASE}" make nodejs pkgconf upx xz "yara-x~${YARA_X_RELEASE}" - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 693d8830f..7f4943ea2 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -29,7 +29,7 @@ jobs: github.com:443 octo-sts.dev:443 release-assets.githubusercontent.com:443 - - uses: chainguard-dev/actions/setup-gitsign@c69a264ec2a5934c3186c618f368fc1c86f16cff # main + - uses: chainguard-dev/actions/setup-gitsign@05fbd381f7c158bd33c9bbf3a28f67852269fdf8 # main - name: Set up Octo-STS uses: octo-sts/action@f603d3be9d8dd9871a265776e625a27b00effe05 # v1.1.1 id: octo-sts @@ -37,7 +37,7 @@ jobs: scope: chainguard-dev/malcontent identity: release - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 # zizmor: ignore[artipacked] - credentials needed for gh release create with: token: ${{ steps.octo-sts.outputs.token }} diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index b8e49f78f..e4f8e77f9 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -54,7 +54,7 @@ jobs: www.bestpractices.dev:443 - name: "Checkout code" - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false @@ -90,6 +90,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0 + uses: github/codeql-action/upload-sarif@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1 with: sarif_file: results.sarif diff --git a/.github/workflows/style.yaml b/.github/workflows/style.yaml index daac04197..eb40cf700 100644 --- a/.github/workflows/style.yaml +++ b/.github/workflows/style.yaml @@ -43,7 +43,7 @@ jobs: sum.golang.org:443 - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false @@ -80,7 +80,7 @@ jobs: sum.golang.org:443 - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false @@ -116,7 +116,7 @@ jobs: sum.golang.org:443 - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false @@ -126,7 +126,7 @@ jobs: go-version-file: go.mod check-latest: true - - uses: chainguard-dev/actions/gofmt@c69a264ec2a5934c3186c618f368fc1c86f16cff # main + - uses: chainguard-dev/actions/gofmt@05fbd381f7c158bd33c9bbf3a28f67852269fdf8 # main with: args: -s @@ -154,7 +154,7 @@ jobs: sum.golang.org:443 - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false @@ -164,7 +164,7 @@ jobs: go-version-file: go.mod check-latest: true - - uses: chainguard-dev/actions/goimports@c69a264ec2a5934c3186c618f368fc1c86f16cff # main + - uses: chainguard-dev/actions/goimports@05fbd381f7c158bd33c9bbf3a28f67852269fdf8 # main golangci-lint: name: golangci-lint @@ -192,7 +192,7 @@ jobs: apk add curl findutils gcc git "${GO_RELEASE}" make nodejs pkgconf "yara-x~${YARA_X_RELEASE}" - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false diff --git a/.github/workflows/third-party.yaml b/.github/workflows/third-party.yaml index a6c847451..6d7299e19 100644 --- a/.github/workflows/third-party.yaml +++ b/.github/workflows/third-party.yaml @@ -42,14 +42,14 @@ jobs: run: | apk update apk add bash curl findutils gcc gh git gnutar "${GO_RELEASE}" make nodejs perl pkgconf upx xz "yara-x~${YARA_X_RELEASE}" - - uses: chainguard-dev/actions/setup-gitsign@c69a264ec2a5934c3186c618f368fc1c86f16cff # main + - uses: chainguard-dev/actions/setup-gitsign@05fbd381f7c158bd33c9bbf3a28f67852269fdf8 # main - name: Set up Octo-STS uses: octo-sts/action@f603d3be9d8dd9871a265776e625a27b00effe05 # v1.1.1 id: octo-sts with: scope: chainguard-dev/malcontent identity: third-party - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 # zizmor: ignore[artipacked] - credentials needed for git push and gh pr create with: token: ${{ steps.octo-sts.outputs.token }} diff --git a/.github/workflows/update-yara-x.yaml b/.github/workflows/update-yara-x.yaml index 50cebb583..20e17a8e9 100644 --- a/.github/workflows/update-yara-x.yaml +++ b/.github/workflows/update-yara-x.yaml @@ -38,7 +38,7 @@ jobs: sum.golang.org:443 - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false @@ -112,7 +112,7 @@ jobs: sum.golang.org:443 tuf-repo-cdn.sigstore.dev:443 - - uses: chainguard-dev/actions/setup-gitsign@c69a264ec2a5934c3186c618f368fc1c86f16cff # main + - uses: chainguard-dev/actions/setup-gitsign@05fbd381f7c158bd33c9bbf3a28f67852269fdf8 # main - name: Set up Octo-STS uses: octo-sts/action@f603d3be9d8dd9871a265776e625a27b00effe05 # v1.1.1 id: octo-sts @@ -121,7 +121,7 @@ jobs: identity: update-yara-x - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 # zizmor: ignore[artipacked] - credentials needed for git push and gh pr create with: token: ${{ steps.octo-sts.outputs.token }} diff --git a/.github/workflows/version.yaml b/.github/workflows/version.yaml index 074f6f6c7..b63db47c8 100644 --- a/.github/workflows/version.yaml +++ b/.github/workflows/version.yaml @@ -39,14 +39,14 @@ jobs: rekor.sigstore.dev:443 release-assets.githubusercontent.com:443 tuf-repo-cdn.sigstore.dev:443 - - uses: chainguard-dev/actions/setup-gitsign@c69a264ec2a5934c3186c618f368fc1c86f16cff # main + - uses: chainguard-dev/actions/setup-gitsign@05fbd381f7c158bd33c9bbf3a28f67852269fdf8 # main - name: Set up Octo-STS uses: octo-sts/action@f603d3be9d8dd9871a265776e625a27b00effe05 # v1.1.1 id: octo-sts with: scope: chainguard-dev/malcontent identity: release - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 # zizmor: ignore[artipacked] - credentials needed for git push and gh pr create with: token: ${{ steps.octo-sts.outputs.token }} diff --git a/.github/workflows/zizmor.yaml b/.github/workflows/zizmor.yaml index 4fcf80218..0d2639b89 100644 --- a/.github/workflows/zizmor.yaml +++ b/.github/workflows/zizmor.yaml @@ -40,7 +40,7 @@ jobs: ghcr.io - name: Check out code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false