Bump the actions group with 3 updates

dependabot[bot] · web-flow · commit ead6926e4fde · 2025-06-09T14:10:54.000Z
Bumps the actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [actions/setup-go](https://github.com/actions/setup-go) and [chainguard-dev/actions](https://github.com/chainguard-dev/actions). Updates `step-security/harden-runner` from 2.11.0 to 2.12.0 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@v2.11.0...0634a26) Updates `actions/setup-go` from 5.3.0 to 5.5.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@f111f33...d35c59a) Updates `chainguard-dev/actions` from 1.1.2 to 1.1.3 - [Release notes](https://github.com/chainguard-dev/actions/releases) - [Changelog](https://github.com/chainguard-dev/actions/blob/main/.goreleaser.yml) - [Commits](chainguard-dev/actions@5363dd9...fb25e25) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.12.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/setup-go dependency-version: 5.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: chainguard-dev/actions dependency-version: 1.1.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>
diff --git a/.github/workflows/build-scanner-audit.yaml b/.github/workflows/build-scanner-audit.yaml
@@ -20,13 +20,13 @@ jobs:
       contents: read
 
     steps:
-      - uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+      - uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
         with:
           egress-policy: audit
 
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
-      - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
+      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
         with:
           go-version-file: './scanner-audit/go.mod'
           check-latest: true
diff --git a/.github/workflows/regen-answers.yaml b/.github/workflows/regen-answers.yaml
@@ -55,7 +55,7 @@ jobs:
         echo "create_pr_update=true" >> $GITHUB_OUTPUT
 
     # Configure signed commits
-    - uses: chainguard-dev/actions/setup-gitsign@5363dd9eb48083bbf7674a4bbe62d71c3b230edd # v1.1.2
+    - uses: chainguard-dev/actions/setup-gitsign@fb25e25ce9d833614e70fa612dabc960d88b610b # v1.1.3
       if: ${{ steps.check-diff.outputs.create_pr_update == 'true' }}
 
     # Based on usage in https://github.com/chainguard-dev/digestabot/blob/main/action.yml
