From 8828ee16f334c066ce39ea659420504cbb01d1c9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Jun 2026 06:04:32 +0000 Subject: [PATCH] chore(deps): bump the gha group across 1 directory with 14 updates Bumps the gha group with 14 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6.0.2` | `7.0.0` | | [reviewdog/action-hadolint](https://github.com/reviewdog/action-hadolint) | `1.50.5` | `1.51.0` | | [reviewdog/action-yamllint](https://github.com/reviewdog/action-yamllint) | `1.21.0` | `1.22.0` | | [actions/setup-go](https://github.com/actions/setup-go) | `6.4.0` | `6.5.0` | | [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `7.2.1` | `7.2.2` | | [actions/cache](https://github.com/actions/cache) | `5.0.5` | `6.1.0` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `6.0.0` | `6.1.0` | | [docker/login-action](https://github.com/docker/login-action) | `4.1.0` | `4.2.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `4.0.0` | `4.1.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `7.1.0` | `7.2.0` | | [github/codeql-action/init](https://github.com/github/codeql-action) | `4.35.3` | `4.36.2` | | [github/codeql-action/analyze](https://github.com/github/codeql-action) | `4.35.3` | `4.36.2` | | [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) | `4.35.3` | `4.36.2` | | [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) | `3.95.2` | `3.95.6` | Updates `actions/checkout` from 6.0.2 to 7.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0) Updates `reviewdog/action-hadolint` from 1.50.5 to 1.51.0 - [Release notes](https://github.com/reviewdog/action-hadolint/releases) - [Commits](https://github.com/reviewdog/action-hadolint/compare/921946a7ebaaf08ac72607bad67209f4e52b5407...1b2cfa6ba72072ad35158d7ff3aa49bbdc03506d) Updates `reviewdog/action-yamllint` from 1.21.0 to 1.22.0 - [Release notes](https://github.com/reviewdog/action-yamllint/releases) - [Commits](https://github.com/reviewdog/action-yamllint/compare/f01d8a48fd8d89f89895499fca2cff09f9e9e8c0...b5f7217d8c815ae374d1d55840d5e569d82f01f0) Updates `actions/setup-go` from 6.4.0 to 6.5.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/4a3601121dd01d1626a1e23e37211e3254c1c06c...924ae3a1cded613372ab5595356fb5720e22ba16) Updates `goreleaser/goreleaser-action` from 7.2.1 to 7.2.2 - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](https://github.com/goreleaser/goreleaser-action/compare/1a80836c5c9d9e5755a25cb59ec6f45a3b5f41a8...5daf1e915a5f0af01ddbcd89a43b8061ff4f1a89) Updates `actions/cache` from 5.0.5 to 6.1.0 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/27d5ce7f107fe9357f9df03efb73ab90386fccae...55cc8345863c7cc4c66a329aec7e433d2d1c52a9) Updates `docker/metadata-action` from 6.0.0 to 6.1.0 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](https://github.com/docker/metadata-action/compare/030e881283bb7a6894de51c315a6bfe6a94e05cf...80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9) Updates `docker/login-action` from 4.1.0 to 4.2.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/4907a6ddec9925e35a0a9e82d7399ccc52663121...650006c6eb7dba73a995cc03b0b2d7f5ca915bee) Updates `docker/setup-buildx-action` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd...d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5) Updates `docker/build-push-action` from 7.1.0 to 7.2.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/bcafcacb16a39f128d818304e6c9c0c18556b85f...f9f3042f7e2789586610d6e8b85c8f03e5195baf) Updates `github/codeql-action/init` from 4.35.3 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/e46ed2cbd01164d986452f91f178727624ae40d7...8aad20d150bbac5944a9f9d289da16a4b0d87c1e) Updates `github/codeql-action/analyze` from 4.35.3 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/e46ed2cbd01164d986452f91f178727624ae40d7...8aad20d150bbac5944a9f9d289da16a4b0d87c1e) Updates `github/codeql-action/upload-sarif` from 4.35.3 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/e46ed2cbd01164d986452f91f178727624ae40d7...8aad20d150bbac5944a9f9d289da16a4b0d87c1e) Updates `trufflesecurity/trufflehog` from 3.95.2 to 3.95.6 - [Release notes](https://github.com/trufflesecurity/trufflehog/releases) - [Commits](https://github.com/trufflesecurity/trufflehog/compare/17456f8c7d042d8c82c9a8ca9e937231f9f42e26...30d5bb91af1a771378349dbbb0c82129392acf70) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: gha - dependency-name: reviewdog/action-hadolint dependency-version: 1.51.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha - dependency-name: reviewdog/action-yamllint dependency-version: 1.22.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha - dependency-name: actions/setup-go dependency-version: 6.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha - dependency-name: goreleaser/goreleaser-action dependency-version: 7.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gha - dependency-name: actions/cache dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: gha - dependency-name: docker/metadata-action dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha - dependency-name: docker/login-action dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha - dependency-name: docker/setup-buildx-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha - dependency-name: docker/build-push-action dependency-version: 7.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha - dependency-name: github/codeql-action/init dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha - dependency-name: github/codeql-action/analyze dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha - dependency-name: github/codeql-action/upload-sarif dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha - dependency-name: trufflesecurity/trufflehog dependency-version: 3.95.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gha ... Signed-off-by: dependabot[bot] --- .github/workflows/lint_bash.yml | 2 +- .github/workflows/lint_docker.yml | 4 ++-- .github/workflows/lint_go.yml | 2 +- .github/workflows/lint_yml.yml | 4 ++-- .github/workflows/release.yml | 6 +++--- .github/workflows/release_containers.yml | 12 ++++++------ .github/workflows/release_containers_webhook.yml | 10 +++++----- .github/workflows/security_analysis.yml | 16 ++++++++-------- .github/workflows/test_acceptance.yml | 6 +++--- .github/workflows/test_unit.yml | 4 ++-- 10 files changed, 33 insertions(+), 33 deletions(-) diff --git a/.github/workflows/lint_bash.yml b/.github/workflows/lint_bash.yml index 2ffdeb957..2c22cf5a0 100644 --- a/.github/workflows/lint_bash.yml +++ b/.github/workflows/lint_bash.yml @@ -29,7 +29,7 @@ jobs: extention: ["bash", "bats"] steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 - name: Run shellcheck uses: reviewdog/action-shellcheck@4c07458293ac342d477251099501a718ae5ef86e # v1 diff --git a/.github/workflows/lint_docker.yml b/.github/workflows/lint_docker.yml index 0117482f9..4afc8f4bd 100644 --- a/.github/workflows/lint_docker.yml +++ b/.github/workflows/lint_docker.yml @@ -25,7 +25,7 @@ jobs: checks: write steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 - name: Run hadolint - uses: reviewdog/action-hadolint@921946a7ebaaf08ac72607bad67209f4e52b5407 # v1 + uses: reviewdog/action-hadolint@1b2cfa6ba72072ad35158d7ff3aa49bbdc03506d # v1 diff --git a/.github/workflows/lint_go.yml b/.github/workflows/lint_go.yml index 90d3d4d56..3766c9c49 100644 --- a/.github/workflows/lint_go.yml +++ b/.github/workflows/lint_go.yml @@ -27,7 +27,7 @@ jobs: checks: write steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 - name: Run golangci-lint uses: reviewdog/action-golangci-lint@c76cceaaab89abe74e649d2e34c6c9adc26662d2 # v2 diff --git a/.github/workflows/lint_yml.yml b/.github/workflows/lint_yml.yml index abc5e5861..4f4a94730 100644 --- a/.github/workflows/lint_yml.yml +++ b/.github/workflows/lint_yml.yml @@ -25,7 +25,7 @@ jobs: checks: write steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 - name: Run yamllint - uses: reviewdog/action-yamllint@f01d8a48fd8d89f89895499fca2cff09f9e9e8c0 # v1 + uses: reviewdog/action-yamllint@b5f7217d8c815ae374d1d55840d5e569d82f01f0 # v1 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 746a32385..2bf7f98cc 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,16 +15,16 @@ jobs: contents: write steps: - name: Check out code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 - name: Set up Go - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 + uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6 with: go-version-file: go.mod cache: false # don't rely on cache for release - name: Launch goreleaser - uses: goreleaser/goreleaser-action@1a80836c5c9d9e5755a25cb59ec6f45a3b5f41a8 # v7 + uses: goreleaser/goreleaser-action@5daf1e915a5f0af01ddbcd89a43b8061ff4f1a89 # v7 with: args: release env: diff --git a/.github/workflows/release_containers.yml b/.github/workflows/release_containers.yml index e517a5c37..1f130b75b 100644 --- a/.github/workflows/release_containers.yml +++ b/.github/workflows/release_containers.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Cache container layers - uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5 + uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v5 with: path: /tmp/.buildx-cache key: ${{ runner.os }}${{ matrix.containers.suffix }}-buildx-${{ github.sha }} @@ -31,11 +31,11 @@ jobs: ${{ runner.os }}${{ matrix.containers.suffix }}-buildx- - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 - name: Generate container tags and labels id: docker_meta - uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6 + uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6 with: # images: kubesec/kubesec,ghcr.io/controlplaneio/kubesec images: kubesec/kubesec @@ -50,7 +50,7 @@ jobs: org.opencontainers.image.url=https://kubesec.io/ - name: Login to Docker Hub Registry - uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4 + uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4 with: registry: docker.io username: ${{ secrets.DOCKERHUB_USERNAME }} @@ -64,10 +64,10 @@ jobs: # password: ${{ secrets.CR_PAT }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4 + uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4 - name: Build container and push tags - uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7 + uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7 with: context: . push: ${{ github.event_name != 'pull_request' }} diff --git a/.github/workflows/release_containers_webhook.yml b/.github/workflows/release_containers_webhook.yml index e2bb37ac6..5ba8852c3 100644 --- a/.github/workflows/release_containers_webhook.yml +++ b/.github/workflows/release_containers_webhook.yml @@ -22,14 +22,14 @@ jobs: steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: repository: controlplaneio/kubesec-webhook ref: ${{ inputs.tag }} - name: Generate container tags and labels id: docker_meta - uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6 + uses: docker/metadata-action@80c7e94dd9b9319bd5eb7a0e0fe9291e23a2a2e9 # v6 with: # images: kubesec/kubesec,ghcr.io/controlplaneio/kubesec images: kubesec/kubesec-webhook @@ -43,7 +43,7 @@ jobs: org.opencontainers.image.url=https://kubesec.io/ - name: Login to Docker Hub Registry - uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4 + uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4 with: registry: docker.io username: ${{ secrets.DOCKERHUB_USERNAME }} @@ -57,10 +57,10 @@ jobs: # password: ${{ secrets.CR_PAT }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4 + uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4 - name: Build container and push tags - uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7 + uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7 with: context: . push: ${{ github.event_name != 'pull_request' }} diff --git a/.github/workflows/security_analysis.yml b/.github/workflows/security_analysis.yml index 32177d76c..83c100eae 100644 --- a/.github/workflows/security_analysis.yml +++ b/.github/workflows/security_analysis.yml @@ -20,22 +20,22 @@ jobs: security-events: write steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 # provide a more modern go until resolved in codeql action # https://github.com/github/codeql-action/issues/1842#issuecomment-1704398087 - name: Set up Go - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 + uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6 with: go-version-file: go.mod - name: Initialize CodeQL - uses: github/codeql-action/init@e46ed2cbd01164d986452f91f178727624ae40d7 # v4 + uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 with: languages: go - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@e46ed2cbd01164d986452f91f178727624ae40d7 # v4 + uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 trivy: name: Trivy @@ -45,7 +45,7 @@ jobs: security-events: write steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 - name: Build an image from Dockerfile run: | @@ -62,7 +62,7 @@ jobs: - name: Upload Trivy results to the Security tab # can't submit scan results on forks if: github.repository_owner == 'controlplaneio' - uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 # v4 + uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 with: sarif_file: trivy-results.sarif @@ -75,11 +75,11 @@ jobs: checks: write steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: fetch-depth: 0 - name: Run Trufflehog - uses: trufflesecurity/trufflehog@17456f8c7d042d8c82c9a8ca9e937231f9f42e26 # v3.95.2 + uses: trufflesecurity/trufflehog@30d5bb91af1a771378349dbbb0c82129392acf70 # v3.95.6 with: path: ./ base: "" diff --git a/.github/workflows/test_acceptance.yml b/.github/workflows/test_acceptance.yml index 5f1572f3f..b9c54feaa 100644 --- a/.github/workflows/test_acceptance.yml +++ b/.github/workflows/test_acceptance.yml @@ -27,10 +27,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 - name: Set up Go - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 + uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6 with: go-version-file: go.mod @@ -56,7 +56,7 @@ jobs: test: ["acceptance", "remote"] steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 with: # needed for bats tests submodules: true diff --git a/.github/workflows/test_unit.yml b/.github/workflows/test_unit.yml index e76593632..8c78d1a29 100644 --- a/.github/workflows/test_unit.yml +++ b/.github/workflows/test_unit.yml @@ -23,10 +23,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v6 - name: Set up Go - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 + uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6 with: go-version-file: go.mod