Skip to content

Commit c648fe2

Browse files
build(deps): bump the actions-updates group across 1 directory with 5 updates (#179)
Bumps the actions-updates group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.16.0` | `2.19.1` | | [actions/cache](https://github.com/actions/cache) | `5.0.4` | `5.0.5` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `4.1.1` | `4.1.2` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4.3.0` | `8.0.1` | Updates `step-security/harden-runner` from 2.16.0 to 2.19.1 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@fa2e9d6...a5ad31d) Updates `actions/cache` from 5.0.4 to 5.0.5 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@6682284...27d5ce7) Updates `actions/upload-artifact` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@bbbca2d...043fb46) Updates `sigstore/cosign-installer` from 4.1.1 to 4.1.2 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@cad07c2...6f9f177) Updates `actions/download-artifact` from 4.3.0 to 8.0.1 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@d3f86a1...3e5f45b) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.19.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-updates - dependency-name: actions/cache dependency-version: 5.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-updates - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-updates - dependency-name: sigstore/cosign-installer dependency-version: 4.1.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-updates - dependency-name: actions/download-artifact dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-updates ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent 3d39f31 commit c648fe2

2 files changed

Lines changed: 16 additions & 16 deletions

File tree

.github/workflows/cache-refresh.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ jobs:
2020
matrix: ${{ steps.list.outputs.matrix }}
2121
steps:
2222
- name: Harden the runner (Audit all outbound calls)
23-
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
23+
uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
2424
with:
2525
egress-policy: audit
2626
- name: list ccache entries
@@ -46,20 +46,20 @@ jobs:
4646
runs-on: ubuntu-latest
4747
steps:
4848
- name: Harden the runner (Audit all outbound calls)
49-
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
49+
uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
5050
with:
5151
egress-policy: audit
5252
- name: restore ccache
5353
id: restore
54-
uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.2
54+
uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.2
5555
with:
5656
path: ~/.cache/kernel-ccache
5757
key: "${{ matrix.entry.prefix }}-${{ github.run_id }}"
5858
restore-keys: |
5959
${{ matrix.entry.prefix }}-
6060
- name: save ccache
6161
if: steps.restore.outputs.cache-matched-key != ''
62-
uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.2
62+
uses: actions/cache/save@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.2
6363
with:
6464
path: ~/.cache/kernel-ccache
6565
key: "${{ matrix.entry.prefix }}-${{ github.run_id }}"

.github/workflows/matrix.yml

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ jobs:
2020
runs-on: ubuntu-latest
2121
steps:
2222
- name: Harden the runner (Audit all outbound calls)
23-
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
23+
uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
2424
with:
2525
egress-policy: audit
2626

@@ -33,7 +33,7 @@ jobs:
3333
- name: generate matrix
3434
run: 'PATH="${HOME}/go/bin:${PATH}" ./hack/build/generate-matrix.sh "${{ inputs.spec }}"'
3535
- name: upload matrix
36-
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
36+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
3737
with:
3838
name: matrix
3939
path: "matrix.json"
@@ -70,7 +70,7 @@ jobs:
7070
KERNEL_ARCH: "${{ matrix.builds.arch }}"
7171
steps:
7272
- name: Harden the runner (Audit all outbound calls)
73-
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
73+
uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
7474
with:
7575
egress-policy: audit
7676

@@ -79,7 +79,7 @@ jobs:
7979
with:
8080
submodules: recursive
8181
- name: install cosign
82-
uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
82+
uses: sigstore/cosign-installer@6f9f17788090df1f26f669e9d70d6ae9567deba6 # v4.1.2
8383
- name: docker setup linux-kernel-oci
8484
run: sudo python3 ./hack/build/docker-setup.py
8585
- name: docker setup buildx
@@ -93,7 +93,7 @@ jobs:
9393
username: "${{github.actor}}"
9494
password: "${{secrets.GITHUB_TOKEN}}"
9595
- name: restore ccache
96-
uses: actions/cache/restore@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.2
96+
uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.2
9797
with:
9898
path: ~/.cache/kernel-ccache
9999
# restore-keys is important here - it lets us restore the most recent cache key,
@@ -105,7 +105,7 @@ jobs:
105105
- name: generate docker script
106106
run: "./hack/build/generate-docker-script.sh"
107107
- name: upload docker script
108-
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
108+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
109109
with:
110110
name: "build-${{ matrix.builds.version }}-${{ matrix.builds.flavor }}-${{ matrix.builds.arch }}.sh"
111111
path: "docker.sh"
@@ -115,15 +115,15 @@ jobs:
115115
- name: upload digests
116116
# Only produced when publishing — push-by-digest path writes digests.json.
117117
if: ${{ inputs.publish }}
118-
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
118+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
119119
with:
120120
name: "digests-${{ matrix.builds.version }}-${{ matrix.builds.flavor }}-${{ matrix.builds.arch }}"
121121
path: "digests.json"
122122
if-no-files-found: error
123123
compression-level: 0
124124
retention-days: 1
125125
- name: save ccache
126-
uses: actions/cache/save@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.2
126+
uses: actions/cache/save@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.2
127127
with:
128128
path: ~/.cache/kernel-ccache
129129
# The run_id here is just for write-key uniqueness, as GH doesn't allow overwriting
@@ -148,13 +148,13 @@ jobs:
148148
DIGESTS_DIR: digests
149149
steps:
150150
- name: Harden the runner (Audit all outbound calls)
151-
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
151+
uses: step-security/harden-runner@a5ad31d6a139d249332a2605b85202e8c0b78450 # v2.19.1
152152
with:
153153
egress-policy: audit
154154
- name: checkout repository
155155
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
156156
- name: install cosign
157-
uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
157+
uses: sigstore/cosign-installer@6f9f17788090df1f26f669e9d70d6ae9567deba6 # v4.1.2
158158
- name: docker setup buildx
159159
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
160160
- name: docker login ghcr.io
@@ -166,7 +166,7 @@ jobs:
166166
username: "${{github.actor}}"
167167
password: "${{secrets.GITHUB_TOKEN}}"
168168
- name: download digest artifacts
169-
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4
169+
uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1
170170
with:
171171
# Each per-arch build uploads its digests under a uniquely-named
172172
# artifact; pattern + default merge-multiple=false drops each artifact
@@ -176,7 +176,7 @@ jobs:
176176
- name: generate merge script
177177
run: python3 ./hack/build/generate-merge-script.py
178178
- name: upload merge script
179-
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
179+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
180180
with:
181181
name: "merge-${{ matrix.merges.version }}-${{ matrix.merges.flavor }}.sh"
182182
path: "merge.sh"

0 commit comments

Comments
 (0)