Skip to content

Commit 175ffd4

Browse files
chore(deps): bump the dependencies group with 3 updates
Bumps the dependencies group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [github/codeql-action](https://github.com/github/codeql-action) and [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv). Updates `step-security/harden-runner` from 2.17.0 to 2.18.0 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@f808768...6c3c2f2) Updates `github/codeql-action` from 4.35.1 to 4.35.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c10b806...95e58e9) Updates `astral-sh/setup-uv` from 8.0.0 to 8.1.0 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](astral-sh/setup-uv@cec2083...0880764) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.18.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github/codeql-action dependency-version: 4.35.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: astral-sh/setup-uv dependency-version: 8.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
1 parent f2674ba commit 175ffd4

8 files changed

Lines changed: 13 additions & 13 deletions

File tree

.github/workflows/codeql.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ jobs:
4141

4242
steps:
4343
- name: Harden the runner (Audit all outbound calls)
44-
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
44+
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
4545
with:
4646
egress-policy: audit
4747

@@ -52,7 +52,7 @@ jobs:
5252

5353
# Initializes the CodeQL tools for scanning.
5454
- name: Initialize CodeQL
55-
uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
55+
uses: github/codeql-action/init@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
5656
with:
5757
languages: ${{ matrix.language }}
5858
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -67,6 +67,6 @@ jobs:
6767
# ./location_of_script_within_repo/buildscript.sh
6868

6969
- name: Perform CodeQL Analysis
70-
uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
70+
uses: github/codeql-action/analyze@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
7171
with:
7272
category: "/language:${{matrix.language}}"

.github/workflows/copilot-setup-steps.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,7 @@ jobs:
2626
# If you do not check out your code, Copilot will do this for you.
2727
steps:
2828
- name: Harden the runner (Audit all outbound calls)
29-
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
29+
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
3030
with:
3131
egress-policy: audit
3232

@@ -36,7 +36,7 @@ jobs:
3636
persist-credentials: false
3737

3838
- name: Install uv
39-
uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 # v8.0.0
39+
uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
4040
with:
4141
version: "0.10.9"
4242
enable-cache: true

.github/workflows/dependency-review.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ jobs:
1717
runs-on: ubuntu-latest
1818
steps:
1919
- name: Harden the runner (Audit all outbound calls)
20-
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
20+
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
2121
with:
2222
egress-policy: audit
2323

.github/workflows/docker-ci.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ jobs:
1515
runs-on: ubuntu-latest
1616
steps:
1717
- name: Harden the runner (Audit all outbound calls)
18-
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
18+
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
1919
with:
2020
egress-policy: audit
2121

.github/workflows/linter.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ jobs:
2222
statuses: write
2323
steps:
2424
- name: Harden the runner (Audit all outbound calls)
25-
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
25+
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
2626
with:
2727
egress-policy: audit
2828

@@ -34,7 +34,7 @@ jobs:
3434
fetch-depth: 0
3535
persist-credentials: false
3636
- name: Install uv
37-
uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 # v8.0.0
37+
uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
3838
with:
3939
version: "0.10.9"
4040
enable-cache: true

.github/workflows/mark-ready-when-ready.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ jobs:
2525
github.event.pull_request.draft == true
2626
steps:
2727
- name: Harden the runner (Audit all outbound calls)
28-
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
28+
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
2929
with:
3030
egress-policy: audit
3131

.github/workflows/python-ci.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,15 +18,15 @@ jobs:
1818
python-version: [3.11, 3.12, 3.13, 3.14]
1919
steps:
2020
- name: Harden the runner (Audit all outbound calls)
21-
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
21+
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
2222
with:
2323
egress-policy: audit
2424

2525
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
2626
with:
2727
persist-credentials: false
2828
- name: Install uv
29-
uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 # v8.0.0
29+
uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0
3030
with:
3131
version: "0.10.9"
3232
enable-cache: true

.github/workflows/stale.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ jobs:
1414
pull-requests: read
1515
steps:
1616
- name: Harden the runner (Audit all outbound calls)
17-
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
17+
uses: step-security/harden-runner@6c3c2f2c1c457b00c10c4848d6f5491db3b629df # v2.18.0
1818
with:
1919
egress-policy: audit
2020

0 commit comments

Comments
 (0)