Bump the development-dependencies group across 1 directory with 6 updates

dependabot[bot] · web-flow · commit e91161fb9e67 · 2025-12-04T20:57:41.000Z
Dependabot couldn't find the original pull request head commit, 1e9f941.
diff --git a/.github/workflows/bump-release.yml b/.github/workflows/bump-release.yml
@@ -53,12 +53,12 @@ jobs:
     steps:
       -
         name: Checkout code
-        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
         with:
           fetch-depth: 0
       -
         name: install svu
-        uses: go-openapi/gh-actions/install/svu@00fc74b63fc83dd6031018ecbeac387ca9131fe2 # v0.1.0
+        uses: go-openapi/gh-actions/install/svu@ca5928fe952ce03d9e6a61a8284a508a9cc8d4f1 # v1.0.0
       -
         name: Bump release
         id: bump-release
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -22,13 +22,13 @@ jobs:
     steps:
     -
       name: Checkout repository
-      uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
     -
       # Initializes the CodeQL tools for scanning.
       name: Initialize CodeQL
-      uses: github/codeql-action/init@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5
+      uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
       with:
         languages: ${{ matrix.language }}
     -
       name: Analyze ${{ matrix.language }}
-      uses: github/codeql-action/analyze@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5
+      uses: github/codeql-action/analyze@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
diff --git a/.github/workflows/collect-coverage.yml b/.github/workflows/collect-coverage.yml
@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       -
-        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
         with:
           ref: ${{ github.event.pull_request.head.ref }}
           repository: ${{ github.event.pull_request.head.repo.full_name }}
diff --git a/.github/workflows/collect-reports.yml b/.github/workflows/collect-reports.yml
@@ -32,7 +32,7 @@ jobs:
           path: reports/
       -
         name: Install go-junit-report
-        uses: go-openapi/gh-actions/install/go-junit-report@2c8f8152814933c4cead92a51558699238ee9565
+        uses: go-openapi/gh-actions/install/go-junit-report@ca5928fe952ce03d9e6a61a8284a508a9cc8d4f1
       -
         name: Convert test reports to a merged JUnit XML
         # NOTE: codecov test reports only support JUnit format at this moment. See https://docs.codecov.com/docs/test-analytics.
@@ -57,7 +57,7 @@ jobs:
           verbose: true
       -
         name: Install go-ctrf-json-reporter
-        uses: go-openapi/gh-actions/install/go-ctrf-json-reporter@2c8f8152814933c4cead92a51558699238ee9565
+        uses: go-openapi/gh-actions/install/go-ctrf-json-reporter@ca5928fe952ce03d9e6a61a8284a508a9cc8d4f1
       -
         name: Convert test reports to CTRF JSON
         # description: |
diff --git a/.github/workflows/contributors.yml b/.github/workflows/contributors.yml
@@ -18,10 +18,10 @@ jobs:
     steps:
     -
       name: Checkout repository
-      uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
     -
       name: Identify all-time contributors to this repository
-      uses: github/contributors@abf36819e840f6e8056dcd40d33003ce7c4bc8dd # v1.7.6
+      uses: github/contributors@e345de71bbd056a34a70709afd4f4bf0a270cc1a # v1.7.7
       env:
         GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         REPOSITORY:  ${{ github.repository }}
diff --git a/.github/workflows/fuzz-test.yml b/.github/workflows/fuzz-test.yml
@@ -24,7 +24,7 @@ jobs:
       matrix: ${{ steps.get-fuzz-tests.outputs.matrix }}
     steps:
       -
-        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
       -
         uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
         with:
@@ -58,7 +58,7 @@ jobs:
       FUZZ_MINIMIZE_TIME: 5m
     steps:
       -
-        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
       -
         uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
         with:
diff --git a/.github/workflows/go-test.yml b/.github/workflows/go-test.yml
@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       -
-        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
       -
         uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
         with:
@@ -26,7 +26,7 @@ jobs:
           cache: true
       -
         name: golangci-lint
-        uses: golangci/golangci-lint-action@e7fa5ac41e1cf5b7d48e45e42232ce7ada589601 # v9.1.0
+        uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9.2.0
         with:
           version: latest
           only-new-issues: true
@@ -44,7 +44,7 @@ jobs:
 
     steps:
       -
-        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
       -
         uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
         with:
@@ -53,7 +53,7 @@ jobs:
           cache: true
       -
         name: Install gotestsum
-        uses: go-openapi/gh-actions/install/gotestsum@2c8f8152814933c4cead92a51558699238ee9565
+        uses: go-openapi/gh-actions/install/gotestsum@ca5928fe952ce03d9e6a61a8284a508a9cc8d4f1
       -
         name: Run unit tests
         run: >
diff --git a/.github/workflows/markdown-changed.yml b/.github/workflows/markdown-changed.yml
@@ -17,7 +17,7 @@ jobs:
     steps:
     -
       name: Originating repo checkout (e.g. public fork)
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
       with:
         ref: ${{ github.event.pull_request.head.sha }}
     -
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -24,7 +24,7 @@ jobs:
     steps:
       -
         name: Checkout code
-        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
         with:
           fetch-depth: 0
       -
@@ -63,7 +63,7 @@ jobs:
             --with-tag-message '${{ steps.get-message.outputs.message }}'
       -
         name: Create github release
-        uses: softprops/action-gh-release@5be0e66d93ac7ed76da52eca8bb058f665c3a5fe # v2.4.2
+        uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0
         with:
           body: ${{ steps.notes.outputs.content }}
           tag_name: ${{ inputs.tag }}
diff --git a/.github/workflows/scanner.yml b/.github/workflows/scanner.yml
@@ -27,7 +27,7 @@ jobs:
       security-events: write
     steps:
       -
-        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
         with:
           persist-credentials: false
       -
@@ -42,7 +42,7 @@ jobs:
           exit-code: 0
       -
         name: Upload trivy findings to code scanning dashboard
-        uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
+        uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
         with:
           category: trivy
           sarif_file: trivy-code-report.sarif
@@ -62,7 +62,7 @@ jobs:
           output-file: govulnscan-report.sarif
       -
         name: Upload govulnscan findings to code scanning dashboard
-        uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
+        uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6
         with:
           category: govulnscan
           sarif_file: govulnscan-report.sarif

Original file line number	Diff line number	Diff line change
`@@ -53,12 +53,12 @@ jobs:`
`53`	`53`	`steps:`
`54`	`54`	`-`
`55`	`55`	`name: Checkout code`
`56`		`- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0`
	`56`	`+ uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1`
`57`	`57`	`with:`
`58`	`58`	`fetch-depth: 0`
`59`	`59`	`-`
`60`	`60`	`name: install svu`
`61`		`- uses: go-openapi/gh-actions/install/svu@00fc74b63fc83dd6031018ecbeac387ca9131fe2 # v0.1.0`
	`61`	`+ uses: go-openapi/gh-actions/install/svu@ca5928fe952ce03d9e6a61a8284a508a9cc8d4f1 # v1.0.0`
`62`	`62`	`-`
`63`	`63`	`name: Bump release`
`64`	`64`	`id: bump-release`
Original file line number	Diff line number	Diff line change
`@@ -22,13 +22,13 @@ jobs:`
`22`	`22`	`steps:`
`23`	`23`	`-`
`24`	`24`	`name: Checkout repository`
`25`		`- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0`
	`25`	`+ uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1`
`26`	`26`	`-`
`27`	`27`	`# Initializes the CodeQL tools for scanning.`
`28`	`28`	`name: Initialize CodeQL`
`29`		`- uses: github/codeql-action/init@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5`
	`29`	`+ uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6`
`30`	`30`	`with:`
`31`	`31`	`languages: ${{ matrix.language }}`
`32`	`32`	`-`
`33`	`33`	`name: Analyze ${{ matrix.language }}`
`34`		`- uses: github/codeql-action/analyze@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5`
	`34`	`+ uses: github/codeql-action/analyze@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6`
Original file line number	Diff line number	Diff line change
`@@ -16,7 +16,7 @@ jobs:`
`16`	`16`	`runs-on: ubuntu-latest`
`17`	`17`	`steps:`
`18`	`18`	`-`
`19`		`- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0`
	`19`	`+ uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1`
`20`	`20`	`with:`
`21`	`21`	`ref: ${{ github.event.pull_request.head.ref }}`
`22`	`22`	`repository: ${{ github.event.pull_request.head.repo.full_name }}`
Original file line number	Diff line number	Diff line change
`@@ -32,7 +32,7 @@ jobs:`
`32`	`32`	`path: reports/`
`33`	`33`	`-`
`34`	`34`	`name: Install go-junit-report`
`35`		`- uses: go-openapi/gh-actions/install/go-junit-report@2c8f8152814933c4cead92a51558699238ee9565`
	`35`	`+ uses: go-openapi/gh-actions/install/go-junit-report@ca5928fe952ce03d9e6a61a8284a508a9cc8d4f1`
`36`	`36`	`-`
`37`	`37`	`name: Convert test reports to a merged JUnit XML`
`38`	`38`	`# NOTE: codecov test reports only support JUnit format at this moment. See https://docs.codecov.com/docs/test-analytics.`
`@@ -57,7 +57,7 @@ jobs:`
`57`	`57`	`verbose: true`
`58`	`58`	`-`
`59`	`59`	`name: Install go-ctrf-json-reporter`
`60`		`- uses: go-openapi/gh-actions/install/go-ctrf-json-reporter@2c8f8152814933c4cead92a51558699238ee9565`
	`60`	`+ uses: go-openapi/gh-actions/install/go-ctrf-json-reporter@ca5928fe952ce03d9e6a61a8284a508a9cc8d4f1`
`61`	`61`	`-`
`62`	`62`	`name: Convert test reports to CTRF JSON`
`63`	`63`	`# description: \|`
Original file line number	Diff line number	Diff line change
`@@ -18,10 +18,10 @@ jobs:`
`18`	`18`	`steps:`
`19`	`19`	`-`
`20`	`20`	`name: Checkout repository`
`21`		`- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0`
	`21`	`+ uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1`
`22`	`22`	`-`
`23`	`23`	`name: Identify all-time contributors to this repository`
`24`		`- uses: github/contributors@abf36819e840f6e8056dcd40d33003ce7c4bc8dd # v1.7.6`
	`24`	`+ uses: github/contributors@e345de71bbd056a34a70709afd4f4bf0a270cc1a # v1.7.7`
`25`	`25`	`env:`
`26`	`26`	`GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}`
`27`	`27`	`REPOSITORY: ${{ github.repository }}`
Original file line number	Diff line number	Diff line change
`@@ -24,7 +24,7 @@ jobs:`
`24`	`24`	`matrix: ${{ steps.get-fuzz-tests.outputs.matrix }}`
`25`	`25`	`steps:`
`26`	`26`	`-`
`27`		`- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0`
	`27`	`+ uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1`
`28`	`28`	`-`
`29`	`29`	`uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0`
`30`	`30`	`with:`
`@@ -58,7 +58,7 @@ jobs:`
`58`	`58`	`FUZZ_MINIMIZE_TIME: 5m`
`59`	`59`	`steps:`
`60`	`60`	`-`
`61`		`- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0`
	`61`	`+ uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1`
`62`	`62`	`-`
`63`	`63`	`uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0`
`64`	`64`	`with:`
Original file line number	Diff line number	Diff line change
`@@ -17,7 +17,7 @@ jobs:`
`17`	`17`	`runs-on: ubuntu-latest`
`18`	`18`	`steps:`
`19`	`19`	`-`
`20`		`- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0`
	`20`	`+ uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1`
`21`	`21`	`-`
`22`	`22`	`uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0`
`23`	`23`	`with:`
`@@ -26,7 +26,7 @@ jobs:`
`26`	`26`	`cache: true`
`27`	`27`	`-`
`28`	`28`	`name: golangci-lint`
`29`		`- uses: golangci/golangci-lint-action@e7fa5ac41e1cf5b7d48e45e42232ce7ada589601 # v9.1.0`
	`29`	`+ uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9.2.0`
`30`	`30`	`with:`
`31`	`31`	`version: latest`
`32`	`32`	`only-new-issues: true`
`@@ -44,7 +44,7 @@ jobs:`
`44`	`44`
`45`	`45`	`steps:`
`46`	`46`	`-`
`47`		`- uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0`
	`47`	`+ uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1`
`48`	`48`	`-`
`49`	`49`	`uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0`
`50`	`50`	`with:`
`@@ -53,7 +53,7 @@ jobs:`
`53`	`53`	`cache: true`
`54`	`54`	`-`
`55`	`55`	`name: Install gotestsum`
`56`		`- uses: go-openapi/gh-actions/install/gotestsum@2c8f8152814933c4cead92a51558699238ee9565`
	`56`	`+ uses: go-openapi/gh-actions/install/gotestsum@ca5928fe952ce03d9e6a61a8284a508a9cc8d4f1`
`57`	`57`	`-`
`58`	`58`	`name: Run unit tests`
`59`	`59`	`run: >`