Skip to content

Commit a421002

Browse files
Bump the ci group across 1 directory with 3 updates (#257)
Bumps the ci group with 3 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [docker/github-builder/.github/workflows/build.yml](https://github.com/docker/github-builder) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/checkout` from 6.0.2 to 6.0.3 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@de0fac2...df4cb1c) Updates `docker/github-builder/.github/workflows/build.yml` from 1.10.0 to 1.11.0 - [Release notes](https://github.com/docker/github-builder/releases) - [Commits](docker/github-builder@17bd7d6...70ac3fc) Updates `github/codeql-action` from 4.36.0 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@7211b7c...8aad20d) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci - dependency-name: docker/github-builder/.github/workflows/build.yml dependency-version: 1.11.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: github/codeql-action dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent b3a130a commit a421002

2 files changed

Lines changed: 7 additions & 7 deletions

File tree

.github/workflows/open-pr.yml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@ jobs:
1515
pull-requests: write
1616
steps:
1717
- name: checkout code in PR branch
18-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
18+
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
1919
- name: Set up Docker
2020
uses: docker/setup-docker-action@0234bb73ccb40f0c430b795634f9247e2b5c2d23 # v5.2.0
2121
with:
@@ -53,7 +53,7 @@ jobs:
5353
sbom: true
5454
tags: ${{ env.WORKLOAD_NAME }}:pr-${{ github.event.number }}
5555
- name: checkout code in main branch
56-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
56+
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
5757
with:
5858
ref: main
5959
- name: Build container image from main branch
@@ -80,7 +80,7 @@ jobs:
8080
write-comment: true
8181
github-token: ${{ secrets.GITHUB_TOKEN }}
8282
multi-arch-build:
83-
uses: docker/github-builder/.github/workflows/build.yml@17bd7d64200cae4ba58ffc099934e8012ae320f2 # v1.10.0
83+
uses: docker/github-builder/.github/workflows/build.yml@70ac3fc303efa83d2b94905e6ab78bb83cbdc2ae # v1.11.0
8484
with:
8585
output: image
8686
push: false
@@ -103,7 +103,7 @@ jobs:
103103
runs-on: ubuntu-24.04
104104
steps:
105105
- name: checkout code
106-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
106+
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
107107
- name: install score-compose
108108
uses: score-spec/setup-score@1db79668fdd7b3e68ca5d5a734aad29ea75901cd # v3.2.3
109109
with:
@@ -127,7 +127,7 @@ jobs:
127127
runs-on: ubuntu-24.04
128128
steps:
129129
- name: checkout code
130-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
130+
uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
131131
- name: docker login dhi.io
132132
uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4.2.0
133133
with:

.github/workflows/push-tag.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ permissions:
77
contents: read # to fetch the repository content
88
jobs:
99
build-push:
10-
uses: docker/github-builder/.github/workflows/build.yml@17bd7d64200cae4ba58ffc099934e8012ae320f2 # v1.10.0
10+
uses: docker/github-builder/.github/workflows/build.yml@70ac3fc303efa83d2b94905e6ab78bb83cbdc2ae # v1.11.0
1111
permissions:
1212
id-token: write # to sign attestation(s) with GitHub OIDC Token
1313
packages: write # to push container image to ghcr
@@ -60,7 +60,7 @@ jobs:
6060
summary: true
6161
image: registry://ghcr.io/${{ github.repository_owner }}/my-sample-workload:${{ github.ref_name }}
6262
- name: Upload SARIF report
63-
uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0
63+
uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
6464
with:
6565
sarif_file: sarif.output.json
6666

0 commit comments

Comments
 (0)