Skip to content

Commit 8f5a522

Browse files
[#patch](deps): Bump the actions-deps group with 2 updates (#299)
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Edoardo Rosa <6991986+notdodo@users.noreply.github.com>
1 parent e55684f commit 8f5a522

8 files changed

Lines changed: 16 additions & 11 deletions

File tree

.github/workflows/docker-build-and-push.yml

Lines changed: 4 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -110,10 +110,12 @@ jobs:
110110
*.sigstore.dev:443
111111
*.trivy.dev:443
112112
api.github.com:443
113+
codeload.github.com:443
113114
docker-images-prod.*.r2.cloudflarestorage.com:443
114115
ghcr.io:443
115116
github.com:443
116117
mirror.gcr.io:443
118+
release-assets.githubusercontent.com:443
117119
${{ inputs.egress-policy-allowlist }}
118120
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
119121
with:
@@ -180,7 +182,7 @@ jobs:
180182
echo "local_image_ref=${LOCAL_IMAGE_REF}"
181183
} >> "${GITHUB_OUTPUT}"
182184
- name: Run Trivy Scan
183-
uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1
185+
uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0
184186
if: inputs.scan-image
185187
with:
186188
format: sarif
@@ -191,7 +193,7 @@ jobs:
191193
output: ${{ inputs.working-directory }}/trivy_results.sarif
192194
github-pat: ${{ secrets.GITHUB_TOKEN }}
193195
- name: Generate SBOM
194-
uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1
196+
uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0
195197
if: inputs.push
196198
with:
197199
format: spdx-json

.github/workflows/infra-security-scan.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -100,7 +100,7 @@ jobs:
100100
filter_mode: nofilter
101101
tool_name: actionlint
102102
- name: Install uv
103-
uses: astral-sh/setup-uv@eac588ad8def6316056a12d4907a9d4d84ff7a3b # v7.3.0
103+
uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1
104104
with:
105105
enable-cache: true
106106
- name: Run zizmor

.github/workflows/pulumi-preview.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -88,7 +88,7 @@ jobs:
8888
installer-parallel: true
8989

9090
# ----- UV -----
91-
- uses: astral-sh/setup-uv@eac588ad8def6316056a12d4907a9d4d84ff7a3b # v7.3.0
91+
- uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1
9292
if: ${{ hashFiles(format('{0}/uv.lock', inputs.working-directory)) != '' }}
9393
with:
9494
enable-cache: true

.github/workflows/pulumi-up.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -87,7 +87,7 @@ jobs:
8787
installer-parallel: true
8888

8989
# ----- UV -----
90-
- uses: astral-sh/setup-uv@eac588ad8def6316056a12d4907a9d4d84ff7a3b # v7.3.0
90+
- uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1
9191
if: ${{ hashFiles(format('{0}/uv.lock', inputs.working-directory)) != '' }}
9292
with:
9393
enable-cache: true

.github/workflows/python-ci.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -66,7 +66,7 @@ jobs:
6666
installer-parallel: true
6767

6868
# ----- UV -----
69-
- uses: astral-sh/setup-uv@eac588ad8def6316056a12d4907a9d4d84ff7a3b # v7.3.0
69+
- uses: astral-sh/setup-uv@5a095e7a2014a4212f075830d4f7277575a9d098 # v7.3.1
7070
if: ${{ hashFiles(format('{0}/uv.lock', inputs.working-directory)) != '' }}
7171
with:
7272
enable-cache: true

.github/workflows/rust-ci.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -66,7 +66,7 @@ jobs:
6666
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
6767
with:
6868
persist-credentials: false
69-
- uses: actions-rust-lang/setup-rust-toolchain@1780873c7b576612439a134613cc4cc74ce5538c # v1.15.2
69+
- uses: actions-rust-lang/setup-rust-toolchain@a0b538fa0b742a6aa35d6e2c169b4bd06d225a98 # v1.15.3
7070
with:
7171
components: rustfmt
7272
toolchain: ${{ inputs.rust-version }}
@@ -99,7 +99,7 @@ jobs:
9999
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
100100
with:
101101
persist-credentials: false
102-
- uses: actions-rust-lang/setup-rust-toolchain@1780873c7b576612439a134613cc4cc74ce5538c # v1.15.2
102+
- uses: actions-rust-lang/setup-rust-toolchain@a0b538fa0b742a6aa35d6e2c169b4bd06d225a98 # v1.15.3
103103
with:
104104
toolchain: ${{ inputs.rust-version }}
105105
cache-workspaces: |-
@@ -132,7 +132,7 @@ jobs:
132132
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
133133
with:
134134
persist-credentials: false
135-
- uses: actions-rust-lang/setup-rust-toolchain@1780873c7b576612439a134613cc4cc74ce5538c # v1.15.2
135+
- uses: actions-rust-lang/setup-rust-toolchain@a0b538fa0b742a6aa35d6e2c169b4bd06d225a98 # v1.15.3
136136
with:
137137
components: clippy
138138
toolchain: ${{ inputs.rust-version }}
@@ -204,7 +204,7 @@ jobs:
204204
uses: mlugg/setup-zig@d1434d08867e3ee9daa34448df10607b98908d29 # v2.2.1
205205
with:
206206
version: latest
207-
- uses: actions-rust-lang/setup-rust-toolchain@1780873c7b576612439a134613cc4cc74ce5538c # v1.15.2
207+
- uses: actions-rust-lang/setup-rust-toolchain@a0b538fa0b742a6aa35d6e2c169b4bd06d225a98 # v1.15.3
208208
with:
209209
toolchain: ${{ inputs.rust-version }}
210210
cache-workspaces: |-

.github/workflows/terraform-ci.yml

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,9 @@ jobs:
5252
disable-sudo: ${{ inputs.disable-sudo }}
5353
egress-policy: audit
5454
allowed-endpoints: >
55+
codeload.github.com:443
5556
raw.githubusercontent.com:443
57+
release-assets.githubusercontent.com:443
5658
${{ inputs.egress-policy-allowlist }}
5759
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
5860
with:
@@ -101,7 +103,7 @@ jobs:
101103
filter_mode: nofilter
102104

103105
- name: Run Trivy Scan
104-
uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1
106+
uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0
105107
with:
106108
hide-progress: true
107109
format: sarif
Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,5 @@
11
__pycache__/
2+
.cache
23
.mypy_cache
34
.pytest_cache
45
.ruff_cache

0 commit comments

Comments
 (0)