Skip to content

Commit 8e07127

Browse files
Bump the actions-dependencies group across 1 directory with 7 updates (#105)
Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Henry <chocolatkey@gmail.com>
1 parent fad859c commit 8e07127

5 files changed

Lines changed: 16 additions & 16 deletions

File tree

.github/workflows/build.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,14 +15,14 @@ jobs:
1515
runs-on: [self-hosted, arm64]
1616
steps:
1717
- name: Harden Runner
18-
uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
18+
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
1919
with:
2020
egress-policy: audit
2121

2222
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
2323

2424
- name: Set up Go
25-
uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
25+
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
2626
with:
2727
go-version: '>=1.26.2'
2828
cache: false

.github/workflows/codeql.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ jobs:
4141

4242
steps:
4343
- name: Harden Runner
44-
uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
44+
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
4545
with:
4646
egress-policy: audit
4747

@@ -50,7 +50,7 @@ jobs:
5050

5151
# Initializes the CodeQL tools for scanning.
5252
- name: Initialize CodeQL
53-
uses: github/codeql-action/init@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v3.29.5
53+
uses: github/codeql-action/init@c10b8064de6f491fea524254123dbe5e09572f13 # v3.29.5
5454
with:
5555
languages: ${{ matrix.language }}
5656
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -60,7 +60,7 @@ jobs:
6060
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
6161
# If this step fails, then you should remove it and run the build manually (see below)
6262
- name: Autobuild
63-
uses: github/codeql-action/autobuild@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v3.29.5
63+
uses: github/codeql-action/autobuild@c10b8064de6f491fea524254123dbe5e09572f13 # v3.29.5
6464

6565
# ℹ️ Command-line programs to run using the OS shell.
6666
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -73,6 +73,6 @@ jobs:
7373
# ./location_of_script_within_repo/buildscript.sh
7474

7575
- name: Perform CodeQL Analysis
76-
uses: github/codeql-action/analyze@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v3.29.5
76+
uses: github/codeql-action/analyze@c10b8064de6f491fea524254123dbe5e09572f13 # v3.29.5
7777
with:
7878
category: "/language:${{matrix.language}}"

.github/workflows/depedency-review.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,11 +17,11 @@ jobs:
1717
runs-on: ubuntu-latest
1818
steps:
1919
- name: Harden Runner
20-
uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
20+
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
2121
with:
2222
egress-policy: audit
2323

2424
- name: 'Checkout Repository'
2525
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
2626
- name: 'Dependency Review'
27-
uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2
27+
uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4.9.0

.github/workflows/release.yml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ jobs:
1717
runs-on: [self-hosted, arm64]
1818
steps:
1919
- name: Harden Runner
20-
uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
20+
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
2121
with:
2222
egress-policy: audit
2323

@@ -27,12 +27,12 @@ jobs:
2727
fetch-depth: 0
2828
- run: git fetch --force --tags
2929
- name: Set up Go
30-
uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
30+
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
3131
with:
3232
go-version: '>=1.23.0'
3333
cache: false
3434
- name: Build release
35-
uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6.4.0
35+
uses: goreleaser/goreleaser-action@ec59f474b9834571250b370d4735c50f8e2d1e29 # v7.0.0
3636
with:
3737
distribution: goreleaser
3838
version: latest
@@ -43,7 +43,7 @@ jobs:
4343
runs-on: [self-hosted, arm64]
4444
steps:
4545
- name: Harden Runner
46-
uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
46+
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
4747
with:
4848
egress-policy: audit
4949

@@ -53,7 +53,7 @@ jobs:
5353
fetch-depth: 0
5454
- run: git fetch --force --tags
5555
- name: Set up Docker Buildx
56-
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
56+
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
5757
- name: Build and push Docker image
5858
run: docker buildx build --platform=linux/amd64,linux/arm64,linux/arm/v7 . --file Dockerfile --tag $IMAGE_NAME --label "runnumber=${GITHUB_RUN_ID}" --build-arg NO_SNAPSHOT=true
5959
- name: Log in to registry

.github/workflows/scorecards.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ jobs:
3131

3232
steps:
3333
- name: Harden Runner
34-
uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
34+
uses: step-security/harden-runner@f808768d1510423e83855289c910610ca9b43176 # v2.17.0
3535
with:
3636
egress-policy: audit
3737

@@ -63,14 +63,14 @@ jobs:
6363
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
6464
# format to the repository Actions tab.
6565
- name: "Upload artifact"
66-
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
66+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
6767
with:
6868
name: SARIF file
6969
path: results.sarif
7070
retention-days: 5
7171

7272
# Upload the results to GitHub's code scanning dashboard.
7373
- name: "Upload to code-scanning"
74-
uses: github/codeql-action/upload-sarif@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v3.29.5
74+
uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v3.29.5
7575
with:
7676
sarif_file: results.sarif

0 commit comments

Comments
 (0)