Skip to content

Commit 9cb1e67

Browse files
ci(deps): bump the github-actions-minor-patch group with 4 updates (#37)
Bumps the github-actions-minor-patch group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [actions/setup-go](https://github.com/actions/setup-go), [github/codeql-action](https://github.com/github/codeql-action) and [shiftleftcyber/secure-sbom-action](https://github.com/shiftleftcyber/secure-sbom-action). Updates `actions/checkout` from 4.2.2 to 4.3.1 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4.2.2...34e1148) Updates `actions/setup-go` from 6.3.0 to 6.4.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@4b73464...4a36011) Updates `github/codeql-action` from 3.28.10 to 3.35.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@b56ba49...5c8a8a6) Updates `shiftleftcyber/secure-sbom-action` from 2.2.1 to 2.4.0 - [Release notes](https://github.com/shiftleftcyber/secure-sbom-action/releases) - [Commits](shiftleftcyber/secure-sbom-action@v2.2.1...542dffa) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 4.3.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-minor-patch - dependency-name: actions/setup-go dependency-version: 6.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-minor-patch - dependency-name: github/codeql-action dependency-version: 3.35.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-minor-patch - dependency-name: shiftleftcyber/secure-sbom-action dependency-version: 2.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-minor-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent 592f5b5 commit 9cb1e67

6 files changed

Lines changed: 19 additions & 19 deletions

File tree

.github/workflows/build.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,10 +12,10 @@ jobs:
1212
runs-on: ubuntu-latest
1313

1414
steps:
15-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
15+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
1616

1717
- name: Set up Go
18-
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
18+
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
1919
with:
2020
go-version-file: 'go.mod'
2121
cache: true

.github/workflows/codeql-analysis.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -22,12 +22,12 @@ jobs:
2222
security-events: write
2323
steps:
2424
- name: Checkout Repository
25-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # tag=v4.2.2
25+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # tag=v4.3.1
2626
- name: Initialize CodeQL
27-
uses: github/codeql-action/init@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # tag=v2.11.2
27+
uses: github/codeql-action/init@5c8a8a642e79153f5d047b10ec1cba1d1cc65699 # tag=v2.11.2
2828
with:
2929
languages: "go"
3030
- name: Run Autobuild
31-
uses: github/codeql-action/autobuild@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # tag=v2.11.2
31+
uses: github/codeql-action/autobuild@5c8a8a642e79153f5d047b10ec1cba1d1cc65699 # tag=v2.11.2
3232
- name: Perform Analysis
33-
uses: github/codeql-action/analyze@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # tag=v2.11.2
33+
uses: github/codeql-action/analyze@5c8a8a642e79153f5d047b10ec1cba1d1cc65699 # tag=v2.11.2

.github/workflows/generate-and-scan-sbom.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -53,10 +53,10 @@ jobs:
5353
runs-on: ubuntu-latest
5454

5555
steps:
56-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
56+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
5757

5858
- name: Set up Go
59-
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
59+
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
6060
with:
6161
go-version-file: 'go.mod'
6262
cache: true

.github/workflows/lint.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,8 +15,8 @@ jobs:
1515
runs-on: ubuntu-latest
1616

1717
steps:
18-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
19-
- uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
18+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
19+
- uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
2020
with:
2121
go-version-file: 'go.mod'
2222
cache: true

.github/workflows/rearm.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ jobs:
1616

1717
steps:
1818
- name: Checkout (with tags)
19-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
19+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
2020
with:
2121
fetch-depth: 0
2222
fetch-tags: true
@@ -57,7 +57,7 @@ jobs:
5757
runs-on: ubuntu-latest
5858
steps:
5959
- name: Checkout Repo
60-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
60+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
6161
with:
6262
fetch-depth: 0
6363

.github/workflows/release.yml

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -18,12 +18,12 @@ jobs:
1818

1919
steps:
2020
- name: Checkout Repository
21-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
21+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
2222
with:
2323
fetch-depth: 0
2424

2525
- name: Setup Go
26-
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
26+
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
2727
with:
2828
go-version-file: 'go.mod'
2929
check-latest: true
@@ -46,10 +46,10 @@ jobs:
4646
runs-on: ubuntu-latest
4747

4848
steps:
49-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
49+
- uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
5050

5151
- name: Setup Go
52-
uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
52+
uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
5353
with:
5454
go-version-file: 'go.mod'
5555
check-latest: true
@@ -89,15 +89,15 @@ jobs:
8989
path: .
9090

9191
- name: Sign SBOM via SecureSBOM
92-
uses: shiftleftcyber/secure-sbom-action@d2536226566f5149379e62e7c2f7670ca1f9a756 # v2.2.1
92+
uses: shiftleftcyber/secure-sbom-action@542dffaadd81bc0614947d749720558a399e6454 # v2.4.0
9393
with:
9494
sbom_file: sbom-validator.${{ github.ref_name }}.cdx.json
9595
secure_sbom_action: sign_sbom
9696
secure_sbom_api_key: ${{ secrets.SECURE_SBOM_API_KEY }}
9797
secure_sbom_signing_key_id: ${{ vars.SECURE_SBOM_SIGNING_KEY_ID }}
9898

9999
- name: Verify SBOM via SecureSBOM
100-
uses: shiftleftcyber/secure-sbom-action@d2536226566f5149379e62e7c2f7670ca1f9a756 # v2.2.1
100+
uses: shiftleftcyber/secure-sbom-action@542dffaadd81bc0614947d749720558a399e6454 # v2.4.0
101101
with:
102102
sbom_file: sbom-validator.${{ github.ref_name }}.cdx.signed.json
103103
secure_sbom_action: verify
@@ -222,7 +222,7 @@ jobs:
222222

223223
steps:
224224
- name: Checkout Repository
225-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
225+
uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1
226226
with:
227227
fetch-depth: 0
228228

0 commit comments

Comments
 (0)