Skip to content

Commit 39716c7

Browse files
chore: bump the github-actions group with 5 updates
Bumps the github-actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.3.0` | `6.0.2` | | [github/codeql-action](https://github.com/github/codeql-action) | `db2c8fe24a75c0f28f87ed1a6fe918a5ccf7b1e6` | `cdefb33c0f6224e58673d9004f47f7cb3e328b89` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `7.0.1` | | [google/osv-scanner-action](https://github.com/google/osv-scanner-action) | `8dc09193bb540e09b23da07ad7e30bd33bf87018` | `9a498708959aeaef5ef730655706c5a1df1edbc2` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `a9c7b0f06e461e9d4b4d1711f154ee024b8d7ab8` | `ed142fd0673e97e23eac54620cfb913e5ce36c25` | Updates `actions/checkout` from 4.3.0 to 6.0.2 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](actions/checkout@v4.3.0...v6.0.2) Updates `github/codeql-action` from db2c8fe24a75c0f28f87ed1a6fe918a5ccf7b1e6 to cdefb33c0f6224e58673d9004f47f7cb3e328b89 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@db2c8fe...cdefb33) Updates `actions/upload-artifact` from 4.6.2 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@ea165f8...043fb46) Updates `google/osv-scanner-action` from 8dc09193bb540e09b23da07ad7e30bd33bf87018 to 9a498708959aeaef5ef730655706c5a1df1edbc2 - [Release notes](https://github.com/google/osv-scanner-action/releases) - [Commits](google/osv-scanner-action@8dc0919...9a49870) Updates `aquasecurity/trivy-action` from a9c7b0f06e461e9d4b4d1711f154ee024b8d7ab8 to ed142fd0673e97e23eac54620cfb913e5ce36c25 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@a9c7b0f...ed142fd) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: cdefb33c0f6224e58673d9004f47f7cb3e328b89 dependency-type: direct:production dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: google/osv-scanner-action dependency-version: 9a498708959aeaef5ef730655706c5a1df1edbc2 dependency-type: direct:production dependency-group: github-actions - dependency-name: aquasecurity/trivy-action dependency-version: ed142fd0673e97e23eac54620cfb913e5ce36c25 dependency-type: direct:production dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
1 parent 0ec85a8 commit 39716c7

3 files changed

Lines changed: 13 additions & 13 deletions

File tree

.github/workflows/ci.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ jobs:
2222

2323
steps:
2424
- name: Check out source
25-
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
25+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
2626
with:
2727
persist-credentials: false
2828

.github/workflows/release.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ jobs:
3131

3232
steps:
3333
- name: Check out source
34-
uses: actions/checkout@v6
34+
uses: actions/checkout@v6.0.2
3535
with:
3636
fetch-depth: 0
3737

.github/workflows/security-scan.yml

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ jobs:
2929

3030
steps:
3131
- name: Checkout repository
32-
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
32+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
3333
with:
3434
fetch-depth: 0
3535
persist-credentials: false
@@ -74,13 +74,13 @@ jobs:
7474
- name: Upload Gitleaks SARIF
7575
if: always() && hashFiles('gitleaks-results.sarif') != ''
7676
continue-on-error: true
77-
uses: github/codeql-action/upload-sarif@db2c8fe24a75c0f28f87ed1a6fe918a5ccf7b1e6 # v4.31.10
77+
uses: github/codeql-action/upload-sarif@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10
7878
with:
7979
sarif_file: gitleaks-results.sarif
8080

8181
- name: Upload Gitleaks artifact
8282
if: always() && hashFiles('gitleaks-results.sarif') != ''
83-
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
83+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
8484
with:
8585
name: gitleaks-results-${{ github.run_id }}
8686
path: gitleaks-results.sarif
@@ -106,13 +106,13 @@ jobs:
106106

107107
steps:
108108
- name: Checkout repository
109-
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
109+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
110110
with:
111111
persist-credentials: false
112112

113113
- name: Run OSV dependency scan
114114
continue-on-error: true
115-
uses: google/osv-scanner-action/osv-scanner-action@8dc09193bb540e09b23da07ad7e30bd33bf87018 # v2.3.8
115+
uses: google/osv-scanner-action/osv-scanner-action@9a498708959aeaef5ef730655706c5a1df1edbc2 # v2.3.8
116116
with:
117117
scan-args: |-
118118
--recursive
@@ -122,7 +122,7 @@ jobs:
122122
123123
- name: Upload OSV JSON artifact
124124
if: always() && hashFiles('osv-results.json') != ''
125-
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
125+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
126126
with:
127127
name: osv-results-${{ github.run_id }}
128128
path: osv-results.json
@@ -148,13 +148,13 @@ jobs:
148148

149149
steps:
150150
- name: Checkout repository
151-
uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
151+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
152152
with:
153153
persist-credentials: false
154154

155155
- name: Generate Trivy SARIF report
156156
continue-on-error: true
157-
uses: aquasecurity/trivy-action@a9c7b0f06e461e9d4b4d1711f154ee024b8d7ab8 # v0.36.0
157+
uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0
158158
with:
159159
scan-type: fs
160160
scan-ref: .
@@ -169,13 +169,13 @@ jobs:
169169
- name: Upload Trivy SARIF
170170
if: always() && hashFiles('trivy-results.sarif') != ''
171171
continue-on-error: true
172-
uses: github/codeql-action/upload-sarif@db2c8fe24a75c0f28f87ed1a6fe918a5ccf7b1e6 # v4.31.10
172+
uses: github/codeql-action/upload-sarif@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10
173173
with:
174174
sarif_file: trivy-results.sarif
175175

176176
- name: Generate Trivy JSON report
177177
continue-on-error: true
178-
uses: aquasecurity/trivy-action@a9c7b0f06e461e9d4b4d1711f154ee024b8d7ab8 # v0.36.0
178+
uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0
179179
with:
180180
scan-type: fs
181181
scan-ref: .
@@ -227,7 +227,7 @@ jobs:
227227
228228
- name: Upload Trivy JSON artifact
229229
if: always() && hashFiles('trivy-results.json') != ''
230-
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
230+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
231231
with:
232232
name: trivy-results-${{ github.run_id }}
233233
path: trivy-results.json

0 commit comments

Comments
 (0)