From 2afc82da370be903058b374eef2e895b83282109 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 1 Jul 2026 17:12:33 +0000 Subject: [PATCH] build(deps): bump the actions group across 1 directory with 9 updates Bumps the actions group with 9 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4` | `7` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` | | [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) | `4.32.4` | `4.36.2` | | [actions/github-script](https://github.com/actions/github-script) | `8.0.0` | `9.0.0` | | [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | `6.0.0` | `6.2.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3` | `4` | | [redhat-plumbers-in-action/gather-pull-request-metadata](https://github.com/redhat-plumbers-in-action/gather-pull-request-metadata) | `1.9.0` | `1.10.0` | | [super-linter/super-linter/slim](https://github.com/super-linter/super-linter) | `8.5.0` | `8.7.0` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.6.1` | `3.0.1` | Updates `actions/checkout` from 4 to 7 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v4...v7) Updates `actions/upload-artifact` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v7...v7.0.1) Updates `github/codeql-action/upload-sarif` from 4.32.4 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/89a39a4e59826350b863aa6b6252a07ad50cf83e...8aad20d150bbac5944a9f9d289da16a4b0d87c1e) Updates `actions/github-script` from 8.0.0 to 9.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/ed597411d8f924073f98dfc5c65a23a2325f34cd...3a2844b7e9c422d3c10d287c895573f7108da1b3) Updates `aws-actions/configure-aws-credentials` from 6.0.0 to 6.2.0 - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws-actions/configure-aws-credentials/compare/8df5847569e6427dd6c4fb1cf565c83acfa8afa7...e7f100cf4c008499ea8adda475de1042d6975c7b) Updates `github/codeql-action` from 3 to 4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3...v4) Updates `redhat-plumbers-in-action/gather-pull-request-metadata` from 1.9.0 to 1.10.0 - [Release notes](https://github.com/redhat-plumbers-in-action/gather-pull-request-metadata/releases) - [Commits](https://github.com/redhat-plumbers-in-action/gather-pull-request-metadata/compare/b86d1eaf7038cf88a56b26ba3e504f10e07b0ce5...ecc2e46fe4f0b2e9a7b236d6012bc9f74af318d0) Updates `super-linter/super-linter/slim` from 8.5.0 to 8.7.0 - [Release notes](https://github.com/super-linter/super-linter/releases) - [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md) - [Commits](https://github.com/super-linter/super-linter/compare/61abc07d755095a68f4987d1c2c3d1d64408f1f9...4ce20838b8ab83717e78138c5b3a1407148e0918) Updates `softprops/action-gh-release` from 2.6.1 to 3.0.1 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/153bb8e04406b158c6c84fc1615b65b24149a1fe...718ea10b132b3b2eba29c1007bb80653f286566b) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: github/codeql-action/upload-sarif dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/github-script dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: aws-actions/configure-aws-credentials dependency-version: 6.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: redhat-plumbers-in-action/gather-pull-request-metadata dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: super-linter/super-linter/slim dependency-version: 8.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: softprops/action-gh-release dependency-version: 3.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/build-test.yml | 2 +- .github/workflows/cifuzz.yml | 4 ++-- .github/workflows/claude-review.yml | 12 ++++++------ .github/workflows/codeql.yml | 6 +++--- .github/workflows/coverage.yml | 4 ++-- .github/workflows/coverity.yml | 2 +- .github/workflows/development-freeze.yml | 2 +- .github/workflows/differential-shellcheck.yml | 2 +- .github/workflows/gather-pr-metadata.yml | 6 +++--- .github/workflows/issue-labeler.yml | 2 +- .github/workflows/labeler.yml | 8 ++++---- .github/workflows/linter.yml | 4 ++-- .github/workflows/make-release.yml | 2 +- .github/workflows/scorecards.yml | 2 +- .github/workflows/unit-tests-musl.yml | 2 +- .github/workflows/unit-tests.yml | 2 +- 16 files changed, 31 insertions(+), 31 deletions(-) diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml index 8cb68e28e78..af6afb3f75c 100644 --- a/.github/workflows/build-test.yml +++ b/.github/workflows/build-test.yml @@ -32,7 +32,7 @@ jobs: CFLAGS: "-O2 -D_FORTIFY_SOURCE=3 -Wall" steps: - name: Repository checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 with: persist-credentials: false diff --git a/.github/workflows/cifuzz.yml b/.github/workflows/cifuzz.yml index d352b2c7b40..afc24d3d5dc 100644 --- a/.github/workflows/cifuzz.yml +++ b/.github/workflows/cifuzz.yml @@ -60,14 +60,14 @@ jobs: sanitizer: ${{ matrix.sanitizer }} output-sarif: true - name: Upload Crash - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a if: failure() && steps.build.outcome == 'success' with: name: ${{ matrix.sanitizer }}-${{ matrix.architecture }}-artifacts path: ./out/artifacts - name: Upload Sarif if: always() && steps.build.outcome == 'success' - uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e + uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e with: # Path to SARIF file relative to the root of the repository sarif_file: cifuzz-sarif/results.sarif diff --git a/.github/workflows/claude-review.yml b/.github/workflows/claude-review.yml index bf20e7d51e9..acc5ab6775d 100644 --- a/.github/workflows/claude-review.yml +++ b/.github/workflows/claude-review.yml @@ -67,7 +67,7 @@ jobs: - name: Fetch PR context and create tracking comment id: context - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 with: script: | const owner = context.repo.owner; @@ -130,7 +130,7 @@ jobs: # archive: false makes upload-artifact use the file's basename # (pr-context.json) as the artifact name, ignoring the name input. - name: Upload PR context - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a with: path: pr-context.json archive: false @@ -146,7 +146,7 @@ jobs: id-token: write # Authenticate with AWS via OIDC steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 with: # Need full history for git worktree add to work on all PR commits. fetch-depth: 0 @@ -178,7 +178,7 @@ jobs: sudo apt-get update && sudo apt-get install -y bubblewrap socat - name: Configure AWS credentials - uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 + uses: aws-actions/configure-aws-credentials@e7f100cf4c008499ea8adda475de1042d6975c7b with: role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_ROLE_NAME }} role-session-name: GitHubActions-Claude-${{ github.run_id }} @@ -382,7 +382,7 @@ jobs: - name: Upload review result if: always() - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a with: path: review-result.json if-no-files-found: ignore @@ -406,7 +406,7 @@ jobs: name: review-result.json - name: Post review comments - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 env: REVIEW_RESULT: ${{ needs.review.result }} PR_NUMBER: ${{ needs.setup.outputs.pr_number }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e577890fa6c..69c8ba952e7 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v7 - name: Install Dependencies run: | @@ -40,7 +40,7 @@ jobs: libffi-dev - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} queries: security-extended,security-and-quality @@ -63,6 +63,6 @@ jobs: run-clang-tidy -p builddir "src/.*\.c$" - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index c2b9493f6d8..9792e866fa6 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -24,7 +24,7 @@ jobs: if: github.repository == 'systemd/systemd' || github.repository == 'systemd/systemd-stable' steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 with: persist-credentials: false - uses: systemd/mkosi@66d51024b7149f40be4702e84275c936373ace97 @@ -130,7 +130,7 @@ jobs: --quiet - name: Archive failed test journals - uses: actions/upload-artifact@v7 + uses: actions/upload-artifact@v7.0.1 if: failure() && (github.repository == 'systemd/systemd' || github.repository == 'systemd/systemd-stable') with: name: ci-coverage-${{ github.run_id }}-${{ github.run_attempt }}-arch-rolling-failed-test-journals diff --git a/.github/workflows/coverity.yml b/.github/workflows/coverity.yml index 792cb916926..a110dee4364 100644 --- a/.github/workflows/coverity.yml +++ b/.github/workflows/coverity.yml @@ -22,7 +22,7 @@ jobs: COVERITY_SCAN_NOTIFICATION_EMAIL: "${{ secrets.COVERITY_SCAN_NOTIFICATION_EMAIL }}" steps: - name: Repository checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 with: persist-credentials: false # Reuse the setup phase of the unit test script to avoid code duplication diff --git a/.github/workflows/development-freeze.yml b/.github/workflows/development-freeze.yml index 25f6c1e92cf..6378d7b5915 100644 --- a/.github/workflows/development-freeze.yml +++ b/.github/workflows/development-freeze.yml @@ -30,7 +30,7 @@ jobs: name: Pull Request Metadata - name: Repository checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 with: fetch-depth: 0 persist-credentials: false diff --git a/.github/workflows/differential-shellcheck.yml b/.github/workflows/differential-shellcheck.yml index 7d3dc5f9165..061a019844d 100644 --- a/.github/workflows/differential-shellcheck.yml +++ b/.github/workflows/differential-shellcheck.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Repository checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 with: fetch-depth: 0 persist-credentials: false diff --git a/.github/workflows/gather-pr-metadata.yml b/.github/workflows/gather-pr-metadata.yml index 2ae9a098a69..0600f2568ec 100644 --- a/.github/workflows/gather-pr-metadata.yml +++ b/.github/workflows/gather-pr-metadata.yml @@ -16,16 +16,16 @@ jobs: steps: - name: Repository checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 with: persist-credentials: false - id: metadata name: Gather Pull Request Metadata - uses: redhat-plumbers-in-action/gather-pull-request-metadata@b86d1eaf7038cf88a56b26ba3e504f10e07b0ce5 + uses: redhat-plumbers-in-action/gather-pull-request-metadata@ecc2e46fe4f0b2e9a7b236d6012bc9f74af318d0 - name: Upload Pull Request Metadata artifact - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a with: name: Pull Request Metadata path: ${{ steps.metadata.outputs.metadata-file }} diff --git a/.github/workflows/issue-labeler.yml b/.github/workflows/issue-labeler.yml index a5f1fb07577..d2a3b6ea62d 100644 --- a/.github/workflows/issue-labeler.yml +++ b/.github/workflows/issue-labeler.yml @@ -20,7 +20,7 @@ jobs: template: [ bug_report.yml, feature_request.yml ] steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 with: persist-credentials: false diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml index 48d926a62b9..ca7ff476a31 100644 --- a/.github/workflows/labeler.yml +++ b/.github/workflows/labeler.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Repository checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 if: github.event_name == 'pull_request' with: persist-credentials: false @@ -44,7 +44,7 @@ jobs: sync-labels: false - name: Set or remove labels based on systemd development workflow - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 if: startsWith(github.event_name, 'pull_request') && github.event.action != 'closed' && !github.event.pull_request.draft with: script: | @@ -85,7 +85,7 @@ jobs: } - name: Add please-review label on command in issue comment - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 if: github.event_name == 'issue_comment' && github.event.issue.pull_request && startsWith(github.event.comment.body, '/please-review') with: script: | @@ -97,7 +97,7 @@ jobs: }) - name: Remove specific labels when PR is closed or merged - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 if: startsWith(github.event_name, 'pull_request') && github.event.action == 'closed' with: script: | diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 775b4f3f9d6..d578d4b2dc9 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -23,14 +23,14 @@ jobs: steps: - name: Repo checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 with: # We need a full repo clone fetch-depth: 0 persist-credentials: false - name: Lint Code Base - uses: super-linter/super-linter/slim@61abc07d755095a68f4987d1c2c3d1d64408f1f9 + uses: super-linter/super-linter/slim@4ce20838b8ab83717e78138c5b3a1407148e0918 env: DEFAULT_BRANCH: main MULTI_STATUS: false diff --git a/.github/workflows/make-release.yml b/.github/workflows/make-release.yml index 3aa169f55ad..978d3b0169b 100644 --- a/.github/workflows/make-release.yml +++ b/.github/workflows/make-release.yml @@ -18,7 +18,7 @@ jobs: steps: - name: Release - uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe + uses: softprops/action-gh-release@718ea10b132b3b2eba29c1007bb80653f286566b with: prerelease: ${{ contains(github.ref_name, '-rc') }} draft: ${{ github.repository == 'systemd/systemd' }} diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 689ea1cabc1..cf7ed56e111 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -29,7 +29,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/unit-tests-musl.yml b/.github/workflows/unit-tests-musl.yml index 2120eddeeb1..d4d13279b54 100644 --- a/.github/workflows/unit-tests-musl.yml +++ b/.github/workflows/unit-tests-musl.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Repository checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 with: persist-credentials: false diff --git a/.github/workflows/unit-tests.yml b/.github/workflows/unit-tests.yml index 79950640178..308e9fed604 100644 --- a/.github/workflows/unit-tests.yml +++ b/.github/workflows/unit-tests.yml @@ -40,7 +40,7 @@ jobs: runner: ubuntu-24.04-s390x steps: - name: Repository checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 with: persist-credentials: false - name: Install build dependencies