Skip to content

Commit 7dbe33f

Browse files
dependabot[bot]dependabot[bot]
authored
chore(deps): bump the actions group across 1 directory with 6 updates
Bumps the actions group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.1` | `6.0.2` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.31.9` | `4.32.3` | | [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.17.5` | `1.20.4` | | [actions/github-script](https://github.com/actions/github-script) | `7.0.1` | `8.0.0` | | [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain) | `f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561` | `efa25f7f19611383d5b0ccf2d1c8914531636bf9` | | [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) | `3.92.3` | `3.93.3` | Updates `actions/checkout` from 4.1.1 to 6.0.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4.1.1...de0fac2) Updates `github/codeql-action` from 4.31.9 to 4.32.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@5d4e8d1...9e907b5) Updates `erlef/setup-beam` from 1.17.5 to 1.20.4 - [Release notes](https://github.com/erlef/setup-beam/releases) - [Commits](erlef/setup-beam@2f0cc07...e6d7c94) Updates `actions/github-script` from 7.0.1 to 8.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@60a0d83...ed59741) Updates `dtolnay/rust-toolchain` from f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561 to efa25f7f19611383d5b0ccf2d1c8914531636bf9 - [Release notes](https://github.com/dtolnay/rust-toolchain/releases) - [Commits](dtolnay/rust-toolchain@f7ccc83...efa25f7) Updates `trufflesecurity/trufflehog` from 3.92.3 to 3.93.3 - [Release notes](https://github.com/trufflesecurity/trufflehog/releases) - [Commits](trufflesecurity/trufflehog@v3.92.3...6961f2b) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: github/codeql-action dependency-version: 4.32.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: erlef/setup-beam dependency-version: 1.20.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/github-script dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: dtolnay/rust-toolchain dependency-version: efa25f7f19611383d5b0ccf2d1c8914531636bf9 dependency-type: direct:production dependency-group: actions - dependency-name: trufflesecurity/trufflehog dependency-version: 3.93.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <[email protected]>
1 parent 4f9de53 commit 7dbe33f

14 files changed

+34
-34
lines changed

.github/workflows/codeql.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -26,15 +26,15 @@ jobs:
2626

2727
steps:
2828
- name: Checkout
29-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
29+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
3030

3131
- name: Initialize CodeQL
32-
uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v3.28.1
32+
uses: github/codeql-action/init@9e907b5e64f6b83e7804b09294d44122997950d6 # v3.28.1
3333
with:
3434
languages: ${{ matrix.language }}
3535
build-mode: ${{ matrix.build-mode }}
3636

3737
- name: Perform CodeQL Analysis
38-
uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v3.28.1
38+
uses: github/codeql-action/analyze@9e907b5e64f6b83e7804b09294d44122997950d6 # v3.28.1
3939
with:
4040
category: "/language:${{ matrix.language }}"

.github/workflows/guix-nix-policy.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ jobs:
1010
permissions:
1111
contents: read
1212
steps:
13-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
13+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
1414
- name: Enforce Guix primary / Nix fallback
1515
run: |
1616
# Check for package manager files

.github/workflows/hypatia-scan.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -20,12 +20,12 @@ jobs:
2020

2121
steps:
2222
- name: Checkout repository
23-
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
23+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
2424
with:
2525
fetch-depth: 0 # Full history for better pattern analysis
2626

2727
- name: Setup Elixir for Hypatia scanner
28-
uses: erlef/setup-beam@2f0cc07b4b9bea248ae098aba9e1a8a1de5ec24c # v1.18.2
28+
uses: erlef/setup-beam@e6d7c94229049569db56a7ad5a540c051a010af9 # v1.18.2
2929
with:
3030
elixir-version: '1.19.4'
3131
otp-version: '28.3'
@@ -146,7 +146,7 @@ jobs:
146146
147147
- name: Comment on PR with findings
148148
if: github.event_name == 'pull_request' && steps.scan.outputs.findings_count > 0
149-
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
149+
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v7
150150
with:
151151
script: |
152152
const fs = require('fs');

.github/workflows/mirror.yml

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -14,7 +14,7 @@ jobs:
1414
runs-on: ubuntu-latest
1515
if: vars.GITLAB_MIRROR_ENABLED == 'true'
1616
steps:
17-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
17+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
1818
with:
1919
fetch-depth: 0
2020

@@ -32,7 +32,7 @@ jobs:
3232
runs-on: ubuntu-latest
3333
if: vars.BITBUCKET_MIRROR_ENABLED == 'true'
3434
steps:
35-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
35+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
3636
with:
3737
fetch-depth: 0
3838

@@ -50,7 +50,7 @@ jobs:
5050
runs-on: ubuntu-latest
5151
if: vars.CODEBERG_MIRROR_ENABLED == 'true'
5252
steps:
53-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
53+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
5454
with:
5555
fetch-depth: 0
5656

@@ -68,7 +68,7 @@ jobs:
6868
runs-on: ubuntu-latest
6969
if: vars.SOURCEHUT_MIRROR_ENABLED == 'true'
7070
steps:
71-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
71+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
7272
with:
7373
fetch-depth: 0
7474

@@ -86,7 +86,7 @@ jobs:
8686
runs-on: ubuntu-latest
8787
if: vars.DISROOT_MIRROR_ENABLED == 'true'
8888
steps:
89-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
89+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
9090
with:
9191
fetch-depth: 0
9292

@@ -104,7 +104,7 @@ jobs:
104104
runs-on: ubuntu-latest
105105
if: vars.GITEA_MIRROR_ENABLED == 'true'
106106
steps:
107-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
107+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
108108
with:
109109
fetch-depth: 0
110110

@@ -122,12 +122,12 @@ jobs:
122122
runs-on: ubuntu-latest
123123
if: vars.RADICLE_MIRROR_ENABLED == 'true'
124124
steps:
125-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
125+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
126126
with:
127127
fetch-depth: 0
128128

129129
- name: Setup Rust
130-
uses: dtolnay/rust-toolchain@f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561 # stable
130+
uses: dtolnay/rust-toolchain@efa25f7f19611383d5b0ccf2d1c8914531636bf9 # stable
131131
with:
132132
toolchain: stable
133133

.github/workflows/npm-bun-blocker.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ jobs:
1010
permissions:
1111
contents: read
1212
steps:
13-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
13+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
1414
- name: Block npm/bun
1515
run: |
1616
if [ -f "package-lock.json" ] || [ -f "bun.lockb" ] || [ -f ".npmrc" ]; then

.github/workflows/quality.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -11,14 +11,14 @@ jobs:
1111
permissions:
1212
contents: read
1313
steps:
14-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
14+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
1515

1616
- name: Check file permissions
1717
run: |
1818
find . -type f -perm /111 -name "*.sh" | head -10 || true
1919
2020
- name: Check for secrets
21-
uses: trufflesecurity/trufflehog@05cccb53bc9e13bc6d17997db5a6bcc3df44bf2f # v3.92.3
21+
uses: trufflesecurity/trufflehog@6961f2bace57ab32b23b3ba40f8f420f6bc7e004 # v3.93.3
2222
with:
2323
path: ./
2424
base: ${{ github.event.pull_request.base.sha || github.event.before }}
@@ -43,7 +43,7 @@ jobs:
4343
permissions:
4444
contents: read
4545
steps:
46-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
46+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
4747
- name: Check documentation
4848
run: |
4949
MISSING=""

.github/workflows/rsr-antipattern.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ jobs:
2222
permissions:
2323
contents: read
2424
steps:
25-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
25+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
2626

2727
- name: Check for TypeScript
2828
run: |

.github/workflows/scorecard-enforcer.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ jobs:
1818
security-events: write
1919
id-token: write # For OIDC
2020
steps:
21-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
21+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
2222
with:
2323
persist-credentials: false
2424

@@ -30,7 +30,7 @@ jobs:
3030
publish_results: true
3131

3232
- name: Upload SARIF
33-
uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v3
33+
uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v3
3434
with:
3535
sarif_file: results.sarif
3636

@@ -53,7 +53,7 @@ jobs:
5353
check-critical:
5454
runs-on: ubuntu-latest
5555
steps:
56-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
56+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
5757

5858
- name: Check SECURITY.md exists
5959
run: |

.github/workflows/scorecard.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ jobs:
1616
security-events: write
1717
id-token: write
1818
steps:
19-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
19+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
2020
with:
2121
persist-credentials: false
2222

@@ -27,6 +27,6 @@ jobs:
2727
results_format: sarif
2828

2929
- name: Upload results
30-
uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v3.31.8
30+
uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v3.31.8
3131
with:
3232
sarif_file: results.sarif

.github/workflows/secret-scanner.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -13,19 +13,19 @@ jobs:
1313
trufflehog:
1414
runs-on: ubuntu-latest
1515
steps:
16-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
16+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
1717
with:
1818
fetch-depth: 0 # Full history for scanning
1919

2020
- name: TruffleHog Secret Scan
21-
uses: trufflesecurity/trufflehog@8a8ef8526528d8a4ff3e2c90be08e25ef8efbd9b # v3
21+
uses: trufflesecurity/trufflehog@6961f2bace57ab32b23b3ba40f8f420f6bc7e004 # v3
2222
with:
2323
extra_args: --only-verified --fail
2424

2525
gitleaks:
2626
runs-on: ubuntu-latest
2727
steps:
28-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
28+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
2929
with:
3030
fetch-depth: 0
3131

@@ -39,7 +39,7 @@ jobs:
3939
runs-on: ubuntu-latest
4040
if: hashFiles('**/Cargo.toml') != ''
4141
steps:
42-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
42+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
4343

4444
- name: Check for hardcoded secrets in Rust
4545
run: |

0 commit comments

Comments
 (0)