Skip to content

Commit 0452617

Browse files
dependabot[bot]dependabot[bot]
authored
chore(deps): Bump the actions group across 1 directory with 8 updates
Updates the requirements on [actions/checkout](https://github.com/actions/checkout), [github/codeql-action](https://github.com/github/codeql-action), [erlef/setup-beam](https://github.com/erlef/setup-beam), [actions/github-script](https://github.com/actions/github-script), [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent), [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain), [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) and [ossf/scorecard-action](https://github.com/ossf/scorecard-action) to permit the latest version. Updates `actions/checkout` from 4.1.1 to 6.0.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4.1.1...de0fac2) Updates `github/codeql-action` from 3.27.0 to 4.32.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3.27.0...b20883b) Updates `erlef/setup-beam` from 1.17.5 to 1.20.4 - [Release notes](https://github.com/erlef/setup-beam/releases) - [Commits](erlef/setup-beam@2f0cc07...e6d7c94) Updates `actions/github-script` from 7.0.1 to 8.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@60a0d83...ed59741) Updates `webfactory/ssh-agent` from 0.9.0 to 0.9.1 - [Release notes](https://github.com/webfactory/ssh-agent/releases) - [Changelog](https://github.com/webfactory/ssh-agent/blob/master/CHANGELOG.md) - [Commits](webfactory/ssh-agent@dc588b6...a6f90b1) Updates `dtolnay/rust-toolchain` to f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561 - [Release notes](https://github.com/dtolnay/rust-toolchain/releases) - [Commits](https://github.com/dtolnay/rust-toolchain/commits/f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561) Updates `trufflesecurity/trufflehog` from 3.92.3 to 3.92.5 - [Release notes](https://github.com/trufflesecurity/trufflehog/releases) - [Commits](trufflesecurity/trufflehog@v3.92.3...116e717) Updates `ossf/scorecard-action` from 2.4.0 to 2.4.3 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@v2.4.0...4eaacf0) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: github/codeql-action dependency-version: 4.32.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: erlef/setup-beam dependency-version: 1.20.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/github-script dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: webfactory/ssh-agent dependency-version: 0.9.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: dtolnay/rust-toolchain dependency-version: f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561 dependency-type: direct:production dependency-group: actions - dependency-name: trufflesecurity/trufflehog dependency-version: 3.92.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: ossf/scorecard-action dependency-version: 2.4.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>
1 parent 03d5442 commit 0452617

19 files changed

+57
-57
lines changed

.github/workflows/cflite_batch.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ jobs:
1212
matrix:
1313
sanitizer: [address, undefined]
1414
steps:
15-
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
15+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
1616
- uses: google/clusterfuzzlite/actions/build_fuzzers@884713a6c30a92e5e8544c39945cd7cb630abcd1 # v1
1717
with:
1818
sanitizer: ${{ matrix.sanitizer }}
@@ -24,7 +24,7 @@ jobs:
2424
sanitizer: ${{ matrix.sanitizer }}
2525
mode: batch
2626
output-sarif: true
27-
- uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3
27+
- uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v3
2828
if: always()
2929
with:
3030
sarif_file: vulnerabilities.sarif

.github/workflows/cflite_pr.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ jobs:
1313
matrix:
1414
sanitizer: [address, undefined]
1515
steps:
16-
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
16+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
1717
- uses: google/clusterfuzzlite/actions/build_fuzzers@884713a6c30a92e5e8544c39945cd7cb630abcd1 # v1
1818
with:
1919
sanitizer: ${{ matrix.sanitizer }}
@@ -25,7 +25,7 @@ jobs:
2525
sanitizer: ${{ matrix.sanitizer }}
2626
mode: code-change
2727
output-sarif: true
28-
- uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3
28+
- uses: github/codeql-action/upload-sarif@9e907b5e64f6b83e7804b09294d44122997950d6 # v3
2929
if: always()
3030
with:
3131
sarif_file: vulnerabilities.sarif

.github/workflows/ci.yml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ jobs:
2020
permissions:
2121
contents: read
2222
steps:
23-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
23+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
2424
- uses: dtolnay/rust-toolchain@stable
2525
- uses: Swatinem/rust-cache@v2
2626
- run: cargo check --workspace
@@ -31,7 +31,7 @@ jobs:
3131
permissions:
3232
contents: read
3333
steps:
34-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
34+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
3535
- uses: dtolnay/rust-toolchain@stable
3636
- uses: Swatinem/rust-cache@v2
3737
- run: cargo test --workspace
@@ -42,7 +42,7 @@ jobs:
4242
permissions:
4343
contents: read
4444
steps:
45-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
45+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
4646
- uses: dtolnay/rust-toolchain@stable
4747
with:
4848
components: rustfmt
@@ -54,7 +54,7 @@ jobs:
5454
permissions:
5555
contents: read
5656
steps:
57-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
57+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
5858
- uses: dtolnay/rust-toolchain@stable
5959
with:
6060
components: clippy
@@ -67,7 +67,7 @@ jobs:
6767
permissions:
6868
contents: read
6969
steps:
70-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
70+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
7171
- uses: dtolnay/rust-toolchain@stable
7272
- uses: Swatinem/rust-cache@v2
7373
- run: cargo build --release --workspace

.github/workflows/codeql.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -26,15 +26,15 @@ jobs:
2626

2727
steps:
2828
- name: Checkout
29-
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
29+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
3030

3131
- name: Initialize CodeQL
32-
uses: github/codeql-action/init@662472033e021d55d94146f66f6058822b0b39fd # v3.28.1
32+
uses: github/codeql-action/init@9e907b5e64f6b83e7804b09294d44122997950d6 # v3.28.1
3333
with:
3434
languages: ${{ matrix.language }}
3535
build-mode: ${{ matrix.build-mode }}
3636

3737
- name: Perform CodeQL Analysis
38-
uses: github/codeql-action/analyze@662472033e021d55d94146f66f6058822b0b39fd # v3.28.1
38+
uses: github/codeql-action/analyze@9e907b5e64f6b83e7804b09294d44122997950d6 # v3.28.1
3939
with:
4040
category: "/language:${{ matrix.language }}"

.github/workflows/guix-nix-policy.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ jobs:
1010
permissions:
1111
contents: read
1212
steps:
13-
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
13+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
1414
- name: Enforce Guix primary / Nix fallback
1515
run: |
1616
# Check for package manager files

.github/workflows/hypatia-scan.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -20,12 +20,12 @@ jobs:
2020

2121
steps:
2222
- name: Checkout repository
23-
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
23+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
2424
with:
2525
fetch-depth: 0 # Full history for better pattern analysis
2626

2727
- name: Setup Elixir for Hypatia scanner
28-
uses: erlef/setup-beam@2f0cc07b4b9bea248ae098aba9e1a8a1de5ec24c # v1.18.2
28+
uses: erlef/setup-beam@e6d7c94229049569db56a7ad5a540c051a010af9 # v1.18.2
2929
with:
3030
elixir-version: '1.19.4'
3131
otp-version: '28.3'
@@ -146,7 +146,7 @@ jobs:
146146
147147
- name: Comment on PR with findings
148148
if: github.event_name == 'pull_request' && steps.scan.outputs.findings_count > 0
149-
uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
149+
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v7
150150
with:
151151
script: |
152152
const fs = require('fs');

.github/workflows/language-guard.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ jobs:
2121
permissions:
2222
contents: read
2323
steps:
24-
- uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
24+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
2525

2626
- name: Check for forbidden languages
2727
run: |

.github/workflows/mirror.yml

Lines changed: 14 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -14,11 +14,11 @@ jobs:
1414
runs-on: ubuntu-latest
1515
if: vars.GITLAB_MIRROR_ENABLED == 'true'
1616
steps:
17-
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
17+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
1818
with:
1919
fetch-depth: 0
2020

21-
- uses: webfactory/ssh-agent@dc588b651fe13675774614f8e6a936a468676387 # v0.9.0
21+
- uses: webfactory/ssh-agent@a6f90b1f127823b31d4d4a8d96047790581349bd # v0.9.1
2222
with:
2323
ssh-private-key: ${{ secrets.GITLAB_SSH_KEY }}
2424

@@ -32,11 +32,11 @@ jobs:
3232
runs-on: ubuntu-latest
3333
if: vars.BITBUCKET_MIRROR_ENABLED == 'true'
3434
steps:
35-
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
35+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
3636
with:
3737
fetch-depth: 0
3838

39-
- uses: webfactory/ssh-agent@dc588b651fe13675774614f8e6a936a468676387 # v0.9.0
39+
- uses: webfactory/ssh-agent@a6f90b1f127823b31d4d4a8d96047790581349bd # v0.9.1
4040
with:
4141
ssh-private-key: ${{ secrets.BITBUCKET_SSH_KEY }}
4242

@@ -50,11 +50,11 @@ jobs:
5050
runs-on: ubuntu-latest
5151
if: vars.CODEBERG_MIRROR_ENABLED == 'true'
5252
steps:
53-
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
53+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
5454
with:
5555
fetch-depth: 0
5656

57-
- uses: webfactory/ssh-agent@dc588b651fe13675774614f8e6a936a468676387 # v0.9.0
57+
- uses: webfactory/ssh-agent@a6f90b1f127823b31d4d4a8d96047790581349bd # v0.9.1
5858
with:
5959
ssh-private-key: ${{ secrets.CODEBERG_SSH_KEY }}
6060

@@ -68,11 +68,11 @@ jobs:
6868
runs-on: ubuntu-latest
6969
if: vars.SOURCEHUT_MIRROR_ENABLED == 'true'
7070
steps:
71-
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
71+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
7272
with:
7373
fetch-depth: 0
7474

75-
- uses: webfactory/ssh-agent@dc588b651fe13675774614f8e6a936a468676387 # v0.9.0
75+
- uses: webfactory/ssh-agent@a6f90b1f127823b31d4d4a8d96047790581349bd # v0.9.1
7676
with:
7777
ssh-private-key: ${{ secrets.SOURCEHUT_SSH_KEY }}
7878

@@ -86,11 +86,11 @@ jobs:
8686
runs-on: ubuntu-latest
8787
if: vars.DISROOT_MIRROR_ENABLED == 'true'
8888
steps:
89-
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
89+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
9090
with:
9191
fetch-depth: 0
9292

93-
- uses: webfactory/ssh-agent@dc588b651fe13675774614f8e6a936a468676387 # v0.9.0
93+
- uses: webfactory/ssh-agent@a6f90b1f127823b31d4d4a8d96047790581349bd # v0.9.1
9494
with:
9595
ssh-private-key: ${{ secrets.DISROOT_SSH_KEY }}
9696

@@ -104,11 +104,11 @@ jobs:
104104
runs-on: ubuntu-latest
105105
if: vars.GITEA_MIRROR_ENABLED == 'true'
106106
steps:
107-
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
107+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
108108
with:
109109
fetch-depth: 0
110110

111-
- uses: webfactory/ssh-agent@dc588b651fe13675774614f8e6a936a468676387 # v0.9.0
111+
- uses: webfactory/ssh-agent@a6f90b1f127823b31d4d4a8d96047790581349bd # v0.9.1
112112
with:
113113
ssh-private-key: ${{ secrets.GITEA_SSH_KEY }}
114114

@@ -122,12 +122,12 @@ jobs:
122122
runs-on: ubuntu-latest
123123
if: vars.RADICLE_MIRROR_ENABLED == 'true'
124124
steps:
125-
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
125+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
126126
with:
127127
fetch-depth: 0
128128

129129
- name: Setup Rust
130-
uses: dtolnay/rust-toolchain@56f84321dbccf38fb67ce29ab63e4754056677e0 # stable
130+
uses: dtolnay/rust-toolchain@efa25f7f19611383d5b0ccf2d1c8914531636bf9 # stable
131131
with:
132132
toolchain: stable
133133

.github/workflows/npm-bun-blocker.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@ jobs:
1010
permissions:
1111
contents: read
1212
steps:
13-
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
13+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
1414
- name: Block npm/bun
1515
run: |
1616
if [ -f "package-lock.json" ] || [ -f "bun.lockb" ] || [ -f ".npmrc" ]; then

.github/workflows/quality.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -11,14 +11,14 @@ jobs:
1111
permissions:
1212
contents: read
1313
steps:
14-
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
14+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
1515

1616
- name: Check file permissions
1717
run: |
1818
find . -type f -perm /111 -name "*.sh" | head -10 || true
1919
2020
- name: Check for secrets
21-
uses: trufflesecurity/trufflehog@05cccb53bc9e13bc6d17997db5a6bcc3df44bf2f # v3.92.3
21+
uses: trufflesecurity/trufflehog@6961f2bace57ab32b23b3ba40f8f420f6bc7e004 # v3.93.3
2222
with:
2323
path: ./
2424
base: ${{ github.event.pull_request.base.sha || github.event.before }}
@@ -43,7 +43,7 @@ jobs:
4343
permissions:
4444
contents: read
4545
steps:
46-
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
46+
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
4747
- name: Check documentation
4848
run: |
4949
MISSING=""

0 commit comments

Comments
 (0)