From a217c3c9dda4688a43cc025f45b20a37cf7e4cbf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 12 Jun 2026 05:10:27 +0000 Subject: [PATCH] chore(deps): bump the actions group across 1 directory with 7 updates Bumps the actions group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6.0.2` | `6.0.3` | | [gitleaks/gitleaks-action](https://github.com/gitleaks/gitleaks-action) | `2.3.7` | `3.0.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.36.0` | `4.36.2` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `6.0.1` | `7.0.0` | | [hadolint/hadolint-action](https://github.com/hadolint/hadolint-action) | `3.1.0` | `3.3.0` | | [anchore/scan-action](https://github.com/anchore/scan-action) | `5.3.0` | `7.4.0` | | [8398a7/action-slack](https://github.com/8398a7/action-slack) | `3.18.0` | `3.19.0` | Updates `actions/checkout` from 6.0.2 to 6.0.3 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...df4cb1c069e1874edd31b4311f1884172cec0e10) Updates `gitleaks/gitleaks-action` from 2.3.7 to 3.0.0 - [Release notes](https://github.com/gitleaks/gitleaks-action/releases) - [Commits](https://github.com/gitleaks/gitleaks-action/compare/83373cf2f8c4db6e24b41c1a9b086bb9619e9cd3...e0c47f4f8be36e29cdc102c57e68cb5cbf0e8d1e) Updates `github/codeql-action` from 4.36.0 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/7211b7c8077ea37d8641b6271f6a365a22a5fbfa...8aad20d150bbac5944a9f9d289da16a4b0d87c1e) Updates `codecov/codecov-action` from 6.0.1 to 7.0.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/e79a6962e0d4c0c17b229090214935d2e33f8354...fb8b3582c8e4def4969c97caa2f19720cb33a72f) Updates `hadolint/hadolint-action` from 3.1.0 to 3.3.0 - [Release notes](https://github.com/hadolint/hadolint-action/releases) - [Commits](https://github.com/hadolint/hadolint-action/compare/54c9adbab1582c2ef04b2016b760714a4bfde3cf...2332a7b74a6de0dda2e2221d575162eba76ba5e5) Updates `anchore/scan-action` from 5.3.0 to 7.4.0 - [Release notes](https://github.com/anchore/scan-action/releases) - [Changelog](https://github.com/anchore/scan-action/blob/main/RELEASE.md) - [Commits](https://github.com/anchore/scan-action/compare/869c549e657a088dc0441b08ce4fc0ecdac2bb65...e1165082ffb1fe366ebaf02d8526e7c4989ea9d2) Updates `8398a7/action-slack` from 3.18.0 to 3.19.0 - [Release notes](https://github.com/8398a7/action-slack/releases) - [Commits](https://github.com/8398a7/action-slack/compare/1750b5085f3ec60384090fb7c52965ef822e869e...77eaa4f1c608a7d68b38af4e3f739dcd8cba273e) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: gitleaks/gitleaks-action dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: github/codeql-action dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: codecov/codecov-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: hadolint/hadolint-action dependency-version: 3.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: anchore/scan-action dependency-version: 7.4.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: 8398a7/action-slack dependency-version: 3.19.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/boj-build.yml | 2 +- .github/workflows/casket-pages.yml | 4 +-- .github/workflows/ci-cd.yml | 32 ++++++++++++------------ .github/workflows/codeql.yml | 6 ++--- .github/workflows/dogfood-gate.yml | 10 ++++---- .github/workflows/scorecard-enforcer.yml | 6 ++--- .github/workflows/workflow-linter.yml | 2 +- 7 files changed, 31 insertions(+), 31 deletions(-) diff --git a/.github/workflows/boj-build.yml b/.github/workflows/boj-build.yml index 712beb3..7868fbf 100644 --- a/.github/workflows/boj-build.yml +++ b/.github/workflows/boj-build.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Trigger BoJ Server (Casket/ssg-mcp) run: | # Send a secure trigger to boj-server to build this repository diff --git a/.github/workflows/casket-pages.yml b/.github/workflows/casket-pages.yml index 1839b7b..55d2a13 100644 --- a/.github/workflows/casket-pages.yml +++ b/.github/workflows/casket-pages.yml @@ -20,10 +20,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v4 - name: Checkout casket-ssg - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v4 with: repository: hyperpolymath/casket-ssg path: .casket-ssg diff --git a/.github/workflows/ci-cd.yml b/.github/workflows/ci-cd.yml index 3fbb254..329e700 100644 --- a/.github/workflows/ci-cd.yml +++ b/.github/workflows/ci-cd.yml @@ -28,7 +28,7 @@ jobs: contents: read steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 # Full history for SonarCloud @@ -64,10 +64,10 @@ jobs: contents: read steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Run GitLeaks (secrets detection) - uses: gitleaks/gitleaks-action@83373cf2f8c4db6e24b41c1a9b086bb9619e9cd3 # v2.3.7 + uses: gitleaks/gitleaks-action@e0c47f4f8be36e29cdc102c57e68cb5cbf0e8d1e # v3.0.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITLEAKS_LICENSE: ${{ secrets.GITLEAKS_LICENSE }} @@ -84,7 +84,7 @@ jobs: limit-severities-for-sarif: true - name: Upload Trivy results to GitHub Security - uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v3.28.1 + uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v3.28.1 if: always() && hashFiles('trivy-results.sarif') != '' with: sarif_file: 'trivy-results.sarif' @@ -125,7 +125,7 @@ jobs: julia-version: ['1.9', '1.10', 'nightly'] steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Set up Julia ${{ matrix.julia-version }} uses: julia-actions/setup-julia@fa02766e078afaaf09b14210362cee14137e6a32 # v2.8.0 @@ -148,7 +148,7 @@ jobs: directories: src/julia/RobotVacuum/src - name: Upload coverage to Codecov - uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v5.0.7 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v5.0.7 with: files: lcov.info flags: julia-${{ matrix.julia-version }} @@ -163,7 +163,7 @@ jobs: contents: read steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Install Rust toolchain uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 # v1.16.1 @@ -193,7 +193,7 @@ jobs: continue-on-error: true - name: Upload Rust coverage - uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v5.0.7 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v5.0.7 with: file: src/rust/coverage/cobertura.xml flags: rust @@ -212,7 +212,7 @@ jobs: security-events: write steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Set up Docker Buildx uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0 @@ -261,20 +261,20 @@ jobs: limit-severities-for-sarif: true - name: Upload Trivy image results - uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v3.28.1 + uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v3.28.1 if: always() && hashFiles('trivy-image-results.sarif') != '' with: sarif_file: 'trivy-image-results.sarif' category: 'trivy-container' - name: Run Hadolint (Dockerfile linting) - uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0 + uses: hadolint/hadolint-action@2332a7b74a6de0dda2e2221d575162eba76ba5e5 # v3.3.0 with: dockerfile: docker/Containerfile failure-threshold: warning - name: Scan with Grype - uses: anchore/scan-action@869c549e657a088dc0441b08ce4fc0ecdac2bb65 # v5.0.0 + uses: anchore/scan-action@e1165082ffb1fe366ebaf02d8526e7c4989ea9d2 # v5.0.0 with: image: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.meta.outputs.version }} fail-build: false @@ -299,7 +299,7 @@ jobs: contents: read steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 @@ -357,7 +357,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Set up Julia uses: julia-actions/setup-julia@fa02766e078afaaf09b14210362cee14137e6a32 # v2.8.0 @@ -393,7 +393,7 @@ jobs: url: https://robot-vacuum.example.com steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Deploy to production run: | @@ -402,7 +402,7 @@ jobs: # e.g., kubectl apply, helm upgrade, etc. - name: Notify deployment - uses: 8398a7/action-slack@1750b5085f3ec60384090fb7c52965ef822e869e # v3.18.3 + uses: 8398a7/action-slack@77eaa4f1c608a7d68b38af4e3f739dcd8cba273e # v3.18.3 if: always() with: status: ${{ job.status }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ed4a380..d9b0a2d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -35,15 +35,15 @@ jobs: steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Initialize CodeQL - uses: github/codeql-action/init@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v3 + uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v3 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v3 + uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v3 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/dogfood-gate.yml b/.github/workflows/dogfood-gate.yml index 582f3ee..424cbc4 100644 --- a/.github/workflows/dogfood-gate.yml +++ b/.github/workflows/dogfood-gate.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Check for A2ML files id: detect @@ -69,7 +69,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Check for K9 files id: detect @@ -118,7 +118,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Scan for invisible characters id: lint @@ -182,7 +182,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Check for Groove manifest id: groove @@ -242,7 +242,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Generate dogfooding scorecard run: | diff --git a/.github/workflows/scorecard-enforcer.yml b/.github/workflows/scorecard-enforcer.yml index 295e009..625a12a 100644 --- a/.github/workflows/scorecard-enforcer.yml +++ b/.github/workflows/scorecard-enforcer.yml @@ -27,7 +27,7 @@ jobs: security-events: write id-token: write # For OIDC steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false @@ -39,7 +39,7 @@ jobs: publish_results: true - name: Upload SARIF - uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4 + uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 with: sarif_file: results.sarif @@ -62,7 +62,7 @@ jobs: check-critical: runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Check SECURITY.md exists run: | diff --git a/.github/workflows/workflow-linter.yml b/.github/workflows/workflow-linter.yml index 02b2e76..1e594b4 100644 --- a/.github/workflows/workflow-linter.yml +++ b/.github/workflows/workflow-linter.yml @@ -16,7 +16,7 @@ jobs: lint-workflows: runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v4 - name: Check SPDX headers run: |