From 68edbe455efd84b0f1090a72a39269036d3da94e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Apr 2026 00:39:21 +0000 Subject: [PATCH] build(deps): bump the github-actions group across 1 directory with 5 updates Bumps the github-actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/setup-go](https://github.com/actions/setup-go) | `6.3.0` | `6.4.0` | | [actions/cache](https://github.com/actions/cache) | `5.0.3` | `5.0.4` | | [shimataro/ssh-key-action](https://github.com/shimataro/ssh-key-action) | `2.8.0` | `2.8.1` | | [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) | `7.3.0` | `8.0.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.31.9` | `4.35.1` | Updates `actions/setup-go` from 6.3.0 to 6.4.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/4b73464bb391d4059bd26b0524d20df3927bd417...4a3601121dd01d1626a1e23e37211e3254c1c06c) Updates `actions/cache` from 5.0.3 to 5.0.4 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/cdf6c1fa76f9f475f3d7449005a359c84ca0f306...668228422ae6a00e4ad889ee87cd7109ec5666a7) Updates `shimataro/ssh-key-action` from 2.8.0 to 2.8.1 - [Release notes](https://github.com/shimataro/ssh-key-action/releases) - [Changelog](https://github.com/shimataro/ssh-key-action/blob/v2/CHANGELOG.md) - [Commits](https://github.com/shimataro/ssh-key-action/compare/6b84f2e793b32fa0b03a379cadadec75cc539391...87a8f067114a8ce263df83e9ed5c849953548bc3) Updates `astral-sh/setup-uv` from 7.3.0 to 8.0.0 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](https://github.com/astral-sh/setup-uv/compare/eac588ad8def6316056a12d4907a9d4d84ff7a3b...cec208311dfd045dd5311c1add060b2062131d57) Updates `github/codeql-action` from 4.31.9 to 4.35.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/5d4e8d1aca955e8d8589aabd499c5cae939e33c7...c10b8064de6f491fea524254123dbe5e09572f13) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 6.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/cache dependency-version: 5.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: shimataro/ssh-key-action dependency-version: 2.8.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: astral-sh/setup-uv dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.35.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/asset-verification.yml | 2 +- .github/workflows/docker-pr.yml | 2 +- .github/workflows/docker.yml | 2 +- .github/workflows/go-mod-tidy-check.yml | 2 +- .github/workflows/go.yml | 4 ++-- .github/workflows/package-builds-stable.yml | 2 +- .github/workflows/package-builds-unstable.yml | 2 +- .github/workflows/smoke-tests.yml | 2 +- .github/workflows/ssh-ci.yml | 4 ++-- .github/workflows/zizmor.yml | 4 ++-- 10 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/asset-verification.yml b/.github/workflows/asset-verification.yml index 1ade7d19..834475ad 100644 --- a/.github/workflows/asset-verification.yml +++ b/.github/workflows/asset-verification.yml @@ -25,7 +25,7 @@ jobs: - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: node-version: "24.11.0" - - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 + - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: "1.25.7" diff --git a/.github/workflows/docker-pr.yml b/.github/workflows/docker-pr.yml index 823c460b..c97e273f 100644 --- a/.github/workflows/docker-pr.yml +++ b/.github/workflows/docker-pr.yml @@ -29,7 +29,7 @@ jobs: - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: node-version: "24.11.0" - - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 + - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: "stable" diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 76c04dc2..1f03cb54 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -39,7 +39,7 @@ jobs: - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: node-version: "24.11.0" - - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 + - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: "stable" diff --git a/.github/workflows/go-mod-tidy-check.yml b/.github/workflows/go-mod-tidy-check.yml index 81274a56..9de6db9c 100644 --- a/.github/workflows/go-mod-tidy-check.yml +++ b/.github/workflows/go-mod-tidy-check.yml @@ -17,7 +17,7 @@ jobs: with: persist-credentials: false - - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 + - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: "stable" diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 3ab4e0d1..9a4ab72f 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -27,12 +27,12 @@ jobs: - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: node-version: "24.11.0" - - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 + - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: "stable" - name: Cache playwright binaries - uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 id: playwright-cache with: path: | diff --git a/.github/workflows/package-builds-stable.yml b/.github/workflows/package-builds-stable.yml index d1623a91..db2ab8dc 100644 --- a/.github/workflows/package-builds-stable.yml +++ b/.github/workflows/package-builds-stable.yml @@ -28,7 +28,7 @@ jobs: - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: node-version: "24.11.0" - - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 + - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: "stable" diff --git a/.github/workflows/package-builds-unstable.yml b/.github/workflows/package-builds-unstable.yml index e244262c..4c229712 100644 --- a/.github/workflows/package-builds-unstable.yml +++ b/.github/workflows/package-builds-unstable.yml @@ -29,7 +29,7 @@ jobs: - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: node-version: "24.11.0" - - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 + - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: "stable" diff --git a/.github/workflows/smoke-tests.yml b/.github/workflows/smoke-tests.yml index 2746e312..89d60394 100644 --- a/.github/workflows/smoke-tests.yml +++ b/.github/workflows/smoke-tests.yml @@ -37,7 +37,7 @@ jobs: - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0 with: node-version: "24.11.0" - - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 + - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: "stable" diff --git a/.github/workflows/ssh-ci.yml b/.github/workflows/ssh-ci.yml index a89a992e..36119712 100644 --- a/.github/workflows/ssh-ci.yml +++ b/.github/workflows/ssh-ci.yml @@ -30,13 +30,13 @@ jobs: persist-credentials: false - name: Install CI target SSH key - uses: shimataro/ssh-key-action@6b84f2e793b32fa0b03a379cadadec75cc539391 # v2.8.0 + uses: shimataro/ssh-key-action@87a8f067114a8ce263df83e9ed5c849953548bc3 # v2.8.1 with: key: ${{ secrets.CI_SSH_KEY }} name: id_rsa known_hosts: ${{ secrets.CI_SSH_KNOWN_HOSTS }} - - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0 + - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: "stable" diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index a382e618..717b54cf 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -21,7 +21,7 @@ jobs: persist-credentials: false - name: Install the latest version of uv - uses: astral-sh/setup-uv@eac588ad8def6316056a12d4907a9d4d84ff7a3b # v7.3.0 + uses: astral-sh/setup-uv@cec208311dfd045dd5311c1add060b2062131d57 # v8.0.0 - name: Run zizmor 🌈 run: uvx zizmor --format sarif . > results.sarif @@ -29,7 +29,7 @@ jobs: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 + uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1 with: sarif_file: results.sarif category: zizmor