ci: update GitHub Actions to latest versions

appleboy · appleboy · commit cb176af3c039 · 2026-03-29T10:20:47.000+08:00
- Bump actions/checkout from v4 to v6
- Bump astral-sh/setup-uv from v6 to v7
- Bump github/codeql-action/upload-sarif from v3 to v4
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -18,10 +18,10 @@ jobs:
       id-token: write
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Install uv
-        uses: astral-sh/setup-uv@v6
+        uses: astral-sh/setup-uv@v7
 
       - name: Set up Python
         run: uv python install 3.12
diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml
@@ -15,10 +15,10 @@ jobs:
         python-version: ["3.10", "3.11", "3.12", "3.13"]
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Install uv
-        uses: astral-sh/setup-uv@v6
+        uses: astral-sh/setup-uv@v7
 
       - name: Set up Python ${{ matrix.python-version }}
         run: uv python install ${{ matrix.python-version }}
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -16,7 +16,7 @@ jobs:
       security-events: write
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Trivy vulnerability scan
         uses: aquasecurity/trivy-action@0.35.0
@@ -29,7 +29,7 @@ jobs:
           severity: CRITICAL,HIGH
 
       - name: Upload results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         if: always()
         with:
           sarif_file: trivy-results.sarif
