From dd48abaf976d0c342612683e1481c730b7ec92a6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 27 May 2026 06:50:30 +0000 Subject: [PATCH] chore(deps): bump the github-actions group across 1 directory with 8 updates Bumps the github-actions group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/setup-python](https://github.com/actions/setup-python) | `5.6.0` | `6.2.0` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `a9c7b0f06e461e9d4b4d1711f154ee024b8d7ab8` | `ed142fd0673e97e23eac54620cfb913e5ce36c25` | | [github/codeql-action](https://github.com/github/codeql-action) | `dc73d59c2d7bd4f8194098a91219eeee6d8a1719` | `7211b7c8077ea37d8641b6271f6a365a22a5fbfa` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.12.0` | `4.1.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `5.4.0` | `7.2.0` | | [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) | `3.1.2` | `4.0.1` | | [terraform-linters/setup-tflint](https://github.com/terraform-linters/setup-tflint) | `6e87008f9dd1fe3e34e66aca6c97b4a69f72a7f4` | `90f302c255ef959cbfb4bd10581afecdb7ece3e6` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `99c09fe975337306107572b4fdf4db224cf8e2f2` | `4eaacf0543bb3f2c246792bd56e8cdeffafb205a` | Updates `actions/setup-python` from 5.6.0 to 6.2.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/a26af69be951a213d495a4c3e4e4022e16d87065...a309ff8b426b58ec0e2a45f0f869d46889d02405) Updates `aquasecurity/trivy-action` from a9c7b0f06e461e9d4b4d1711f154ee024b8d7ab8 to ed142fd0673e97e23eac54620cfb913e5ce36c25 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/a9c7b0f06e461e9d4b4d1711f154ee024b8d7ab8...ed142fd0673e97e23eac54620cfb913e5ce36c25) Updates `github/codeql-action` from dc73d59c2d7bd4f8194098a91219eeee6d8a1719 to 7211b7c8077ea37d8641b6271f6a365a22a5fbfa - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/dc73d59c2d7bd4f8194098a91219eeee6d8a1719...7211b7c8077ea37d8641b6271f6a365a22a5fbfa) Updates `docker/setup-buildx-action` from 3.12.0 to 4.1.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/8d2750c68a42422c14e847fe6c8ac0403b4cbd6f...d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5) Updates `docker/build-push-action` from 5.4.0 to 7.2.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/ca052bb54ab0790a636c9b5f226502c73d547a25...f9f3042f7e2789586610d6e8b85c8f03e5195baf) Updates `hashicorp/setup-terraform` from 3.1.2 to 4.0.1 - [Release notes](https://github.com/hashicorp/setup-terraform/releases) - [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md) - [Commits](https://github.com/hashicorp/setup-terraform/compare/b9cd54a3c349d3f38e8881555d616ced269862dd...dfe3c3f87815947d99a8997f908cb6525fc44e9e) Updates `terraform-linters/setup-tflint` from 6e87008f9dd1fe3e34e66aca6c97b4a69f72a7f4 to 90f302c255ef959cbfb4bd10581afecdb7ece3e6 - [Release notes](https://github.com/terraform-linters/setup-tflint/releases) - [Commits](https://github.com/terraform-linters/setup-tflint/compare/6e87008f9dd1fe3e34e66aca6c97b4a69f72a7f4...90f302c255ef959cbfb4bd10581afecdb7ece3e6) Updates `ossf/scorecard-action` from 99c09fe975337306107572b4fdf4db224cf8e2f2 to 4eaacf0543bb3f2c246792bd56e8cdeffafb205a - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/99c09fe975337306107572b4fdf4db224cf8e2f2...4eaacf0543bb3f2c246792bd56e8cdeffafb205a) --- updated-dependencies: - dependency-name: actions/setup-python dependency-version: 6.2.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: aquasecurity/trivy-action dependency-version: ed142fd0673e97e23eac54620cfb913e5ce36c25 dependency-type: direct:production dependency-group: github-actions - dependency-name: docker/build-push-action dependency-version: 7.2.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 7211b7c8077ea37d8641b6271f6a365a22a5fbfa dependency-type: direct:production dependency-group: github-actions - dependency-name: hashicorp/setup-terraform dependency-version: 4.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: ossf/scorecard-action dependency-version: 4eaacf0543bb3f2c246792bd56e8cdeffafb205a dependency-type: direct:production dependency-group: github-actions - dependency-name: terraform-linters/setup-tflint dependency-version: 90f302c255ef959cbfb4bd10581afecdb7ece3e6 dependency-type: direct:production dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 18 +++++++++--------- .github/workflows/codeql.yml | 6 +++--- .github/workflows/infra-validate.yml | 4 ++-- .github/workflows/scorecard.yml | 4 ++-- 4 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index dc25a3e..72d8ce4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -26,7 +26,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.0 - name: Set up Python - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.12" @@ -63,7 +63,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.0 - name: Set up Python - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.12" @@ -108,7 +108,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.0 - name: Set up Python - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.12" @@ -124,7 +124,7 @@ jobs: continue-on-error: true - name: Run Trivy filesystem scan - uses: aquasecurity/trivy-action@a9c7b0f06e461e9d4b4d1711f154ee024b8d7ab8 # v0.36.0 + uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0 with: scan-type: "fs" scan-ref: "." @@ -133,7 +133,7 @@ jobs: severity: "CRITICAL,HIGH" - name: Upload Trivy results to GitHub Security - uses: github/codeql-action/upload-sarif@dc73d59c2d7bd4f8194098a91219eeee6d8a1719 # v4.32.7 + uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.32.7 if: always() && hashFiles('trivy-results.sarif') != '' with: sarif_file: "trivy-results.sarif" @@ -152,7 +152,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.4.0 + uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v3.4.0 - name: Log in to Container Registry if: github.event_name == 'push' && github.ref == 'refs/heads/main' @@ -163,7 +163,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Build API image - uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 + uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0 with: context: ./apps/api target: production @@ -175,7 +175,7 @@ jobs: cache-to: type=gha,mode=max - name: Build Web image - uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 + uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf # v7.2.0 with: context: ./apps/web target: production @@ -188,7 +188,7 @@ jobs: - name: Scan API image with Trivy if: github.event_name == 'push' && github.ref == 'refs/heads/main' - uses: aquasecurity/trivy-action@a9c7b0f06e461e9d4b4d1711f154ee024b8d7ab8 # v0.36.0 + uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0 with: image-ref: "${{ env.REGISTRY }}/${{ env.IMAGE_PREFIX }}/api:${{ github.sha }}" format: "table" diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f4ccead..4988e1a 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -28,14 +28,14 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.0 - name: Initialize CodeQL - uses: github/codeql-action/init@dc73d59c2d7bd4f8194098a91219eeee6d8a1719 # v4.32.7 + uses: github/codeql-action/init@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.32.7 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@dc73d59c2d7bd4f8194098a91219eeee6d8a1719 # v4.32.7 + uses: github/codeql-action/autobuild@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.32.7 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@dc73d59c2d7bd4f8194098a91219eeee6d8a1719 # v4.32.7 + uses: github/codeql-action/analyze@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.32.7 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/infra-validate.yml b/.github/workflows/infra-validate.yml index 8a82b94..81c7683 100644 --- a/.github/workflows/infra-validate.yml +++ b/.github/workflows/infra-validate.yml @@ -28,7 +28,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.0 - name: Set up Terraform - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2 + uses: hashicorp/setup-terraform@dfe3c3f87815947d99a8997f908cb6525fc44e9e # v4.0.1 with: terraform_version: 1.9.0 terraform_wrapper: false @@ -57,7 +57,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.0 - name: Set up TFLint - uses: terraform-linters/setup-tflint@6e87008f9dd1fe3e34e66aca6c97b4a69f72a7f4 # v4.0.0 + uses: terraform-linters/setup-tflint@90f302c255ef959cbfb4bd10581afecdb7ece3e6 # v4.0.0 with: tflint_version: latest diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 517878b..4fa26d3 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -22,7 +22,7 @@ jobs: persist-credentials: false - name: Run OpenSSF Scorecard - uses: ossf/scorecard-action@99c09fe975337306107572b4fdf4db224cf8e2f2 # v2.4.3 + uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3 with: results_file: results.sarif results_format: sarif @@ -32,6 +32,6 @@ jobs: publish_results: false - name: Upload Scorecard results - uses: github/codeql-action/upload-sarif@dc73d59c2d7bd4f8194098a91219eeee6d8a1719 # v4.32.7 + uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.32.7 with: sarif_file: results.sarif