monta-app · morten-andersen · Mar 17, 2026 · Mar 17, 2026
diff --git a/.github/actions/argocd-wait-sync/README.md b/.github/actions/argocd-wait-sync/README.md
@@ -126,7 +126,7 @@ jobs:
 
       - name: Comment on PR with deployment info
         if: github.event_name == 'pull_request'
-        uses: actions/github-script@v7
+        uses: actions/github-script@v8
         with:
           script: |
             github.rest.issues.createComment({

diff --git a/.github/actions/gradle-multi-module/README.md b/.github/actions/gradle-multi-module/README.md
@@ -51,7 +51,7 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Setup Java
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           java-version: '17'
           distribution: 'temurin'

diff --git a/.github/workflows/code-coverage-kotlin.yml b/.github/workflows/code-coverage-kotlin.yml
@@ -107,7 +107,7 @@ jobs:
           fi
           echo "✓ service-name '${{ inputs.service-name }}' is valid"
       - name: Set up JDK
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           java-version: ${{ inputs.java-version }}
           distribution: "corretto"

diff --git a/.github/workflows/component-build.yml b/.github/workflows/component-build.yml
@@ -144,7 +144,7 @@ jobs:
         with:
           ref: ${{ inputs.git-sha || github.sha }}
       - name: Configure AWS credentials via assumed role
-        uses: aws-actions/configure-aws-credentials@v4
+        uses: aws-actions/configure-aws-credentials@v6
         with:
           role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/ecr-put-image
           role-session-name: push-new-image-to-${{ inputs.service-identifier }}-${{inputs.stage}}
@@ -154,15 +154,15 @@ jobs:
         uses: aws-actions/amazon-ecr-login@v2
       - name: Docker meta
         id: meta
-        uses: docker/metadata-action@v5
+        uses: docker/metadata-action@v6
         with:
           images: ${{ steps.login-ecr.outputs.registry }}/${{ inputs.ecr-repository-name || format('{0}-{1}', inputs.service-identifier, inputs.stage) }}
           tags: |
             type=raw,value=${{ inputs.git-sha || github.sha }},suffix=-${{ matrix.arch }}
             type=raw,value=latest,suffix=-${{ matrix.arch }}
       - name: Build and push
         id: build
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@v7
         env:
           BUILDX_NO_DEFAULT_ATTESTATIONS: 1
         with:
@@ -201,7 +201,7 @@ jobs:
       image-tag: ${{ inputs.git-sha || github.sha }}
     steps:
       - name: Configure AWS credentials via assumed role
-        uses: aws-actions/configure-aws-credentials@v4
+        uses: aws-actions/configure-aws-credentials@v6
         with:
           role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/ecr-put-image
           role-session-name: create-manifest-${{ inputs.service-identifier }}-${{inputs.stage}}

diff --git a/.github/workflows/component-service-profile-kotlin.yml b/.github/workflows/component-service-profile-kotlin.yml
@@ -43,7 +43,7 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v6
       - name: Set up JDK
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           distribution: "corretto"
           java-version: ${{ inputs.java-version }}

diff --git a/.github/workflows/component-test-kotlin.yml b/.github/workflows/component-test-kotlin.yml
@@ -74,7 +74,7 @@ jobs:
       - name: Checkout
         uses: actions/checkout@v6
       - name: Set up JDK
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           distribution: "corretto"
           java-version: ${{ inputs.java-version }}

diff --git a/.github/workflows/component-test-python.yml b/.github/workflows/component-test-python.yml
@@ -85,7 +85,7 @@ jobs:
           echo "${{ secrets.TEST_ENV_FILE }}" > .env
           echo "Created .env file with $(wc -l < .env) lines"
       - name: Set up Python ${{ inputs.python-version }}
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: ${{ inputs.python-version }}
       - name: Install uv

diff --git a/.github/workflows/publish-tech-docs.yml b/.github/workflows/publish-tech-docs.yml
@@ -28,8 +28,8 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v6
 
-      - uses: actions/setup-node@v4
-      - uses: actions/setup-python@v5
+      - uses: actions/setup-node@v6
+      - uses: actions/setup-python@v6
         with:
           python-version: '3.14'
 

diff --git a/.github/workflows/pull-request-kotlin.yml b/.github/workflows/pull-request-kotlin.yml
@@ -80,13 +80,13 @@ jobs:
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0
       - name: Set up JDK
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           distribution: corretto
           java-version: ${{ inputs.java-version }}
           cache: 'gradle'
       - name: Cache SonarCloud packages
-        uses: actions/cache@v4
+        uses: actions/cache@v5
         if: ${{ !inputs.skip-sonar }}
         with:
           path: ~/.sonar/cache

diff --git a/.github/workflows/pull-request-react.yml b/.github/workflows/pull-request-react.yml
@@ -85,7 +85,7 @@ jobs:
           version: ${{ inputs.pnpm-version || null }}
           run_install: false
       - name: Setup Node.js
-        uses: actions/setup-node@v4
+        uses: actions/setup-node@v6
         with:
           node-version: ${{ inputs.node-version }}
           cache: pnpm

diff --git a/.github/workflows/semgrep-security-scan.yml b/.github/workflows/semgrep-security-scan.yml
@@ -33,7 +33,7 @@ jobs:
           fetch-depth: 0
 
       - name: Set up Python
-        uses: actions/setup-python@v5
+        uses: actions/setup-python@v6
         with:
           python-version: '3.14'
 
@@ -160,7 +160,7 @@ jobs:
       # github.event_name will not be 'pull_request' and this step will be skipped.
       - name: Post PR Comment
         if: steps.evaluate.outputs.total > 0 && github.event_name == 'pull_request' && always()
-        uses: actions/github-script@v7
+        uses: actions/github-script@v8
         with:
           script: |
             const fs = require('fs');

diff --git a/.github/workflows/sonar-cloud.yml b/.github/workflows/sonar-cloud.yml
@@ -59,13 +59,13 @@ jobs:
           # Shallow clones should be disabled for a better relevancy of analysis
           fetch-depth: 0
       - name: Set up JDK
-        uses: actions/setup-java@v4
+        uses: actions/setup-java@v5
         with:
           distribution: corretto
           java-version: ${{ inputs.java-version }}
           cache: 'gradle'
       - name: Cache SonarCloud packages
-        uses: actions/cache@v4
+        uses: actions/cache@v5
         with:
           path: ~/.sonar/cache
           key: ${{ runner.os }}-sonar