From 682189f278f2fb895cac0252990d176051289863 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 6 Feb 2026 04:19:16 +0000 Subject: [PATCH] build(deps): bump the github-actions group across 1 directory with 5 updates Bumps the github-actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.14.0` | `2.14.1` | | [docker/login-action](https://github.com/docker/login-action) | `3.6.0` | `3.7.0` | | [actions/checkout](https://github.com/actions/checkout) | `6.0.1` | `6.0.2` | | [oxsecurity/megalinter](https://github.com/oxsecurity/megalinter) | `9.2.0` | `9.3.0` | | [actions/cache](https://github.com/actions/cache) | `5.0.1` | `5.0.3` | Updates `step-security/harden-runner` from 2.14.0 to 2.14.1 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/20cf305ff2072d973412fa9b1e3a4f227bda3c76...e3f713f2d8f53843e71c69a996d56f51aa9adfb9) Updates `docker/login-action` from 3.6.0 to 3.7.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/5e57cd118135c172c3672efd75eb46360885c0ef...c94ce9fb468520275223c153574b00df6fe4bcc9) Updates `actions/checkout` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8e8c483db84b4bee98b60c0593521ed34d9990e8...de0fac2e4500dabe0009e67214ff5f5447ce83dd) Updates `oxsecurity/megalinter` from 9.2.0 to 9.3.0 - [Release notes](https://github.com/oxsecurity/megalinter/releases) - [Changelog](https://github.com/oxsecurity/megalinter/blob/main/CHANGELOG.md) - [Commits](https://github.com/oxsecurity/megalinter/compare/55a59b24a441e0e1943080d4a512d827710d4a9d...42bb470545e359597e7f12156947c436e4e3fb9a) Updates `actions/cache` from 5.0.1 to 5.0.3 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/9255dc7a253b0ccc959486e2bca901246202afeb...cdf6c1fa76f9f475f3d7449005a359c84ca0f306) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.14.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: docker/login-action dependency-version: 3.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: oxsecurity/megalinter dependency-version: 9.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/cache dependency-version: 5.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/flex-build-push.yml | 6 +++--- .github/workflows/linting-formatting.yml | 6 +++--- .github/workflows/pr-conventional-title.yml | 2 +- .github/workflows/release-build.yml | 10 +++++----- .github/workflows/release-please.yml | 2 +- .github/workflows/wc-continuous-integration.yml | 6 +++--- 6 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/flex-build-push.yml b/.github/workflows/flex-build-push.yml index dacbe01..efd3984 100644 --- a/.github/workflows/flex-build-push.yml +++ b/.github/workflows/flex-build-push.yml @@ -22,7 +22,7 @@ jobs: packages: write pull-requests: write steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 with: disable-sudo: true egress-policy: audit @@ -41,12 +41,12 @@ jobs: type=semver,pattern={{major}}.{{minor}} type=semver,pattern={{major}} - uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 - - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 + - uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false submodules: true diff --git a/.github/workflows/linting-formatting.yml b/.github/workflows/linting-formatting.yml index e9f3ac0..00f7b00 100644 --- a/.github/workflows/linting-formatting.yml +++ b/.github/workflows/linting-formatting.yml @@ -23,16 +23,16 @@ jobs: pull-requests: write security-events: write steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 with: disable-sudo: true egress-policy: audit - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 persist-credentials: false - uses: zizmorcore/zizmor-action@e639db99335bc9038abc0e066dfcd72e23d26fb4 # v0.3.0 - - uses: oxsecurity/megalinter/flavors/documentation@55a59b24a441e0e1943080d4a512d827710d4a9d # v9.2.0 + - uses: oxsecurity/megalinter/flavors/documentation@42bb470545e359597e7f12156947c436e4e3fb9a # v9.3.0 env: APPLY_FIXES: all VALIDATE_ALL_CODEBASE: true diff --git a/.github/workflows/pr-conventional-title.yml b/.github/workflows/pr-conventional-title.yml index 01a780d..8414156 100644 --- a/.github/workflows/pr-conventional-title.yml +++ b/.github/workflows/pr-conventional-title.yml @@ -16,7 +16,7 @@ jobs: permissions: pull-requests: write steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 with: disable-sudo-and-containers: true egress-policy: audit diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml index b3a35bf..c9f3d24 100644 --- a/.github/workflows/release-build.yml +++ b/.github/workflows/release-build.yml @@ -38,11 +38,11 @@ jobs: # currently provide a more fine-grained permission for release modification. contents: write # is needed to modify a release steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 with: disable-sudo-and-containers: true egress-policy: audit - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Amend release description @@ -73,7 +73,7 @@ jobs: REF_NAME: ${{ github.ref_name }} REGISTRY: ghcr.io steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 with: disable-sudo-and-containers: true egress-policy: audit @@ -106,7 +106,7 @@ jobs: contents: write # is needed to modify a release needs: [build] steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 with: disable-sudo: true egress-policy: audit @@ -132,7 +132,7 @@ jobs: permissions: pull-requests: write # is needed by rdlf0/comment-released-prs-action to post comments on PRs steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 with: disable-sudo-and-containers: true egress-policy: audit diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 2044fe7..a275723 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -18,7 +18,7 @@ jobs: name: Create Release runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 with: disable-sudo-and-containers: true egress-policy: audit diff --git a/.github/workflows/wc-continuous-integration.yml b/.github/workflows/wc-continuous-integration.yml index 3eee401..eee7ed9 100644 --- a/.github/workflows/wc-continuous-integration.yml +++ b/.github/workflows/wc-continuous-integration.yml @@ -21,11 +21,11 @@ jobs: runs-on: [ubuntu-latest] container: ghcr.io/philips-software/amp-devcontainer-cpp:v6.0.2@sha256:36afaaa5ba4bc4e9bb471012db9733c26a210e315ddb33600f73bb9532b02a25 # 6.0.2 steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 with: disable-sudo-and-containers: true egress-policy: audit - - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + - uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 if: ${{ inputs.target == 'windows' }} id: cache-winsdk with: @@ -33,7 +33,7 @@ jobs: key: cache-winsdk - if: ${{ inputs.target == 'windows' && steps.cache-winsdk.outputs.cache-hit != 'true' }} run: xwin --accept-license --sdk-version "10.0.26100" --crt-version "14.43.17.13" splat --preserve-ms-arch-notation --include-debug-libs && mv .xwin-cache/splat/ /winsdk - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false submodules: true