From f795a5516f341bf6b9780ded5c7085476d9be5e3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 27 Mar 2026 04:17:59 +0000 Subject: [PATCH] build(deps): bump the github-actions group across 1 directory with 5 updates Bumps the github-actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.14.0` | `2.16.0` | | [actions/checkout](https://github.com/actions/checkout) | `6.0.1` | `6.0.2` | | [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.3.0` | `0.5.2` | | [oxsecurity/megalinter](https://github.com/oxsecurity/megalinter) | `9.2.0` | `9.4.0` | | [actions/cache](https://github.com/actions/cache) | `5.0.1` | `5.0.4` | Updates `step-security/harden-runner` from 2.14.0 to 2.16.0 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/20cf305ff2072d973412fa9b1e3a4f227bda3c76...fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594) Updates `actions/checkout` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8e8c483db84b4bee98b60c0593521ed34d9990e8...de0fac2e4500dabe0009e67214ff5f5447ce83dd) Updates `zizmorcore/zizmor-action` from 0.3.0 to 0.5.2 - [Release notes](https://github.com/zizmorcore/zizmor-action/releases) - [Commits](https://github.com/zizmorcore/zizmor-action/compare/e639db99335bc9038abc0e066dfcd72e23d26fb4...71321a20a9ded102f6e9ce5718a2fcec2c4f70d8) Updates `oxsecurity/megalinter` from 9.2.0 to 9.4.0 - [Release notes](https://github.com/oxsecurity/megalinter/releases) - [Changelog](https://github.com/oxsecurity/megalinter/blob/main/CHANGELOG.md) - [Commits](https://github.com/oxsecurity/megalinter/compare/55a59b24a441e0e1943080d4a512d827710d4a9d...8fbdead70d1409964ab3d5afa885e18ee85388bb) Updates `actions/cache` from 5.0.1 to 5.0.4 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/9255dc7a253b0ccc959486e2bca901246202afeb...668228422ae6a00e4ad889ee87cd7109ec5666a7) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: zizmorcore/zizmor-action dependency-version: 0.5.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: oxsecurity/megalinter dependency-version: 9.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/cache dependency-version: 5.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/flex-build-push.yml | 4 ++-- .github/workflows/linting-formatting.yml | 8 ++++---- .github/workflows/pr-conventional-title.yml | 2 +- .github/workflows/release-build.yml | 10 +++++----- .github/workflows/release-please.yml | 2 +- .github/workflows/wc-continuous-integration.yml | 6 +++--- 6 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/flex-build-push.yml b/.github/workflows/flex-build-push.yml index dacbe01..9fb7b30 100644 --- a/.github/workflows/flex-build-push.yml +++ b/.github/workflows/flex-build-push.yml @@ -22,7 +22,7 @@ jobs: packages: write pull-requests: write steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo: true egress-policy: audit @@ -46,7 +46,7 @@ jobs: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false submodules: true diff --git a/.github/workflows/linting-formatting.yml b/.github/workflows/linting-formatting.yml index e9f3ac0..21680e8 100644 --- a/.github/workflows/linting-formatting.yml +++ b/.github/workflows/linting-formatting.yml @@ -23,16 +23,16 @@ jobs: pull-requests: write security-events: write steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo: true egress-policy: audit - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 persist-credentials: false - - uses: zizmorcore/zizmor-action@e639db99335bc9038abc0e066dfcd72e23d26fb4 # v0.3.0 - - uses: oxsecurity/megalinter/flavors/documentation@55a59b24a441e0e1943080d4a512d827710d4a9d # v9.2.0 + - uses: zizmorcore/zizmor-action@71321a20a9ded102f6e9ce5718a2fcec2c4f70d8 # v0.5.2 + - uses: oxsecurity/megalinter/flavors/documentation@8fbdead70d1409964ab3d5afa885e18ee85388bb # v9.4.0 env: APPLY_FIXES: all VALIDATE_ALL_CODEBASE: true diff --git a/.github/workflows/pr-conventional-title.yml b/.github/workflows/pr-conventional-title.yml index 01a780d..fabbe3f 100644 --- a/.github/workflows/pr-conventional-title.yml +++ b/.github/workflows/pr-conventional-title.yml @@ -16,7 +16,7 @@ jobs: permissions: pull-requests: write steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo-and-containers: true egress-policy: audit diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml index b3a35bf..e7a4824 100644 --- a/.github/workflows/release-build.yml +++ b/.github/workflows/release-build.yml @@ -38,11 +38,11 @@ jobs: # currently provide a more fine-grained permission for release modification. contents: write # is needed to modify a release steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo-and-containers: true egress-policy: audit - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Amend release description @@ -73,7 +73,7 @@ jobs: REF_NAME: ${{ github.ref_name }} REGISTRY: ghcr.io steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo-and-containers: true egress-policy: audit @@ -106,7 +106,7 @@ jobs: contents: write # is needed to modify a release needs: [build] steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo: true egress-policy: audit @@ -132,7 +132,7 @@ jobs: permissions: pull-requests: write # is needed by rdlf0/comment-released-prs-action to post comments on PRs steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo-and-containers: true egress-policy: audit diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 2044fe7..e274d4f 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -18,7 +18,7 @@ jobs: name: Create Release runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo-and-containers: true egress-policy: audit diff --git a/.github/workflows/wc-continuous-integration.yml b/.github/workflows/wc-continuous-integration.yml index 3eee401..5c60828 100644 --- a/.github/workflows/wc-continuous-integration.yml +++ b/.github/workflows/wc-continuous-integration.yml @@ -21,11 +21,11 @@ jobs: runs-on: [ubuntu-latest] container: ghcr.io/philips-software/amp-devcontainer-cpp:v6.0.2@sha256:36afaaa5ba4bc4e9bb471012db9733c26a210e315ddb33600f73bb9532b02a25 # 6.0.2 steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0 with: disable-sudo-and-containers: true egress-policy: audit - - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 if: ${{ inputs.target == 'windows' }} id: cache-winsdk with: @@ -33,7 +33,7 @@ jobs: key: cache-winsdk - if: ${{ inputs.target == 'windows' && steps.cache-winsdk.outputs.cache-hit != 'true' }} run: xwin --accept-license --sdk-version "10.0.26100" --crt-version "14.43.17.13" splat --preserve-ms-arch-notation --include-debug-libs && mv .xwin-cache/splat/ /winsdk - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false submodules: true