From d9d9e954d5f819a9275e05af021b409c80644d4b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 7 Apr 2026 04:32:47 +0000 Subject: [PATCH] build(deps): bump the github-actions group across 1 directory with 7 updates Bumps the github-actions group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.14.0` | `2.16.1` | | [actions/checkout](https://github.com/actions/checkout) | `6.0.1` | `6.0.2` | | [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.3.0` | `0.5.2` | | [oxsecurity/megalinter](https://github.com/oxsecurity/megalinter) | `9.2.0` | `9.4.0` | | [actions/cache](https://github.com/actions/cache) | `5.0.1` | `5.0.4` | | [hendrikmuhs/ccache-action](https://github.com/hendrikmuhs/ccache-action) | `1.2.20` | `1.2.22` | | [lukka/run-cmake](https://github.com/lukka/run-cmake) | `10.8` | `10.9` | Updates `step-security/harden-runner` from 2.14.0 to 2.16.1 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/20cf305ff2072d973412fa9b1e3a4f227bda3c76...fe104658747b27e96e4f7e80cd0a94068e53901d) Updates `actions/checkout` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8e8c483db84b4bee98b60c0593521ed34d9990e8...de0fac2e4500dabe0009e67214ff5f5447ce83dd) Updates `zizmorcore/zizmor-action` from 0.3.0 to 0.5.2 - [Release notes](https://github.com/zizmorcore/zizmor-action/releases) - [Commits](https://github.com/zizmorcore/zizmor-action/compare/e639db99335bc9038abc0e066dfcd72e23d26fb4...71321a20a9ded102f6e9ce5718a2fcec2c4f70d8) Updates `oxsecurity/megalinter` from 9.2.0 to 9.4.0 - [Release notes](https://github.com/oxsecurity/megalinter/releases) - [Changelog](https://github.com/oxsecurity/megalinter/blob/main/CHANGELOG.md) - [Commits](https://github.com/oxsecurity/megalinter/compare/55a59b24a441e0e1943080d4a512d827710d4a9d...8fbdead70d1409964ab3d5afa885e18ee85388bb) Updates `actions/cache` from 5.0.1 to 5.0.4 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/9255dc7a253b0ccc959486e2bca901246202afeb...668228422ae6a00e4ad889ee87cd7109ec5666a7) Updates `hendrikmuhs/ccache-action` from 1.2.20 to 1.2.22 - [Release notes](https://github.com/hendrikmuhs/ccache-action/releases) - [Commits](https://github.com/hendrikmuhs/ccache-action/compare/5ebbd400eff9e74630f759d94ddd7b6c26299639...33522472633dbd32578e909b315f5ee43ba878ce) Updates `lukka/run-cmake` from 10.8 to 10.9 - [Release notes](https://github.com/lukka/run-cmake/releases) - [Commits](https://github.com/lukka/run-cmake/compare/af1be47fd7c933593f687731bc6fdbee024d3ff4...5d55ea7949e25f69f0ecb516d8d572297e03a956) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.16.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: zizmorcore/zizmor-action dependency-version: 0.5.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: oxsecurity/megalinter dependency-version: 9.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/cache dependency-version: 5.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: hendrikmuhs/ccache-action dependency-version: 1.2.22 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: lukka/run-cmake dependency-version: '10.9' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/flex-build-push.yml | 4 ++-- .github/workflows/linting-formatting.yml | 8 ++++---- .github/workflows/pr-conventional-title.yml | 2 +- .github/workflows/release-build.yml | 10 +++++----- .github/workflows/release-please.yml | 2 +- .github/workflows/wc-continuous-integration.yml | 10 +++++----- 6 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/flex-build-push.yml b/.github/workflows/flex-build-push.yml index dacbe01..0ed087e 100644 --- a/.github/workflows/flex-build-push.yml +++ b/.github/workflows/flex-build-push.yml @@ -22,7 +22,7 @@ jobs: packages: write pull-requests: write steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 with: disable-sudo: true egress-policy: audit @@ -46,7 +46,7 @@ jobs: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false submodules: true diff --git a/.github/workflows/linting-formatting.yml b/.github/workflows/linting-formatting.yml index e9f3ac0..f0b2411 100644 --- a/.github/workflows/linting-formatting.yml +++ b/.github/workflows/linting-formatting.yml @@ -23,16 +23,16 @@ jobs: pull-requests: write security-events: write steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 with: disable-sudo: true egress-policy: audit - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 persist-credentials: false - - uses: zizmorcore/zizmor-action@e639db99335bc9038abc0e066dfcd72e23d26fb4 # v0.3.0 - - uses: oxsecurity/megalinter/flavors/documentation@55a59b24a441e0e1943080d4a512d827710d4a9d # v9.2.0 + - uses: zizmorcore/zizmor-action@71321a20a9ded102f6e9ce5718a2fcec2c4f70d8 # v0.5.2 + - uses: oxsecurity/megalinter/flavors/documentation@8fbdead70d1409964ab3d5afa885e18ee85388bb # v9.4.0 env: APPLY_FIXES: all VALIDATE_ALL_CODEBASE: true diff --git a/.github/workflows/pr-conventional-title.yml b/.github/workflows/pr-conventional-title.yml index 01a780d..2a22afa 100644 --- a/.github/workflows/pr-conventional-title.yml +++ b/.github/workflows/pr-conventional-title.yml @@ -16,7 +16,7 @@ jobs: permissions: pull-requests: write steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 with: disable-sudo-and-containers: true egress-policy: audit diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml index b3a35bf..ce329d5 100644 --- a/.github/workflows/release-build.yml +++ b/.github/workflows/release-build.yml @@ -38,11 +38,11 @@ jobs: # currently provide a more fine-grained permission for release modification. contents: write # is needed to modify a release steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 with: disable-sudo-and-containers: true egress-policy: audit - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: Amend release description @@ -73,7 +73,7 @@ jobs: REF_NAME: ${{ github.ref_name }} REGISTRY: ghcr.io steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 with: disable-sudo-and-containers: true egress-policy: audit @@ -106,7 +106,7 @@ jobs: contents: write # is needed to modify a release needs: [build] steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 with: disable-sudo: true egress-policy: audit @@ -132,7 +132,7 @@ jobs: permissions: pull-requests: write # is needed by rdlf0/comment-released-prs-action to post comments on PRs steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 with: disable-sudo-and-containers: true egress-policy: audit diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 2044fe7..d8e0118 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -18,7 +18,7 @@ jobs: name: Create Release runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 with: disable-sudo-and-containers: true egress-policy: audit diff --git a/.github/workflows/wc-continuous-integration.yml b/.github/workflows/wc-continuous-integration.yml index 3eee401..e3c744f 100644 --- a/.github/workflows/wc-continuous-integration.yml +++ b/.github/workflows/wc-continuous-integration.yml @@ -21,11 +21,11 @@ jobs: runs-on: [ubuntu-latest] container: ghcr.io/philips-software/amp-devcontainer-cpp:v6.0.2@sha256:36afaaa5ba4bc4e9bb471012db9733c26a210e315ddb33600f73bb9532b02a25 # 6.0.2 steps: - - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0 + - uses: step-security/harden-runner@fe104658747b27e96e4f7e80cd0a94068e53901d # v2.16.1 with: disable-sudo-and-containers: true egress-policy: audit - - uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1 + - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 if: ${{ inputs.target == 'windows' }} id: cache-winsdk with: @@ -33,14 +33,14 @@ jobs: key: cache-winsdk - if: ${{ inputs.target == 'windows' && steps.cache-winsdk.outputs.cache-hit != 'true' }} run: xwin --accept-license --sdk-version "10.0.26100" --crt-version "14.43.17.13" splat --preserve-ms-arch-notation --include-debug-libs && mv .xwin-cache/splat/ /winsdk - - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false submodules: true - - uses: hendrikmuhs/ccache-action@5ebbd400eff9e74630f759d94ddd7b6c26299639 # v1.2.20 + - uses: hendrikmuhs/ccache-action@33522472633dbd32578e909b315f5ee43ba878ce # v1.2.22 with: key: ${{ inputs.target}}-${{ inputs.configuration }} - - uses: lukka/run-cmake@af1be47fd7c933593f687731bc6fdbee024d3ff4 # v10.8 + - uses: lukka/run-cmake@5d55ea7949e25f69f0ecb516d8d572297e03a956 # v10.9 with: configurePreset: "${{ inputs.target }}" buildPreset: "${{ inputs.target }}-${{ inputs.configuration }}"