From 2ce4584307d825534bf91e8b76b6720e2a728d6d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 25 May 2026 23:58:56 +0000 Subject: [PATCH] deps(actions): bump the actions-all group across 1 directory with 8 updates Bumps the actions-all group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | `6.1.0` | `6.1.1` | | [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.76.0` | `2.79.7` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `6.0.0` | `6.0.1` | | [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) | `4.0.0` | `4.0.1` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `4.0.0` | `4.1.0` | | [peaceiris/actions-gh-pages](https://github.com/peaceiris/actions-gh-pages) | `4.0.0` | `4.1.0` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `4.1.1` | `4.1.2` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.35.3` | `4.36.0` | Updates `aws-actions/configure-aws-credentials` from 6.1.0 to 6.1.1 - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws-actions/configure-aws-credentials/compare/ec61189d14ec14c8efccab744f656cffd0e33f37...d979d5b3a71173a29b74b5b88418bfda9437d885) Updates `taiki-e/install-action` from 2.76.0 to 2.79.7 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/711e1c3275189d76dcc4d34ddea63bf96ac49090...d9be7d8cda89035c9c843f78bd44d4f72d8403d4) Updates `codecov/codecov-action` from 6.0.0 to 6.0.1 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/57e3a136b779b570ffcdbf80b3bdc90e7fab3de2...e79a6962e0d4c0c17b229090214935d2e33f8354) Updates `hashicorp/setup-terraform` from 4.0.0 to 4.0.1 - [Release notes](https://github.com/hashicorp/setup-terraform/releases) - [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md) - [Commits](https://github.com/hashicorp/setup-terraform/compare/5e8dbf3c6d9deaf4193ca7a8fb23f2ac83bb6c85...dfe3c3f87815947d99a8997f908cb6525fc44e9e) Updates `docker/setup-buildx-action` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd...d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5) Updates `peaceiris/actions-gh-pages` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/peaceiris/actions-gh-pages/releases) - [Changelog](https://github.com/peaceiris/actions-gh-pages/blob/main/CHANGELOG.md) - [Commits](https://github.com/peaceiris/actions-gh-pages/compare/4f9cc6602d3f66b9c108549d475ec49e8ef4d45e...84c30a85c19949d7eee79c4ff27748b70285e453) Updates `sigstore/cosign-installer` from 4.1.1 to 4.1.2 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003...6f9f17788090df1f26f669e9d70d6ae9567deba6) Updates `github/codeql-action` from 4.35.3 to 4.36.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/e46ed2cbd01164d986452f91f178727624ae40d7...7211b7c8077ea37d8641b6271f6a365a22a5fbfa) --- updated-dependencies: - dependency-name: aws-actions/configure-aws-credentials dependency-version: 6.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-all - dependency-name: taiki-e/install-action dependency-version: 2.79.7 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-all - dependency-name: codecov/codecov-action dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-all - dependency-name: hashicorp/setup-terraform dependency-version: 4.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-all - dependency-name: docker/setup-buildx-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-all - dependency-name: peaceiris/actions-gh-pages dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-all - dependency-name: sigstore/cosign-installer dependency-version: 4.1.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-all - dependency-name: github/codeql-action dependency-version: 4.36.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-all ... Signed-off-by: dependabot[bot] --- .github/workflows/aws-platform-tests.yml | 2 +- .github/workflows/build-arm64-ami.yml | 2 +- .github/workflows/ci.yml | 4 ++-- .github/workflows/fleet-test.yml | 4 ++-- .github/workflows/fuzz.yml | 2 +- .github/workflows/integration-arm64-aws.yml | 4 ++-- .github/workflows/integration-multiarch.yml | 4 ++-- .github/workflows/platform-tests.yml | 4 ++-- .github/workflows/publish-repo.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/security.yml | 4 ++-- 11 files changed, 17 insertions(+), 17 deletions(-) diff --git a/.github/workflows/aws-platform-tests.yml b/.github/workflows/aws-platform-tests.yml index d6f99d6..6094ffb 100644 --- a/.github/workflows/aws-platform-tests.yml +++ b/.github/workflows/aws-platform-tests.yml @@ -167,7 +167,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Configure AWS credentials (OIDC) - uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 + uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} aws-region: ${{ env.AWS_REGION }} diff --git a/.github/workflows/build-arm64-ami.yml b/.github/workflows/build-arm64-ami.yml index 87fcfc3..f984c9f 100644 --- a/.github/workflows/build-arm64-ami.yml +++ b/.github/workflows/build-arm64-ami.yml @@ -42,7 +42,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Configure AWS credentials (OIDC) - uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 + uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} aws-region: ${{ env.AWS_REGION }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 26e36f8..152be41 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -624,7 +624,7 @@ jobs: sudo apt-get install -y libpam0g-dev libssl-dev pkg-config libdbus-1-dev libtss2-dev - name: Install cargo-llvm-cov - uses: taiki-e/install-action@711e1c3275189d76dcc4d34ddea63bf96ac49090 # v2.76.0 + uses: taiki-e/install-action@d9be7d8cda89035c9c843f78bd44d4f72d8403d4 # v2.79.7 with: tool: cargo-llvm-cov @@ -650,7 +650,7 @@ jobs: } - name: Upload coverage to Codecov - uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0 + uses: codecov/codecov-action@e79a6962e0d4c0c17b229090214935d2e33f8354 # v6.0.1 with: files: lcov.info fail_ci_if_error: false diff --git a/.github/workflows/fleet-test.yml b/.github/workflows/fleet-test.yml index 82b4f83..f187f2e 100644 --- a/.github/workflows/fleet-test.yml +++ b/.github/workflows/fleet-test.yml @@ -77,7 +77,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Setup Terraform - uses: hashicorp/setup-terraform@5e8dbf3c6d9deaf4193ca7a8fb23f2ac83bb6c85 # v4.0.0 + uses: hashicorp/setup-terraform@dfe3c3f87815947d99a8997f908cb6525fc44e9e # v4.0.1 with: terraform_version: "1.7.5" @@ -104,7 +104,7 @@ jobs: # ----------------------------------------------------------------------- - name: Configure AWS credentials (OIDC) if: inputs.cloud == 'aws' - uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 + uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} aws-region: ${{ env.AWS_REGION }} diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml index 4af7d8b..2208844 100644 --- a/.github/workflows/fuzz.yml +++ b/.github/workflows/fuzz.yml @@ -54,7 +54,7 @@ jobs: # Avoids `cargo install cargo-fuzz --locked` pinning to rustix 0.36.5 # which fails to compile on current Rust toolchains. taiki-e fetches a # prebuilt binary, sidestepping the from-source rebuild. - uses: taiki-e/install-action@711e1c3275189d76dcc4d34ddea63bf96ac49090 # v2.76.0 + uses: taiki-e/install-action@d9be7d8cda89035c9c843f78bd44d4f72d8403d4 # v2.79.7 with: tool: cargo-fuzz diff --git a/.github/workflows/integration-arm64-aws.yml b/.github/workflows/integration-arm64-aws.yml index ac1a963..cce2027 100644 --- a/.github/workflows/integration-arm64-aws.yml +++ b/.github/workflows/integration-arm64-aws.yml @@ -33,7 +33,7 @@ jobs: steps: - name: Configure AWS credentials (OIDC) - uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 + uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} aws-region: ${{ env.AWS_REGION }} @@ -94,7 +94,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Configure AWS credentials (OIDC) - uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 + uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} aws-region: ${{ env.AWS_REGION }} diff --git a/.github/workflows/integration-multiarch.yml b/.github/workflows/integration-multiarch.yml index fe97eee..9f9053c 100644 --- a/.github/workflows/integration-multiarch.yml +++ b/.github/workflows/integration-multiarch.yml @@ -40,7 +40,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 + uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0 - name: Build test containers (amd64) run: | @@ -104,7 +104,7 @@ jobs: platforms: arm64 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 + uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0 - name: Build test containers (arm64) run: | diff --git a/.github/workflows/platform-tests.yml b/.github/workflows/platform-tests.yml index 81a81e7..1633af0 100644 --- a/.github/workflows/platform-tests.yml +++ b/.github/workflows/platform-tests.yml @@ -214,7 +214,7 @@ jobs: path: artifacts/ - name: Configure AWS credentials (OIDC) - uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 + uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} aws-region: ${{ env.AWS_REGION }} @@ -480,7 +480,7 @@ jobs: path: artifacts/ - name: Configure AWS credentials (OIDC) - uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 + uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} aws-region: ${{ env.AWS_REGION }} diff --git a/.github/workflows/publish-repo.yml b/.github/workflows/publish-repo.yml index ba4c29f..fc78ecd 100644 --- a/.github/workflows/publish-repo.yml +++ b/.github/workflows/publish-repo.yml @@ -173,7 +173,7 @@ jobs: cp packaging/repo/prmana-public.asc stage/gpg/prmana.asc - name: Deploy to gh-pages - uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4 + uses: peaceiris/actions-gh-pages@84c30a85c19949d7eee79c4ff27748b70285e453 # v4.1.0 with: github_token: ${{ secrets.GITHUB_TOKEN }} publish_dir: stage diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 71e353c..cb0a46d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -384,7 +384,7 @@ jobs: cat SHA256SUMS - name: Install Cosign - uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1 + uses: sigstore/cosign-installer@6f9f17788090df1f26f669e9d70d6ae9567deba6 # v4.1.2 - name: Sign release artifacts working-directory: release-files diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 1f7cbac..466da09 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -59,7 +59,7 @@ jobs: - name: Upload Snyk results to GitHub Security tab if: steps.check-token.outputs.skip != 'true' - uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 # v4 + uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4 with: sarif_file: snyk.sarif @@ -177,7 +177,7 @@ jobs: publish_results: true - name: Upload Scorecard results to GitHub Security tab - uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 # v4 + uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4 if: always() with: sarif_file: scorecard-results.sarif