chore(deps): bump the github-actions group with 6 updates (#39)

dependabot[bot] · web-flow · commit b5da71cf0903 · 2026-03-16T14:32:51.000Z
Bumps the github-actions group with 6 updates: | Package | From | To | | --- | --- | --- | | [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.68.25` | `2.68.34` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.32.6` | `4.33.0` | | [github/gh-aw](https://github.com/github/gh-aw) | `0.56.2` | `0.58.3` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `8.0.0` | `8.0.1` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.5.0` | `2.6.1` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `4.0.0` | `4.1.0` | Updates `taiki-e/install-action` from 2.68.25 to 2.68.34 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](taiki-e/install-action@a37010d...de6bbd1) Updates `github/codeql-action` from 4.32.6 to 4.33.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@0d579ff...b1bff81) Updates `github/gh-aw` from 0.56.2 to 0.58.3 - [Release notes](https://github.com/github/gh-aw/releases) - [Changelog](https://github.com/github/gh-aw/blob/main/CHANGELOG.md) - [Commits](github/gh-aw@f1073c5...08a903b) Updates `actions/download-artifact` from 8.0.0 to 8.0.1 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@70fc10c...3e5f45b) Updates `softprops/action-gh-release` from 2.5.0 to 2.6.1 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](softprops/action-gh-release@a06a81a...153bb8e) Updates `sigstore/cosign-installer` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@faadad0...ba7bc0a) --- updated-dependencies: - dependency-name: taiki-e/install-action dependency-version: 2.68.34 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.33.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/gh-aw dependency-version: 0.58.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: softprops/action-gh-release dependency-version: 2.6.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: sigstore/cosign-installer dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/ci-checks.yml b/.github/workflows/ci-checks.yml
@@ -170,7 +170,7 @@ jobs:
       - name: Install cargo-deny
         # v2.67.25
         uses: >-
-          taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b
+          taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3
         with:
           tool: cargo-deny
 
diff --git a/.github/workflows/ci-coverage.yml b/.github/workflows/ci-coverage.yml
@@ -33,7 +33,7 @@ jobs:
       - name: Install cargo-llvm-cov
         # v2.67.25
         uses: >-
-          taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b
+          taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3
         with:
           tool: cargo-llvm-cov@0.6.14
 
diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml
@@ -26,7 +26,7 @@ jobs:
 
       - name: Install analysis tools
         # v2.67.18
-        uses: taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b
+        uses: taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3
         with:
           tool: cargo-geiger,cargo-bloat
 
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -30,13 +30,13 @@ jobs:
 
       - name: Initialize CodeQL
         # yamllint disable-line rule:line-length
-        uses: github/codeql-action/init@0d579ffd059c29b07949a3cce3983f0780820c98  # v4.32.6
+        uses: github/codeql-action/init@b1bff81932f5cdfc8695c7752dcee935dcd061c8  # v4.33.0
         with:
           languages: rust
           build-mode: none
 
       - name: Perform CodeQL analysis
         # yamllint disable-line rule:line-length
-        uses: github/codeql-action/analyze@0d579ffd059c29b07949a3cce3983f0780820c98  # v4.32.6
+        uses: github/codeql-action/analyze@b1bff81932f5cdfc8695c7752dcee935dcd061c8  # v4.33.0
         with:
           category: "/language:rust"
diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml
@@ -33,7 +33,7 @@ jobs:
 
       - name: Install cargo-deny
         # v2.67.25
-        uses: taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b
+        uses: taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3
         with:
           tool: cargo-deny
 
diff --git a/.github/workflows/daily-docs-review.lock.yml b/.github/workflows/daily-docs-review.lock.yml
diff --git a/.github/workflows/docs-freshness.lock.yml b/.github/workflows/docs-freshness.lock.yml
diff --git a/.github/workflows/fuzz-testing.yml b/.github/workflows/fuzz-testing.yml
@@ -34,7 +34,7 @@ jobs:
           toolchain: nightly
 
       - name: Install cargo-fuzz
-        uses: taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b # v2.68.25
+        uses: taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3 # v2.68.34
         with:
           tool: cargo-fuzz@0.12.0
 
diff --git a/.github/workflows/mutation-testing.yml b/.github/workflows/mutation-testing.yml
@@ -52,7 +52,7 @@ jobs:
           key: ${{ runner.os }}-target-mutation-${{ hashFiles('**/Cargo.lock') }}
 
       - name: Install cargo-mutants
-        uses: taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b # v2.68.25
+        uses: taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3 # v2.68.34
         with:
           tool: cargo-mutants@24.11.0
 
diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml
@@ -38,7 +38,7 @@ jobs:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Create nightly release
-        uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.2.0
+        uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.2.0
         with:
           tag_name: nightly
           name: Nightly Build
diff --git a/.github/workflows/release-create.yml b/.github/workflows/release-create.yml
@@ -54,7 +54,7 @@ jobs:
         id: create_release
         # v2.0.3
         uses: >-
-          softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b
+          softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe
         with:
           tag_name: ${{ inputs.tag }}
           name: >-
diff --git a/.github/workflows/release-packages.yml b/.github/workflows/release-packages.yml
@@ -207,7 +207,7 @@ jobs:
       - name: Install cargo-deb
         # v2.67.25
         uses: >-
-          taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b
+          taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3
         with:
           tool: cargo-deb@2.7.0
 
@@ -254,7 +254,7 @@ jobs:
       - name: Install cargo-generate-rpm
         # v2.67.25
         uses: >-
-          taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b
+          taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3
         with:
           tool: cargo-generate-rpm@0.15.1
 
diff --git a/.github/workflows/release-sbom.yml b/.github/workflows/release-sbom.yml
@@ -37,7 +37,7 @@ jobs:
       - name: Install cargo-sbom
         # v2.67.25
         uses: >-
-          taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b
+          taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3
         with:
           tool: cargo-sbom
 
diff --git a/.github/workflows/release-sign.yml b/.github/workflows/release-sign.yml
@@ -27,7 +27,7 @@ jobs:
       - name: Install Cosign
         # v3.7.0
         uses: >-
-          sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad
+          sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22
 
       - name: Download release assets
         env:
diff --git a/.github/workflows/security-audit.yml b/.github/workflows/security-audit.yml
@@ -32,7 +32,7 @@ jobs:
 
       - name: Install cargo-audit
         # v2.67.18
-        uses: taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b
+        uses: taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3
         with:
           tool: cargo-audit
 
