From 11c2b4f8f2fe0bfebcd6408dc3343eaedd7862eb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Mar 2026 14:32:35 +0000 Subject: [PATCH] chore(deps): bump the github-actions group with 6 updates Bumps the github-actions group with 6 updates: | Package | From | To | | --- | --- | --- | | [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.68.25` | `2.68.34` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.32.6` | `4.33.0` | | [github/gh-aw](https://github.com/github/gh-aw) | `0.56.2` | `0.58.3` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `8.0.0` | `8.0.1` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.5.0` | `2.6.1` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `4.0.0` | `4.1.0` | Updates `taiki-e/install-action` from 2.68.25 to 2.68.34 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/a37010ded18ff788be4440302bd6830b1ae50d8b...de6bbd1333b8f331563d54a051e542c7dfef81c3) Updates `github/codeql-action` from 4.32.6 to 4.33.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/0d579ffd059c29b07949a3cce3983f0780820c98...b1bff81932f5cdfc8695c7752dcee935dcd061c8) Updates `github/gh-aw` from 0.56.2 to 0.58.3 - [Release notes](https://github.com/github/gh-aw/releases) - [Changelog](https://github.com/github/gh-aw/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/gh-aw/compare/f1073c5498ee46fec1530555a7c953445417c69b...08a903b1fb2e493a84a57577778fe5dd711f9468) Updates `actions/download-artifact` from 8.0.0 to 8.0.1 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3...3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c) Updates `softprops/action-gh-release` from 2.5.0 to 2.6.1 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/a06a81a03ee405af7f2048a818ed3f03bbf83c7b...153bb8e04406b158c6c84fc1615b65b24149a1fe) Updates `sigstore/cosign-installer` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/faadad0cce49287aee09b3a48701e75088a2c6ad...ba7bc0a3fef59531c69a25acd34668d6d3fe6f22) --- updated-dependencies: - dependency-name: taiki-e/install-action dependency-version: 2.68.34 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.33.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/gh-aw dependency-version: 0.58.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: softprops/action-gh-release dependency-version: 2.6.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: sigstore/cosign-installer dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/ci-checks.yml | 2 +- .github/workflows/ci-coverage.yml | 2 +- .github/workflows/code-quality.yml | 2 +- .github/workflows/codeql-analysis.yml | 4 ++-- .github/workflows/copilot-setup-steps.yml | 2 +- .github/workflows/daily-docs-review.lock.yml | 22 ++++++++++---------- .github/workflows/docs-freshness.lock.yml | 20 +++++++++--------- .github/workflows/fuzz-testing.yml | 2 +- .github/workflows/mutation-testing.yml | 2 +- .github/workflows/nightly.yml | 2 +- .github/workflows/release-create.yml | 2 +- .github/workflows/release-packages.yml | 4 ++-- .github/workflows/release-sbom.yml | 2 +- .github/workflows/release-sign.yml | 2 +- .github/workflows/security-audit.yml | 2 +- 15 files changed, 36 insertions(+), 36 deletions(-) diff --git a/.github/workflows/ci-checks.yml b/.github/workflows/ci-checks.yml index 0252a28..3da2f82 100644 --- a/.github/workflows/ci-checks.yml +++ b/.github/workflows/ci-checks.yml @@ -170,7 +170,7 @@ jobs: - name: Install cargo-deny # v2.67.25 uses: >- - taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b + taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3 with: tool: cargo-deny diff --git a/.github/workflows/ci-coverage.yml b/.github/workflows/ci-coverage.yml index 1e98241..6ba7b93 100644 --- a/.github/workflows/ci-coverage.yml +++ b/.github/workflows/ci-coverage.yml @@ -33,7 +33,7 @@ jobs: - name: Install cargo-llvm-cov # v2.67.25 uses: >- - taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b + taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3 with: tool: cargo-llvm-cov@0.6.14 diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index 42e91a9..77c3431 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -26,7 +26,7 @@ jobs: - name: Install analysis tools # v2.67.18 - uses: taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b + uses: taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3 with: tool: cargo-geiger,cargo-bloat diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index c5e418c..9d7dede 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -30,13 +30,13 @@ jobs: - name: Initialize CodeQL # yamllint disable-line rule:line-length - uses: github/codeql-action/init@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6 + uses: github/codeql-action/init@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0 with: languages: rust build-mode: none - name: Perform CodeQL analysis # yamllint disable-line rule:line-length - uses: github/codeql-action/analyze@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6 + uses: github/codeql-action/analyze@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0 with: category: "/language:rust" diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index d3b22f4..8b681fa 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -33,7 +33,7 @@ jobs: - name: Install cargo-deny # v2.67.25 - uses: taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b + uses: taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3 with: tool: cargo-deny diff --git a/.github/workflows/daily-docs-review.lock.yml b/.github/workflows/daily-docs-review.lock.yml index d6e1537..bada94a 100644 --- a/.github/workflows/daily-docs-review.lock.yml +++ b/.github/workflows/daily-docs-review.lock.yml @@ -49,7 +49,7 @@ jobs: comment_repo: "" steps: - name: Setup Scripts - uses: github/gh-aw/actions/setup@f1073c5498ee46fec1530555a7c953445417c69b # v0.56.2 + uses: github/gh-aw/actions/setup@08a903b1fb2e493a84a57577778fe5dd711f9468 # v0.58.3 with: destination: /opt/gh-aw/actions - name: Validate context variables @@ -252,7 +252,7 @@ jobs: secret_verification_result: ${{ steps.validate-secret.outputs.verification_result }} steps: - name: Setup Scripts - uses: github/gh-aw/actions/setup@f1073c5498ee46fec1530555a7c953445417c69b # v0.56.2 + uses: github/gh-aw/actions/setup@08a903b1fb2e493a84a57577778fe5dd711f9468 # v0.58.3 with: destination: /opt/gh-aw/actions - name: Checkout repository @@ -630,7 +630,7 @@ jobs: const { generateWorkflowOverview } = require('/opt/gh-aw/actions/generate_workflow_overview.cjs'); await generateWorkflowOverview(core); - name: Download prompt artifact - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: prompt path: /tmp/gh-aw/aw-prompts @@ -839,12 +839,12 @@ jobs: total_count: ${{ steps.missing_tool.outputs.total_count }} steps: - name: Setup Scripts - uses: github/gh-aw/actions/setup@f1073c5498ee46fec1530555a7c953445417c69b # v0.56.2 + uses: github/gh-aw/actions/setup@08a903b1fb2e493a84a57577778fe5dd711f9468 # v0.58.3 with: destination: /opt/gh-aw/actions - name: Download agent output artifact continue-on-error: true - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: agent-output path: /tmp/gh-aw/safeoutputs/ @@ -943,18 +943,18 @@ jobs: success: ${{ steps.parse_results.outputs.success }} steps: - name: Setup Scripts - uses: github/gh-aw/actions/setup@f1073c5498ee46fec1530555a7c953445417c69b # v0.56.2 + uses: github/gh-aw/actions/setup@08a903b1fb2e493a84a57577778fe5dd711f9468 # v0.58.3 with: destination: /opt/gh-aw/actions - name: Download agent artifacts continue-on-error: true - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: agent-output path: /tmp/gh-aw/threat-detection/ @@ -1055,12 +1055,12 @@ jobs: process_safe_outputs_temporary_id_map: ${{ steps.process_safe_outputs.outputs.temporary_id_map }} steps: - name: Setup Scripts - uses: github/gh-aw/actions/setup@f1073c5498ee46fec1530555a7c953445417c69b # v0.56.2 + uses: github/gh-aw/actions/setup@08a903b1fb2e493a84a57577778fe5dd711f9468 # v0.58.3 with: destination: /opt/gh-aw/actions - name: Download agent output artifact continue-on-error: true - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: agent-output path: /tmp/gh-aw/safeoutputs/ @@ -1071,7 +1071,7 @@ jobs: echo "GH_AW_AGENT_OUTPUT=/tmp/gh-aw/safeoutputs/agent_output.json" >> "$GITHUB_ENV" - name: Download patch artifact continue-on-error: true - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: agent-artifacts path: /tmp/gh-aw/ diff --git a/.github/workflows/docs-freshness.lock.yml b/.github/workflows/docs-freshness.lock.yml index ba0c05e..386d1f0 100644 --- a/.github/workflows/docs-freshness.lock.yml +++ b/.github/workflows/docs-freshness.lock.yml @@ -50,7 +50,7 @@ jobs: comment_repo: "" steps: - name: Setup Scripts - uses: github/gh-aw/actions/setup@f1073c5498ee46fec1530555a7c953445417c69b # v0.56.2 + uses: github/gh-aw/actions/setup@08a903b1fb2e493a84a57577778fe5dd711f9468 # v0.58.3 with: destination: /opt/gh-aw/actions - name: Validate context variables @@ -253,7 +253,7 @@ jobs: secret_verification_result: ${{ steps.validate-secret.outputs.verification_result }} steps: - name: Setup Scripts - uses: github/gh-aw/actions/setup@f1073c5498ee46fec1530555a7c953445417c69b # v0.56.2 + uses: github/gh-aw/actions/setup@08a903b1fb2e493a84a57577778fe5dd711f9468 # v0.58.3 with: destination: /opt/gh-aw/actions - name: Checkout repository @@ -678,7 +678,7 @@ jobs: const { generateWorkflowOverview } = require('/opt/gh-aw/actions/generate_workflow_overview.cjs'); await generateWorkflowOverview(core); - name: Download prompt artifact - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: prompt path: /tmp/gh-aw/aw-prompts @@ -878,12 +878,12 @@ jobs: total_count: ${{ steps.missing_tool.outputs.total_count }} steps: - name: Setup Scripts - uses: github/gh-aw/actions/setup@f1073c5498ee46fec1530555a7c953445417c69b # v0.56.2 + uses: github/gh-aw/actions/setup@08a903b1fb2e493a84a57577778fe5dd711f9468 # v0.58.3 with: destination: /opt/gh-aw/actions - name: Download agent output artifact continue-on-error: true - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: agent-output path: /tmp/gh-aw/safeoutputs/ @@ -968,18 +968,18 @@ jobs: success: ${{ steps.parse_results.outputs.success }} steps: - name: Setup Scripts - uses: github/gh-aw/actions/setup@f1073c5498ee46fec1530555a7c953445417c69b # v0.56.2 + uses: github/gh-aw/actions/setup@08a903b1fb2e493a84a57577778fe5dd711f9468 # v0.58.3 with: destination: /opt/gh-aw/actions - name: Download agent artifacts continue-on-error: true - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: agent-artifacts path: /tmp/gh-aw/threat-detection/ - name: Download agent output artifact continue-on-error: true - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: agent-output path: /tmp/gh-aw/threat-detection/ @@ -1078,12 +1078,12 @@ jobs: process_safe_outputs_temporary_id_map: ${{ steps.process_safe_outputs.outputs.temporary_id_map }} steps: - name: Setup Scripts - uses: github/gh-aw/actions/setup@f1073c5498ee46fec1530555a7c953445417c69b # v0.56.2 + uses: github/gh-aw/actions/setup@08a903b1fb2e493a84a57577778fe5dd711f9468 # v0.58.3 with: destination: /opt/gh-aw/actions - name: Download agent output artifact continue-on-error: true - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: agent-output path: /tmp/gh-aw/safeoutputs/ diff --git a/.github/workflows/fuzz-testing.yml b/.github/workflows/fuzz-testing.yml index 86cfa6f..9573403 100644 --- a/.github/workflows/fuzz-testing.yml +++ b/.github/workflows/fuzz-testing.yml @@ -34,7 +34,7 @@ jobs: toolchain: nightly - name: Install cargo-fuzz - uses: taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b # v2.68.25 + uses: taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3 # v2.68.34 with: tool: cargo-fuzz@0.12.0 diff --git a/.github/workflows/mutation-testing.yml b/.github/workflows/mutation-testing.yml index 30726d1..8d900ff 100644 --- a/.github/workflows/mutation-testing.yml +++ b/.github/workflows/mutation-testing.yml @@ -52,7 +52,7 @@ jobs: key: ${{ runner.os }}-target-mutation-${{ hashFiles('**/Cargo.lock') }} - name: Install cargo-mutants - uses: taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b # v2.68.25 + uses: taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3 # v2.68.34 with: tool: cargo-mutants@24.11.0 diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index e2e3b91..a0a704d 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -38,7 +38,7 @@ jobs: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Create nightly release - uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.2.0 + uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.2.0 with: tag_name: nightly name: Nightly Build diff --git a/.github/workflows/release-create.yml b/.github/workflows/release-create.yml index 0e960c1..5ef43f3 100644 --- a/.github/workflows/release-create.yml +++ b/.github/workflows/release-create.yml @@ -54,7 +54,7 @@ jobs: id: create_release # v2.0.3 uses: >- - softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b + softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe with: tag_name: ${{ inputs.tag }} name: >- diff --git a/.github/workflows/release-packages.yml b/.github/workflows/release-packages.yml index db39671..e18fef4 100644 --- a/.github/workflows/release-packages.yml +++ b/.github/workflows/release-packages.yml @@ -207,7 +207,7 @@ jobs: - name: Install cargo-deb # v2.67.25 uses: >- - taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b + taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3 with: tool: cargo-deb@2.7.0 @@ -254,7 +254,7 @@ jobs: - name: Install cargo-generate-rpm # v2.67.25 uses: >- - taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b + taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3 with: tool: cargo-generate-rpm@0.15.1 diff --git a/.github/workflows/release-sbom.yml b/.github/workflows/release-sbom.yml index 759efc5..50452e9 100644 --- a/.github/workflows/release-sbom.yml +++ b/.github/workflows/release-sbom.yml @@ -37,7 +37,7 @@ jobs: - name: Install cargo-sbom # v2.67.25 uses: >- - taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b + taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3 with: tool: cargo-sbom diff --git a/.github/workflows/release-sign.yml b/.github/workflows/release-sign.yml index 8c1ca79..57d69f4 100644 --- a/.github/workflows/release-sign.yml +++ b/.github/workflows/release-sign.yml @@ -27,7 +27,7 @@ jobs: - name: Install Cosign # v3.7.0 uses: >- - sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad + sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 - name: Download release assets env: diff --git a/.github/workflows/security-audit.yml b/.github/workflows/security-audit.yml index eb54663..201007c 100644 --- a/.github/workflows/security-audit.yml +++ b/.github/workflows/security-audit.yml @@ -32,7 +32,7 @@ jobs: - name: Install cargo-audit # v2.67.18 - uses: taiki-e/install-action@a37010ded18ff788be4440302bd6830b1ae50d8b + uses: taiki-e/install-action@de6bbd1333b8f331563d54a051e542c7dfef81c3 with: tool: cargo-audit