From 9d4d1f869835a1825a9426d6b4b830034b43f51a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 1 Jun 2025 10:49:21 +0000 Subject: [PATCH] chore(deps): bump the github-actions group with 10 updates Bumps the github-actions group with 10 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `3.6.0` | `4.2.2` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.28.16` | `3.28.18` | | [denoland/setup-deno](https://github.com/denoland/setup-deno) | `2.0.2` | `2.0.3` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.7.0` | `4.7.1` | | [microsoft/DevSkim-Action](https://github.com/microsoft/devskim-action) | `1.0.15` | `1.0.16` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.1` | `2.4.2` | | [rojopolis/spellcheck-github-actions](https://github.com/rojopolis/spellcheck-github-actions) | `0.48.0` | `0.49.0` | | [actions/ai-inference](https://github.com/actions/ai-inference) | `1.0.0` | `1.1.0` | | [super-linter/super-linter](https://github.com/super-linter/super-linter) | `7.3.0` | `7.4.0` | | [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) | `3.88.28` | `3.88.35` | Updates `actions/checkout` from 3.6.0 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3.6.0...11bd71901bbe5b1630ceea73d27597364c9af683) Updates `github/codeql-action` from 3.28.16 to 3.28.18 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3.28.16...ff0a06e83cb2de871e5a09832bc6a81e7276941f) Updates `denoland/setup-deno` from 2.0.2 to 2.0.3 - [Release notes](https://github.com/denoland/setup-deno/releases) - [Commits](https://github.com/denoland/setup-deno/compare/909cc5acb0fdd60627fb858598759246509fa755...e95548e56dfa95d4e1a28d6f422fafe75c4c26fb) Updates `actions/dependency-review-action` from 4.7.0 to 4.7.1 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/38ecb5b593bf0eb19e335c03f97670f792489a8b...da24556b548a50705dd671f47852072ea4c105d9) Updates `microsoft/DevSkim-Action` from 1.0.15 to 1.0.16 - [Release notes](https://github.com/microsoft/devskim-action/releases) - [Commits](https://github.com/microsoft/devskim-action/compare/a6b6966a33b497cd3ae2ebc406edf8f4cc2feec6...4b5047945a44163b94642a1cecc0d93a3f428cc6) Updates `ossf/scorecard-action` from 2.4.1 to 2.4.2 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/f49aabe0b5af0936a0987cfb85d86b75731b0186...05b42c624433fc40578a4040d5cf5e36ddca8cde) Updates `rojopolis/spellcheck-github-actions` from 0.48.0 to 0.49.0 - [Release notes](https://github.com/rojopolis/spellcheck-github-actions/releases) - [Changelog](https://github.com/rojopolis/spellcheck-github-actions/blob/master/CHANGELOG.md) - [Commits](https://github.com/rojopolis/spellcheck-github-actions/compare/23dc186319866e1de224f94fe1d31b72797aeec7...584b2ae95998967a53af7fbfb7f5b15352c38748) Updates `actions/ai-inference` from 1.0.0 to 1.1.0 - [Release notes](https://github.com/actions/ai-inference/releases) - [Commits](https://github.com/actions/ai-inference/compare/c7105a4c1e9d7e35f7677b5e6f830f5d631ce76e...d645f067d89ee1d5d736a5990e327e504d1c5a4a) Updates `super-linter/super-linter` from 7.3.0 to 7.4.0 - [Release notes](https://github.com/super-linter/super-linter/releases) - [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md) - [Commits](https://github.com/super-linter/super-linter/compare/4e8a7c2bf106c4c766c816b35ec612638dc9b6b2...12150456a73e248bdc94d0794898f94e23127c88) Updates `trufflesecurity/trufflehog` from 3.88.28 to 3.88.35 - [Release notes](https://github.com/trufflesecurity/trufflehog/releases) - [Changelog](https://github.com/trufflesecurity/trufflehog/blob/main/.goreleaser.yml) - [Commits](https://github.com/trufflesecurity/trufflehog/compare/e42153d44a5e5c37c1bd0c70e074781e9edcb760...90694bf9af66e7536abc5824e7a87246dbf933cb) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 4.2.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 3.28.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: denoland/setup-deno dependency-version: 2.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/dependency-review-action dependency-version: 4.7.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: microsoft/DevSkim-Action dependency-version: 1.0.16 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: ossf/scorecard-action dependency-version: 2.4.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: rojopolis/spellcheck-github-actions dependency-version: 0.49.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/ai-inference dependency-version: 1.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: super-linter/super-linter dependency-version: 7.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: trufflesecurity/trufflehog dependency-version: 3.88.35 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 6 +++--- .github/workflows/deno.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/devskim.yml | 4 ++-- .github/workflows/eslint.yml | 2 +- .github/workflows/ossar.yml | 2 +- .github/workflows/rebase.yml | 2 +- .github/workflows/scorecards.yml | 4 ++-- .github/workflows/spelling_action.yml | 2 +- .github/workflows/summary.yml | 2 +- .github/workflows/super-linter.yml | 2 +- .github/workflows/trufflehog.yml | 2 +- 12 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index dcbdb16a..37b17b0d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -75,7 +75,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 + uses: github/codeql-action/init@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -85,7 +85,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 + uses: github/codeql-action/autobuild@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -98,6 +98,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 + uses: github/codeql-action/analyze@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/deno.yml b/.github/workflows/deno.yml index ed08f680..b25ec5a8 100644 --- a/.github/workflows/deno.yml +++ b/.github/workflows/deno.yml @@ -55,7 +55,7 @@ jobs: - name: Setup Deno # uses: denoland/setup-deno@v1 - uses: denoland/setup-deno@909cc5acb0fdd60627fb858598759246509fa755 # v2.0.2 + uses: denoland/setup-deno@e95548e56dfa95d4e1a28d6f422fafe75c4c26fb # v2.0.3 with: deno-version: v1.x diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index cceb8cb3..b392e412 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -46,4 +46,4 @@ jobs: - name: "Checkout Repository" uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: "Dependency Review" - uses: actions/dependency-review-action@38ecb5b593bf0eb19e335c03f97670f792489a8b # v4.7.0 + uses: actions/dependency-review-action@da24556b548a50705dd671f47852072ea4c105d9 # v4.7.1 diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml index 6836b497..e1da9559 100644 --- a/.github/workflows/devskim.yml +++ b/.github/workflows/devskim.yml @@ -35,7 +35,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Run DevSkim scanner - uses: microsoft/DevSkim-Action@a6b6966a33b497cd3ae2ebc406edf8f4cc2feec6 # v1.0.15 + uses: microsoft/DevSkim-Action@4b5047945a44163b94642a1cecc0d93a3f428cc6 # v1.0.16 with: directory-to-scan: . should-scan-archives: false @@ -60,6 +60,6 @@ jobs: path: devskim-results.sarif - name: Upload DevSkim scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17 + uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18 with: sarif_file: devskim-results.sarif diff --git a/.github/workflows/eslint.yml b/.github/workflows/eslint.yml index cdfb73ff..8a81f2de 100644 --- a/.github/workflows/eslint.yml +++ b/.github/workflows/eslint.yml @@ -72,7 +72,7 @@ jobs: continue-on-error: true - name: Upload analysis results to GitHub - uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v2.27.0 + uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v2.27.0 with: sarif_file: eslint-results.sarif wait-for-processing: true diff --git a/.github/workflows/ossar.yml b/.github/workflows/ossar.yml index 42ed9566..7e61028e 100644 --- a/.github/workflows/ossar.yml +++ b/.github/workflows/ossar.yml @@ -56,6 +56,6 @@ jobs: # Upload results to the Security tab - name: Upload OSSAR results - uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 + uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18 with: sarif_file: ${{ steps.ossar.outputs.sarifFile }} diff --git a/.github/workflows/rebase.yml b/.github/workflows/rebase.yml index 0d89db7f..c961e8be 100644 --- a/.github/workflows/rebase.yml +++ b/.github/workflows/rebase.yml @@ -22,7 +22,7 @@ jobs: egress-policy: audit - name: Checkout the latest code - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: token: ${{ secrets.GITHUB_TOKEN }} fetch-depth: 0 # otherwise, you will fail to push refs to dest repo diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 0d28de5c..cd547bc4 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -75,7 +75,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1 + uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2 with: results_file: results.sarif results_format: sarif @@ -105,6 +105,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v2.27.0 + uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v2.27.0 with: sarif_file: results.sarif diff --git a/.github/workflows/spelling_action.yml b/.github/workflows/spelling_action.yml index 911312c0..a631efdc 100644 --- a/.github/workflows/spelling_action.yml +++ b/.github/workflows/spelling_action.yml @@ -19,7 +19,7 @@ jobs: egress-policy: audit - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - - uses: rojopolis/spellcheck-github-actions@23dc186319866e1de224f94fe1d31b72797aeec7 # 0.48.0 + - uses: rojopolis/spellcheck-github-actions@584b2ae95998967a53af7fbfb7f5b15352c38748 # 0.49.0 name: Spellcheck continue-on-error: true with: diff --git a/.github/workflows/summary.yml b/.github/workflows/summary.yml index 8673250c..0373d432 100644 --- a/.github/workflows/summary.yml +++ b/.github/workflows/summary.yml @@ -25,7 +25,7 @@ jobs: - name: Run AI inference id: inference - uses: actions/ai-inference@c7105a4c1e9d7e35f7677b5e6f830f5d631ce76e # v1.0.0 + uses: actions/ai-inference@d645f067d89ee1d5d736a5990e327e504d1c5a4a # v1.1.0 with: prompt: | Summarize the following GitHub issue in one paragraph: diff --git a/.github/workflows/super-linter.yml b/.github/workflows/super-linter.yml index c653a057..062c0230 100644 --- a/.github/workflows/super-linter.yml +++ b/.github/workflows/super-linter.yml @@ -61,7 +61,7 @@ jobs: fetch-depth: 0 - name: Lint Code Base - uses: super-linter/super-linter@4e8a7c2bf106c4c766c816b35ec612638dc9b6b2 # v7.3.0 + uses: super-linter/super-linter@12150456a73e248bdc94d0794898f94e23127c88 # v7.4.0 #checkov:skip=skip-check:CKV2_GHA_1 env: DEFAULT_BRANCH: "main" diff --git a/.github/workflows/trufflehog.yml b/.github/workflows/trufflehog.yml index 254c63e8..ca7e3293 100644 --- a/.github/workflows/trufflehog.yml +++ b/.github/workflows/trufflehog.yml @@ -23,7 +23,7 @@ jobs: with: fetch-depth: 0 - name: Secret Scanning (entire repo) - uses: trufflesecurity/trufflehog@e42153d44a5e5c37c1bd0c70e074781e9edcb760 # v3.88.28 + uses: trufflesecurity/trufflehog@90694bf9af66e7536abc5824e7a87246dbf933cb # v3.88.35 with: base: "" head: ${{ github.ref_name }}