Skip to content

Commit 7fcd20a

Browse files
Bump the actions group across 1 directory with 6 updates
Bumps the actions group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [ruby/setup-ruby](https://github.com/ruby/setup-ruby) | `1.302.0` | `1.308.0` | | [rubygems/configure-rubygems-credentials](https://github.com/rubygems/configure-rubygems-credentials) | `1.0.0` | `2.0.0` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.35.0` | `0.36.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.35.2` | `4.35.5` | | [securego/gosec](https://github.com/securego/gosec) | `2.25.0` | `2.26.1` | | [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.5.3` | `0.5.6` | Updates `ruby/setup-ruby` from 1.302.0 to 1.308.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](ruby/setup-ruby@7372622...97ecb7b) Updates `rubygems/configure-rubygems-credentials` from 1.0.0 to 2.0.0 - [Release notes](https://github.com/rubygems/configure-rubygems-credentials/releases) - [Commits](rubygems/configure-rubygems-credentials@bc6dd21...762a4b7) Updates `aquasecurity/trivy-action` from 0.35.0 to 0.36.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@57a97c7...ed142fd) Updates `github/codeql-action` from 4.35.2 to 4.35.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@95e58e9...9e0d7b8) Updates `securego/gosec` from 2.25.0 to 2.26.1 - [Release notes](https://github.com/securego/gosec/releases) - [Commits](securego/gosec@223e19b...4a3bd8a) Updates `zizmorcore/zizmor-action` from 0.5.3 to 0.5.6 - [Release notes](https://github.com/zizmorcore/zizmor-action/releases) - [Commits](zizmorcore/zizmor-action@b1d7e1f...5f14fd0) --- updated-dependencies: - dependency-name: ruby/setup-ruby dependency-version: 1.308.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: rubygems/configure-rubygems-credentials dependency-version: 2.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: aquasecurity/trivy-action dependency-version: 0.36.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: github/codeql-action dependency-version: 4.35.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: securego/gosec dependency-version: 2.26.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: zizmorcore/zizmor-action dependency-version: 0.5.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>
1 parent e3b876f commit 7fcd20a

3 files changed

Lines changed: 14 additions & 14 deletions

File tree

.github/workflows/release-ruby.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -30,7 +30,7 @@ jobs:
3030
persist-credentials: false
3131

3232
- name: Set up Ruby
33-
uses: ruby/setup-ruby@7372622e62b60b3cb750dcd2b9e32c247ffec26a # v1.302.0 # zizmor: ignore[cache-poisoning] -- cached deps are for testing, not release artifact generation
33+
uses: ruby/setup-ruby@97ecb7b512899eb71ab1bf2310a624c6f1589ac6 # v1.302.0 # zizmor: ignore[cache-poisoning] -- cached deps are for testing, not release artifact generation
3434
with:
3535
ruby-version: '3.3'
3636
bundler-cache: true
@@ -66,7 +66,7 @@ jobs:
6666
git merge-base --is-ancestor "$GITHUB_SHA" origin/main
6767
6868
- name: Set up Ruby
69-
uses: ruby/setup-ruby@7372622e62b60b3cb750dcd2b9e32c247ffec26a # v1.302.0 # zizmor: ignore[cache-poisoning] -- cache is branch-isolated; fork PRs cannot write to this cache
69+
uses: ruby/setup-ruby@97ecb7b512899eb71ab1bf2310a624c6f1589ac6 # v1.302.0 # zizmor: ignore[cache-poisoning] -- cache is branch-isolated; fork PRs cannot write to this cache
7070
with:
7171
ruby-version: '3.3'
7272
bundler-cache: true
@@ -96,7 +96,7 @@ jobs:
9696
9797
- name: Configure RubyGems credentials
9898
if: github.event_name == 'push'
99-
uses: rubygems/configure-rubygems-credentials@bc6dd217f8a4f919d6835fcfefd470ef821f5c44 # v1.0.0
99+
uses: rubygems/configure-rubygems-credentials@762a4b77c3300434bb57c7ce80b20e36231927aa # v2.0.0
100100

101101
- name: Publish to RubyGems
102102
if: github.event_name == 'push'

.github/workflows/security.yml

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -52,7 +52,7 @@ jobs:
5252
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
5353
with:
5454
persist-credentials: false
55-
- uses: ruby/setup-ruby@7372622e62b60b3cb750dcd2b9e32c247ffec26a # v1.302.0
55+
- uses: ruby/setup-ruby@97ecb7b512899eb71ab1bf2310a624c6f1589ac6 # v1.308.0
5656
with:
5757
ruby-version: '4.0'
5858
bundler-cache: true
@@ -72,7 +72,7 @@ jobs:
7272
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
7373
with:
7474
persist-credentials: false
75-
- uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0
75+
- uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0
7676
with:
7777
scan-type: fs
7878
scan-ref: ./go
@@ -81,7 +81,7 @@ jobs:
8181
ignore-unfixed: true
8282
format: sarif
8383
output: trivy-go.sarif
84-
- uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
84+
- uses: github/codeql-action/upload-sarif@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
8585
if: always()
8686
with:
8787
sarif_file: trivy-go.sarif
@@ -97,7 +97,7 @@ jobs:
9797
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
9898
with:
9999
persist-credentials: false
100-
- uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0
100+
- uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0
101101
with:
102102
scan-type: fs
103103
scan-ref: ./typescript
@@ -106,7 +106,7 @@ jobs:
106106
ignore-unfixed: true
107107
format: sarif
108108
output: trivy-typescript.sarif
109-
- uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
109+
- uses: github/codeql-action/upload-sarif@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
110110
if: always()
111111
with:
112112
sarif_file: trivy-typescript.sarif
@@ -122,7 +122,7 @@ jobs:
122122
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
123123
with:
124124
persist-credentials: false
125-
- uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0
125+
- uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0
126126
with:
127127
scan-type: fs
128128
scan-ref: ./ruby
@@ -131,7 +131,7 @@ jobs:
131131
ignore-unfixed: true
132132
format: sarif
133133
output: trivy-ruby.sarif
134-
- uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
134+
- uses: github/codeql-action/upload-sarif@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5
135135
if: always()
136136
with:
137137
sarif_file: trivy-ruby.sarif
@@ -146,7 +146,7 @@ jobs:
146146
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
147147
with:
148148
persist-credentials: false
149-
- uses: securego/gosec@223e19b8856e00f02cc67804499a83f77e208f3c # v2.25.0
149+
- uses: securego/gosec@4a3bd8af174872c778439083ded7adbf3747e770 # v2.26.1
150150
with:
151151
args: -severity high -exclude-dir=pkg/generated ./go/...
152152

.github/workflows/test.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -95,7 +95,7 @@ jobs:
9595
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
9696
with:
9797
persist-credentials: false
98-
- uses: ruby/setup-ruby@7372622e62b60b3cb750dcd2b9e32c247ffec26a # v1.302.0
98+
- uses: ruby/setup-ruby@97ecb7b512899eb71ab1bf2310a624c6f1589ac6 # v1.308.0
9999
with:
100100
ruby-version: ${{ matrix.ruby }}
101101
bundler-cache: true
@@ -198,7 +198,7 @@ jobs:
198198
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
199199
with:
200200
persist-credentials: false
201-
- uses: ruby/setup-ruby@7372622e62b60b3cb750dcd2b9e32c247ffec26a # v1.302.0
201+
- uses: ruby/setup-ruby@97ecb7b512899eb71ab1bf2310a624c6f1589ac6 # v1.308.0
202202
with:
203203
ruby-version: '3.3'
204204
bundler-cache: true
@@ -246,7 +246,7 @@ jobs:
246246
uses: rhysd/actionlint@914e7df21a07ef503a81201c76d2b11c789d3fca # v1.7.12
247247

248248
- name: Run zizmor
249-
uses: zizmorcore/zizmor-action@b1d7e1fb5de872772f31590499237e7cce841e8e # v0.5.3
249+
uses: zizmorcore/zizmor-action@5f14fd08f7cf1cb1609c1e344975f152c7ee938d # v0.5.6
250250
with:
251251
advanced-security: false
252252

0 commit comments

Comments
 (0)