From 1630fc95c4a65071e27cd4e2b48ce9b7395cf7cd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 5 Jul 2026 04:05:29 +0000 Subject: [PATCH] build(deps): Bump the github-actions group across 1 directory with 4 updates Bumps the github-actions group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [actions/cache](https://github.com/actions/cache), [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/checkout` from 6.0.2 to 7.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v6.0.2...v7.0.0) Updates `actions/cache` from 5 to 5.0.5 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v5...v5.0.5) Updates `docker/setup-buildx-action` from 4 to 4.1.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v4...v4.1.0) Updates `github/codeql-action` from 4.36.0 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v4.36.0...v4.36.2) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/cache dependency-version: 5.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/ci-api.yml | 12 ++++++------ .github/workflows/ci-frontend.yml | 12 ++++++------ .github/workflows/security.yml | 12 ++++++------ 3 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/ci-api.yml b/.github/workflows/ci-api.yml index 5820065..0d63afe 100644 --- a/.github/workflows/ci-api.yml +++ b/.github/workflows/ci-api.yml @@ -20,11 +20,11 @@ jobs: name: Type-check runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@v7.0.0 - uses: oven-sh/setup-bun@v2 with: bun-version: "1.3.14" - - uses: actions/cache@v5 + - uses: actions/cache@v5.0.5 with: path: ~/.bun/install/cache key: bun-${{ runner.os }}-${{ hashFiles('bun.lock') }} @@ -37,11 +37,11 @@ jobs: name: Test runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@v7.0.0 - uses: oven-sh/setup-bun@v2 with: bun-version: "1.3.14" - - uses: actions/cache@v5 + - uses: actions/cache@v5.0.5 with: path: ~/.bun/install/cache key: bun-${{ runner.os }}-${{ hashFiles('bun.lock') }} @@ -55,8 +55,8 @@ jobs: runs-on: ubuntu-latest needs: [typecheck, test] steps: - - uses: actions/checkout@v6.0.2 - - uses: docker/setup-buildx-action@v4 + - uses: actions/checkout@v7.0.0 + - uses: docker/setup-buildx-action@v4.1.0 - uses: docker/build-push-action@v7.2.0 with: context: ./api diff --git a/.github/workflows/ci-frontend.yml b/.github/workflows/ci-frontend.yml index cb48322..6a94f25 100644 --- a/.github/workflows/ci-frontend.yml +++ b/.github/workflows/ci-frontend.yml @@ -20,11 +20,11 @@ jobs: name: Type-check runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@v7.0.0 - uses: oven-sh/setup-bun@v2 with: bun-version: "1.3.14" - - uses: actions/cache@v5 + - uses: actions/cache@v5.0.5 with: path: ~/.bun/install/cache key: bun-${{ runner.os }}-${{ hashFiles('bun.lock') }} @@ -37,11 +37,11 @@ jobs: name: Build runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@v7.0.0 - uses: oven-sh/setup-bun@v2 with: bun-version: "1.3.14" - - uses: actions/cache@v5 + - uses: actions/cache@v5.0.5 with: path: ~/.bun/install/cache key: bun-${{ runner.os }}-${{ hashFiles('bun.lock') }} @@ -58,8 +58,8 @@ jobs: runs-on: ubuntu-latest needs: [typecheck, build] steps: - - uses: actions/checkout@v6.0.2 - - uses: docker/setup-buildx-action@v4 + - uses: actions/checkout@v7.0.0 + - uses: docker/setup-buildx-action@v4.1.0 - uses: docker/build-push-action@v7.2.0 with: context: ./frontend diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index e5eb767..e3047e3 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -27,7 +27,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@v7.0.0 with: fetch-depth: 0 # full history — detect secrets in any commit - uses: gitleaks/gitleaks-action@v3.0.0 @@ -45,12 +45,12 @@ jobs: security-events: write actions: read steps: - - uses: actions/checkout@v6.0.2 - - uses: github/codeql-action/init@v4.36.0 + - uses: actions/checkout@v7.0.0 + - uses: github/codeql-action/init@v4.36.2 with: languages: javascript-typescript queries: security-extended - - uses: github/codeql-action/analyze@v4.36.0 + - uses: github/codeql-action/analyze@v4.36.2 with: category: /language:javascript-typescript @@ -63,7 +63,7 @@ jobs: contents: read security-events: write steps: - - uses: actions/checkout@v6.0.2 + - uses: actions/checkout@v7.0.0 - name: Scan for HIGH/CRITICAL CVEs uses: aquasecurity/trivy-action@v0.36.0 with: @@ -76,7 +76,7 @@ jobs: ignore-unfixed: true - name: Upload results to Security tab if: always() - uses: github/codeql-action/upload-sarif@v4.36.0 + uses: github/codeql-action/upload-sarif@v4.36.2 with: sarif_file: trivy.sarif category: trivy