diff --git a/.docker/forge-github-app-register/Dockerfile b/.docker/forge-github-app-register/Dockerfile index 5ff54542..5e3fd6bc 100644 --- a/.docker/forge-github-app-register/Dockerfile +++ b/.docker/forge-github-app-register/Dockerfile @@ -1,4 +1,4 @@ -FROM python:3.14-slim@sha256:6a27522252aef8432841f224d9baaa6e9fce07b07584154fa0b9a96603af7456 +FROM python:3.14-slim@sha256:fb83750094b46fd6b8adaa80f66e2302ecbe45d513f6cece637a841e1025b4ca RUN useradd --create-home appuser WORKDIR /home/appuser diff --git a/.docker/pre-commit/Dockerfile b/.docker/pre-commit/Dockerfile index 0d0f77c5..10017ebd 100644 --- a/.docker/pre-commit/Dockerfile +++ b/.docker/pre-commit/Dockerfile @@ -1,4 +1,4 @@ -FROM ubuntu:24.04@sha256:d1e2e92c075e5ca139d51a140fff46f84315c0fdce203eab2807c7e495eff4f9 AS build +FROM ubuntu:24.04@sha256:186072bba1b2f436cbb91ef2567abca677337cfc786c86e107d25b7072feef0c AS build WORKDIR /opt/build @@ -12,7 +12,7 @@ RUN apt-get update && apt-get install -y \ SHELL ["/bin/bash", "-o", "pipefail", "-c"] # renovate: datasource=github-releases depName=gitleaks/gitleaks registryUrl=https://github.com/ -ARG GITLEAKS_VERSION="8.30.0" +ARG GITLEAKS_VERSION="8.30.1" ARG GITLEAKS_SRC="https://github.com/gitleaks/gitleaks/releases/download/v${GITLEAKS_VERSION}/gitleaks_${GITLEAKS_VERSION}_linux_x64.tar.gz" ARG GITLEAKS_ARTIFACT="gitleaks.tar.gz" RUN set -eux; \ @@ -40,7 +40,7 @@ RUN set -eux; \ chmod 755 /usr/local/bin/jq # renovate: datasource=github-releases depName=hashicorp/packer registryUrl=https://github.com/ -ARG PACKER_VERSION="1.15.0" +ARG PACKER_VERSION="1.15.1" ARG PACKER_SRC="https://releases.hashicorp.com/packer/${PACKER_VERSION}/packer_${PACKER_VERSION}_linux_amd64.zip" ARG PACKER_ARTIFACT="packer.zip" RUN set -eux; \ @@ -78,7 +78,7 @@ RUN set -eux; \ chmod 755 /usr/local/bin/terraform-docs # renovate: datasource=github-releases depName=gruntwork-io/terragrunt registryUrl=https://github.com/ -ARG TERRAGRUNT_VERSION="0.99.4" +ARG TERRAGRUNT_VERSION="0.99.5" ARG TERRAGRUNT_SRC="https://github.com/gruntwork-io/terragrunt/releases/download/v${TERRAGRUNT_VERSION}/terragrunt_linux_amd64" ARG TERRAGRUNT_ARTIFACT="terragrunt" RUN set -eux; \ @@ -104,7 +104,7 @@ RUN set -eux; \ unzip -o ${TOFU_ARTIFACT} -d /usr/local/bin/; \ chmod 755 /usr/local/bin/tofu -FROM ubuntu:24.04@sha256:d1e2e92c075e5ca139d51a140fff46f84315c0fdce203eab2807c7e495eff4f9 AS final +FROM ubuntu:24.04@sha256:186072bba1b2f436cbb91ef2567abca677337cfc786c86e107d25b7072feef0c AS final ENV DEBIAN_FRONTEND=noninteractive diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index c96c596b..24b861aa 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -32,13 +32,13 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Cache Pre-commit - uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 with: path: ~/.cache/pre-commit/ key: pre-commit|${{ github.repository }}|${{ hashFiles('.pre-commit-config.yaml') }} - name: Cache OpenTofu providers - uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 with: path: /github/home/.terraform.d/plugin key: tf-providers-${{ github.run_id }} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 5031eeb3..a83a7641 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -196,7 +196,7 @@ repos: # JSON Schema Hooks # --------------------- - repo: https://github.com/python-jsonschema/check-jsonschema - rev: 0.37.0 + rev: 0.37.1 hooks: - id: check-github-workflows name: JSON Schema · GitHub workflows @@ -256,7 +256,7 @@ repos: # Security Hooks # --------------------- - repo: https://github.com/gitleaks/gitleaks - rev: v8.30.0 + rev: v8.30.1 hooks: - id: gitleaks name: Security · Gitleaks