From 3886bb841b73bb50368bb22324444faaea247734 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 23 Apr 2026 18:26:50 +0000 Subject: [PATCH] chore(deps-ci): bump the actions-all group with 5 updates Bumps the actions-all group with 5 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4` | `6` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.35.0` | `0.36.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3` | `4` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `7` | | [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2` | `3` | Updates `actions/checkout` from 4 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v6) Updates `aquasecurity/trivy-action` from 0.35.0 to 0.36.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.35.0...v0.36.0) Updates `github/codeql-action` from 3 to 4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3...v4) Updates `actions/upload-artifact` from 4 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v7) Updates `dependabot/fetch-metadata` from 2 to 3 - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](https://github.com/dependabot/fetch-metadata/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-all - dependency-name: aquasecurity/trivy-action dependency-version: 0.36.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-all - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-all - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-all - dependency-name: dependabot/fetch-metadata dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-all ... Signed-off-by: dependabot[bot] --- .github/workflows/code-scans.yaml | 22 +++++++++---------- .github/workflows/dependabot-auto-merge.yml | 2 +- .github/workflows/dependabot-gchat-notify.yml | 2 +- 3 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/code-scans.yaml b/.github/workflows/code-scans.yaml index 8b58ff1..dd97b3f 100644 --- a/.github/workflows/code-scans.yaml +++ b/.github/workflows/code-scans.yaml @@ -25,7 +25,7 @@ jobs: if: github.event_name == 'pull_request' runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: actions/dependency-review-action@v4 with: @@ -36,10 +36,10 @@ jobs: name: Trivy Scan runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Run Trivy misconfig and secret scan (blocking) - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: scan-type: fs scan-ref: . @@ -52,7 +52,7 @@ jobs: - name: Run Trivy license scan (informational) if: always() - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: scan-type: fs scan-ref: . @@ -63,21 +63,21 @@ jobs: - name: Upload Trivy misconfig and secret SARIF if: always() - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v4 with: sarif_file: trivy-misconfig-secret.sarif category: trivy-misconfig-secret - name: Upload Trivy license SARIF if: always() - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v4 with: sarif_file: trivy-license.sarif category: trivy-license - name: Upload Trivy report artifacts if: always() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 with: name: trivy-reports path: | @@ -97,18 +97,18 @@ jobs: matrix: language: [python, javascript] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: ${{ matrix.language }} queries: security-extended - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@v4 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/dependabot-auto-merge.yml b/.github/workflows/dependabot-auto-merge.yml index d99c47e..164d973 100644 --- a/.github/workflows/dependabot-auto-merge.yml +++ b/.github/workflows/dependabot-auto-merge.yml @@ -14,7 +14,7 @@ jobs: steps: - name: Fetch Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@v2 + uses: dependabot/fetch-metadata@v3 with: github-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/dependabot-gchat-notify.yml b/.github/workflows/dependabot-gchat-notify.yml index afdaf9e..683968a 100644 --- a/.github/workflows/dependabot-gchat-notify.yml +++ b/.github/workflows/dependabot-gchat-notify.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Fetch Dependabot metadata id: meta - uses: dependabot/fetch-metadata@v2 + uses: dependabot/fetch-metadata@v3 with: github-token: "${{ secrets.GITHUB_TOKEN }}"