From a9bc32e4c5ddb750c69ed305df18b196512857ab Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 8 Jul 2026 13:19:25 +0000 Subject: [PATCH] chore(deps): Bump the actions group with 6 updates Bumps the actions group with 6 updates: | Package | From | To | | --- | --- | --- | | [dorny/paths-filter](https://github.com/dorny/paths-filter) | `3` | `4` | | [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) | `16` | `24` | | [actions/setup-python](https://github.com/actions/setup-python) | `5` | `6` | | [googleapis/release-please-action](https://github.com/googleapis/release-please-action) | `4` | `5` | | [gitleaks/gitleaks-action](https://github.com/gitleaks/gitleaks-action) | `2` | `3` | | [anchore/scan-action](https://github.com/anchore/scan-action) | `4` | `7` | Updates `dorny/paths-filter` from 3 to 4 - [Release notes](https://github.com/dorny/paths-filter/releases) - [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md) - [Commits](https://github.com/dorny/paths-filter/compare/v3...v4) Updates `DavidAnson/markdownlint-cli2-action` from 16 to 24 - [Release notes](https://github.com/davidanson/markdownlint-cli2-action/releases) - [Commits](https://github.com/davidanson/markdownlint-cli2-action/compare/v16...v24) Updates `actions/setup-python` from 5 to 6 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v5...v6) Updates `googleapis/release-please-action` from 4 to 5 - [Release notes](https://github.com/googleapis/release-please-action/releases) - [Changelog](https://github.com/googleapis/release-please-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/googleapis/release-please-action/compare/v4...v5) Updates `gitleaks/gitleaks-action` from 2 to 3 - [Release notes](https://github.com/gitleaks/gitleaks-action/releases) - [Commits](https://github.com/gitleaks/gitleaks-action/compare/v2...v3) Updates `anchore/scan-action` from 4 to 7 - [Release notes](https://github.com/anchore/scan-action/releases) - [Changelog](https://github.com/anchore/scan-action/blob/main/RELEASE.md) - [Commits](https://github.com/anchore/scan-action/compare/v4...v7) --- updated-dependencies: - dependency-name: dorny/paths-filter dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: DavidAnson/markdownlint-cli2-action dependency-version: '24' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: googleapis/release-please-action dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: gitleaks/gitleaks-action dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: anchore/scan-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/docs.yml | 4 ++-- .github/workflows/estate-lint.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/security-scan.yml | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index ca87a66..844d92d 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -12,7 +12,7 @@ jobs: if: github.event_name == 'pull_request' steps: - uses: actions/checkout@v4 - - uses: dorny/paths-filter@v3 + - uses: dorny/paths-filter@v4 id: f with: filters: | @@ -27,6 +27,6 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: DavidAnson/markdownlint-cli2-action@v16 + - uses: DavidAnson/markdownlint-cli2-action@v24 - uses: lycheeverse/lychee-action@v2 with: { args: "--no-progress './**/*.md'" } diff --git a/.github/workflows/estate-lint.yml b/.github/workflows/estate-lint.yml index efafbac..4df25fc 100644 --- a/.github/workflows/estate-lint.yml +++ b/.github/workflows/estate-lint.yml @@ -21,7 +21,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - - uses: actions/setup-python@v5 + - uses: actions/setup-python@v6 with: { python-version: "3.12" } - name: estate-lint (7 structural checks; fail on error-level violations) run: python3 "${{ inputs.tools-dir }}/estate-lint.py" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1340e4c..82bc0e6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -16,7 +16,7 @@ jobs: release-please: runs-on: ubuntu-latest steps: - - uses: googleapis/release-please-action@v4 + - uses: googleapis/release-please-action@v5 with: release-type: ${{ inputs.release-type }} # Note: for monorepos use manifest mode (.release-please-config.json). diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml index df12ca5..3461503 100644 --- a/.github/workflows/security-scan.yml +++ b/.github/workflows/security-scan.yml @@ -14,7 +14,7 @@ jobs: - uses: actions/checkout@v4 with: { fetch-depth: 0 } - name: gitleaks (full history) - uses: gitleaks/gitleaks-action@v2 + uses: gitleaks/gitleaks-action@v3 sbom: runs-on: ubuntu-latest steps: @@ -22,5 +22,5 @@ jobs: - name: SBOM (CycloneDX) + vuln scan uses: anchore/sbom-action@v0 with: { format: cyclonedx-json, artifact-name: sbom.cdx.json } - - uses: anchore/scan-action@v4 + - uses: anchore/scan-action@v7 with: { path: ".", fail-build: false }