From 74d9f238c721b98290659d66d2a675084be8f4f5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 28 Mar 2026 03:54:18 +0000 Subject: [PATCH] Bump the github-actions group across 1 directory with 5 updates Bumps the github-actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `2.2.1` | `3.0.0` | | [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2.5.0` | `3.0.0` | | [fgrosse/go-coverage-report](https://github.com/fgrosse/go-coverage-report) | `1.2.0` | `1.3.0` | | [crazy-max/ghaction-import-gpg](https://github.com/crazy-max/ghaction-import-gpg) | `6` | `7` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `8.0.0` | `8.0.1` | Updates `actions/create-github-app-token` from 2.2.1 to 3.0.0 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](https://github.com/actions/create-github-app-token/compare/v2.2.1...v3.0.0) Updates `dependabot/fetch-metadata` from 2.5.0 to 3.0.0 - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](https://github.com/dependabot/fetch-metadata/compare/v2.5.0...v3.0.0) Updates `fgrosse/go-coverage-report` from 1.2.0 to 1.3.0 - [Release notes](https://github.com/fgrosse/go-coverage-report/releases) - [Changelog](https://github.com/fgrosse/go-coverage-report/blob/main/CHANGELOG.md) - [Commits](https://github.com/fgrosse/go-coverage-report/compare/v1.2.0...v1.3.0) Updates `crazy-max/ghaction-import-gpg` from 6 to 7 - [Release notes](https://github.com/crazy-max/ghaction-import-gpg/releases) - [Commits](https://github.com/crazy-max/ghaction-import-gpg/compare/v6...v7) Updates `actions/download-artifact` from 8.0.0 to 8.0.1 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v8.0.0...v8.0.1) --- updated-dependencies: - dependency-name: actions/create-github-app-token dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: dependabot/fetch-metadata dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: fgrosse/go-coverage-report dependency-version: 1.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: crazy-max/ghaction-import-gpg dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/csm-versions-update.yaml | 2 +- .github/workflows/dependabot-automerge.yml | 2 +- .github/workflows/go-common.yml | 2 +- .github/workflows/go-version-workflow.yaml | 2 +- .github/workflows/image-version-workflow.yaml | 2 +- .github/workflows/license-checker.yaml | 2 +- .github/workflows/operator-driver-version-update.yaml | 2 +- .github/workflows/operator-module-version-update.yaml | 2 +- .github/workflows/operator-version-update.yaml | 2 +- .github/workflows/release-creator.yaml | 4 ++-- .github/workflows/sidecar-version-update.yaml | 2 +- .github/workflows/ubi-version-update.yaml | 2 +- .github/workflows/update-libraries-to-commits.yml | 2 +- .github/workflows/update-libraries.yml | 2 +- 14 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/csm-versions-update.yaml b/.github/workflows/csm-versions-update.yaml index f9539568..573209ba 100644 --- a/.github/workflows/csm-versions-update.yaml +++ b/.github/workflows/csm-versions-update.yaml @@ -40,7 +40,7 @@ jobs: # Needed for signing commits using Github App tokens # See: https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#commit-signing - name: Generate GitHub App Token - uses: actions/create-github-app-token@v2.2.1 + uses: actions/create-github-app-token@v3.0.0 id: generate-token with: app-id: ${{ vars.CSM_RELEASE_APP_ID }} diff --git a/.github/workflows/dependabot-automerge.yml b/.github/workflows/dependabot-automerge.yml index 52c83cb9..92bd6617 100644 --- a/.github/workflows/dependabot-automerge.yml +++ b/.github/workflows/dependabot-automerge.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@v2.5.0 + uses: dependabot/fetch-metadata@v3.0.0 with: github-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/go-common.yml b/.github/workflows/go-common.yml index c3a14bf9..c76ee048 100644 --- a/.github/workflows/go-common.yml +++ b/.github/workflows/go-common.yml @@ -88,7 +88,7 @@ jobs: # code coverage profiles are uploaded as GitHub artifacts, which automatically expire after 90 days # if no coverage profile exists on main branch yet, then the step will fail continue-on-error: true - uses: fgrosse/go-coverage-report@v1.2.0 + uses: fgrosse/go-coverage-report@v1.3.0 with: coverage-artifact-name: "code-coverage" coverage-file-name: "new_coverage.txt" diff --git a/.github/workflows/go-version-workflow.yaml b/.github/workflows/go-version-workflow.yaml index f7c9e11a..c0becefc 100644 --- a/.github/workflows/go-version-workflow.yaml +++ b/.github/workflows/go-version-workflow.yaml @@ -77,7 +77,7 @@ jobs: # Needed for signing commits using Github App tokens # See: https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#commit-signing - - uses: actions/create-github-app-token@v2.2.1 + - uses: actions/create-github-app-token@v3.0.0 id: generate-token with: app-id: ${{ vars.CSM_RELEASE_APP_ID }} diff --git a/.github/workflows/image-version-workflow.yaml b/.github/workflows/image-version-workflow.yaml index 73a0c6ec..27b25e7f 100644 --- a/.github/workflows/image-version-workflow.yaml +++ b/.github/workflows/image-version-workflow.yaml @@ -107,7 +107,7 @@ jobs: # Needed for signing commits using Github App tokens # See: https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#commit-signing - - uses: actions/create-github-app-token@v2.2.1 + - uses: actions/create-github-app-token@v3.0.0 id: generate-token with: app-id: ${{ vars.CSM_RELEASE_APP_ID }} diff --git a/.github/workflows/license-checker.yaml b/.github/workflows/license-checker.yaml index f65741e1..e7f123ea 100644 --- a/.github/workflows/license-checker.yaml +++ b/.github/workflows/license-checker.yaml @@ -23,7 +23,7 @@ jobs: uses: actions/checkout@v6 - name: Import GPG key - uses: crazy-max/ghaction-import-gpg@v6 + uses: crazy-max/ghaction-import-gpg@v7 with: gpg_private_key: ${{ secrets.CSM_GPG_PRIVATE_KEY }} git_user_signingkey: true diff --git a/.github/workflows/operator-driver-version-update.yaml b/.github/workflows/operator-driver-version-update.yaml index c05c45f2..82381ae8 100644 --- a/.github/workflows/operator-driver-version-update.yaml +++ b/.github/workflows/operator-driver-version-update.yaml @@ -99,7 +99,7 @@ jobs: # Needed for signing commits using Github App tokens # See: https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#commit-signing - name: Generate GitHub App Token - uses: actions/create-github-app-token@v2.2.1 + uses: actions/create-github-app-token@v3.0.0 id: generate-token with: app-id: ${{ vars.CSM_RELEASE_APP_ID }} diff --git a/.github/workflows/operator-module-version-update.yaml b/.github/workflows/operator-module-version-update.yaml index 5ccf71ca..5399da68 100644 --- a/.github/workflows/operator-module-version-update.yaml +++ b/.github/workflows/operator-module-version-update.yaml @@ -105,7 +105,7 @@ jobs: # Needed for signing commits using Github App tokens # See: https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#commit-signing - name: Generate GitHub App Token - uses: actions/create-github-app-token@v2.2.1 + uses: actions/create-github-app-token@v3.0.0 id: generate-token with: app-id: ${{ vars.CSM_RELEASE_APP_ID }} diff --git a/.github/workflows/operator-version-update.yaml b/.github/workflows/operator-version-update.yaml index 9623f993..5cb74b1f 100644 --- a/.github/workflows/operator-version-update.yaml +++ b/.github/workflows/operator-version-update.yaml @@ -75,7 +75,7 @@ jobs: # Needed for signing commits using Github App tokens # See: https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#commit-signing - name: Generate GitHub App Token - uses: actions/create-github-app-token@v2.2.1 + uses: actions/create-github-app-token@v3.0.0 id: generate-token with: app-id: ${{ vars.CSM_RELEASE_APP_ID }} diff --git a/.github/workflows/release-creator.yaml b/.github/workflows/release-creator.yaml index d4503184..e3420781 100644 --- a/.github/workflows/release-creator.yaml +++ b/.github/workflows/release-creator.yaml @@ -88,7 +88,7 @@ jobs: # To import GPG key and configure git for signed commits (Annotated tags) - name: Import GPG key - uses: crazy-max/ghaction-import-gpg@v6 + uses: crazy-max/ghaction-import-gpg@v7 with: gpg_private_key: ${{ secrets.CSM_GPG_PRIVATE_KEY }} git_user_signingkey: true @@ -105,7 +105,7 @@ jobs: git push origin $REL_VERSION - name: Download binary - uses: actions/download-artifact@v8.0.0 + uses: actions/download-artifact@v8.0.1 # This is required to check if the binary exists and update its name to the release. - name: Set file name diff --git a/.github/workflows/sidecar-version-update.yaml b/.github/workflows/sidecar-version-update.yaml index e47889ca..3c4827e8 100644 --- a/.github/workflows/sidecar-version-update.yaml +++ b/.github/workflows/sidecar-version-update.yaml @@ -63,7 +63,7 @@ jobs: # Needed for signing commits using Github App tokens # See: https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#commit-signing - name: Generate GitHub App Token - uses: actions/create-github-app-token@v2.2.1 + uses: actions/create-github-app-token@v3.0.0 id: generate-token with: app-id: ${{ vars.CSM_RELEASE_APP_ID }} diff --git a/.github/workflows/ubi-version-update.yaml b/.github/workflows/ubi-version-update.yaml index 646bf8d1..19374708 100644 --- a/.github/workflows/ubi-version-update.yaml +++ b/.github/workflows/ubi-version-update.yaml @@ -73,7 +73,7 @@ jobs: # Needed for signing commits using Github App tokens # See: https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#commit-signing - - uses: actions/create-github-app-token@v2.2.1 + - uses: actions/create-github-app-token@v3.0.0 if: env.sha_mismatch == 'true' id: generate-token with: diff --git a/.github/workflows/update-libraries-to-commits.yml b/.github/workflows/update-libraries-to-commits.yml index 3543890e..fd265195 100644 --- a/.github/workflows/update-libraries-to-commits.yml +++ b/.github/workflows/update-libraries-to-commits.yml @@ -95,7 +95,7 @@ jobs: # Needed for signing commits using Github App tokens # See: https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#commit-signing - - uses: actions/create-github-app-token@v2.2.1 + - uses: actions/create-github-app-token@v3.0.0 id: generate-token with: app-id: ${{ vars.CSM_RELEASE_APP_ID }} diff --git a/.github/workflows/update-libraries.yml b/.github/workflows/update-libraries.yml index c521fa67..a9b95aaa 100644 --- a/.github/workflows/update-libraries.yml +++ b/.github/workflows/update-libraries.yml @@ -79,7 +79,7 @@ jobs: # Needed for signing commits using Github App tokens # See: https://github.com/peter-evans/create-pull-request/blob/main/docs/concepts-guidelines.md#commit-signing - - uses: actions/create-github-app-token@v2.2.1 + - uses: actions/create-github-app-token@v3.0.0 id: generate-token with: app-id: ${{ vars.CSM_RELEASE_APP_ID }}