chore(deps): update non-major github actions #23
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v4.2.2->v4.3.1v5.4.0->v5.5.01.21->1.25v2.11.1->v2.13.2[skip release]
Release Notes
actions/checkout (actions/checkout)
v4.3.1Compare Source
What's Changed
Full Changelog: actions/checkout@v4...v4.3.1
v4.3.0Compare Source
What's Changed
New Contributors
Full Changelog: actions/checkout@v4...v4.3.0
actions/setup-go (actions/setup-go)
v5.5.0Compare Source
What's Changed
Bug fixes:
Dependency updates:
New Contributors
Full Changelog: actions/setup-go@v5...v5.5.0
actions/go-versions (go)
v1.25.4: 1.25.4Compare Source
Go 1.25.4
v1.25.3: 1.25.3Compare Source
Go 1.25.3
v1.25.2: 1.25.2Compare Source
Go 1.25.2
v1.25.1: 1.25.1Compare Source
Go 1.25.1
v1.25.0: 1.25.0Compare Source
Go 1.25.0
v1.24.10: 1.24.10Compare Source
Go 1.24.10
v1.24.9: 1.24.9Compare Source
Go 1.24.9
v1.24.8: 1.24.8Compare Source
Go 1.24.8
v1.24.7: 1.24.7Compare Source
Go 1.24.7
v1.24.6: 1.24.6Compare Source
Go 1.24.6
v1.24.5: 1.24.5Compare Source
Go 1.24.5
v1.24.4: 1.24.4Compare Source
Go 1.24.4
v1.24.3: 1.24.3Compare Source
Go 1.24.3
v1.24.2: 1.24.2Compare Source
Go 1.24.2
v1.24.1: 1.24.1Compare Source
Go 1.24.1
v1.24.0: 1.24.0Compare Source
Go 1.24.0
v1.23.12: 1.23.12Compare Source
Go 1.23.12
v1.23.11: 1.23.11Compare Source
Go 1.23.11
v1.23.10: 1.23.10Compare Source
Go 1.23.10
v1.23.9: 1.23.9Compare Source
Go 1.23.9
v1.23.8: 1.23.8Compare Source
Go 1.23.8
v1.23.7: 1.23.7Compare Source
Go 1.23.7
v1.23.6: 1.23.6Compare Source
Go 1.23.6
v1.23.5: 1.23.5Compare Source
Go 1.23.5
v1.23.4: 1.23.4Compare Source
Go 1.23.4
v1.23.3: 1.23.3Compare Source
Go 1.23.3
v1.23.2: 1.23.2Compare Source
Go 1.23.2
v1.23.1: 1.23.1Compare Source
Go 1.23.1
v1.23.0: 1.23.0Compare Source
Go 1.23.0
v1.22.12: 1.22.12Compare Source
Go 1.22.12
v1.22.11: 1.22.11Compare Source
Go 1.22.11
v1.22.10: 1.22.10Compare Source
Go 1.22.10
v1.22.9: 1.22.9Compare Source
Go 1.22.9
v1.22.8: 1.22.8Compare Source
Go 1.22.8
v1.22.7: 1.22.7Compare Source
Go 1.22.7
v1.22.6: 1.22.6Compare Source
Go 1.22.6
v1.22.5: 1.22.5Compare Source
Go 1.22.5
v1.22.4: 1.22.4Compare Source
Go 1.22.4
v1.22.3: 1.22.3Compare Source
Go 1.22.3
v1.22.2: 1.22.2Compare Source
Go 1.22.2
v1.22.1: 1.22.1Compare Source
Go 1.22.1
v1.22.0: 1.22.0Compare Source
Go 1.22.0
step-security/harden-runner (step-security/harden-runner)
v2.13.2Compare Source
What's Changed
Full Changelog: step-security/harden-runner@v2.13.1...v2.13.2
v2.13.1Compare Source
What's Changed
Graceful handling of HTTP errors: Improved error handling when fetching Harden Runner policies from the StepSecurity Policy Store API, ensuring more reliable execution even in case of temporary network/API issues.
Security updates for npm dependencies: Updated vulnerable npm package dependencies to the latest secure versions.
Faster enterprise agent downloads: The enterprise agent is now downloaded from GitHub Releases instead of packages.stepsecurity.io, improving download speed and reliability.
Full Changelog: step-security/harden-runner@v2.13.0...v2.13.1
v2.13.0Compare Source
What's Changed
Full Changelog: step-security/harden-runner@v2...v2.13.0
v2.12.2Compare Source
What's Changed
Added HTTPS Monitoring for additional destinations - *.githubusercontent.com
Bug fixes:
Full Changelog: step-security/harden-runner@v2...v2.12.2
v2.12.1Compare Source
What's Changed
Full Changelog: step-security/harden-runner@v2...v2.12.1
v2.12.0Compare Source
What's Changed
A new option,
disable-sudo-and-containers, is now available to replace thedisable-sudo policy, addressing Docker-based privilege escalation (CVE-2025-32955). More details can be found in this blog post.New detections have been added based on insights from the tj-actions and reviewdog actions incidents.
Full Changelog: step-security/harden-runner@v2...v2.12.0
Configuration
📅 Schedule: Branch creation - "before 4:00am on Tuesday" in timezone America/Toronto, Automerge - "after 9:00am and before 12:00pm on tuesday, wednesday, thursday" in timezone America/Toronto.
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Renovate Bot.