Skip to content

Commit 4375ccb

Browse files
build(deps): bump the github-actions group across 1 directory with 12 updates
Bumps the github-actions group with 12 updates in the / directory: | Package | From | To | | --- | --- | --- | | [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2.3.0` | `3.1.0` | | [actions/checkout](https://github.com/actions/checkout) | `4.2.2` | `7.0.0` | | [github/codeql-action/init](https://github.com/github/codeql-action) | `3.28.13` | `4.36.2` | | [github/codeql-action/autobuild](https://github.com/github/codeql-action) | `3.28.13` | `4.36.2` | | [github/codeql-action/analyze](https://github.com/github/codeql-action) | `3.28.13` | `4.36.2` | | [actions/setup-go](https://github.com/actions/setup-go) | `5.4.0` | `6.5.0` | | [dorny/paths-filter](https://github.com/dorny/paths-filter) | `2.11.1` | `4.0.1` | | [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `7.0.0` | `9.3.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.1` | `2.4.3` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `7.0.1` | | [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) | `3.28.13` | `4.36.2` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `7.0.8` | `8.1.1` | Updates `dependabot/fetch-metadata` from 2.3.0 to 3.1.0 - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](dependabot/fetch-metadata@d7267f6...25dd0e3) Updates `actions/checkout` from 4.2.2 to 7.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@11bd719...9c091bb) Updates `github/codeql-action/init` from 3.28.13 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@1b549b9...8aad20d) Updates `github/codeql-action/autobuild` from 3.28.13 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@1b549b9...8aad20d) Updates `github/codeql-action/analyze` from 3.28.13 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@1b549b9...8aad20d) Updates `actions/setup-go` from 5.4.0 to 6.5.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v5.4.0...v6.5.0) Updates `dorny/paths-filter` from 2.11.1 to 4.0.1 - [Release notes](https://github.com/dorny/paths-filter/releases) - [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md) - [Commits](dorny/paths-filter@4512585...fbd0ab8) Updates `golangci/golangci-lint-action` from 7.0.0 to 9.3.0 - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@1481404...ba0d7d2) Updates `ossf/scorecard-action` from 2.4.1 to 2.4.3 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@f49aabe...4eaacf0) Updates `actions/upload-artifact` from 4.6.2 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@ea165f8...043fb46) Updates `github/codeql-action/upload-sarif` from 3.28.13 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@1b549b9...8aad20d) Updates `peter-evans/create-pull-request` from 7.0.8 to 8.1.1 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@271a8d0...5f6978f) --- updated-dependencies: - dependency-name: dependabot/fetch-metadata dependency-version: 3.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action/init dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action/autobuild dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action/analyze dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-go dependency-version: 6.5.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: dorny/paths-filter dependency-version: 4.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: golangci/golangci-lint-action dependency-version: 9.3.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: ossf/scorecard-action dependency-version: 2.4.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action/upload-sarif dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: peter-evans/create-pull-request dependency-version: 8.1.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
1 parent 76ba4ad commit 4375ccb

7 files changed

Lines changed: 20 additions & 20 deletions

File tree

.github/workflows/automerge-dependabot.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ jobs:
1616
steps:
1717
- name: Dependabot metadata
1818
id: metadata
19-
uses: dependabot/fetch-metadata@d7267f607e9d3fb96fc2fbe83e0af444713e90b7 # v2.3.0
19+
uses: dependabot/fetch-metadata@25dd0e34f4fe68f24cc83900b1fe3fe149efef98 # v3.1.0
2020
with:
2121
github-token: "${{ secrets.GITHUB_TOKEN }}"
2222
- name: Enable auto-merge for Dependabot PRs

.github/workflows/codeql-analysis.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -46,11 +46,11 @@ jobs:
4646

4747
steps:
4848
- name: Checkout repository
49-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
49+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
5050

5151
# Initializes the CodeQL tools for scanning.
5252
- name: Initialize CodeQL
53-
uses: github/codeql-action/init@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
53+
uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
5454
with:
5555
languages: ${{ matrix.language }}
5656
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -61,7 +61,7 @@ jobs:
6161
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
6262
# If this step fails, then you should remove it and run the build manually (see below)
6363
- name: Autobuild
64-
uses: github/codeql-action/autobuild@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
64+
uses: github/codeql-action/autobuild@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
6565

6666
# ℹ️ Command-line programs to run using the OS shell.
6767
# 📚 https://git.io/JvXDl
@@ -75,4 +75,4 @@ jobs:
7575
# make release
7676

7777
- name: Perform CodeQL Analysis
78-
uses: github/codeql-action/analyze@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
78+
uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2

.github/workflows/container_description.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ jobs:
1818
if: github.repository_owner == 'prometheus' || github.repository_owner == 'prometheus-community' # Don't run this workflow on forks.
1919
steps:
2020
- name: git checkout
21-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
21+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
2222
- name: Set docker hub repo name
2323
run: echo "DOCKER_REPO_NAME=$(make docker-repo-name)" >> $GITHUB_ENV
2424
- name: Push README to Dockerhub
@@ -40,7 +40,7 @@ jobs:
4040
if: github.repository_owner == 'prometheus' || github.repository_owner == 'prometheus-community' # Don't run this workflow on forks.
4141
steps:
4242
- name: git checkout
43-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
43+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
4444
- name: Set quay.io org name
4545
run: echo "DOCKER_REPO=$(echo quay.io/${GITHUB_REPOSITORY_OWNER} | tr -d '-')" >> $GITHUB_ENV
4646
- name: Set quay.io repo name

.github/workflows/go.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ jobs:
2525
supported_versions: ${{ steps.matrix.outputs.supported_versions }}
2626
steps:
2727
- name: Checkout code
28-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
28+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
2929
- name: Read supported_go_versions.txt
3030
id: matrix
3131
run: |
@@ -49,10 +49,10 @@ jobs:
4949

5050
steps:
5151
- name: Checkout code
52-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
52+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
5353

5454
- name: Set up Go ${{ matrix.go_version }}
55-
uses: actions/setup-go@v5.4.0
55+
uses: actions/setup-go@v6.5.0
5656
with:
5757
go-version: ${{ matrix.go_version }}
5858
check-latest: true

.github/workflows/golangci-lint.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -24,25 +24,25 @@ jobs:
2424
runs-on: ubuntu-latest
2525
steps:
2626
- name: Checkout repository
27-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
27+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
2828
- name: Install Go
29-
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
29+
uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.5.0
3030
with:
3131
go-version: 1.24.x
3232
- name: Install snmp_exporter/generator dependencies
3333
run: sudo apt-get update && sudo apt-get -y install libsnmp-dev
3434
if: github.repository == 'prometheus/snmp_exporter'
3535
- name: Check for Go file changes
3636
id: go-changes
37-
uses: dorny/paths-filter@4512585405083f25c027a35db413c2b3b9006d50 # v2.11.1
37+
uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d # v4.0.1
3838
with:
3939
filters: |
4040
go:
4141
- '**/*.go'
4242
4343
- name: Lint
4444
if: steps.go-changes.outputs.go == 'true'
45-
uses: golangci/golangci-lint-action@1481404843c368bc19ca9406f87d6e0fc97bdcfd # v7.0.0
45+
uses: golangci/golangci-lint-action@ba0d7d2ec06a0ea1cb5fa41b2e4a3ab91d21278a # v9.3.0
4646
with:
4747
args: --verbose
4848
version: v2.0.2

.github/workflows/scorecard.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -29,12 +29,12 @@ jobs:
2929

3030
steps:
3131
- name: "Checkout code"
32-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
32+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
3333
with:
3434
persist-credentials: false
3535

3636
- name: "Run analysis"
37-
uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
37+
uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3
3838
with:
3939
results_file: results.sarif
4040
results_format: sarif
@@ -43,14 +43,14 @@ jobs:
4343
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
4444
# format to the repository Actions tab.
4545
- name: "Upload artifact"
46-
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
46+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
4747
with:
4848
name: SARIF file
4949
path: results.sarif
5050
retention-days: 5
5151

5252
# Upload the results to GitHub's code scanning dashboard.
5353
- name: "Upload to code-scanning"
54-
uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13
54+
uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
5555
with:
5656
sarif_file: results.sarif

.github/workflows/update-go-versions.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ jobs:
1313

1414
steps:
1515
- name: Checkout repository
16-
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
16+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
1717

1818
- name: Execute bash script
1919
run: bash update-go-version.bash
@@ -22,7 +22,7 @@ jobs:
2222
# no pull request will be created and the action exits silently.
2323
- name: Create a Pull Request
2424
if: github.event_name != 'pull_request'
25-
uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
25+
uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1
2626
with:
2727
token: ${{ secrets.GITHUB_TOKEN }}
2828
commit-message: "Update Go Collector metrics for new Go version"

0 commit comments

Comments
 (0)