Merge pull request #43 from ortelius/renovate/all

sbtaylor15 · web-flow · commit af7645db8bfb · 2026-01-25T09:36:16.000-08:00
Update all dependencies
diff --git a/.github/workflows/build-push-chart.yml b/.github/workflows/build-push-chart.yml
@@ -16,7 +16,7 @@ name: Build/Push Image and Release Charts
 permissions: read-all
 jobs:
   setenv:
-    uses: ortelius/workflow-toolkit/.github/workflows/env-config-workflow.yml@92a48b5648a09dcd58bccf9cf49fd0155765c997
+    uses: ortelius/workflow-toolkit/.github/workflows/env-config-workflow.yml@d18d95cb675ca557902d4a4189081dc66336d6d4
     with:
       gh_head_ref: ${{ github.head_ref }}
       gh_ref_name: ${{ github.ref_name }}
@@ -28,7 +28,7 @@ jobs:
     permissions:
       id-token: write
       contents: write
-    uses: ortelius/workflow-toolkit/.github/workflows/container-release-workflow.yml@92a48b5648a09dcd58bccf9cf49fd0155765c997
+    uses: ortelius/workflow-toolkit/.github/workflows/container-release-workflow.yml@d18d95cb675ca557902d4a4189081dc66336d6d4
     needs: setenv
     with:
       gh_repository_owner: ${{ github.repository_owner }}
@@ -45,7 +45,7 @@ jobs:
     permissions:
       security-events: write
       statuses: write
-    uses: ortelius/workflow-toolkit/.github/workflows/trivy-scan-workflow.yml@92a48b5648a09dcd58bccf9cf49fd0155765c997
+    uses: ortelius/workflow-toolkit/.github/workflows/trivy-scan-workflow.yml@d18d95cb675ca557902d4a4189081dc66336d6d4
     needs:
       - setenv
       - release
@@ -57,7 +57,7 @@ jobs:
   helm:
     permissions:
       contents: write
-    uses: ortelius/workflow-toolkit/.github/workflows/helm-release-workflow.yml@92a48b5648a09dcd58bccf9cf49fd0155765c997
+    uses: ortelius/workflow-toolkit/.github/workflows/helm-release-workflow.yml@d18d95cb675ca557902d4a4189081dc66336d6d4
     needs:
       - setenv
       - release
@@ -77,7 +77,7 @@ jobs:
       GPG_KEY: ${{ secrets.GPG_KEY }}
       gh_token: ${{ secrets.HELM_INDEXER_TOKEN }}
   sbom:
-    uses: ortelius/workflow-toolkit/.github/workflows/sbom-generation-workflow.yml@92a48b5648a09dcd58bccf9cf49fd0155765c997
+    uses: ortelius/workflow-toolkit/.github/workflows/sbom-generation-workflow.yml@d18d95cb675ca557902d4a4189081dc66336d6d4
     needs:
       - setenv
       - release
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -27,14 +27,14 @@ jobs:
           egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
       - name: Checkout repository
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10
+        uses: github/codeql-action/init@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11
         with:
           languages: "go"
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10
+        uses: github/codeql-action/analyze@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11
         with:
           category: "/language:go"
diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml
@@ -31,7 +31,7 @@ jobs:
 
       - name: MegaLinter
         id: ml
-        uses: oxsecurity/megalinter/flavors/go@352f52b33ff45302a0d25e51567d6c64f90521d4
+        uses: oxsecurity/megalinter/flavors/go@249990ad0a9f4046af95aa85be2a223673b3ee92
         env:
           VALIDATE_ALL_CODEBASE: true
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -52,7 +52,7 @@ jobs:
           env.APPLY_FIXES_MODE == 'pull_request' &&
           (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) &&
           !contains(github.event.head_commit.message, 'skip fix')
-        uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725 # v8
+        uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8
         with:
           token: ${{ secrets.PAT || secrets.GITHUB_TOKEN }}
           commit-message: "[MegaLinter] Apply linters automatic fixes"
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -33,7 +33,7 @@ jobs:
           egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
 
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
 
@@ -45,6 +45,6 @@ jobs:
           publish_results: true
 
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10
+        uses: github/codeql-action/upload-sarif@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11
         with:
           sarif_file: results.sarif
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM cgr.dev/chainguard/go@sha256:54d3697eb00af0795e108133d9c0861f3346c24c0581cff34828432546c4a58c AS builder
+FROM cgr.dev/chainguard/go@sha256:552969bb3988f3db46a00880e912402aeb1d394dc26257f688ee5103ef39d16b AS builder
 SHELL ["/bin/ash", "-eo", "pipefail", "-c"]
 WORKDIR /app
 COPY . /app

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-FROM cgr.dev/chainguard/go@sha256:54d3697eb00af0795e108133d9c0861f3346c24c0581cff34828432546c4a58c AS builder`
	`1`	`+FROM cgr.dev/chainguard/go@sha256:552969bb3988f3db46a00880e912402aeb1d394dc26257f688ee5103ef39d16b AS builder`
`2`	`2`	`SHELL ["/bin/ash", "-eo", "pipefail", "-c"]`
`3`	`3`	`WORKDIR /app`
`4`	`4`	`COPY . /app`