Skip to content

Commit 438af32

Browse files
build(deps): bump the github-actions group across 1 directory with 13 updates
Bumps the github-actions group with 13 updates in the / directory: | Package | From | To | | --- | --- | --- | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.6.1` | `3.0.1` | | [docker/login-action](https://github.com/docker/login-action) | `4.1.0` | `4.2.0` | | [actions/github-script](https://github.com/actions/github-script) | `8.0.0` | `9.0.0` | | [actions/checkout](https://github.com/actions/checkout) | `6.0.2` | `7.0.0` | | [actions/setup-python](https://github.com/actions/setup-python) | `6.2.0` | `6.3.0` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `6.0.0` | `7.0.0` | | [isbang/compose-action](https://github.com/isbang/compose-action) | `2.5.0` | `3.0.0` | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `4.0.0` | `4.1.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `4.0.0` | `4.1.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `7.0.0` | `7.2.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` | | [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) | `4.35.1` | `4.36.2` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `8.1.0` | `8.1.1` | Updates `softprops/action-gh-release` from 2.6.1 to 3.0.1 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](softprops/action-gh-release@153bb8e...718ea10) Updates `docker/login-action` from 4.1.0 to 4.2.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@4907a6d...650006c) Updates `actions/github-script` from 8.0.0 to 9.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@ed59741...3a2844b) Updates `actions/checkout` from 6.0.2 to 7.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@de0fac2...9c091bb) Updates `actions/setup-python` from 6.2.0 to 6.3.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@a309ff8...ece7cb0) Updates `codecov/codecov-action` from 6.0.0 to 7.0.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@57e3a13...fb8b358) Updates `isbang/compose-action` from 2.5.0 to 3.0.0 - [Release notes](https://github.com/isbang/compose-action/releases) - [Commits](hoverkraft-tech/compose-action@4894d24...11beaa1) Updates `docker/setup-qemu-action` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@ce36039...0611638) Updates `docker/setup-buildx-action` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@4d04d5d...d7f5e7f) Updates `docker/build-push-action` from 7.0.0 to 7.2.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@d08e5c3...f9f3042) Updates `actions/upload-artifact` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@bbbca2d...043fb46) Updates `github/codeql-action/upload-sarif` from 4.35.1 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c10b806...8aad20d) Updates `peter-evans/create-pull-request` from 8.1.0 to 8.1.1 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@c0f553f...5f6978f) --- updated-dependencies: - dependency-name: softprops/action-gh-release dependency-version: 3.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/login-action dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/github-script dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-python dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: codecov/codecov-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: isbang/compose-action dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/setup-qemu-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/build-push-action dependency-version: 7.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action/upload-sarif dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: peter-evans/create-pull-request dependency-version: 8.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
1 parent 9fd6d37 commit 438af32

8 files changed

Lines changed: 38 additions & 38 deletions

File tree

.github/workflows/cd.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -88,7 +88,7 @@ jobs:
8888
steps:
8989
- id: gh-release
9090
name: Publish GitHub release candiate
91-
uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe
91+
uses: softprops/action-gh-release@718ea10b132b3b2eba29c1007bb80653f286566b
9292
with:
9393
draft: true
9494
name: ${{ github.ref_name }}-rc
@@ -102,7 +102,7 @@ jobs:
102102

103103
steps:
104104
- name: Login to GitHub Container Registry
105-
uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121
105+
uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee
106106
with:
107107
registry: ghcr.io
108108
username: ${{ github.repository_owner }}
@@ -117,7 +117,7 @@ jobs:
117117
docker push ghcr.io/repository-service-tuf/repository-service-tuf-worker:latest
118118
119119
- name: Publish GitHub Release
120-
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
120+
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3
121121
with:
122122
script: |
123123
await github.rest.repos.updateRelease({

.github/workflows/ci.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,13 +18,13 @@ jobs:
1818
python-versions: [ "3.13" ]
1919

2020
steps:
21-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
21+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
2222

2323
- name: Check if any local image is used in docker-compose.yml
2424
run: |
2525
if [[ "$(egrep -w 'image:\s+repository-service-tuf-api|image:\s+repository-service-tuf-worker' docker-compose.yml -c)" -ne "0" ]]; then echo "Local image has been used in docker-compose.yml" && exit 1; fi
2626
27-
- uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405
27+
- uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1
2828
with:
2929
python-version: ${{ matrix.python-versions }}
3030

@@ -35,7 +35,7 @@ jobs:
3535
run: tox
3636

3737
- name: Codecov
38-
uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0
38+
uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0
3939
with:
4040
files: coverage.xml
4141
fail_ci_if_error: false

.github/workflows/functional-tests.yml

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -60,17 +60,17 @@ jobs:
6060

6161
steps:
6262
- name: Checkout RSTUF Worker source code
63-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
63+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
6464

6565
- name: Checkout RSTUF Umbrella (FT)
66-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
66+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
6767
with:
6868
repository: repository-service-tuf/repository-service-tuf
6969
path: rstuf-umbrella
7070
ref: ${{ inputs.umbrella_branch }}
7171

7272
- name: Deploy RSTUF with Worker container from source code
73-
uses: isbang/compose-action@4894d2492015c1774ee5a13a95b1072093087ec3
73+
uses: isbang/compose-action@11beaa1c2dae4e8ed7b1665aa074723b6cecb0e4
7474
with:
7575
compose-file: ${{ inputs.docker_compose }}
7676
env:
@@ -86,17 +86,17 @@ jobs:
8686

8787
steps:
8888
- name: Checkout RSTUF Worker source code
89-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
89+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
9090

9191
- name: Checkout RSTUF Umbrella (FT)
92-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
92+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
9393
with:
9494
repository: repository-service-tuf/repository-service-tuf
9595
path: rstuf-umbrella
9696
ref: ${{ inputs.umbrella_branch }}
9797

9898
- name: Deploy RSTUF with Worker container from source code
99-
uses: isbang/compose-action@4894d2492015c1774ee5a13a95b1072093087ec3
99+
uses: isbang/compose-action@11beaa1c2dae4e8ed7b1665aa074723b6cecb0e4
100100
with:
101101
compose-file: ${{ inputs.docker_compose }}
102102
env:
@@ -115,17 +115,17 @@ jobs:
115115

116116
steps:
117117
- name: Checkout RSTUF Worker source code
118-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
118+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
119119

120120
- name: Checkout RSTUF Umbrella (FT)
121-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
121+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
122122
with:
123123
repository: repository-service-tuf/repository-service-tuf
124124
path: rstuf-umbrella
125125
ref: ${{ inputs.umbrella_branch }}
126126

127127
- name: Deploy RSTUF with Worker container from source code
128-
uses: isbang/compose-action@4894d2492015c1774ee5a13a95b1072093087ec3
128+
uses: isbang/compose-action@11beaa1c2dae4e8ed7b1665aa074723b6cecb0e4
129129
with:
130130
compose-file: ${{ inputs.docker_compose }}
131131
env:

.github/workflows/publish_container.yml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -24,31 +24,31 @@ jobs:
2424
runs-on: ubuntu-latest
2525
steps:
2626
- name: Checkout release tag
27-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
27+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
2828
with:
2929
fetch-depth: 0
3030
ref: ${{ inputs.image_version }}
3131

3232
- name: Set default Python version
33-
uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405
33+
uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1
3434
with:
3535
python-version: '3.10'
3636

3737
- name: Set up QEMU
38-
uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a
38+
uses: docker/setup-qemu-action@06116385d9baf250c9f4dcb4858b16962ea869c3
3939

4040
- name: Set up Docker Buildx
41-
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd
41+
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5
4242

4343
- name: Login to GitHub Container Registry
44-
uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121
44+
uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee
4545
with:
4646
registry: ghcr.io
4747
username: ${{ github.actor }}
4848
password: ${{ secrets.GITHUB_TOKEN }}
4949

5050
- name: Build and push
51-
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294
51+
uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf
5252
with:
5353
context: .
5454
push: true

.github/workflows/publish_docker_dev.yml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -26,26 +26,26 @@ jobs:
2626
runs-on: ubuntu-latest
2727

2828
steps:
29-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
30-
- uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405
29+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
30+
- uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1
3131
with:
3232
python-version: '3.13'
3333

3434
- name: Set up QEMU
35-
uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a
35+
uses: docker/setup-qemu-action@06116385d9baf250c9f4dcb4858b16962ea869c3
3636

3737
- name: Set up Docker Buildx
38-
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd
38+
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5
3939

4040
- name: Login to GitHub Container Registry
41-
uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121
41+
uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee
4242
with:
4343
registry: ghcr.io
4444
username: ${{ github.repository_owner }}
4545
password: ${{ secrets.GITHUB_TOKEN }}
4646

4747
- name: Build and push
48-
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294
48+
uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf
4949
with:
5050
context: .
5151
push: true

.github/workflows/scorecard.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@ jobs:
3232

3333
steps:
3434
- name: "Checkout code"
35-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
35+
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
3636
with:
3737
persist-credentials: false
3838

@@ -59,7 +59,7 @@ jobs:
5959
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
6060
# format to the repository Actions tab.
6161
- name: "Upload artifact"
62-
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
62+
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
6363
with:
6464
name: SARIF file
6565
path: results.sarif
@@ -68,6 +68,6 @@ jobs:
6868
# Upload the results to GitHub's code scanning dashboard (optional).
6969
# Commenting out will disable upload of results to your repo's Code Scanning dashboard
7070
- name: "Upload to code-scanning"
71-
uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1
71+
uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2
7272
with:
7373
sarif_file: results.sarif

.github/workflows/test_docker_build.yml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -12,19 +12,19 @@ jobs:
1212
runs-on: ubuntu-latest
1313

1414
steps:
15-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
16-
- uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405
15+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
16+
- uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1
1717
with:
1818
python-version: '3.13'
1919

2020
- name: Set up QEMU
21-
uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a
21+
uses: docker/setup-qemu-action@06116385d9baf250c9f4dcb4858b16962ea869c3
2222

2323
- name: Set up Docker Buildx
24-
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd
24+
uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5
2525

2626
- name: Build and push
27-
uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294
27+
uses: docker/build-push-action@f9f3042f7e2789586610d6e8b85c8f03e5195baf
2828
with:
2929
context: .
3030
push: false

.github/workflows/update-pre-commit-hooks.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -13,8 +13,8 @@ jobs:
1313
update-pre-commit-hooks:
1414
runs-on: ubuntu-latest
1515
steps:
16-
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
17-
- uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405
16+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
17+
- uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1
1818
with:
1919
python-version: "3.13"
2020
- name: Install prerequisites
@@ -33,7 +33,7 @@ jobs:
3333
run: |
3434
make tests
3535
- name: Create Pull Request
36-
uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0
36+
uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1
3737
with:
3838
token: ${{ secrets.GITHUB_TOKEN }}
3939
commit-message: "build: Update pre-commit hooks"

0 commit comments

Comments
 (0)