From 3b2598c71e6914d2cc8275c5e7b615d990d6f398 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 6 Jul 2026 20:45:38 +0000 Subject: [PATCH] build(deps): bump the ci group across 1 directory with 12 updates Bumps the ci group with 12 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6.0.2` | `7.0.0` | | [fluxcd/gha-workflows/.github/workflows/backport.yaml](https://github.com/fluxcd/gha-workflows) | `0.9.0` | `0.12.0` | | [actions/setup-go](https://github.com/actions/setup-go) | `6.4.0` | `6.5.0` | | [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) | `4.0.0` | `4.0.1` | | [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | `6.1.0` | `6.2.1` | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `4.0.0` | `4.2.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `4.0.0` | `4.2.0` | | [docker/login-action](https://github.com/docker/login-action) | `4.1.0` | `4.4.0` | | [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) | `4.35.3` | `4.36.3` | | [github/codeql-action/init](https://github.com/github/codeql-action) | `4.35.3` | `4.36.3` | | [github/codeql-action/autobuild](https://github.com/github/codeql-action) | `4.35.3` | `4.36.3` | | [github/codeql-action/analyze](https://github.com/github/codeql-action) | `4.35.3` | `4.36.3` | Updates `actions/checkout` from 6.0.2 to 7.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0) Updates `fluxcd/gha-workflows/.github/workflows/backport.yaml` from 0.9.0 to 0.12.0 - [Release notes](https://github.com/fluxcd/gha-workflows/releases) - [Commits](https://github.com/fluxcd/gha-workflows/compare/v0.9.0...v0.12.0) Updates `actions/setup-go` from 6.4.0 to 6.5.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/4a3601121dd01d1626a1e23e37211e3254c1c06c...924ae3a1cded613372ab5595356fb5720e22ba16) Updates `hashicorp/setup-terraform` from 4.0.0 to 4.0.1 - [Release notes](https://github.com/hashicorp/setup-terraform/releases) - [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md) - [Commits](https://github.com/hashicorp/setup-terraform/compare/5e8dbf3c6d9deaf4193ca7a8fb23f2ac83bb6c85...dfe3c3f87815947d99a8997f908cb6525fc44e9e) Updates `aws-actions/configure-aws-credentials` from 6.1.0 to 6.2.1 - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws-actions/configure-aws-credentials/compare/ec61189d14ec14c8efccab744f656cffd0e33f37...254c19bd240aabef8777f48595e9d2d7b972184b) Updates `docker/setup-qemu-action` from 4.0.0 to 4.2.0 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](https://github.com/docker/setup-qemu-action/compare/ce360397dd3f832beb865e1373c09c0e9f86d70a...96fe6ef7f33517b61c61be40b68a1882f3264fb8) Updates `docker/setup-buildx-action` from 4.0.0 to 4.2.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd...bb05f3f5519dd87d3ba754cc423b652a5edd6d2c) Updates `docker/login-action` from 4.1.0 to 4.4.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/4907a6ddec9925e35a0a9e82d7399ccc52663121...af1e73f918a031802d376d3c8bbc3fe56130a9b0) Updates `github/codeql-action/upload-sarif` from 4.35.3 to 4.36.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/e46ed2cbd01164d986452f91f178727624ae40d7...54f647b7e1bb85c95cddabcd46b0c578ec92bc1a) Updates `github/codeql-action/init` from 4.35.3 to 4.36.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/e46ed2cbd01164d986452f91f178727624ae40d7...54f647b7e1bb85c95cddabcd46b0c578ec92bc1a) Updates `github/codeql-action/autobuild` from 4.35.3 to 4.36.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/e46ed2cbd01164d986452f91f178727624ae40d7...54f647b7e1bb85c95cddabcd46b0c578ec92bc1a) Updates `github/codeql-action/analyze` from 4.35.3 to 4.36.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/e46ed2cbd01164d986452f91f178727624ae40d7...54f647b7e1bb85c95cddabcd46b0c578ec92bc1a) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci - dependency-name: actions/setup-go dependency-version: 6.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: aws-actions/configure-aws-credentials dependency-version: 6.2.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: docker/login-action dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: docker/setup-buildx-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: docker/setup-qemu-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: fluxcd/gha-workflows/.github/workflows/backport.yaml dependency-version: 0.12.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: github/codeql-action/analyze dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: github/codeql-action/autobuild dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: github/codeql-action/init dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: github/codeql-action/upload-sarif dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: hashicorp/setup-terraform dependency-version: 4.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci ... Signed-off-by: dependabot[bot] --- .github/workflows/actions.yaml | 2 +- .github/workflows/backport.yaml | 2 +- .github/workflows/build.yaml | 4 ++-- .github/workflows/cifuzz.yaml | 4 ++-- .github/workflows/e2e.yaml | 4 ++-- .github/workflows/integration-aws.yaml | 12 ++++++------ .github/workflows/integration-azure.yaml | 10 +++++----- .github/workflows/integration-cleanup.yaml | 14 +++++++------- .github/workflows/integration-gcp.yaml | 14 +++++++------- .github/workflows/ossf.yaml | 4 ++-- .github/workflows/preview-release.yaml | 4 ++-- .github/workflows/release-prep.yaml | 4 ++-- .github/workflows/scan.yaml | 10 +++++----- .github/workflows/sync-labels.yaml | 2 +- 14 files changed, 45 insertions(+), 45 deletions(-) diff --git a/.github/workflows/actions.yaml b/.github/workflows/actions.yaml index 144202a36..3091298fc 100644 --- a/.github/workflows/actions.yaml +++ b/.github/workflows/actions.yaml @@ -21,7 +21,7 @@ jobs: name: actions on ${{ matrix.version }} steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup yq uses: ./actions/yq - name: Setup kubeconform diff --git a/.github/workflows/backport.yaml b/.github/workflows/backport.yaml index e76969e85..4cc9a8e34 100644 --- a/.github/workflows/backport.yaml +++ b/.github/workflows/backport.yaml @@ -8,6 +8,6 @@ jobs: permissions: contents: write # for reading and creating branches. pull-requests: write # for creating pull requests against release branches. - uses: fluxcd/gha-workflows/.github/workflows/backport.yaml@v0.9.0 + uses: fluxcd/gha-workflows/.github/workflows/backport.yaml@v0.12.0 secrets: github-token: ${{ secrets.BOT_GITHUB_TOKEN }} diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index b6da2102d..fb251744b 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -17,9 +17,9 @@ jobs: chunk: ["1/4", "2/4", "3/4", "4/4"] steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Go - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 + uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.5.0 with: go-version: 1.26.x # https://github.com/actions/setup-go/blob/main/docs/adrs/0000-caching-dependencies.md#example-of-real-use-cases diff --git a/.github/workflows/cifuzz.yaml b/.github/workflows/cifuzz.yaml index cb204c142..9c802198f 100644 --- a/.github/workflows/cifuzz.yaml +++ b/.github/workflows/cifuzz.yaml @@ -12,9 +12,9 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Go - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 + uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.5.0 with: go-version: 1.26.x # https://github.com/actions/setup-go/blob/main/docs/adrs/0000-caching-dependencies.md#example-of-real-use-cases diff --git a/.github/workflows/e2e.yaml b/.github/workflows/e2e.yaml index c5bf2c950..14061cf99 100644 --- a/.github/workflows/e2e.yaml +++ b/.github/workflows/e2e.yaml @@ -24,7 +24,7 @@ jobs: - github steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 # Since this is a monorepo, changes in other packages will also trigger these e2e tests # meant only for the git package. This detects us whether the changed files are part of the @@ -41,7 +41,7 @@ jobs: - 'git/**' - name: Setup Go if: ${{ steps.filter.outputs.git == 'true' || steps.filter.outputs.e2e == 'true' || github.event_name == 'workflow_dispatch' }} - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 + uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.5.0 with: go-version: 1.26.x # https://github.com/actions/setup-go/blob/main/docs/adrs/0000-caching-dependencies.md#example-of-real-use-cases diff --git a/.github/workflows/integration-aws.yaml b/.github/workflows/integration-aws.yaml index d049885df..a1242af12 100644 --- a/.github/workflows/integration-aws.yaml +++ b/.github/workflows/integration-aws.yaml @@ -26,24 +26,24 @@ jobs: working-directory: ./tests/integration steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Go - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 + uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.5.0 with: go-version: 1.26.x cache-dependency-path: tests/integration/go.sum - name: Setup Terraform - uses: hashicorp/setup-terraform@5e8dbf3c6d9deaf4193ca7a8fb23f2ac83bb6c85 # v4.0.0 + uses: hashicorp/setup-terraform@dfe3c3f87815947d99a8997f908cb6525fc44e9e # v4.0.1 - name: configure aws credentials - uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 + uses: aws-actions/configure-aws-credentials@254c19bd240aabef8777f48595e9d2d7b972184b # v6.2.1 with: role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.OCI_E2E_AWS_ASSUME_ROLE_NAME }} role-session-name: OCI_GH_Actions aws-region: us-east-1 - name: Setup QEMU - uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4.0.0 + uses: docker/setup-qemu-action@96fe6ef7f33517b61c61be40b68a1882f3264fb8 # v4.2.0 - name: Setup Docker Buildx - uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 + uses: docker/setup-buildx-action@bb05f3f5519dd87d3ba754cc423b652a5edd6d2c # v4.2.0 - name: Set dynamic variables in .env run: | cat > .env < .env <