From a6e66793e1706f494e48785256e208e9b5f4ca6f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 7 Mar 2026 11:25:33 +0100 Subject: [PATCH] Bump the github-actions-all group with 3 updates (#675) Bumps the github-actions-all group with 3 updates: [github/codeql-action](https://github.com/github/codeql-action), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [actions/download-artifact](https://github.com/actions/download-artifact). Updates `github/codeql-action` from 4.32.1 to 4.32.4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/6bc82e05fd0ea64601dd4b465378bbcf57de0314...89a39a4e59826350b863aa6b6252a07ad50cf83e) Updates `actions/upload-artifact` from 6.0.0 to 7.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/b7c566a772e6b6bfb58ed0dc250532a479d7789f...bbbca2ddaa5d8feaa63e36b76fdaad77386f024f) Updates `actions/download-artifact` from 7.0.0 to 8.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/37930b1c2abaa49bbe596cd826c3c89aef350131...70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-all - dependency-name: actions/upload-artifact dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-all - dependency-name: actions/download-artifact dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-all ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/codeql.yml | 4 ++-- .github/workflows/main.yml | 16 ++++++++-------- .github/workflows/scorecard.yml | 2 +- 3 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index ec79d9a..6240816 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -35,11 +35,11 @@ jobs: - name: "Checkout" uses: "actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd" - name: "Initialize CodeQL" - uses: "github/codeql-action/init@6bc82e05fd0ea64601dd4b465378bbcf57de0314" + uses: "github/codeql-action/init@89a39a4e59826350b863aa6b6252a07ad50cf83e" with: languages: "${{ matrix.language }}" build-mode: "${{ matrix.build-mode }}" - name: "Perform CodeQL Analysis" - uses: "github/codeql-action/analyze@6bc82e05fd0ea64601dd4b465378bbcf57de0314" + uses: "github/codeql-action/analyze@89a39a4e59826350b863aa6b6252a07ad50cf83e" with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 1a5e5cc..76aa827 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -45,7 +45,7 @@ jobs: run: '[ -z "$(git status --porcelain ./dist/)" ] || { git diff >&2; exit 1; }' - name: "Upload dist artifact" if: "runner.os == 'Linux'" - uses: "actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f" + uses: "actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f" with: name: "dist" path: "./dist/" @@ -75,7 +75,7 @@ jobs: shell: "bash" run: "rm -rf ./dist/" - name: "Download dist artifact" - uses: "actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131" + uses: "actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3" with: name: "dist" path: "./dist/" @@ -107,7 +107,7 @@ jobs: shell: "bash" run: "rm -rf ./dist/" - name: "Download dist artifact" - uses: "actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131" + uses: "actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3" with: name: "dist" path: "./dist/" @@ -138,7 +138,7 @@ jobs: shell: "bash" run: "rm -rf ./dist/" - name: "Download dist artifact" - uses: "actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131" + uses: "actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3" with: name: "dist" path: "./dist/" @@ -169,7 +169,7 @@ jobs: shell: "bash" run: "rm -rf ./dist/" - name: "Download dist artifact" - uses: "actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131" + uses: "actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3" with: name: "dist" path: "./dist/" @@ -201,7 +201,7 @@ jobs: shell: "bash" run: "rm -rf ./dist/" - name: "Download dist artifact" - uses: "actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131" + uses: "actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3" with: name: "dist" path: "./dist/" @@ -234,7 +234,7 @@ jobs: shell: "bash" run: "rm -rf ./dist/" - name: "Download dist artifact" - uses: "actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131" + uses: "actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3" with: name: "dist" path: "./dist/" @@ -265,7 +265,7 @@ jobs: shell: "bash" run: "rm -rf ./dist/" - name: "Download dist artifact" - uses: "actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131" + uses: "actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3" with: name: "dist" path: "./dist/" diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index c9f1dfc..85a9ba3 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -29,6 +29,6 @@ jobs: repo_token: "${{ secrets.GITHUB_TOKEN }}" publish_results: false - name: "Upload SARIF file" - uses: "github/codeql-action/upload-sarif@6bc82e05fd0ea64601dd4b465378bbcf57de0314" + uses: "github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e" with: sarif_file: "./results.sarif"