chore(deps): bump the github-actions group with 6 updates #265

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged

smlx merged 1 commit into main from dependabot/github_actions/github-actions-ffaa2df121

Feb 2, 2026

.github/workflows/build.yaml

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -10,10 +10,10 @@ jobs:
  
          contents: read

        runs-on: ubuntu-latest

        steps:

        - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

        - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

          with:

            ref: ${{ github.event.pull_request.head.sha }}

        - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0

        - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0

          with:

            go-version: stable

        - uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6.4.0

    @@ -39,14 +39,14 @@ jobs:
  
            - go-cli-github

            - another-binary

        steps:

        - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

        - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

          with:

            ref: ${{ github.event.pull_request.head.sha }}

        - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0

        - name: untar binaries

          run: tar -xvf dist.tar

        - name: Login to GHCR

          uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0

          uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0

          with:

            registry: ghcr.io

            username: ${{ github.repository_owner }}

    @@ -75,7 +75,7 @@ jobs:
  
          contents: read

        runs-on: ubuntu-latest

        steps:

        - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

        - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

          with:

            fetch-depth: 0

        - id: ccv

.github/workflows/coverage.yaml

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -10,8 +10,8 @@ jobs:
  
          contents: write

        runs-on: ubuntu-latest

        steps:

        - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

        - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0

        - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

        - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0

          with:

            go-version: stable

        - name: Calculate coverage

.github/workflows/dependency-review.yaml

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -13,7 +13,7 @@ jobs:
  
          contents: read

        runs-on: ubuntu-latest

        steps:

        - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

        - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

        - uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2

          with:

            config-file: .github/dependency-review-config.yaml

.github/workflows/lint.yaml

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -13,8 +13,8 @@ jobs:
  
          contents: read

        runs-on: ubuntu-latest

        steps:

        - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

        - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0

        - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

        - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0

          with:

            go-version: stable

        - uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9.2.0

    @@ -26,7 +26,7 @@ jobs:
  
          pull-requests: read

        runs-on: ubuntu-latest

        steps:

        - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

        - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

          with:

            fetch-depth: 0

        - uses: wagoid/commitlint-github-action@b948419dd99f3fd78a6548d48f94e3df7f6bf3ed # v6.2.1

    @@ -37,7 +37,7 @@ jobs:
  
          contents: read

        runs-on: ubuntu-latest

        steps:

        - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

        - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

        - uses: docker://rhysd/actionlint:1.7.0@sha256:601d6faeefa07683a4a79f756f430a1850b34d575d734b1d1324692202bf312e # v1.7.0

          with:

            args: -color

.github/workflows/ossf-analysis.yaml

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -14,7 +14,7 @@ jobs:
  
          # Needed for GitHub OIDC token if publish_results is true

          id-token: write

        steps:

        - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

        - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

        - name: Run analysis

          uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3

          with:

    @@ -26,6 +26,6 @@ jobs:
  
            # of the value entered here.

            publish_results: true

        - name: Upload SARIF results to code scanning

          uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v3.29.5

          uses: github/codeql-action/upload-sarif@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v3.29.5

          with:

            sarif_file: results.sarif

.github/workflows/release.yaml

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -13,7 +13,7 @@ jobs:
  
        outputs:

          new-tag: ${{ steps.ccv.outputs.new-tag }}

        steps:

        - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

        - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

          with:

            fetch-depth: 0

        - name: Bump tag if necessary

    @@ -32,10 +32,10 @@ jobs:
  
        if: needs.release-tag.outputs.new-tag == 'true'

        runs-on: ubuntu-latest

        steps:

        - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

        - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

          with:

            fetch-depth: 0

        - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0

        - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0

          with:

            go-version: stable

        # The setup-buildx-action enables the docker-container driver, which allows

    @@ -46,9 +46,9 @@ jobs:
  
        # in .gorleaser.yaml), it also needs to install syft into the action

        # environment.

        - uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0

        - uses: anchore/sbom-action/download-syft@a930d0ac434e3182448fe678398ba5713717112a # v0.21.0

        - uses: anchore/sbom-action/download-syft@deef08a0db64bfad603422135db61477b16cef56 # v0.22.1

        - name: Login to GHCR

          uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0

          uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0

          with:

            registry: ghcr.io

            username: ${{ github.repository_owner }}

    @@ -61,11 +61,11 @@ jobs:
  
          env:

            GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

        # attest artifacts

        - uses: actions/attest-build-provenance@00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8 # v3.1.0

        - uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f # v3.2.0

          with:

            subject-checksums: ./dist/checksums.txt

        # attest images

        - uses: actions/attest-build-provenance@00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8 # v3.1.0

        - uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f # v3.2.0

          with:

            subject-checksums: ./dist/digests.txt

            push-to-registry: true

.github/workflows/test.yaml

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -13,10 +13,10 @@ jobs:
  
          contents: read

        runs-on: ubuntu-latest

        steps:

        - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1

        - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

          with:

            ref: ${{ github.event.pull_request.head.sha }}

        - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0

        - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0

          with:

            go-version: stable

        - run: go test -v ./...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the github-actions group with 6 updates #265

Uh oh!

Diff view

Diff view

There are no files selected for viewing

Uh oh!