diff --git a/.changes/unreleased/Dependency-20260701-110514.yaml b/.changes/unreleased/Dependency-20260701-110514.yaml new file mode 100644 index 0000000..120903c --- /dev/null +++ b/.changes/unreleased/Dependency-20260701-110514.yaml @@ -0,0 +1,3 @@ +kind: Dependency +body: 'chore(deps): bump the github-actions group across 1 directory with 7 updates' +time: 2026-07-01T11:05:14.504334265Z diff --git a/.github/workflows/dependabot-changie.yaml b/.github/workflows/dependabot-changie.yaml index 931c6b1..0deae50 100644 --- a/.github/workflows/dependabot-changie.yaml +++ b/.github/workflows/dependabot-changie.yaml @@ -15,7 +15,7 @@ jobs: if: github.event.pull_request.user.id == 49699333 steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Fetch Dependabot metadata id: dependabot-metadata @@ -29,7 +29,7 @@ jobs: version: latest args: new --body "${{ github.event.pull_request.title }}" --kind Dependency - - uses: stefanzweifel/git-auto-commit-action@acbe8b15bfea3c08ecd23f3a982067a91e34533e # v7-next + - uses: stefanzweifel/git-auto-commit-action@53ee9ba4a300e5c69143f881fe89c70027fbf83b # v7-next with: commit_message: "chore(deps): add changelog for dependabot updates" commit_user_name: "dependabot[bot]" diff --git a/.github/workflows/pinact.yaml b/.github/workflows/pinact.yaml index 01f5744..2f49493 100644 --- a/.github/workflows/pinact.yaml +++ b/.github/workflows/pinact.yaml @@ -18,12 +18,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: Pin actions - uses: suzuki-shunsuke/pinact-action@cf51507d80d4d6522a07348e3d58790290eaf0b6 # v2.0.0 + uses: suzuki-shunsuke/pinact-action@896d595f299e71d65b9d28349d6956abe144390a # v3.0.0 with: skip_push: true verify: true diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index f9f60b2..6aee092 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -7,16 +7,16 @@ jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Set up Go 1.20 - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 + uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.5.0 with: go-version: "1.20" - name: golangci-lint continue-on-error: true - uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9.2.0 + uses: golangci/golangci-lint-action@ba0d7d2ec06a0ea1cb5fa41b2e4a3ab91d21278a # v9.3.0 with: args: --issues-exit-code=0 --timeout=5m @@ -24,7 +24,7 @@ jobs: run: go test -race -coverprofile=coverage.out -covermode=atomic -coverpkg=./... -v ./... - name: Upload to codecov - uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 with: verbose: true @@ -37,7 +37,7 @@ jobs: pull-requests: write actions: write steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 diff --git a/.github/workflows/zizmor.yaml b/.github/workflows/zizmor.yaml index 5dc1385..c3e9498 100644 --- a/.github/workflows/zizmor.yaml +++ b/.github/workflows/zizmor.yaml @@ -20,12 +20,12 @@ jobs: actions: read steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: Run zizmor - uses: zizmorcore/zizmor-action@b1d7e1fb5de872772f31590499237e7cce841e8e # v0.5.3 + uses: zizmorcore/zizmor-action@192e21d79ab29983730a13d1382995c2307fbcaa # v0.5.7 with: advanced-security: false annotations: true