From 6055e7974e2124ed075af2f350a18c11cf682fe1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 1 Jul 2026 11:05:02 +0000 Subject: [PATCH 1/2] chore(deps): bump the github-actions group across 1 directory with 7 updates Bumps the github-actions group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6.0.2` | `7.0.0` | | [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) | `acbe8b15bfea3c08ecd23f3a982067a91e34533e` | `53ee9ba4a300e5c69143f881fe89c70027fbf83b` | | [suzuki-shunsuke/pinact-action](https://github.com/suzuki-shunsuke/pinact-action) | `2.0.0` | `3.0.0` | | [actions/setup-go](https://github.com/actions/setup-go) | `6.4.0` | `6.5.0` | | [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `9.2.0` | `9.3.0` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `6.0.0` | `7.0.0` | | [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.5.3` | `0.5.7` | Updates `actions/checkout` from 6.0.2 to 7.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0) Updates `stefanzweifel/git-auto-commit-action` from acbe8b15bfea3c08ecd23f3a982067a91e34533e to 53ee9ba4a300e5c69143f881fe89c70027fbf83b - [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases) - [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md) - [Commits](https://github.com/stefanzweifel/git-auto-commit-action/compare/acbe8b15bfea3c08ecd23f3a982067a91e34533e...53ee9ba4a300e5c69143f881fe89c70027fbf83b) Updates `suzuki-shunsuke/pinact-action` from 2.0.0 to 3.0.0 - [Release notes](https://github.com/suzuki-shunsuke/pinact-action/releases) - [Commits](https://github.com/suzuki-shunsuke/pinact-action/compare/cf51507d80d4d6522a07348e3d58790290eaf0b6...896d595f299e71d65b9d28349d6956abe144390a) Updates `actions/setup-go` from 6.4.0 to 6.5.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/4a3601121dd01d1626a1e23e37211e3254c1c06c...924ae3a1cded613372ab5595356fb5720e22ba16) Updates `golangci/golangci-lint-action` from 9.2.0 to 9.3.0 - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](https://github.com/golangci/golangci-lint-action/compare/1e7e51e771db61008b38414a730f564565cf7c20...ba0d7d2ec06a0ea1cb5fa41b2e4a3ab91d21278a) Updates `codecov/codecov-action` from 6.0.0 to 7.0.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/57e3a136b779b570ffcdbf80b3bdc90e7fab3de2...fb8b3582c8e4def4969c97caa2f19720cb33a72f) Updates `zizmorcore/zizmor-action` from 0.5.3 to 0.5.7 - [Release notes](https://github.com/zizmorcore/zizmor-action/releases) - [Commits](https://github.com/zizmorcore/zizmor-action/compare/b1d7e1fb5de872772f31590499237e7cce841e8e...192e21d79ab29983730a13d1382995c2307fbcaa) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: stefanzweifel/git-auto-commit-action dependency-version: 53ee9ba4a300e5c69143f881fe89c70027fbf83b dependency-type: direct:production dependency-group: github-actions - dependency-name: suzuki-shunsuke/pinact-action dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-go dependency-version: 6.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: golangci/golangci-lint-action dependency-version: 9.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: codecov/codecov-action dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: zizmorcore/zizmor-action dependency-version: 0.5.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/dependabot-changie.yaml | 4 ++-- .github/workflows/pinact.yaml | 4 ++-- .github/workflows/tests.yml | 10 +++++----- .github/workflows/zizmor.yaml | 4 ++-- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/dependabot-changie.yaml b/.github/workflows/dependabot-changie.yaml index 931c6b1..0deae50 100644 --- a/.github/workflows/dependabot-changie.yaml +++ b/.github/workflows/dependabot-changie.yaml @@ -15,7 +15,7 @@ jobs: if: github.event.pull_request.user.id == 49699333 steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Fetch Dependabot metadata id: dependabot-metadata @@ -29,7 +29,7 @@ jobs: version: latest args: new --body "${{ github.event.pull_request.title }}" --kind Dependency - - uses: stefanzweifel/git-auto-commit-action@acbe8b15bfea3c08ecd23f3a982067a91e34533e # v7-next + - uses: stefanzweifel/git-auto-commit-action@53ee9ba4a300e5c69143f881fe89c70027fbf83b # v7-next with: commit_message: "chore(deps): add changelog for dependabot updates" commit_user_name: "dependabot[bot]" diff --git a/.github/workflows/pinact.yaml b/.github/workflows/pinact.yaml index 01f5744..2f49493 100644 --- a/.github/workflows/pinact.yaml +++ b/.github/workflows/pinact.yaml @@ -18,12 +18,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: Pin actions - uses: suzuki-shunsuke/pinact-action@cf51507d80d4d6522a07348e3d58790290eaf0b6 # v2.0.0 + uses: suzuki-shunsuke/pinact-action@896d595f299e71d65b9d28349d6956abe144390a # v3.0.0 with: skip_push: true verify: true diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index f9f60b2..6aee092 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -7,16 +7,16 @@ jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Set up Go 1.20 - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 + uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.5.0 with: go-version: "1.20" - name: golangci-lint continue-on-error: true - uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9.2.0 + uses: golangci/golangci-lint-action@ba0d7d2ec06a0ea1cb5fa41b2e4a3ab91d21278a # v9.3.0 with: args: --issues-exit-code=0 --timeout=5m @@ -24,7 +24,7 @@ jobs: run: go test -race -coverprofile=coverage.out -covermode=atomic -coverpkg=./... -v ./... - name: Upload to codecov - uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0 + uses: codecov/codecov-action@fb8b3582c8e4def4969c97caa2f19720cb33a72f # v7.0.0 with: verbose: true @@ -37,7 +37,7 @@ jobs: pull-requests: write actions: write steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 diff --git a/.github/workflows/zizmor.yaml b/.github/workflows/zizmor.yaml index 5dc1385..c3e9498 100644 --- a/.github/workflows/zizmor.yaml +++ b/.github/workflows/zizmor.yaml @@ -20,12 +20,12 @@ jobs: actions: read steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: Run zizmor - uses: zizmorcore/zizmor-action@b1d7e1fb5de872772f31590499237e7cce841e8e # v0.5.3 + uses: zizmorcore/zizmor-action@192e21d79ab29983730a13d1382995c2307fbcaa # v0.5.7 with: advanced-security: false annotations: true From b5b1b0596c04fc1d3d483501608985a9587e2f42 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 1 Jul 2026 11:05:14 +0000 Subject: [PATCH 2/2] chore(deps): add changelog for dependabot updates --- .changes/unreleased/Dependency-20260701-110514.yaml | 3 +++ 1 file changed, 3 insertions(+) create mode 100644 .changes/unreleased/Dependency-20260701-110514.yaml diff --git a/.changes/unreleased/Dependency-20260701-110514.yaml b/.changes/unreleased/Dependency-20260701-110514.yaml new file mode 100644 index 0000000..120903c --- /dev/null +++ b/.changes/unreleased/Dependency-20260701-110514.yaml @@ -0,0 +1,3 @@ +kind: Dependency +body: 'chore(deps): bump the github-actions group across 1 directory with 7 updates' +time: 2026-07-01T11:05:14.504334265Z