From 7ded3da033985c00673f4e2b451d71857d2ad3e4 Mon Sep 17 00:00:00 2001 From: Jean-Baptiste Watenberg Date: Tue, 14 Apr 2026 13:52:31 +0200 Subject: [PATCH 1/2] ci: update GitHub Actions to Node 24 runtime --- .github/workflows/claude-code-dependency-review.yml | 2 +- .github/workflows/docker-build.yaml | 6 +++--- .github/workflows/trivy.yaml | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/claude-code-dependency-review.yml b/.github/workflows/claude-code-dependency-review.yml index d43480a..ef510fb 100644 --- a/.github/workflows/claude-code-dependency-review.yml +++ b/.github/workflows/claude-code-dependency-review.yml @@ -64,7 +64,7 @@ jobs: - name: Set up Node.js if: hashFiles('yarn.lock') != '' - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: ${{ inputs.node-version }} diff --git a/.github/workflows/docker-build.yaml b/.github/workflows/docker-build.yaml index f239b80..dca0b78 100644 --- a/.github/workflows/docker-build.yaml +++ b/.github/workflows/docker-build.yaml @@ -86,17 +86,17 @@ jobs: if: inputs.platforms - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 - name: Login to ${{ inputs.registry }} - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: registry: ${{ inputs.registry }} username: ${{ env.REGISTRY_LOGIN }} password: ${{ env.REGISTRY_PASSWORD }} - name: Build and push ${{ inputs.name }} image - uses: docker/build-push-action@v6 + uses: docker/build-push-action@v7 with: context: ${{ inputs.context }} provenance: ${{ inputs.provenance }} diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml index 2eeac2c..97ca64c 100644 --- a/.github/workflows/trivy.yaml +++ b/.github/workflows/trivy.yaml @@ -50,7 +50,7 @@ jobs: vuln-type: 'os,library' - name: Upload Trivy Image scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v4 with: sarif_file: 'trivy-image-results.sarif' category: 'image' From ac4419ff3a41d74eb084b52a33d5caa5416573fe Mon Sep 17 00:00:00 2001 From: Jean-Baptiste Watenberg Date: Tue, 14 Apr 2026 22:44:27 +0200 Subject: [PATCH 2/2] ci(workflows): bump actions/checkout to v6 and setup-qemu to v4 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - actions/checkout: v5 → v6 (docker-build.yaml, trivy.yaml) - docker/setup-qemu-action: v3 → v4 (docker-build.yaml) Co-Authored-By: Claude Sonnet 4.6 (1M context) --- .github/workflows/docker-build.yaml | 4 ++-- .github/workflows/trivy.yaml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/docker-build.yaml b/.github/workflows/docker-build.yaml index dca0b78..4693a7b 100644 --- a/.github/workflows/docker-build.yaml +++ b/.github/workflows/docker-build.yaml @@ -77,12 +77,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: lfs: ${{ inputs.lfs }} - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@v4 if: inputs.platforms - name: Set up Docker Buildx diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml index 97ca64c..e374483 100644 --- a/.github/workflows/trivy.yaml +++ b/.github/workflows/trivy.yaml @@ -33,7 +33,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Image Scan uses: aquasecurity/trivy-action@0.35.0