From ce392582a8594972999085f2f7e4fbe9696d987a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 17 Mar 2026 04:05:29 +0000 Subject: [PATCH] chore(deps): bump the github-actions group across 1 directory with 6 updates Bumps the github-actions group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [github/codeql-action](https://github.com/github/codeql-action) | `4.32.6` | `4.33.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `8.0.0` | `8.0.1` | | [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact) | `3.0.1` | `4.0.0` | | [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `2.2.1` | `3.0.0` | | [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) | `7.4.0` | `7.6.0` | | [terraform-linters/setup-tflint](https://github.com/terraform-linters/setup-tflint) | `6.2.1` | `6.2.2` | Updates `github/codeql-action` from 4.32.6 to 4.33.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/0d579ffd059c29b07949a3cce3983f0780820c98...b1bff81932f5cdfc8695c7752dcee935dcd061c8) Updates `actions/download-artifact` from 8.0.0 to 8.0.1 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3...3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c) Updates `actions/upload-pages-artifact` from 3.0.1 to 4.0.0 - [Release notes](https://github.com/actions/upload-pages-artifact/releases) - [Commits](https://github.com/actions/upload-pages-artifact/compare/56afc609e74202658d3ffba0e8f6dda462b719fa...7b1f4a764d45c48632c6b24a0339c27f5614fb0b) Updates `actions/create-github-app-token` from 2.2.1 to 3.0.0 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](https://github.com/actions/create-github-app-token/compare/29824e69f54612133e76f7eaac726eef6c875baf...f8d387b68d61c58ab83c6c016672934102569859) Updates `astral-sh/setup-uv` from 7.4.0 to 7.6.0 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](https://github.com/astral-sh/setup-uv/compare/6ee6290f1cbc4156c0bdd66691b2c144ef8df19a...37802adc94f370d6bfd71619e3f0bf239e1f3b78) Updates `terraform-linters/setup-tflint` from 6.2.1 to 6.2.2 - [Release notes](https://github.com/terraform-linters/setup-tflint/releases) - [Commits](https://github.com/terraform-linters/setup-tflint/compare/4cb9feea73331a35b422df102992a03a44a3bb33...b480b8fcdaa6f2c577f8e4fa799e89e756bb7c93) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.33.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/upload-pages-artifact dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/create-github-app-token dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: astral-sh/setup-uv dependency-version: 7.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: terraform-linters/setup-tflint dependency-version: 6.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 6 +++--- .github/workflows/create-stale-docs-issues.yml | 2 +- .github/workflows/dast-zap-scan.yml | 2 +- .github/workflows/dependency-pinning-scan.yml | 2 +- .github/workflows/deploy-docs.yml | 2 +- .github/workflows/gitleaks-scan.yml | 2 +- .github/workflows/main.yml | 6 +++--- .github/workflows/pytest-tests.yml | 2 +- .github/workflows/python-lint.yml | 2 +- .github/workflows/scorecard.yml | 2 +- .github/workflows/terraform-lint.yml | 2 +- .github/workflows/validate-config-schema.yml | 2 +- 12 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 5d8cd935..8d81190b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -38,16 +38,16 @@ jobs: persist-credentials: false - name: Initialize CodeQL - uses: github/codeql-action/init@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6 + uses: github/codeql-action/init@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0 with: languages: ${{ matrix.language }} queries: security-extended,security-and-quality - name: Autobuild - uses: github/codeql-action/autobuild@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6 + uses: github/codeql-action/autobuild@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6 + uses: github/codeql-action/analyze@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/create-stale-docs-issues.yml b/.github/workflows/create-stale-docs-issues.yml index 2a1e4a9b..ff284c84 100644 --- a/.github/workflows/create-stale-docs-issues.yml +++ b/.github/workflows/create-stale-docs-issues.yml @@ -41,7 +41,7 @@ jobs: persist-credentials: false - name: Download freshness check results - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: ${{ inputs.artifact-name }} path: logs diff --git a/.github/workflows/dast-zap-scan.yml b/.github/workflows/dast-zap-scan.yml index 1c84af79..91ed3c75 100644 --- a/.github/workflows/dast-zap-scan.yml +++ b/.github/workflows/dast-zap-scan.yml @@ -64,7 +64,7 @@ jobs: - name: Upload SARIF to Security tab if: always() - uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6 + uses: github/codeql-action/upload-sarif@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0 continue-on-error: true with: sarif_file: results/zap-results.sarif diff --git a/.github/workflows/dependency-pinning-scan.yml b/.github/workflows/dependency-pinning-scan.yml index ae643edc..94759530 100644 --- a/.github/workflows/dependency-pinning-scan.yml +++ b/.github/workflows/dependency-pinning-scan.yml @@ -158,7 +158,7 @@ jobs: - name: Upload SARIF to Security tab if: inputs.upload-sarif && always() - uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6 + uses: github/codeql-action/upload-sarif@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0 with: sarif_file: logs/dependency-pinning-results.sarif category: dependency-pinning diff --git a/.github/workflows/deploy-docs.yml b/.github/workflows/deploy-docs.yml index 259623e0..ffec92f1 100644 --- a/.github/workflows/deploy-docs.yml +++ b/.github/workflows/deploy-docs.yml @@ -62,7 +62,7 @@ jobs: uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0 - name: Upload artifact - uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3.0.1 + uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4.0.0 with: path: docs/docusaurus/build diff --git a/.github/workflows/gitleaks-scan.yml b/.github/workflows/gitleaks-scan.yml index 823114ad..53e5fc32 100644 --- a/.github/workflows/gitleaks-scan.yml +++ b/.github/workflows/gitleaks-scan.yml @@ -94,7 +94,7 @@ jobs: - name: Upload SARIF to Security tab if: always() - uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6 + uses: github/codeql-action/upload-sarif@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0 with: sarif_file: logs/gitleaks-results.sarif category: gitleaks diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml index 247fe8be..58bc6614 100644 --- a/.github/workflows/main.yml +++ b/.github/workflows/main.yml @@ -166,7 +166,7 @@ jobs: steps: - name: Generate GitHub App Token id: app-token - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.0.0 + uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v2.0.0 with: app-id: ${{ vars.RELEASE_APP_ID }} private-key: ${{ secrets.RELEASE_APP_PRIVATE_KEY }} @@ -194,7 +194,7 @@ jobs: - name: Setup uv if: ${{ steps.release.outputs.prs_created == 'true' }} - uses: astral-sh/setup-uv@6ee6290f1cbc4156c0bdd66691b2c144ef8df19a # v7.4.0 + uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7.6.0 - name: Regenerate uv.lock if: ${{ steps.release.outputs.prs_created == 'true' }} @@ -364,7 +364,7 @@ jobs: steps: - name: Generate GitHub App Token id: app-token - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.0.0 + uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v2.0.0 with: app-id: ${{ vars.RELEASE_APP_ID }} private-key: ${{ secrets.RELEASE_APP_PRIVATE_KEY }} diff --git a/.github/workflows/pytest-tests.yml b/.github/workflows/pytest-tests.yml index 9a59a7cf..5691660e 100644 --- a/.github/workflows/pytest-tests.yml +++ b/.github/workflows/pytest-tests.yml @@ -31,7 +31,7 @@ jobs: python-version: '3.11' - name: Setup uv - uses: astral-sh/setup-uv@6ee6290f1cbc4156c0bdd66691b2c144ef8df19a # v7.4.0 + uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7.6.0 - name: Install dependencies run: uv sync --group dev diff --git a/.github/workflows/python-lint.yml b/.github/workflows/python-lint.yml index 6d6e8303..05e963e3 100644 --- a/.github/workflows/python-lint.yml +++ b/.github/workflows/python-lint.yml @@ -29,7 +29,7 @@ jobs: persist-credentials: false - name: Setup uv - uses: astral-sh/setup-uv@6ee6290f1cbc4156c0bdd66691b2c144ef8df19a # v7.4.0 + uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7.6.0 - name: Ruff lint check id: ruff-check diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 884c3fc6..facf6eb0 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -38,7 +38,7 @@ jobs: publish_results: true - name: Upload SARIF to Security tab - uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6 + uses: github/codeql-action/upload-sarif@b1bff81932f5cdfc8695c7752dcee935dcd061c8 # v4.33.0 continue-on-error: true with: sarif_file: results.sarif diff --git a/.github/workflows/terraform-lint.yml b/.github/workflows/terraform-lint.yml index 63a4c408..a59281f6 100644 --- a/.github/workflows/terraform-lint.yml +++ b/.github/workflows/terraform-lint.yml @@ -32,7 +32,7 @@ jobs: run: New-Item -ItemType Directory -Force -Path logs | Out-Null - name: Setup TFLint - uses: terraform-linters/setup-tflint@4cb9feea73331a35b422df102992a03a44a3bb33 # v6.2.1 + uses: terraform-linters/setup-tflint@b480b8fcdaa6f2c577f8e4fa799e89e756bb7c93 # v6.2.2 with: tflint_version: v0.61.0 cache: true diff --git a/.github/workflows/validate-config-schema.yml b/.github/workflows/validate-config-schema.yml index 46f65b4d..69f20ce5 100644 --- a/.github/workflows/validate-config-schema.yml +++ b/.github/workflows/validate-config-schema.yml @@ -32,7 +32,7 @@ jobs: python-version: '3.11' - name: Setup uv - uses: astral-sh/setup-uv@6ee6290f1cbc4156c0bdd66691b2c144ef8df19a # v7.4.0 + uses: astral-sh/setup-uv@37802adc94f370d6bfd71619e3f0bf239e1f3b78 # v7.6.0 - name: Install dependencies run: uv pip install --system "pydantic==2.12.5"