[v8](gha): Bump the dependencies group across 1 directory with 4 updates (#3608)

dependabot[bot] · web-flow · commit c219e62a66d9 · 2025-10-27T12:31:56.000-04:00
Bumps the dependencies group with 4 updates in the / directory: [anchore/scan-action](https://github.com/anchore/scan-action), [actions/upload-artifact](https://github.com/actions/upload-artifact), [actions/download-artifact](https://github.com/actions/download-artifact) and [github/codeql-action](https://github.com/github/codeql-action). Updates `anchore/scan-action` from 6 to 7 - [Release notes](https://github.com/anchore/scan-action/releases) - [Changelog](https://github.com/anchore/scan-action/blob/main/RELEASE.md) - [Commits](anchore/scan-action@v6...v7) Updates `actions/upload-artifact` from 4 to 5 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4...v5) Updates `actions/download-artifact` from 5 to 6 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v5...v6) Updates `github/codeql-action` from 3 to 4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) --- updated-dependencies: - dependency-name: anchore/scan-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: actions/upload-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: actions/download-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/check-cves.yml b/.github/workflows/check-cves.yml
@@ -14,7 +14,7 @@ jobs:
 
     - name: Scan current project
       id: scan
-      uses: anchore/scan-action@v6
+      uses: anchore/scan-action@v7
       with:
         path: "."
         add-cpes-if-none: true
@@ -26,7 +26,7 @@ jobs:
       if: always()
 
     - name: Archive CVE scan results
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       if: always()
       with:
         name: cve-scan-results-${{ github.sha }}-${{ github.run_id }}-${{ github.run_number }}
diff --git a/.github/workflows/release-build-sign-upload.yml b/.github/workflows/release-build-sign-upload.yml
@@ -169,7 +169,7 @@ jobs:
         make out/cf-cli_linux_arm64
 
     - name: Store Linux Binaries
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         if-no-files-found: error
         name: cf-cli-linux-binaries
@@ -274,7 +274,7 @@ jobs:
       working-directory: signed-redhat-installer
 
     - name: Store Signed Linux RPM Packages
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         if-no-files-found: error
         name: cf-cli-linux-rpm-packages
@@ -375,7 +375,7 @@ jobs:
       working-directory: packaged-deb
 
     - name: Store Debian Packages
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         if-no-files-found: error
         name: cf-cli-linux-deb-packages
@@ -465,7 +465,7 @@ jobs:
         make out/cf-cli_macosarm
 
     - name: Store macOS Binaries
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         if-no-files-found: error
         name: cf-cli-macos-binaries
@@ -604,7 +604,7 @@ jobs:
           "signed-macos-installer/cf${VERSION_MAJOR}-cli-installer_${VERSION_BUILD}_macosarm.pkg"
 
     - name: Store macOS Signed Packages
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         if-no-files-found: error
         name: cf-cli-macos-packages
@@ -690,7 +690,7 @@ jobs:
           New-Item -ItemType SymbolicLink -Target .\out\cf-cli_winx64.exe -Path .\out\cf-cli_winx64-link.exe
 
       - name: Save signed binaries as a GitHub Action Artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: cf-cli-windows-binaries
           if-no-files-found: error
@@ -735,7 +735,7 @@ jobs:
           Get-ChildItem "${env:RUNNER_TEMP}"
 
       - name: Save installer and dist files as a GitHub Action Artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: cf-cli-windows-packages
           if-no-files-found: error
@@ -770,7 +770,7 @@ jobs:
       uses: actions/checkout@v5
 
     - name: Download signed artifacts
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         path: signed # download all artifacts to 'signed/'
 
@@ -856,7 +856,7 @@ jobs:
           signed/winx64/*zip
 
     - name: Store Artifacts
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         if-no-files-found: error
         name: final-artifacts
@@ -889,7 +889,7 @@ jobs:
     steps:
 
     - name: Download Signed Linux Packages
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         name: cf-cli-linux-rpm-packages
 
@@ -916,7 +916,7 @@ jobs:
     steps:
 
     - name: Download Signed Linux Packages
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         name: cf-cli-linux-deb-packages
 
@@ -944,7 +944,7 @@ jobs:
     steps:
 
     - name: Download Signed macOS Packages
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         name: cf-cli-macos-packages
 
@@ -968,7 +968,7 @@ jobs:
     steps:
 
     - name: Download Signed Windows Binaries
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         name: cf-cli-windows-binaries
 
@@ -978,7 +978,7 @@ jobs:
         Get-AuthenticodeSignature -Verbose -ErrorAction Stop .\cf-cli_winx64.exe
 
     - name: Download Signed Windows Binaries
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         name: cf-cli-windows-packages
 
@@ -1008,7 +1008,7 @@ jobs:
     - s3-upload
     steps:
     - name: Download signed artifacts
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         name: final-artifacts
         path: ${{ env.ARTIFACTS_DIR }}
diff --git a/.github/workflows/release-update-repos.yml b/.github/workflows/release-update-repos.yml
@@ -385,7 +385,7 @@ jobs:
     #     ls -R
     #
     # - name: Backup current Linux RPM repodata
-    #   uses: actions/upload-artifact@v4
+    #   uses: actions/upload-artifact@v5
     #   with:
     #     if-no-files-found: error
     #     name: cf-cli-linux-rpm-repodata-backup
@@ -428,7 +428,7 @@ jobs:
       run: ls -R
 
     - name: Store Linux RPM repodata
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         if-no-files-found: error
         name: cf-cli-linux-rpm-repodata
diff --git a/.github/workflows/util-code-quality.yml b/.github/workflows/util-code-quality.yml
@@ -25,15 +25,15 @@ jobs:
         uses: actions/checkout@v5
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
         with:
           languages: go
           config-file: ./.github/codeql/codeql-config.yml
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v3
+        uses: github/codeql-action/autobuild@v4
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v4
 
 # vim: set sw=2 ts=2 sts=2 et tw=78 foldlevel=2 fdm=indent nospell:
