Skip to content

Commit fe9ab6e

Browse files
felixfonteinfelixfontein
authored
Merge pull request #2017 from getsops/dependabot/github_actions/ci-cd1619c2dd
build(deps): Bump the ci group with 5 updates
2 parents 5418995 + ab90340 commit fe9ab6e

File tree

3 files changed

+7
-7
lines changed

3 files changed

+7
-7
lines changed

.github/workflows/cli.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ jobs:
3939
with:
4040
persist-credentials: false
4141

42-
- uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
42+
- uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
4343
with:
4444
path: ~/go/pkg/mod
4545
key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }}
@@ -68,14 +68,14 @@ jobs:
6868

6969
- name: Upload artifact for ${{ matrix.os }}
7070
if: matrix.os != 'windows'
71-
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
71+
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
7272
with:
7373
name: sops-${{ matrix.go-version }}-${{ matrix.os }}-${{ matrix.arch }}-${{ github.sha }}
7474
path: sops-${{ matrix.go-version }}-${{ matrix.os }}-${{ matrix.arch }}-${{ github.sha }}
7575

7676
- name: Upload artifact for ${{ matrix.os }}
7777
if: matrix.os == 'windows'
78-
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
78+
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
7979
with:
8080
name: sops-${{ matrix.go-version }}-${{ matrix.os }}-${{ github.sha }}
8181
path: sops-${{ matrix.go-version }}-${{ matrix.os }}-${{ github.sha }}
@@ -105,7 +105,7 @@ jobs:
105105
- name: Show Rust version
106106
run: cargo --version
107107

108-
- uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
108+
- uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
109109
with:
110110
name: sops-${{ matrix.go-version }}-linux-amd64-${{ github.sha }}
111111

.github/workflows/codeql.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ jobs:
3535

3636
# Initializes the CodeQL tools for scanning.
3737
- name: Initialize CodeQL
38-
uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
38+
uses: github/codeql-action/init@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8
3939
with:
4040
languages: go
4141
# xref: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
@@ -52,6 +52,6 @@ jobs:
5252
make install
5353
5454
- name: Perform CodeQL Analysis
55-
uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
55+
uses: github/codeql-action/analyze@1b168cd39490f61582a9beae412bb7057a6b2c4e # v4.31.8
5656
with:
5757
category: "/language:go"

.github/workflows/release.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ jobs:
3737
cache: false
3838

3939
- name: Setup Syft
40-
uses: anchore/sbom-action/download-syft@fbfd9c6c189226748411491745178e0c2017392d # v0.20.10
40+
uses: anchore/sbom-action/download-syft@43a17d6e7add2b5535efe4dcae9952337c479a93 # v0.20.11
4141

4242
- name: Setup Cosign
4343
uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0

0 commit comments

Comments
 (0)