Bump the github-actions group with 5 updates

dependabot[bot] · web-flow · commit 9e436ee94d35 · 2025-11-01T05:04:27.000Z
Bumps the github-actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [github/codeql-action](https://github.com/github/codeql-action) | `3` | `4` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `5` | | [mikepenz/release-changelog-builder-action](https://github.com/mikepenz/release-changelog-builder-action) | `5` | `6` | | [devops-infra/action-pull-request](https://github.com/devops-infra/action-pull-request) | `0.6.1` | `1.0.2` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.10.0` | `4.0.0` | Updates `github/codeql-action` from 3 to 4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) Updates `actions/upload-artifact` from 4 to 5 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4...v5) Updates `mikepenz/release-changelog-builder-action` from 5 to 6 - [Release notes](https://github.com/mikepenz/release-changelog-builder-action/releases) - [Commits](mikepenz/release-changelog-builder-action@v5...v6) Updates `devops-infra/action-pull-request` from 0.6.1 to 1.0.2 - [Release notes](https://github.com/devops-infra/action-pull-request/releases) - [Commits](devops-infra/action-pull-request@v0.6.1...v1.0.2) Updates `sigstore/cosign-installer` from 3.10.0 to 4.0.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@d7543c9...faadad0) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: mikepenz/release-changelog-builder-action dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: devops-infra/action-pull-request dependency-version: 1.0.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: sigstore/cosign-installer dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
diff --git a/.github/workflows/build-test.yaml b/.github/workflows/build-test.yaml
@@ -51,7 +51,7 @@ jobs:
           severity: "CRITICAL,HIGH,MEDIUM"
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: "trivy-results.sarif"
 
@@ -98,7 +98,7 @@ jobs:
         continue-on-error: true
 
       - name: Generate code coverage artifacts
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: code-coverage
           path: coverage.out
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -110,12 +110,12 @@ jobs:
 
       - name: Build Changelog
         id: github_release
-        uses: mikepenz/release-changelog-builder-action@v5
+        uses: mikepenz/release-changelog-builder-action@v6
         with:
           ignorePreReleases: true
 
       - name: Create Release PR
-        uses: devops-infra/action-pull-request@v0.6.1
+        uses: devops-infra/action-pull-request@v1.0.2
         with:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           target_branch: main
@@ -207,7 +207,7 @@ jobs:
       # Install the cosign tool except on PR
       # https://github.com/sigstore/cosign-installer
       - name: Install cosign
-        uses: sigstore/cosign-installer@d7543c93d881b35a8faa02e8e3605f69b7a1ce62 #v3.10.0
+        uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad #v4.0.0
         with:
           cosign-release: "v2.2.4"
 
