chore(deps): bump the github-actions group across 1 directory with 7 updates (#140)

dependabot[bot] · web-flow · commit b108aeefa7fe · 2025-12-19T10:50:58.000+01:00
Bumps the github-actions group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.13.2` | `2.14.0` | | [hendrikmuhs/ccache-action](https://github.com/hendrikmuhs/ccache-action) | `1.2.18` | `1.2.20` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `5.8.0` | `5.10.0` | | [docker/login-action](https://github.com/docker/login-action) | `3.5.0` | `3.6.0` | | [reviewdog/action-suggester](https://github.com/reviewdog/action-suggester) | `1.21.0` | `1.24.0` | | [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `2.0.6` | `2.2.1` | | [googleapis/release-please-action](https://github.com/googleapis/release-please-action) | `4.2.0` | `4.4.0` | Updates `step-security/harden-runner` from 2.13.2 to 2.14.0 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@95d9a5d...20cf305) Updates `hendrikmuhs/ccache-action` from 1.2.18 to 1.2.20 - [Release notes](https://github.com/hendrikmuhs/ccache-action/releases) - [Commits](hendrikmuhs/ccache-action@63069e3...5ebbd40) Updates `docker/metadata-action` from 5.8.0 to 5.10.0 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@c1e5197...c299e40) Updates `docker/login-action` from 3.5.0 to 3.6.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@184bdaa...5e57cd1) Updates `reviewdog/action-suggester` from 1.21.0 to 1.24.0 - [Release notes](https://github.com/reviewdog/action-suggester/releases) - [Commits](reviewdog/action-suggester@4747dbc...aa38384) Updates `actions/create-github-app-token` from 2.0.6 to 2.2.1 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](actions/create-github-app-token@df432ce...29824e6) Updates `googleapis/release-please-action` from 4.2.0 to 4.4.0 - [Release notes](https://github.com/googleapis/release-please-action/releases) - [Changelog](https://github.com/googleapis/release-please-action/blob/main/CHANGELOG.md) - [Commits](googleapis/release-please-action@a02a34c...16a9c90) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: hendrikmuhs/ccache-action dependency-version: 1.2.20 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: docker/metadata-action dependency-version: 5.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/login-action dependency-version: 3.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: reviewdog/action-suggester dependency-version: 1.24.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/create-github-app-token dependency-version: 2.2.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: googleapis/release-please-action dependency-version: 4.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/flex-build-push.yml b/.github/workflows/flex-build-push.yml
@@ -22,11 +22,11 @@ jobs:
       packages: write
       pull-requests: write
     steps:
-      - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
+      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo: true
           egress-policy: audit
-      - uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # v5.8.0
+      - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
         id: metadata
         env:
           DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index
@@ -41,7 +41,7 @@ jobs:
             type=semver,pattern={{major}}.{{minor}}
             type=semver,pattern={{major}}
       - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
-      - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0
+      - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
diff --git a/.github/workflows/linting-formatting.yml b/.github/workflows/linting-formatting.yml
@@ -23,7 +23,7 @@ jobs:
       pull-requests: write
       security-events: write
     steps:
-      - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
+      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo: true
           egress-policy: audit
@@ -47,7 +47,7 @@ jobs:
           name: linter
           path: |
             megalinter-reports
-      - uses: reviewdog/action-suggester@4747dbc9f9e37adba0943e681cc20db466642158
+      - uses: reviewdog/action-suggester@aa38384ceb608d00f84b4690cacc83a5aba307ff
         with:
           tool_name: MegaLinter
           filter_mode: diff_context
diff --git a/.github/workflows/pr-conventional-title.yml b/.github/workflows/pr-conventional-title.yml
@@ -16,7 +16,7 @@ jobs:
     permissions:
       pull-requests: write
     steps:
-      - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
+      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo-and-containers: true
           egress-policy: audit
diff --git a/.github/workflows/release-build.yml b/.github/workflows/release-build.yml
@@ -31,7 +31,7 @@ jobs:
       # currently provide a more fine-grained permission for release modification.
       contents: write # is needed to modify a release
     steps:
-      - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
+      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo-and-containers: true
           egress-policy: audit
@@ -66,7 +66,7 @@ jobs:
       REF_NAME: ${{ github.ref_name }}
       REGISTRY: ghcr.io
     steps:
-      - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
+      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo-and-containers: true
           egress-policy: audit
@@ -108,7 +108,7 @@ jobs:
     permissions:
       packages: write # is needed by devcontainers/action to write templates as OCI artifacts
     steps:
-      - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
+      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo: true
           egress-policy: audit
@@ -135,7 +135,7 @@ jobs:
       contents: write # is needed to modify a release
     needs: [build]
     steps:
-      - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
+      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo: true
           egress-policy: audit
@@ -157,7 +157,7 @@ jobs:
     permissions:
       pull-requests: write # is needed by rdlf0/comment-released-prs-action to post comments on PRs
     steps:
-      - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
+      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo-and-containers: true
           egress-policy: audit
diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml
@@ -18,16 +18,16 @@ jobs:
     name: Create Release
     runs-on: ubuntu-latest
     steps:
-      - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
+      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo-and-containers: true
           egress-policy: audit
-      - uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6
+      - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
         id: token
         with:
           app-id: ${{ vars.FOREST_RELEASER_APP_ID }}
           private-key: ${{ secrets.FOREST_RELEASER_APP_PRIVATE_KEY }}
-      - uses: googleapis/release-please-action@a02a34c4d625f9be7cb89156071d8567266a2445 # v4.2.0
+      - uses: googleapis/release-please-action@16a9c90856f42705d54a6fda1823352bdc62cf38 # v4.4.0
         id: release
         with:
           token: ${{ steps.token.outputs.token }}
diff --git a/.github/workflows/wc-continuous-integration.yml b/.github/workflows/wc-continuous-integration.yml
@@ -21,7 +21,7 @@ jobs:
     runs-on: [ubuntu-latest]
     container: ghcr.io/philips-software/amp-devcontainer-cpp:v6.0.2@sha256:36afaaa5ba4bc4e9bb471012db9733c26a210e315ddb33600f73bb9532b02a25 # 6.0.2
     steps:
-      - uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
+      - uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
         with:
           disable-sudo-and-containers: true
           egress-policy: audit
@@ -37,7 +37,7 @@ jobs:
         with:
           persist-credentials: false
           submodules: true
-      - uses: hendrikmuhs/ccache-action@63069e3931dedbf3b63792097479563182fe70d1 # v1.2.18
+      - uses: hendrikmuhs/ccache-action@5ebbd400eff9e74630f759d94ddd7b6c26299639 # v1.2.20
         with:
           key: ${{ inputs.target}}-${{ inputs.configuration }}
       - uses: lukka/run-cmake@af1be47fd7c933593f687731bc6fdbee024d3ff4 # v10.8
