From 5e124ffa243d0e9dd8d92b7591237f7760cea4cd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 8 Dec 2025 22:04:14 +0000 Subject: [PATCH] Bump the github-actions group across 1 directory with 8 updates Bumps the github-actions group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6.0.0` | `6.0.1` | | [actions/setup-python](https://github.com/actions/setup-python) | `6.0.0` | `6.1.0` | | [Swatinem/rust-cache](https://github.com/swatinem/rust-cache) | `2.8.1` | `2.8.2` | | [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.62.57` | `2.62.64` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `125b99508212ce1cc3076ad60f6bd63bf6d88a66` | `774d14bf50b7a2e2460f9f49e25c52503ecab125` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `5.9.0` | `5.10.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.31.5` | `4.31.7` | | [actions/setup-node](https://github.com/actions/setup-node) | `6.0.0` | `6.1.0` | Updates `actions/checkout` from 6.0.0 to 6.0.1 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3...8e8c483db84b4bee98b60c0593521ed34d9990e8) Updates `actions/setup-python` from 6.0.0 to 6.1.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/e797f83bcb11b83ae66e0230d6156d7c80228e7c...83679a892e2d95755f2dac6acb0bfd1e9ac5d548) Updates `Swatinem/rust-cache` from 2.8.1 to 2.8.2 - [Release notes](https://github.com/swatinem/rust-cache/releases) - [Changelog](https://github.com/Swatinem/rust-cache/blob/master/CHANGELOG.md) - [Commits](https://github.com/swatinem/rust-cache/compare/f13886b937689c021905a6b90929199931d60db1...779680da715d629ac1d338a641029a2f4372abb5) Updates `taiki-e/install-action` from 2.62.57 to 2.62.64 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/763e3324d4fd026c9bd284c504378585777a87d5...cf46383a970594553a83cc6140075ef6a7f54dee) Updates `actions/dependency-review-action` from 125b99508212ce1cc3076ad60f6bd63bf6d88a66 to 774d14bf50b7a2e2460f9f49e25c52503ecab125 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/125b99508212ce1cc3076ad60f6bd63bf6d88a66...774d14bf50b7a2e2460f9f49e25c52503ecab125) Updates `docker/metadata-action` from 5.9.0 to 5.10.0 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](https://github.com/docker/metadata-action/compare/318604b99e75e41977312d83839a89be02ca4893...c299e40c65443455700f0fdfc63efafe5b349051) Updates `github/codeql-action` from 4.31.5 to 4.31.7 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/fdbfb4d2750291e159f0156def62b853c2798ca2...cf1bb45a277cb3c205638b2cd5c984db1c46a412) Updates `actions/setup-node` from 6.0.0 to 6.1.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/2028fbc5c25fe9cf00d9f06a71cc4710d4507903...395ad3262231945c25e8478fd5baf05154b1d79f) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/setup-python dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: Swatinem/rust-cache dependency-version: 2.8.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: taiki-e/install-action dependency-version: 2.62.64 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/dependency-review-action dependency-version: 774d14bf50b7a2e2460f9f49e25c52503ecab125 dependency-type: direct:production dependency-group: github-actions - dependency-name: docker/metadata-action dependency-version: 5.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.31.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/setup-node dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 12 ++++++------ .github/workflows/coverage.yml | 6 +++--- .github/workflows/dependency.yml | 4 ++-- .github/workflows/publish_cross_images.yml | 2 +- .github/workflows/publish_docker_images.yml | 6 +++--- .github/workflows/publish_nightly_packages.yml | 4 ++-- .github/workflows/publish_release_packages.yml | 4 ++-- .github/workflows/scorecard.yml | 4 ++-- .github/workflows/ui-ci.yml | 6 +++--- 9 files changed, 24 insertions(+), 24 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0b56691552a..1cf8bfdadae 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -52,10 +52,10 @@ jobs: --health-timeout 5s --health-retries 5 steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Install Ubuntu packages run: sudo apt-get -y install protobuf-compiler - - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v.6.0.0 + - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v.6.1.0 with: python-version: '3.11' - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 @@ -74,7 +74,7 @@ jobs: with: toolchain: stable - name: Setup cache - uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2.8.1 + uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 if: steps.modified.outputs.rust_src == 'true' with: workspaces: "./quickwit -> target" @@ -110,7 +110,7 @@ jobs: contents: read actions: write steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2 id: modified with: @@ -136,7 +136,7 @@ jobs: toolchain: stable - name: Setup cache if: steps.modified.outputs.rust_src == 'true' - uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2.8.1 + uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 with: workspaces: "./quickwit -> target" - name: Install cargo deny @@ -173,7 +173,7 @@ jobs: contents: read actions: write steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Install Rust toolchain uses: dtolnay/rust-toolchain@0b1efabc08b657293548b77fb76cc02d26091c7e # master with: diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index 936a7e7b8a7..9df8a9d9a52 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -109,7 +109,7 @@ jobs: PUBSUB_PROJECT1: "quickwit-emulator,emulator_topic:emulator_subscription" steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Install lib libsasl2 run: | @@ -117,7 +117,7 @@ jobs: sudo apt install libsasl2-dev sudo apt install libsasl2-2 - - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v.6.0.0 + - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v.6.1.0 with: python-version: '3.11' @@ -158,7 +158,7 @@ jobs: run: rustup update stable - name: Install cargo-llvm-cov, cargo-nextest, and protoc - uses: taiki-e/install-action@763e3324d4fd026c9bd284c504378585777a87d5 # v2.62.57 + uses: taiki-e/install-action@cf46383a970594553a83cc6140075ef6a7f54dee # v2.62.64 with: tool: cargo-llvm-cov,nextest,protoc diff --git a/.github/workflows/dependency.yml b/.github/workflows/dependency.yml index cdcc35b81fd..bb179b25578 100644 --- a/.github/workflows/dependency.yml +++ b/.github/workflows/dependency.yml @@ -14,9 +14,9 @@ jobs: runs-on: ubuntu-latest steps: - name: "Checkout Repository" - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: "Dependency Review" - uses: actions/dependency-review-action@125b99508212ce1cc3076ad60f6bd63bf6d88a66 # v4.8.1 + uses: actions/dependency-review-action@774d14bf50b7a2e2460f9f49e25c52503ecab125 # v4.8.1 with: # This is an minor vuln on the rsa crate, used for # google storage. diff --git a/.github/workflows/publish_cross_images.yml b/.github/workflows/publish_cross_images.yml index 56dc94f60b3..371e12a3569 100644 --- a/.github/workflows/publish_cross_images.yml +++ b/.github/workflows/publish_cross_images.yml @@ -19,7 +19,7 @@ jobs: name: production steps: - name: Check out the repo - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Log in to Docker Hub uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: diff --git a/.github/workflows/publish_docker_images.yml b/.github/workflows/publish_docker_images.yml index 037c76e4c2b..0f133a7245b 100644 --- a/.github/workflows/publish_docker_images.yml +++ b/.github/workflows/publish_docker_images.yml @@ -38,7 +38,7 @@ jobs: name: production steps: - name: Checkout - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Login to Docker Hub uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 @@ -54,7 +54,7 @@ jobs: - name: Docker meta id: meta - uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5.9.0 + uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 with: images: | ${{ env.REGISTRY_IMAGE }} @@ -123,7 +123,7 @@ jobs: - name: Docker meta id: meta - uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5.9.0 + uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 with: images: ${{ env.REGISTRY_IMAGE }} flavor: | diff --git a/.github/workflows/publish_nightly_packages.yml b/.github/workflows/publish_nightly_packages.yml index aff2d5f391b..a57c17d0e7d 100644 --- a/.github/workflows/publish_nightly_packages.yml +++ b/.github/workflows/publish_nightly_packages.yml @@ -20,7 +20,7 @@ jobs: matrix: target: [x86_64-apple-darwin, aarch64-apple-darwin] steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: ./.github/actions/cargo-build-macos-binary with: target: ${{ matrix.target }} @@ -37,7 +37,7 @@ jobs: contents: write actions: write steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: ./.github/actions/cross-build-binary with: target: ${{ matrix.target }} diff --git a/.github/workflows/publish_release_packages.yml b/.github/workflows/publish_release_packages.yml index 93250de04f3..2be2e51fca4 100644 --- a/.github/workflows/publish_release_packages.yml +++ b/.github/workflows/publish_release_packages.yml @@ -20,7 +20,7 @@ jobs: target: [x86_64-apple-darwin, aarch64-apple-darwin] steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Extract asset version run: echo "ASSET_VERSION=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV - uses: ./.github/actions/cargo-build-macos-binary @@ -39,7 +39,7 @@ jobs: contents: write actions: write steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Extract asset version run: echo "ASSET_VERSION=${GITHUB_REF/refs\/tags\//}" >> $GITHUB_ENV - uses: ./.github/actions/cross-build-binary diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 2ba9e7be205..98309fbb867 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -23,7 +23,7 @@ jobs: steps: - name: 'Checkout code' - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -45,6 +45,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: 'Upload to code-scanning' - uses: github/codeql-action/upload-sarif@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5 + uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7 with: sarif_file: results.sarif diff --git a/.github/workflows/ui-ci.yml b/.github/workflows/ui-ci.yml index bfb5e59dff9..dab52cf918c 100644 --- a/.github/workflows/ui-ci.yml +++ b/.github/workflows/ui-ci.yml @@ -65,8 +65,8 @@ jobs: RUSTDOCFLAGS: -Dwarnings -Arustdoc::private_intra_doc_links QW_TEST_DATABASE_URL: postgres://quickwit-dev:quickwit-dev@postgres:5432/quickwit-metastore-dev steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 - - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 with: node-version: 20 cache: "yarn" @@ -80,7 +80,7 @@ jobs: working-directory: ./quickwit - name: Setup Rust cache if: matrix.task.name == 'Cypress run' - uses: Swatinem/rust-cache@f13886b937689c021905a6b90929199931d60db1 # v2.8.1 + uses: Swatinem/rust-cache@779680da715d629ac1d338a641029a2f4372abb5 # v2.8.2 with: workspaces: "./quickwit -> target" - name: ${{ matrix.task.name }}