From 30459e34de4ba3fd30594223edf43c07addaf09d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 1 Nov 2025 12:12:14 +0000 Subject: [PATCH] build(deps): bump the github-actions group across 1 directory with 6 updates Bumps the github-actions group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.3.0` | `5.0.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3e6af16ff035267728e2ebc35df5d4c4cf249f81` | `192325c86100d080feab897ff886c34abd4c83a3` | | [docker/login-action](https://github.com/docker/login-action) | `3.5.0` | `3.6.0` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `af09b5e394c93991b95a5e7646aeb90c1917f78f` | `5a1091511ad55cbe89839c7260b706298ca349f7` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `5` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.10.0` | `4.0.0` | Updates `actions/checkout` from 4.3.0 to 5.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/08eba0b27e820071cde6df949e0beb9ba4906955...08c6903cd8c0fde910a37f88322edcfb5dd907a8) Updates `github/codeql-action` from 3e6af16ff035267728e2ebc35df5d4c4cf249f81 to 192325c86100d080feab897ff886c34abd4c83a3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/3e6af16ff035267728e2ebc35df5d4c4cf249f81...192325c86100d080feab897ff886c34abd4c83a3) Updates `docker/login-action` from 3.5.0 to 3.6.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/184bdaa0721073962dff0199f1fb9940f07167d1...5e57cd118135c172c3672efd75eb46360885c0ef) Updates `codecov/codecov-action` from af09b5e394c93991b95a5e7646aeb90c1917f78f to 5a1091511ad55cbe89839c7260b706298ca349f7 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/af09b5e394c93991b95a5e7646aeb90c1917f78f...5a1091511ad55cbe89839c7260b706298ca349f7) Updates `actions/upload-artifact` from 4 to 5 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v5) Updates `sigstore/cosign-installer` from 3.10.0 to 4.0.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/d7543c93d881b35a8faa02e8e3605f69b7a1ce62...faadad0cce49287aee09b3a48701e75088a2c6ad) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 192325c86100d080feab897ff886c34abd4c83a3 dependency-type: direct:production dependency-group: github-actions - dependency-name: docker/login-action dependency-version: 3.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: codecov/codecov-action dependency-version: 5a1091511ad55cbe89839c7260b706298ca349f7 dependency-type: direct:production dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: sigstore/cosign-installer dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yaml | 6 ++--- .github/workflows/mkdocs-dev.yaml | 2 +- .github/workflows/mkdocs-latest.yaml | 4 +-- .github/workflows/pr-sync.yaml | 2 +- .github/workflows/pr.yaml | 34 ++++++++++++------------- .github/workflows/publish-helm.yaml | 2 +- .github/workflows/release-snapshot.yaml | 12 ++++----- .github/workflows/release.yaml | 18 ++++++------- .github/workflows/test-daily.yaml | 2 +- .github/workflows/test-helm-chart.yaml | 2 +- 10 files changed, 42 insertions(+), 42 deletions(-) diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 4fea47cb172e..ea3363fe54a4 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -36,7 +36,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Install dependencies run: | @@ -57,7 +57,7 @@ jobs: run: git submodule update --init --recursive - name: Initialize CodeQL - uses: github/codeql-action/init@3e6af16ff035267728e2ebc35df5d4c4cf249f81 # v3.30.3 + uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -68,6 +68,6 @@ jobs: make - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@3e6af16ff035267728e2ebc35df5d4c4cf249f81 # v3.30.3 + uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/mkdocs-dev.yaml b/.github/workflows/mkdocs-dev.yaml index 9d941cbc337d..c1896727c52e 100644 --- a/.github/workflows/mkdocs-dev.yaml +++ b/.github/workflows/mkdocs-dev.yaml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout main - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 persist-credentials: true diff --git a/.github/workflows/mkdocs-latest.yaml b/.github/workflows/mkdocs-latest.yaml index 06a7e00d5bcf..5b00b1a196d2 100644 --- a/.github/workflows/mkdocs-latest.yaml +++ b/.github/workflows/mkdocs-latest.yaml @@ -14,13 +14,13 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout main - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: ref: ${{ github.event.inputs.ref }} fetch-depth: 0 persist-credentials: true - name: Login to docker.io registry - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: username: ${{ secrets.DOCKERHUB_USER }} password: ${{ secrets.DOCKERHUB_TOKEN }} diff --git a/.github/workflows/pr-sync.yaml b/.github/workflows/pr-sync.yaml index 8dc5a7eaeca1..28065e60c158 100644 --- a/.github/workflows/pr-sync.yaml +++ b/.github/workflows/pr-sync.yaml @@ -25,7 +25,7 @@ jobs: shell: sh - name: Checkout - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Install Required Tools shell: sh diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml index 60f8955b715d..1d8aa0996d3a 100644 --- a/.github/workflows/pr.yaml +++ b/.github/workflows/pr.yaml @@ -98,7 +98,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: ref: ${{ env.TRACEE_REF }} - name: Ensure updates of *.1.md and *.1 pairs @@ -114,7 +114,7 @@ jobs: image: alpine/git:2.49.1@sha256:bd54f921f6d803dfa3a4fe14b7defe36df1b71349a3e416547e333aa960f86e3 steps: - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true ref: ${{ env.TRACEE_REF }} @@ -160,7 +160,7 @@ jobs: image: alpine/git:2.49.1@sha256:bd54f921f6d803dfa3a4fe14b7defe36df1b71349a3e416547e333aa960f86e3 steps: - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true ref: ${{ env.TRACEE_REF }} @@ -195,7 +195,7 @@ jobs: api: ${{ steps.detect.outputs.api }} steps: - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: ref: ${{ env.TRACEE_REF }} fetch-depth: 0 @@ -248,7 +248,7 @@ jobs: image: alpine/git:2.49.1@sha256:bd54f921f6d803dfa3a4fe14b7defe36df1b71349a3e416547e333aa960f86e3 steps: - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: ref: ${{ env.TRACEE_REF }} fetch-depth: 0 @@ -303,7 +303,7 @@ jobs: mkdir /opt/bin ln -s /usr/bin/node /opt/bin/node - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: ref: ${{ env.TRACEE_REF }} fetch-depth: 0 @@ -348,7 +348,7 @@ jobs: image: alpine/git:2.49.1@sha256:bd54f921f6d803dfa3a4fe14b7defe36df1b71349a3e416547e333aa960f86e3 steps: - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true ref: ${{ env.TRACEE_REF }} @@ -364,7 +364,7 @@ jobs: # Run comprehensive test suite for all modules (main + types + common + api) make test-unit - name: Upload Unit Test Coverage - uses: codecov/codecov-action@af09b5e394c93991b95a5e7646aeb90c1917f78f # v5.5.1 + uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1 with: token: ${{ secrets.CODECOV_TOKEN }} files: ./coverage.txt @@ -400,7 +400,7 @@ jobs: mkdir /opt/bin ln -s /usr/bin/node /opt/bin/node - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true ref: ${{ env.TRACEE_REF }} @@ -415,7 +415,7 @@ jobs: run: | make test-unit - name: Upload Unit Test Coverage - uses: codecov/codecov-action@af09b5e394c93991b95a5e7646aeb90c1917f78f # v5.5.1 + uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1 with: token: ${{ secrets.CODECOV_TOKEN }} files: ./coverage.txt @@ -446,7 +446,7 @@ jobs: apt-get install -y --no-install-recommends git-core ca-certificates update-ca-certificates - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true ref: ${{ env.TRACEE_REF }} @@ -459,7 +459,7 @@ jobs: run: | env "PATH=$PATH" make test-integration - name: Upload Integration Test Coverage - uses: codecov/codecov-action@af09b5e394c93991b95a5e7646aeb90c1917f78f # v5.5.1 + uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1 with: token: ${{ secrets.CODECOV_TOKEN }} files: ./integration-coverage.txt @@ -484,7 +484,7 @@ jobs: apt-get install -y --no-install-recommends git-core ca-certificates update-ca-certificates - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true ref: ${{ env.TRACEE_REF }} @@ -497,7 +497,7 @@ jobs: run: | env "PATH=$PATH" make test-integration - name: Upload Integration Test Coverage - uses: codecov/codecov-action@af09b5e394c93991b95a5e7646aeb90c1917f78f # v5.5.1 + uses: codecov/codecov-action@5a1091511ad55cbe89839c7260b706298ca349f7 # v5.5.1 with: token: ${{ secrets.CODECOV_TOKEN }} files: ./integration-coverage.txt @@ -519,7 +519,7 @@ jobs: options: --pid=host --cgroupns=host --privileged -v /etc/os-release:/etc/os-release-host:ro -v /var/run:/var/run:ro steps: - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true ref: ${{ env.TRACEE_REF }} @@ -621,7 +621,7 @@ jobs: GOROOT: "/usr/local/go" steps: - name: "Checkout" - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true ref: ${{ env.TRACEE_REF }} @@ -640,7 +640,7 @@ jobs: run: ./tests/e2e-inst-test.sh --keep-artifacts - name: "Upload E2E Instrumentation Test Artifacts" if: failure() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v5 with: name: e2e-inst-test-artifacts-${{ matrix.job_name }}-${{ github.run_id }}-${{ github.run_attempt }} path: | diff --git a/.github/workflows/publish-helm.yaml b/.github/workflows/publish-helm.yaml index f9573b2600e1..04c8d0900ab9 100644 --- a/.github/workflows/publish-helm.yaml +++ b/.github/workflows/publish-helm.yaml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: ref: ${{ github.event.inputs.ref }} fetch-depth: 0 diff --git a/.github/workflows/release-snapshot.yaml b/.github/workflows/release-snapshot.yaml index e143daa94519..dfbaccf9eeb9 100644 --- a/.github/workflows/release-snapshot.yaml +++ b/.github/workflows/release-snapshot.yaml @@ -23,12 +23,12 @@ jobs: id-token: write steps: - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true fetch-depth: 0 - name: Login to docker.io registry - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: username: ${{ secrets.DOCKERHUB_USER }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -62,12 +62,12 @@ jobs: id-token: write steps: - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true fetch-depth: 0 - name: Login to docker.io registry - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: username: ${{ secrets.DOCKERHUB_USER }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -100,12 +100,12 @@ jobs: id-token: write steps: - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true fetch-depth: 0 - name: Login to docker.io registry - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: username: ${{ secrets.DOCKERHUB_USER }} password: ${{ secrets.DOCKERHUB_TOKEN }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index cd643c159c83..3e52a5550626 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -23,17 +23,17 @@ jobs: id-token: write steps: - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: ref: ${{ github.event.inputs.ref }} submodules: true fetch-depth: 0 - name: Install Cosign - uses: sigstore/cosign-installer@d7543c93d881b35a8faa02e8e3605f69b7a1ce62 # v3.10.0 + uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0 with: cosign-release: 'v2.2.4' - name: Login to docker.io registry - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: username: ${{ secrets.DOCKERHUB_USER }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -68,17 +68,17 @@ jobs: id-token: write steps: - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: ref: ${{ github.event.inputs.ref }} submodules: true fetch-depth: 0 - name: Install Cosign - uses: sigstore/cosign-installer@d7543c93d881b35a8faa02e8e3605f69b7a1ce62 # v3.10.0 + uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0 with: cosign-release: 'v2.2.4' - name: Login to docker.io registry - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: username: ${{ secrets.DOCKERHUB_USER }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -109,17 +109,17 @@ jobs: id-token: write steps: - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: ref: ${{ github.event.inputs.ref }} submodules: true fetch-depth: 0 - name: Install Cosign - uses: sigstore/cosign-installer@d7543c93d881b35a8faa02e8e3605f69b7a1ce62 # v3.10.0 + uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0 with: cosign-release: 'v2.2.4' - name: Login to docker.io registry - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: username: ${{ secrets.DOCKERHUB_USER }} password: ${{ secrets.DOCKERHUB_TOKEN }} diff --git a/.github/workflows/test-daily.yaml b/.github/workflows/test-daily.yaml index a0be6f9f7594..9e7a925ae4a8 100644 --- a/.github/workflows/test-daily.yaml +++ b/.github/workflows/test-daily.yaml @@ -16,7 +16,7 @@ jobs: image: alpine/git:2.49.1@sha256:bd54f921f6d803dfa3a4fe14b7defe36df1b71349a3e416547e333aa960f86e3 steps: - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: submodules: true - name: Fix Git ownership diff --git a/.github/workflows/test-helm-chart.yaml b/.github/workflows/test-helm-chart.yaml index 1d58738059ba..dda6cebb5020 100644 --- a/.github/workflows/test-helm-chart.yaml +++ b/.github/workflows/test-helm-chart.yaml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Checkout - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0