From c636443985d92d153db8238813f1f0a980ae04b6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 28 Jun 2026 00:24:12 +0000 Subject: [PATCH] [GITHUB-ACTIONS] bump the github-actions group across 1 directory with 15 updates Bumps the github-actions group with 15 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6.0.1` | `7.0.0` | | [actions/setup-python](https://github.com/actions/setup-python) | `6.1.0` | `6.3.0` | | [pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish) | `1.13.0` | `1.14.0` | | [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) | `2.1.1` | `3.0.3` | | [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `2.2.1` | `3.2.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `7.0.0` | `8.0.1` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `6.0.0` | `7.0.1` | | [actions/stale](https://github.com/actions/stale) | `10.1.1` | `10.3.0` | | [github/codeql-action/init](https://github.com/github/codeql-action) | `4.31.9` | `4.36.2` | | [github/codeql-action/analyze](https://github.com/github/codeql-action) | `4.31.9` | `4.36.2` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.8.2` | `5.0.0` | | [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) | `3.1.2` | `4.0.1` | | [terraform-linters/setup-tflint](https://github.com/terraform-linters/setup-tflint) | `6.2.1` | `6.2.2` | | [bridgecrewio/checkov-action](https://github.com/bridgecrewio/checkov-action) | `12.3077.0` | `12.3107.0` | | [actions/labeler](https://github.com/actions/labeler) | `6.0.1` | `6.1.0` | Updates `actions/checkout` from 6.0.1 to 7.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/8e8c483db84b4bee98b60c0593521ed34d9990e8...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0) Updates `actions/setup-python` from 6.1.0 to 6.3.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/83679a892e2d95755f2dac6acb0bfd1e9ac5d548...ece7cb06caefa5fff74198d8649806c4678c61a1) Updates `pypa/gh-action-pypi-publish` from 1.13.0 to 1.14.0 - [Release notes](https://github.com/pypa/gh-action-pypi-publish/releases) - [Commits](https://github.com/pypa/gh-action-pypi-publish/compare/ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e...cef221092ed1bacb1cc03d23a2d87d1d172e277b) Updates `slackapi/slack-github-action` from 2.1.1 to 3.0.3 - [Release notes](https://github.com/slackapi/slack-github-action/releases) - [Changelog](https://github.com/slackapi/slack-github-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/slackapi/slack-github-action/compare/91efab103c0de0a537f72a35f6b8cda0ee76bf0a...45a88b9581bfab2566dc881e2cd66d334e621e2c) Updates `actions/create-github-app-token` from 2.2.1 to 3.2.0 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Changelog](https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/create-github-app-token/compare/29824e69f54612133e76f7eaac726eef6c875baf...bcd2ba49218906704ab6c1aa796996da409d3eb1) Updates `actions/download-artifact` from 7.0.0 to 8.0.1 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/37930b1c2abaa49bbe596cd826c3c89aef350131...3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c) Updates `actions/upload-artifact` from 6.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/b7c566a772e6b6bfb58ed0dc250532a479d7789f...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a) Updates `actions/stale` from 10.1.1 to 10.3.0 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/997185467fa4f803885201cee163a9f38240193d...eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899) Updates `github/codeql-action/init` from 4.31.9 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/5d4e8d1aca955e8d8589aabd499c5cae939e33c7...8aad20d150bbac5944a9f9d289da16a4b0d87c1e) Updates `github/codeql-action/analyze` from 4.31.9 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/5d4e8d1aca955e8d8589aabd499c5cae939e33c7...8aad20d150bbac5944a9f9d289da16a4b0d87c1e) Updates `actions/dependency-review-action` from 4.8.2 to 5.0.0 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261...a1d282b36b6f3519aa1f3fc636f609c47dddb294) Updates `hashicorp/setup-terraform` from 3.1.2 to 4.0.1 - [Release notes](https://github.com/hashicorp/setup-terraform/releases) - [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md) - [Commits](https://github.com/hashicorp/setup-terraform/compare/b9cd54a3c349d3f38e8881555d616ced269862dd...dfe3c3f87815947d99a8997f908cb6525fc44e9e) Updates `terraform-linters/setup-tflint` from 6.2.1 to 6.2.2 - [Release notes](https://github.com/terraform-linters/setup-tflint/releases) - [Commits](https://github.com/terraform-linters/setup-tflint/compare/4cb9feea73331a35b422df102992a03a44a3bb33...b480b8fcdaa6f2c577f8e4fa799e89e756bb7c93) Updates `bridgecrewio/checkov-action` from 12.3077.0 to 12.3107.0 - [Release notes](https://github.com/bridgecrewio/checkov-action/releases) - [Commits](https://github.com/bridgecrewio/checkov-action/compare/8f61ce5b8a3afb4ca94d236b75201878ded6d2cd...fa9edf8f0a491c59a924ea6accd5bdcf07752cff) Updates `actions/labeler` from 6.0.1 to 6.1.0 - [Release notes](https://github.com/actions/labeler/releases) - [Commits](https://github.com/actions/labeler/compare/634933edcd8ababfe52f92936142cc22ac488b1b...f27b608878404679385c85cfa523b85ccb86e213) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-python dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: pypa/gh-action-pypi-publish dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: slackapi/slack-github-action dependency-version: 3.0.3 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/create-github-app-token dependency-version: 3.2.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/stale dependency-version: 10.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action/init dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action/analyze dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/dependency-review-action dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: hashicorp/setup-terraform dependency-version: 4.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: terraform-linters/setup-tflint dependency-version: 6.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: bridgecrewio/checkov-action dependency-version: 12.3107.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/labeler dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/cd-production.yaml | 12 ++++++------ .github/workflows/cd-staging.yaml | 16 ++++++++-------- .github/workflows/ci.yaml | 6 +++--- .github/workflows/cron-tasks.yaml | 10 +++++----- .github/workflows/reusable-build-test.yaml | 12 ++++++------ .github/workflows/reusable-codeql.yaml | 10 +++++----- .../workflows/reusable-dependency-review.yaml | 4 ++-- .github/workflows/reusable-pre-commit.yaml | 12 ++++++------ .github/workflows/sidecar-pr-target.yaml | 6 +++--- 9 files changed, 44 insertions(+), 44 deletions(-) diff --git a/.github/workflows/cd-production.yaml b/.github/workflows/cd-production.yaml index 5f701a3..a2a2484 100644 --- a/.github/workflows/cd-production.yaml +++ b/.github/workflows/cd-production.yaml @@ -25,10 +25,10 @@ jobs: steps: - name: Checkout source code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Python ${{ env.PYTHON_VERSION }} - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: ${{ env.PYTHON_VERSION }} @@ -40,7 +40,7 @@ jobs: # https://github.com/marketplace/actions/pypi-publish - name: Publish package distributions to PyPI - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 + uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # v1.14.0 with: attestations: false packages-dir: dist/ @@ -63,10 +63,10 @@ jobs: run: sleep 15 - name: Checkout source code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Python ${{ env.PYTHON_VERSION }} - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: ${{ env.PYTHON_VERSION }} @@ -102,7 +102,7 @@ jobs: fi - name: Post message to Slack - uses: slackapi/slack-github-action@91efab103c0de0a537f72a35f6b8cda0ee76bf0a # v2.1.1 + uses: slackapi/slack-github-action@45a88b9581bfab2566dc881e2cd66d334e621e2c # v3.0.3 with: method: chat.postMessage token: "${{ secrets.SECRET_SLACK_APP_GITHUB_BOT }}" diff --git a/.github/workflows/cd-staging.yaml b/.github/workflows/cd-staging.yaml index 507fb1f..8ac466c 100644 --- a/.github/workflows/cd-staging.yaml +++ b/.github/workflows/cd-staging.yaml @@ -41,13 +41,13 @@ jobs: # instead of PAT, github_app_id and github_app_pem_file are used by this workflow because # we have tag-based ruleset in place to restrict ACTOR from bypassing tag protection. id: generate-token - uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0 with: app-id: ${{ secrets.SECRET_GITHUB_APP_ID }} private-key: ${{ secrets.SECRET_GITHUB_APP_PEM_FILE }} - name: Checkout source code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: token: ${{ steps.generate-token.outputs.token }} @@ -73,10 +73,10 @@ jobs: steps: - name: Checkout source code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Python ${{ env.PYTHON_VERSION }} - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: ${{ env.PYTHON_VERSION }} @@ -88,7 +88,7 @@ jobs: # https://github.com/marketplace/actions/pypi-publish - name: Publish package distributions to TestPyPI - uses: pypa/gh-action-pypi-publish@ed0c53931b1dc9bd32cbe73a98c7f6766f8a527e # v1.13.0 + uses: pypa/gh-action-pypi-publish@cef221092ed1bacb1cc03d23a2d87d1d172e277b # v1.14.0 with: attestations: false packages-dir: dist/ @@ -111,10 +111,10 @@ jobs: run: sleep 15 - name: Checkout source code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Python ${{ env.PYTHON_VERSION }} - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: ${{ env.PYTHON_VERSION }} @@ -160,7 +160,7 @@ jobs: fi - name: Post message to Slack - uses: slackapi/slack-github-action@91efab103c0de0a537f72a35f6b8cda0ee76bf0a # v2.1.1 + uses: slackapi/slack-github-action@45a88b9581bfab2566dc881e2cd66d334e621e2c # v3.0.3 with: method: chat.postMessage token: "${{ secrets.SECRET_SLACK_APP_GITHUB_BOT }}" diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index f03badb..412a994 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -65,7 +65,7 @@ jobs: steps: - name: Checkout source code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - id: set-release-branch shell: bash @@ -86,7 +86,7 @@ jobs: - name: Download distributions if: ${{ github.event.repository.language == 'Python' }} id: artifact-download - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 #v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c #v8.0.1 with: artifact-ids: "${{ needs.build-test.outputs.ARTIFACT_ID }}" run-id: "${{ needs.build-test.outputs.WORKFLOW_RUN_ID }}" @@ -151,7 +151,7 @@ jobs: fi - name: Post message to Slack - uses: slackapi/slack-github-action@91efab103c0de0a537f72a35f6b8cda0ee76bf0a # v2.1.1 + uses: slackapi/slack-github-action@45a88b9581bfab2566dc881e2cd66d334e621e2c # v3.0.3 with: method: chat.postMessage token: "${{ secrets.SECRET_SLACK_APP_GITHUB_BOT }}" diff --git a/.github/workflows/cron-tasks.yaml b/.github/workflows/cron-tasks.yaml index 9793bc5..1f8b37b 100644 --- a/.github/workflows/cron-tasks.yaml +++ b/.github/workflows/cron-tasks.yaml @@ -31,10 +31,10 @@ jobs: steps: - id: checkout-source-code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # 6.0.1 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # 7.0.0 - id: setup-Python - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: ${{ env.PYTHON_VERSION }} @@ -54,7 +54,7 @@ jobs: echo "COV_PER=$(coverage report | grep TOTAL | awk '{print $6}')" >> "$GITHUB_OUTPUT" - id: upload-coverage - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: coverage path: htmlcov/ @@ -135,7 +135,7 @@ jobs: steps: - name: Run stale-issues-prs id: stale-issues-prs - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1 + uses: actions/stale@eb5cf3af3ac0a1aa4c9c45633dd1ae542a27a899 # v10.3.0 with: stale-issue-message: 'This issue is stale because it has been open 5 days with no activity. Remove stale label or comment or this will be closed in 3 days after stale' days-before-stale: 5 @@ -202,7 +202,7 @@ jobs: fi - name: Post message to Slack - uses: slackapi/slack-github-action@91efab103c0de0a537f72a35f6b8cda0ee76bf0a # v2.1.1 + uses: slackapi/slack-github-action@45a88b9581bfab2566dc881e2cd66d334e621e2c # v3.0.3 with: method: chat.postMessage token: "${{ secrets.SECRET_SLACK_APP_GITHUB_BOT }}" diff --git a/.github/workflows/reusable-build-test.yaml b/.github/workflows/reusable-build-test.yaml index faf9416..2cdf01e 100644 --- a/.github/workflows/reusable-build-test.yaml +++ b/.github/workflows/reusable-build-test.yaml @@ -41,10 +41,10 @@ jobs: steps: - name: Checkout source code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Python ${{ matrix.python }} - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: ${{ matrix.python }} @@ -65,7 +65,7 @@ jobs: # set and get artifacts - name: Upload distributions id: upload-distributions - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f #v6.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a #v7.0.1 with: name: distributions-${{ matrix.python }} path: dist/ @@ -112,10 +112,10 @@ jobs: steps: - name: Checkout source code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Python ${{ matrix.python }} - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: ${{ matrix.python }} @@ -131,7 +131,7 @@ jobs: - name: Upload Coverage if: always() id: upload-coverage - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f #v6.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a #v7.0.1 with: name: coverage-${{ matrix.python }} path: htmlcov/ diff --git a/.github/workflows/reusable-codeql.yaml b/.github/workflows/reusable-codeql.yaml index 2229fbf..8ae7dd0 100644 --- a/.github/workflows/reusable-codeql.yaml +++ b/.github/workflows/reusable-codeql.yaml @@ -35,27 +35,27 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Python ${{ matrix.python }} - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: ${{ matrix.python }} - name: Initialize CodeQL - uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 + uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 with: languages: ${{ matrix.language }} queries: security-and-quality - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 + uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 with: output: codeql-results/ - name: Upload codeql-${{ matrix.language }} id: upload-artifacts - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f #v6.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a #v7.0.1 with: name: codeql-${{ matrix.language }} path: codeql-results/ diff --git a/.github/workflows/reusable-dependency-review.yaml b/.github/workflows/reusable-dependency-review.yaml index b51e065..74d3426 100644 --- a/.github/workflows/reusable-dependency-review.yaml +++ b/.github/workflows/reusable-dependency-review.yaml @@ -14,10 +14,10 @@ jobs: steps: - name: Checkout source code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Pull Request Dependency Review - uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # 4.8.2 + uses: actions/dependency-review-action@a1d282b36b6f3519aa1f3fc636f609c47dddb294 # 5.0.0 with: license-check: false vulnerability-check: true diff --git a/.github/workflows/reusable-pre-commit.yaml b/.github/workflows/reusable-pre-commit.yaml index ce5bb57..b8a2249 100644 --- a/.github/workflows/reusable-pre-commit.yaml +++ b/.github/workflows/reusable-pre-commit.yaml @@ -22,10 +22,10 @@ jobs: steps: - name: Checkout source code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Python - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: ${{ env.PYTHON_VERSION }} @@ -48,12 +48,12 @@ jobs: hadolint --version - name: Install terraform - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2 + uses: hashicorp/setup-terraform@dfe3c3f87815947d99a8997f908cb6525fc44e9e # v4.0.1 with: terraform_version: ${{ env.TERRAFORM_VERSION }} - name: Install tflint - uses: terraform-linters/setup-tflint@4cb9feea73331a35b422df102992a03a44a3bb33 # v6.2.1 + uses: terraform-linters/setup-tflint@b480b8fcdaa6f2c577f8e4fa799e89e756bb7c93 # v6.2.2 - name: Run pre-commit on everything run: pre-commit run -a -v @@ -64,11 +64,11 @@ jobs: steps: - name: Checkout source code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Run Checkov Github Action id: checkov - uses: bridgecrewio/checkov-action@8f61ce5b8a3afb4ca94d236b75201878ded6d2cd # v12.3077.0 + uses: bridgecrewio/checkov-action@fa9edf8f0a491c59a924ea6accd5bdcf07752cff # v12.3107.0 with: log_level: WARNING quiet: false diff --git a/.github/workflows/sidecar-pr-target.yaml b/.github/workflows/sidecar-pr-target.yaml index 6fc8c35..823fc5f 100644 --- a/.github/workflows/sidecar-pr-target.yaml +++ b/.github/workflows/sidecar-pr-target.yaml @@ -19,13 +19,13 @@ jobs: steps: - name: Checkout source code - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: repository: ${{ github.repository }} # https://github.com/marketplace/actions/labeler - id: label-pr - uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b #v6.0.1 + uses: actions/labeler@f27b608878404679385c85cfa523b85ccb86e213 #v6.1.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} @@ -37,7 +37,7 @@ jobs: steps: - name: Slack message on PR activities - uses: slackapi/slack-github-action@91efab103c0de0a537f72a35f6b8cda0ee76bf0a # v2.1.1 + uses: slackapi/slack-github-action@45a88b9581bfab2566dc881e2cd66d334e621e2c # v3.0.3 with: method: chat.postMessage token: "${{ secrets.SECRET_SLACK_APP_GITHUB_BOT }}"