From 16d5a02ae3444ace325cb68c559c051a60faf0ae Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 31 Mar 2026 08:57:20 +0000 Subject: [PATCH] ci(deps): bump the actions group with 3 updates Bumps the actions group with 3 updates: [actions/setup-go](https://github.com/actions/setup-go), [codecov/codecov-action](https://github.com/codecov/codecov-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/setup-go` from 6.3.0 to 6.4.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/4b73464bb391d4059bd26b0524d20df3927bd417...4a3601121dd01d1626a1e23e37211e3254c1c06c) Updates `codecov/codecov-action` from 5.5.3 to 6.0.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/1af58845a975a7985b0beb0cbe6fbbb71a41dbad...57e3a136b779b570ffcdbf80b3bdc90e7fab3de2) Updates `github/codeql-action` from 4.34.1 to 4.35.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/38697555549f1db7851b81482ff19f1fa5c4fedc...c10b8064de6f491fea524254123dbe5e09572f13) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 6.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: codecov/codecov-action dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: github/codeql-action dependency-version: 4.35.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/build-matrix.yml | 2 +- .github/workflows/ci.yml | 16 ++++++++-------- .github/workflows/ckb.yml | 4 ++-- .github/workflows/cov.yml | 4 ++-- .github/workflows/nfr.yml | 4 ++-- .github/workflows/release.yml | 2 +- .github/workflows/security-dependencies.yml | 4 ++-- .github/workflows/security-sast-common.yml | 2 +- .github/workflows/security-sast-go.yml | 4 ++-- .github/workflows/security-sast-python.yml | 2 +- .github/workflows/security-secrets.yml | 6 +++--- 11 files changed, 25 insertions(+), 25 deletions(-) diff --git a/.github/workflows/build-matrix.yml b/.github/workflows/build-matrix.yml index 31940ecd..cbcb42a2 100644 --- a/.github/workflows/build-matrix.yml +++ b/.github/workflows/build-matrix.yml @@ -32,7 +32,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Go - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6ee3c260..4e50acd9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -22,7 +22,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Go - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true @@ -41,7 +41,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Go - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true @@ -60,7 +60,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Go - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true @@ -85,7 +85,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Go - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true @@ -116,7 +116,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Go - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true @@ -138,7 +138,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Go - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true @@ -165,7 +165,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Go - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true @@ -206,7 +206,7 @@ jobs: - name: Build CKB (fallback) if: steps.download.outcome == 'failure' - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true diff --git a/.github/workflows/ckb.yml b/.github/workflows/ckb.yml index 930cbe66..ff8b5ca1 100644 --- a/.github/workflows/ckb.yml +++ b/.github/workflows/ckb.yml @@ -79,7 +79,7 @@ jobs: with: fetch-depth: 0 - - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true @@ -980,7 +980,7 @@ jobs: with: fetch-depth: 0 - - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true diff --git a/.github/workflows/cov.yml b/.github/workflows/cov.yml index 37a16e95..43fa3963 100644 --- a/.github/workflows/cov.yml +++ b/.github/workflows/cov.yml @@ -25,7 +25,7 @@ jobs: fetch-depth: 2 # Required for Codecov to determine PR base SHA - name: Set up Go - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true @@ -59,7 +59,7 @@ jobs: echo "" >> $GITHUB_STEP_SUMMARY - name: Upload to Codecov - uses: codecov/codecov-action@1af58845a975a7985b0beb0cbe6fbbb71a41dbad # v5 + uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v5 with: files: coverage.out flags: unit diff --git a/.github/workflows/nfr.yml b/.github/workflows/nfr.yml index aeea9b29..5920a549 100644 --- a/.github/workflows/nfr.yml +++ b/.github/workflows/nfr.yml @@ -21,7 +21,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Go - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true @@ -55,7 +55,7 @@ jobs: ref: ${{ github.event.pull_request.base.sha }} - name: Set up Go - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index b6572cf8..e3643bc6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -23,7 +23,7 @@ jobs: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true diff --git a/.github/workflows/security-dependencies.yml b/.github/workflows/security-dependencies.yml index 054e72e0..10ed1783 100644 --- a/.github/workflows/security-dependencies.yml +++ b/.github/workflows/security-dependencies.yml @@ -71,7 +71,7 @@ jobs: # ==================== Go Setup (if needed) ==================== - name: Set up Go if: inputs.has_go && (inputs.scan_govulncheck || inputs.scan_trivy) - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true @@ -142,7 +142,7 @@ jobs: - name: Upload Trivy SARIF if: inputs.scan_trivy && hashFiles('trivy-vuln.sarif') != '' - uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v4 + uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4 with: sarif_file: trivy-vuln.sarif category: trivy diff --git a/.github/workflows/security-sast-common.yml b/.github/workflows/security-sast-common.yml index 0316c258..106796d7 100644 --- a/.github/workflows/security-sast-common.yml +++ b/.github/workflows/security-sast-common.yml @@ -91,7 +91,7 @@ jobs: - name: Upload SARIF if: hashFiles('semgrep.sarif') != '' - uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v4 + uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4 with: sarif_file: semgrep.sarif category: semgrep diff --git a/.github/workflows/security-sast-go.yml b/.github/workflows/security-sast-go.yml index 66798c76..64da052f 100644 --- a/.github/workflows/security-sast-go.yml +++ b/.github/workflows/security-sast-go.yml @@ -47,7 +47,7 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Set up Go - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true @@ -134,7 +134,7 @@ jobs: echo "| **Total** | **$FINDINGS** |" >> $GITHUB_STEP_SUMMARY - name: Upload SARIF - uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v4 + uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4 with: sarif_file: gosec.sarif category: gosec diff --git a/.github/workflows/security-sast-python.yml b/.github/workflows/security-sast-python.yml index fe2f9f99..a48e0c94 100644 --- a/.github/workflows/security-sast-python.yml +++ b/.github/workflows/security-sast-python.yml @@ -134,7 +134,7 @@ jobs: - name: Upload SARIF if: hashFiles('bandit.sarif') != '' - uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v4 + uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4 with: sarif_file: bandit.sarif category: bandit diff --git a/.github/workflows/security-secrets.yml b/.github/workflows/security-secrets.yml index 86d60914..f2df7323 100644 --- a/.github/workflows/security-secrets.yml +++ b/.github/workflows/security-secrets.yml @@ -63,7 +63,7 @@ jobs: # ==================== CKB Secret Scanner ==================== - name: Set up Go (for CKB) if: inputs.scan_ckb - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 + uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 with: go-version-file: 'go.mod' cache: true @@ -121,7 +121,7 @@ jobs: - name: Upload CKB SARIF to Code Scanning if: inputs.scan_ckb && steps.ckb_sarif.outputs.valid == 'true' - uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v4 + uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4 with: sarif_file: ckb-secrets.sarif category: ckb-secrets @@ -151,7 +151,7 @@ jobs: - name: Upload Gitleaks SARIF if: inputs.scan_gitleaks && hashFiles('gitleaks.sarif') != '' - uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v4 + uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4 with: sarif_file: gitleaks.sarif category: gitleaks