From 42de5d3dc8f234387be8ff9dd7c0b1753b55e585 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 31 Mar 2026 05:39:01 +0000 Subject: [PATCH 1/3] refactor(deps): pin dependencies --- .github/workflows/docker-build.yml | 6 +++--- .github/workflows/security.yml | 2 +- .pre-commit-config.yaml | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index 1753935..bab4cdf 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -27,7 +27,7 @@ jobs: - name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Install cosign - uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0 + uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0 - name: Docker meta id: meta uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6 @@ -103,7 +103,7 @@ jobs: COSIGN_PRIVATE_KEY: ${{ secrets.COSIGN_PRIVATE_KEY }} COSIGN_PASSWORD: ${{ secrets.COSIGN_PASSWORD }} - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@master + uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # master if: ${{ github.event_name != 'pull_request' }} with: image-ref: "ghcr.io/anotherstranger/borg-server:sha-${{ github.sha }}" @@ -111,7 +111,7 @@ jobs: output: "trivy-results.sarif" severity: "CRITICAL,HIGH" - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4 + uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4 if: ${{ github.event_name != 'pull_request' }} with: sarif_file: "trivy-results.sarif" diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 70aebb6..d50b780 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -26,6 +26,6 @@ jobs: output: 'trivy-results-fs.sarif' severity: 'CRITICAL,HIGH,MEDIUM' - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4 + uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4 with: sarif_file: 'trivy-results-fs.sarif' diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 56391ba..045fbb0 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -31,7 +31,7 @@ repos: - "-i" - "CHANGELOG.md" - repo: https://github.com/renovatebot/pre-commit-hooks - rev: 43.59.2 + rev: 43.87.1 hooks: - id: renovate-config-validator - repo: https://github.com/google/yamlfmt.git @@ -39,6 +39,6 @@ repos: hooks: - id: yamlfmt - repo: https://github.com/biomejs/pre-commit - rev: v2.4.6 + rev: v2.4.8 hooks: - id: biome-format From a68a83d7357b870423dafb0a8f9f69c7742a1577 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 1 Apr 2026 20:05:48 +0000 Subject: [PATCH 2/3] refactor(deps): update pre-commit hook renovatebot/pre-commit-hooks to v43.91.2 --- .pre-commit-config.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 045fbb0..bdc53c8 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -31,7 +31,7 @@ repos: - "-i" - "CHANGELOG.md" - repo: https://github.com/renovatebot/pre-commit-hooks - rev: 43.87.1 + rev: 43.91.2 hooks: - id: renovate-config-validator - repo: https://github.com/google/yamlfmt.git From 6e993914998b254b8dba08593a0571723447bde7 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 2 Apr 2026 04:44:47 +0000 Subject: [PATCH 3/3] refactor(deps): update all dependencies --- .github/workflows/docker-build.yml | 2 +- .pre-commit-config.yaml | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index bab4cdf..50ef252 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -27,7 +27,7 @@ jobs: - name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Install cosign - uses: sigstore/cosign-installer@ba7bc0a3fef59531c69a25acd34668d6d3fe6f22 # v4.1.0 + uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1 - name: Docker meta id: meta uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6 diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index bdc53c8..90eb80b 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -31,7 +31,7 @@ repos: - "-i" - "CHANGELOG.md" - repo: https://github.com/renovatebot/pre-commit-hooks - rev: 43.91.2 + rev: 43.91.4 hooks: - id: renovate-config-validator - repo: https://github.com/google/yamlfmt.git @@ -39,6 +39,6 @@ repos: hooks: - id: yamlfmt - repo: https://github.com/biomejs/pre-commit - rev: v2.4.8 + rev: v2.4.9 hooks: - id: biome-format