chore(ci): update GitHub Actions and enable Dependabot

miragecentury · miragecentury · commit 8e26c79c3b85 · 2026-04-25T18:13:47.000+02:00
Bump workflow action versions to current stable tags and add weekly Dependabot updates so action maintenance stays automated.

Made-with: Cursor
diff --git a/.github/dependabot.yml b/.github/dependabot.yml
@@ -0,0 +1,6 @@
+version: 2
+updates:
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: weekly
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -13,11 +13,11 @@ jobs:
     name: Lint commit messages
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0
 
-      - uses: wagoid/commitlint-github-action@v6
+      - uses: wagoid/commitlint-github-action@v6.2.1
 
   validate:
     uses: ./.github/workflows/validate.yaml
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -20,11 +20,11 @@ jobs:
       new_release_published: ${{ steps.semantic.outputs.new_release_published }}
       new_release_version: ${{ steps.semantic.outputs.new_release_version }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           persist-credentials: false
 
-      - uses: cycjimmy/semantic-release-action@v4
+      - uses: cycjimmy/semantic-release-action@v6.0.0
         id: semantic
         with:
           extra_plugins: |
@@ -41,7 +41,7 @@ jobs:
     env:
       IMAGE_VERSION: ${{ needs.release.outputs.new_release_version }}
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Install build tools
         run: ./scripts/install_tools.sh
diff --git a/.github/workflows/update-runner.yaml b/.github/workflows/update-runner.yaml
@@ -13,7 +13,7 @@ jobs:
     name: Check and update runner version
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
         with:
           token: ${{ secrets.REPO_PAT }}
 
diff --git a/.github/workflows/validate.yaml b/.github/workflows/validate.yaml
@@ -11,9 +11,9 @@ jobs:
     name: Lint Containerfile
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
-      - uses: hadolint/hadolint-action@v3.1.0
+      - uses: hadolint/hadolint-action@v3.3.0
         with:
           dockerfile: Containerfile
 
@@ -22,7 +22,7 @@ jobs:
     needs: hadolint
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v6
 
       - name: Install build tools
         run: ./scripts/install_tools.sh
@@ -78,7 +78,7 @@ jobs:
         run: dive --ci --source=docker "${IMAGE_NAME}:test"
 
       - name: Cache Trivy vulnerability DB
-        uses: actions/cache@v4
+        uses: actions/cache@v5
         with:
           path: ~/.cache/trivy
           key: trivy-db-${{ runner.os }}-${{ github.run_id }}
