From f0f12ef8a4cca1521d7fdb317a0ee4b505f9a6c9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Jun 2026 16:47:40 +0000 Subject: [PATCH] build(deps): bump the github-actions group across 1 directory with 5 updates Bumps the github-actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [chainguard-dev/actions](https://github.com/chainguard-dev/actions) | `1.6.11` | `1.6.23` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `6.0.0` | `7.0.0` | | [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) | `3.0.1` | `3.0.3` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.35.0` | `0.36.0` | | [webiny/action-conventional-commits](https://github.com/webiny/action-conventional-commits) | `1.3.1` | `1.4.2` | Updates `chainguard-dev/actions` from 1.6.11 to 1.6.23 - [Release notes](https://github.com/chainguard-dev/actions/releases) - [Commits](https://github.com/chainguard-dev/actions/compare/8bb24c24be6871bee44f19be55ea11e3b2aea3dd...5f020827ba80ff5d64d45116542d0c733e8e7e71) Updates `codecov/codecov-action` from 6.0.0 to 7.0.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v6.0.0...v7.0.0) Updates `slackapi/slack-github-action` from 3.0.1 to 3.0.3 - [Release notes](https://github.com/slackapi/slack-github-action/releases) - [Changelog](https://github.com/slackapi/slack-github-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/slackapi/slack-github-action/compare/af78098f536edbc4de71162a307590698245be95...45a88b9581bfab2566dc881e2cd66d334e621e2c) Updates `aquasecurity/trivy-action` from 0.35.0 to 0.36.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/57a97c7e7821a5776cebc9bb87c984fa69cba8f1...ed142fd0673e97e23eac54620cfb913e5ce36c25) Updates `webiny/action-conventional-commits` from 1.3.1 to 1.4.2 - [Release notes](https://github.com/webiny/action-conventional-commits/releases) - [Commits](https://github.com/webiny/action-conventional-commits/compare/v1.3.1...v1.4.2) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-version: 0.36.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: chainguard-dev/actions dependency-version: 1.6.19 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: codecov/codecov-action dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: slackapi/slack-github-action dependency-version: 3.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: webiny/action-conventional-commits dependency-version: 1.4.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/build-test.yaml | 4 ++-- .github/workflows/docs.yaml | 2 +- .github/workflows/lint.yaml | 4 ++-- .github/workflows/release-windows.yml | 2 +- .github/workflows/release.yaml | 4 ++-- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/build-test.yaml b/.github/workflows/build-test.yaml index 28de88a2..9f7289c7 100644 --- a/.github/workflows/build-test.yaml +++ b/.github/workflows/build-test.yaml @@ -34,7 +34,7 @@ jobs: - uses: "authzed/actions/setup-go@main" - name: "Generate docs" run: "go run mage.go gen:docs" - - uses: "chainguard-dev/actions/nodiff@8bb24c24be6871bee44f19be55ea11e3b2aea3dd" # main + - uses: "chainguard-dev/actions/nodiff@5f020827ba80ff5d64d45116542d0c733e8e7e71" # main with: path: "" fixup-command: "mage gen:docs" @@ -52,7 +52,7 @@ jobs: - name: "Unit tests with coverage" run: "go run mage.go test:runWithCoverage" - name: "Upload coverage to Codecov" - uses: "codecov/codecov-action@v6.0.0" + uses: "codecov/codecov-action@v7.0.0" with: files: "./coverage.txt" verbose: true diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml index cf6feb9a..20946370 100644 --- a/.github/workflows/docs.yaml +++ b/.github/workflows/docs.yaml @@ -71,7 +71,7 @@ jobs: GH_TOKEN: "${{ secrets.AUTHZEDAPPROVER_REPO_SCOPED_TOKEN }}" - name: "Notify in Slack if failure" if: "${{ failure() }}" - uses: "slackapi/slack-github-action@af78098f536edbc4de71162a307590698245be95" # v3.0.1 + uses: "slackapi/slack-github-action@45a88b9581bfab2566dc881e2cd66d334e621e2c" # v3.0.3 with: webhook: "${{ secrets.SLACK_BUILDS_WEBHOOK_URL }}" webhook-type: "incoming-webhook" diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index cb905249..ed51867e 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -53,7 +53,7 @@ jobs: runs-on: "depot-ubuntu-latest" steps: - uses: "actions/checkout@v6" - - uses: "aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1" # For https://github.com/aquasecurity/trivy/security/advisories/GHSA-69fq-xp46-6x23 + - uses: "aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25" # For https://github.com/aquasecurity/trivy/security/advisories/GHSA-69fq-xp46-6x23 with: scan-type: "fs" ignore-unfixed: true @@ -104,4 +104,4 @@ jobs: if: "github.event_name == 'pull_request' && (github.event.action == 'opened' || github.event.action == 'synchronize' || github.event.action == 'reopened' || github.event.action == 'edited')" steps: - uses: "actions/checkout@v6" - - uses: "webiny/action-conventional-commits@v1.3.1" + - uses: "webiny/action-conventional-commits@v1.4.2" diff --git a/.github/workflows/release-windows.yml b/.github/workflows/release-windows.yml index 6437381f..b3a733d4 100644 --- a/.github/workflows/release-windows.yml +++ b/.github/workflows/release-windows.yml @@ -37,7 +37,7 @@ jobs: CHOCOLATEY_API_KEY: "${{ secrets.CHOCOLATEY_API_KEY }}" - name: "Notify in Slack if failure" if: "${{ failure() }}" - uses: "slackapi/slack-github-action@af78098f536edbc4de71162a307590698245be95" # v3.0.1 + uses: "slackapi/slack-github-action@45a88b9581bfab2566dc881e2cd66d334e621e2c" # v3.0.3 with: webhook: "${{ secrets.SLACK_BUILDS_WEBHOOK_URL }}" webhook-type: "incoming-webhook" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 1a3bbf62..590bd8f5 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -32,7 +32,7 @@ jobs: GEMFURY_PUSH_TOKEN: "${{ secrets.GEMFURY_PUSH_TOKEN }}" - name: "Notify in Slack if failure" if: "${{ failure() }}" - uses: "slackapi/slack-github-action@af78098f536edbc4de71162a307590698245be95" # v3.0.1 + uses: "slackapi/slack-github-action@45a88b9581bfab2566dc881e2cd66d334e621e2c" # v3.0.3 with: webhook: "${{ secrets.SLACK_BUILDS_WEBHOOK_URL }}" webhook-type: "incoming-webhook" @@ -72,7 +72,7 @@ jobs: GORELEASER_KEY: "${{ secrets.GORELEASER_KEY }}" - name: "Notify in Slack if failure" if: "${{ failure() }}" - uses: "slackapi/slack-github-action@af78098f536edbc4de71162a307590698245be95" # v3.0.1 + uses: "slackapi/slack-github-action@45a88b9581bfab2566dc881e2cd66d334e621e2c" # v3.0.3 with: webhook: "${{ secrets.SLACK_BUILDS_WEBHOOK_URL }}" webhook-type: "incoming-webhook"