From 5e3833740411ff1ff15b3a9abc4380c6e8b94d45 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 13 Apr 2026 01:58:11 +0000 Subject: [PATCH] chore(deps): Bump the development-dependencies group with 4 updates Bumps the development-dependencies group with 4 updates: [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request), [actions/upload-artifact](https://github.com/actions/upload-artifact), [taiki-e/install-action](https://github.com/taiki-e/install-action) and [softprops/action-gh-release](https://github.com/softprops/action-gh-release). Updates `peter-evans/create-pull-request` from 8.1.0 to 8.1.1 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/c0f553fe549906ede9cf27b5156039d195d2ece0...5f6978faf089d4d20b00c7766989d076bb2fc7f1) Updates `actions/upload-artifact` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a) Updates `taiki-e/install-action` from 2.75.3 to 2.75.7 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/b8be7f5e140177087325943c4a8e169d01c59b3d...0abfcd587b70a713fdaa7fb502c885e2112acb15) Updates `softprops/action-gh-release` from 2.6.1 to 3.0.0 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/153bb8e04406b158c6c84fc1615b65b24149a1fe...b4309332981a82ec1c5618f44dd2e27cc8bfbfda) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-version: 8.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: development-dependencies - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: development-dependencies - dependency-name: taiki-e/install-action dependency-version: 2.75.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: development-dependencies - dependency-name: softprops/action-gh-release dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: development-dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/contributors.yml | 2 +- .github/workflows/fuzz-test.yml | 4 ++-- .github/workflows/go-test-monorepo.yml | 4 ++-- .github/workflows/go-test.yml | 4 ++-- .github/workflows/prepare-release-monorepo.yml | 2 +- .github/workflows/release.yml | 4 ++-- 6 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/contributors.yml b/.github/workflows/contributors.yml index c6967d9..3e6b93e 100644 --- a/.github/workflows/contributors.yml +++ b/.github/workflows/contributors.yml @@ -136,7 +136,7 @@ jobs: enable-tag-signing: "false" - name: Create a PR id: create-pull-request - uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0 + uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 with: commit-message: "doc: updated contributors file" branch: doc/contributors-bot diff --git a/.github/workflows/fuzz-test.yml b/.github/workflows/fuzz-test.yml index 7f68939..62939c6 100644 --- a/.github/workflows/fuzz-test.yml +++ b/.github/workflows/fuzz-test.yml @@ -151,7 +151,7 @@ jobs: - name: Upload failed cases if: ${{ failure() }} - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 # TODO(fredbi): ideally, after uploading, we should fire a pull request to add # this corpus to testdata. with: @@ -163,7 +163,7 @@ jobs: name: Upload current corpus # This is the current corpus, it does not contain the latest failed case if: ${{ always() }} - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: path: ${{ env.CORPUS_DIR }} name: '${{ runner.os }}-fuzz-corpus-${{ matrix.test }}' diff --git a/.github/workflows/go-test-monorepo.yml b/.github/workflows/go-test-monorepo.yml index 3882d52..8477e4f 100644 --- a/.github/workflows/go-test-monorepo.yml +++ b/.github/workflows/go-test-monorepo.yml @@ -214,7 +214,7 @@ jobs: ./... - name: Upload coverage artifacts - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: # *.coverage.* pattern is automatically detected by codecov path: '**/*.coverage.*.out' @@ -224,7 +224,7 @@ jobs: name: Upload test report artifacts # upload report even if tests fail. BTW, this is when they are valuable. if: ${{ !cancelled() }} - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: path: '**/unit.report.*.json' name: 'unit.report.${{ matrix.os }}-${{ matrix.go }}' diff --git a/.github/workflows/go-test.yml b/.github/workflows/go-test.yml index 0fac4e7..e75f3d9 100644 --- a/.github/workflows/go-test.yml +++ b/.github/workflows/go-test.yml @@ -109,7 +109,7 @@ jobs: ./... - name: Upload coverage artifacts - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: # *.coverage.* pattern is automatically detected by codecov path: '**/*.coverage.*.out' @@ -119,7 +119,7 @@ jobs: name: Upload test report artifacts # upload report even if test fail. BTW, this is when they are valuable. if: ${{ !cancelled() }} - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: path: '**/unit.report.*.json' name: 'unit.report.${{ matrix.os }}-${{ matrix.go }}' diff --git a/.github/workflows/prepare-release-monorepo.yml b/.github/workflows/prepare-release-monorepo.yml index e3e26cd..0a0a659 100644 --- a/.github/workflows/prepare-release-monorepo.yml +++ b/.github/workflows/prepare-release-monorepo.yml @@ -203,7 +203,7 @@ jobs: enable-tag-signing: "false" - name: Create pull request id: create-pull-request - uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0 + uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 env: TARGET_TAG: ${{ inputs.target-tag }} with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 56d774c..0995dcd 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -92,7 +92,7 @@ jobs: uses: go-openapi/gh-actions/ci-jobs/detect-go-monorepo@22f6d5e0e1d13b8e835ea0ffe69ed5589f7cc354 # v1.4.11 - name: Install git-cliff - uses: taiki-e/install-action@b8be7f5e140177087325943c4a8e169d01c59b3d # v2.75.3 + uses: taiki-e/install-action@0abfcd587b70a713fdaa7fb502c885e2112acb15 # v2.75.7 with: tool: git-cliff - @@ -338,7 +338,7 @@ jobs: } >> "${GITHUB_OUTPUT}" - name: Create github release - uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1 + uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0 with: body: ${{ inputs.is-monorepo == 'true' && steps.notes-monorepo.outputs.content || steps.notes.outputs.content }} tag_name: ${{ inputs.tag }}