From fbdada063fd400d23cca59ffabbfc9bc3f09f046 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 Mar 2026 01:04:17 +0000 Subject: [PATCH] chore(deps): bump the actions group with 3 updates Bumps the actions group with 3 updates: [github/codeql-action](https://github.com/github/codeql-action), [erlef/setup-beam](https://github.com/erlef/setup-beam) and [ruby/setup-ruby](https://github.com/ruby/setup-ruby). Updates `github/codeql-action` from 4.32.5 to 4.32.6 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/c793b717bc78562f491db7b0e93a3a178b099162...0d579ffd059c29b07949a3cce3983f0780820c98) Updates `erlef/setup-beam` from 1.21.0 to 1.22.0 - [Release notes](https://github.com/erlef/setup-beam/releases) - [Commits](https://github.com/erlef/setup-beam/compare/3580539ceec3dc05b0ed51e9e10b08eb7a7c2bb4...9d5b75ddfda22fb979d2270283237aef8aa68d6b) Updates `ruby/setup-ruby` from 1.288.0 to 1.290.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/09a7688d3b55cf0e976497ff046b70949eeaccfd...6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: erlef/setup-beam dependency-version: 1.22.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: ruby/setup-ruby dependency-version: 1.290.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 4 ++-- .github/workflows/hypatia-scan.yml | 2 +- .github/workflows/jekyll.yml | 2 +- .github/workflows/scorecard-enforcer.yml | 2 +- .github/workflows/scorecard.yml | 2 +- .github/workflows/svalin-scan.yml | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index bced6b3..4183d70 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -29,12 +29,12 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Initialize CodeQL - uses: github/codeql-action/init@c793b717bc78562f491db7b0e93a3a178b099162 # v3.28.1 + uses: github/codeql-action/init@0d579ffd059c29b07949a3cce3983f0780820c98 # v3.28.1 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@c793b717bc78562f491db7b0e93a3a178b099162 # v3.28.1 + uses: github/codeql-action/analyze@0d579ffd059c29b07949a3cce3983f0780820c98 # v3.28.1 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/hypatia-scan.yml b/.github/workflows/hypatia-scan.yml index 83f22cf..9f3b3b5 100644 --- a/.github/workflows/hypatia-scan.yml +++ b/.github/workflows/hypatia-scan.yml @@ -25,7 +25,7 @@ jobs: fetch-depth: 0 # Full history for better pattern analysis - name: Setup Elixir for Hypatia scanner - uses: erlef/setup-beam@3580539ceec3dc05b0ed51e9e10b08eb7a7c2bb4 # v1.18.2 + uses: erlef/setup-beam@9d5b75ddfda22fb979d2270283237aef8aa68d6b # v1.18.2 with: elixir-version: '1.19.4' otp-version: '28.3' diff --git a/.github/workflows/jekyll.yml b/.github/workflows/jekyll.yml index 10988b3..a4b08bc 100644 --- a/.github/workflows/jekyll.yml +++ b/.github/workflows/jekyll.yml @@ -36,7 +36,7 @@ jobs: uses: actions/checkout@v6.0.2 - name: Setup Ruby # https://github.com/ruby/setup-ruby/releases/tag/v1.207.0 - uses: ruby/setup-ruby@09a7688d3b55cf0e976497ff046b70949eeaccfd + uses: ruby/setup-ruby@6ca151fd1bfcfd6fe0c4eb6837eb0584d0134a0c with: ruby-version: '3.1' # Not needed with a .ruby-version file bundler-cache: true # runs 'bundle install' and caches installed gems automatically diff --git a/.github/workflows/scorecard-enforcer.yml b/.github/workflows/scorecard-enforcer.yml index 93b2a0d..4ad1f3b 100644 --- a/.github/workflows/scorecard-enforcer.yml +++ b/.github/workflows/scorecard-enforcer.yml @@ -30,7 +30,7 @@ jobs: publish_results: true - name: Upload SARIF - uses: github/codeql-action/upload-sarif@c793b717bc78562f491db7b0e93a3a178b099162 # v3 + uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v3 with: sarif_file: results.sarif diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 1536ce5..14642d9 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -27,6 +27,6 @@ jobs: results_format: sarif - name: Upload results - uses: github/codeql-action/upload-sarif@c793b717bc78562f491db7b0e93a3a178b099162 # v3.31.8 + uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v3.31.8 with: sarif_file: results.sarif diff --git a/.github/workflows/svalin-scan.yml b/.github/workflows/svalin-scan.yml index a3a1434..4ce2daa 100644 --- a/.github/workflows/svalin-scan.yml +++ b/.github/workflows/svalin-scan.yml @@ -129,7 +129,7 @@ jobs: - name: Upload SARIF results if: always() - uses: github/codeql-action/upload-sarif@c793b717bc78562f491db7b0e93a3a178b099162 # v3 + uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v3 with: sarif_file: svalin-results.sarif category: svalin