From 4d7658a9541017b9cef549051d50f2ea9f3f0711 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sat, 14 Mar 2026 01:21:07 +0000 Subject: [PATCH] refactor(deps): update all dependencies --- .github/workflows/docker-build.yml | 16 ++++++++-------- .github/workflows/release.yml | 2 +- .github/workflows/security.yml | 4 ++-- .pre-commit-config.yaml | 8 ++++---- 4 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index a1252ac..1753935 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -30,7 +30,7 @@ jobs: uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad # v4.0.0 - name: Docker meta id: meta - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6 with: # list of Docker images to use as base name for tags images: | @@ -47,17 +47,17 @@ jobs: type=sha,format=long type=raw,value=latest,enable={{is_default_branch}} - name: Set up QEMU - uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3 + uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4 - name: Login to Docker Hub - uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 + uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4 if: github.event_name != 'pull_request' with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Login to GitHub Container Registry - uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3 + uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4 if: github.event_name != 'pull_request' with: registry: ghcr.io @@ -66,7 +66,7 @@ jobs: - name: Get Git commit timestamps run: echo "TIMESTAMP=$(git log -1 --pretty=%ct)" >> $GITHUB_ENV - name: Build Testimage - uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6 + uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7 env: SOURCE_DATE_EPOCH: ${{ env.TIMESTAMP }} with: @@ -77,7 +77,7 @@ jobs: - name: Run small selftest on build container image run: docker run -v "./tests/selftest.sh:/selftest.sh" "${{ env.TEST_TAG }}" ./selftest.sh - name: Build and push - uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6 + uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7 id: docker-build env: SOURCE_DATE_EPOCH: ${{ env.TIMESTAMP }} @@ -111,7 +111,7 @@ jobs: output: "trivy-results.sarif" severity: "CRITICAL,HIGH" - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4 + uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4 if: ${{ github.event_name != 'pull_request' }} with: sarif_file: "trivy-results.sarif" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c6cb2ab..ccde3e5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: with: fetch-depth: 0 - name: Setup Node.js - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6 + uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6 with: node-version: "lts/*" - name: Release diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 30793c1..70aebb6 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -19,13 +19,13 @@ jobs: - name: Checkout repository uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Run Trivy vulnerability scanner in repo mode - uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # 0.34.1 + uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # 0.35.0 with: scan-type: 'fs' format: 'sarif' output: 'trivy-results-fs.sarif' severity: 'CRITICAL,HIGH,MEDIUM' - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4 + uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4 with: sarif_file: 'trivy-results-fs.sarif' diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 34b6e7b..56391ba 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -8,7 +8,7 @@ repos: - id: end-of-file-fixer - id: check-added-large-files - repo: https://github.com/commitizen-tools/commitizen - rev: v4.13.8 + rev: v4.13.9 hooks: - id: commitizen stages: @@ -24,14 +24,14 @@ repos: - -t - warning - repo: https://github.com/igorshubovych/markdownlint-cli - rev: v0.47.0 + rev: v0.48.0 hooks: - id: markdownlint-fix args: - "-i" - "CHANGELOG.md" - repo: https://github.com/renovatebot/pre-commit-hooks - rev: 43.31.1 + rev: 43.59.2 hooks: - id: renovate-config-validator - repo: https://github.com/google/yamlfmt.git @@ -39,6 +39,6 @@ repos: hooks: - id: yamlfmt - repo: https://github.com/biomejs/pre-commit - rev: v2.4.4 + rev: v2.4.6 hooks: - id: biome-format