From 811e09e8137329ccf87e900ff7f41b4ddf62b8d1 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 12 May 2026 01:20:22 +0000 Subject: [PATCH] deps(actions): bump the actions-all group with 4 updates Bumps the actions-all group with 4 updates: [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials), [taiki-e/install-action](https://github.com/taiki-e/install-action), [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) and [github/codeql-action](https://github.com/github/codeql-action). Updates `aws-actions/configure-aws-credentials` from 6.1.0 to 6.1.1 - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws-actions/configure-aws-credentials/compare/ec61189d14ec14c8efccab744f656cffd0e33f37...d979d5b3a71173a29b74b5b88418bfda9437d885) Updates `taiki-e/install-action` from 2.76.0 to 2.77.6 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/711e1c3275189d76dcc4d34ddea63bf96ac49090...c070f87102a1c75b3183910f391c1cb887fe13c8) Updates `sigstore/cosign-installer` from 4.1.1 to 4.1.2 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003...6f9f17788090df1f26f669e9d70d6ae9567deba6) Updates `github/codeql-action` from 4.35.3 to 4.35.4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/e46ed2cbd01164d986452f91f178727624ae40d7...68bde559dea0fdcac2102bfdf6230c5f70eb485e) --- updated-dependencies: - dependency-name: aws-actions/configure-aws-credentials dependency-version: 6.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-all - dependency-name: taiki-e/install-action dependency-version: 2.77.6 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-all - dependency-name: sigstore/cosign-installer dependency-version: 4.1.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-all - dependency-name: github/codeql-action dependency-version: 4.35.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-all ... Signed-off-by: dependabot[bot] --- .github/workflows/aws-platform-tests.yml | 2 +- .github/workflows/build-arm64-ami.yml | 2 +- .github/workflows/ci.yml | 2 +- .github/workflows/fleet-test.yml | 2 +- .github/workflows/fuzz.yml | 2 +- .github/workflows/integration-arm64-aws.yml | 4 ++-- .github/workflows/platform-tests.yml | 4 ++-- .github/workflows/release.yml | 2 +- .github/workflows/security.yml | 4 ++-- 9 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/aws-platform-tests.yml b/.github/workflows/aws-platform-tests.yml index d6f99d6..6094ffb 100644 --- a/.github/workflows/aws-platform-tests.yml +++ b/.github/workflows/aws-platform-tests.yml @@ -167,7 +167,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Configure AWS credentials (OIDC) - uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 + uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} aws-region: ${{ env.AWS_REGION }} diff --git a/.github/workflows/build-arm64-ami.yml b/.github/workflows/build-arm64-ami.yml index 87fcfc3..f984c9f 100644 --- a/.github/workflows/build-arm64-ami.yml +++ b/.github/workflows/build-arm64-ami.yml @@ -42,7 +42,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Configure AWS credentials (OIDC) - uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 + uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} aws-region: ${{ env.AWS_REGION }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 26e36f8..337e8d8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -624,7 +624,7 @@ jobs: sudo apt-get install -y libpam0g-dev libssl-dev pkg-config libdbus-1-dev libtss2-dev - name: Install cargo-llvm-cov - uses: taiki-e/install-action@711e1c3275189d76dcc4d34ddea63bf96ac49090 # v2.76.0 + uses: taiki-e/install-action@c070f87102a1c75b3183910f391c1cb887fe13c8 # v2.77.6 with: tool: cargo-llvm-cov diff --git a/.github/workflows/fleet-test.yml b/.github/workflows/fleet-test.yml index 82b4f83..399126d 100644 --- a/.github/workflows/fleet-test.yml +++ b/.github/workflows/fleet-test.yml @@ -104,7 +104,7 @@ jobs: # ----------------------------------------------------------------------- - name: Configure AWS credentials (OIDC) if: inputs.cloud == 'aws' - uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 + uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} aws-region: ${{ env.AWS_REGION }} diff --git a/.github/workflows/fuzz.yml b/.github/workflows/fuzz.yml index 4af7d8b..a55f8bd 100644 --- a/.github/workflows/fuzz.yml +++ b/.github/workflows/fuzz.yml @@ -54,7 +54,7 @@ jobs: # Avoids `cargo install cargo-fuzz --locked` pinning to rustix 0.36.5 # which fails to compile on current Rust toolchains. taiki-e fetches a # prebuilt binary, sidestepping the from-source rebuild. - uses: taiki-e/install-action@711e1c3275189d76dcc4d34ddea63bf96ac49090 # v2.76.0 + uses: taiki-e/install-action@c070f87102a1c75b3183910f391c1cb887fe13c8 # v2.77.6 with: tool: cargo-fuzz diff --git a/.github/workflows/integration-arm64-aws.yml b/.github/workflows/integration-arm64-aws.yml index ac1a963..cce2027 100644 --- a/.github/workflows/integration-arm64-aws.yml +++ b/.github/workflows/integration-arm64-aws.yml @@ -33,7 +33,7 @@ jobs: steps: - name: Configure AWS credentials (OIDC) - uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 + uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} aws-region: ${{ env.AWS_REGION }} @@ -94,7 +94,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Configure AWS credentials (OIDC) - uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 + uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} aws-region: ${{ env.AWS_REGION }} diff --git a/.github/workflows/platform-tests.yml b/.github/workflows/platform-tests.yml index 81a81e7..1633af0 100644 --- a/.github/workflows/platform-tests.yml +++ b/.github/workflows/platform-tests.yml @@ -214,7 +214,7 @@ jobs: path: artifacts/ - name: Configure AWS credentials (OIDC) - uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 + uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} aws-region: ${{ env.AWS_REGION }} @@ -480,7 +480,7 @@ jobs: path: artifacts/ - name: Configure AWS credentials (OIDC) - uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0 + uses: aws-actions/configure-aws-credentials@d979d5b3a71173a29b74b5b88418bfda9437d885 # v6.1.1 with: role-to-assume: ${{ secrets.AWS_ROLE_ARN }} aws-region: ${{ env.AWS_REGION }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 71e353c..cb0a46d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -384,7 +384,7 @@ jobs: cat SHA256SUMS - name: Install Cosign - uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1 + uses: sigstore/cosign-installer@6f9f17788090df1f26f669e9d70d6ae9567deba6 # v4.1.2 - name: Sign release artifacts working-directory: release-files diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 1f7cbac..a75a792 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -59,7 +59,7 @@ jobs: - name: Upload Snyk results to GitHub Security tab if: steps.check-token.outputs.skip != 'true' - uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 # v4 + uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4 with: sarif_file: snyk.sarif @@ -177,7 +177,7 @@ jobs: publish_results: true - name: Upload Scorecard results to GitHub Security tab - uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 # v4 + uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4 if: always() with: sarif_file: scorecard-results.sarif