From 8948a7b9c61f24c6c67d5b0af5c0699444050ed3 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 17 Apr 2026 11:22:43 +0000 Subject: [PATCH] chore(deps): bump the github-actions group across 1 directory with 6 updates Bumps the github-actions group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [AbsaOSS/organizational-workflows/.github/workflows/aquasec-scan.yml](https://github.com/absaoss/organizational-workflows) | `0.5.0` | `0.6.0` | | [actions/checkout](https://github.com/actions/checkout) | `6.0.1` | `6.0.2` | | [github/codeql-action](https://github.com/github/codeql-action) | `7434149006143a4d75b82a2f411ef15b03ccc2d7` | `0b7b740d4cd9b44f80c907b666497564df09d1d9` | | [actions/setup-python](https://github.com/actions/setup-python) | `6.1.0` | `6.2.0` | | [actions/github-script](https://github.com/actions/github-script) | `8.0.0` | `9.0.0` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.6.1` | `3.0.0` | Updates `AbsaOSS/organizational-workflows/.github/workflows/aquasec-scan.yml` from 0.5.0 to 0.6.0 - [Release notes](https://github.com/absaoss/organizational-workflows/releases) - [Commits](https://github.com/absaoss/organizational-workflows/compare/d5379d7bfc89dfb5ba359516525c4b07846d9716...40457bc605a067300785cfb89f0b71eccd97213c) Updates `actions/checkout` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v6.0.1...de0fac2e4500dabe0009e67214ff5f5447ce83dd) Updates `github/codeql-action` from 7434149006143a4d75b82a2f411ef15b03ccc2d7 to 0b7b740d4cd9b44f80c907b666497564df09d1d9 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/7434149006143a4d75b82a2f411ef15b03ccc2d7...0b7b740d4cd9b44f80c907b666497564df09d1d9) Updates `actions/setup-python` from 6.1.0 to 6.2.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v6.1.0...a309ff8b426b58ec0e2a45f0f869d46889d02405) Updates `actions/github-script` from 8.0.0 to 9.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/ed597411d8f924073f98dfc5c65a23a2325f34cd...3a2844b7e9c422d3c10d287c895573f7108da1b3) Updates `softprops/action-gh-release` from 2.6.1 to 3.0.0 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/153bb8e04406b158c6c84fc1615b65b24149a1fe...b4309332981a82ec1c5618f44dd2e27cc8bfbfda) --- updated-dependencies: - dependency-name: AbsaOSS/organizational-workflows/.github/workflows/aquasec-scan.yml dependency-version: 0.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 0b7b740d4cd9b44f80c907b666497564df09d1d9 dependency-type: direct:production dependency-group: github-actions - dependency-name: actions/setup-python dependency-version: 6.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/github-script dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: softprops/action-gh-release dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/aquasec-night-scan.yml | 2 +- .github/workflows/aquasec-scan.yml | 2 +- .github/workflows/check_python.yml | 18 +++++++++--------- .github/workflows/release_draft.yml | 4 ++-- .../remove-adept-to-close-on-issue-close.yml | 2 +- 5 files changed, 14 insertions(+), 14 deletions(-) diff --git a/.github/workflows/aquasec-night-scan.yml b/.github/workflows/aquasec-night-scan.yml index ef316f1..303fc36 100644 --- a/.github/workflows/aquasec-night-scan.yml +++ b/.github/workflows/aquasec-night-scan.yml @@ -33,7 +33,7 @@ permissions: jobs: aquasec-night-scan: - uses: AbsaOSS/organizational-workflows/.github/workflows/aquasec-scan.yml@d5379d7bfc89dfb5ba359516525c4b07846d9716 + uses: AbsaOSS/organizational-workflows/.github/workflows/aquasec-scan.yml@40457bc605a067300785cfb89f0b71eccd97213c with: severity-priority-map: 'Critical=P0,High=P1,Medium=P2,Low=P3' project-number: 203 diff --git a/.github/workflows/aquasec-scan.yml b/.github/workflows/aquasec-scan.yml index dc96f28..a773f77 100644 --- a/.github/workflows/aquasec-scan.yml +++ b/.github/workflows/aquasec-scan.yml @@ -95,7 +95,7 @@ jobs: verbose-logging: ${{ inputs.verbose-logging }} - name: Upload scan results to GitHub Security and quality - uses: github/codeql-action/upload-sarif@7434149006143a4d75b82a2f411ef15b03ccc2d7 + uses: github/codeql-action/upload-sarif@0b7b740d4cd9b44f80c907b666497564df09d1d9 with: sarif_file: ${{ steps.aquasec.outputs.nightscan-sarif-file }} category: aquasec diff --git a/.github/workflows/check_python.yml b/.github/workflows/check_python.yml index 802ccb6..09c99dc 100644 --- a/.github/workflows/check_python.yml +++ b/.github/workflows/check_python.yml @@ -38,7 +38,7 @@ jobs: python_changed: ${{ steps.changes.outputs.python_changed }} steps: - name: Checkout repository - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: persist-credentials: false fetch-depth: 0 @@ -72,13 +72,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: persist-credentials: false fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 with: python-version: '3.14' cache: 'pip' @@ -108,13 +108,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: persist-credentials: false fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 with: python-version: '3.14' cache: 'pip' @@ -133,13 +133,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: persist-credentials: false fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 with: python-version: '3.14' cache: 'pip' @@ -158,13 +158,13 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: persist-credentials: false fetch-depth: 0 - name: Set up Python - uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 + uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 with: python-version: '3.14' cache: 'pip' diff --git a/.github/workflows/release_draft.yml b/.github/workflows/release_draft.yml index 4568701..4a920c2 100644 --- a/.github/workflows/release_draft.yml +++ b/.github/workflows/release_draft.yml @@ -89,7 +89,7 @@ jobs: hierarchy: true - name: Create and Push Tag - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 env: TAG_NAME: ${{ github.event.inputs.tag-name }} with: @@ -109,7 +109,7 @@ jobs: github-token: ${{ secrets.GITHUB_TOKEN }} - name: Create Draft Release - uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe + uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/remove-adept-to-close-on-issue-close.yml b/.github/workflows/remove-adept-to-close-on-issue-close.yml index 88acb4d..e41a30f 100644 --- a/.github/workflows/remove-adept-to-close-on-issue-close.yml +++ b/.github/workflows/remove-adept-to-close-on-issue-close.yml @@ -34,7 +34,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Remove label when conditions match - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 with: script: | const issue = context.payload.issue;