From f65b4712d76778e167c8ce167bc083babd00399c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Apr 2026 12:05:29 +0000 Subject: [PATCH] chore: github actions update(deps): bump the version-updates group Bumps the version-updates group in /.github/workflows with 2 updates: [mikefarah/yq](https://github.com/mikefarah/yq) and [github/codeql-action](https://github.com/github/codeql-action). Updates `mikefarah/yq` from 4 to 4.52.5 - [Release notes](https://github.com/mikefarah/yq/releases) - [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt) - [Commits](https://github.com/mikefarah/yq/compare/v4...v4.52.5) Updates `github/codeql-action` from 4 to 4.35.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v4...v4.35.1) --- updated-dependencies: - dependency-name: mikefarah/yq dependency-version: 4.52.5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: version-updates - dependency-name: github/codeql-action dependency-version: 4.35.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: version-updates ... Signed-off-by: dependabot[bot] --- .github/workflows/agents-validate.yaml | 2 +- .github/workflows/codeql.yaml | 4 ++-- .github/workflows/dependabot-autobump.yaml | 2 +- .github/workflows/docs-bump.yaml | 2 +- .github/workflows/release.yml | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/agents-validate.yaml b/.github/workflows/agents-validate.yaml index ee5e246f..fda8bdc7 100644 --- a/.github/workflows/agents-validate.yaml +++ b/.github/workflows/agents-validate.yaml @@ -33,7 +33,7 @@ jobs: submodules: true - name: Install yq - uses: mikefarah/yq@v4 + uses: mikefarah/yq@v4.52.5 - name: Validate agent instructions and skills run: ./scripts/workflows/agents-validate_agents-instructions-check.sh diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 5a489a2d..89aeb061 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -60,7 +60,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v4 + uses: github/codeql-action/init@v4.35.1 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -88,6 +88,6 @@ jobs: exit 1 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v4 + uses: github/codeql-action/analyze@v4.35.1 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/dependabot-autobump.yaml b/.github/workflows/dependabot-autobump.yaml index 9d9c94e6..deb43d05 100644 --- a/.github/workflows/dependabot-autobump.yaml +++ b/.github/workflows/dependabot-autobump.yaml @@ -38,7 +38,7 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} - name: Install yq - uses: mikefarah/yq@v4 + uses: mikefarah/yq@v4.52.5 - name: Check if auto-bump already applied id: check_autobump diff --git a/.github/workflows/docs-bump.yaml b/.github/workflows/docs-bump.yaml index 6746f819..50623dc0 100644 --- a/.github/workflows/docs-bump.yaml +++ b/.github/workflows/docs-bump.yaml @@ -19,7 +19,7 @@ jobs: uses: actions/checkout@v6 - name: Install yq - uses: mikefarah/yq@v4 + uses: mikefarah/yq@v4.52.5 - name: Version Bump run: ./scripts/workflows/docs-bump_docs-bump_version-bump.sh diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 6b51dd1a..393b0469 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -48,7 +48,7 @@ jobs: ref: ${{ github.event_name == 'workflow_dispatch' && (inputs.target_commitish != '' && inputs.target_commitish || github.sha) || github.sha }} - name: Install yq - uses: mikefarah/yq@v4 + uses: mikefarah/yq@v4.52.5 - name: Build candidate metadata id: meta