Skip to content

Commit 067d1bf

Browse files
ci: Bump the actions group with 3 updates (#16)
Bumps the actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [anchore/sbom-action](https://github.com/anchore/sbom-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `step-security/harden-runner` from 2.15.0 to 2.15.1 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@a90bcbc...58077d3) Updates `anchore/sbom-action` from 0.23.0 to 0.23.1 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](anchore/sbom-action@17ae174...57aae52) Updates `github/codeql-action` from 4.32.5 to 4.32.6 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c793b71...0d579ff) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.15.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: anchore/sbom-action dependency-version: 0.23.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: github/codeql-action dependency-version: 4.32.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent 2b0c149 commit 067d1bf

5 files changed

Lines changed: 9 additions & 9 deletions

File tree

.github/workflows/_build-reusable.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ jobs:
2020
attestations: write
2121
steps:
2222
- name: Harden runner
23-
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
23+
uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1
2424
with:
2525
egress-policy: audit
2626

@@ -46,7 +46,7 @@ jobs:
4646
"
4747
4848
- name: Generate CycloneDX SBOM
49-
uses: anchore/sbom-action@17ae1740179002c89186b61233e0f892c3118b11 # v0.23.0
49+
uses: anchore/sbom-action@57aae528053a48a3f6235f2d9461b05fbcb7366d # v0.23.1
5050
with:
5151
path: .
5252
format: cyclonedx-json
@@ -55,7 +55,7 @@ jobs:
5555
upload-release-assets: false
5656

5757
- name: Generate SPDX SBOM
58-
uses: anchore/sbom-action@17ae1740179002c89186b61233e0f892c3118b11 # v0.23.0
58+
uses: anchore/sbom-action@57aae528053a48a3f6235f2d9461b05fbcb7366d # v0.23.1
5959
with:
6060
path: .
6161
format: spdx-json

.github/workflows/codeql.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -27,13 +27,13 @@ jobs:
2727
steps:
2828
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
2929
- name: Initialize CodeQL
30-
uses: github/codeql-action/init@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5
30+
uses: github/codeql-action/init@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
3131
with:
3232
languages: ${{ matrix.language }}
3333
queries: +security-extended
3434
- name: Autobuild
35-
uses: github/codeql-action/autobuild@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5
35+
uses: github/codeql-action/autobuild@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
3636
- name: Perform CodeQL Analysis
37-
uses: github/codeql-action/analyze@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5
37+
uses: github/codeql-action/analyze@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
3838
with:
3939
category: "/language:${{ matrix.language }}"

.github/workflows/grippy-review.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ jobs:
1818
if: github.event.pull_request.head.repo.full_name == github.repository
1919
runs-on: ubuntu-latest
2020
steps:
21-
- uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
21+
- uses: step-security/harden-runner@58077d3c7e43986b6b15fba718e8ea69e387dfcc # v2.15.1
2222
with:
2323
egress-policy: audit
2424

.github/workflows/scorecard.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -38,6 +38,6 @@ jobs:
3838
retention-days: 5
3939

4040
- name: Upload to code-scanning
41-
uses: github/codeql-action/upload-sarif@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5
41+
uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
4242
with:
4343
sarif_file: results.sarif

.github/workflows/semgrep.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ jobs:
2525
- name: Run Semgrep
2626
run: semgrep scan --config p/python --config p/owasp-top-ten --sarif -o semgrep.sarif .
2727
- name: Upload SARIF
28-
uses: github/codeql-action/upload-sarif@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5
28+
uses: github/codeql-action/upload-sarif@0d579ffd059c29b07949a3cce3983f0780820c98 # v4.32.6
2929
if: always()
3030
with:
3131
sarif_file: semgrep.sarif

0 commit comments

Comments
 (0)