From 60a4f7df3c470b1a277dec6c4a219f21cf2ecca0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Feb 2025 17:38:43 +0000 Subject: [PATCH] build(deps): bump the all group across 1 directory with 2 updates Bumps the all group with 2 updates in the / directory: [step-security/harden-runner](https://github.com/step-security/harden-runner) and [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action). Updates `step-security/harden-runner` from 2.10.4 to 2.11.0 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/cb605e52c26070c328afc4562f0b4ada7618a84e...4d991eb9b905ef189e4c376166672c3f2f230481) Updates `golangci/golangci-lint-action` from 6.4.0 to 6.5.0 - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](https://github.com/golangci/golangci-lint-action/compare/0adbc47a5910e47adb692df88187ec8c73c76778...2226d7cb06a077cd73e56eedd38eecad18e5d837) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all ... Signed-off-by: dependabot[bot] --- .github/workflows/cleanupcache.yaml | 2 +- .github/workflows/codeql-analysis.yml | 2 +- .github/workflows/codespell.yaml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/lint.yaml | 4 ++-- .github/workflows/release-azclient-trace.yml | 2 +- .github/workflows/release-azclient.yml | 2 +- .github/workflows/release-cache.yml | 2 +- .github/workflows/release-configloader.yml | 2 +- .github/workflows/release.yaml | 8 ++++---- .github/workflows/scorecards.yml | 2 +- .github/workflows/trivy.yaml | 2 +- .github/workflows/update-trivy-db.yaml | 2 +- .github/workflows/update-vendor-license.yml | 2 +- 14 files changed, 18 insertions(+), 18 deletions(-) diff --git a/.github/workflows/cleanupcache.yaml b/.github/workflows/cleanupcache.yaml index 45dbf9f980..ab44af35ea 100644 --- a/.github/workflows/cleanupcache.yaml +++ b/.github/workflows/cleanupcache.yaml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 with: egress-policy: audit diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 0bf0a4b4ab..3ab089cf89 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -55,7 +55,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 with: egress-policy: audit diff --git a/.github/workflows/codespell.yaml b/.github/workflows/codespell.yaml index a4ae57fc86..1320f62882 100644 --- a/.github/workflows/codespell.yaml +++ b/.github/workflows/codespell.yaml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 with: egress-policy: audit diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 5766990853..3026b2ed4d 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 with: egress-policy: audit diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 64f22735ea..eb72d544e4 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -19,7 +19,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 with: egress-policy: audit - name: Checkout @@ -30,7 +30,7 @@ jobs: go-version: '1.23' check-latest: true - name: golangci-lint - uses: golangci/golangci-lint-action@0adbc47a5910e47adb692df88187ec8c73c76778 # v6.4.0 + uses: golangci/golangci-lint-action@2226d7cb06a077cd73e56eedd38eecad18e5d837 # v6.5.0 with: # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version version: v1.60 diff --git a/.github/workflows/release-azclient-trace.yml b/.github/workflows/release-azclient-trace.yml index 50ca5197e3..64915299bf 100644 --- a/.github/workflows/release-azclient-trace.yml +++ b/.github/workflows/release-azclient-trace.yml @@ -15,7 +15,7 @@ jobs: contents: write steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 with: egress-policy: audit diff --git a/.github/workflows/release-azclient.yml b/.github/workflows/release-azclient.yml index 0553c0ea87..4301b7598d 100644 --- a/.github/workflows/release-azclient.yml +++ b/.github/workflows/release-azclient.yml @@ -19,7 +19,7 @@ jobs: contents: write steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 with: egress-policy: audit diff --git a/.github/workflows/release-cache.yml b/.github/workflows/release-cache.yml index b791224d00..e3865e838d 100644 --- a/.github/workflows/release-cache.yml +++ b/.github/workflows/release-cache.yml @@ -15,7 +15,7 @@ jobs: contents: write steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 with: egress-policy: audit diff --git a/.github/workflows/release-configloader.yml b/.github/workflows/release-configloader.yml index 2f1e944a07..aa19212eea 100644 --- a/.github/workflows/release-configloader.yml +++ b/.github/workflows/release-configloader.yml @@ -15,7 +15,7 @@ jobs: contents: write steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 with: egress-policy: audit diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 51930194b6..9e967d0f05 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -23,7 +23,7 @@ jobs: arch: arm64 steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 with: egress-policy: audit @@ -59,7 +59,7 @@ jobs: arch: amd64 steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 with: egress-policy: audit @@ -111,7 +111,7 @@ jobs: arch: amd64 steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 with: egress-policy: audit @@ -158,7 +158,7 @@ jobs: pull-requests: write steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 with: egress-policy: audit diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 4bf76e0fdc..730fae258a 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -32,7 +32,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 with: egress-policy: audit diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml index bb8b349943..43afd3cf28 100644 --- a/.github/workflows/trivy.yaml +++ b/.github/workflows/trivy.yaml @@ -35,7 +35,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 with: egress-policy: audit diff --git a/.github/workflows/update-trivy-db.yaml b/.github/workflows/update-trivy-db.yaml index f76c6af503..be162c5e25 100644 --- a/.github/workflows/update-trivy-db.yaml +++ b/.github/workflows/update-trivy-db.yaml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 with: egress-policy: audit diff --git a/.github/workflows/update-vendor-license.yml b/.github/workflows/update-vendor-license.yml index 3f32c0c60f..0209005e70 100644 --- a/.github/workflows/update-vendor-license.yml +++ b/.github/workflows/update-vendor-license.yml @@ -37,7 +37,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4 + uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0 with: egress-policy: audit