From 99705cc1c38334e7008bfd108ef3e676bc8b9995 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 11 Sep 2025 11:14:54 -0700 Subject: [PATCH] build(deps): bump the github-actions group with 3 updates (#4810) * build(deps): bump the github-actions group with 3 updates Bumps the github-actions group with 3 updates: [actions/setup-go](https://github.com/actions/setup-go), [github/codeql-action](https://github.com/github/codeql-action) and [actions/stale](https://github.com/actions/stale). Updates `actions/setup-go` from 5.5.0 to 6.0.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/d35c59abb061a4a6fb18e82ac0862c26744d6ab5...44694675825211faa026b3c33043df3e48a5fa00) Updates `github/codeql-action` from 3.30.0 to 3.30.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d...d3678e237b9c32a6c9bffb3315c335f976f3549f) Updates `actions/stale` from 9.1.0 to 10.0.0 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/5bef64f19d7facfb25b37b414482c7164d639639...3a9db7e6a41a89f618792c92c0e97cc736e1b13f) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 3.30.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/stale dependency-version: 10.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] * use latest Go version in govulncheck * use sarif output format * add explicit go-version-input and disable sarif output --------- Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: J <1953782+julio-lopez@users.noreply.github.com> --- .github/workflows/code-coverage.yml | 2 +- .github/workflows/compat-test.yml | 2 +- .github/workflows/endurance-test.yml | 2 +- .github/workflows/htmlui-tests.yml | 2 +- .github/workflows/license-check.yml | 2 +- .github/workflows/lint.yml | 5 +++-- .github/workflows/make.yml | 2 +- .github/workflows/ossf-scorecard.yml | 2 +- .github/workflows/providers-core.yml | 2 +- .github/workflows/providers-extra.yml | 2 +- .github/workflows/race-detector.yml | 2 +- .github/workflows/stale.yml | 2 +- .github/workflows/stress-test.yml | 2 +- .github/workflows/tests.yml | 2 +- .github/workflows/volume-shadow-copy-test.yml | 2 +- 15 files changed, 17 insertions(+), 16 deletions(-) diff --git a/.github/workflows/code-coverage.yml b/.github/workflows/code-coverage.yml index d5ddd04e2..84d821a71 100644 --- a/.github/workflows/code-coverage.yml +++ b/.github/workflows/code-coverage.yml @@ -16,7 +16,7 @@ jobs: with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version-file: 'go.mod' check-latest: true diff --git a/.github/workflows/compat-test.yml b/.github/workflows/compat-test.yml index 6a7a7ea2c..de8829b73 100644 --- a/.github/workflows/compat-test.yml +++ b/.github/workflows/compat-test.yml @@ -18,7 +18,7 @@ jobs: with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version-file: 'go.mod' check-latest: true diff --git a/.github/workflows/endurance-test.yml b/.github/workflows/endurance-test.yml index fc184eb24..cd8e68f52 100644 --- a/.github/workflows/endurance-test.yml +++ b/.github/workflows/endurance-test.yml @@ -23,7 +23,7 @@ jobs: with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version-file: 'go.mod' check-latest: true diff --git a/.github/workflows/htmlui-tests.yml b/.github/workflows/htmlui-tests.yml index 31b09aea0..82302548c 100644 --- a/.github/workflows/htmlui-tests.yml +++ b/.github/workflows/htmlui-tests.yml @@ -31,7 +31,7 @@ jobs: with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version-file: 'go.mod' check-latest: true diff --git a/.github/workflows/license-check.yml b/.github/workflows/license-check.yml index d6bf727f6..d7cd39d24 100644 --- a/.github/workflows/license-check.yml +++ b/.github/workflows/license-check.yml @@ -16,7 +16,7 @@ jobs: with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version-file: 'go.mod' check-latest: true diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index be54cd0a7..393dbbc3b 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -30,7 +30,7 @@ jobs: with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version-file: 'go.mod' check-latest: true @@ -39,8 +39,9 @@ jobs: uses: golang/govulncheck-action@b625fbe08f3bccbe446d94fbf87fcc875a4f50ee # v1.0.4 with: cache: false - go-version-input: + go-version-input: '1.24.7' go-version-file: 'go.mod' + # output-format: sarif repo-checkout: false - name: Lint run: make lint diff --git a/.github/workflows/make.yml b/.github/workflows/make.yml index 8e9b9fda8..137b0bfe6 100644 --- a/.github/workflows/make.yml +++ b/.github/workflows/make.yml @@ -40,7 +40,7 @@ jobs: with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version-file: 'go.mod' check-latest: true diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index fc6bbe289..a06070116 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -39,7 +39,7 @@ jobs: - # Upload the results to GitHub's code scanning dashboard. name: "Upload to results to dashboard" - uses: github/codeql-action/upload-sarif@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3.29.5 + uses: github/codeql-action/upload-sarif@d3678e237b9c32a6c9bffb3315c335f976f3549f # v3.29.5 with: sarif_file: results.sarif - diff --git a/.github/workflows/providers-core.yml b/.github/workflows/providers-core.yml index aa24b8489..9423e6d50 100644 --- a/.github/workflows/providers-core.yml +++ b/.github/workflows/providers-core.yml @@ -29,7 +29,7 @@ jobs: fetch-depth: 0 ref: ${{ github.event.inputs.ref_name || github.ref }} - name: Set up Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version-file: 'go.mod' check-latest: true diff --git a/.github/workflows/providers-extra.yml b/.github/workflows/providers-extra.yml index 75e4cdbc4..c952f979a 100644 --- a/.github/workflows/providers-extra.yml +++ b/.github/workflows/providers-extra.yml @@ -29,7 +29,7 @@ jobs: fetch-depth: 0 ref: ${{ github.event.inputs.ref_name || github.ref }} - name: Set up Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version-file: 'go.mod' check-latest: true diff --git a/.github/workflows/race-detector.yml b/.github/workflows/race-detector.yml index 3de314c59..8afb6b114 100644 --- a/.github/workflows/race-detector.yml +++ b/.github/workflows/race-detector.yml @@ -16,7 +16,7 @@ jobs: with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version-file: 'go.mod' check-latest: true diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index b0a88ee44..4b9a4bcfd 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -14,7 +14,7 @@ jobs: stale: runs-on: ubuntu-latest steps: - - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 # v9.1.0 + - uses: actions/stale@3a9db7e6a41a89f618792c92c0e97cc736e1b13f # v10.0.0 with: # process older PRs first ascending: true diff --git a/.github/workflows/stress-test.yml b/.github/workflows/stress-test.yml index b31aa8428..1e31fa45b 100644 --- a/.github/workflows/stress-test.yml +++ b/.github/workflows/stress-test.yml @@ -22,7 +22,7 @@ jobs: with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version-file: 'go.mod' check-latest: true diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 71bf68378..f3efd74f9 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -38,7 +38,7 @@ jobs: with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version-file: 'go.mod' check-latest: true diff --git a/.github/workflows/volume-shadow-copy-test.yml b/.github/workflows/volume-shadow-copy-test.yml index 808109859..cafca9625 100644 --- a/.github/workflows/volume-shadow-copy-test.yml +++ b/.github/workflows/volume-shadow-copy-test.yml @@ -19,7 +19,7 @@ jobs: with: fetch-depth: 0 - name: Set up Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version-file: 'go.mod' check-latest: true