From f356739dbc1793016eb33d5838ca073c43f38856 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 May 2026 13:30:55 +0000 Subject: [PATCH] chore(deps): bump the actions group across 1 directory with 6 updates Bumps the actions group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4` | `6` | | [EmbarkStudios/cargo-deny-action](https://github.com/embarkstudios/cargo-deny-action) | `2.0.17` | `2.0.18` | | [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.75.27` | `2.78.1` | | [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) | `6.4.0` | `7.3.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.0.0` | `2.4.3` | | [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) | `8a12e8e2fb6f3c4a4294a8e63b3659af6c08cfe3` | `0fa069c12f0c7baf431041cd1e564a9c5058846c` | Updates `actions/checkout` from 4 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v4...v6) Updates `EmbarkStudios/cargo-deny-action` from 2.0.17 to 2.0.18 - [Release notes](https://github.com/embarkstudios/cargo-deny-action/releases) - [Commits](https://github.com/embarkstudios/cargo-deny-action/compare/91bf2b620e09e18d6eb78b92e7861937469acedb...6c8f9facfa5047ec02d8485b6bf52b587b7777d1) Updates `taiki-e/install-action` from 2.75.27 to 2.78.1 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/7769b73c2ec98c38dfcf2e18c83cfd4880c038c1...184183c2401be73c3bf42c2e61268aa5855379c1) Updates `release-drafter/release-drafter` from 6.4.0 to 7.3.0 - [Release notes](https://github.com/release-drafter/release-drafter/releases) - [Commits](https://github.com/release-drafter/release-drafter/compare/6a93d829887aa2e0748befe2e808c66c0ec6e4c7...c2e2804cc59f45f57076a99af580d0fedb697927) Updates `ossf/scorecard-action` from 2.0.0 to 2.4.3 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/13ec8c77e8a5dae7e0a0d47bde3e3004df15d34f...4eaacf0543bb3f2c246792bd56e8cdeffafb205a) Updates `trufflesecurity/trufflehog` from 8a12e8e2fb6f3c4a4294a8e63b3659af6c08cfe3 to 0fa069c12f0c7baf431041cd1e564a9c5058846c - [Release notes](https://github.com/trufflesecurity/trufflehog/releases) - [Commits](https://github.com/trufflesecurity/trufflehog/compare/8a12e8e2fb6f3c4a4294a8e63b3659af6c08cfe3...0fa069c12f0c7baf431041cd1e564a9c5058846c) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: EmbarkStudios/cargo-deny-action dependency-version: 2.0.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: taiki-e/install-action dependency-version: 2.78.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: release-drafter/release-drafter dependency-version: 7.3.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: ossf/scorecard-action dependency-version: 2.4.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: trufflesecurity/trufflehog dependency-version: 0fa069c12f0c7baf431041cd1e564a9c5058846c dependency-type: direct:production dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/cargo-audit.yml | 2 +- .github/workflows/cargo-deny.yml | 2 +- .github/workflows/cargo-machete.yml | 4 ++-- .github/workflows/cargo-semver-checks.yml | 2 +- .github/workflows/ci.yml | 6 +++--- .github/workflows/codeql.yml | 2 +- .github/workflows/doc-links.yml | 2 +- .github/workflows/fr-coverage.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/quality-gate.yml | 2 +- .github/workflows/release-drafter.yml | 2 +- .github/workflows/scorecard.yml | 2 +- .github/workflows/secrets-scan.yml | 2 +- .github/workflows/trufflehog.yml | 2 +- 14 files changed, 17 insertions(+), 17 deletions(-) diff --git a/.github/workflows/cargo-audit.yml b/.github/workflows/cargo-audit.yml index ce191eca..adaf5b64 100644 --- a/.github/workflows/cargo-audit.yml +++ b/.github/workflows/cargo-audit.yml @@ -18,7 +18,7 @@ jobs: audit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: rustsec/audit-check@69366f33c96575abad1ee0dba8212993eecbe998 with: token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/cargo-deny.yml b/.github/workflows/cargo-deny.yml index b4c031c6..db134eff 100644 --- a/.github/workflows/cargo-deny.yml +++ b/.github/workflows/cargo-deny.yml @@ -26,6 +26,6 @@ jobs: uses: dtolnay/rust-toolchain@stable - name: Run cargo-deny - uses: EmbarkStudios/cargo-deny-action@91bf2b620e09e18d6eb78b92e7861937469acedb # v6 + uses: EmbarkStudios/cargo-deny-action@6c8f9facfa5047ec02d8485b6bf52b587b7777d1 # v6 with: rust-version: stable diff --git a/.github/workflows/cargo-machete.yml b/.github/workflows/cargo-machete.yml index c3eb04d0..33536bb2 100644 --- a/.github/workflows/cargo-machete.yml +++ b/.github/workflows/cargo-machete.yml @@ -18,9 +18,9 @@ jobs: detect-unused-dependencies: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - - uses: taiki-e/install-action@7769b73c2ec98c38dfcf2e18c83cfd4880c038c1 + - uses: taiki-e/install-action@184183c2401be73c3bf42c2e61268aa5855379c1 with: tool: cargo-machete diff --git a/.github/workflows/cargo-semver-checks.yml b/.github/workflows/cargo-semver-checks.yml index 0dc95a7a..be7cf441 100644 --- a/.github/workflows/cargo-semver-checks.yml +++ b/.github/workflows/cargo-semver-checks.yml @@ -11,5 +11,5 @@ jobs: semver-checks: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: obi1kenobi/cargo-semver-checks-action@6b69fcf40e9b5fb17adeb57e4b6ecd020649a239 diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 219692d0..91310b60 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -28,7 +28,7 @@ jobs: - backend/nvms steps: - name: Checkout the code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c with: @@ -51,7 +51,7 @@ jobs: - backend/nvms steps: - name: Checkout the code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c with: @@ -69,7 +69,7 @@ jobs: contents: read steps: - name: Checkout the code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c with: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 83f126f1..e854dc37 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -29,7 +29,7 @@ jobs: matrix: language: ["actions", "go", "javascript"] steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: github/codeql-action/init@b25d0ebf40e5b63ee81e1bd6e5d2a12b7c2aeb61 with: languages: ${{ matrix.language }} diff --git a/.github/workflows/doc-links.yml b/.github/workflows/doc-links.yml index 167e0aa4..f454782b 100644 --- a/.github/workflows/doc-links.yml +++ b/.github/workflows/doc-links.yml @@ -6,5 +6,5 @@ jobs: links: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - run: echo "Doc link check (phenotype-tooling integration)" diff --git a/.github/workflows/fr-coverage.yml b/.github/workflows/fr-coverage.yml index 98eada8a..ea42429c 100644 --- a/.github/workflows/fr-coverage.yml +++ b/.github/workflows/fr-coverage.yml @@ -6,5 +6,5 @@ jobs: coverage: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - run: echo "FR coverage check (phenotype-tooling integration)" diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 948c4b82..0a57d03d 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -4,7 +4,7 @@ jobs: golangci: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - uses: actions/setup-go@0a12ed9e1a4ce4b1a02a5f2dd1e3a9c9e6c7f8b1 with: go-version: 'stable' diff --git a/.github/workflows/quality-gate.yml b/.github/workflows/quality-gate.yml index d7c7cdad..7940cba9 100644 --- a/.github/workflows/quality-gate.yml +++ b/.github/workflows/quality-gate.yml @@ -7,5 +7,5 @@ jobs: runs-on: ubuntu-latest continue-on-error: true steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd - run: echo "Quality gate check (phenotype-tooling integration)" diff --git a/.github/workflows/release-drafter.yml b/.github/workflows/release-drafter.yml index 8b8359cf..b1d7019a 100644 --- a/.github/workflows/release-drafter.yml +++ b/.github/workflows/release-drafter.yml @@ -11,6 +11,6 @@ jobs: update_release_draft: runs-on: ubuntu-latest steps: - - uses: release-drafter/release-drafter@6a93d829887aa2e0748befe2e808c66c0ec6e4c7 + - uses: release-drafter/release-drafter@c2e2804cc59f45f57076a99af580d0fedb697927 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 6f7ca502..aa012370 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -24,7 +24,7 @@ jobs: with: persist-credentials: false - - uses: ossf/scorecard-action@13ec8c77e8a5dae7e0a0d47bde3e3004df15d34f + - uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a with: results_file: results.sarif results_format: sarif diff --git a/.github/workflows/secrets-scan.yml b/.github/workflows/secrets-scan.yml index 4564c392..c9023da9 100644 --- a/.github/workflows/secrets-scan.yml +++ b/.github/workflows/secrets-scan.yml @@ -15,7 +15,7 @@ jobs: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: fetch-depth: 0 - - uses: trufflesecurity/trufflehog@8a12e8e2fb6f3c4a4294a8e63b3659af6c08cfe3 # was: @main + - uses: trufflesecurity/trufflehog@0fa069c12f0c7baf431041cd1e564a9c5058846c # was: @main with: path: ./ base: ${{ github.event.repository.default_branch }} diff --git a/.github/workflows/trufflehog.yml b/.github/workflows/trufflehog.yml index fbdd1770..f813553d 100644 --- a/.github/workflows/trufflehog.yml +++ b/.github/workflows/trufflehog.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd with: fetch-depth: 0 - name: Install Go