ci(workflows): upgrade GitHub Actions to latest versions

appleboy · claude · appleboy · commit 5cee245fde5a · 2026-03-10T20:47:35.000+08:00
- Upgrade docker/setup-qemu-action from v3 to v4
- Upgrade docker/setup-buildx-action from v3 to v4
- Upgrade docker/login-action from v3 to v4
- Upgrade docker/metadata-action from v5 to v6
- Upgrade docker/build-push-action from v6 to v7
- Upgrade goreleaser/goreleaser-action from v6 to v7
- Upgrade aquasecurity/trivy-action from 0.33.1 to 0.35.0

Co-Authored-By: Claude Opus 4.6 &lt;noreply@anthropic.com&gt;
diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -30,27 +30,27 @@ jobs:
           make build_linux_amd64
           make build_linux_arm64
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@v3
+        uses: docker/setup-qemu-action@v4
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v4
 
       - name: Login to Docker Hub
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
       - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Docker meta
         id: docker-meta
-        uses: docker/metadata-action@v5
+        uses: docker/metadata-action@v6
         with:
           images: |
             ${{ github.repository }}
@@ -62,7 +62,7 @@ jobs:
             type=semver,pattern={{major}}
 
       - name: Build and push
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@v7
         with:
           context: .
           platforms: linux/amd64,linux/arm64
diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml
@@ -23,7 +23,7 @@ jobs:
           go-version: "^1"
 
       - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v6
+        uses: goreleaser/goreleaser-action@v7
         with:
           # either 'goreleaser' (default) or 'goreleaser-pro'
           distribution: goreleaser
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -27,7 +27,7 @@ jobs:
           fetch-depth: 0
 
       - name: Run Trivy vulnerability scanner (source code)
-        uses: aquasecurity/trivy-action@0.33.1
+        uses: aquasecurity/trivy-action@0.35.0
         with:
           scan-type: "fs"
           scan-ref: "."
@@ -44,7 +44,7 @@ jobs:
           sarif_file: "trivy-results.sarif"
 
       - name: Run Trivy scanner (table output for logs)
-        uses: aquasecurity/trivy-action@0.33.1
+        uses: aquasecurity/trivy-action@0.35.0
         if: always()
         with:
           scan-type: "fs"
