From 11f67dcbc65e4012e17807dd3ffed7061ffc82c6 Mon Sep 17 00:00:00 2001 From: Martin Catty Date: Tue, 26 May 2026 11:22:06 -0400 Subject: [PATCH] chore: bump GitHub Actions to v6/v4 and add SECURITY.md Consolidates Dependabot PRs for checkout, setup-go, and codeql-action. Align dependabot.yml with probe workloads (assignees, grouped actions). --- .github/workflows/ci.yml | 2 +- .github/workflows/codeql.yml | 8 ++++---- CHANGELOG.md | 4 ++++ 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 70efc65..8aa6e6d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,7 +16,7 @@ jobs: steps: - uses: actions/checkout@v6 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: "1.23" cache-dependency-path: go.sum diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 46aa171..c940766 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -25,18 +25,18 @@ jobs: steps: - uses: actions/checkout@v6 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: go-version: "1.23" cache-dependency-path: go.sum - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: go - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@v4 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 diff --git a/CHANGELOG.md b/CHANGELOG.md index 2d5540e..87f292f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,10 @@ Downstream agents should note **agent-core** upgrades in their own changelogs. ## [Unreleased] +### Changed + +- CI/CodeQL: bump `actions/setup-go` to v6 and `github/codeql-action` to v4. + ### Security - Repository security aligned with **probe-core**: `SECURITY.md`, Dependabot assignees and grouped GitHub Actions updates, private vulnerability reporting and push protection enabled on GitHub.