From 93b9f493b25d9c0461d7692379dee90e3c2c86ea Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 22 Mar 2026 15:46:52 +0000 Subject: [PATCH] chore(deps): bump the actions group with 3 updates Bumps the actions group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [actions/cache](https://github.com/actions/cache) and [ossf/scorecard-action](https://github.com/ossf/scorecard-action). Updates `actions/checkout` from 4.1.7 to 6.0.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4.1.7...de0fac2e4500dabe0009e67214ff5f5447ce83dd) Updates `actions/cache` from 4.2.3 to 5.0.4 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4.2.3...668228422ae6a00e4ad889ee87cd7109ec5666a7) Updates `ossf/scorecard-action` from 2.4.0 to 2.4.3 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/v2.4.0...4eaacf0543bb3f2c246792bd56e8cdeffafb205a) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/cache dependency-version: 5.0.4 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: ossf/scorecard-action dependency-version: 2.4.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/boj-build.yml | 2 +- .github/workflows/casket-pages.yml | 2 +- .github/workflows/compilation_tests.yml | 6 +++--- .github/workflows/lean-verification.yml | 2 +- .github/workflows/scorecard.yml | 2 +- .github/workflows/validation.yml | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/boj-build.yml b/.github/workflows/boj-build.yml index 410dc3c..ddeab5d 100644 --- a/.github/workflows/boj-build.yml +++ b/.github/workflows/boj-build.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Trigger BoJ Server (Casket/ssg-mcp) run: | # Send a secure trigger to boj-server to build this repository diff --git a/.github/workflows/casket-pages.yml b/.github/workflows/casket-pages.yml index 587a8cd..1f8cdc7 100644 --- a/.github/workflows/casket-pages.yml +++ b/.github/workflows/casket-pages.yml @@ -35,7 +35,7 @@ jobs: cabal-version: '3.10' - name: Cache Cabal - uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v4 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v4 with: path: | ~/.cabal/packages diff --git a/.github/workflows/compilation_tests.yml b/.github/workflows/compilation_tests.yml index 028bd05..e24d152 100644 --- a/.github/workflows/compilation_tests.yml +++ b/.github/workflows/compilation_tests.yml @@ -51,19 +51,19 @@ jobs: toolchain: ${{ matrix.rust }} - name: Cache cargo registry - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v4 with: path: ~/.cargo/registry key: ${{ runner.os }}-cargo-registry-${{ hashFiles('**/Cargo.lock') }} - name: Cache cargo index - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v4 with: path: ~/.cargo/git key: ${{ runner.os }}-cargo-index-${{ hashFiles('**/Cargo.lock') }} - name: Cache cargo build - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v4 with: path: impl/rust-cli/target key: ${{ runner.os }}-cargo-build-${{ matrix.rust }}-${{ hashFiles('**/Cargo.lock') }} diff --git a/.github/workflows/lean-verification.yml b/.github/workflows/lean-verification.yml index 975ff78..9a89893 100644 --- a/.github/workflows/lean-verification.yml +++ b/.github/workflows/lean-verification.yml @@ -45,7 +45,7 @@ jobs: toolchain: stable - name: Cache Lean build - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v4 with: path: proofs/lean4/.lake key: ${{ runner.os }}-lean-${{ hashFiles('proofs/lean4/lakefile.lean', 'proofs/lean4/lean-toolchain') }} diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 0088c99..8088d30 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -21,7 +21,7 @@ jobs: persist-credentials: false - name: Run Scorecard - uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 + uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3 with: results_file: results.sarif results_format: sarif diff --git a/.github/workflows/validation.yml b/.github/workflows/validation.yml index ca12995..bb6fedb 100644 --- a/.github/workflows/validation.yml +++ b/.github/workflows/validation.yml @@ -24,7 +24,7 @@ jobs: components: rustfmt, clippy - name: Cache Rust dependencies - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4 + uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v4 with: path: | ~/.cargo/bin/