From f4f6de129d541b951b7d3e4b0d2a746c9c9a87f5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 26 Jun 2026 22:14:35 +0000 Subject: [PATCH] Bump the actions-all-dependencies group across 1 directory with 4 updates Bumps the actions-all-dependencies group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [ruby/setup-ruby](https://github.com/ruby/setup-ruby), [jdx/mise-action](https://github.com/jdx/mise-action) and [aws-actions/amazon-ecr-login](https://github.com/aws-actions/amazon-ecr-login). Updates `actions/checkout` from 6.0.2 to 7.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0) Updates `ruby/setup-ruby` from 1.310.0 to 1.313.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](https://github.com/ruby/setup-ruby/compare/afeafc3d1ab54a631816aba4c914a0081c12ff2f...89f90524b88a01fe6e0b732220432cc6142926af) Updates `jdx/mise-action` from 4.0.1 to 4.2.0 - [Release notes](https://github.com/jdx/mise-action/releases) - [Changelog](https://github.com/jdx/mise-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/jdx/mise-action/compare/1648a7812b9aeae629881980618f079932869151...e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d) Updates `aws-actions/amazon-ecr-login` from 2.1.5 to 2.1.6 - [Release notes](https://github.com/aws-actions/amazon-ecr-login/releases) - [Changelog](https://github.com/aws-actions/amazon-ecr-login/blob/main/CHANGELOG.md) - [Commits](https://github.com/aws-actions/amazon-ecr-login/compare/fa648b43de3d4d023bcb3f89ed6940096949c419...d539f0932e70871a027e9d5a9d8fc38589180a64) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-all-dependencies - dependency-name: aws-actions/amazon-ecr-login dependency-version: 2.1.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-all-dependencies - dependency-name: jdx/mise-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-all-dependencies - dependency-name: ruby/setup-ruby dependency-version: 1.312.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-all-dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/forms-cli.yml | 4 ++-- ...ardrail_matching_pentester_cidr_blocks.yml | 4 ++-- .../guardrail_tf_version_upgrade.yml | 2 +- .../workflows/guardrail_unique_job_names.yml | 2 +- .github/workflows/pipeline-visualiser.yml | 6 +++--- .github/workflows/pre-commit.yml | 2 +- .../require-pinned-github-actions.yml | 2 +- .github/workflows/reusable-lint-workflows.yml | 2 +- .../reusable-review_apps_on_pr_change.yml | 4 ++-- .github/workflows/ruby-ci.yml | 14 ++++++------- .github/workflows/shell-ci.yml | 2 +- .github/workflows/terraform-ci.yml | 20 +++++++++---------- .github/workflows/update-provider-locks.yml | 4 ++-- 13 files changed, 34 insertions(+), 34 deletions(-) diff --git a/.github/workflows/forms-cli.yml b/.github/workflows/forms-cli.yml index 74d4b7409..06078f492 100644 --- a/.github/workflows/forms-cli.yml +++ b/.github/workflows/forms-cli.yml @@ -19,13 +19,13 @@ jobs: working-directory: support/forms-cli steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Determine Ruby version id: determine-ruby-version run: | echo "RUBY_VERSION=$(cat ../../.ruby-version)" >> "$GITHUB_OUTPUT" - name: Install Ruby and gems - uses: ruby/setup-ruby@afeafc3d1ab54a631816aba4c914a0081c12ff2f # v1.310.0 + uses: ruby/setup-ruby@89f90524b88a01fe6e0b732220432cc6142926af # v1.313.0 with: bundler-cache: true ruby-version: ${{steps.determine-ruby-version.outputs.RUBY_VERSION}} diff --git a/.github/workflows/guardrail_matching_pentester_cidr_blocks.yml b/.github/workflows/guardrail_matching_pentester_cidr_blocks.yml index 978b432b6..7afc05577 100644 --- a/.github/workflows/guardrail_matching_pentester_cidr_blocks.yml +++ b/.github/workflows/guardrail_matching_pentester_cidr_blocks.yml @@ -20,10 +20,10 @@ jobs: name: Check for matching CIDR blocks steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Install `hcl2json` with mise - uses: jdx/mise-action@1648a7812b9aeae629881980618f079932869151 # v4.0.1 + uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4.2.0 with: install_args: hcl2json diff --git a/.github/workflows/guardrail_tf_version_upgrade.yml b/.github/workflows/guardrail_tf_version_upgrade.yml index 8c1c71b33..61cf2ec56 100644 --- a/.github/workflows/guardrail_tf_version_upgrade.yml +++ b/.github/workflows/guardrail_tf_version_upgrade.yml @@ -17,7 +17,7 @@ jobs: name: Leave a comment steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Leave a comment env: diff --git a/.github/workflows/guardrail_unique_job_names.yml b/.github/workflows/guardrail_unique_job_names.yml index 315d23c65..78c22f1c3 100644 --- a/.github/workflows/guardrail_unique_job_names.yml +++ b/.github/workflows/guardrail_unique_job_names.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-24.04-arm steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Ensure unique job names env: diff --git a/.github/workflows/pipeline-visualiser.yml b/.github/workflows/pipeline-visualiser.yml index edee77841..853203f32 100644 --- a/.github/workflows/pipeline-visualiser.yml +++ b/.github/workflows/pipeline-visualiser.yml @@ -16,7 +16,7 @@ jobs: working-directory: support/pipeline-visualiser steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Run docker build run: docker build . @@ -29,13 +29,13 @@ jobs: working-directory: support/pipeline-visualiser steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Determine Ruby version id: determine-ruby-version run: | echo "RUBY_VERSION=$(cat ../../.ruby-version)" >> "$GITHUB_OUTPUT" - name: Install Ruby and gems - uses: ruby/setup-ruby@afeafc3d1ab54a631816aba4c914a0081c12ff2f # v1.310.0 + uses: ruby/setup-ruby@89f90524b88a01fe6e0b732220432cc6142926af # v1.313.0 with: bundler-cache: true ruby-version: ${{steps.determine-ruby-version.outputs.RUBY_VERSION}} diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index ef5c0628f..fa0e55391 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -18,7 +18,7 @@ jobs: pull-requests: write steps: - name: 📦 Check Out Repository Code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 diff --git a/.github/workflows/require-pinned-github-actions.yml b/.github/workflows/require-pinned-github-actions.yml index e6ba5cc5a..bb2e1ad37 100644 --- a/.github/workflows/require-pinned-github-actions.yml +++ b/.github/workflows/require-pinned-github-actions.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-24.04-arm steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Ensure SHA pinned actions uses: zgosalvez/github-actions-ensure-sha-pinned-actions@ca46236c6ce584ae24bc6283ba8dcf4b3ec8a066 # v5.0.4 with: diff --git a/.github/workflows/reusable-lint-workflows.yml b/.github/workflows/reusable-lint-workflows.yml index 64b308889..7132e1184 100644 --- a/.github/workflows/reusable-lint-workflows.yml +++ b/.github/workflows/reusable-lint-workflows.yml @@ -7,7 +7,7 @@ jobs: actionlint: runs-on: ubuntu-slim steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Download actionlint id: get_actionlint run: | diff --git a/.github/workflows/reusable-review_apps_on_pr_change.yml b/.github/workflows/reusable-review_apps_on_pr_change.yml index e6cdf8ad6..298493440 100644 --- a/.github/workflows/reusable-review_apps_on_pr_change.yml +++ b/.github/workflows/reusable-review_apps_on_pr_change.yml @@ -27,10 +27,10 @@ jobs: role-to-assume: arn:aws:iam::${{ inputs.aws-account-number }}:role/review-github-actions-${{ inputs.app-name }} aws-region: ${{ inputs.aws-region }} - name: Log in to Amazon ECR - uses: aws-actions/amazon-ecr-login@fa648b43de3d4d023bcb3f89ed6940096949c419 # v2.1.5 + uses: aws-actions/amazon-ecr-login@d539f0932e70871a027e9d5a9d8fc38589180a64 # v2.1.6 - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Generate container image URI id: generate_image_uri diff --git a/.github/workflows/ruby-ci.yml b/.github/workflows/ruby-ci.yml index 2474a7399..1489a447f 100644 --- a/.github/workflows/ruby-ci.yml +++ b/.github/workflows/ruby-ci.yml @@ -22,10 +22,10 @@ jobs: spec-matrix: ${{ steps.build-matrix.outputs.spec-matrix }} steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Initialise mise and cache `hcl2json` - uses: jdx/mise-action@1648a7812b9aeae629881980618f079932869151 # v4.0.1 + uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4.2.0 with: install_args: hcl2json @@ -46,9 +46,9 @@ jobs: needs: setup steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Install Ruby and gems at root - uses: ruby/setup-ruby@afeafc3d1ab54a631816aba4c914a0081c12ff2f # v1.310.0 + uses: ruby/setup-ruby@89f90524b88a01fe6e0b732220432cc6142926af # v1.313.0 with: bundler-cache: true ruby-version: ${{needs.setup.outputs.ruby-version}} @@ -65,15 +65,15 @@ jobs: spec_target: ${{ fromJSON(needs.setup.outputs.spec-matrix) }} steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Set up hcl2json - uses: jdx/mise-action@1648a7812b9aeae629881980618f079932869151 # v4.0.1 + uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4.2.0 with: install_args: hcl2json - name: "Install Ruby and gems in ${{matrix.spec_target}}" - uses: ruby/setup-ruby@afeafc3d1ab54a631816aba4c914a0081c12ff2f # v1.310.0 + uses: ruby/setup-ruby@89f90524b88a01fe6e0b732220432cc6142926af # v1.313.0 with: bundler-cache: true ruby-version: ${{needs.setup.outputs.ruby-version}} diff --git a/.github/workflows/shell-ci.yml b/.github/workflows/shell-ci.yml index d70c818f8..d4edb7419 100644 --- a/.github/workflows/shell-ci.yml +++ b/.github/workflows/shell-ci.yml @@ -9,7 +9,7 @@ jobs: name: Shell steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Lint shell scripts run: | diff --git a/.github/workflows/terraform-ci.yml b/.github/workflows/terraform-ci.yml index 93ec7e5e5..bee798a35 100644 --- a/.github/workflows/terraform-ci.yml +++ b/.github/workflows/terraform-ci.yml @@ -16,14 +16,14 @@ jobs: has-terraform-changes: ${{ steps.check-changes.outputs.has-changes }} steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: # Grab the last 75 commits. Later on we need to a git diff, and it's # very likely that two commits involved will be inside the last 75 fetch-depth: 75 - name: Initialise mise - uses: jdx/mise-action@1648a7812b9aeae629881980618f079932869151 # v4.0.1 + uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4.2.0 with: github_token: ${{ secrets.MISE_PAT }} # As this is a private repo, we can get API rate limit issues. Use a PAT to avoid this. (The token needs no special permissions.) install_args: go:github.com/hashicorp/terraform-config-inspect @@ -133,10 +133,10 @@ jobs: runs-on: ubuntu-24.04-arm steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Initialise mise - uses: jdx/mise-action@1648a7812b9aeae629881980618f079932869151 # v4.0.1 + uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4.2.0 with: github_token: ${{ secrets.MISE_PAT }} install_args: terraform @@ -156,10 +156,10 @@ jobs: directory: ${{ fromJSON(needs.setup.outputs.validation-matrix) }} steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Initialise mise - uses: jdx/mise-action@1648a7812b9aeae629881980618f079932869151 # v4.0.1 + uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4.2.0 with: github_token: ${{ secrets.MISE_PAT }} install_args: terraform @@ -181,10 +181,10 @@ jobs: runs-on: ubuntu-24.04-arm steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Initialise mise - uses: jdx/mise-action@1648a7812b9aeae629881980618f079932869151 # v4.0.1 + uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4.2.0 with: github_token: ${{ secrets.MISE_PAT }} install_args: tflint @@ -214,10 +214,10 @@ jobs: runs-on: ubuntu-24.04-arm steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Initialise mise - uses: jdx/mise-action@1648a7812b9aeae629881980618f079932869151 # v4.0.1 + uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4.2.0 with: github_token: ${{ secrets.MISE_PAT }} install_args: checkov diff --git a/.github/workflows/update-provider-locks.yml b/.github/workflows/update-provider-locks.yml index b1f0946b8..ec9b8d1d9 100644 --- a/.github/workflows/update-provider-locks.yml +++ b/.github/workflows/update-provider-locks.yml @@ -16,13 +16,13 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: # Use the pull request head ref to ensure we're on the PR branch ref: ${{ github.head_ref }} - name: Install `tfupdate` with mise - uses: jdx/mise-action@1648a7812b9aeae629881980618f079932869151 # v4.0.1 + uses: jdx/mise-action@e6a8b3978addb5a52f2b4cd9d91eafa7f0ab959d # v4.2.0 with: install_args: tfupdate