mirrors/sprout
1
0
Fork 0
mirror of https://github.com/edera-dev/sprout.git synced 2026-03-24 16:30:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(deps): bump the actions-updates group across 1 directory with 4 updates

Browse Source 
Bumps the actions-updates group with 4 updates in the / directory: [step-security/harden-runner](https://github.com/step-security/harden-runner), [actions/upload-artifact](https://github.com/actions/upload-artifact), [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `step-security/harden-runner` from 2.14.1 to 2.16.0
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](e3f713f2d8...fa2e9d605c)

Updates `actions/upload-artifact` from 6.0.0 to 7.0.0
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](b7c566a772...bbbca2ddaa)

Updates `actions/attest-build-provenance` from 3.2.0 to 4.1.0
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](96278af6ca...a2bbfa2537)

Updates `actions/create-github-app-token` from 3.0.0.pre.beta.2 to 3
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](bf559f8544...f8d387b68d)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-updates
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-updates
- dependency-name: actions/attest-build-provenance
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-updates
- dependency-name: actions/create-github-app-token
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
This commit is contained in:
dependabot[bot]
2026-03-23 09:22:01 +00:00
committed by GitHub
parent c70d1e4d80
commit 27ac2ce04f
5 changed files with 11 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/ci-actions.yml vendored
View File

@@ -25,7 +25,7 @@ jobs:
actions: read # Needed to analyze action metadata.
steps:
- name: harden runner
uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit