mirrors/sprout
1
0
Fork 0
mirror of https://github.com/edera-dev/sprout.git synced 2026-02-04 07:10:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(deps): bump the actions-updates group with 3 updates (#56)

Browse Source 
Bumps the actions-updates group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) and [actions/upload-artifact](https://github.com/actions/upload-artifact).


Updates `step-security/harden-runner` from 2.13.2 to 2.14.0
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](95d9a5deda...20cf305ff2)

Updates `astral-sh/setup-uv` from 7.1.2 to 7.1.6
- [Release notes](https://github.com/astral-sh/setup-uv/releases)
- [Commits](85856786d1...681c641aba)

Updates `actions/upload-artifact` from 5.0.0 to 6.0.0
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](330a01c490...b7c566a772)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-updates
- dependency-name: astral-sh/setup-uv
  dependency-version: 7.1.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-updates
- dependency-name: actions/upload-artifact
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-updates
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This commit is contained in:
dependabot[bot]
2025-12-23 18:54:25 -08:00
committed by GitHub
parent 6a57c72869
commit 45270d3bf3
5 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/ci-actions.yml vendored
View File

@@ -25,7 +25,7 @@ jobs:
actions: read # Needed to analyze action metadata. actions: read # Needed to analyze action metadata.
steps: steps:
- name: harden runner - name: harden runner
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
with: with:
egress-policy: audit egress-policy: audit
@@ -35,7 +35,7 @@ jobs:
persist-credentials: false persist-credentials: false
- name: setup uv - name: setup uv
uses: astral-sh/setup-uv@85856786d1ce8acfbcc2f13a5f3fbd6b938f9f41 # v7.1.2 uses: astral-sh/setup-uv@681c641aba71e4a1c380be3ab5e12ad51f415867 # v7.1.6
- name: zizmor - name: zizmor
run: uvx zizmor --pedantic --format sarif . > results.sarif run: uvx zizmor --pedantic --format sarif . > results.sarif

6
.github/workflows/ci-code.yml vendored
View File

@@ -21,7 +21,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: harden runner - name: harden runner
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
with: with:
egress-policy: audit egress-policy: audit
@@ -51,7 +51,7 @@ jobs:
name: 'build ${{ matrix.arch }}' name: 'build ${{ matrix.arch }}'
steps: steps:
- name: harden runner - name: harden runner
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
with: with:
egress-policy: audit egress-policy: audit
@@ -80,7 +80,7 @@ jobs:
name: 'clippy ${{ matrix.arch }}' name: 'clippy ${{ matrix.arch }}'
steps: steps:
- name: harden runner - name: harden runner
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
with: with:
egress-policy: audit egress-policy: audit

2
.github/workflows/codeql.yml vendored
View File

@@ -37,7 +37,7 @@ jobs:
build-mode: none build-mode: none
steps: steps:
- name: harden runner - name: harden runner
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
with: with:
egress-policy: audit egress-policy: audit

4
.github/workflows/publish.yml vendored
View File

@@ -25,7 +25,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: harden runner - name: harden runner
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
with: with:
egress-policy: audit egress-policy: audit
@@ -43,7 +43,7 @@ jobs:
- name: 'upload artifacts' - name: 'upload artifacts'
id: upload id: upload
uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
with: with:
name: artifacts name: artifacts
path: target/assemble/* path: target/assemble/*

2
.github/workflows/release.yml vendored
View File

@@ -25,7 +25,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: harden runner - name: harden runner
uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2 uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
with: with:
egress-policy: audit egress-policy: audit