From 8bf855943113d5ffc5682215b8c0beb2abf00ee6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 26 May 2026 22:58:37 +0000 Subject: [PATCH] Bump the actions group across 1 directory with 3 updates Bumps the actions group with 3 updates in the / directory: [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request), [actions/download-artifact](https://github.com/actions/download-artifact) and [docker/login-action](https://github.com/docker/login-action). Updates `peter-evans/create-pull-request` from 7.0.11 to 8.1.1 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/22a9089034f40e5a961c8808d113e2c98fb63676...5f6978faf089d4d20b00c7766989d076bb2fc7f1) Updates `actions/download-artifact` from 7.0.0 to 8.0.1 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/37930b1c2abaa49bbe596cd826c3c89aef350131...3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c) Updates `docker/login-action` from 4.1.0 to 4.2.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/4907a6ddec9925e35a0a9e82d7399ccc52663121...650006c6eb7dba73a995cc03b0b2d7f5ca915bee) --- updated-dependencies: - dependency-name: peter-evans/create-pull-request dependency-version: 8.1.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/download-artifact dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: docker/login-action dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/auto-update-templates.yml | 2 +- .github/workflows/docker-image-vulnerability-process.yml | 2 +- .github/workflows/publish-docker.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/auto-update-templates.yml b/.github/workflows/auto-update-templates.yml index f4ea741..464d16e 100644 --- a/.github/workflows/auto-update-templates.yml +++ b/.github/workflows/auto-update-templates.yml @@ -45,7 +45,7 @@ jobs: pinact run -update "${files[@]}" - name: Open PR with updates - uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 + uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 with: commit-message: "ci: Auto-update pinned actions in workflow-templates" title: "ci: Auto-update pinned actions in workflow-templates" diff --git a/.github/workflows/docker-image-vulnerability-process.yml b/.github/workflows/docker-image-vulnerability-process.yml index 0d53e74..2236128 100644 --- a/.github/workflows/docker-image-vulnerability-process.yml +++ b/.github/workflows/docker-image-vulnerability-process.yml @@ -84,7 +84,7 @@ jobs: - name: Download Docker image from tarball if: ${{ inputs.trivyMode == 'tarball' }} - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: ${{ inputs.imageTarName }} path: './${{ inputs.imageTarName }}' diff --git a/.github/workflows/publish-docker.yml b/.github/workflows/publish-docker.yml index 8adcb9d..1bc7773 100644 --- a/.github/workflows/publish-docker.yml +++ b/.github/workflows/publish-docker.yml @@ -77,7 +77,7 @@ jobs: dockerTar: ${{ env.DOCKER_TAR }} - name: Docker Login - uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4 + uses: docker/login-action@650006c6eb7dba73a995cc03b0b2d7f5ca915bee # v4 with: registry: ${{ env.PACKAGE_SERVER }} username: $GITHUB_ACTOR