From 4bd472d67738ce03a430aad405b90f3eacc4925a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 17 Jun 2026 07:45:18 +0000 Subject: [PATCH] chore(deps): bump the actions-updates group with 3 updates Bumps the actions-updates group with 3 updates: [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv), [github/codeql-action](https://github.com/github/codeql-action) and [release-plz/action](https://github.com/release-plz/action). Updates `astral-sh/setup-uv` from 8.1.0 to 8.2.0 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](https://github.com/astral-sh/setup-uv/compare/08807647e7069bb48b6ef5acd8ec9567f424441b...fac544c07dec837d0ccb6301d7b5580bf5edae39) Updates `github/codeql-action` from 4.36.1 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/87557b9c84dde89fdd9b10e88954ac2f4248e463...8aad20d150bbac5944a9f9d289da16a4b0d87c1e) Updates `release-plz/action` from 0.5.129 to 0.5.130 - [Release notes](https://github.com/release-plz/action/releases) - [Commits](https://github.com/release-plz/action/compare/064f4d1e36c843611ddf013be726beaa4ad804db...e8792575c7f2366cf6ff3ccc33ead9ace5b691c7) --- updated-dependencies: - dependency-name: astral-sh/setup-uv dependency-version: 8.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-updates - dependency-name: github/codeql-action dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-updates - dependency-name: release-plz/action dependency-version: 0.5.130 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-updates ... Signed-off-by: dependabot[bot] --- .github/workflows/ci-actions.yaml | 4 ++-- .github/workflows/release.yaml | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci-actions.yaml b/.github/workflows/ci-actions.yaml index d481faa..7e4e2f4 100644 --- a/.github/workflows/ci-actions.yaml +++ b/.github/workflows/ci-actions.yaml @@ -29,7 +29,7 @@ jobs: persist-credentials: false - name: Install the latest version of uv - uses: astral-sh/setup-uv@08807647e7069bb48b6ef5acd8ec9567f424441b # v8.1.0 + uses: astral-sh/setup-uv@fac544c07dec837d0ccb6301d7b5580bf5edae39 # v8.2.0 - name: Run zizmor run: uvx zizmor --pedantic --format sarif . > results.sarif @@ -37,7 +37,7 @@ jobs: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@87557b9c84dde89fdd9b10e88954ac2f4248e463 # v4.36.1 + uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 with: sarif_file: results.sarif category: zizmor diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 5fa3396..3dc0117 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -42,7 +42,7 @@ jobs: private-key: "${{ secrets.EDERA_CULTIVATION_APP_PRIVATE_KEY }}" - name: Run release-plz - uses: release-plz/action@064f4d1e36c843611ddf013be726beaa4ad804db # v0.5 + uses: release-plz/action@e8792575c7f2366cf6ff3ccc33ead9ace5b691c7 # v0.5 with: command: release env: @@ -83,7 +83,7 @@ jobs: private-key: "${{ secrets.EDERA_CULTIVATION_APP_PRIVATE_KEY }}" - name: Run release-plz - uses: release-plz/action@064f4d1e36c843611ddf013be726beaa4ad804db # v0.5 + uses: release-plz/action@e8792575c7f2366cf6ff3ccc33ead9ace5b691c7 # v0.5 with: command: release-pr env: