From c90d2ed3871c49e74b678f8a95587277a900fec9 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 17 Jul 2026 08:10:50 +0000 Subject: [PATCH] chore(deps): bump the actions group with 6 updates Bumps the actions group with 6 updates: | Package | From | To | | --- | --- | --- | | [github/codeql-action/init](https://github.com/github/codeql-action) | `4.37.0` | `4.37.1` | | [github/codeql-action/analyze](https://github.com/github/codeql-action) | `4.37.0` | `4.37.1` | | [hyperpolymath/a2ml-validate-action](https://github.com/hyperpolymath/a2ml-validate-action) | `6bff6ec134fc977e86d25166a5c522ddea5c1e78` | `55e8c28bab4e7f2399fdbd57a6da1051369f3847` | | [hyperpolymath/k9-validate-action](https://github.com/hyperpolymath/k9-validate-action) | `2d96f43c538964b097d159ed3a56ba5b5ceca227` | `7c3c0e9fa5165626e74ecce78109b3295b798b92` | | [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.83.0` | `2.83.3` | | [hyperpolymath/panic-attack/.github/workflows/scan-and-report.yml](https://github.com/hyperpolymath/panic-attack) | `4591649f42b16089a9b1d4eaf3bb2f780c23e8ac` | `485ca54610aa1ffc663639c5d43c39452f6897cc` | Updates `github/codeql-action/init` from 4.37.0 to 4.37.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/99df26d4f13ea111d4ec1a7dddef6063f76b97e9...7188fc363630916deb702c7fdcf4e481b751f97a) Updates `github/codeql-action/analyze` from 4.37.0 to 4.37.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/99df26d4f13ea111d4ec1a7dddef6063f76b97e9...7188fc363630916deb702c7fdcf4e481b751f97a) Updates `hyperpolymath/a2ml-validate-action` from 6bff6ec134fc977e86d25166a5c522ddea5c1e78 to 55e8c28bab4e7f2399fdbd57a6da1051369f3847 - [Release notes](https://github.com/hyperpolymath/a2ml-validate-action/releases) - [Changelog](https://github.com/hyperpolymath/a2ml-validate-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/hyperpolymath/a2ml-validate-action/compare/6bff6ec134fc977e86d25166a5c522ddea5c1e78...55e8c28bab4e7f2399fdbd57a6da1051369f3847) Updates `hyperpolymath/k9-validate-action` from 2d96f43c538964b097d159ed3a56ba5b5ceca227 to 7c3c0e9fa5165626e74ecce78109b3295b798b92 - [Release notes](https://github.com/hyperpolymath/k9-validate-action/releases) - [Changelog](https://github.com/hyperpolymath/k9-validate-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/hyperpolymath/k9-validate-action/compare/2d96f43c538964b097d159ed3a56ba5b5ceca227...7c3c0e9fa5165626e74ecce78109b3295b798b92) Updates `taiki-e/install-action` from 2.83.0 to 2.83.3 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/taiki-e/install-action/compare/c7eb1735f09259a5035e8e5d44b1406b1cddc0fb...ed67fa35ac944f3a9b33f12c4dd43b6f31a47e20) Updates `hyperpolymath/panic-attack/.github/workflows/scan-and-report.yml` from 4591649f42b16089a9b1d4eaf3bb2f780c23e8ac to 485ca54610aa1ffc663639c5d43c39452f6897cc - [Release notes](https://github.com/hyperpolymath/panic-attack/releases) - [Changelog](https://github.com/hyperpolymath/panic-attack/blob/main/CHANGELOG.md) - [Commits](https://github.com/hyperpolymath/panic-attack/compare/4591649f42b16089a9b1d4eaf3bb2f780c23e8ac...485ca54610aa1ffc663639c5d43c39452f6897cc) --- updated-dependencies: - dependency-name: github/codeql-action/init dependency-version: 4.37.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: github/codeql-action/analyze dependency-version: 4.37.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: hyperpolymath/a2ml-validate-action dependency-version: 55e8c28bab4e7f2399fdbd57a6da1051369f3847 dependency-type: direct:production dependency-group: actions - dependency-name: hyperpolymath/k9-validate-action dependency-version: 7c3c0e9fa5165626e74ecce78109b3295b798b92 dependency-type: direct:production dependency-group: actions - dependency-name: taiki-e/install-action dependency-version: 2.83.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: hyperpolymath/panic-attack/.github/workflows/scan-and-report.yml dependency-version: 485ca54610aa1ffc663639c5d43c39452f6897cc dependency-type: direct:production dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 4 ++-- .github/workflows/dogfood-gate.yml | 4 ++-- .github/workflows/mvp-smoke.yml | 2 +- .github/workflows/s4-loop.yml | 2 +- .github/workflows/security-scan.yml | 2 +- 5 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 24cf5aa3..af373edf 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -39,12 +39,12 @@ jobs: uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Initialize CodeQL - uses: github/codeql-action/init@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v3 + uses: github/codeql-action/init@7188fc363630916deb702c7fdcf4e481b751f97a # v3 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v3 + uses: github/codeql-action/analyze@7188fc363630916deb702c7fdcf4e481b751f97a # v3 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/dogfood-gate.yml b/.github/workflows/dogfood-gate.yml index 6db05be1..0c80de91 100644 --- a/.github/workflows/dogfood-gate.yml +++ b/.github/workflows/dogfood-gate.yml @@ -45,7 +45,7 @@ jobs: - name: Validate A2ML manifests if: steps.detect.outputs.count > 0 - uses: hyperpolymath/a2ml-validate-action@6bff6ec134fc977e86d25166a5c522ddea5c1e78 # main + uses: hyperpolymath/a2ml-validate-action@55e8c28bab4e7f2399fdbd57a6da1051369f3847 # main with: path: '.' strict: 'false' @@ -94,7 +94,7 @@ jobs: - name: Validate K9 contracts if: steps.detect.outputs.k9_count > 0 - uses: hyperpolymath/k9-validate-action@2d96f43c538964b097d159ed3a56ba5b5ceca227 # main + uses: hyperpolymath/k9-validate-action@7c3c0e9fa5165626e74ecce78109b3295b798b92 # main with: path: '.' strict: 'false' diff --git a/.github/workflows/mvp-smoke.yml b/.github/workflows/mvp-smoke.yml index d049dd20..249358e0 100644 --- a/.github/workflows/mvp-smoke.yml +++ b/.github/workflows/mvp-smoke.yml @@ -39,7 +39,7 @@ jobs: uses: Swatinem/rust-cache@65012b490220f477f20ab979e35ae732e6de4e68 # v2 - name: Install just - uses: taiki-e/install-action@c7eb1735f09259a5035e8e5d44b1406b1cddc0fb # v2.83.0 + uses: taiki-e/install-action@ed67fa35ac944f3a9b33f12c4dd43b6f31a47e20 # v2.83.3 with: # Governance R1 requires versioned family-tool pins # (just|must|trust|adjust|bust|dust|intend); bare `tool: just` diff --git a/.github/workflows/s4-loop.yml b/.github/workflows/s4-loop.yml index b8dc7b9e..3fb23b89 100644 --- a/.github/workflows/s4-loop.yml +++ b/.github/workflows/s4-loop.yml @@ -39,7 +39,7 @@ jobs: - name: Cache Cargo uses: Swatinem/rust-cache@65012b490220f477f20ab979e35ae732e6de4e68 # v2 - name: Install just - uses: taiki-e/install-action@c7eb1735f09259a5035e8e5d44b1406b1cddc0fb # v2.83.0 + uses: taiki-e/install-action@ed67fa35ac944f3a9b33f12c4dd43b6f31a47e20 # v2.83.3 with: tool: just@1.51.0 - name: Install system dependencies diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml index 0938dab6..8c560676 100644 --- a/.github/workflows/security-scan.yml +++ b/.github/workflows/security-scan.yml @@ -20,6 +20,6 @@ permissions: jobs: scan: - uses: hyperpolymath/panic-attack/.github/workflows/scan-and-report.yml@4591649f42b16089a9b1d4eaf3bb2f780c23e8ac # main 2026-07-07 (skip dispatch without VERISIMDB_PAT) + uses: hyperpolymath/panic-attack/.github/workflows/scan-and-report.yml@485ca54610aa1ffc663639c5d43c39452f6897cc # main 2026-07-07 (skip dispatch without VERISIMDB_PAT) secrets: VERISIMDB_PAT: ${{ secrets.VERISIMDB_PAT }}