From cf4b65df265b96c8d9273ced94bafe993332c3bd Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 3 Nov 2025 08:46:04 +0000 Subject: [PATCH] chore(deps): update github-actions --- .github/workflows/build-docs.yaml | 2 +- .github/workflows/build.yaml | 2 +- .github/workflows/check-links.yaml | 2 +- .github/workflows/ci.yaml | 2 +- .github/workflows/helm-lint.yaml | 2 +- .github/workflows/release-please.yaml | 2 +- .github/workflows/release.yaml | 6 +++--- .github/workflows/scorecards.yml | 2 +- .github/workflows/validate-fhir-resources.yaml | 2 +- 9 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/build-docs.yaml b/.github/workflows/build-docs.yaml index c71d8f31c..f60e18e46 100644 --- a/.github/workflows/build-docs.yaml +++ b/.github/workflows/build-docs.yaml @@ -24,7 +24,7 @@ jobs: persist-credentials: true # required for pushing to gh-pages - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: - python-version: "3.13" + python-version: "3.14" - run: pip install --require-hashes -r docs/requirements.txt - run: mkdocs build --strict --verbose --site-dir=./site diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index ab1fc38db..eb4a9afd8 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -174,7 +174,7 @@ jobs: path: /tmp - name: Install Cosign - uses: sigstore/cosign-installer@d7543c93d881b35a8faa02e8e3605f69b7a1ce62 # v3.10.0 + uses: sigstore/cosign-installer@7e8b541eb2e61bf99390e1afd4be13a184e9ebc5 # v3.10.1 - name: Sign image run: | diff --git a/.github/workflows/check-links.yaml b/.github/workflows/check-links.yaml index 03296bb1f..f7780d180 100644 --- a/.github/workflows/check-links.yaml +++ b/.github/workflows/check-links.yaml @@ -22,7 +22,7 @@ jobs: - name: Link Checker id: lychee - uses: lycheeverse/lychee-action@885c65f3dc543b57c898c8099f4e08c8afd178a2 # v2.6.1 + uses: lycheeverse/lychee-action@a8c4c7cb88f0c7386610c35eb25108e448569cb0 # v2.7.0 with: args: "--config=.lychee.toml ." env: diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 05b584631..f362248c6 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -103,7 +103,7 @@ jobs: token: ${{ secrets.MIRACUM_BOT_SEMANTIC_RELEASE_TOKEN }} lint: - uses: miracum/.github/.github/workflows/standard-lint.yaml@53643b5d3c785e94d5d6a1c4119a15d4a3970e26 # v1.16.28 + uses: miracum/.github/.github/workflows/standard-lint.yaml@9e83a2b0b2e5681d913d4decdd18ac4ad6a6091c # v1.18.0 permissions: contents: read pull-requests: write diff --git a/.github/workflows/helm-lint.yaml b/.github/workflows/helm-lint.yaml index eb31d2cc7..c4cd04ef9 100644 --- a/.github/workflows/helm-lint.yaml +++ b/.github/workflows/helm-lint.yaml @@ -12,7 +12,7 @@ jobs: lint: name: Lint Helm Chart runs-on: ubuntu-24.04 - container: ghcr.io/chgl/kube-powertools:v2.4.10@sha256:ad9f9de13edc1b0c24b9ae69935833fb1af0b22719e9d7e867cdb0bb987e94f6 + container: ghcr.io/chgl/kube-powertools:v2.4.21@sha256:4da0e0ec55809c1cfdffb59c6e88cfb163acac9f9bac20a8099774334956ee17 steps: - name: Add workspace as safe directory run: | diff --git a/.github/workflows/release-please.yaml b/.github/workflows/release-please.yaml index 142274294..919f61d63 100644 --- a/.github/workflows/release-please.yaml +++ b/.github/workflows/release-please.yaml @@ -16,6 +16,6 @@ jobs: contents: write pull-requests: write steps: - - uses: googleapis/release-please-action@c2a5a2bd6a758a0937f1ddb1e8950609867ed15c # v4.3.0 + - uses: googleapis/release-please-action@16a9c90856f42705d54a6fda1823352bdc62cf38 # v4.4.0 with: token: ${{ secrets.MIRACUM_BOT_SEMANTIC_RELEASE_TOKEN }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 37eadcea0..8a9b977cb 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -37,7 +37,7 @@ jobs: repo-token: ${{ secrets.GITHUB_TOKEN }} - name: Install Cosign - uses: sigstore/cosign-installer@d7543c93d881b35a8faa02e8e3605f69b7a1ce62 # v3.10.0 + uses: sigstore/cosign-installer@7e8b541eb2e61bf99390e1afd4be13a184e9ebc5 # v3.10.1 - name: Add helm repos and update deps run: | @@ -108,7 +108,7 @@ jobs: publish-kyverno-policies: name: publish kyverno policies runs-on: ubuntu-24.04 - container: ghcr.io/chgl/kube-powertools:v2.4.10@sha256:ad9f9de13edc1b0c24b9ae69935833fb1af0b22719e9d7e867cdb0bb987e94f6 + container: ghcr.io/chgl/kube-powertools:v2.4.21@sha256:4da0e0ec55809c1cfdffb59c6e88cfb163acac9f9bac20a8099774334956ee17 continue-on-error: true steps: - name: Checkout @@ -171,7 +171,7 @@ jobs: echo "hashes=$(base64 -w0 < checksums.sha256)" >> "$GITHUB_OUTPUT" - name: upload assets to release - uses: softprops/action-gh-release@6cbd405e2c4e67a21c47fa9e383d020e4e28b836 # v2.3.3 + uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1 with: files: | dist/*.tgz diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 44f8071a8..a1575965b 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 + uses: github/codeql-action/upload-sarif@5d5cd550d3e189c569da8f16ea8de2d821c9bf7a # v3.31.2 with: sarif_file: results.sarif diff --git a/.github/workflows/validate-fhir-resources.yaml b/.github/workflows/validate-fhir-resources.yaml index f44bce384..43956119d 100644 --- a/.github/workflows/validate-fhir-resources.yaml +++ b/.github/workflows/validate-fhir-resources.yaml @@ -13,7 +13,7 @@ jobs: validate-fhir-resource: name: Validate FHIR resources runs-on: ubuntu-24.04 - container: ghcr.io/miracum/ig-build-tools:v2.2.16@sha256:3f8968c834d309dd3d144d83ef891c0015c86213625bf648fa0c8f0ce9f1b5ce + container: ghcr.io/miracum/ig-build-tools:v2.2.20@sha256:da5eef6ee0404adc95f2c625b2e31f32c6a907c186a766e0620e937c94de9749 steps: - name: Checkout code uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0