From 974ec8ca130a937e0ea0b5549a9c19178cca3e94 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 9 Sep 2025 02:04:02 +0000 Subject: [PATCH] Bump the all-github-actions group across 1 directory with 2 updates Bumps the all-github-actions group with 2 updates in the / directory: [actions/setup-go](https://github.com/actions/setup-go) and [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action). Updates `actions/setup-go` from 5 to 6 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v5...v6) Updates `aquasecurity/trivy-action` from 0.32.0 to 0.33.1 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.32.0...0.33.1) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-github-actions - dependency-name: aquasecurity/trivy-action dependency-version: 0.33.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yaml | 2 +- .github/workflows/lint.yaml | 2 +- .github/workflows/test.yaml | 4 ++-- .github/workflows/trivy.yaml | 8 ++++---- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 95229cc..08489bf 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -18,7 +18,7 @@ jobs: steps: - uses: actions/checkout@v5 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: { go-version: stable } - name: Initialize CodeQL diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index b97cc79..8e9cf68 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -13,7 +13,7 @@ jobs: checks: write steps: - uses: actions/checkout@v5 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: { go-version: stable } - uses: golangci/golangci-lint-action@v8 diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 3c6ebdc..1a928f8 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@v5 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: { go-version: stable } - run: make check @@ -28,7 +28,7 @@ jobs: kubernetes: [v1.27, v1.24, v1.21] steps: - uses: actions/checkout@v5 - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: { go-version: stable } - name: Start k3s diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml index d5a02e7..6e8c637 100644 --- a/.github/workflows/trivy.yaml +++ b/.github/workflows/trivy.yaml @@ -17,13 +17,13 @@ jobs: - uses: actions/checkout@v5 # Trivy needs a populated Go module cache to detect Go module licenses. - - uses: actions/setup-go@v5 + - uses: actions/setup-go@v6 with: { go-version: stable } - run: go mod download # Report success only when detected licenses are listed in [/trivy.yaml]. - name: Scan licenses - uses: aquasecurity/trivy-action@0.32.0 + uses: aquasecurity/trivy-action@0.33.1 env: TRIVY_DEBUG: true with: @@ -44,7 +44,7 @@ jobs: # and is a convenience/redundant effort for those who prefer to # read logs and/or if anything goes wrong with the upload. - name: Log all detected vulnerabilities - uses: aquasecurity/trivy-action@0.32.0 + uses: aquasecurity/trivy-action@0.33.1 with: scan-type: filesystem hide-progress: true @@ -56,7 +56,7 @@ jobs: # - https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/uploading-a-sarif-file-to-github # - https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning - name: Report actionable vulnerabilities - uses: aquasecurity/trivy-action@0.32.0 + uses: aquasecurity/trivy-action@0.33.1 with: scan-type: filesystem ignore-unfixed: true