From 521e45c1030e93c723be43619832ea69068ccd2d Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 21 Nov 2025 03:00:52 +0000 Subject: [PATCH 1/2] Bump actions/checkout from 5 to 6 Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v5...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/build.yml | 6 +++--- .github/workflows/dependency-review.yml | 2 +- .github/workflows/docker-image-security-scan.yml | 2 +- .github/workflows/lint.yml | 6 +++--- .github/workflows/release.yml | 4 ++-- .github/workflows/security.yml | 4 ++-- 6 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9f926f0..b7d29cd 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -11,7 +11,7 @@ jobs: minimal: ${{ steps.go-version.outputs.minimal }} matrix: ${{ steps.go-version.outputs.matrix }} steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - uses: arnested/go-version-action@v1 id: go-version go_generate: @@ -21,7 +21,7 @@ jobs: env: workdir: go/src/${{ github.repository }} steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: path: ${{env.workdir}} - name: Install Go ${{ needs.go-version.outputs.minimal }} @@ -46,7 +46,7 @@ jobs: matrix: go-version: ${{ fromJSON(needs.go-version.outputs.matrix) }} steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Install Go ${{ matrix.go-version }} uses: WillAbides/setup-go-faster@v1.14.0 with: diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index e40fa41..838dbb3 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: 'Checkout Repository' - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: 'Dependency Review' uses: actions/dependency-review-action@v4 with: diff --git a/.github/workflows/docker-image-security-scan.yml b/.github/workflows/docker-image-security-scan.yml index 5fba44f..b10fd96 100644 --- a/.github/workflows/docker-image-security-scan.yml +++ b/.github/workflows/docker-image-security-scan.yml @@ -9,7 +9,7 @@ jobs: if: '!github.event.deleted' runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Set up Docker Buildx id: buildx uses: docker/setup-buildx-action@master diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 8c77c1b..f6dc4e4 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -9,7 +9,7 @@ jobs: name: dockerfile runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Run hadolint uses: hadolint/hadolint-action@v3.3.0 with: @@ -19,7 +19,7 @@ jobs: name: markdown runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Run markdownlint uses: DavidAnson/markdownlint-cli2-action@v21 @@ -27,7 +27,7 @@ jobs: name: lint runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - uses: arnested/go-version-action@v1 id: go-version - name: Install Go ${{ steps.go-version.outputs.minimal }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 634c324..f4f1863 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -15,7 +15,7 @@ jobs: bump-version: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: fetch-depth: 0 - uses: arnested/go-version-action@v1 @@ -97,7 +97,7 @@ jobs: name: Docker build and push runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Set up Docker Buildx id: buildx uses: docker/setup-buildx-action@master diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 819a24c..3e13785 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -21,7 +21,7 @@ jobs: GO111MODULE: on steps: - name: Checkout Source - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Run Gosec Security Scanner uses: securego/gosec@master with: @@ -35,7 +35,7 @@ jobs: name: Govulncheck runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - uses: arnested/go-version-action@v1 id: go-version with: From 31aad86190cc2a4c33b393a06d2fa9a18b6abb56 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Arne=20J=C3=B8rgensen?= Date: Mon, 24 Nov 2025 09:29:14 +0100 Subject: [PATCH 2/2] No need to checkout the code - it's already checked out --- .github/workflows/security.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 3e13785..353e261 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -46,6 +46,7 @@ jobs: go-version-input: ${{ steps.go-version.outputs.latest }} output-format: sarif output-file: results.sarif + repo-checkout: false - name: Fix SARIF format run: yq --inplace --output-format json '.runs |= map ({"results":[]} + .)' results.sarif - name: Upload SARIF file