From 1f7c92f762de27c367f80e161de8d9d1937b2b63 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Jun 2026 06:37:09 +0000 Subject: [PATCH] ci: bump the actions group across 1 directory with 5 updates Bumps the actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6.0.3` | `7.0.0` | | [actions/setup-go](https://github.com/actions/setup-go) | `6.4.0` | `6.5.0` | | [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) | `4.1.0` | `4.1.1` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.9.1` | `4.1.2` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `3.0.0` | `3.0.1` | Updates `actions/checkout` from 6.0.3 to 7.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/df4cb1c069e1874edd31b4311f1884172cec0e10...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0) Updates `actions/setup-go` from 6.4.0 to 6.5.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/4a3601121dd01d1626a1e23e37211e3254c1c06c...924ae3a1cded613372ab5595356fb5720e22ba16) Updates `actions/attest-build-provenance` from 4.1.0 to 4.1.1 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32...0f67c3f4856b2e3261c31976d6725780e5e4c373) Updates `sigstore/cosign-installer` from 3.9.1 to 4.1.2 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/398d4b0eeef1380460a10c8013a76f728fb906ac...6f9f17788090df1f26f669e9d70d6ae9567deba6) Updates `softprops/action-gh-release` from 3.0.0 to 3.0.1 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/b4309332981a82ec1c5618f44dd2e27cc8bfbfda...718ea10b132b3b2eba29c1007bb80653f286566b) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/setup-go dependency-version: 6.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/attest-build-provenance dependency-version: 4.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: sigstore/cosign-installer dependency-version: 4.1.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: softprops/action-gh-release dependency-version: 3.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/arm64-build-smoke.yml | 2 +- .github/workflows/bpfcompat-example-hosted.yml | 2 +- .github/workflows/bpfcompat-example.yml | 2 +- .github/workflows/ci.yml | 16 ++++++++-------- .github/workflows/codeql.yml | 4 ++-- .../workflows/compatibility-matrix-publish.yml | 2 +- .github/workflows/firecracker-preflight.yml | 2 +- .github/workflows/kernel-freshness.yml | 4 ++-- .../workflows/latest-kernel-compatibility.yml | 2 +- .github/workflows/multiarch-compatibility.yml | 2 +- .../workflows/profile-catalog-maintenance.yml | 4 ++-- .github/workflows/release-artifacts.yml | 10 +++++----- .github/workflows/scorecard.yml | 2 +- .github/workflows/stability-gate.yml | 4 ++-- .../workflows/upstream-kernel-compatibility.yml | 2 +- 15 files changed, 30 insertions(+), 30 deletions(-) diff --git a/.github/workflows/arm64-build-smoke.yml b/.github/workflows/arm64-build-smoke.yml index 7e79c64..37c9574 100644 --- a/.github/workflows/arm64-build-smoke.yml +++ b/.github/workflows/arm64-build-smoke.yml @@ -27,7 +27,7 @@ jobs: runs-on: ubuntu-24.04-arm timeout-minutes: 25 steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Install dependencies run: | diff --git a/.github/workflows/bpfcompat-example-hosted.yml b/.github/workflows/bpfcompat-example-hosted.yml index 12ebd4a..125669b 100644 --- a/.github/workflows/bpfcompat-example-hosted.yml +++ b/.github/workflows/bpfcompat-example-hosted.yml @@ -33,7 +33,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Report KVM acceleration status shell: bash diff --git a/.github/workflows/bpfcompat-example.yml b/.github/workflows/bpfcompat-example.yml index 694b80d..48c8dc8 100644 --- a/.github/workflows/bpfcompat-example.yml +++ b/.github/workflows/bpfcompat-example.yml @@ -28,7 +28,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Verify KVM availability shell: bash diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 20d47d4..074151d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -41,10 +41,10 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 15 steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 - - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 + - uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6 with: go-version: ${{ env.GO_VERSION }} cache: true @@ -74,10 +74,10 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 - - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 + - uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6 with: go-version: ${{ env.GO_VERSION }} cache: true @@ -112,8 +112,8 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + - uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6 with: go-version: ${{ env.GO_VERSION }} cache: true @@ -127,8 +127,8 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 10 steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + - uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6 with: go-version: ${{ env.GO_VERSION }} cache: true diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 9fd9ceb..77879f4 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -34,10 +34,10 @@ jobs: security-events: write steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Set up Go - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 + uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6 with: go-version: "1.25.11" cache: true diff --git a/.github/workflows/compatibility-matrix-publish.yml b/.github/workflows/compatibility-matrix-publish.yml index 54b540e..3251bf3 100644 --- a/.github/workflows/compatibility-matrix-publish.yml +++ b/.github/workflows/compatibility-matrix-publish.yml @@ -30,7 +30,7 @@ jobs: id-token: write # OIDC for Pages deployment steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Verify KVM availability shell: bash diff --git a/.github/workflows/firecracker-preflight.yml b/.github/workflows/firecracker-preflight.yml index 117b8fd..9ae74e8 100644 --- a/.github/workflows/firecracker-preflight.yml +++ b/.github/workflows/firecracker-preflight.yml @@ -16,7 +16,7 @@ jobs: runs-on: [self-hosted, linux, x64, kvm] timeout-minutes: 20 steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Verify KVM run: | diff --git a/.github/workflows/kernel-freshness.yml b/.github/workflows/kernel-freshness.yml index 2d88e17..cae1aba 100644 --- a/.github/workflows/kernel-freshness.yml +++ b/.github/workflows/kernel-freshness.yml @@ -29,8 +29,8 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 15 steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + - uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6 with: go-version: "1.25.11" cache: true diff --git a/.github/workflows/latest-kernel-compatibility.yml b/.github/workflows/latest-kernel-compatibility.yml index 41e3bbd..89669f4 100644 --- a/.github/workflows/latest-kernel-compatibility.yml +++ b/.github/workflows/latest-kernel-compatibility.yml @@ -40,7 +40,7 @@ jobs: VM_CONCURRENCY: ${{ github.event.inputs.concurrency || '2' }} steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Verify KVM availability shell: bash diff --git a/.github/workflows/multiarch-compatibility.yml b/.github/workflows/multiarch-compatibility.yml index e521b69..72d7976 100644 --- a/.github/workflows/multiarch-compatibility.yml +++ b/.github/workflows/multiarch-compatibility.yml @@ -42,7 +42,7 @@ jobs: timeout-minutes: 75 steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Verify runner virtualization shell: bash diff --git a/.github/workflows/profile-catalog-maintenance.yml b/.github/workflows/profile-catalog-maintenance.yml index 23b13c5..cadc5ed 100644 --- a/.github/workflows/profile-catalog-maintenance.yml +++ b/.github/workflows/profile-catalog-maintenance.yml @@ -17,8 +17,8 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 20 steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + - uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6 with: go-version: "1.25.11" cache: true diff --git a/.github/workflows/release-artifacts.yml b/.github/workflows/release-artifacts.yml index 86c1eb0..c84cb31 100644 --- a/.github/workflows/release-artifacts.yml +++ b/.github/workflows/release-artifacts.yml @@ -46,10 +46,10 @@ jobs: attestations: write # SLSA build-provenance attestations (Sigstore/Rekor) packages: read steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 - - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 + - uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6 with: go-version: ${{ env.GO_VERSION }} cache: true @@ -109,7 +109,7 @@ jobs: # Verify with: gh attestation verify --repo Kernel-Guard/bpfcompat - name: Attest build provenance (tag releases only) if: startsWith(github.ref, 'refs/tags/v') - uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0 + uses: actions/attest-build-provenance@0f67c3f4856b2e3261c31976d6725780e5e4c373 # v4.1.1 with: subject-path: | dist/bpfcompat-linux-amd64 @@ -122,7 +122,7 @@ jobs: sbom-path: dist/bpfcompat.sbom.cdx.json - name: Install cosign if: startsWith(github.ref, 'refs/tags/v') - uses: sigstore/cosign-installer@398d4b0eeef1380460a10c8013a76f728fb906ac # v3 + uses: sigstore/cosign-installer@6f9f17788090df1f26f669e9d70d6ae9567deba6 # v4.1.2 - name: Sign binary + SBOM (tag releases only) if: startsWith(github.ref, 'refs/tags/v') run: | @@ -153,7 +153,7 @@ jobs: # The action consumes these assets at run time to skip building from # source: bpfcompat-linux-amd64, bpfcompat-validator-static-linux-amd64, # and SHA256SUMS for verification. - uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3 + uses: softprops/action-gh-release@718ea10b132b3b2eba29c1007bb80653f286566b # v3 with: files: | dist/bpfcompat-linux-amd64 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 3b86974..a22a13e 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -34,7 +34,7 @@ jobs: contents: read steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/stability-gate.yml b/.github/workflows/stability-gate.yml index 5c68eec..9d45650 100644 --- a/.github/workflows/stability-gate.yml +++ b/.github/workflows/stability-gate.yml @@ -34,8 +34,8 @@ jobs: runs-on: ubuntu-latest timeout-minutes: 25 steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 - - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + - uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6 with: go-version: ${{ env.GO_VERSION }} cache: true diff --git a/.github/workflows/upstream-kernel-compatibility.yml b/.github/workflows/upstream-kernel-compatibility.yml index a1fb900..69a7b2c 100644 --- a/.github/workflows/upstream-kernel-compatibility.yml +++ b/.github/workflows/upstream-kernel-compatibility.yml @@ -24,7 +24,7 @@ jobs: env: VM_CONCURRENCY: ${{ github.event.inputs.concurrency || '1' }} steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Verify virtme-ng/KVM prerequisites run: |