From 3206ce9ca681922b112db5660bddfd759b8bd493 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 18 May 2026 02:13:45 +0000 Subject: [PATCH] chore(actions): bump the actions-minor-patch group with 4 updates Bumps the actions-minor-patch group with 4 updates: [github/codeql-action](https://github.com/github/codeql-action), [google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml](https://github.com/google/osv-scanner-action), [pnpm/action-setup](https://github.com/pnpm/action-setup) and [changesets/action](https://github.com/changesets/action). Updates `github/codeql-action` from 4 to 4.35.4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v4...v4.35.4) Updates `google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml` from 2.3.5 to 2.3.8 - [Release notes](https://github.com/google/osv-scanner-action/releases) - [Commits](https://github.com/google/osv-scanner-action/compare/v2.3.5...v2.3.8) Updates `pnpm/action-setup` from 6 to 6.0.7 - [Release notes](https://github.com/pnpm/action-setup/releases) - [Commits](https://github.com/pnpm/action-setup/compare/v6...v6.0.7) Updates `changesets/action` from 1.7.0 to 1.8.0 - [Release notes](https://github.com/changesets/action/releases) - [Changelog](https://github.com/changesets/action/blob/main/CHANGELOG.md) - [Commits](https://github.com/changesets/action/compare/v1.7.0...v1.8.0) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.35.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-minor-patch - dependency-name: google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml dependency-version: 2.3.8 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-minor-patch - dependency-name: pnpm/action-setup dependency-version: 6.0.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-minor-patch - dependency-name: changesets/action dependency-version: 1.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-minor-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 4 ++-- .github/workflows/osv-scanner.yml | 2 +- .github/workflows/prisma-next-e2e.yml | 2 +- .github/workflows/release.yml | 4 ++-- .github/workflows/tests-bench.yml | 2 +- .github/workflows/tests-supply-chain.yml | 2 +- .github/workflows/tests.yml | 4 ++-- 7 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 7ddbf349..a2ac114c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -31,11 +31,11 @@ jobs: uses: actions/checkout@v6 - name: Initialize CodeQL - uses: github/codeql-action/init@v4 + uses: github/codeql-action/init@v4.35.4 with: languages: ${{ matrix.language }} - name: Perform CodeQL Analysis - uses: github/codeql-action/init@v4 + uses: github/codeql-action/init@v4.35.4 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/osv-scanner.yml b/.github/workflows/osv-scanner.yml index 765aa4de..4ab8acbc 100644 --- a/.github/workflows/osv-scanner.yml +++ b/.github/workflows/osv-scanner.yml @@ -19,7 +19,7 @@ permissions: jobs: osv-scan: name: OSV Vulnerability Scan - uses: google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v2.3.5 + uses: google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v2.3.8 with: fail-on-vuln: false scan-args: |- diff --git a/.github/workflows/prisma-next-e2e.yml b/.github/workflows/prisma-next-e2e.yml index ea778a82..9485963c 100644 --- a/.github/workflows/prisma-next-e2e.yml +++ b/.github/workflows/prisma-next-e2e.yml @@ -47,7 +47,7 @@ jobs: - name: Checkout Repo uses: actions/checkout@v6 - - uses: pnpm/action-setup@v6.0.3 + - uses: pnpm/action-setup@v6.0.7 name: Install pnpm with: run_install: false diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 15883445..6fec1b30 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -22,7 +22,7 @@ jobs: - name: Checkout Repo uses: actions/checkout@v6 - - uses: pnpm/action-setup@v6 + - uses: pnpm/action-setup@v6.0.7 name: Install pnpm with: run_install: false @@ -51,7 +51,7 @@ jobs: - name: Publish to npm id: changesets - uses: changesets/action@v1.7.0 + uses: changesets/action@v1.8.0 with: publish: pnpm run release commitMode: 'github-api' diff --git a/.github/workflows/tests-bench.yml b/.github/workflows/tests-bench.yml index 72ff8631..cce2d4f3 100644 --- a/.github/workflows/tests-bench.yml +++ b/.github/workflows/tests-bench.yml @@ -25,7 +25,7 @@ jobs: - name: Checkout Repo uses: actions/checkout@v6 - - uses: pnpm/action-setup@v6 + - uses: pnpm/action-setup@v6.0.7 name: Install pnpm with: run_install: false diff --git a/.github/workflows/tests-supply-chain.yml b/.github/workflows/tests-supply-chain.yml index ce114e3e..70d417ce 100644 --- a/.github/workflows/tests-supply-chain.yml +++ b/.github/workflows/tests-supply-chain.yml @@ -50,7 +50,7 @@ jobs: - name: Checkout Repo uses: actions/checkout@v6 - - uses: pnpm/action-setup@v6 + - uses: pnpm/action-setup@v6.0.7 name: Install pnpm with: run_install: false diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 94756406..6021765d 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -17,7 +17,7 @@ jobs: - name: Checkout Repo uses: actions/checkout@v6 - - uses: pnpm/action-setup@v6 + - uses: pnpm/action-setup@v6.0.7 name: Install pnpm with: run_install: false @@ -111,7 +111,7 @@ jobs: - name: Checkout Repo uses: actions/checkout@v6 - - uses: pnpm/action-setup@v6 + - uses: pnpm/action-setup@v6.0.7 name: Install pnpm with: run_install: false