From b7b2130f5831e0288855bd68f70831031b4ab99f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 15 Dec 2025 00:06:49 +0000 Subject: [PATCH 1/2] Bump actions/cache from 4 to 5 Bumps [actions/cache](https://github.com/actions/cache) from 4 to 5. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4...v5) --- updated-dependencies: - dependency-name: actions/cache dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- action.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/action.yml b/action.yml index 8357f88..6d7f081 100644 --- a/action.yml +++ b/action.yml @@ -56,7 +56,7 @@ runs: - name: Mount devbox cli cache if: inputs.refresh-cli == 'false' id: cache-devbox-cli - uses: actions/cache/restore@v4 + uses: actions/cache/restore@v5 with: path: ~/.local/bin/devbox key: ${{ runner.os }}-${{ runner.arch }}-devbox-cli-${{ env.latest_version }} @@ -105,7 +105,7 @@ runs: - name: Save devbox cli cache if: inputs.refresh-cli == 'false' && steps.cache-devbox-cli.outputs.cache-hit != 'true' - uses: actions/cache/save@v4 + uses: actions/cache/save@v5 with: path: ~/.local/bin/devbox key: ${{ runner.os }}-${{ runner.arch }}-devbox-cli-${{ env.latest_version }} @@ -195,7 +195,7 @@ runs: - name: Mount nix store cache id: cache-devbox-nix-store if: inputs.enable-cache == 'true' - uses: actions/cache/restore@v4 + uses: actions/cache/restore@v5 with: path: | ~/.cache/devbox @@ -223,7 +223,7 @@ runs: - name: Save nix store cache if: inputs.enable-cache == 'true' && steps.cache-devbox-nix-store.outputs.cache-hit != 'true' - uses: actions/cache/save@v4 + uses: actions/cache/save@v5 with: path: | ~/.cache/devbox From 06c8a66ecc499221dd41ef8373ac490a35397946 Mon Sep 17 00:00:00 2001 From: John Lago <750845+Lagoja@users.noreply.github.com> Date: Fri, 6 Feb 2026 14:50:51 -0800 Subject: [PATCH 2/2] Pin actions/cache to SHA for v5 Use commit SHA instead of version tag for improved supply chain security. Co-Authored-By: Claude Opus 4.5 --- action.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/action.yml b/action.yml index 6d7f081..60773fc 100644 --- a/action.yml +++ b/action.yml @@ -56,7 +56,7 @@ runs: - name: Mount devbox cli cache if: inputs.refresh-cli == 'false' id: cache-devbox-cli - uses: actions/cache/restore@v5 + uses: actions/cache/restore@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5 with: path: ~/.local/bin/devbox key: ${{ runner.os }}-${{ runner.arch }}-devbox-cli-${{ env.latest_version }} @@ -105,7 +105,7 @@ runs: - name: Save devbox cli cache if: inputs.refresh-cli == 'false' && steps.cache-devbox-cli.outputs.cache-hit != 'true' - uses: actions/cache/save@v5 + uses: actions/cache/save@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5 with: path: ~/.local/bin/devbox key: ${{ runner.os }}-${{ runner.arch }}-devbox-cli-${{ env.latest_version }} @@ -195,7 +195,7 @@ runs: - name: Mount nix store cache id: cache-devbox-nix-store if: inputs.enable-cache == 'true' - uses: actions/cache/restore@v5 + uses: actions/cache/restore@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5 with: path: | ~/.cache/devbox @@ -223,7 +223,7 @@ runs: - name: Save nix store cache if: inputs.enable-cache == 'true' && steps.cache-devbox-nix-store.outputs.cache-hit != 'true' - uses: actions/cache/save@v5 + uses: actions/cache/save@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5 with: path: | ~/.cache/devbox