…2 updates
Bumps the actions-updates group with 12 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.14.0` | `2.19.4` |
| [actions/checkout](https://github.com/actions/checkout) | `6.0.1` | `7.0.0` |
| [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) | `7.1.6` | `8.2.0` |
| [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) | `4.31.9` | `4.36.2` |
| [azure/setup-helm](https://github.com/azure/setup-helm) | `4.3.1` | `5.0.1` |
| [actions/setup-python](https://github.com/actions/setup-python) | `6.1.0` | `6.3.0` |
| [helm/kind-action](https://github.com/helm/kind-action) | `1.13.0` | `1.14.0` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.12.0` | `4.1.0` |
| [docker/login-action](https://github.com/docker/login-action) | `3.6.0` | `4.2.0` |
| [docker/metadata-action](https://github.com/docker/metadata-action) | `5.10.0` | `6.1.0` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `6.18.0` | `7.2.0` |
| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `4.0.0` | `4.1.2` |
Updates `step-security/harden-runner` from 2.14.0 to 2.19.4
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](step-security/harden-runner@20cf305...9af89fc)
Updates `actions/checkout` from 6.0.1 to 7.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@8e8c483...9c091bb)
Updates `astral-sh/setup-uv` from 7.1.6 to 8.2.0
- [Release notes](https://github.com/astral-sh/setup-uv/releases)
- [Commits](astral-sh/setup-uv@681c641...fac544c)
Updates `github/codeql-action/upload-sarif` from 4.31.9 to 4.36.2
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@5d4e8d1...8aad20d)
Updates `azure/setup-helm` from 4.3.1 to 5.0.1
- [Release notes](https://github.com/azure/setup-helm/releases)
- [Changelog](https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md)
- [Commits](Azure/setup-helm@1a275c3...9bc31f4)
Updates `actions/setup-python` from 6.1.0 to 6.3.0
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@83679a8...ece7cb0)
Updates `helm/kind-action` from 1.13.0 to 1.14.0
- [Release notes](https://github.com/helm/kind-action/releases)
- [Commits](helm/kind-action@92086f6...ef37e7f)
Updates `docker/setup-buildx-action` from 3.12.0 to 4.1.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@8d2750c...d7f5e7f)
Updates `docker/login-action` from 3.6.0 to 4.2.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@5e57cd1...650006c)
Updates `docker/metadata-action` from 5.10.0 to 6.1.0
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](docker/metadata-action@c299e40...80c7e94)
Updates `docker/build-push-action` from 6.18.0 to 7.2.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@2634353...f9f3042)
Updates `sigstore/cosign-installer` from 4.0.0 to 4.1.2
- [Release notes](https://github.com/sigstore/cosign-installer/releases)
- [Commits](sigstore/cosign-installer@faadad0...6f9f177)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-version: 2.19.4
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: actions-updates
- dependency-name: actions/checkout
dependency-version: 7.0.0
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: actions-updates
- dependency-name: astral-sh/setup-uv
dependency-version: 8.2.0
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: actions-updates
- dependency-name: github/codeql-action/upload-sarif
dependency-version: 4.36.2
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: actions-updates
- dependency-name: azure/setup-helm
dependency-version: 5.0.1
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: actions-updates
- dependency-name: actions/setup-python
dependency-version: 6.3.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: actions-updates
- dependency-name: helm/kind-action
dependency-version: 1.14.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: actions-updates
- dependency-name: docker/setup-buildx-action
dependency-version: 4.1.0
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: actions-updates
- dependency-name: docker/login-action
dependency-version: 4.2.0
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: actions-updates
- dependency-name: docker/metadata-action
dependency-version: 6.1.0
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: actions-updates
- dependency-name: docker/build-push-action
dependency-version: 7.2.0
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: actions-updates
- dependency-name: sigstore/cosign-installer
dependency-version: 4.1.2
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: actions-updates
...
Signed-off-by: dependabot[bot] <support@github.com>
Bumps the actions-updates group with 12 updates in the / directory:
2.14.02.19.46.0.17.0.07.1.68.2.04.31.94.36.24.3.15.0.16.1.06.3.01.13.01.14.03.12.04.1.03.6.04.2.05.10.06.1.06.18.07.2.04.0.04.1.2Updates
step-security/harden-runnerfrom 2.14.0 to 2.19.4Release notes
Sourced from step-security/harden-runner's releases.
... (truncated)
Commits
9af89fcMerge pull request #667 from step-security/update-agent-v1.8.6485dce8Update agent to v1.8.6ab7a940Merge pull request #665 from step-security/fix/use-policy-store-default-auditec41b78Default to audit mode when api-key missing with use-policy-store9ca718dMerge pull request #664 from step-security/update-agent-v1.8.51dee3dfUpdate agent to v1.8.5a5ad31dMerge pull request #657 from devantler/fix/ubuntu-slim-user-env6e92856build dist and trim ubuntu-slim message4e0504eMerge branch 'main' into fix/ubuntu-slim-user-env8d3c67dRelease v2.19.0 (#661)Updates
actions/checkoutfrom 6.0.1 to 7.0.0Release notes
Sourced from actions/checkout's releases.
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
9c091bbupdate error wording (#2467)1044a6dgetting ready for checkout v7 release (#2464)f028218Bump the minor-npm-dependencies group across 1 directory with 3 updates (#2462)d914b26upgrade module to esm and update dependencies (#2463)537c7efBump@actions/coreand@actions/tool-cacheand Remove uuid (#2459)130a169Bump js-yaml from 4.1.0 to 4.2.0 (#2461)7d09575Bump flatted from 3.3.1 to 3.4.2 (#2460)0f9f3aaBump actions/publish-immutable-action (#2458)f9e715ablock checking out fork pr for pull_request_target and workflow_run (#2454)df4cb1cUpdate changelog for v6.0.3 (#2446)Updates
astral-sh/setup-uvfrom 7.1.6 to 8.2.0Release notes
Sourced from astral-sh/setup-uv's releases.
... (truncated)
Commits
fac544cchore(deps): roll up dependabot updates (#903)7390f77docs: update dependabot rollup biome guidance (#902)363c64achore(deps): roll up dependabot updates (#901)c4fcbafchore(deps): bump release-drafter/release-drafter from 7.3.0 to 7.3.1 (#900)8e642c5chore: update known checksums for 0.11.18 (#899)a92cb43Add quiet input to suppress info-level log output (#898)e07f2acchore(deps): bump eifinger/actionlint-action from 1.10.1 to 1.10.2 (#842)bc4034echore(deps): bump github/codeql-action from 4.35.4 to 4.36.0 (#893)df42d4fchore(deps): bump zizmorcore/zizmor-action from 0.5.5 to 0.5.6 (#891)b9c8c4cfeat: adddownload-from-astral-mirrorinput (#897)Updates
github/codeql-action/upload-sariffrom 4.31.9 to 4.36.2Release notes
Sourced from github/codeql-action/upload-sarif's releases.
... (truncated)
Changelog
Sourced from github/codeql-action/upload-sarif's changelog.
... (truncated)
Commits
8aad20dMerge pull request #3949 from github/update-v4.36.2-dcb947ce1f521b08Add additional changelog notes8aeff0fUpdate changelog for v4.36.2dcb947cMerge pull request #3948 from github/update-bundle/codeql-bundle-v2.25.6c251bceAdd changelog note62953c1Update default bundle to codeql-bundle-v2.25.6423b570Merge pull request #3946 from github/dependabot/npm_and_yarn/npm-minor-5d507a...c35d1b1Merge pull request #3947 from github/dependabot/github_actions/dot-github/wor...cb1a588Merge pull request #3937 from github/robertbrignull/waitForProcessing_backoffba47406Merge pull request #3943 from github/henrymercer/cache-cli-version-infoUpdates
azure/setup-helmfrom 4.3.1 to 5.0.1Release notes
Sourced from azure/setup-helm's releases.
Changelog
Sourced from azure/setup-helm's changelog.
... (truncated)
Commits
9bc31f4build95ecf49Bump version to 5.0.1 and update CHANGELOG with recent changes (#287)4180b1cBump the actions group with 2 updates (#285)6949b7fBump undici (#284)51ce767Bump actions/checkout in /.github/workflows in the actions group (#286)d6da4f4Bump the actions group with 5 updates (#283)7e2bc10Bump actions/checkout in /.github/workflows in the actions group (#280)64d6be9Bump the actions group with 2 updates (#279)69214f9fix: use chmod 755 instead of 777 for downloaded helm binary and folder (#278)9dad99fBump vitest from 4.1.7 to 4.1.8 in the actions group (#277)Updates
actions/setup-pythonfrom 6.1.0 to 6.3.0Rele...
Description has been truncated