ci(deps): bump the github-actions group with 3 updates (#696)

Bumps the github-actions group with 3 updates: [step-security/harden-runner](https://github.com/step-security/harden-runner), [docker/build-push-action](https://github.com/docker/build-push-action) and [marocchino/sticky-pull-request-comment](https://github.com/marocchino/sticky-pull-request-comment). Updates `step-security/harden-runner` from 2.10.3 to 2.10.4 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@c95a14d...cb605e5) Updates `docker/build-push-action` from 6.11.0 to 6.12.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@b32b51a...67a2d40) Updates `marocchino/sticky-pull-request-comment` from 2.9.0 to 2.9.1 - [Release notes](https://github.com/marocchino/sticky-pull-request-comment/releases) - [Commits](marocchino/sticky-pull-request-comment@331f8f5...52423e0) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: marocchino/sticky-pull-request-comment dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
philips-software · Jan 21, 2025 · 15ab319 · 15ab319
1 parent 49d301d
commit 15ab319
Show file tree

Hide file tree

Showing 5 changed files with 8 additions and 8 deletions.
diff --git a/.github/workflows/acceptance-test.yml b/.github/workflows/acceptance-test.yml
@@ -19,7 +19,7 @@ jobs:
   test:
     runs-on: ubuntu-latest
     steps:
-      - uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
+      - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
         with:
           egress-policy: audit
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

diff --git a/.github/workflows/build-push.yml b/.github/workflows/build-push.yml
@@ -33,7 +33,7 @@ jobs:
       matrix:
         flavor: ["cpp", "rust"]
     steps:
-      - uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
+      - uses: step-security/harden-runner@cb605e52c26070c328afc4562f0b4ada7618a84e # v2.10.4
         with:
           egress-policy: audit
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -82,7 +82,7 @@ jobs:
         id: devcontainer-metadata
       - run: echo "git-commit-epoch=$(git log -1 --pretty=%ct)" >> "$GITHUB_OUTPUT"
         id: devcontainer-epoch
-      - uses: docker/build-push-action@b32b51a8eda65d6793cd0494a773d4f6bcef32dc # v6.11.0
+      - uses: docker/build-push-action@67a2d409c0a876cbe6b11854e3e25193efe4e62d # v6.12.0
         id: build-and-push
         env:
           SOURCE_DATE_EPOCH: ${{ steps.devcontainer-epoch.outputs.git-commit-epoch }}
@@ -103,7 +103,7 @@ jobs:
         with:
           from-container: ${{ env.REGISTRY }}/${{ github.repository }}-${{ matrix.flavor }}:latest
           to-container: ${{ env.REGISTRY }}/${{ github.repository }}-${{ matrix.flavor }}@${{ steps.build-and-push.outputs.digest }}
-      - uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31 # v2.9.0
+      - uses: marocchino/sticky-pull-request-comment@52423e01640425a022ef5fd42c6fb5f633a02728 # v2.9.1
         with:
           header: container-size-diff-${{ matrix.flavor }}
           message: |

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -26,7 +26,7 @@ jobs:
         with:
           persist-credentials: false
       - uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
-      - uses: docker/build-push-action@b32b51a8eda65d6793cd0494a773d4f6bcef32dc # v6.11.0
+      - uses: docker/build-push-action@67a2d409c0a876cbe6b11854e3e25193efe4e62d # v6.12.0
         with:
           file: .devcontainer/${{ matrix.flavor }}/Dockerfile
           load: true

diff --git a/.github/workflows/pr-conventional-title.yml b/.github/workflows/pr-conventional-title.yml
@@ -26,7 +26,7 @@ jobs:
             doesn't start with an uppercase character.
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      - uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31 # v2.9.0
+      - uses: marocchino/sticky-pull-request-comment@52423e01640425a022ef5fd42c6fb5f633a02728 # v2.9.1
         if: always() && steps.pr-title.outputs.error_message != null
         with:
           header: pr-title-lint-error
@@ -40,7 +40,7 @@ jobs:
             ${{ steps.pr-title.outputs.error_message }}
 
       - if: steps.pr-title.outputs.error_message == null
-        uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31 # v2.9.0
+        uses: marocchino/sticky-pull-request-comment@52423e01640425a022ef5fd42c6fb5f633a02728 # v2.9.1
         with:
           header: pr-title-lint-error
           delete: true
diff --git a/.github/workflows/prime-cache.yml b/.github/workflows/prime-cache.yml
@@ -36,7 +36,7 @@ jobs:
               "root-ccache": "/root/.ccache"
             }
           skip-extraction: ${{ steps.buildkit-cache.outputs.cache-hit }}
-      - uses: docker/build-push-action@b32b51a8eda65d6793cd0494a773d4f6bcef32dc # v6.11.0
+      - uses: docker/build-push-action@67a2d409c0a876cbe6b11854e3e25193efe4e62d # v6.12.0
         with:
           file: .devcontainer/${{ matrix.flavor }}/Dockerfile
           platforms: linux/amd64,linux/arm64