build(deps): bump the ci group across 1 directory with 4 updates

Bumps the ci group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [actions/setup-go](https://github.com/actions/setup-go), [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/checkout` from 4 to 5 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v5) Updates `actions/setup-go` from 5 to 6 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v5...v6) Updates `sigstore/cosign-installer` from 3.8.1 to 3.10.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](https://github.com/sigstore/cosign-installer/compare/v3.8.1...v3.10.0) Updates `github/codeql-action` from 3 to 4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci - dependency-name: sigstore/cosign-installer dependency-version: 3.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci ... Signed-off-by: dependabot[bot] <support@github.com>
2026-02-14 09:59:58 +00:00 · 2025-10-15 08:33:49 +00:00
parent 3dc0658a80
commit 9ed5fcdaa3
6 changed files with 15 additions and 15 deletions
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -19,9 +19,9 @@ jobs:
      labels: ubuntu-latest-16-cores
    steps:
      - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
      - name: Setup Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@v6
        with:
          go-version: 1.25.x
          cache-dependency-path: |
--- a/.github/workflows/e2e.yaml
+++ b/.github/workflows/e2e.yaml
@@ -38,7 +38,7 @@ jobs:
          - knative
    steps:
      - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
      - name: Setup Kubernetes
        uses: helm/kind-action@v1.12.0
        if: matrix.provider != 'skipper'
--- a/.github/workflows/helm.yaml
+++ b/.github/workflows/helm.yaml
@@ -12,7 +12,7 @@ jobs:
    permissions:
      contents: write
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Publish Helm charts
        uses: stefanprodan/helm-gh-pages@v1.7.0
        with:
--- a/.github/workflows/push-ld.yml
+++ b/.github/workflows/push-ld.yml
@@ -16,8 +16,8 @@ jobs:
      id-token: write
      packages: write
    steps:
-      - uses: actions/checkout@v4
-      - uses: sigstore/cosign-installer@v3.8.1
+      - uses: actions/checkout@v5
+      - uses: sigstore/cosign-installer@v3.10.0
      - name: Prepare
        id: prep
        run: |
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -27,13 +27,13 @@ jobs:
      id-token: write # needed for keyless signing
      packages: write # needed for ghcr access
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Setup Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@v6
        with:
          go-version: 1.25.x
      - uses: fluxcd/flux2/action@main
-      - uses: sigstore/cosign-installer@v3.8.1
+      - uses: sigstore/cosign-installer@v3.10.0
      - name: Prepare
        id: prep
        run: |
--- a/.github/workflows/scan.yml
+++ b/.github/workflows/scan.yml
@@ -17,7 +17,7 @@ jobs:
    permissions:
      security-events: write
    steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v5
      - name: Run FOSSA scan and upload build data
        uses: fossa-contrib/fossa-action@v3
        with:
@@ -30,16 +30,16 @@ jobs:
      security-events: write
    steps:
      - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
      - name: Setup Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@v6
        with:
          go-version: 1.25.x
      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
        with:
          languages: go
      - name: Autobuild
-        uses: github/codeql-action/autobuild@v3
+        uses: github/codeql-action/autobuild@v4
      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v4