build(deps): Bump the actions group with 5 updates (#128)

Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
IAreKyleW00t · Jan 30, 2025 · a93916f · a93916f
1 parent 1ac2e8d
commit a93916f
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 8 deletions.
diff --git a/.github/workflows/cache-sync.yml b/.github/workflows/cache-sync.yml
@@ -21,7 +21,7 @@ jobs:
     if: github.event.pull_request.merged == true
     steps:
       - name: Install regctl
-        uses: iarekylew00t/regctl-installer@2ffd9b1e2a92af799ab0a9202e992b0d2111d50a # v3.0.11
+        uses: iarekylew00t/regctl-installer@4093cbf98a177c61c113db687e59ad52505eef8c # v3.0.12
 
       - name: Copy PR build cache to branch
         shell: bash

diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
@@ -87,7 +87,7 @@ jobs:
         uses: sigstore/cosign-installer@dc72c7d5c4d10cd6bcb8cf6e3fd625a9e5e537da # v3.7.0
 
       - name: Install regctl
-        uses: iarekylew00t/regctl-installer@2ffd9b1e2a92af799ab0a9202e992b0d2111d50a # v3.0.11
+        uses: iarekylew00t/regctl-installer@4093cbf98a177c61c113db687e59ad52505eef8c # v3.0.12
 
       - name: Set up QEMU
         uses: docker/setup-qemu-action@53851d14592bedcffcf25ea515637cff71ef929a # v3.3.0
@@ -116,7 +116,7 @@ jobs:
           echo "'$WORKFLOW_NAME' completed!"
 
       - name: Build CI Docker image
-        uses: docker/build-push-action@67a2d409c0a876cbe6b11854e3e25193efe4e62d # v6.12.0
+        uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0
         id: build
         with:
           context: .
@@ -231,7 +231,7 @@ jobs:
 
       - name: Publish final Docker image
         id: publish
-        uses: docker/build-push-action@67a2d409c0a876cbe6b11854e3e25193efe4e62d # v6.12.0
+        uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0
         with:
           context: .
           push: true
@@ -252,7 +252,7 @@ jobs:
 
       # This will automatically attach the SBOM to the release
       - name: Generate final Docker image SBOM
-        uses: anchore/sbom-action@df80a981bc6edbc4e220a492d3cbe9f5547a6e75 # v0.17.9
+        uses: anchore/sbom-action@f325610c9f50a54015d37c8d16cb3b0e2c8f4de0 # v0.18.0
         with:
           format: spdx-json
           image: ${{ needs.metadata.outputs.image-name }}@${{ steps.publish.outputs.digest }}

diff --git a/.github/workflows/readme-versions.yml b/.github/workflows/readme-versions.yml
@@ -70,7 +70,7 @@ jobs:
 
       - name: Push changes back to PR
         if: steps.changed.outputs.changed == 'true'
-        uses: iarekylew00t/verified-bot-commit@ce43e207b10e1789517c2a8dab3a362e6096746f # v1.0.9
+        uses: iarekylew00t/verified-bot-commit@1c7707882a8619579f3e109ba20917e1a0fae2ea # v1.0.10
         with:
           ref: ${{ github.event.pull_request.head.ref }}
           message: "docs: Updating README for v${{ steps.caddy.outputs.version }}"

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -34,7 +34,7 @@ jobs:
           output: trivy-results.sarif
 
       - name: Upload scan results
-        uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
+        uses: github/codeql-action/upload-sarif@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5
         if: cancelled() == false
         with:
           sarif_file: trivy-results.sarif
@@ -77,7 +77,7 @@ jobs:
           output: trivy-results.sarif
 
       - name: Upload scan results
-        uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
+        uses: github/codeql-action/upload-sarif@f6091c0113d1dcf9b98e269ee48e8a7e51b7bdd4 # v3.28.5
         if: cancelled() == false
         with:
           sarif_file: trivy-results.sarif