From c2e26778d6f04d1dfb3277425f2136cc0a836fe6 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 19 Aug 2024 10:04:04 +0000
Subject: [PATCH 1/2] chore(deps): bump the gha group across 1 directory with 4
 updates

Bumps the gha group with 4 updates in the / directory: [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action), [docker/build-push-action](https://github.com/docker/build-push-action), [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) and [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog).


Updates `goreleaser/goreleaser-action` from 5 to 6
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](https://github.com/goreleaser/goreleaser-action/compare/v5...v6)

Updates `docker/build-push-action` from 5 to 6
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v5...v6)

Updates `aquasecurity/trivy-action` from 0.18.0 to 0.24.0
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.18.0...0.24.0)

Updates `trufflesecurity/trufflehog` from 3.71.0 to 3.81.9
- [Release notes](https://github.com/trufflesecurity/trufflehog/releases)
- [Changelog](https://github.com/trufflesecurity/trufflehog/blob/main/.goreleaser.yml)
- [Commits](https://github.com/trufflesecurity/trufflehog/compare/v3.71.0...v3.81.9)

---
updated-dependencies:
- dependency-name: goreleaser/goreleaser-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gha
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gha
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha
- dependency-name: trufflesecurity/trufflehog
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/release.yml                    | 2 +-
 .github/workflows/release_containers.yml         | 2 +-
 .github/workflows/release_containers_webhook.yml | 2 +-
 .github/workflows/security_analysis.yml          | 4 ++--
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 5c002280f..1a76ca8d4 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -20,7 +20,7 @@ jobs:
           go-version-file: go.mod
 
       - name: Launch goreleaser
-        uses: goreleaser/goreleaser-action@v5
+        uses: goreleaser/goreleaser-action@v6
         with:
           args: release
         env:
diff --git a/.github/workflows/release_containers.yml b/.github/workflows/release_containers.yml
index 4ca2d1bb1..a995bdc53 100644
--- a/.github/workflows/release_containers.yml
+++ b/.github/workflows/release_containers.yml
@@ -66,7 +66,7 @@ jobs:
         uses: docker/setup-buildx-action@v3
 
       - name: Build container and push tags
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           push: ${{ github.event_name != 'pull_request' }}
diff --git a/.github/workflows/release_containers_webhook.yml b/.github/workflows/release_containers_webhook.yml
index e8f8c988f..10530fbc9 100644
--- a/.github/workflows/release_containers_webhook.yml
+++ b/.github/workflows/release_containers_webhook.yml
@@ -59,7 +59,7 @@ jobs:
         uses: docker/setup-buildx-action@v3
 
       - name: Build container and push tags
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           push: ${{ github.event_name != 'pull_request' }}
diff --git a/.github/workflows/security_analysis.yml b/.github/workflows/security_analysis.yml
index 3dfdad1e2..875a29d66 100644
--- a/.github/workflows/security_analysis.yml
+++ b/.github/workflows/security_analysis.yml
@@ -46,7 +46,7 @@ jobs:
           docker build . -t kubesec:${{ github.sha }}
 
       - name: Run Trivy
-        uses: aquasecurity/trivy-action@0.18.0
+        uses: aquasecurity/trivy-action@0.24.0
         with:
           image-ref: kubesec:${{ github.sha }}
           format: template
@@ -69,7 +69,7 @@ jobs:
         with:
           fetch-depth: 0
       - name: Run Trufflehog
-        uses: trufflesecurity/trufflehog@v3.71.0
+        uses: trufflesecurity/trufflehog@v3.81.9
         with:
           path: ./
           base: ""

From 1b2190b6d173ad6f7febe150e33597a6d13853fc Mon Sep 17 00:00:00 2001
From: Jack Kelly <jack@control-plane.io>
Date: Mon, 19 Aug 2024 11:10:16 +0100
Subject: [PATCH 2/2] chore: update goreleaser config for v2

---
 .goreleaser.yml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.goreleaser.yml b/.goreleaser.yml
index 51bcc1901..0c8f58bb7 100644
--- a/.goreleaser.yml
+++ b/.goreleaser.yml
@@ -1,3 +1,5 @@
+---
+version: 2
 before:
   hooks:
     - go mod tidy