build(deps): bump the ci group across 1 directory with 3 updates

Bumps the ci group with 3 updates in the / directory: [anchore/sbom-action](https://github.com/anchore/sbom-action), [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `anchore/sbom-action` from 0.17.5 to 0.17.8 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](anchore/sbom-action@1ca97d9...55dc4ee) Updates `goreleaser/goreleaser-action` from 6.0.0 to 6.1.0 - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](goreleaser/goreleaser-action@286f3b1...9ed2f89) Updates `github/codeql-action` from 3.27.0 to 3.27.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@6624720...f09c1c0) --- updated-dependencies: - dependency-name: anchore/sbom-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci - dependency-name: goreleaser/goreleaser-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: ci - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: ci ... Signed-off-by: dependabot[bot] <[email protected]>
stefanprodan · Nov 25, 2024 · 82b01a8 · 82b01a8
1 parent 53b4f41
commit 82b01a8
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 5 deletions.
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -28,10 +28,10 @@ jobs:
           go-version: 1.23.x
           cache: false
       - name: Setup Syft
-        uses: anchore/sbom-action/download-syft@1ca97d9028b51809cf6d3c934c3e160716e1b605 # v0.17.5
+        uses: anchore/sbom-action/download-syft@55dc4ee22412511ee8c3142cbea40418e6cec693 # v0.17.8
       - name: Run GoReleaser
         id: run-goreleaser
-        uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0
+        uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf # v6.1.0
         with:
           version: latest
           args: release --skip=validate

diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
@@ -28,10 +28,10 @@ jobs:
             **/go.sum
             **/go.mod
       - name: Init
-        uses: github/codeql-action/init@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
+        uses: github/codeql-action/init@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
         with:
           languages: go
       - name: Build
-        uses: github/codeql-action/autobuild@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
+        uses: github/codeql-action/autobuild@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
       - name: Analyze
-        uses: github/codeql-action/analyze@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
+        uses: github/codeql-action/analyze@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5