github: bump the github-dependencies group with 2 updates

Bumps the github-dependencies group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/checkout` from 4.1.7 to 4.2.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](692973e3d9...d632683dd7) Updates `github/codeql-action` from 3.26.8 to 3.26.9 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](294a9d9291...461ef6c76d) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-dependencies - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
2024-11-28 09:14:04 +00:00 · 2024-09-26 15:19:01 +00:00 · 2024-09-26 15:19:01 +00:00 · bd82ab3018
commit bd82ab3018
parent baf25ba482
7 changed files with 17 additions and 17 deletions
--- a/.github/workflows/build-binaries.yml
+++ b/.github/workflows/build-binaries.yml
@ -41,7 +41,7 @@ jobs:

    name: Build binary artifacts
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
      - name: Install packages (Ubuntu)
        if: matrix.os == 'ubuntu-24.04'
        run: |
--- a/.github/workflows/build-nix.yml
+++ b/.github/workflows/build-nix.yml
@ -19,7 +19,7 @@ jobs:

    name: flake check
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
        with:
          fetch-depth: 0
      - uses: DeterminateSystems/nix-installer-action@da36cb69b1c3247ad7a1f931ebfd954a1105ef14
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@ -36,7 +36,7 @@ jobs:
    timeout-minutes: 15

    steps:
-    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+    - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938

    # The default version of gpg installed on the runners is a version baked in with git
    # which only contains the components needed by git and doesn't work for our test cases. 
@ -80,7 +80,7 @@ jobs:
    runs-on: ubuntu-latest

    steps:
-    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+    - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938

    - name: Install Rust
      uses: dtolnay/rust-toolchain@1482605bfc5719782e1267fd0c0cc350fe7646b8
@ -93,7 +93,7 @@ jobs:
    name: Check protos
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
      - uses: dtolnay/rust-toolchain@1482605bfc5719782e1267fd0c0cc350fe7646b8
        with:
          toolchain: stable
@ -107,7 +107,7 @@ jobs:
    name: Check formatting
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
      - uses: dtolnay/rust-toolchain@1482605bfc5719782e1267fd0c0cc350fe7646b8
        with:
          toolchain: nightly
@ -118,7 +118,7 @@ jobs:
    name: Check that MkDocs can build the docs
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
      - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3
        with:
          python-version: 3.11
@ -135,7 +135,7 @@ jobs:
    name: Check that MkDocs can build the docs with Poetry 1.8
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
      - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3
        with:
          python-version: 3.11
@ -166,7 +166,7 @@ jobs:
    continue-on-error: ${{ matrix.checks == 'advisories' }}

    steps:
-    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+    - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
    - uses: EmbarkStudios/cargo-deny-action@8371184bd11e21dcf8ac82ebf8c9c9f74ebf7268
      with:
        command: check ${{ matrix.checks }}
@ -177,7 +177,7 @@ jobs:
      checks: write
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
      - uses: dtolnay/rust-toolchain@1482605bfc5719782e1267fd0c0cc350fe7646b8
        with:
          toolchain: stable
--- a/.github/workflows/codespell.yml
+++ b/.github/workflows/codespell.yml
@ -13,7 +13,7 @@ jobs:
    name: Codespell
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
      - uses: codespell-project/actions-codespell@406322ec52dd7b488e48c1c4b82e2a8b3a1bf630
        with:
          check_filenames: true
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@ -16,7 +16,7 @@ jobs:
    runs-on: ${{ matrix.os }}

    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
      - run:  "git fetch origin gh-pages --depth=1"
      - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3
        with:
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -37,7 +37,7 @@ jobs:
    runs-on: ${{ matrix.os }}
    steps:
    - name: Checkout repository
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
    - name: Install packages (Ubuntu)
      if: matrix.os == 'ubuntu-24.04'
      run: |
@ -96,7 +96,7 @@ jobs:
        run: |
          sudo apt-get update
          sudo apt-get install -y --no-install-recommends xz-utils liblz4-tool musl-tools
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
      - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3
        with:
          python-version: 3.11
@ -127,7 +127,7 @@ jobs:
      contents: write

    steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
      - run:  "git fetch origin gh-pages --depth=1"
      - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3
        with:
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@ -21,7 +21,7 @@ jobs:

    steps:
      - name: "Checkout code"
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
+        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
        with:
          persist-credentials: false

@ -46,6 +46,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3
+        uses: github/codeql-action/upload-sarif@461ef6c76dfe95d5c364de2f431ddbd31a417628
        with:
          sarif_file: results.sarif