Bump the dependencies group across 1 directory with 3 updates (#7427)

Bumps the dependencies group with 3 updates in the / directory: [docker/login-action](https://github.com/docker/login-action), [docker/build-push-action](https://github.com/docker/build-push-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `docker/login-action` from 3.1.0 to 3.2.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](e92390c5fb...0d4c9c5ea7) Updates `docker/build-push-action` from 5.3.0 to 5.4.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](2cdde995de...ca052bb54a) Updates `github/codeql-action` from 3.25.6 to 3.25.8 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](9fdb3e4972...2e230e8fe0) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-08-30 18:33:04 +00:00 · 2024-06-11 23:30:09 +10:00 · 2024-06-11 23:30:09 +10:00 · 1a57973b4d
commit 1a57973b4d
parent c834759f07
2 changed files with 4 additions and 4 deletions
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@ -140,14 +140,14 @@ jobs:
          fi
      - name: Login to Dockerhub
        if: github.event_name != 'pull_request' && steps.docker_login.outputs.skip_dockerhub_login != 'true'
-        uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # pin@v3.1.0
+        uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # pin@v3.2.0
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}

      - name: Log into registry ghcr.io
        if: github.event_name != 'pull_request'
-        uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # pin@v3.1.0
+        uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # pin@v3.2.0
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
@ -165,7 +165,7 @@ jobs:
      - name: Push Docker Images
        id: push-docker
        if: github.event_name != 'pull_request'
-        uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # pin@v5.3.0
+        uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # pin@v5.4.0
        with:
          context: .
          file: ./contrib/container/Dockerfile
--- a/.github/workflows/scorecard.yaml
+++ b/.github/workflows/scorecard.yaml
@ -67,6 +67,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6
+        uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8
        with:
          sarif_file: results.sarif