shishantbiswas/coder
1
0
Fork 0
mirror of https://github.com/coder/coder.git synced 2026-06-02 20:48:20 +00:00
Code Issues Packages Projects Releases Wiki Activity

ci: bump the github-actions group across 1 directory with 9 updates (#23345)

Browse Source 
Bumps the github-actions group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [crate-ci/typos](https://github.com/crate-ci/typos) | `1.40.0` |
`1.44.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact)
| `6.0.0` | `7.0.0` |
| [docker/login-action](https://github.com/docker/login-action) |
`3.7.0` | `4.0.0` |
| [actions/attest](https://github.com/actions/attest) | `3.2.0` |
`4.1.0` |
|
[tj-actions/changed-files](https://github.com/tj-actions/changed-files)
| `47.0.1` | `47.0.5` |
|
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
| `3.12.0` | `4.0.0` |
|
[linear/linear-release-action](https://github.com/linear/linear-release-action)
| `0.4.0` | `0.5.0` |
|
[benc-uk/workflow-dispatch](https://github.com/benc-uk/workflow-dispatch)
| `1.2.4` | `1.3.1` |
|
[aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action)
| `c1824fd6edce30d7ab345a9989de00bbd46ef284` |
`57a97c7e7821a5776cebc9bb87c984fa69cba8f1` |
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.14.2` | `2.16.0` |


Updates `crate-ci/typos` from 1.40.0 to 1.44.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/releases">crate-ci/typos's
releases</a>.</em></p>
<blockquote>
<h2>v1.44.0</h2>
<h2>[1.44.0] - 2026-02-27</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1488">February
2026</a> changes</li>
</ul>
<h2>v1.43.5</h2>
<h2>[1.43.5] - 2026-02-16</h2>
<h3>Fixes</h3>
<ul>
<li><em>(pypi)</em> Hopefully fix the sdist build</li>
</ul>
<h2>v1.43.4</h2>
<h2>[1.43.4] - 2026-02-09</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>pincher</code></li>
</ul>
<h2>v1.43.3</h2>
<h2>[1.43.3] - 2026-02-06</h2>
<h3>Fixes</h3>
<ul>
<li><em>(action)</em> Adjust how typos are reported to github</li>
</ul>
<h2>v1.43.2</h2>
<h2>[1.43.2] - 2026-02-05</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>certifi</code> in Python</li>
</ul>
<h2>v1.43.1</h2>
<h2>[1.43.1] - 2026-02-03</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>consts</code></li>
</ul>
<h2>v1.43.0</h2>
<h2>[1.43.0] - 2026-02-02</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1453">January
2026</a> changes</li>
</ul>
<h2>v1.42.3</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/crate-ci/typos/blob/master/CHANGELOG.md">crate-ci/typos's
changelog</a>.</em></p>
<blockquote>
<h1>Change Log</h1>
<p>All notable changes to this project will be documented in this
file.</p>
<p>The format is based on <a href="https://keepachangelog.com/">Keep a
Changelog</a>
and this project adheres to <a href="https://semver.org/">Semantic
Versioning</a>.</p>
<!-- raw HTML omitted -->
<h2>[Unreleased] - ReleaseDate</h2>
<h2>[1.44.0] - 2026-02-27</h2>
<h3>Features</h3>
<ul>
<li>Updated the dictionary with the <a
href="https://redirect.github.com/crate-ci/typos/issues/1488">February
2026</a> changes</li>
</ul>
<h2>[1.43.5] - 2026-02-16</h2>
<h3>Fixes</h3>
<ul>
<li><em>(pypi)</em> Hopefully fix the sdist build</li>
</ul>
<h2>[1.43.4] - 2026-02-09</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>pincher</code></li>
</ul>
<h2>[1.43.3] - 2026-02-06</h2>
<h3>Fixes</h3>
<ul>
<li><em>(action)</em> Adjust how typos are reported to github</li>
</ul>
<h2>[1.43.2] - 2026-02-05</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>certifi</code> in Python</li>
</ul>
<h2>[1.43.1] - 2026-02-03</h2>
<h3>Fixes</h3>
<ul>
<li>Don't correct <code>consts</code></li>
</ul>
<h2>[1.43.0] - 2026-02-02</h2>
<h3>Compatibility</h3>
<ul>
<li>Bumped MSRV to 1.91</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/crate-ci/typos/commit/631208b7aac2daa8b707f55e7331f9112b0e062d"><code>631208b</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/3d3c6e376823e66c4f3e2583fc47b8be83b66d71"><code>3d3c6e3</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/ba1f545443d223c6bc2c821dad76c210fa78b46f"><code>ba1f545</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/102f66c093f0eb1a69937d3d1c589d5f16c5569b"><code>102f66c</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1510">#1510</a>
from epage/feb</li>
<li><a
href="https://github.com/crate-ci/typos/commit/d303c9398affd88fc562292a2ec9433a37817b28"><code>d303c93</code></a>
feat(dict): February updates</li>
<li><a
href="https://github.com/crate-ci/typos/commit/30eea72e385d435c00a24eeba0d96f87048f42ec"><code>30eea72</code></a>
chore(ci): Update pre-build binary workflow</li>
<li><a
href="https://github.com/crate-ci/typos/commit/57b11c6b7e54c402ccd9cda953f1072ec4f78e33"><code>57b11c6</code></a>
chore: Release</li>
<li><a
href="https://github.com/crate-ci/typos/commit/105ced22a5a7fedc36cbef6e5dec31b708e9ec5b"><code>105ced2</code></a>
docs: Update changelog</li>
<li><a
href="https://github.com/crate-ci/typos/commit/4f89be7e4a7933f8d9693a9da7a9e9258a8671ba"><code>4f89be7</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1504">#1504</a>
from schnellerhase/bump-maturin</li>
<li><a
href="https://github.com/crate-ci/typos/commit/d8547ad9c141d0e2c568b2344f0804a446ff25ab"><code>d8547ad</code></a>
Merge pull request <a
href="https://redirect.github.com/crate-ci/typos/issues/1503">#1503</a>
from 1195343015/patch-1</li>
<li>Additional commits viewable in <a
href="https://github.com/crate-ci/typos/compare/2d0ce569feab1f8752f1dde43cc2f2aa53236e06...631208b7aac2daa8b707f55e7331f9112b0e062d">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/upload-artifact` from 6.0.0 to 7.0.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-artifact/releases">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.0</h2>
<h2>v7 What's new</h2>
<h3>Direct Uploads</h3>
<p>Adds support for uploading single files directly (unzipped). Callers
can set the new <code>archive</code> parameter to <code>false</code> to
skip zipping the file during upload. Right now, we only support single
files. The action will fail if the glob passed resolves to multiple
files. The <code>name</code> parameter is also ignored with this
setting. Instead, the name of the artifact will be the name of the
uploaded file.</p>
<h3>ESM</h3>
<p>To support new versions of the <code>@actions/*</code> packages,
we've upgraded the package to ESM.</p>
<h2>What's Changed</h2>
<ul>
<li>Add proxy integration test by <a
href="https://github.com/Link"><code>@​Link</code></a>- in <a
href="https://redirect.github.com/actions/upload-artifact/pull/754">actions/upload-artifact#754</a></li>
<li>Upgrade the module to ESM and bump dependencies by <a
href="https://github.com/danwkennedy"><code>@​danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/upload-artifact/pull/762">actions/upload-artifact#762</a></li>
<li>Support direct file uploads by <a
href="https://github.com/danwkennedy"><code>@​danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/upload-artifact/pull/764">actions/upload-artifact#764</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Link"><code>@​Link</code></a>- made
their first contribution in <a
href="https://redirect.github.com/actions/upload-artifact/pull/754">actions/upload-artifact#754</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v6...v7.0.0">https://github.com/actions/upload-artifact/compare/v6...v7.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f"><code>bbbca2d</code></a>
Support direct file uploads (<a
href="https://redirect.github.com/actions/upload-artifact/issues/764">#764</a>)</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296"><code>589182c</code></a>
Upgrade the module to ESM and bump dependencies (<a
href="https://redirect.github.com/actions/upload-artifact/issues/762">#762</a>)</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5"><code>47309c9</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-artifact/issues/754">#754</a>
from actions/Link-/add-proxy-integration-tests</li>
<li><a
href="https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0"><code>02a8460</code></a>
Add proxy integration test</li>
<li>See full diff in <a
href="https://github.com/actions/upload-artifact/compare/b7c566a772e6b6bfb58ed0dc250532a479d7789f...bbbca2ddaa5d8feaa63e36b76fdaad77386f024f">compare
view</a></li>
</ul>
</details>
<br />

Updates `docker/login-action` from 3.7.0 to 4.0.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/login-action/releases">docker/login-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<ul>
<li>Node 24 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions
Runner v2.327.1</a> or later) by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/929">docker/login-action#929</a></li>
<li>Switch to ESM and update config/test wiring by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/login-action/pull/927">docker/login-action#927</a></li>
<li>Bump <code>@​actions/core</code> from 1.11.1 to 3.0.0 in <a
href="https://redirect.github.com/docker/login-action/pull/919">docker/login-action#919</a></li>
<li>Bump <code>@​aws-sdk/client-ecr</code> from 3.890.0 to 3.1000.0 in
<a
href="https://redirect.github.com/docker/login-action/pull/909">docker/login-action#909</a>
<a
href="https://redirect.github.com/docker/login-action/pull/920">docker/login-action#920</a></li>
<li>Bump <code>@​aws-sdk/client-ecr-public</code> from 3.890.0 to
3.1000.0 in <a
href="https://redirect.github.com/docker/login-action/pull/909">docker/login-action#909</a>
<a
href="https://redirect.github.com/docker/login-action/pull/920">docker/login-action#920</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.63.0 to 0.77.0 in
<a
href="https://redirect.github.com/docker/login-action/pull/910">docker/login-action#910</a>
<a
href="https://redirect.github.com/docker/login-action/pull/928">docker/login-action#928</a></li>
<li>Bump <code>@​isaacs/brace-expansion</code> from 5.0.0 to 5.0.1 in <a
href="https://redirect.github.com/docker/login-action/pull/921">docker/login-action#921</a></li>
<li>Bump js-yaml from 4.1.0 to 4.1.1 in <a
href="https://redirect.github.com/docker/login-action/pull/901">docker/login-action#901</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/login-action/compare/v3.7.0...v4.0.0">https://github.com/docker/login-action/compare/v3.7.0...v4.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/login-action/commit/b45d80f862d83dbcd57f89517bcf500b2ab88fb2"><code>b45d80f</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/929">#929</a>
from crazy-max/node24</li>
<li><a
href="https://github.com/docker/login-action/commit/176cb9c12abea98dfe844071c0999ff6ee9688a7"><code>176cb9c</code></a>
node 24 as default runtime</li>
<li><a
href="https://github.com/docker/login-action/commit/cad89843109a11cb6f69f52fe695c42cf69d57d3"><code>cad8984</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/920">#920</a>
from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...</li>
<li><a
href="https://github.com/docker/login-action/commit/92cbcb231ed341e7dc71693351b21f5ba65f8349"><code>92cbcb2</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/login-action/commit/5a2d6a71bd3e0cb4abb6faae33f3dde61ece8e5b"><code>5a2d6a7</code></a>
build(deps): bump the aws-sdk-dependencies group with 2 updates</li>
<li><a
href="https://github.com/docker/login-action/commit/44512b6b2e08b878e82b107b394fcd1af5748e63"><code>44512b6</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/928">#928</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/login-action/commit/28737a5e46bc0c62910ef429b2e55f9cabbbd5df"><code>28737a5</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/login-action/commit/dac079354afbd8db4c3b58b8cc6946573479b2a6"><code>dac0793</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.76.0 to
0.77.0</li>
<li><a
href="https://github.com/docker/login-action/commit/62029f315d6d05c8646343320e4a1552e5f1c77a"><code>62029f3</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/login-action/issues/919">#919</a>
from docker/dependabot/npm_and_yarn/actions/core-3.0.0</li>
<li><a
href="https://github.com/docker/login-action/commit/08c8f064bf22a1c55918ee608a81d87b13cc4461"><code>08c8f06</code></a>
chore: update generated content</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/login-action/compare/c94ce9fb468520275223c153574b00df6fe4bcc9...b45d80f862d83dbcd57f89517bcf500b2ab88fb2">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/attest` from 3.2.0 to 4.1.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/attest/releases">actions/attest's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump <code>@actions/attest</code> from 3.0.0 to 3.1.0 by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/362">actions/attest#362</a></li>
<li>Bump <code>@actions/attest</code> from 3.1.0 to 3.2.0 by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/365">actions/attest#365</a></li>
<li>Add new <code>subject-version</code> input for inclusion in storage
record by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/364">actions/attest#364</a></li>
<li>Add storage record content to README by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/366">actions/attest#366</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/attest/compare/v4.0.0...v4.1.0">https://github.com/actions/attest/compare/v4.0.0...v4.1.0</a></p>
<h2>v4.0.0</h2>
<p>All of the capabilities of <a
href="https://github.com/actions/attest-build-provenance"><code>actions/attest-build-provenance</code></a>,
and <a
href="https://github.com/actions/attest-sbom"><code>actions/attest-sbom</code></a>
have now been folded into <code>actions/attest</code>.</p>
<h2>What's Changed</h2>
<ul>
<li>Bump <code>@​actions/core</code> from 2.0.1 to 2.0.2 in the
npm-production group by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/attest/pull/323">actions/attest#323</a></li>
<li>Bump tar from 7.4.3 to 7.5.6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/attest/pull/333">actions/attest#333</a></li>
<li>Bump <code>@​actions/github</code> from 6.0.1 to 7.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/attest/pull/324">actions/attest#324</a></li>
<li>Bump <code>@​actions/attest</code> from 2.1.0 to 2.2.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/attest/pull/325">actions/attest#325</a></li>
<li>Bump tar from 7.4.3 to 7.5.7 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/attest/pull/337">actions/attest#337</a></li>
<li>Bump <code>@​isaacs/brace-expansion</code> from 5.0.0 to 5.0.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/attest/pull/342">actions/attest#342</a></li>
<li>Consolidate attestation actions by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/346">actions/attest#346</a></li>
<li>ESM Conversion by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/347">actions/attest#347</a></li>
<li>Test suite refactor by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/356">actions/attest#356</a></li>
<li>Bump tar from 7.5.7 to 7.5.9 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/attest/pull/354">actions/attest#354</a></li>
<li>Bump version in package.json to v4.0.0 by <a
href="https://github.com/bdehamer"><code>@​bdehamer</code></a> in <a
href="https://redirect.github.com/actions/attest/pull/360">actions/attest#360</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/attest/compare/v3.2.0...v4.0.0">https://github.com/actions/attest/compare/v3.2.0...v4.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/attest/commit/59d89421af93a897026c735860bf21b6eb4f7b26"><code>59d8942</code></a>
add storage record content to README (<a
href="https://redirect.github.com/actions/attest/issues/366">#366</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/ec072a1cb2a95a9fb38f16ee92f72e0270cbf263"><code>ec072a1</code></a>
add new subject-version input (<a
href="https://redirect.github.com/actions/attest/issues/364">#364</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/8b290b8d865f4d5d2caca84a45d0de9620d2187a"><code>8b290b8</code></a>
bump <code>@​actions/attest</code> from 3.1.0 to 3.2.0 (<a
href="https://redirect.github.com/actions/attest/issues/365">#365</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/35cfe2422ed5658cfc87b5cca7e50507f7d478da"><code>35cfe24</code></a>
bump <code>@​actions/attest</code> from 3.0.0 to 3.1.0 (<a
href="https://redirect.github.com/actions/attest/issues/362">#362</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/c32b4b8b198b65d0bd9d63490e847ff7b53989d4"><code>c32b4b8</code></a>
bump version in package.json to v4.0.0 (<a
href="https://redirect.github.com/actions/attest/issues/360">#360</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/1e73be196c8840af1fa1fbff376890066093a323"><code>1e73be1</code></a>
Bump typescript-eslint in the npm-development group (<a
href="https://redirect.github.com/actions/attest/issues/358">#358</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/e1345cbec46c2ad797722d96bfa19e14e3548b70"><code>e1345cb</code></a>
Bump the npm-development group across 1 directory with 3 updates (<a
href="https://redirect.github.com/actions/attest/issues/357">#357</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/09cd5f66cb420c0389c6f725c641e08df274410e"><code>09cd5f6</code></a>
Bump tar from 7.5.7 to 7.5.9 (<a
href="https://redirect.github.com/actions/attest/issues/354">#354</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/19ad753d23453c7b9e9caf8a907f1d9e08816359"><code>19ad753</code></a>
test suite re-write (<a
href="https://redirect.github.com/actions/attest/issues/356">#356</a>)</li>
<li><a
href="https://github.com/actions/attest/commit/7d7ff4475a8e98e172944ad0b6687ab116043a85"><code>7d7ff44</code></a>
ESM Conversion (<a
href="https://redirect.github.com/actions/attest/issues/347">#347</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/attest/compare/e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d...59d89421af93a897026c735860bf21b6eb4f7b26">compare
view</a></li>
</ul>
</details>
<br />

Updates `tj-actions/changed-files` from 47.0.1 to 47.0.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/releases">tj-actions/changed-files's
releases</a>.</em></p>
<blockquote>
<h2>v47.0.5</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgraded to v47.0.4 by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2802">tj-actions/changed-files#2802</a></li>
<li>Updated README.md by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2803">tj-actions/changed-files#2803</a></li>
<li>Updated README.md by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2805">tj-actions/changed-files#2805</a></li>
<li>chore(deps-dev): bump <code>@​types/node</code> from 25.2.2 to
25.3.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2811">tj-actions/changed-files#2811</a></li>
<li>chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2810">tj-actions/changed-files#2810</a></li>
<li>chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2809">tj-actions/changed-files#2809</a></li>
<li>chore(deps-dev): bump eslint-plugin-jest from 29.12.1 to 29.15.0 by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2799">tj-actions/changed-files#2799</a></li>
<li>chore(deps): bump github/codeql-action from 4.32.2 to 4.32.4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2806">tj-actions/changed-files#2806</a></li>
<li>chore(deps-dev): bump prettier from 3.7.4 to 3.8.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2775">tj-actions/changed-files#2775</a></li>
<li>chore(deps): bump peter-evans/create-pull-request from 8.0.0 to
8.1.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2774">tj-actions/changed-files#2774</a></li>
<li>chore(deps): bump lodash and <code>@​types/lodash</code> by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2807">tj-actions/changed-files#2807</a></li>
<li>chore(deps-dev): bump eslint-plugin-prettier from 5.5.4 to 5.5.5 by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2764">tj-actions/changed-files#2764</a></li>
<li>chore(deps): bump github/codeql-action from 4.32.4 to 4.32.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2815">tj-actions/changed-files#2815</a></li>
<li>chore(deps-dev): bump <code>@​types/node</code> from 25.3.2 to
25.3.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2814">tj-actions/changed-files#2814</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/changed-files/compare/v47.0.4...v47.0.5">https://github.com/tj-actions/changed-files/compare/v47.0.4...v47.0.5</a></p>
<h2>v47.0.4</h2>
<h2>What's Changed</h2>
<ul>
<li>update: release-tagger action to version 6.0.6 by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2801">tj-actions/changed-files#2801</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/changed-files/compare/v47.0.3...v47.0.4">https://github.com/tj-actions/changed-files/compare/v47.0.3...v47.0.4</a></p>
<h2>v47.0.3</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps): bump github/codeql-action from 4.31.10 to 4.32.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2790">tj-actions/changed-files#2790</a></li>
<li>update: release-tagger action to version 6.0.0 by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2800">tj-actions/changed-files#2800</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/tj-actions/changed-files/compare/v47.0.2...v47.0.3">https://github.com/tj-actions/changed-files/compare/v47.0.2...v47.0.3</a></p>
<h2>v47.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>chore(deps-dev): bump eslint-plugin-jest from 29.2.1 to 29.11.0 by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2751">tj-actions/changed-files#2751</a></li>
<li>chore(deps): bump actions/upload-artifact from 5.0.0 to 6.0.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2741">tj-actions/changed-files#2741</a></li>
<li>chore(deps): bump actions/download-artifact from 6.0.0 to 7.0.0 by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2743">tj-actions/changed-files#2743</a></li>
<li>chore(deps): bump <code>@​actions/core</code> from 2.0.0 to 2.0.2 by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2757">tj-actions/changed-files#2757</a></li>
<li>Updated README.md by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2768">tj-actions/changed-files#2768</a></li>
<li>chore: update dist by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2769">tj-actions/changed-files#2769</a></li>
<li>chore: update matrix-example.yml by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2752">tj-actions/changed-files#2752</a></li>
<li>feat: add support for excluding symlinks and fix bug with commit not
found by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2770">tj-actions/changed-files#2770</a></li>
<li>chore(deps): bump github/codeql-action from 4.31.7 to 4.31.10 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2761">tj-actions/changed-files#2761</a></li>
<li>Updated README.md by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2771">tj-actions/changed-files#2771</a></li>
<li>chore(deps-dev): bump eslint-plugin-jest from 29.11.0 to 29.12.1 by
<a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2756">tj-actions/changed-files#2756</a></li>
<li>chore(deps-dev): bump <code>@​types/lodash</code> from 4.17.21 to
4.17.23 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2759">tj-actions/changed-files#2759</a></li>
<li>fix: Update test.yml by <a
href="https://github.com/jackton1"><code>@​jackton1</code></a> in <a
href="https://redirect.github.com/tj-actions/changed-files/pull/2781">tj-actions/changed-files#2781</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/tj-actions/changed-files/blob/main/HISTORY.md">tj-actions/changed-files's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v47.0.4...v47.0.5">47.0.5</a>
- (2026-03-03)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2805">#2805</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
(<a
href="https://github.com/tj-actions/changed-files/commit/35dace0375d89e25e78db5f0a44127b61f4e5c20">35dace0</a>)
- (github-actions[bot])</p>
<ul>
<li>Updated README.md (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2803">#2803</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a
href="https://github.com/tj-actions/changed-files/commit/9ee99eb5bda5d6a67fedcd50ecd24fb10add2f41">9ee99eb</a>)
- (github-actions[bot])</p>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
25.3.2 to 25.3.3 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2814">#2814</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/22103cc46bda19c2b464ffe86db46df6922fd323">22103cc</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 4.32.4 to
4.32.5 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2815">#2815</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/6c02e900a24488df269842eb1cf6ffe3391ce182">6c02e90</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump eslint-plugin-prettier from 5.5.4 to
5.5.5 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2764">#2764</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/05f9457d921137103bb9687b6b571075f75a65f2">05f9457</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump lodash and <code>@​types/lodash</code>
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2807">#2807</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/52ed872dd71bea01a73ce5c7c595e78cb9566401">52ed872</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump peter-evans/create-pull-request from
8.0.0 to 8.1.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2774">#2774</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/1cc574637935a98713e34cbd4e8cf01a985f942c">1cc5746</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump prettier from 3.7.4 to 3.8.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2775">#2775</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/de2962f9f408abd241f7c1a8b6cac3ab44358d1a">de2962f</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump github/codeql-action from 4.32.2 to
4.32.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2806">#2806</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/37e96ccbfefb9100f34f87d75c890c50c6e78d15">37e96cc</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump eslint-plugin-jest from 29.12.1 to
29.15.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2799">#2799</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/2180b0f05d03655e0bedd1657d13f6abc6313014">2180b0f</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump actions/upload-artifact from 6.0.0 to
7.0.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2809">#2809</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/cf021c158c722f81dea97fe5edc8bd2de1cc2bc1">cf021c1</a>)
- (dependabot[bot])</li>
<li><strong>deps:</strong> Bump actions/download-artifact from 7.0.0 to
8.0.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2810">#2810</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/b54ac6f17f95fdc4ec5ee3bf355ea7c354dc9c53">b54ac6f</a>)
- (dependabot[bot])</li>
<li><strong>deps-dev:</strong> Bump <code>@​types/node</code> from
25.2.2 to 25.3.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2811">#2811</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/0f2a510bd7ac84bc12cdc52c2094298bc26b1692">0f2a510</a>)
- (dependabot[bot])</li>
</ul>
<h2><!-- raw HTML omitted -->⬆️ Upgrades</h2>
<ul>
<li>Upgraded to v47.0.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2802">#2802</a>)</li>
</ul>
<p>Co-authored-by: github-actions[bot]
&lt;41898282+github-actions[bot]<a
href="https://github.com/users"><code>@​users</code></a>.noreply.github.com&gt;
Co-authored-by: Tonye Jack <a
href="mailto:jtonye@ymail.com">jtonye@ymail.com</a> (<a
href="https://github.com/tj-actions/changed-files/commit/b7ac303c8684d5e668c6c810e61a6fe32a53fe25">b7ac303</a>)
- (github-actions[bot])</p>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v47.0.3...v47.0.4">47.0.4</a>
- (2026-02-17)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Release-tagger action to version 6.0.6 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2801">#2801</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/7dee1b0c1557f278e5c7dc244927139d78c0e22a">7dee1b0</a>)
- (Tonye Jack)</li>
</ul>
<h1><a
href="https://github.com/tj-actions/changed-files/compare/v47.0.2...v47.0.3">47.0.3</a>
- (2026-02-17)</h1>
<h2><!-- raw HTML omitted -->🔄 Update</h2>
<ul>
<li>Release-tagger action to version 6.0.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2800">#2800</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/28b28f6e4e9e3d997beb9dce86cfd8cf0ce7c7f6">28b28f6</a>)
- (Tonye Jack)</li>
</ul>
<h2><!-- raw HTML omitted -->⚙️ Miscellaneous Tasks</h2>
<ul>
<li><strong>deps:</strong> Bump github/codeql-action from 4.31.10 to
4.32.2 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2790">#2790</a>)
(<a
href="https://github.com/tj-actions/changed-files/commit/875e6e5df8b8b00995fe6f0afd7ff1531ac1c47d">875e6e5</a>)
- (dependabot[bot])</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/tj-actions/changed-files/commit/22103cc46bda19c2b464ffe86db46df6922fd323"><code>22103cc</code></a>
chore(deps-dev): bump <code>@​types/node</code> from 25.3.2 to 25.3.3
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2814">#2814</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/6c02e900a24488df269842eb1cf6ffe3391ce182"><code>6c02e90</code></a>
chore(deps): bump github/codeql-action from 4.32.4 to 4.32.5 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2815">#2815</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/05f9457d921137103bb9687b6b571075f75a65f2"><code>05f9457</code></a>
chore(deps-dev): bump eslint-plugin-prettier from 5.5.4 to 5.5.5 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2764">#2764</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/52ed872dd71bea01a73ce5c7c595e78cb9566401"><code>52ed872</code></a>
chore(deps): bump lodash and <code>@​types/lodash</code> (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2807">#2807</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/1cc574637935a98713e34cbd4e8cf01a985f942c"><code>1cc5746</code></a>
chore(deps): bump peter-evans/create-pull-request from 8.0.0 to 8.1.0
(<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2774">#2774</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/de2962f9f408abd241f7c1a8b6cac3ab44358d1a"><code>de2962f</code></a>
chore(deps-dev): bump prettier from 3.7.4 to 3.8.1 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2775">#2775</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/37e96ccbfefb9100f34f87d75c890c50c6e78d15"><code>37e96cc</code></a>
chore(deps): bump github/codeql-action from 4.32.2 to 4.32.4 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2806">#2806</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/2180b0f05d03655e0bedd1657d13f6abc6313014"><code>2180b0f</code></a>
chore(deps-dev): bump eslint-plugin-jest from 29.12.1 to 29.15.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2799">#2799</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/cf021c158c722f81dea97fe5edc8bd2de1cc2bc1"><code>cf021c1</code></a>
chore(deps): bump actions/upload-artifact from 6.0.0 to 7.0.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2809">#2809</a>)</li>
<li><a
href="https://github.com/tj-actions/changed-files/commit/b54ac6f17f95fdc4ec5ee3bf355ea7c354dc9c53"><code>b54ac6f</code></a>
chore(deps): bump actions/download-artifact from 7.0.0 to 8.0.0 (<a
href="https://redirect.github.com/tj-actions/changed-files/issues/2810">#2810</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/tj-actions/changed-files/compare/e0021407031f5be11a464abee9a0776171c79891...22103cc46bda19c2b464ffe86db46df6922fd323">compare
view</a></li>
</ul>
</details>
<br />

Updates `docker/setup-buildx-action` from 3.12.0 to 4.0.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<ul>
<li>Node 24 as default runtime (requires <a
href="https://github.com/actions/runner/releases/tag/v2.327.1">Actions
Runner v2.327.1</a> or later) by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/483">docker/setup-buildx-action#483</a></li>
<li>Remove deprecated inputs/outputs by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/464">docker/setup-buildx-action#464</a></li>
<li>Switch to ESM and update config/test wiring by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/481">docker/setup-buildx-action#481</a></li>
<li>Bump <code>@​actions/core</code> from 1.11.1 to 3.0.0 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/475">docker/setup-buildx-action#475</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.63.0 to 0.79.0 in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/482">docker/setup-buildx-action#482</a>
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/485">docker/setup-buildx-action#485</a></li>
<li>Bump js-yaml from 4.1.0 to 4.1.1 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/452">docker/setup-buildx-action#452</a></li>
<li>Bump lodash from 4.17.21 to 4.17.23 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/472">docker/setup-buildx-action#472</a></li>
<li>Bump minimatch from 3.1.2 to 3.1.5 in <a
href="https://redirect.github.com/docker/setup-buildx-action/pull/480">docker/setup-buildx-action#480</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0">https://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd"><code>4d04d5d</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/485">#485</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/cd74e05d9bae4eeec789f90ba15dc6fb4b60ae5d"><code>cd74e05</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/eee38ec7b3ed034ee896d3e212e5d11c04562b84"><code>eee38ec</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.77.0 to
0.79.0</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/7a83f65b5a215b3c81b210dafdc20362bd2b4e24"><code>7a83f65</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/484">#484</a>
from docker/dependabot/github_actions/docker/setup-qe...</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/a5aa96747d67f62520b42af91aeb306e7374b327"><code>a5aa967</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/464">#464</a>
from crazy-max/rm-deprecated</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/e73d53fa4ed86ff46faaf2b13a228d6e93c51af3"><code>e73d53f</code></a>
build(deps): bump docker/setup-qemu-action from 3 to 4</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/28a438e9ed9ef7ae2ebd0bf839039005c9501312"><code>28a438e</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/483">#483</a>
from crazy-max/node24</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/034e9d37dd436b56b0167bea5a11ab731413e8cf"><code>034e9d3</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/b4664d8fd0ba15ff14560ab001737c666076d5be"><code>b4664d8</code></a>
remove deprecated inputs/outputs</li>
<li><a
href="https://github.com/docker/setup-buildx-action/commit/a8257dec35f244ad06b4ff6c90fdd2ba97f262ba"><code>a8257de</code></a>
node 24 as default runtime</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/setup-buildx-action/compare/8d2750c68a42422c14e847fe6c8ac0403b4cbd6f...4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd">compare
view</a></li>
</ul>
</details>
<br />

Updates `linear/linear-release-action` from 0.4.0 to 0.5.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/linear/linear-release-action/releases">linear/linear-release-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.5.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Documentation improvements by <a
href="https://github.com/RomainCscn"><code>@​RomainCscn</code></a> in <a
href="https://redirect.github.com/linear/linear-release-action/pull/8">linear/linear-release-action#8</a></li>
<li>Add support for release_version, same as the CLI by <a
href="https://github.com/RomainCscn"><code>@​RomainCscn</code></a> in <a
href="https://redirect.github.com/linear/linear-release-action/pull/9">linear/linear-release-action#9</a></li>
<li>Set CLI version default to latest</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/linear/linear-release-action/compare/v0.4.0...v0.5.0">https://github.com/linear/linear-release-action/compare/v0.4.0...v0.5.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/linear/linear-release-action/commit/5cbaabc187ceb63eee9d446e62e68e5c29a03ae8"><code>5cbaabc</code></a>
Make latest the default cli version</li>
<li><a
href="https://github.com/linear/linear-release-action/commit/7fb27ceb7e17ef4353a87f85f4fc1e3d3416c057"><code>7fb27ce</code></a>
Add support for release_version, same as the CLI (<a
href="https://redirect.github.com/linear/linear-release-action/issues/9">#9</a>)</li>
<li><a
href="https://github.com/linear/linear-release-action/commit/fbf0176c7348aa6444e5e3d14db454cb4f4baab8"><code>fbf0176</code></a>
Ensure name is properly used when creating scheduled release (<a
href="https://redirect.github.com/linear/linear-release-action/issues/8">#8</a>)</li>
<li>See full diff in <a
href="https://github.com/linear/linear-release-action/compare/v0.4.0...5cbaabc187ceb63eee9d446e62e68e5c29a03ae8">compare
view</a></li>
</ul>
</details>
<br />

Updates `benc-uk/workflow-dispatch` from 1.2.4 to 1.3.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/benc-uk/workflow-dispatch/releases">benc-uk/workflow-dispatch's
releases</a>.</em></p>
<blockquote>
<h2>v1.3.1</h2>
<h2>Features</h2>
<ul>
<li><strong>New <code>sync-status</code> input</strong> — when used with
<code>wait-for-completion</code>, mirrors the triggered workflow's
conclusion (failure/cancelled) back to this action's status (<a
href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li>
<li><strong>Alternate <code>ref</code> default for PRs</strong> —
automatically uses <code>github.head_ref</code> when running in a pull
request context, avoiding <code>refs/pull/.../merge</code> errors (<a
href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/79">#79</a>)</li>
</ul>
<h2>Bug Fixes</h2>
<ul>
<li><strong>Safer JSON input parsing</strong> — invalid
<code>inputs</code> JSON now logs an error instead of throwing an
unhandled exception (<a
href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li>
<li><strong>Improved timeout handling</strong> — timeout now sets a
distinct <code>timed_out</code> status and emits a warning instead of
silently breaking (<a
href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li>
<li><strong>Improved warning message formatting</strong> for workflow
run timeout</li>
</ul>
<h2>Internal Changes &amp; Chores</h2>
<ul>
<li>Replaced <code>console.log</code> calls with <code>core.info</code>
for proper Actions log integration (<a
href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li>
<li>Removed stale <code>ref</code>/<code>inputs</code> parameters from
the workflow list API call (<a
href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li>
<li>Expanded CI test matrix from 3 sequential steps to 9 parallel test
jobs covering workflow lookup, output assertions, wait-for-completion,
sync-status, and error handling (<a
href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li>
<li>Added CI path filters to skip docs-only changes (<a
href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li>
<li>Changed echo-3 test fixture from <code>workflow_call</code> to
<code>workflow_dispatch</code> with deterministic failure (<a
href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li>
<li>Removed unused <code>.vscode/settings.json</code> (<a
href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li>
<li>Added <code>.github/copilot-instructions.md</code> (<a
href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li>
<li>General project chores</li>
</ul>
<h2>Documentation Updates</h2>
<ul>
<li>No documentation updates in this release</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/benc-uk/workflow-dispatch/commit/7a027648b88c2413826b6ddd6c76114894dc5ec4"><code>7a02764</code></a>
Improvements: sync-status, error handling, CI test coverage &amp; path
filters (<a
href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/84">#84</a>)</li>
<li><a
href="https://github.com/benc-uk/workflow-dispatch/commit/3162154e5e0697f47fb76f12ed5508c5f3c066d7"><code>3162154</code></a>
Use alternate <code>ref</code> default for PRs (<a
href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/79">#79</a>)</li>
<li><a
href="https://github.com/benc-uk/workflow-dispatch/commit/4085c9787530f7d3f497838f77fce7b96a554397"><code>4085c97</code></a>
project chores</li>
<li><a
href="https://github.com/benc-uk/workflow-dispatch/commit/6fd6de2826a993af5b50dfb55da903d4f1ca05ee"><code>6fd6de2</code></a>
Improve warning message formatting for workflow run timeout</li>
<li><a
href="https://github.com/benc-uk/workflow-dispatch/commit/a54f9d194fed472732282ed1597dc4909e4b4080"><code>a54f9d1</code></a>
2026 refresh (<a
href="https://redirect.github.com/benc-uk/workflow-dispatch/issues/83">#83</a>)</li>
<li>See full diff in <a
href="https://github.com/benc-uk/workflow-dispatch/compare/e2e5e9a103e331dad343f381a29e654aea3cf8fc...7a027648b88c2413826b6ddd6c76114894dc5ec4">compare
view</a></li>
</ul>
</details>
<br />

Updates `aquasecurity/trivy-action` from
c1824fd6edce30d7ab345a9989de00bbd46ef284 to
57a97c7e7821a5776cebc9bb87c984fa69cba8f1
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.14.2` | `2.16.0` |
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/57a97c7e7821a5776cebc9bb87c984fa69cba8f1"><code>57a97c7</code></a>
chore(deps): Update trivy to v0.69.3 (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/519">#519</a>)</li>
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.14.2` | `2.16.0` |
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/97e0b3872f55f89b95b2f65b3dbab56962816478"><code>97e0b38</code></a>
chore: bump Trivy version to v0.69.2 in test workflow and README (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/515">#515</a>)</li>
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.14.2` | `2.16.0` |
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/4c61e6329bab9be735ca35291551614bc663dff3"><code>4c61e63</code></a>
chore: bump default Trivy version to v0.69.2 (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/513">#513</a>)</li>
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.14.2` | `2.16.0` |
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/1bd062560b422f5944df1de50abd05162bea079e"><code>1bd0625</code></a>
Merge pull request <a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/508">#508</a>
from nikpivkin/feat/pass-yaml-ignore-file</li>
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.14.2` | `2.16.0` |
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/bce3086c4aa186dadd6671d45ad6dd5d1b8440ac"><code>bce3086</code></a>
remove unused init-cache target</li>
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.14.2` | `2.16.0` |
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/5a9fbb1236dc1b5ee9e73b5a515009a1dc684548"><code>5a9fbb1</code></a>
supress progress bar when download db</li>
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.14.2` | `2.16.0` |
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/16154502cae788884830e8df2671639b8cbaa03f"><code>1615450</code></a>
update trivyignores input description</li>
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.14.2` | `2.16.0` |
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/df85774a457f1f0a32a8e5744c2bced057257d65"><code>df85774</code></a>
add comment about fd3</li>
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.14.2` | `2.16.0` |
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/56c8daebb96c35cabeeda8187a6dd3ec711d0a72"><code>56c8dae</code></a>
remove unused variable</li>
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.14.2` | `2.16.0` |
<li><a
href="https://github.com/aquasecurity/trivy-action/commit/e368e328979b113139d6f9068e03accaed98a518"><code>e368e32</code></a>
ci(test): add zizmor security linter for GitHub Actions (<a
href="https://redirect.github.com/aquasecurity/trivy-action/issues/502">#502</a>)</li>
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.14.2` | `2.16.0` |
<li>Additional commits viewable in <a
href="https://github.com/aquasecurity/trivy-action/compare/c1824fd6edce30d7ab345a9989de00bbd46ef284...57a97c7e7821a5776cebc9bb87c984fa69cba8f1">compare
view</a></li>
|
[step-security/harden-runner](https://github.com/step-security/harden-runner)
| `2.14.2` | `2.16.0` |
</ul>
</details>
<br />

<details>
<summary>Most Recent Ignore Conditions Applied to This Pull
Request</summary>

| Dependency Name | Ignore Conditions |
| --- | --- |
| crate-ci/typos | [>= 1.30.a, < 1.31] |
</details>


Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore <dependency name> major version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's major version (unless you unignore this specific
dependency's major version or upgrade to it yourself)
- `@dependabot ignore <dependency name> minor version` will close this
group update PR and stop Dependabot creating any more for the specific
dependency's minor version (unless you unignore this specific
dependency's minor version or upgrade to it yourself)
- `@dependabot ignore <dependency name>` will close this group update PR
and stop Dependabot creating any more for the specific dependency
(unless you unignore this specific dependency or upgrade to it yourself)
- `@dependabot unignore <dependency name>` will remove all of the ignore
conditions of the specified dependency
- `@dependabot unignore <dependency name> <ignore condition>` will
remove the ignore condition of the specified dependency and ignore
conditions


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Atif Ali <atif@coder.com>
This commit is contained in:
dependabot[bot]
2026-03-20 02:59:50 +00:00
committed by GitHub
parent be5f9b1ffd
commit abd7b7aeba
20 changed files with 82 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/ci.yaml
+33 -33
View File
@@ -35,7 +35,7 @@ jobs:
tailnet-integration: ${{ steps.filter.outputs.tailnet-integration }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -157,7 +157,7 @@ jobs:
runs-on: ${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' || 'ubuntu-latest' }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -191,7 +191,7 @@ jobs:
# Check for any typos
- name: Check for typos
uses: crate-ci/typos@2d0ce569feab1f8752f1dde43cc2f2aa53236e06 # v1.40.0
uses: crate-ci/typos@631208b7aac2daa8b707f55e7331f9112b0e062d # v1.44.0
with:
config: .github/workflows/typos.toml
@@ -247,7 +247,7 @@ jobs:
runs-on: ${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' || 'ubuntu-latest' }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -272,7 +272,7 @@ jobs:
if: ${{ !cancelled() }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -327,7 +327,7 @@ jobs:
timeout-minutes: 20
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -379,7 +379,7 @@ jobs:
- windows-2022
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -537,7 +537,7 @@ jobs:
embedded-pg-cache: ${{ steps.embedded-pg-cache.outputs.embedded-pg-cache }}
- name: Upload failed test db dumps
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: failed-test-db-dump-${{matrix.os}}
path: "**/*.test.sql"
@@ -575,7 +575,7 @@ jobs:
timeout-minutes: 25
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -637,7 +637,7 @@ jobs:
timeout-minutes: 25
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -709,7 +709,7 @@ jobs:
timeout-minutes: 20
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -736,7 +736,7 @@ jobs:
timeout-minutes: 20
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -769,7 +769,7 @@ jobs:
name: ${{ matrix.variant.name }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -818,7 +818,7 @@ jobs:
- name: Upload Playwright Failed Tests
if: always() && github.actor != 'dependabot[bot]' && runner.os == 'Linux' && !github.event.pull_request.head.repo.fork
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: failed-test-videos${{ matrix.variant.premium && '-premium' || '' }}
path: ./site/test-results/**/*.webm
@@ -826,7 +826,7 @@ jobs:
- name: Upload debug log
if: always() && github.actor != 'dependabot[bot]' && runner.os == 'Linux' && !github.event.pull_request.head.repo.fork
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: coderd-debug-logs${{ matrix.variant.premium && '-premium' || '' }}
path: ./site/e2e/test-results/debug.log
@@ -834,7 +834,7 @@ jobs:
- name: Upload pprof dumps
if: always() && github.actor != 'dependabot[bot]' && runner.os == 'Linux' && !github.event.pull_request.head.repo.fork
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: debug-pprof-dumps${{ matrix.variant.premium && '-premium' || '' }}
path: ./site/test-results/**/debug-pprof-*.txt
@@ -849,7 +849,7 @@ jobs:
if: needs.changes.outputs.site == 'true' || needs.changes.outputs.ci == 'true'
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -930,7 +930,7 @@ jobs:
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -1005,7 +1005,7 @@ jobs:
if: always()
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -1043,7 +1043,7 @@ jobs:
runs-on: ${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' || 'ubuntu-latest' }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -1097,7 +1097,7 @@ jobs:
IMAGE: ghcr.io/coder/coder-preview:${{ steps.build-docker.outputs.tag }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -1108,7 +1108,7 @@ jobs:
persist-credentials: false
- name: GHCR Login
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
with:
registry: ghcr.io
username: ${{ github.actor }}
@@ -1319,7 +1319,7 @@ jobs:
id: attest_main
if: github.ref == 'refs/heads/main'
continue-on-error: true
uses: actions/attest@e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d # v3.2.0
uses: actions/attest@59d89421af93a897026c735860bf21b6eb4f7b26 # v4.1.0
with:
subject-name: "ghcr.io/coder/coder-preview:main"
predicate-type: "https://slsa.dev/provenance/v1"
@@ -1356,7 +1356,7 @@ jobs:
id: attest_latest
if: github.ref == 'refs/heads/main'
continue-on-error: true
uses: actions/attest@e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d # v3.2.0
uses: actions/attest@59d89421af93a897026c735860bf21b6eb4f7b26 # v4.1.0
with:
subject-name: "ghcr.io/coder/coder-preview:latest"
predicate-type: "https://slsa.dev/provenance/v1"
@@ -1393,7 +1393,7 @@ jobs:
id: attest_version
if: github.ref == 'refs/heads/main'
continue-on-error: true
uses: actions/attest@e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d # v3.2.0
uses: actions/attest@59d89421af93a897026c735860bf21b6eb4f7b26 # v4.1.0
with:
subject-name: "ghcr.io/coder/coder-preview:${{ steps.build-docker.outputs.tag }}"
predicate-type: "https://slsa.dev/provenance/v1"
@@ -1457,7 +1457,7 @@ jobs:
- name: Upload build artifact (coder-linux-amd64.tar.gz)
if: github.ref == 'refs/heads/main'
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: coder-linux-amd64.tar.gz
path: ./build/*_linux_amd64.tar.gz
@@ -1465,7 +1465,7 @@ jobs:
- name: Upload build artifact (coder-linux-amd64.deb)
if: github.ref == 'refs/heads/main'
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: coder-linux-amd64.deb
path: ./build/*_linux_amd64.deb
@@ -1473,7 +1473,7 @@ jobs:
- name: Upload build artifact (coder-linux-arm64.tar.gz)
if: github.ref == 'refs/heads/main'
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: coder-linux-arm64.tar.gz
path: ./build/*_linux_arm64.tar.gz
@@ -1481,7 +1481,7 @@ jobs:
- name: Upload build artifact (coder-linux-arm64.deb)
if: github.ref == 'refs/heads/main'
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: coder-linux-arm64.deb
path: ./build/*_linux_arm64.deb
@@ -1489,7 +1489,7 @@ jobs:
- name: Upload build artifact (coder-linux-armv7.tar.gz)
if: github.ref == 'refs/heads/main'
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: coder-linux-armv7.tar.gz
path: ./build/*_linux_armv7.tar.gz
@@ -1497,7 +1497,7 @@ jobs:
- name: Upload build artifact (coder-linux-armv7.deb)
if: github.ref == 'refs/heads/main'
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: coder-linux-armv7.deb
path: ./build/*_linux_armv7.deb
@@ -1505,7 +1505,7 @@ jobs:
- name: Upload build artifact (coder-windows-amd64.zip)
if: github.ref == 'refs/heads/main'
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: coder-windows-amd64.zip
path: ./build/*_windows_amd64.zip
@@ -1543,7 +1543,7 @@ jobs:
if: needs.changes.outputs.db == 'true' || needs.changes.outputs.ci == 'true' || github.ref == 'refs/heads/main'
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
.github/workflows/deploy.yaml
+4 -4
View File
@@ -36,7 +36,7 @@ jobs:
verdict: ${{ steps.check.outputs.verdict }} # DEPLOY or NOOP
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -65,7 +65,7 @@ jobs:
packages: write # to retag image as dogfood
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -76,7 +76,7 @@ jobs:
persist-credentials: false
- name: GHCR Login
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
with:
registry: ghcr.io
username: ${{ github.actor }}
@@ -142,7 +142,7 @@ jobs:
needs: deploy
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
.github/workflows/docker-base.yaml
+2 -2
View File
@@ -38,7 +38,7 @@ jobs:
if: github.repository_owner == 'coder'
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -48,7 +48,7 @@ jobs:
persist-credentials: false
- name: Docker login
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
with:
registry: ghcr.io
username: ${{ github.actor }}
.github/workflows/docs-ci.yaml
+1 -1
View File
@@ -30,7 +30,7 @@ jobs:
- name: Setup Node
uses: ./.github/actions/setup-node
- uses: tj-actions/changed-files@e0021407031f5be11a464abee9a0776171c79891 # v45.0.7
- uses: tj-actions/changed-files@22103cc46bda19c2b464ffe86db46df6922fd323 # v45.0.7
id: changed-files
with:
files: |
.github/workflows/dogfood.yaml
+4 -4
View File
@@ -26,7 +26,7 @@ jobs:
runs-on: ${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-4' || 'ubuntu-latest' }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -78,11 +78,11 @@ jobs:
uses: depot/setup-action@15c09a5f77a0840ad4bce955686522a257853461 # v1.7.1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
- name: Login to DockerHub
if: github.ref == 'refs/heads/main'
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
@@ -125,7 +125,7 @@ jobs:
id-token: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
.github/workflows/linear-release.yaml
+1 -1
View File
@@ -52,7 +52,7 @@ jobs:
- name: Complete release
id: complete
uses: linear/linear-release-action@f64cdc603e6eb7a7ef934bc5492ae929f88c8d1a # v0
uses: linear/linear-release-action@5cbaabc187ceb63eee9d446e62e68e5c29a03ae8 # v0
with:
access_key: ${{ secrets.LINEAR_ACCESS_KEY }}
command: complete
.github/workflows/nightly-gauntlet.yaml
+1 -1
View File
@@ -28,7 +28,7 @@ jobs:
- windows-2022
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
.github/workflows/pr-auto-assign.yaml
+1 -1
View File
@@ -15,7 +15,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
.github/workflows/pr-cleanup.yaml
+1 -1
View File
@@ -19,7 +19,7 @@ jobs:
packages: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
.github/workflows/pr-deploy.yaml
+6 -6
View File
@@ -39,7 +39,7 @@ jobs:
PR_OPEN: ${{ steps.check_pr.outputs.pr_open }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -76,7 +76,7 @@ jobs:
runs-on: "ubuntu-latest"
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -184,7 +184,7 @@ jobs:
pull-requests: write # needed for commenting on PRs
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -228,7 +228,7 @@ jobs:
CODER_IMAGE_TAG: ${{ needs.get_info.outputs.CODER_IMAGE_TAG }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -248,7 +248,7 @@ jobs:
uses: ./.github/actions/setup-sqlc
- name: GHCR Login
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
with:
registry: ghcr.io
username: ${{ github.actor }}
@@ -288,7 +288,7 @@ jobs:
PR_HOSTNAME: "pr${{ needs.get_info.outputs.PR_NUMBER }}.${{ secrets.PR_DEPLOYMENTS_DOMAIN }}"
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
.github/workflows/release-validation.yaml
+2 -2
View File
@@ -14,12 +14,12 @@ jobs:
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
- name: Run Schmoder CI
uses: benc-uk/workflow-dispatch@e2e5e9a103e331dad343f381a29e654aea3cf8fc # v1.2.4
uses: benc-uk/workflow-dispatch@7a027648b88c2413826b6ddd6c76114894dc5ec4 # v1.3.1
with:
workflow: ci.yaml
repo: coder/schmoder
.github/workflows/release.yaml
+9 -9
View File
@@ -80,7 +80,7 @@ jobs:
version: ${{ steps.version.outputs.version }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -155,7 +155,7 @@ jobs:
cat "$CODER_RELEASE_NOTES_FILE"
- name: Docker Login
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
with:
registry: ghcr.io
username: ${{ github.actor }}
@@ -358,7 +358,7 @@ jobs:
id: attest_base
if: ${{ !inputs.dry_run && steps.image-base-tag.outputs.tag != '' }}
continue-on-error: true
uses: actions/attest@e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d # v3.2.0
uses: actions/attest@59d89421af93a897026c735860bf21b6eb4f7b26 # v4.1.0
with:
subject-name: ${{ steps.image-base-tag.outputs.tag }}
predicate-type: "https://slsa.dev/provenance/v1"
@@ -474,7 +474,7 @@ jobs:
id: attest_main
if: ${{ !inputs.dry_run }}
continue-on-error: true
uses: actions/attest@e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d # v3.2.0
uses: actions/attest@59d89421af93a897026c735860bf21b6eb4f7b26 # v4.1.0
with:
subject-name: ${{ steps.build_docker.outputs.multiarch_image }}
predicate-type: "https://slsa.dev/provenance/v1"
@@ -518,7 +518,7 @@ jobs:
id: attest_latest
if: ${{ !inputs.dry_run && steps.build_docker.outputs.created_latest_tag == 'true' }}
continue-on-error: true
uses: actions/attest@e59cbc1ad1ac2d59339667419eb8cdde6eb61e3d # v3.2.0
uses: actions/attest@59d89421af93a897026c735860bf21b6eb4f7b26 # v4.1.0
with:
subject-name: ${{ steps.latest_tag.outputs.tag }}
predicate-type: "https://slsa.dev/provenance/v1"
@@ -665,7 +665,7 @@ jobs:
- name: Upload artifacts to actions (if dry-run)
if: ${{ inputs.dry_run }}
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: release-artifacts
path: |
@@ -681,7 +681,7 @@ jobs:
- name: Upload latest sbom artifact to actions (if dry-run)
if: inputs.dry_run && steps.build_docker.outputs.created_latest_tag == 'true'
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: latest-sbom-artifact
path: ./coder_latest_sbom.spdx.json
@@ -704,7 +704,7 @@ jobs:
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -780,7 +780,7 @@ jobs:
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
.github/workflows/scorecard.yml
+2 -2
View File
@@ -20,7 +20,7 @@ jobs:
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -39,7 +39,7 @@ jobs:
# Upload the results as artifacts.
- name: "Upload artifact"
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: SARIF file
path: results.sarif
.github/workflows/security.yaml
+4 -4
View File
@@ -27,7 +27,7 @@ jobs:
runs-on: ${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' || 'ubuntu-latest' }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -69,7 +69,7 @@ jobs:
runs-on: ${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' || 'ubuntu-latest' }}
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -146,7 +146,7 @@ jobs:
echo "image=$(cat "$image_job")" >> "$GITHUB_OUTPUT"
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # v0.34.0
uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.34.0
with:
image-ref: ${{ steps.build.outputs.image }}
format: sarif
@@ -160,7 +160,7 @@ jobs:
category: "Trivy"
- name: Upload Trivy scan results as an artifact
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
with:
name: trivy
path: trivy-results.sarif
.github/workflows/stale.yaml
+3 -3
View File
@@ -18,7 +18,7 @@ jobs:
pull-requests: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -96,7 +96,7 @@ jobs:
contents: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
@@ -120,7 +120,7 @@ jobs:
actions: write
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
.github/workflows/typos.toml
+2
View File
@@ -29,6 +29,8 @@ EDE = "EDE"
HELO = "HELO"
LKE = "LKE"
byt = "byt"
cpy = "cpy"
Cpy = "Cpy"
typ = "typ"
# file extensions used in seti icon theme
styl = "styl"
.github/workflows/weekly-docs.yaml
+1 -1
View File
@@ -21,7 +21,7 @@ jobs:
pull-requests: write # required to post PR review comments by the action
steps:
- name: Harden Runner
uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2
uses: step-security/harden-runner@fa2e9d605c4eeb9fcad4c99c224cee0c6c7f3594 # v2.16.0
with:
egress-policy: audit
coderd/provisionerjobs.go
+3 -3
View File
@@ -587,7 +587,7 @@ func (f *logFollower) follow() {
f.logger.Error(f.ctx, "failed to query logs", slog.Error(err))
err = f.conn.Close(websocket.StatusInternalError, err.Error())
if err != nil {
f.logger.Warn(f.ctx, "failed to close webscoket", slog.Error(err))
f.logger.Warn(f.ctx, "failed to close websocket", slog.Error(err))
}
}
return
@@ -614,7 +614,7 @@ func (f *logFollower) follow() {
f.logger.Error(f.ctx, "dropped or corrupted notification", slog.Error(err))
err = f.conn.Close(websocket.StatusInternalError, err.Error())
if err != nil {
f.logger.Warn(f.ctx, "failed to close webscoket", slog.Error(err))
f.logger.Warn(f.ctx, "failed to close websocket", slog.Error(err))
}
return
case <-f.ctx.Done():
@@ -634,7 +634,7 @@ func (f *logFollower) follow() {
f.logger.Error(f.ctx, "failed to query logs", slog.Error(err))
err = f.conn.Close(websocket.StatusInternalError, httpapi.WebsocketCloseSprintf("%s", err.Error()))
if err != nil {
f.logger.Warn(f.ctx, "failed to close webscoket", slog.Error(err))
f.logger.Warn(f.ctx, "failed to close websocket", slog.Error(err))
}
}
return
coderd/workspaces.go
+1 -1
View File
@@ -1502,7 +1502,7 @@ func (api *API) putWorkspaceDormant(rw http.ResponseWriter, r *http.Request) {
return
}
// TODO: This is a strange error since it occurs after the mutatation.
// TODO: This is a strange error since it occurs after the mutation.
// An example of why we should join in fields to prevent this forbidden error
// from being sent, when the action did succeed.
if len(data.templates) == 0 {
docs/admin/security/audit-logs.md
+1 -1
View File
@@ -172,7 +172,7 @@ and in accordance with your compliance requirements.
You may choose to run a `VACUUM` or `VACUUM FULL` operation on the audit logs table to reclaim disk space. If you choose to run the `FULL` operation, consider the following when doing so:
- **Run during a planned mainteance window** to ensure ample time for the operation to complete and minimize impact to users
- **Run during a planned maintenance window** to ensure ample time for the operation to complete and minimize impact to users
- **Stop all running instances of `coderd`** to prevent connection errors while the table is locked. The actual steps for this will depend on your particular deployment setup. For example, if your `coderd` deployment is running on Kubernetes:
```bash