From f947a341036341cf25e1338601fbae654995d234 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 24 Oct 2025 16:06:44 +0500 Subject: [PATCH] ci: bump the github-actions group across 1 directory with 15 updates (#20384) Co-authored-by: github-actions[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: M Atif Ali Co-authored-by: Ethan Dickson --- .github/workflows/ci.yaml | 10 +++++----- .github/workflows/deploy.yaml | 4 ++-- .github/workflows/docker-base.yaml | 2 +- .github/workflows/docs-ci.yaml | 2 +- .github/workflows/dogfood.yaml | 2 +- .github/workflows/pr-deploy.yaml | 10 +++++----- .github/workflows/release.yaml | 4 ++-- .github/workflows/scorecard.yml | 4 ++-- .github/workflows/security.yaml | 6 +++--- .github/workflows/stale.yaml | 2 +- .github/workflows/traiage.yaml | 2 +- .github/workflows/weekly-docs.yaml | 2 +- coderd/rbac/authz.go | 2 +- docs/install/cli.md | 2 +- 14 files changed, 27 insertions(+), 27 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 4199b64f6b..acd6a58f53 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -181,7 +181,7 @@ jobs: echo "LINT_CACHE_DIR=$dir" >> "$GITHUB_ENV" - name: golangci-lint cache - uses: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809 # v4.2.4 + uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 with: path: | ${{ env.LINT_CACHE_DIR }} @@ -191,7 +191,7 @@ jobs: # Check for any typos - name: Check for typos - uses: crate-ci/typos@85f62a8a84f939ae994ab3763f01a0296d61a7ee # v1.36.2 + uses: crate-ci/typos@80c8a4945eec0f6d464eaf9e65ed98ef085283d1 # v1.38.1 with: config: .github/workflows/typos.toml @@ -806,7 +806,7 @@ jobs: # the check to pass. This is desired in PRs, but not in mainline. - name: Publish to Chromatic (non-mainline) if: github.ref != 'refs/heads/main' && github.repository_owner == 'coder' - uses: chromaui/action@20c7e42e1b2f6becd5d188df9acb02f3e2f51519 # v13.2.0 + uses: chromaui/action@4ffe736a2a8262ea28067ff05a13b635ba31ec05 # v13.3.0 env: NODE_OPTIONS: "--max_old_space_size=4096" STORYBOOK: true @@ -838,7 +838,7 @@ jobs: # infinitely "in progress" in mainline unless we re-review each build. - name: Publish to Chromatic (mainline) if: github.ref == 'refs/heads/main' && github.repository_owner == 'coder' - uses: chromaui/action@20c7e42e1b2f6becd5d188df9acb02f3e2f51519 # v13.2.0 + uses: chromaui/action@4ffe736a2a8262ea28067ff05a13b635ba31ec05 # v13.3.0 env: NODE_OPTIONS: "--max_old_space_size=4096" STORYBOOK: true @@ -1123,7 +1123,7 @@ jobs: persist-credentials: false - name: GHCR Login - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: registry: ghcr.io username: ${{ github.actor }} diff --git a/.github/workflows/deploy.yaml b/.github/workflows/deploy.yaml index 3893682626..30d9e38414 100644 --- a/.github/workflows/deploy.yaml +++ b/.github/workflows/deploy.yaml @@ -76,7 +76,7 @@ jobs: persist-credentials: false - name: GHCR Login - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: registry: ghcr.io username: ${{ github.actor }} @@ -92,7 +92,7 @@ jobs: uses: google-github-actions/setup-gcloud@aa5489c8933f4cc7a4f7d45035b3b1440c9c10db # v3.0.1 - name: Set up Flux CLI - uses: fluxcd/flux2/action@6bf37f6a560fd84982d67f853162e4b3c2235edb # v2.6.4 + uses: fluxcd/flux2/action@4a15fa6a023259353ef750acf1c98fe88407d4d0 # v2.7.2 with: # Keep this and the github action up to date with the version of flux installed in dogfood cluster version: "2.7.0" diff --git a/.github/workflows/docker-base.yaml b/.github/workflows/docker-base.yaml index a62d43d0b6..2998aae1b5 100644 --- a/.github/workflows/docker-base.yaml +++ b/.github/workflows/docker-base.yaml @@ -48,7 +48,7 @@ jobs: persist-credentials: false - name: Docker login - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: registry: ghcr.io username: ${{ github.actor }} diff --git a/.github/workflows/docs-ci.yaml b/.github/workflows/docs-ci.yaml index eb64a35ffa..a4f593d425 100644 --- a/.github/workflows/docs-ci.yaml +++ b/.github/workflows/docs-ci.yaml @@ -30,7 +30,7 @@ jobs: - name: Setup Node uses: ./.github/actions/setup-node - - uses: tj-actions/changed-files@4563c729c555b4141fac99c80f699f571219b836 # v45.0.7 + - uses: tj-actions/changed-files@d03a93c0dbfac6d6dd6a0d8a5e7daff992b07449 # v45.0.7 id: changed-files with: files: | diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml index 5793b64616..780cef6e0c 100644 --- a/.github/workflows/dogfood.yaml +++ b/.github/workflows/dogfood.yaml @@ -82,7 +82,7 @@ jobs: - name: Login to DockerHub if: github.ref == 'refs/heads/main' - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_PASSWORD }} diff --git a/.github/workflows/pr-deploy.yaml b/.github/workflows/pr-deploy.yaml index 1fd4351503..eb0eb29692 100644 --- a/.github/workflows/pr-deploy.yaml +++ b/.github/workflows/pr-deploy.yaml @@ -189,7 +189,7 @@ jobs: egress-policy: audit - name: Find Comment - uses: peter-evans/find-comment@3eae4d37986fb5a8592848f6a574fdf654e61f9e # v3.1.0 + uses: peter-evans/find-comment@b30e6a3c0ed37e7c023ccd3f1db5c6c0b0c23aad # v4.0.0 id: fc with: issue-number: ${{ needs.get_info.outputs.PR_NUMBER }} @@ -199,7 +199,7 @@ jobs: - name: Comment on PR id: comment_id - uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0 + uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0 with: comment-id: ${{ steps.fc.outputs.comment-id }} issue-number: ${{ needs.get_info.outputs.PR_NUMBER }} @@ -248,7 +248,7 @@ jobs: uses: ./.github/actions/setup-sqlc - name: GHCR Login - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: registry: ghcr.io username: ${{ github.actor }} @@ -491,7 +491,7 @@ jobs: PASSWORD: ${{ steps.setup_deployment.outputs.password }} - name: Find Comment - uses: peter-evans/find-comment@3eae4d37986fb5a8592848f6a574fdf654e61f9e # v3.1.0 + uses: peter-evans/find-comment@b30e6a3c0ed37e7c023ccd3f1db5c6c0b0c23aad # v4.0.0 id: fc with: issue-number: ${{ env.PR_NUMBER }} @@ -500,7 +500,7 @@ jobs: direction: last - name: Comment on PR - uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0 + uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0 env: STATUS: ${{ needs.get_info.outputs.NEW == 'true' && 'Created' || 'Updated' }} with: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index cdd2ae96ff..a91b9b8c65 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -239,7 +239,7 @@ jobs: cat "$CODER_RELEASE_NOTES_FILE" - name: Docker Login - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: registry: ghcr.io username: ${{ github.actor }} @@ -785,7 +785,7 @@ jobs: - name: Send repository-dispatch event if: ${{ !inputs.dry_run }} - uses: peter-evans/repository-dispatch@ff45666b9427631e3450c54a1bcbee4d9ff4d7c0 # v3.0.0 + uses: peter-evans/repository-dispatch@5fc4efd1a4797ddb68ffd0714a238564e4cc0e6f # v4.0.0 with: token: ${{ secrets.CDRCI_GITHUB_TOKEN }} repository: coder/packages diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index ba366fb724..279556bce6 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -30,7 +30,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2 + uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3 with: results_file: results.sarif results_format: sarif @@ -47,6 +47,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@192325c86100d080feab897ff886c34abd4c83a3 # v3.29.5 + uses: github/codeql-action/upload-sarif@16140ae1a102900babc80a33c44059580f687047 # v3.29.5 with: sarif_file: results.sarif diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml index c9debc6c87..927d7a1611 100644 --- a/.github/workflows/security.yaml +++ b/.github/workflows/security.yaml @@ -40,7 +40,7 @@ jobs: uses: ./.github/actions/setup-go - name: Initialize CodeQL - uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3.29.5 + uses: github/codeql-action/init@16140ae1a102900babc80a33c44059580f687047 # v3.29.5 with: languages: go, javascript @@ -50,7 +50,7 @@ jobs: rm Makefile - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3.29.5 + uses: github/codeql-action/analyze@16140ae1a102900babc80a33c44059580f687047 # v3.29.5 - name: Send Slack notification on failure if: ${{ failure() }} @@ -154,7 +154,7 @@ jobs: severity: "CRITICAL,HIGH" - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@192325c86100d080feab897ff886c34abd4c83a3 # v3.29.5 + uses: github/codeql-action/upload-sarif@16140ae1a102900babc80a33c44059580f687047 # v3.29.5 with: sarif_file: trivy-results.sarif category: "Trivy" diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml index 15b3996ab6..e7555523dd 100644 --- a/.github/workflows/stale.yaml +++ b/.github/workflows/stale.yaml @@ -23,7 +23,7 @@ jobs: egress-policy: audit - name: stale - uses: actions/stale@3a9db7e6a41a89f618792c92c0e97cc736e1b13f # v10.0.0 + uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 # v10.1.0 with: stale-issue-label: "stale" stale-pr-label: "stale" diff --git a/.github/workflows/traiage.yaml b/.github/workflows/traiage.yaml index 369743d864..8560af091d 100644 --- a/.github/workflows/traiage.yaml +++ b/.github/workflows/traiage.yaml @@ -168,7 +168,7 @@ jobs: echo "coder_username=${coder_username}" >> "${GITHUB_OUTPUT}" - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false fetch-depth: 0 diff --git a/.github/workflows/weekly-docs.yaml b/.github/workflows/weekly-docs.yaml index 85e5ce58e0..a7ae448902 100644 --- a/.github/workflows/weekly-docs.yaml +++ b/.github/workflows/weekly-docs.yaml @@ -31,7 +31,7 @@ jobs: persist-credentials: false - name: Check Markdown links - uses: umbrelladocs/action-linkspector@874d01cae9fd488e3077b08952093235bd626977 # v1.3.7 + uses: umbrelladocs/action-linkspector@652f85bc57bb1e7d4327260decc10aa68f7694c3 # v1.4.0 id: markdown-link-check # checks all markdown files from /docs including all subfolders with: diff --git a/coderd/rbac/authz.go b/coderd/rbac/authz.go index a231419292..2f39cf32a7 100644 --- a/coderd/rbac/authz.go +++ b/coderd/rbac/authz.go @@ -711,7 +711,7 @@ func (a *authorizedSQLFilter) SQLString() string { type authCache struct { // cache is a cache of hashed Authorize inputs to the result of the Authorize // call. - // determistic function. + // deterministic function. cache *tlru.Cache[[32]byte, error] authz Authorizer diff --git a/docs/install/cli.md b/docs/install/cli.md index bb70d89c6a..38e7d2ede9 100644 --- a/docs/install/cli.md +++ b/docs/install/cli.md @@ -64,7 +64,7 @@ Every Coder server hosts CLI binaries for all supported platforms. You can run a script to download the appropriate CLI for your machine from your Coder deployment. -![Install Coder binary from your deplyment](../images/install/install_from_deployment.png) +![Install Coder binary from your deployment](../images/install/install_from_deployment.png) This script works within air-gapped deployments and ensures that the version of the CLI you have installed on your machine matches the version of the server.