Bump the actions group across 1 directory with 2 updates (#431)

Bumps the actions group with 2 updates in the / directory: [actions/checkout](https://github.com/actions/checkout) and [actions/upload-artifact](https://github.com/actions/upload-artifact). Updates `actions/checkout` from 4.1.2 to 4.1.3 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@9bb5618...1d96c77) Updates `actions/upload-artifact` from 4.3.1 to 4.3.2 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@5d5d22a...1746f4a) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
sigstore · Apr 22, 2024 · 4246a2b · 4246a2b
1 parent 01092b1
commit 4246a2b
Show file tree

Hide file tree

Showing 7 changed files with 8 additions and 8 deletions.
diff --git a/.github/workflows/github-sync-main-sigstore-conformance.yml b/.github/workflows/github-sync-main-sigstore-conformance.yml
@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+    - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
     - uses: sigstore/github-sync@main
       with:
         work_dir: ./github-sync

diff --git a/.github/workflows/github-sync-main-sigstore.yml b/.github/workflows/github-sync-main-sigstore.yml
@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-    - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+    - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
     - uses: sigstore/github-sync@main
       with:
         work_dir: ./github-sync

diff --git a/.github/workflows/github-sync-pr-sigstore-conformance.yml b/.github/workflows/github-sync-pr-sigstore-conformance.yml
@@ -21,7 +21,7 @@ jobs:
       pull-requests: write
 
     steps:
-    - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+    - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
       with:
         ref: ${{ github.event.pull_request.head.sha }}
 

diff --git a/.github/workflows/github-sync-pr-sigstore.yml b/.github/workflows/github-sync-pr-sigstore.yml
@@ -21,7 +21,7 @@ jobs:
       pull-requests: write
 
     steps:
-    - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+    - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
       with:
         ref: ${{ github.event.pull_request.head.sha }}
 

diff --git a/.github/workflows/reusable-dependency-review.yml b/.github/workflows/reusable-dependency-review.yml
@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 'Checkout Repository'
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
       - name: 'Dependency Review'
         uses: actions/dependency-review-action@5bbc3ba658137598168acb2ab73b21c432dd411b # v4.2.5
         with:

diff --git a/.github/workflows/reusable-release.yml b/.github/workflows/reusable-release.yml
@@ -46,7 +46,7 @@ jobs:
         run: exit 1
 
       - name: Checkout out repo
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
         with:
           path: ./src/github.com/sigstore/${{ inputs.repo }}
 

diff --git a/.github/workflows/reusable-scorecard.yml b/.github/workflows/reusable-scorecard.yml
@@ -33,7 +33,7 @@ jobs:
       # actions: read
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f # v4.1.3
         with:
           persist-credentials: false
 
@@ -60,7 +60,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+        uses: actions/upload-artifact@1746f4ab65b179e0ea60a494b83293b640dd5bba # v4.3.2
         with:
           name: SARIF file
           path: results.sarif