Bump the action-packages group across 1 directory with 3 updates

Bumps the action-packages group with 3 updates in the / directory: [mikefarah/yq](https://github.com/mikefarah/yq), [ossf/scorecard-action](https://github.com/ossf/scorecard-action) and [actions/upload-artifact](https://github.com/actions/upload-artifact). Updates `mikefarah/yq` from 4.44.6 to 4.45.1 - [Release notes](https://github.com/mikefarah/yq/releases) - [Changelog](https://github.com/mikefarah/yq/blob/master/release_notes.txt) - [Commits](mikefarah/yq@v4.44.6...v4.45.1) Updates `ossf/scorecard-action` from 2.4.0 to 2.4.1 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@62b2cac...f49aabe) Updates `actions/upload-artifact` from 4.5.0 to 4.6.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@6f51ac0...4cec3d8) --- updated-dependencies: - dependency-name: mikefarah/yq dependency-type: direct:production update-type: version-update:semver-minor dependency-group: action-packages - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: action-packages - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: action-packages ... Signed-off-by: dependabot[bot] <[email protected]>
fiaisis · Mar 3, 2025 · 505052c · 505052c
1 parent 8300fa3
commit 505052c
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/.github/workflows/build-push-action.yml b/.github/workflows/build-push-action.yml
@@ -51,12 +51,12 @@ jobs:
           token: ${{ secrets.GITOPS_STAGING_EDIT_TOKEN }}
 
       - name: Edit the YAML frontend file for staging
-        uses: mikefarah/yq@v4.44.6
+        uses: mikefarah/yq@v4.45.1
         with:
           cmd: yq e -i '.spec.template.spec.containers[] |= select(.name == "frontend").image = "ghcr.io/fiaisis/frontend@${{ steps.frontend_build.outputs.digest }}"' './components/frontend/envs/staging/frontend.yml'
 
       # - name: Edit the YAML scigateway file for staging
-      #   uses: mikefarah/yq@v4.44.6
+      #   uses: mikefarah/yq@v4.45.1
       #   with:
       #     cmd: yq e -i '.spec.template.spec.containers[] |= select(.name == "scigateway").image = "ghcr.io/fiaisis/scigateway@${{ steps.scigateway_build.outputs.digest }}"' './components/scigateway/envs/staging/scigateway.yml'
 

diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -25,14 +25,14 @@ jobs:
           persist-credentials: false
 
       - name: 'Run analysis'
-        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
+        uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
         with:
           results_file: results.sarif
           results_format: sarif
           publish_results: true
 
       - name: 'Upload artifact'
-        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
+        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
         with:
           name: SARIF file
           path: results.sarif