chore(deps): bump the development-dependencies group with 5 updates

dependabot[bot] · github-actions[bot] · commit adc6681363cf · 2025-11-14T02:04:28.000Z
Bumps the development-dependencies group with 5 updates: | Package | From | To | | --- | --- | --- | | [github/codeql-action](https://github.com/github/codeql-action) | `4.30.9` | `4.31.3` | | [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `8.0.0` | `9.0.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `5.0.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `5.0.0` | `6.0.0` | | [ctrf-io/github-test-reporter](https://github.com/ctrf-io/github-test-reporter) | `1.0.22` | `1.0.26` | Updates `github/codeql-action` from 4.30.9 to 4.31.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@16140ae...014f16e) Updates `golangci/golangci-lint-action` from 8.0.0 to 9.0.0 - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@4afd733...0a35821) Updates `actions/upload-artifact` from 4.6.2 to 5.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@ea165f8...330a01c) Updates `actions/download-artifact` from 5.0.0 to 6.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@634f93c...018cc2c) Updates `ctrf-io/github-test-reporter` from 1.0.22 to 1.0.26 - [Release notes](https://github.com/ctrf-io/github-test-reporter/releases) - [Commits](ctrf-io/github-test-reporter@646f98c...024bc4b) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.31.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: development-dependencies - dependency-name: golangci/golangci-lint-action dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: development-dependencies - dependency-name: actions/upload-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: development-dependencies - dependency-name: actions/download-artifact dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: development-dependencies - dependency-name: ctrf-io/github-test-reporter dependency-version: 1.0.26 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: development-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -33,9 +33,9 @@ jobs:
     -
       # Initializes the CodeQL tools for scanning.
       name: Initialize CodeQL
-      uses: github/codeql-action/init@16140ae1a102900babc80a33c44059580f687047 # v4.30.9
+      uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
       with:
         languages: ${{ matrix.language }}
     -
       name: Analyze ${{ matrix.language }}
-      uses: github/codeql-action/analyze@16140ae1a102900babc80a33c44059580f687047 # v4.30.9
+      uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
diff --git a/.github/workflows/go-test.yml b/.github/workflows/go-test.yml
@@ -26,7 +26,7 @@ jobs:
           cache: true
       -
         name: golangci-lint
-        uses: golangci/golangci-lint-action@4afd733a84b1f43292c63897423277bb7f4313a9 # v8.0.0
+        uses: golangci/golangci-lint-action@0a35821d5c230e903fcfe077583637dea1b27b47 # v9.0.0
         with:
           version: latest
           only-new-issues: true
@@ -73,7 +73,7 @@ jobs:
           ./...
       -
         name: Upload coverage artifacts
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
         with:
           # *.coverage.* pattern is automatically detected by codecov
           path: '**/*.coverage.*.out'
@@ -83,7 +83,7 @@ jobs:
         name: Upload test report artifacts
         # upload report even if test fail. BTW, this is when they are valuable.
         if: ${{ !cancelled() }}
-        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
         with:
           path: '**/unit.report.*.json'
           name: 'unit.report.${{ matrix.os }}-${{ matrix.go }}'
@@ -117,7 +117,7 @@ jobs:
           repository: ${{ github.event.pull_request.head.repo.full_name }}
       -
         name: Download coverage artifacts
-        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
+        uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
         with:
           run-id: "${{ github.run_id }}"
           pattern: "*.coverage.*"
@@ -153,7 +153,7 @@ jobs:
           cache: true
       -
         name: Download test report artifacts
-        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
+        uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
         with:
           run-id: "${{ github.run_id }}"
           pattern: "*.report.*"
@@ -238,7 +238,7 @@ jobs:
       # They also handle the storage of past test reports, so as to assess flaky tests.
       -
         name: Publish Test Summary Results
-        uses: ctrf-io/github-test-reporter@646f98cfc16c6f7a0e1f6100cabe2deb95dd2eef # v1.0.22
+        uses: ctrf-io/github-test-reporter@024bc4b64d997ca9da86833c6b9548c55c620e40 # v1.0.26
         with:
           report-path: 'reports/ctrf_report_*.json'
           use-suite-name: true
diff --git a/.github/workflows/scanner.yml b/.github/workflows/scanner.yml
@@ -41,7 +41,7 @@ jobs:
           exit-code: 0
       -
         name: Upload trivy findings to code scanning dashboard
-        uses: github/codeql-action/upload-sarif@16140ae1a102900babc80a33c44059580f687047 # v4.30.9
+        uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
         with:
           category: trivy
           sarif_file: trivy-code-report.sarif

Original file line number	Diff line number	Diff line change
`@@ -33,9 +33,9 @@ jobs:`
`33`	`33`	`-`
`34`	`34`	`# Initializes the CodeQL tools for scanning.`
`35`	`35`	`name: Initialize CodeQL`
`36`		`- uses: github/codeql-action/init@16140ae1a102900babc80a33c44059580f687047 # v4.30.9`
	`36`	`+ uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3`
`37`	`37`	`with:`
`38`	`38`	`languages: ${{ matrix.language }}`
`39`	`39`	`-`
`40`	`40`	`name: Analyze ${{ matrix.language }}`
`41`		`- uses: github/codeql-action/analyze@16140ae1a102900babc80a33c44059580f687047 # v4.30.9`
	`41`	`+ uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3`
Original file line number	Diff line number	Diff line change
`@@ -41,7 +41,7 @@ jobs:`
`41`	`41`	`exit-code: 0`
`42`	`42`	`-`
`43`	`43`	`name: Upload trivy findings to code scanning dashboard`
`44`		`- uses: github/codeql-action/upload-sarif@16140ae1a102900babc80a33c44059580f687047 # v4.30.9`
	`44`	`+ uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3`
`45`	`45`	`with:`
`46`	`46`	`category: trivy`
`47`	`47`	`sarif_file: trivy-code-report.sarif`