chore(deps): update github actions monthly minor/patch

renovate[bot] · web-flow · commit dbaaefcb4aaf · 2025-06-01T02:34:37.000Z
diff --git a/.github/workflows/athenapdf-service-image.yaml b/.github/workflows/athenapdf-service-image.yaml
@@ -106,7 +106,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
       -
         name: Build and push
-        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
         id: build-and-push
         with:
           context: athenapdf-service
@@ -126,7 +126,7 @@ jobs:
           subject-digest: ${{steps.build-and-push.outputs.digest}}
           subject-name: ghcr.io/${{ github.repository_owner }}/athenapdf-service
           push-to-registry: true
-      - uses: anchore/sbom-action@9f7302141466aa6482940f15371237e9d9f4c34a # v0.19.0
+      - uses: anchore/sbom-action@e11c554f704a0b820cbf8c51673f6945e0731532 # v0.20.0
         if: startsWith(github.ref, 'refs/tags/')
         with:
           image: ghcr.io/${{ github.repository_owner }}/athenapdf-service@${{steps.build-and-push.outputs.digest}}
diff --git a/.github/workflows/database-tools-image.yaml b/.github/workflows/database-tools-image.yaml
@@ -105,7 +105,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
       -
         name: Build and push
-        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
         id: build-and-push
         with:
           context: database-tools
@@ -125,7 +125,7 @@ jobs:
           subject-digest: ${{steps.build-and-push.outputs.digest}}
           subject-name: ghcr.io/${{ github.repository_owner }}/database-tools
           push-to-registry: true
-      - uses: anchore/sbom-action@9f7302141466aa6482940f15371237e9d9f4c34a # v0.19.0
+      - uses: anchore/sbom-action@e11c554f704a0b820cbf8c51673f6945e0731532 # v0.20.0
         if: startsWith(github.ref, 'refs/tags/')
         with:
           image: ghcr.io/${{ github.repository_owner }}/database-tools@${{steps.build-and-push.outputs.digest}}
diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml
@@ -12,7 +12,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-    - uses: actions/dependency-review-action@ce3cf9537a52e8119d91fd484ab5b8a807627bf8 # v4.6.0
+    - uses: actions/dependency-review-action@da24556b548a50705dd671f47852072ea4c105d9 # v4.7.1
       with:
         config-file: .github/dependency-review-config.yaml
         comment-summary-in-pr: always
diff --git a/.github/workflows/docker-host-image.yaml b/.github/workflows/docker-host-image.yaml
@@ -105,7 +105,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
       -
         name: Build and push
-        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
         id: build-and-push
         with:
           context: docker-host
@@ -125,7 +125,7 @@ jobs:
           subject-digest: ${{steps.build-and-push.outputs.digest}}
           subject-name: ghcr.io/${{ github.repository_owner }}/docker-host
           push-to-registry: true
-      - uses: anchore/sbom-action@9f7302141466aa6482940f15371237e9d9f4c34a # v0.19.0
+      - uses: anchore/sbom-action@e11c554f704a0b820cbf8c51673f6945e0731532 # v0.20.0
         if: startsWith(github.ref, 'refs/tags/')
         with:
           image: ghcr.io/${{ github.repository_owner }}/docker-host@${{steps.build-and-push.outputs.digest}}
diff --git a/.github/workflows/drush-alias-image.yaml b/.github/workflows/drush-alias-image.yaml
@@ -105,7 +105,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
       -
         name: Build and push
-        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
         id: build-and-push
         with:
           context: drush-alias
@@ -125,7 +125,7 @@ jobs:
           subject-digest: ${{steps.build-and-push.outputs.digest}}
           subject-name: ghcr.io/${{ github.repository_owner }}/drush-alias
           push-to-registry: true
-      - uses: anchore/sbom-action@9f7302141466aa6482940f15371237e9d9f4c34a # v0.19.0
+      - uses: anchore/sbom-action@e11c554f704a0b820cbf8c51673f6945e0731532 # v0.20.0
         if: startsWith(github.ref, 'refs/tags/')
         with:
           image: ghcr.io/${{ github.repository_owner }}/drush-alias@${{steps.build-and-push.outputs.digest}}
diff --git a/.github/workflows/insights-scanner-image.yaml b/.github/workflows/insights-scanner-image.yaml
@@ -105,7 +105,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
       -
         name: Build and push
-        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
         id: build-and-push
         with:
           context: insights-scanner
@@ -125,7 +125,7 @@ jobs:
           subject-digest: ${{steps.build-and-push.outputs.digest}}
           subject-name: ghcr.io/${{ github.repository_owner }}/insights-scanner
           push-to-registry: true
-      - uses: anchore/sbom-action@9f7302141466aa6482940f15371237e9d9f4c34a # v0.19.0
+      - uses: anchore/sbom-action@e11c554f704a0b820cbf8c51673f6945e0731532 # v0.20.0
         if: startsWith(github.ref, 'refs/tags/')
         with:
           image: ghcr.io/${{ github.repository_owner }}/insights-scanner@${{steps.build-and-push.outputs.digest}}
diff --git a/.github/workflows/insights-trivy-image.yaml b/.github/workflows/insights-trivy-image.yaml
@@ -112,7 +112,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
       -
         name: Build and push
-        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
         id: build-and-push
         with:
           context: insights-trivy
@@ -132,7 +132,7 @@ jobs:
           subject-digest: ${{steps.build-and-push.outputs.digest}}
           subject-name: ghcr.io/${{ github.repository_owner }}/insights-trivy
           push-to-registry: true
-      - uses: anchore/sbom-action@9f7302141466aa6482940f15371237e9d9f4c34a # v0.19.0
+      - uses: anchore/sbom-action@e11c554f704a0b820cbf8c51673f6945e0731532 # v0.20.0
         if: startsWith(github.ref, 'refs/tags/')
         with:
           image: ghcr.io/${{ github.repository_owner }}/insights-trivy@${{steps.build-and-push.outputs.digest}}
diff --git a/.github/workflows/logs-concentrator-image.yaml b/.github/workflows/logs-concentrator-image.yaml
@@ -105,7 +105,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
       -
         name: Build and push
-        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
         id: build-and-push
         with:
           context: logs-concentrator
@@ -125,7 +125,7 @@ jobs:
           subject-digest: ${{steps.build-and-push.outputs.digest}}
           subject-name: ghcr.io/${{ github.repository_owner }}/logs-concentrator
           push-to-registry: true
-      - uses: anchore/sbom-action@9f7302141466aa6482940f15371237e9d9f4c34a # v0.19.0
+      - uses: anchore/sbom-action@e11c554f704a0b820cbf8c51673f6945e0731532 # v0.20.0
         if: startsWith(github.ref, 'refs/tags/')
         with:
           image: ghcr.io/${{ github.repository_owner }}/logs-concentrator@${{steps.build-and-push.outputs.digest}}
diff --git a/.github/workflows/logs-dispatcher-image.yaml b/.github/workflows/logs-dispatcher-image.yaml
@@ -105,7 +105,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
       -
         name: Build and push
-        uses: docker/build-push-action@14487ce63c7a62a4a324b0bfb37086795e31c6c1 # v6.16.0
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
         id: build-and-push
         with:
           context: logs-dispatcher
@@ -125,7 +125,7 @@ jobs:
           subject-digest: ${{steps.build-and-push.outputs.digest}}
           subject-name: ghcr.io/${{ github.repository_owner }}/logs-dispatcher
           push-to-registry: true
-      - uses: anchore/sbom-action@9f7302141466aa6482940f15371237e9d9f4c34a # v0.19.0
+      - uses: anchore/sbom-action@e11c554f704a0b820cbf8c51673f6945e0731532 # v0.20.0
         if: startsWith(github.ref, 'refs/tags/')
         with:
           image: ghcr.io/${{ github.repository_owner }}/logs-dispatcher@${{steps.build-and-push.outputs.digest}}
diff --git a/.github/workflows/ossf-analysis.yaml b/.github/workflows/ossf-analysis.yaml
@@ -16,7 +16,7 @@ jobs:
     steps:
     - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
     - name: Run analysis
-      uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
+      uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2
       with:
         results_file: results.sarif
         results_format: sarif
@@ -26,6 +26,6 @@ jobs:
         # of the value entered here.
         publish_results: true
     - name: Upload SARIF results to code scanning
-      uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16
+      uses: github/codeql-action/upload-sarif@ff0a06e83cb2de871e5a09832bc6a81e7276941f # v3.28.18
       with:
         sarif_file: results.sarif
