From de5233a1664efc66df6380961b89c803163e7df5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 9 Jul 2026 21:55:47 +0000 Subject: [PATCH] chore(deps): bump the github-actions group with 2 updates Bumps the github-actions group with 2 updates: [actions/setup-go](https://github.com/actions/setup-go) and [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance). Updates `actions/setup-go` from 6.4.0 to 6.5.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v6.4.0...v6.5.0) Updates `actions/attest-build-provenance` from 3 to 4 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](https://github.com/actions/attest-build-provenance/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 6.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/attest-build-provenance dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 4 ++-- .github/workflows/release.yml | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a1838a8..8125878 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -15,7 +15,7 @@ jobs: - uses: actions/checkout@v7.0.0 with: persist-credentials: false - - uses: actions/setup-go@v6.4.0 + - uses: actions/setup-go@v6.5.0 with: go-version-file: go.mod cache: true @@ -68,7 +68,7 @@ jobs: - uses: actions/checkout@v7.0.0 with: persist-credentials: false - - uses: actions/setup-go@v6.4.0 + - uses: actions/setup-go@v6.5.0 with: go-version-file: go.mod cache: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 86648a3..38a6585 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,7 +24,7 @@ jobs: printf '%s' "$TAG" | grep -Eq '^v[0-9]+\.[0-9]+\.[0-9]+$' git fetch --no-tags origin main git merge-base --is-ancestor "$GITHUB_SHA" origin/main - - uses: actions/setup-go@v6.4.0 + - uses: actions/setup-go@v6.5.0 with: go-version-file: go.mod cache: true @@ -53,7 +53,7 @@ jobs: - uses: actions/checkout@v7.0.0 with: persist-credentials: false - - uses: actions/setup-go@v6.4.0 + - uses: actions/setup-go@v6.5.0 with: go-version-file: go.mod cache: true @@ -106,7 +106,7 @@ jobs: cd dist sha256sum -- * > SHA256SUMS - name: Attest build provenance - uses: actions/attest-build-provenance@v3 + uses: actions/attest-build-provenance@v4 with: subject-path: dist/* - name: Publish GitHub release