From 6d281b40d2793dc8ceb7b6027bc60f1e6a2c09f7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 May 2026 17:21:24 +0000 Subject: [PATCH] chore(deps): bump the actions group across 1 directory with 4 updates Bumps the actions group with 4 updates in the / directory: [rharkor/caching-for-turbo](https://github.com/rharkor/caching-for-turbo), [github/codeql-action](https://github.com/github/codeql-action), [pnpm/action-setup](https://github.com/pnpm/action-setup) and [actions/github-script](https://github.com/actions/github-script). Updates `rharkor/caching-for-turbo` from 2.3.11 to 2.3.14 - [Release notes](https://github.com/rharkor/caching-for-turbo/releases) - [Commits](https://github.com/rharkor/caching-for-turbo/compare/v2.3.11...v2.3.14) Updates `github/codeql-action` from 3 to 4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3...v4) Updates `pnpm/action-setup` from 5 to 6 - [Release notes](https://github.com/pnpm/action-setup/releases) - [Commits](https://github.com/pnpm/action-setup/compare/v5...v6) Updates `actions/github-script` from 8 to 9 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v8...v9) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: '9' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: pnpm/action-setup dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: rharkor/caching-for-turbo dependency-version: 2.3.14 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/binary-preview.yaml | 2 +- .github/workflows/binary-release.yaml | 2 +- .github/workflows/build-native-macos.yaml | 2 +- .github/workflows/codeql.yaml | 16 ++++++++-------- .github/workflows/framework-tests.yaml | 4 ++-- .github/workflows/notarize-native-macos.yaml | 2 +- .github/workflows/pr-labeler.yaml | 2 +- .github/workflows/release.yaml | 2 +- .github/workflows/smoke-test.yaml | 4 ++-- .github/workflows/test.yaml | 4 ++-- 10 files changed, 20 insertions(+), 20 deletions(-) diff --git a/.github/workflows/binary-preview.yaml b/.github/workflows/binary-preview.yaml index ea4d23f9..a40badac 100644 --- a/.github/workflows/binary-preview.yaml +++ b/.github/workflows/binary-preview.yaml @@ -58,7 +58,7 @@ jobs: - name: Install node deps run: bun install - name: Enable turborepo build cache - uses: rharkor/caching-for-turbo@v2.3.11 + uses: rharkor/caching-for-turbo@v2.3.14 # Download macOS native binary - name: Download macOS native binary diff --git a/.github/workflows/binary-release.yaml b/.github/workflows/binary-release.yaml index 200e15dc..98d21df2 100644 --- a/.github/workflows/binary-release.yaml +++ b/.github/workflows/binary-release.yaml @@ -86,7 +86,7 @@ jobs: - name: Install node deps run: bun install - name: Enable turborepo build cache - uses: rharkor/caching-for-turbo@v2.3.11 + uses: rharkor/caching-for-turbo@v2.3.14 # ------------------------------------------------------------ - name: get version from release tag diff --git a/.github/workflows/build-native-macos.yaml b/.github/workflows/build-native-macos.yaml index 934bb166..e473cb5c 100644 --- a/.github/workflows/build-native-macos.yaml +++ b/.github/workflows/build-native-macos.yaml @@ -47,7 +47,7 @@ jobs: run: bun install - name: Enable turborepo build cache - uses: rharkor/caching-for-turbo@v2.3.11 + uses: rharkor/caching-for-turbo@v2.3.14 # Cache the Swift .build directory so compilation is fast on unchanged source - name: Compute Swift source hash diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 256e2c1c..9f129ed8 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -63,12 +63,12 @@ jobs: steps: - uses: actions/checkout@v6 - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: javascript-typescript config-file: ./.github/codeql/codeql-config.yml - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: category: javascript-typescript @@ -80,12 +80,12 @@ jobs: steps: - uses: actions/checkout@v6 - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: actions config-file: ./.github/codeql/codeql-config.yml - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: category: actions @@ -97,7 +97,7 @@ jobs: steps: - uses: actions/checkout@v6 - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: swift config-file: ./.github/codeql/codeql-config.yml @@ -106,7 +106,7 @@ jobs: cd packages/encryption-binary-swift/swift swift build - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: category: swift @@ -118,11 +118,11 @@ jobs: steps: - uses: actions/checkout@v6 - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: rust config-file: ./.github/codeql/codeql-config.yml - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: category: rust diff --git a/.github/workflows/framework-tests.yaml b/.github/workflows/framework-tests.yaml index b059d53a..a267ed2f 100644 --- a/.github/workflows/framework-tests.yaml +++ b/.github/workflows/framework-tests.yaml @@ -58,7 +58,7 @@ jobs: run: bun install - name: Enable turborepo build cache - uses: rharkor/caching-for-turbo@v2.3.11 + uses: rharkor/caching-for-turbo@v2.3.14 - name: Build libraries run: bun run build:libs @@ -93,7 +93,7 @@ jobs: node-version: '24.x' - name: Setup pnpm - uses: pnpm/action-setup@v5 + uses: pnpm/action-setup@v6 with: version: 10 diff --git a/.github/workflows/notarize-native-macos.yaml b/.github/workflows/notarize-native-macos.yaml index 8169a7c2..4e956fd0 100644 --- a/.github/workflows/notarize-native-macos.yaml +++ b/.github/workflows/notarize-native-macos.yaml @@ -37,7 +37,7 @@ jobs: run: bun install - name: Enable turborepo build cache - uses: rharkor/caching-for-turbo@v2.3.11 + uses: rharkor/caching-for-turbo@v2.3.14 - name: Build varlock libs run: bun run build:libs diff --git a/.github/workflows/pr-labeler.yaml b/.github/workflows/pr-labeler.yaml index e0893f9e..4ee610d6 100644 --- a/.github/workflows/pr-labeler.yaml +++ b/.github/workflows/pr-labeler.yaml @@ -18,7 +18,7 @@ jobs: pull-requests: write steps: - name: Label PR based on maintainer status - uses: actions/github-script@v8 + uses: actions/github-script@v9 with: script: | const MAINTAINERS = 'theoephraim philmillman'.split(' '); diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index c97bba52..1847f4d4 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -85,7 +85,7 @@ jobs: - name: Install node deps run: bun install - name: Enable turborepo build cache - uses: rharkor/caching-for-turbo@v2.3.11 + uses: rharkor/caching-for-turbo@v2.3.14 # Ensure npm 11.5.1 or later is installed (for trusted publishing) - name: Update npm diff --git a/.github/workflows/smoke-test.yaml b/.github/workflows/smoke-test.yaml index a7c3e427..fde4266a 100644 --- a/.github/workflows/smoke-test.yaml +++ b/.github/workflows/smoke-test.yaml @@ -56,7 +56,7 @@ jobs: run: bun install - name: Enable turborepo build cache - uses: rharkor/caching-for-turbo@v2.3.11 + uses: rharkor/caching-for-turbo@v2.3.14 - name: Build varlock and integrations run: bun run build:libs @@ -142,7 +142,7 @@ jobs: node-version: ${{ matrix.node-version }} - name: Setup pnpm - uses: pnpm/action-setup@v5 + uses: pnpm/action-setup@v6 with: version: 10 diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml index 3da2d693..dc73b8c9 100644 --- a/.github/workflows/test.yaml +++ b/.github/workflows/test.yaml @@ -33,7 +33,7 @@ jobs: - name: Install js deps (w/ bun) run: bun install - name: Enable turborepo build cache - uses: rharkor/caching-for-turbo@v2.3.11 + uses: rharkor/caching-for-turbo@v2.3.14 # ------------------------------------------------------------ - name: Bumpy release plan check @@ -174,7 +174,7 @@ jobs: - name: Install node deps run: bun install - name: Enable turborepo build cache - uses: rharkor/caching-for-turbo@v2.3.11 + uses: rharkor/caching-for-turbo@v2.3.14 # Get signed macOS .app if varlock is being released # If the macOS build ran this run, download the artifact directly