From a25d2b1fa4ae2a5183a46ae2bed387e61f959d12 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 8 Jan 2026 22:54:17 +0000 Subject: [PATCH] Bump the all-actions group across 1 directory with 10 updates Bumps the all-actions group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4` | `6` | | [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) | `6` | `12` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `6` | | [peter-evans/repository-dispatch](https://github.com/peter-evans/repository-dispatch) | `3` | `4` | | [actions/cache](https://github.com/actions/cache) | `4` | `5` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4` | `7` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.0` | `2.4.3` | | [github/codeql-action](https://github.com/github/codeql-action) | `3` | `4` | | [actions/setup-python](https://github.com/actions/setup-python) | `5` | `6` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `6` | `8` | Updates `actions/checkout` from 4 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v4...v6) Updates `dawidd6/action-download-artifact` from 6 to 12 - [Release notes](https://github.com/dawidd6/action-download-artifact/releases) - [Commits](https://github.com/dawidd6/action-download-artifact/compare/v6...v12) Updates `actions/upload-artifact` from 4 to 6 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v6) Updates `peter-evans/repository-dispatch` from 3 to 4 - [Release notes](https://github.com/peter-evans/repository-dispatch/releases) - [Commits](https://github.com/peter-evans/repository-dispatch/compare/v3...v4) Updates `actions/cache` from 4 to 5 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4...v5) Updates `actions/download-artifact` from 4 to 7 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v4...v7) Updates `ossf/scorecard-action` from 2.4.0 to 2.4.3 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/v2.4.0...v2.4.3) Updates `github/codeql-action` from 3 to 4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/v3...v4) Updates `actions/setup-python` from 5 to 6 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v5...v6) Updates `peter-evans/create-pull-request` from 6 to 8 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](https://github.com/peter-evans/create-pull-request/compare/v6...v8) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: dawidd6/action-download-artifact dependency-version: '12' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: peter-evans/repository-dispatch dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: actions/cache dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: actions/download-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: ossf/scorecard-action dependency-version: 2.4.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-actions - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: peter-evans/create-pull-request dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/PR.yaml | 2 +- .github/workflows/Push.yaml | 2 +- .github/workflows/publishRelease.yaml | 18 +++++++++--------- .github/workflows/releasepr.yaml | 2 +- .github/workflows/reuseable_test.yaml | 14 +++++++------- .github/workflows/scorecard.yml | 8 ++++---- .github/workflows/tag.yaml | 8 ++++---- 7 files changed, 27 insertions(+), 27 deletions(-) diff --git a/.github/workflows/PR.yaml b/.github/workflows/PR.yaml index afae5635c..cfcde6f55 100644 --- a/.github/workflows/PR.yaml +++ b/.github/workflows/PR.yaml @@ -25,7 +25,7 @@ jobs: testsNeeded: ${{ steps.testsNeeded.outputs.testsNeeded }} steps: - name: checkout source code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: setup id: setup uses: hyperledger-indy/indy-shared-gha/.github/actions/workflow-setup@v2.0.3 diff --git a/.github/workflows/Push.yaml b/.github/workflows/Push.yaml index c82284cfa..07feb781d 100644 --- a/.github/workflows/Push.yaml +++ b/.github/workflows/Push.yaml @@ -25,7 +25,7 @@ jobs: publish: ${{ steps.setup.outputs.publish }} steps: - name: checkout source code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: setup id: setup uses: hyperledger-indy/indy-shared-gha/.github/actions/workflow-setup@v2.0.3 diff --git a/.github/workflows/publishRelease.yaml b/.github/workflows/publishRelease.yaml index 1fbf462ec..3ea21d74e 100644 --- a/.github/workflows/publishRelease.yaml +++ b/.github/workflows/publishRelease.yaml @@ -31,7 +31,7 @@ jobs: publish: ${{ steps.workflow-setup.outputs.publish }} steps: - name: checkout source code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: get-release-info id: get-release-info uses: hyperledger-indy/indy-shared-gha/.github/actions/get-release-info@v2.0.3 @@ -48,10 +48,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Download Plenum deb Artifacts from Github Action Artifacts - uses: dawidd6/action-download-artifact@v6 + uses: dawidd6/action-download-artifact@v12 with: github_token: ${{ secrets.GITHUB_TOKEN }} workflow: releasepr.yaml @@ -59,7 +59,7 @@ jobs: name: plenum-deb path: artifacts/plenum-deb - name: Download Plenum python Artifacts from Github Action Artifacts - uses: dawidd6/action-download-artifact@v6 + uses: dawidd6/action-download-artifact@v12 with: github_token: ${{ secrets.GITHUB_TOKEN }} workflow: releasepr.yaml @@ -67,24 +67,24 @@ jobs: name: plenum-python path: artifacts/plenum-python - name: Download Plenum third party dependency Artifacts from Github Action Artifacts - uses: dawidd6/action-download-artifact@v6 + uses: dawidd6/action-download-artifact@v12 with: github_token: ${{ secrets.GITHUB_TOKEN }} workflow: releasepr.yaml workflow_conclusion: success name: third-party-dependencies path: artifacts/third-party-dependencies - - uses: actions/upload-artifact@v4 + - uses: actions/upload-artifact@v6 with: name: third-party-dependencies path: artifacts/third-party-dependencies retention-days: 5 - - uses: actions/upload-artifact@v4 + - uses: actions/upload-artifact@v6 with: name: plenum-deb path: artifacts/plenum-deb retention-days: 5 - - uses: actions/upload-artifact@v4 + - uses: actions/upload-artifact@v6 with: name: plenum-python path: artifacts/plenum-python @@ -133,7 +133,7 @@ jobs: needs: [release-infos, publish_artifacts, convertPyVersion] steps: - name: Repository Dispatch - uses: peter-evans/repository-dispatch@v3 + uses: peter-evans/repository-dispatch@v4 with: token: ${{ secrets.BOT_PR_PAT }} repository: hyperledger-indy/indy-node diff --git a/.github/workflows/releasepr.yaml b/.github/workflows/releasepr.yaml index 035d96cce..95323c6ad 100644 --- a/.github/workflows/releasepr.yaml +++ b/.github/workflows/releasepr.yaml @@ -23,7 +23,7 @@ jobs: distribution: ${{ steps.workflow-setup.outputs.distribution }} steps: - name: checkout source code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: get-release-info id: get-release-info uses: hyperledger-indy/indy-shared-gha/.github/actions/get-release-info@v2.0.3 diff --git a/.github/workflows/reuseable_test.yaml b/.github/workflows/reuseable_test.yaml index 485de6a82..ef5ca4863 100644 --- a/.github/workflows/reuseable_test.yaml +++ b/.github/workflows/reuseable_test.yaml @@ -32,10 +32,10 @@ jobs: fail-fast: false steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Cache pip - uses: actions/cache@v4 + uses: actions/cache@v5 with: # pip cache on the plenum-build image is not in the default location. # path: ~/.cache/pip @@ -45,7 +45,7 @@ jobs: ${{ runner.os }}-pip- - name: Download plenum deb build - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v7 with: name: plenum-deb @@ -77,7 +77,7 @@ jobs: - name: Upload Detailed Test Failure Results # The test runner only emits the detailed test results if the tests fail. if: (steps.plenum-test.outcome == 'failure') && failure() - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v6 with: name: detailed-test-result-slice-${{ matrix.slice }} path: test-result-plenum-${{ matrix.slice }}.txt @@ -97,10 +97,10 @@ jobs: fail-fast: false steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Cache pip - uses: actions/cache@v4 + uses: actions/cache@v5 with: # pip cache on the plenum-build image is not in the default location. # path: ~/.cache/pip @@ -110,7 +110,7 @@ jobs: ${{ runner.os }}-pip- - name: Download plenum deb build - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v7 with: name: plenum-deb diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index b26a238f5..0365c8bd7 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -35,12 +35,12 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@v4 # was v4.1.1 - b4ffde65f46336ab88eb53be808477a3936bae11 + uses: actions/checkout@v6 # was v4.1.1 - b4ffde65f46336ab88eb53be808477a3936bae11 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@v2.4.0 # was v2.3.1 - 0864cf19026789058feabb7e87baa5f140aac736 + uses: ossf/scorecard-action@v2.4.3 # was v2.3.1 - 0864cf19026789058feabb7e87baa5f140aac736 with: results_file: results.sarif results_format: sarif @@ -62,7 +62,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@v4 # was v3.pre.node20 97a0fba1372883ab732affbe8f94b823f91727db + uses: actions/upload-artifact@v6 # was v3.pre.node20 97a0fba1372883ab732affbe8f94b823f91727db with: name: SARIF file path: results.sarif @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@v3 # was v3.24.9 - 1b1aada464948af03b950897e5eb522f92603cc2 + uses: github/codeql-action/upload-sarif@v4 # was v3.24.9 - 1b1aada464948af03b950897e5eb522f92603cc2 with: sarif_file: results.sarif diff --git a/.github/workflows/tag.yaml b/.github/workflows/tag.yaml index 238cc0a87..a13b512c8 100644 --- a/.github/workflows/tag.yaml +++ b/.github/workflows/tag.yaml @@ -16,7 +16,7 @@ jobs: BASE: ${{ steps.get-branch.outputs.branch }} steps: - name: checkout source code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 - name: extract branch @@ -36,9 +36,9 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Check out code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: '3.8' - name: Install deps for version change @@ -53,7 +53,7 @@ jobs: ./bump_version.sh ${{ needs.taginfos.outputs.VERSION }} - name: Create Pull Request - uses: peter-evans/create-pull-request@v6 + uses: peter-evans/create-pull-request@v8 with: author: ${{ github.actor }} <${{ github.event.pusher.email }}> committer: ${{ github.actor }} <${{ github.event.pusher.email }}>