⬆️ (deps-ghaction): Bump the github-actions group across 1 directory with 17 updates #109

dependabot · 2025-11-03T13:13:40Z

Bumps the github-actions group with 17 updates in the / directory:

Package	From	To
step-security/harden-runner	`2.9.1`	`2.13.1`
actions/checkout	`4.1.7`	`5.0.0`
actions/setup-go	`5.0.2`	`6.0.0`
github/codeql-action	`3.26.2`	`4.31.2`
actions/dependency-review-action	`4.3.4`	`4.8.1`
reviewdog/action-tflint	`1.23.2`	`1.25.0`
reviewdog/action-trivy	`1.11.0`	`1.14.0`
reviewdog/action-golangci-lint	`2.6.2`	`2.8.0`
EPMatt/reviewdog-action-prettier	`1.2.0`	`1.3.0`
reviewdog/action-misspell	`1.23.0`	`1.27.0`
reviewdog/action-alex	`1.13.0`	`1.16.0`
reviewdog/action-markdownlint	`0.24.0`	`0.26.2`
reviewdog/action-actionlint	`1.54.0`	`1.68.0`
ossf/scorecard-action	`2.4.0`	`2.4.3`
actions/upload-artifact	`4.3.6`	`5.0.0`
webfactory/ssh-agent	`0.9.0`	`0.9.1`
aws-actions/configure-aws-credentials	`4.0.2`	`5.1.0`

Updates step-security/harden-runner from 2.9.1 to 2.13.1

Release notes

Sourced from step-security/harden-runner's releases.

v2.13.1

What's Changed

Graceful handling of HTTP errors: Improved error handling when fetching Harden Runner policies from the StepSecurity Policy Store API, ensuring more reliable execution even in case of temporary network/API issues.

Security updates for npm dependencies: Updated vulnerable npm package dependencies to the latest secure versions.

Faster enterprise agent downloads: The enterprise agent is now downloaded from GitHub Releases instead of packages.stepsecurity.io, improving download speed and reliability.

Full Changelog: step-security/harden-runner@v2.13.0...v2.13.1

v2.13.0

What's Changed

Improved job markdown summary

Https monitoring for all domains (included with the enterprise tier)

Full Changelog: step-security/harden-runner@v2...v2.13.0

v2.12.2

What's Changed

Added HTTPS Monitoring for additional destinations - *.githubusercontent.com Bug fixes:

Implicitly allow local multicast, local unicast and broadcast IP addresses in block mode

Increased policy map size for block mode

Full Changelog: step-security/harden-runner@v2...v2.12.2

v2.12.1

What's Changed

Detection capabilities have been upgraded to better recognize attempts at runner tampering. These improvements are informed by real-world incident learnings, including analysis of anomalous behaviors observed in the tj-actions and reviewdog supply chain attack.

Resolved an issue where the block policy was not enforced correctly when the GitHub Actions job was running inside a container on a self-hosted VM runner.

Full Changelog: step-security/harden-runner@v2...v2.12.1

v2.12.0

What's Changed

A new option, disable-sudo-and-containers, is now available to replace the disable-sudo policy, addressing Docker-based privilege escalation (CVE-2025-32955). More details can be found in this blog post.

New detections have been added based on insights from the tj-actions and reviewdog actions incidents.

Full Changelog: step-security/harden-runner@v2...v2.12.0

v2.11.1

What's Changed

cache: add support for GitHub Actions cache v2 by @h0x0er in step-security/harden-runner#529

Full Changelog: step-security/harden-runner@v2...v2.11.1

... (truncated)

Commits

f4a75cf Merge pull request #588 from step-security/rc-26
95503d0 ci: remove code-review workflow
4b250a0 ci: add job to confirm dist is as expected
5b0ab6a update dependencies
d11f2c1 fix bug where status code was not being preserved
b3fc98e improve error handling for policy store sceanrio
92fc5d4 update error message
b61b0a4 policy store improvements
e3d3f2b use GitHub release instead of packages
646ac01 update agent
Additional commits viewable in compare view

Updates actions/checkout from 4.1.7 to 5.0.0

Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

Prepare v5.0.0 release by @salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.0

What's Changed

docs: update README.md by @motss in actions/checkout#1971

Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977

Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043

Adjust positioning of user email note and permissions heading by @joshmgross in actions/checkout#2044

Update README.md by @nebuk89 in actions/checkout#2194

Update CODEOWNERS for actions by @TingluoHuang in actions/checkout#2224

Update package dependencies by @salmanmkc in actions/checkout#2236

Prepare release v4.3.0 by @salmanmkc in actions/checkout#2237

New Contributors

@motss made their first contribution in actions/checkout#1971

@mouismail made their first contribution in actions/checkout#1977

@benwells made their first contribution in actions/checkout#2043

@nebuk89 made their first contribution in actions/checkout#2194

@salmanmkc made their first contribution in actions/checkout#2236

Full Changelog: actions/checkout@v4...v4.3.0

v4.2.2

What's Changed

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

New Contributors

@Jcambass made their first contribution in actions/checkout#1919

Full Changelog: actions/checkout@v4.2.0...v4.2.1

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

V4.3.0

docs: update README.md by @motss in actions/checkout#1971

Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977

Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043

Adjust positioning of user email note and permissions heading by @joshmgross in actions/checkout#2044

Update README.md by @nebuk89 in actions/checkout#2194

Update CODEOWNERS for actions by @TingluoHuang in actions/checkout#2224

Update package dependencies by @salmanmkc in actions/checkout#2236

v4.2.2

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

v4.2.1

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

v4.2.0

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependency updates by @dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

v4.1.5

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

v4.1.4

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

v4.1.3

... (truncated)

Commits

08c6903 Prepare v5.0.0 release (#2238)
9f26565 Update actions checkout to use node 24 (#2226)
08eba0b Prepare release v4.3.0 (#2237)
631c7dc Update package dependencies (#2236)
8edcb1b Update CODEOWNERS for actions (#2224)
09d2aca Update README.md (#2194)
85e6279 Adjust positioning of user email note and permissions heading (#2044)
009b9ae Documentation update - add recommended permissions to Readme (#2043)
cbb7224 Update README.md (#1977)
3b9b8c8 docs: update README.md (#1971)
Additional commits viewable in compare view

Updates actions/setup-go from 5.0.2 to 6.0.0

Release notes

Sourced from actions/setup-go's releases.

v6.0.0

What's Changed

Breaking Changes

Improve toolchain handling to ensure more reliable and consistent toolchain selection and management by @matthewhughes934 in actions/setup-go#460

Upgrade Nodejs runtime from node20 to node 24 by @salmanmkc in actions/setup-go#624

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

Upgrade @types/jest from 29.5.12 to 29.5.14 by @dependabot[bot] in actions/setup-go#589

Upgrade @actions/tool-cache from 2.0.1 to 2.0.2 by @dependabot[bot] in actions/setup-go#591

Upgrade @typescript-eslint/parser from 8.31.1 to 8.35.1 by @dependabot[bot] in actions/setup-go#590

Upgrade undici from 5.28.5 to 5.29.0 by @dependabot[bot] in actions/setup-go#594

Upgrade typescript from 5.4.2 to 5.8.3 by @dependabot[bot] in actions/setup-go#538

Upgrade eslint-plugin-jest from 28.11.0 to 29.0.1 by @dependabot[bot] in actions/setup-go#603

Upgrade form-data to bring in fix for critical vulnerability by @matthewhughes934 in actions/setup-go#618

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-go#631

New Contributors

@matthewhughes934 made their first contribution in actions/setup-go#618

@salmanmkc made their first contribution in actions/setup-go#624

Full Changelog: actions/setup-go@v5...v6.0.0

v5.5.0

What's Changed

Bug fixes:

Update self-hosted environment validation by @priyagupta108 in actions/setup-go#556

Add manifest validation and improve error handling by @priyagupta108 in actions/setup-go#586

Update template link by @jsoref in actions/setup-go#527

Dependency updates:

Upgrade @action/cache from 4.0.2 to 4.0.3 by @aparnajyothi-y in actions/setup-go#574

Upgrade @actions/glob from 0.4.0 to 0.5.0 by @dependabot in actions/setup-go#573

Upgrade ts-jest from 29.1.2 to 29.3.2 by @dependabot in actions/setup-go#582

Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by @dependabot in actions/setup-go#537

New Contributors

@jsoref made their first contribution in actions/setup-go#527

Full Changelog: actions/setup-go@v5...v5.5.0

v5.4.0

What's Changed

Dependency updates :

Upgrade semver from 7.6.0 to 7.6.3 by @dependabot in actions/setup-go#535

Upgrade eslint-config-prettier from 8.10.0 to 10.0.1 by @dependabot in actions/setup-go#536

Upgrade @action/cache from 4.0.0 to 4.0.2 by @aparnajyothi-y in actions/setup-go#568

Upgrade undici from 5.28.4 to 5.28.5 by @dependabot in actions/setup-go#541

... (truncated)

Commits

4469467 Bump actions/checkout from 4 to 5 (#631)
e093d1e Node 24 upgrade (#624)
1d76b95 Improve toolchain handling (#460)
e75c3e8 Bump form-data to bring in fix for critical vulnerability (#618)
8e57b58 Bump eslint-plugin-jest from 28.11.0 to 29.0.1 (#603)
7c0b336 Bump typescript from 5.4.2 to 5.8.3 (#538)
6f26dcc Bump undici from 5.28.5 to 5.29.0 (#594)
8d4083a Bump @typescript-eslint/parser from 5.62.0 to 8.32.0 (#590)
fa96338 Bump @actions/tool-cache from 2.0.1 to 2.0.2 (#591)
4de67c0 Bump @types/jest from 29.5.12 to 29.5.14 (#589)
Additional commits viewable in compare view

Updates github/codeql-action from 3.26.2 to 4.31.2

Release notes

Sourced from github/codeql-action's releases.

v4.31.2

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.2 - 30 Oct 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v4.31.1

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.1 - 30 Oct 2025

The add-snippets input has been removed from the analyze action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.

See the full CHANGELOG.md for more information.

v4.31.0

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.0 - 24 Oct 2025

Bump minimum CodeQL bundle version to 2.17.6. #3223

When SARIF files are uploaded by the analyze or upload-sarif actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the upload-sarif action. For analyze, this may affect Advanced Setup for CodeQL users who specify a value other than always for the upload input. #3222

See the full CHANGELOG.md for more information.

v4.30.9

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.30.9 - 17 Oct 2025

Update default CodeQL bundle version to 2.23.3. #3205

Experimental: A new setup-codeql action has been added which is similar to init, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. #3204

See the full CHANGELOG.md for more information.

v4.30.8

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

4.31.2 - 30 Oct 2025

No user facing changes.

4.31.1 - 30 Oct 2025

The add-snippets input has been removed from the analyze action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.

4.31.0 - 24 Oct 2025

Bump minimum CodeQL bundle version to 2.17.6. #3223

When SARIF files are uploaded by the analyze or upload-sarif actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the upload-sarif action. For analyze, this may affect Advanced Setup for CodeQL users who specify a value other than always for the upload input. #3222

4.30.9 - 17 Oct 2025

Update default CodeQL bundle version to 2.23.3. #3205

Experimental: A new setup-codeql action has been added which is similar to init, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. #3204

4.30.8 - 10 Oct 2025

No user facing changes.

4.30.7 - 06 Oct 2025

[v4+ only] The CodeQL Action now runs on Node.js v24. #3169

3.30.6 - 02 Oct 2025

Update default CodeQL bundle version to 2.23.2. #3168

3.30.5 - 26 Sep 2025

We fixed a bug that was introduced in 3.30.4 with upload-sarif which resulted in files without a .sarif extension not getting uploaded. #3160

3.30.4 - 25 Sep 2025

We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the codeql-action/init step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the codeql-action/init step. #3099 and #3100

We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. #3107

You can now run the latest CodeQL nightly bundle by passing tools: nightly to the init action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. #3130

Update default CodeQL bundle version to 2.23.1. #3118

3.30.3 - 10 Sep 2025

... (truncated)

Commits

0499de3 Merge pull request #3261 from github/henrymercer/setup-python
3b96745 Set up Python in mergeback workflow
8a06050 Merge pull request #3259 from github/update-v4.31.2-9576b5cbe
752a642 Update changelog for v4.31.2
9576b5c Merge pull request #3258 from github/mbg/enablement-errors/case-insensitive
cc88437 Merge pull request #3257 from github/henrymercer/ubuntu-slim
f0e9bf0 Make isEnablementError case-insensitive
2a3599c Run lightweight workflows on ubuntu-slim
514ff4d Merge pull request #3256 from github/henrymercer/resolve-bad-merge
aab1c2f Merge pull request #3253 from github/mergeback/v4.31.1-to-main-5fe9434c
Additional commits viewable in compare view

Updates actions/dependency-review-action from 4.3.4 to 4.8.1

Release notes

Sourced from actions/dependency-review-action's releases.

Dependency Review Action v4.8.1

What's Changed

(bug) Fix spamming link test in deprecation warning (again) by @ahpook in actions/dependency-review-action#1000

Bump version for 4.8.1 release by @ahpook in actions/dependency-review-action#1001

Full Changelog: actions/dependency-review-action@v4...v4.8.1

v4.8.0

What's Changed

Make Ruby Code Scannable by @ljones140 in actions/dependency-review-action#978

Batch some contributions for release by @brrygrdn in actions/dependency-review-action#986

Make license lists collapsable by @jasperkamerling

feat: add large summary handling with artifact upload by @MattMencel

New Contributors

@ljones140 made their first contribution in actions/dependency-review-action#978

@jasperkamerling made their first contribution in actions/dependency-review-action#986

@MattMencel made their first contribution in actions/dependency-review-action#986

Full Changelog: actions/dependency-review-action@v4...v4.8.0

4.7.3

What's Changed

Add explicit permissions to workflow files by @AshelyTC in actions/dependency-review-action#966

Claire153/fix spamming mentioned issue by @claire153 in actions/dependency-review-action#974

Full Changelog: actions/dependency-review-action@v4...v4.7.3

4.7.2

What's Changed

Add Missing Languages to CodeQL Advanced Configuration by @KyFaSt in actions/dependency-review-action#945

Deprecate deny lists by @claire153 in actions/dependency-review-action#958

Address discrepancy between docs and reality by @ahpook in actions/dependency-review-action#960

New Contributors

@KyFaSt made their first contribution in actions/dependency-review-action#945

@claire153 made their first contribution in actions/dependency-review-action#958

@ahpook made their first contribution in actions/dependency-review-action#960

Full Changelog: actions/dependency-review-action@v4...v4.7.2

v4.7.1

Packages added to allow-dependencies-licenses will be allowed even if the package in question has no license information #889

License expressions (e.g. Ruby OR GPL-2.0) in the allow list are automatically discarded so that they don't invalidate the whole allow list, which should just be license identifier (e.g. Ruby)

v4.7.0

Handle complex license expressions (e.g. MIT AND GPL-2.0) in allow lists (fixes #809 and probably others)

Replace OTHER in package licenses with LicenseRef-clearlydefined-OTHER so that parsing passes

... (truncated)

Commits

40c09b7 Merge pull request #1001 from actions/ahpook/v4.8.1-release
4552948 Bump version for 4.8.1 release
e63da9a Merge pull request #1000 from actions/ahpook/deprecation-redux
71365c7 (bug) Fix spamming link test in deprecation warning (again)
56339e5 Merge pull request #988 from actions/brrygrdn/rc-4.8.0
1688b74 Bump to a 4.8.0
31c9f17 Merge pull request #987 from actions/rc-4.7.4
eacde78 Update version
8151009 Merge pull request #986 from actions/brrygrdn/rc-4.7.4
b472ec9 Add a quick regression test for the artefact summary
Additional commits viewable in compare view

Updates reviewdog/action-tflint from 1.23.2 to 1.25.0

Release notes

Sourced from reviewdog/action-tflint's releases.

Release v1.25.0

What's Changed

chore(deps): update reviewdog/action-misspell action to v1.26.2 by @renovate[bot] in reviewdog/action-tflint#105

chore(deps): update reviewdog/action-depup action to v1.6.4 by @renovate[bot] in reviewdog/action-tflint#104

chore(deps): update reviewdog/action-misspell action to v1.26.3 by @renovate[bot] in reviewdog/action-tflint#106

README: Pin GitHub Actions with commit SHA using pinact by @haya14busa in reviewdog/action-tflint#108

chore(deps): update reviewdog/reviewdog to 0.21.0 by @github-actions[bot] in reviewdog/action-tflint#101

Full Changelog: reviewdog/action-tflint@v1.24.2...v1.25.0

Release v1.24.2

What's Changed

Pin reviewdog install script version with commit SHA by @haya14busa in reviewdog/action-tflint#103

Full Changelog: reviewdog/action-tflint@v1.24.1...v1.24.2

Release v1.24.1

What's Changed

Pin GitHub Actions with commit SHA using pinact by @haya14busa in reviewdog/action-tflint#102

Full Changelog: reviewdog/action-tflint@v1.24.0...v1.24.1

Release v1.24.0

What's Changed

docs(README): add documents about input parameters by @rinx in reviewdog/action-tflint#98

README: Fix CI status badges by @massongit in reviewdog/action-tflint#92

Update reviewdog and add fail_level and deduplicate fail_on_error by @massongit in reviewdog/action-tflint#100

New Contributors

@rinx made their first contribution in reviewdog/action-tflint#98

Full Changelog: reviewdog/action-tflint@v1.23.2...v1.24.0

Commits

54a5e5a chore(deps): update reviewdog/reviewdog to 0.21.0 (#101)
92ecd5b README: Pin GitHub Actions with commit SHA using pinact (#108)
4e022bb chore(deps): update reviewdog/action-misspell action to v1.26.3 (#106)
1848510 chore(deps): update reviewdog/action-depup action to v1.6.4 (#104)
f1101e4 chore(deps): update reviewdog/action-misspell action to v1.26.2 (#105)
41b4770 Pin reviewdog install script version with commit SHA (#103)
7b57187 Pin GitHub Actions with commit SHA using pinact (#102)
f17a66a Update reviewdog and add fail_level and deduplicate fail_on_error (#100)
f9cb738 README: Fix CI status badges (#92)
b61e666 docs(README): add documents about input parameters (#98)
See full diff in compare view

Updates reviewdog/action-trivy from 1.11.0 to 1.14.0

Release notes

Sourced from reviewdog/action-trivy's releases.

Release v1.14.0

v1.14.0: PR #104 - chore(deps): update reviewdog to 0.21.0

Release v1.13.10

v1.13.10: PR #82 - Pin reviewdog install script version with commit SHA

Release v1.13.9

v1.13.9: PR #81 - Pin GitHub Actions with commit SHA using pinact

Release v1.13.8

v1.13.8: PR #79 - chore(deps): update terraform aws to ~> 5.90.0

Release v1.13.7

v1.13.7: PR #78 - chore(deps): update terraform aws to ~> 5.89.0

Release v1.13.5

v1.13.5: PR #77 - chore(deps): update terraform aws to ~> 5.84.0

Release v1.13.4

v1.13.4: PR #72 - Support reviewdog command line argument changes (--fail-level)

Release v1.13.3

v1.13.3: PR #75 - chore(deps): update terraform aws to ~> 5.83.0

Release v1.13.2

v1.13.2: PR #71 - chore(deps): update terraform aws to ~> 5.82.0

Release v1.13.1

v1.13.1: PR #69 - chore(deps): update terraform aws to ~> 5.81.0

Release v1.13.0

v1.13.0: PR #67 - chore(deps): update reviewdog to 0.20.3

Release v1.12.6

v1.12.6: PR #68 - chore(deps): update terraform aws to ~> 5.80.0

Release v1.12.5

v1.12.5: PR #66 - chore(deps): update terraform aws to ~> 5.79.0

Release v1.12.4

v1.12.4: PR #65 - chore(deps): update terraform aws to ~> 5.78.0

Release v1.12.3

v1.12.3: PR #62 - chore(deps): update terraform aws to ~> 5.77.0

Release v1.12.2

v1.12.2: PR #63 - Support for aarch64 architecture (which is equivalent to arm64)

Release v1.12.1

v1.12.1: PR #58 - chore(deps): update terraform aws to ~> 5.72.0

... (truncated)

Commits

a1e6d7d Merge pull request #104 from reviewdog/depup/reviewdog
20b6816 chore(deps): update reviewdog to 0.21.0
a1a479d Merge pull request #94 from reviewdog/renovate/azurerm-4.x
7a02290 chore(deps): update terraform azurerm to ~> 4.26.0
590ac69 Merge pull request #93 from reviewdog/renovate/aws-5.x
f895ad5 chore(deps): update terraform aws to ~> 5.94.0
5392bcc Merge pull request #92 from reviewdog/renovate/azurerm-4.x
0e5f775 chore(deps): update terraform azurerm to ~> 4.25.0
90be6ba Merge pull request #91 from reviewdog/renovate/aws-5.x
536d9aa chore(deps): update terraform aws to ~> 5.93.0
Additional commits viewable in compare view

Updates reviewdog/action-golangci-lint from 2.6.2 to 2.8.0

Release notes

Sourced from reviewdog/action-golangci-lint's releases.

Release v2.8.0

v2.8.0: PR #779 - fix: migrate to golangci-lint v2

Release v2.7.2

What's Changed

chore(deps): update reviewdog/action-actionlint action to v1.65.2 by @renovate in reviewdog/action-golangci-lint#769

chore(deps): update reviewdog/action-eslint action to v1.33.2 by @renovate in reviewdog/action-golangci-lint#770

README: Pin GitHub Actions with commit SHA using pinact by @haya14busa in reviewdog/action-gola...
Description has been truncated

…with 17 updates Bumps the github-actions group with 17 updates in the / directory: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.9.1` | `2.13.1` | | [actions/checkout](https://github.com/actions/checkout) | `4.1.7` | `5.0.0` | | [actions/setup-go](https://github.com/actions/setup-go) | `5.0.2` | `6.0.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.26.2` | `4.31.2` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.3.4` | `4.8.1` | | [reviewdog/action-tflint](https://github.com/reviewdog/action-tflint) | `1.23.2` | `1.25.0` | | [reviewdog/action-trivy](https://github.com/reviewdog/action-trivy) | `1.11.0` | `1.14.0` | | [reviewdog/action-golangci-lint](https://github.com/reviewdog/action-golangci-lint) | `2.6.2` | `2.8.0` | | [EPMatt/reviewdog-action-prettier](https://github.com/epmatt/reviewdog-action-prettier) | `1.2.0` | `1.3.0` | | [reviewdog/action-misspell](https://github.com/reviewdog/action-misspell) | `1.23.0` | `1.27.0` | | [reviewdog/action-alex](https://github.com/reviewdog/action-alex) | `1.13.0` | `1.16.0` | | [reviewdog/action-markdownlint](https://github.com/reviewdog/action-markdownlint) | `0.24.0` | `0.26.2` | | [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.54.0` | `1.68.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.0` | `2.4.3` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.6` | `5.0.0` | | [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent) | `0.9.0` | `0.9.1` | | [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | `4.0.2` | `5.1.0` | Updates `step-security/harden-runner` from 2.9.1 to 2.13.1 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@5c7944e...f4a75cf) Updates `actions/checkout` from 4.1.7 to 5.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@692973e...08c6903) Updates `actions/setup-go` from 5.0.2 to 6.0.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@0a12ed9...4469467) Updates `github/codeql-action` from 3.26.2 to 4.31.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@429e197...0499de3) Updates `actions/dependency-review-action` from 4.3.4 to 4.8.1 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@5a2ce3f...40c09b7) Updates `reviewdog/action-tflint` from 1.23.2 to 1.25.0 - [Release notes](https://github.com/reviewdog/action-tflint/releases) - [Commits](reviewdog/action-tflint@0a8c6a4...54a5e5a) Updates `reviewdog/action-trivy` from 1.11.0 to 1.14.0 - [Release notes](https://github.com/reviewdog/action-trivy/releases) - [Commits](reviewdog/action-trivy@14e16b3...a1e6d7d) Updates `reviewdog/action-golangci-lint` from 2.6.2 to 2.8.0 - [Release notes](https://github.com/reviewdog/action-golangci-lint/releases) - [Commits](reviewdog/action-golangci-lint@7708105...f9bba13) Updates `EPMatt/reviewdog-action-prettier` from 1.2.0 to 1.3.0 - [Release notes](https://github.com/epmatt/reviewdog-action-prettier/releases) - [Commits](EPMatt/reviewdog-action-prettier@93fb51e...f691104) Updates `reviewdog/action-misspell` from 1.23.0 to 1.27.0 - [Release notes](https://github.com/reviewdog/action-misspell/releases) - [Commits](reviewdog/action-misspell@ef8b22c...d642941) Updates `reviewdog/action-alex` from 1.13.0 to 1.16.0 - [Release notes](https://github.com/reviewdog/action-alex/releases) - [Commits](reviewdog/action-alex@f95df9e...6083b8c) Updates `reviewdog/action-markdownlint` from 0.24.0 to 0.26.2 - [Release notes](https://github.com/reviewdog/action-markdownlint/releases) - [Commits](reviewdog/action-markdownlint@e9f3ab4...3667398) Updates `reviewdog/action-actionlint` from 1.54.0 to 1.68.0 - [Release notes](https://github.com/reviewdog/action-actionlint/releases) - [Commits](reviewdog/action-actionlint@4f8f996...f00ad06) Updates `ossf/scorecard-action` from 2.4.0 to 2.4.3 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@62b2cac...4eaacf0) Updates `actions/upload-artifact` from 4.3.6 to 5.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@834a144...330a01c) Updates `webfactory/ssh-agent` from 0.9.0 to 0.9.1 - [Release notes](https://github.com/webfactory/ssh-agent/releases) - [Changelog](https://github.com/webfactory/ssh-agent/blob/master/CHANGELOG.md) - [Commits](webfactory/ssh-agent@dc588b6...a6f90b1) Updates `aws-actions/configure-aws-credentials` from 4.0.2 to 5.1.0 - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](aws-actions/configure-aws-credentials@e3dd6a4...0094301) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.13.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-go dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.31.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/dependency-review-action dependency-version: 4.8.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: reviewdog/action-tflint dependency-version: 1.25.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: reviewdog/action-trivy dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: reviewdog/action-golangci-lint dependency-version: 2.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: EPMatt/reviewdog-action-prettier dependency-version: 1.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: reviewdog/action-misspell dependency-version: 1.27.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: reviewdog/action-alex dependency-version: 1.16.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: reviewdog/action-markdownlint dependency-version: 0.26.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: reviewdog/action-actionlint dependency-version: 1.68.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: ossf/scorecard-action dependency-version: 2.4.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: webfactory/ssh-agent dependency-version: 0.9.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: aws-actions/configure-aws-credentials dependency-version: 5.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>

coderabbitai · 2025-11-03T13:13:53Z

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

github-actions · 2025-11-03T13:14:16Z

.github/workflows/codeql.yml

⚠️ [alex] _{reported by reviewdog 🐶}
simply may be insensitive, try not to use it simple retext-equality

terraform-aws-tfuser/.github/workflows/codeql.yml

Line 1 in 3426fe4

# For most projects, this workflow file will not need changing; you simply need

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Nov 3, 2025

github-actions bot reviewed Nov 3, 2025

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

⬆️ (deps-ghaction): Bump the github-actions group across 1 directory with 17 updates #109

⬆️ (deps-ghaction): Bump the github-actions group across 1 directory with 17 updates #109

Uh oh!

dependabot bot commented on behalf of github Nov 3, 2025 •

edited

Loading

Uh oh!

coderabbitai bot commented Nov 3, 2025

Review skipped

Uh oh!

github-actions bot Nov 3, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

⬆️ (deps-ghaction): Bump the github-actions group across 1 directory with 17 updates #109

Are you sure you want to change the base?

⬆️ (deps-ghaction): Bump the github-actions group across 1 directory with 17 updates #109

Uh oh!

Conversation

dependabot bot commented on behalf of github Nov 3, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v2.13.1

What's Changed

v2.13.0

What's Changed

v2.12.2

What's Changed

v2.12.1

What's Changed

v2.12.0

What's Changed

v2.11.1

What's Changed

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v4.3.0

What's Changed

New Contributors

v4.2.2

What's Changed

v4.2.1

What's Changed

New Contributors

Changelog

V5.0.0

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v6.0.0

What's Changed

Breaking Changes

Dependency Upgrades

New Contributors

v5.5.0

What's Changed

Bug fixes:

Dependency updates:

New Contributors

v5.4.0

What's Changed

Dependency updates :

v4.31.2

CodeQL Action Changelog

4.31.2 - 30 Oct 2025

v4.31.1

CodeQL Action Changelog

4.31.1 - 30 Oct 2025

v4.31.0

CodeQL Action Changelog

4.31.0 - 24 Oct 2025

v4.30.9

CodeQL Action Changelog

4.30.9 - 17 Oct 2025

v4.30.8

CodeQL Action Changelog

CodeQL Action Changelog

[UNRELEASED]

4.31.2 - 30 Oct 2025

4.31.1 - 30 Oct 2025

4.31.0 - 24 Oct 2025

4.30.9 - 17 Oct 2025

4.30.8 - 10 Oct 2025

4.30.7 - 06 Oct 2025

3.30.6 - 02 Oct 2025

3.30.5 - 26 Sep 2025

3.30.4 - 25 Sep 2025

3.30.3 - 10 Sep 2025

dependabot bot commented on behalf of github Nov 3, 2025 •

edited

Loading