From 94b45db5d204133743a94bfab88136006cddd210 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 8 Feb 2026 05:43:12 +0000 Subject: [PATCH 1/2] Bump the github-actions group with 7 updates Bumps the github-actions group with 7 updates: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.14.1` | `2.14.2` | | [bemanproject/infra-workflows/.github/workflows/reusable-beman-submodule-check.yml](https://github.com/bemanproject/infra-workflows) | `1.2.1` | `1.3.0` | | [bemanproject/infra-workflows/.github/workflows/reusable-beman-preset-test.yml](https://github.com/bemanproject/infra-workflows) | `1.2.1` | `1.3.0` | | [bemanproject/infra-workflows/.github/workflows/reusable-beman-build-and-test.yml](https://github.com/bemanproject/infra-workflows) | `1.2.1` | `1.3.0` | | [bemanproject/infra-workflows/.github/workflows/reusable-beman-create-issue-when-fault.yml](https://github.com/bemanproject/infra-workflows) | `1.2.1` | `1.3.0` | | [bemanproject/infra-workflows/.github/workflows/reusable-beman-pre-commit.yml](https://github.com/bemanproject/infra-workflows) | `1.2.1` | `1.3.0` | | [bemanproject/infra-workflows/.github/workflows/reusable-beman-update-pre-commit.yml](https://github.com/bemanproject/infra-workflows) | `1.2.1` | `1.3.0` | Updates `step-security/harden-runner` from 2.14.1 to 2.14.2 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](https://github.com/step-security/harden-runner/compare/e3f713f2d8f53843e71c69a996d56f51aa9adfb9...5ef0c079ce82195b2a36a210272d6b661572d83e) Updates `bemanproject/infra-workflows/.github/workflows/reusable-beman-submodule-check.yml` from 1.2.1 to 1.3.0 - [Commits](https://github.com/bemanproject/infra-workflows/compare/13148724461ad5cab3dd8895ad5431875e58db5c...fa4c21e208a32e772ec58eef08a01de001b1e624) Updates `bemanproject/infra-workflows/.github/workflows/reusable-beman-preset-test.yml` from 1.2.1 to 1.3.0 - [Commits](https://github.com/bemanproject/infra-workflows/compare/13148724461ad5cab3dd8895ad5431875e58db5c...fa4c21e208a32e772ec58eef08a01de001b1e624) Updates `bemanproject/infra-workflows/.github/workflows/reusable-beman-build-and-test.yml` from 1.2.1 to 1.3.0 - [Commits](https://github.com/bemanproject/infra-workflows/compare/13148724461ad5cab3dd8895ad5431875e58db5c...fa4c21e208a32e772ec58eef08a01de001b1e624) Updates `bemanproject/infra-workflows/.github/workflows/reusable-beman-create-issue-when-fault.yml` from 1.2.1 to 1.3.0 - [Commits](https://github.com/bemanproject/infra-workflows/compare/13148724461ad5cab3dd8895ad5431875e58db5c...fa4c21e208a32e772ec58eef08a01de001b1e624) Updates `bemanproject/infra-workflows/.github/workflows/reusable-beman-pre-commit.yml` from 1.2.1 to 1.3.0 - [Commits](https://github.com/bemanproject/infra-workflows/compare/13148724461ad5cab3dd8895ad5431875e58db5c...fa4c21e208a32e772ec58eef08a01de001b1e624) Updates `bemanproject/infra-workflows/.github/workflows/reusable-beman-update-pre-commit.yml` from 1.2.1 to 1.3.0 - [Commits](https://github.com/bemanproject/infra-workflows/compare/13148724461ad5cab3dd8895ad5431875e58db5c...fa4c21e208a32e772ec58eef08a01de001b1e624) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.14.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: bemanproject/infra-workflows/.github/workflows/reusable-beman-submodule-check.yml dependency-version: 1.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: bemanproject/infra-workflows/.github/workflows/reusable-beman-preset-test.yml dependency-version: 1.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: bemanproject/infra-workflows/.github/workflows/reusable-beman-build-and-test.yml dependency-version: 1.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: bemanproject/infra-workflows/.github/workflows/reusable-beman-create-issue-when-fault.yml dependency-version: 1.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: bemanproject/infra-workflows/.github/workflows/reusable-beman-pre-commit.yml dependency-version: 1.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: bemanproject/infra-workflows/.github/workflows/reusable-beman-update-pre-commit.yml dependency-version: 1.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 4 ++-- .github/workflows/ci_tests.yml | 8 ++++---- .github/workflows/codeql.yml | 2 +- .github/workflows/doxygen-gh-pages.yml | 2 +- .github/workflows/ossf-scorecard-analysis.yml | 2 +- .github/workflows/pre-commit-check.yml | 2 +- .github/workflows/pre-commit-update.yml | 2 +- .github/workflows/pre-commit.yml | 4 ++-- 8 files changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9397cf5..3f140d0 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -36,7 +36,7 @@ jobs: - {name: "Ubuntu GCC 12", tag: "gcc:12", toolchain: "gcc-12", cmake_args: "-G \"Ninja Multi-Config\" -DCMAKE_CONFIGURATION_TYPES=\"RelWithDebInfo;Asan\" -DCMAKE_PREFIX_PATH=\"./infra/cmake\" "} steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2 with: egress-policy: audit @@ -128,7 +128,7 @@ jobs: steps: # See https://github.com/cli/cli/issues/5075 - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2 with: egress-policy: audit diff --git a/.github/workflows/ci_tests.yml b/.github/workflows/ci_tests.yml index c6187e7..9c35521 100644 --- a/.github/workflows/ci_tests.yml +++ b/.github/workflows/ci_tests.yml @@ -16,10 +16,10 @@ on: jobs: beman-submodule-check: - uses: bemanproject/infra-workflows/.github/workflows/reusable-beman-submodule-check.yml@13148724461ad5cab3dd8895ad5431875e58db5c # 1.2.1 + uses: bemanproject/infra-workflows/.github/workflows/reusable-beman-submodule-check.yml@fa4c21e208a32e772ec58eef08a01de001b1e624 # 1.3.0 preset-test: - uses: bemanproject/infra-workflows/.github/workflows/reusable-beman-preset-test.yml@13148724461ad5cab3dd8895ad5431875e58db5c # 1.2.1 + uses: bemanproject/infra-workflows/.github/workflows/reusable-beman-preset-test.yml@fa4c21e208a32e772ec58eef08a01de001b1e624 # 1.3.0 with: matrix_config: > [ @@ -34,7 +34,7 @@ jobs: ] build-and-test: - uses: bemanproject/infra-workflows/.github/workflows/reusable-beman-build-and-test.yml@13148724461ad5cab3dd8895ad5431875e58db5c # 1.2.1 + uses: bemanproject/infra-workflows/.github/workflows/reusable-beman-build-and-test.yml@fa4c21e208a32e772ec58eef08a01de001b1e624 # 1.3.0 with: matrix_config: > { @@ -147,4 +147,4 @@ jobs: permissions: contents: read issues: write - uses: bemanproject/infra-workflows/.github/workflows/reusable-beman-create-issue-when-fault.yml@13148724461ad5cab3dd8895ad5431875e58db5c # 1.2.1 + uses: bemanproject/infra-workflows/.github/workflows/reusable-beman-create-issue-when-fault.yml@fa4c21e208a32e772ec58eef08a01de001b1e624 # 1.3.0 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f32e881..67ef6d0 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -59,7 +59,7 @@ jobs: # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2 with: egress-policy: audit diff --git a/.github/workflows/doxygen-gh-pages.yml b/.github/workflows/doxygen-gh-pages.yml index 5c507b9..476c3d0 100644 --- a/.github/workflows/doxygen-gh-pages.yml +++ b/.github/workflows/doxygen-gh-pages.yml @@ -16,7 +16,7 @@ jobs: contents: write steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2 with: egress-policy: audit diff --git a/.github/workflows/ossf-scorecard-analysis.yml b/.github/workflows/ossf-scorecard-analysis.yml index b4fa615..493e2d4 100644 --- a/.github/workflows/ossf-scorecard-analysis.yml +++ b/.github/workflows/ossf-scorecard-analysis.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2 with: egress-policy: audit diff --git a/.github/workflows/pre-commit-check.yml b/.github/workflows/pre-commit-check.yml index fee1e15..b9aef5e 100644 --- a/.github/workflows/pre-commit-check.yml +++ b/.github/workflows/pre-commit-check.yml @@ -14,4 +14,4 @@ permissions: jobs: pre-commit: - uses: bemanproject/infra-workflows/.github/workflows/reusable-beman-pre-commit.yml@13148724461ad5cab3dd8895ad5431875e58db5c # 1.2.1 + uses: bemanproject/infra-workflows/.github/workflows/reusable-beman-pre-commit.yml@fa4c21e208a32e772ec58eef08a01de001b1e624 # 1.3.0 diff --git a/.github/workflows/pre-commit-update.yml b/.github/workflows/pre-commit-update.yml index 161bc3b..84003aa 100644 --- a/.github/workflows/pre-commit-update.yml +++ b/.github/workflows/pre-commit-update.yml @@ -15,7 +15,7 @@ jobs: permissions: contents: write pull-requests: write - uses: bemanproject/infra-workflows/.github/workflows/reusable-beman-update-pre-commit.yml@13148724461ad5cab3dd8895ad5431875e58db5c # 1.2.1 + uses: bemanproject/infra-workflows/.github/workflows/reusable-beman-update-pre-commit.yml@fa4c21e208a32e772ec58eef08a01de001b1e624 # 1.3.0 secrets: APP_ID: ${{ secrets.AUTO_PR_BOT_APP_ID }} PRIVATE_KEY: ${{ secrets.AUTO_PR_BOT_PRIVATE_KEY }} diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index bf2066a..be1168a 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2 with: egress-policy: audit @@ -50,7 +50,7 @@ jobs: steps: - name: Harden the runner (Audit all outbound calls) - uses: step-security/harden-runner@e3f713f2d8f53843e71c69a996d56f51aa9adfb9 # v2.14.1 + uses: step-security/harden-runner@5ef0c079ce82195b2a36a210272d6b661572d83e # v2.14.2 with: egress-policy: audit From 178d58063570959e9e3f52039a41b72f228d3a93 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 8 Feb 2026 05:43:39 +0000 Subject: [PATCH 2/2] Bump github/codeql-action in the github-owned-actions group Bumps the github-owned-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action). Updates `github/codeql-action` from 4.31.11 to 4.32.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/19b2f06db2b6f5108140aeb04014ef02b648f789...45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 4.32.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-owned-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql.yml | 4 ++-- .github/workflows/ossf-scorecard-analysis.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f32e881..4bb06d5 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -77,7 +77,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11 + uses: github/codeql-action/init@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -105,6 +105,6 @@ jobs: exit 1 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11 + uses: github/codeql-action/analyze@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/ossf-scorecard-analysis.yml b/.github/workflows/ossf-scorecard-analysis.yml index b4fa615..14fd0c5 100644 --- a/.github/workflows/ossf-scorecard-analysis.yml +++ b/.github/workflows/ossf-scorecard-analysis.yml @@ -56,6 +56,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@19b2f06db2b6f5108140aeb04014ef02b648f789 # v4.31.11 + uses: github/codeql-action/upload-sarif@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4.32.2 with: sarif_file: results.sarif