[deps]: Update gh minor (#389)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
4 months ago · 07ce9f18db
4 changed files with 24 additions and 24 deletions
--- a/.github/workflows/build-unified.yml
+++ b/.github/workflows/build-unified.yml
@ -36,7 +36,7 @@ jobs:
				@@ -36,7 +36,7 @@ jobs:
      security-events: write
    steps:
      - name: Checkout Repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0

      - name: Get server branch to checkout
        id: server-branch-name
@ -79,10 +79,10 @@ jobs:
				@@ -79,10 +79,10 @@ jobs:

      ########## Set up Docker ##########
      - name: Set up QEMU emulators
-        uses: docker/setup-qemu-action@4574d27a4764455b42196d70a065bc6853246a25 # v3.4.0
+        uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0

      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca # v3.9.0
+        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1

      ########## Login to Docker registries ##########
      - name: Log in to Azure
@ -96,7 +96,7 @@ jobs:
				@@ -96,7 +96,7 @@ jobs:
        run: az acr login -n bitwardenprod

      - name: Login to GitHub Container Registry
-        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
+        uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
@ -145,14 +145,14 @@ jobs:
				@@ -145,14 +145,14 @@ jobs:
          secrets: "BW-GHAPP-ID,BW-GHAPP-KEY"

      - name: Generate GH App token
-        uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6
+        uses: actions/create-github-app-token@0f859bf9e69e887678d5bbfbee594437cb440ffe # v2.1.0
        id: app-token
        with:
          app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}
          private-key: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-KEY }}

      - name: Checkout server repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
        with:
          repository: bitwarden/server
          token: ${{ steps.app-token.outputs.token }}
@ -161,7 +161,7 @@ jobs:
				@@ -161,7 +161,7 @@ jobs:

      - name: Build and push Docker image
        id: build-docker
-        uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
        with:
          context: .
          file: docker-unified/Dockerfile
@ -174,7 +174,7 @@ jobs:
				@@ -174,7 +174,7 @@ jobs:

      - name: Install Cosign
        if: env.is_publish_branch == 'true'
-        uses: sigstore/cosign-installer@c56c2d3e59e4281cc41dea2217323ba5694b171e # v3.8.0
+        uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2

      - name: Sign image with Cosign
        if: env.is_publish_branch == 'true'
@ -201,14 +201,14 @@ jobs:
				@@ -201,14 +201,14 @@ jobs:

      - name: Scan Docker image
        id: container-scan
-        uses: anchore/scan-action@2c901ab7378897c01b8efaa2d0c9bf519cc64b9e # v6.2.0
+        uses: anchore/scan-action@1638637db639e0ade3258b51db49a9a137574c3e # v6.5.1
        with:
          image: ${{ steps.tag-list.outputs.primary_tag }}
          fail-build: false
          output-format: sarif

      - name: Upload Grype results to GitHub
-        uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
+        uses: github/codeql-action/upload-sarif@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3.29.8
        with:
          sarif_file: ${{ steps.container-scan.outputs.sarif }}
          sha: ${{ contains(github.event_name, 'pull_request') && github.event.pull_request.head.sha || github.sha }}
--- a/.github/workflows/release-digital-ocean.yml
+++ b/.github/workflows/release-digital-ocean.yml
@ -22,7 +22,7 @@ jobs:
				@@ -22,7 +22,7 @@ jobs:
      id-token: write
    steps:
      - name: Checkout repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0

      - name: Log in to Azure
        uses: bitwarden/gh-actions/azure-login@main
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@ -45,7 +45,7 @@ jobs:
				@@ -45,7 +45,7 @@ jobs:
          fi

      - name: Checkout repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0

      - name: Get Latest Self-Host Version
        id: get-self-host
@ -82,7 +82,7 @@ jobs:
				@@ -82,7 +82,7 @@ jobs:
      contents: write
    steps:
      - name: Checkout repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
        with:
          fetch-depth: 0

@ -136,7 +136,7 @@ jobs:
				@@ -136,7 +136,7 @@ jobs:

      - name: Create release
        if: ${{ inputs.release_type != 'Dry Run' }}
-        uses: ncipollo/release-action@cdcc88a9acf3ca41c16c37bb7d21b9ad48560d87 # v1.15.0
+        uses: ncipollo/release-action@bcfe5470707e8832e12347755757cec0eb3c22af # v1.18.0
        with:
          artifacts: 'bitwarden.sh,
                      run.sh,
@ -162,7 +162,7 @@ jobs:
				@@ -162,7 +162,7 @@ jobs:
      id-token: write
    steps:
      - name: Checkout repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
        with:
          ref: main

@ -232,12 +232,12 @@ jobs:
				@@ -232,12 +232,12 @@ jobs:
            release_tag: ${{ needs.setup.outputs._WEB_RELEASE_TAG }}
    steps:
      - name: Checkout repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
        with:
          ref: main

      - name: Install Cosign
-        uses: sigstore/cosign-installer@d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a # v3.8.1
+        uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2

      - name: Log in to Azure
        uses: bitwarden/gh-actions/azure-login@main
@ -263,7 +263,7 @@ jobs:
				@@ -263,7 +263,7 @@ jobs:

      ### ghcr.io section
      - name: Login to GitHub Container Registry
-        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
+        uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
@ -323,14 +323,14 @@ jobs:
				@@ -323,14 +323,14 @@ jobs:
          client_id: ${{ secrets.AZURE_CLIENT_ID }}

      - name: Login to GitHub Container Registry
-        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
+        uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0
        with:
          registry: ghcr.io
          username: ${{ github.actor }}
          password: ${{ secrets.GITHUB_TOKEN }}

      - name: Install Cosign
-        uses: sigstore/cosign-installer@d7d6bc7722e3daa8354c50bcb52f4837da5e9b6a # v3.8.1
+        uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2

      - name: Push version and latest image
        if: ${{ inputs.release_type != 'Dry Run' }}
@ -426,7 +426,7 @@ jobs:
				@@ -426,7 +426,7 @@ jobs:
        uses: bitwarden/gh-actions/azure-logout@main

      - name: Generate GH App token
-        uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6
+        uses: actions/create-github-app-token@0f859bf9e69e887678d5bbfbee594437cb440ffe # v2.1.0
        id: app-token
        with:
          app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}
--- a/.github/workflows/update-versions.yml
+++ b/.github/workflows/update-versions.yml
@ -19,7 +19,7 @@ jobs:
				@@ -19,7 +19,7 @@ jobs:
      key_connector_version_update: ${{ steps.key-connector-update.outputs.update }}
    steps:
      - name: Checkout Branch
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0

      - name: Get Latest Core Version
        id: get-core
@ -120,14 +120,14 @@ jobs:
				@@ -120,14 +120,14 @@ jobs:
        uses: bitwarden/gh-actions/azure-logout@main

      - name: Generate GH App token
-        uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6
+        uses: actions/create-github-app-token@0f859bf9e69e887678d5bbfbee594437cb440ffe # v2.1.0
        id: app-token
        with:
          app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}
          private-key: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-KEY }}

      - name: Checkout Branch
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0
        with:
          ref: main
          token: ${{ steps.app-token.outputs.token }}