From 5d50e1e745b5deca54eec528930710b0d353d127 Mon Sep 17 00:00:00 2001 From: Bo-Yi Wu Date: Thu, 16 Apr 2026 12:06:52 +0800 Subject: [PATCH] ci(actions): upgrade GitHub Actions to latest versions - bump actions/checkout to v6 - bump actions/setup-go to v6 - bump actions/cache to v5 - bump goreleaser/goreleaser-action to v7 - bump golangci/golangci-lint-action to v9 - bump github/codeql-action/* to v4 - bump codecov/codecov-action to v5 - bump docker/build-push-action to v7 - bump docker/login-action to v4 - bump docker/metadata-action to v6 - bump docker/setup-buildx-action to v4 - bump docker/setup-qemu-action to v4 - bump hadolint/hadolint-action to v3.3.0 - bump aquasecurity/trivy-action to v0.35.0 --- .github/workflows/docker.yml | 10 +++++----- .github/workflows/goreleaser.yml | 2 +- .github/workflows/trivy.yml | 4 ++-- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 447dab6..9ea9f78 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -29,13 +29,13 @@ jobs: make build_linux_arm64 - name: Set up QEMU - uses: docker/setup-qemu-action@v3 + uses: docker/setup-qemu-action@v4 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 + uses: docker/setup-buildx-action@v4 - name: Login to GitHub Container Registry - uses: docker/login-action@v3 + uses: docker/login-action@v4 with: registry: ghcr.io username: ${{ github.repository_owner }} @@ -43,7 +43,7 @@ jobs: - name: Docker meta id: docker-meta - uses: docker/metadata-action@v5 + uses: docker/metadata-action@v6 with: images: | ghcr.io/${{ github.repository }} @@ -54,7 +54,7 @@ jobs: type=semver,pattern={{major}} - name: Build and push - uses: docker/build-push-action@v6 + uses: docker/build-push-action@v7 with: context: . platforms: linux/amd64,linux/arm64 diff --git a/.github/workflows/goreleaser.yml b/.github/workflows/goreleaser.yml index 2d94e1e..fb389b1 100644 --- a/.github/workflows/goreleaser.yml +++ b/.github/workflows/goreleaser.yml @@ -23,7 +23,7 @@ jobs: check-latest: true - name: Run GoReleaser - uses: goreleaser/goreleaser-action@v6 + uses: goreleaser/goreleaser-action@v7 with: # either 'goreleaser' (default) or 'goreleaser-pro' distribution: goreleaser diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 942f676..b1062e0 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -27,7 +27,7 @@ jobs: fetch-depth: 0 - name: Run Trivy vulnerability scanner (source code) - uses: aquasecurity/trivy-action@0.33.1 + uses: aquasecurity/trivy-action@v0.35.0 with: scan-type: "fs" scan-ref: "." @@ -44,7 +44,7 @@ jobs: sarif_file: "trivy-results.sarif" - name: Run Trivy scanner (table output for logs) - uses: aquasecurity/trivy-action@0.33.1 + uses: aquasecurity/trivy-action@v0.35.0 if: always() with: scan-type: "fs"