From d7566cc6182e961c0ce3ad5795e0f9a90f304544 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 9 Mar 2026 16:20:08 +0500 Subject: [PATCH] chore(deps): bump the github-actions group across 1 directory with 5 updates (#791) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Bumps the github-actions group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [coder/coder](https://github.com/coder/coder) | `2.29.2` | `2.31.3` | | [oven-sh/setup-bun](https://github.com/oven-sh/setup-bun) | `2.1.2` | `2.1.3` | | [crate-ci/typos](https://github.com/crate-ci/typos) | `1.42.1` | `1.44.0` | | [actions/setup-go](https://github.com/actions/setup-go) | `6.2.0` | `6.3.0` | | [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.4.1` | `0.5.2` | Updates `coder/coder` from 2.29.2 to 2.31.3
Release notes

Sourced from coder/coder's releases.

v2.31.3

Changelog

[!NOTE] This is a mainline Coder release. We advise enterprise customers without a staging environment to install our latest stable release while we refine this version. Learn more about our Release Schedule.

Chores

Bug Fixes

Compare: v2.31.2...v2.31.3

Container image

Install/upgrade

Refer to our docs to install or upgrade Coder, or use a release asset below.

v2.31.2

Changelog

[!NOTE] This is a mainline Coder release. We advise enterprise customers without a staging environment to install our latest stable release while we refine this version. Learn more about our Release Schedule.

Chores

Compare: v2.31.1...v2.31.2

Container image

Install/upgrade

Refer to our docs to install or upgrade Coder, or use a release asset below.

v2.31.1

Changelog

[!NOTE] This is a mainline Coder release. We advise enterprise customers without a staging environment to install our latest stable release while we refine this version. Learn more about our Release Schedule.

Normally, our monthly releases are 2.X.0. This mainline release is 2.X.1 due to an issue in the release process, but it should be considered a standard mainline release for customers.

... (truncated)

Commits

Updates `oven-sh/setup-bun` from 2.1.2 to 2.1.3
Release notes

Sourced from oven-sh/setup-bun's releases.

v2.1.3

oven-sh/setup-bun is the github action for setting up Bun.

What's Changed

New Contributors

Full Changelog: https://github.com/oven-sh/setup-bun/compare/v2...v2.1.3

Commits

Updates `crate-ci/typos` from 1.42.1 to 1.44.0
Release notes

Sourced from crate-ci/typos's releases.

v1.44.0

[1.44.0] - 2026-02-27

Features

v1.43.5

[1.43.5] - 2026-02-16

Fixes

v1.43.4

[1.43.4] - 2026-02-09

Fixes

v1.43.3

[1.43.3] - 2026-02-06

Fixes

v1.43.2

[1.43.2] - 2026-02-05

Fixes

v1.43.1

[1.43.1] - 2026-02-03

Fixes

v1.43.0

[1.43.0] - 2026-02-02

Features

v1.42.3

... (truncated)

Changelog

Sourced from crate-ci/typos's changelog.

Change Log

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

[Unreleased] - ReleaseDate

[1.44.0] - 2026-02-27

Features

[1.43.5] - 2026-02-16

Fixes

[1.43.4] - 2026-02-09

Fixes

[1.43.3] - 2026-02-06

Fixes

[1.43.2] - 2026-02-05

Fixes

[1.43.1] - 2026-02-03

Fixes

[1.43.0] - 2026-02-02

Compatibility

... (truncated)

Commits

Updates `actions/setup-go` from 6.2.0 to 6.3.0
Release notes

Sourced from actions/setup-go's releases.

v6.3.0

What's Changed

Full Changelog: https://github.com/actions/setup-go/compare/v6...v6.3.0

Commits

Updates `zizmorcore/zizmor-action` from 0.4.1 to 0.5.2
Release notes

Sourced from zizmorcore/zizmor-action's releases.

v0.5.2

What's Changed

Full Changelog: https://github.com/zizmorcore/zizmor-action/compare/v0.5.1...v0.5.2

v0.5.1

What's Changed

Full Changelog: https://github.com/zizmorcore/zizmor-action/compare/v0.5.0...v0.5.1

v0.5.0

What's Changed

New Contributors

Full Changelog: https://github.com/zizmorcore/zizmor-action/compare/v0.4.1...v0.5.0

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) ---
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore ` will remove the ignore condition of the specified dependency and ignore conditions
Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yaml | 12 ++++++------ .github/workflows/golangci-lint.yml | 2 +- .github/workflows/version-bump.yaml | 4 ++-- .github/workflows/zizmor.yaml | 4 ++-- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 8b994182..6a8c79d2 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -37,9 +37,9 @@ jobs: all: - '**' - name: Set up Terraform - uses: coder/coder/.github/actions/setup-tf@b5360a9180613328a62d64efcfaac5a31980c746 # v2.29.2 + uses: coder/coder/.github/actions/setup-tf@deaacff8437e3f4ee84bc51c4e5162f6dd7d190e # v2.31.3 - name: Set up Bun - uses: oven-sh/setup-bun@3d267786b128fe76c2f16a390aa2448b815359f3 # v2 + uses: oven-sh/setup-bun@ecf28ddc73e819eb6fa29df6b34ef8921c743461 # v2 with: # We're using the latest version of Bun for now, but it might be worth # reconsidering. They've pushed breaking changes in patch releases @@ -82,18 +82,18 @@ jobs: - name: Check out code uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Install Bun - uses: oven-sh/setup-bun@3d267786b128fe76c2f16a390aa2448b815359f3 # v2 + uses: oven-sh/setup-bun@ecf28ddc73e819eb6fa29df6b34ef8921c743461 # v2 with: bun-version: latest # Need Terraform for its formatter - name: Install Terraform - uses: coder/coder/.github/actions/setup-tf@b5360a9180613328a62d64efcfaac5a31980c746 # v2.29.2 + uses: coder/coder/.github/actions/setup-tf@deaacff8437e3f4ee84bc51c4e5162f6dd7d190e # v2.31.3 - name: Install dependencies run: bun install - name: Validate formatting run: bun fmt:ci - name: Check for typos - uses: crate-ci/typos@65120634e79d8374d1aa2f27e54baa0c364fff5a # v1.42.1 + uses: crate-ci/typos@631208b7aac2daa8b707f55e7331f9112b0e062d # v1.44.0 with: config: .github/typos.toml validate-readme-files: @@ -106,7 +106,7 @@ jobs: - name: Check out code uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Go - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6 + uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 with: go-version: "1.24.0" - name: Validate contributors diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 599ad548..c922d344 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6 + - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6 with: go-version: stable - name: golangci-lint diff --git a/.github/workflows/version-bump.yaml b/.github/workflows/version-bump.yaml index 2e255414..c5dbc1b8 100644 --- a/.github/workflows/version-bump.yaml +++ b/.github/workflows/version-bump.yaml @@ -26,12 +26,12 @@ jobs: token: ${{ secrets.GITHUB_TOKEN }} - name: Set up Bun - uses: oven-sh/setup-bun@3d267786b128fe76c2f16a390aa2448b815359f3 # v2 + uses: oven-sh/setup-bun@ecf28ddc73e819eb6fa29df6b34ef8921c743461 # v2 with: bun-version: latest - name: Set up Terraform - uses: coder/coder/.github/actions/setup-tf@b5360a9180613328a62d64efcfaac5a31980c746 # v2.29.2 + uses: coder/coder/.github/actions/setup-tf@deaacff8437e3f4ee84bc51c4e5162f6dd7d190e # v2.31.3 - name: Install dependencies run: bun install diff --git a/.github/workflows/zizmor.yaml b/.github/workflows/zizmor.yaml index 8dc3a171..ad349429 100644 --- a/.github/workflows/zizmor.yaml +++ b/.github/workflows/zizmor.yaml @@ -27,7 +27,7 @@ jobs: persist-credentials: false - name: Run zizmor (blocking, HIGH only) - uses: zizmorcore/zizmor-action@135698455da5c3b3e55f73f4419e481ab68cdd95 # v0.4.1 + uses: zizmorcore/zizmor-action@71321a20a9ded102f6e9ce5718a2fcec2c4f70d8 # v0.5.2 with: advanced-security: false annotations: true @@ -49,7 +49,7 @@ jobs: persist-credentials: false - name: Run zizmor (SARIF) - uses: zizmorcore/zizmor-action@135698455da5c3b3e55f73f4419e481ab68cdd95 # v0.4.1 + uses: zizmorcore/zizmor-action@71321a20a9ded102f6e9ce5718a2fcec2c4f70d8 # v0.5.2 with: inputs: | .github/workflows