build(deps): Bump the actions group with 3 updates

Bumps the actions group with 3 updates: [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint), [actions/upload-artifact](https://github.com/actions/upload-artifact) and [actions/download-artifact](https://github.com/actions/download-artifact). Updates `reviewdog/action-actionlint` from 1.51.0 to 1.53.0 - [Release notes](https://github.com/reviewdog/action-actionlint/releases) - [Commits](reviewdog/action-actionlint@afad3b6...d99f1ce) Updates `actions/upload-artifact` from 4.3.3 to 4.3.4 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@6546280...0b2256b) Updates `actions/download-artifact` from 4.1.7 to 4.1.8 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@65a9edc...fa0a91b) --- updated-dependencies: - dependency-name: reviewdog/action-actionlint dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <[email protected]>
sigstore · Jul 8, 2024 · a3fb2e1 · a3fb2e1
1 parent d5a2984
commit a3fb2e1
Show file tree

Hide file tree

Showing 5 changed files with 10 additions and 10 deletions.
diff --git a/.github/workflows/ci-test.yml b/.github/workflows/ci-test.yml
@@ -60,7 +60,7 @@ jobs:
     steps:
       - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
       - name: Check workflow files
-        uses: reviewdog/action-actionlint@afad3b6ab835e5611bda8c8193377e2d5c21413d # v1.51.0
+        uses: reviewdog/action-actionlint@d99f1ceaf59e7db022a790dc308ccccb68dda71a # v1.53.0
         # TODO(asraa): Re-enable shellcheck from actionlint
         with:
           actionlint_flags: -color -shellcheck=

diff --git a/.github/workflows/custom-test.yml b/.github/workflows/custom-test.yml
@@ -42,7 +42,7 @@ jobs:
           python -m sigstore verify github --cert-identity $IDENTITY --bundle artifact.sigstore.json artifact
 
       - name: Upload the bundle for other clients to verify
-        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
+        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
         with:
           name: bundle
           path: artifact.sigstore.json
@@ -91,7 +91,7 @@ jobs:
         run: curl -o root.json ${METADATA_URL}/1.root.json
 
       - name: Download bundle to verify
-        uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
+        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
         with:
           name: bundle
 
@@ -120,7 +120,7 @@ jobs:
         run: curl -o root.json ${METADATA_URL}/1.root.json
 
       - name: Download bundle to verify
-        uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
+        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
         with:
           name: bundle
 
@@ -161,7 +161,7 @@ jobs:
           tar -xvf sigstore-cli/build/distributions/sigstore-cli-*.tar --strip-components 1
 
       - name: Download bundle to verify
-        uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
+        uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
         with:
           name: bundle
 

diff --git a/.github/workflows/deploy-to-gcs.yml b/.github/workflows/deploy-to-gcs.yml
@@ -12,7 +12,7 @@ jobs:
       id-token: 'write' # For authenticating with the GitHub workflow identity
 
     steps:
-      - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
+      - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
         with:
           name: github-pages
 

diff --git a/.github/workflows/initialize.yml b/.github/workflows/initialize.yml
@@ -108,7 +108,7 @@ jobs:
         run: |
           ./scripts/step-1.5.sh ${{ inputs.revoke_key }}
       - name: Upload new repository
-        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
+        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
         with:
           name: ${{ inputs.repo }}
           path: ${{ inputs.repo }}
@@ -125,7 +125,7 @@ jobs:
         with:
           ref: ${{ inputs.branch }}
           fetch-depth: 0
-      - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
+      - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
         with:
           name: ${{ inputs.repo }}
           path: ${{ inputs.repo }}

diff --git a/.github/workflows/reuseable-snapshot-timestamp.yml b/.github/workflows/reuseable-snapshot-timestamp.yml
@@ -141,7 +141,7 @@ jobs:
           git format-patch HEAD^ -o snapshot-timestamp
 
       - name: Upload snapshot and timestamp
-        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
+        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
         with:
           name: snapshot-timestamp
           path: snapshot-timestamp
@@ -182,7 +182,7 @@ jobs:
         with:
           fetch-depth: 0
           ref: ${{ inputs.branch }}
-      - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
+      - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
         with:
           name: snapshot-timestamp
           path: snapshot-timestamp