Bump the github-actions group across 2 directories with 3 updates

Bumps the github-actions group with 3 updates in the / directory: [actions/setup-node](https://github.com/actions/setup-node), [github/codeql-action](https://github.com/github/codeql-action) and [actions/github-script](https://github.com/actions/github-script). Bumps the github-actions group with 1 update in the /.github/actions/build-dist directory: [actions/setup-node](https://github.com/actions/setup-node). Updates `actions/setup-node` from 4.4.0 to 5.0.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](49933ea528...a0853c2454) Updates `github/codeql-action` from 3.30.0 to 3.30.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](2d92b76c45...f1f6e5f6af) Updates `actions/github-script` from 7.0.1 to 8.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](60a0d83039...ed597411d8) Updates `actions/setup-node` from 4.4.0 to 5.0.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](49933ea528...a0853c2454) --- updated-dependencies: - dependency-name: actions/setup-node dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 3.30.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/github-script dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-node dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
2025-10-16 22:38:36 +08:00 · 2025-09-08 23:16:47 +00:00 · 2025-09-08 23:16:47 +00:00 · 28a61d1167
commit 28a61d1167
parent 76d3b998d4
10 changed files with 16 additions and 16 deletions
--- a/.github/actions/build-dist/action.yml
+++ b/.github/actions/build-dist/action.yml
@ -3,7 +3,7 @@ name: 'Build and upload distribution'
 runs:
  using: "composite"
  steps: 
-    - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+    - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
      with:
        node-version: 20
        cache: npm
--- a/.github/workflows/ci-check-and-unit-test.yml
+++ b/.github/workflows/ci-check-and-unit-test.yml
@ -19,7 +19,7 @@ jobs:
    steps:
    - name: Checkout sources
      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
-    - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+    - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
      with:
        node-version: 20
        cache: npm
--- a/.github/workflows/ci-codeql.yml
+++ b/.github/workflows/ci-codeql.yml
@ -35,7 +35,7 @@ jobs:

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3.29.5
+      uses: github/codeql-action/init@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.29.5
      with:
        languages: ${{ matrix.language }}
        config: |
@ -43,4 +43,4 @@ jobs:
          - sources/src

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3.29.5
+      uses: github/codeql-action/analyze@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.29.5
--- a/.github/workflows/ci-ossf-scorecard.yml
+++ b/.github/workflows/ci-ossf-scorecard.yml
@ -52,6 +52,6 @@ jobs:

      # Upload the results to GitHub's code scanning dashboard.
      - name: 'Upload to code-scanning'
-        uses: github/codeql-action/upload-sarif@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3.29.5
+        uses: github/codeql-action/upload-sarif@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.29.5
        with:
          sarif_file: results.sarif
--- a/.github/workflows/ci-update-dist.yml
+++ b/.github/workflows/ci-update-dist.yml
@ -28,7 +28,7 @@ jobs:
        token: ${{ secrets.BOT_GITHUB_TOKEN }}

    - name: Set up Node.js
-      uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+      uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
      with:
        node-version: 20
        cache: npm
--- a/.github/workflows/integ-test-build-scan-publish.yml
+++ b/.github/workflows/integ-test-build-scan-publish.yml
@ -62,7 +62,7 @@ jobs:
      run: gradle help
    - name: Check Build Scan url
      if: ${{ !steps.gradle.outputs.build-scan-url }}
-      uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
+      uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
      with:
        script: |
          core.setFailed('No Build Scan detected')   
--- a/.github/workflows/integ-test-caching-config.yml
+++ b/.github/workflows/integ-test-caching-config.yml
@ -105,7 +105,7 @@ jobs:
      run: ./gradlew help
    - name: Check Build Scan url is captured
      if: ${{ !steps.gradle.outputs.build-scan-url }}
-      uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
+      uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
      with:
        script: |
          core.setFailed('No Build Scan detected')
@ -129,7 +129,7 @@ jobs:
      run: ./gradlew help
    - name: Check Build Scan url is captured
      if: ${{ !steps.gradle.outputs.build-scan-url }}
-      uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
+      uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
      with:
        script: |
          core.setFailed('No Build Scan detected')
--- a/.github/workflows/integ-test-inject-develocity.yml
+++ b/.github/workflows/integ-test-inject-develocity.yml
@ -72,7 +72,7 @@ jobs:
      run: gradle help
    - name: Check Build Scan url
      if: ${{ !steps.gradle.outputs.build-scan-url }}
-      uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
+      uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
      with:
        script: |
          core.setFailed('No Build Scan detected')
@ -129,7 +129,7 @@ jobs:
        run: "[ ${#GRADLE_ENTERPRISE_ACCESS_KEY} -gt 500 ] || (echo 'GRADLE_ENTERPRISE_ACCESS_KEY does not look like a short lived token'; exit 1)"
      - name: Check Build Scan url
        if: ${{ !steps.gradle.outputs.build-scan-url }}
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
+        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
        with:
          script: |
            core.setFailed('No Build Scan detected')
@ -225,7 +225,7 @@ jobs:
        run: gradle help
      - name: Check Build Scan url
        if: ${{ !steps.gradle.outputs.build-scan-url }}
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
+        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
        with:
          script: |
            core.setFailed('No Build Scan detected')
--- a/.github/workflows/integ-test-provision-gradle-versions.yml
+++ b/.github/workflows/integ-test-provision-gradle-versions.yml
@ -77,7 +77,7 @@ jobs:
      run: gradle help
    - name: Check current version output parameter
      if: ${{ !startsWith(steps.gradle-current.outputs.gradle-version , '9.') }}
-      uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
+      uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
      with:
        script: |
          core.setFailed('Gradle version parameter not set correctly: value was "${{ steps.gradle-current.outputs.gradle-version }}"')    
@ -122,7 +122,7 @@ jobs:
        gradle-version: ${{ matrix.gradle }}
    - name: Check output parameter
      if: ${{ steps.setup-gradle.outputs.gradle-version != matrix.gradle }}
-      uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
+      uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
      with:
        script: |
          core.setFailed('Gradle version parameter not set correctly: value was "${{ steps.setup-gradle.outputs.gradle-version }}"')    
@ -132,7 +132,7 @@ jobs:
      run: gradle help "-DgradleVersionCheck=${{matrix.gradle}}"
    - name: Check Build Scan url
      if: ${{ !steps.gradle.outputs.build-scan-url }}
-      uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
+      uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
      with:
        script: |
          core.setFailed('No Build Scan detected')    
--- a/.github/workflows/update-checksums-file.yml
+++ b/.github/workflows/update-checksums-file.yml
@ -22,7 +22,7 @@ jobs:
        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0

      - name: Set up Node.js
-        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
+        uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0
        with:
          node-version: 20
          cache: npm