Bump the github-actions group with 6 updates

Bumps the github-actions group with 6 updates: | Package | From | To | | --- | --- | --- | | [google/osv-scanner-action](https://github.com/google/osv-scanner-action) | `1.8.2` | `1.8.4` | | [actions/setup-python](https://github.com/actions/setup-python) | `5.1.1` | `5.2.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.4` | `4.4.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.25.15` | `3.26.6` | | [docker/login-action](https://github.com/docker/login-action) | `3.2.0` | `3.3.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.5.0` | `6.7.0` | Updates `google/osv-scanner-action` from 1.8.2 to 1.8.4 - [Release notes](https://github.com/google/osv-scanner-action/releases) - [Commits](https://github.com/google/osv-scanner-action/compare/v1.8.2...v1.8.4) Updates `actions/setup-python` from 5.1.1 to 5.2.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](39cd14951b...f677139bbe) Updates `actions/upload-artifact` from 4.3.4 to 4.4.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](0b2256b8c0...50769540e7) Updates `github/codeql-action` from 3.25.15 to 3.26.6 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](afb54ba388...4dd16135b6) Updates `docker/login-action` from 3.2.0 to 3.3.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v3.2.0...9780b0c442fbb1117ed29e0efdff1e18412f7567) Updates `docker/build-push-action` from 6.5.0 to 6.7.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](5176d81f87...5cd11c3a4c) --- updated-dependencies: - dependency-name: google/osv-scanner-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
2025-12-06 12:20:11 +01:00 · 2024-09-01 08:46:56 +00:00 · 2024-09-01 08:46:56 +00:00 · f43de6599e
commit f43de6599e
parent a2b5fefd91
6 changed files with 8 additions and 8 deletions
--- a/.github/workflows/osv-scanner-scheduled.yml
+++ b/.github/workflows/osv-scanner-scheduled.yml
@ -28,7 +28,7 @@ permissions:
 jobs:
  scan-scheduled:
    if: github.repository == 'tensorflow/tensorflow'
-    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v1.8.2"
+    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v1.8.4"
    with:
      scan-args: |-
        --lockfile=requirements.txt:./requirements_lock_3_9.txt
--- a/.github/workflows/pylint-presubmit.yml
+++ b/.github/workflows/pylint-presubmit.yml
@ -38,7 +38,7 @@ jobs:
      run: |
        echo Changed files: ${{ steps.get_file_changes.outputs.files }}
    - name: Set up Python 3.9
-      uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
+      uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0
      with:
        python-version: "3.9"
    - name: Install Python dependencies
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@ -55,7 +55,7 @@ jobs:
      # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
      # format to the repository Actions tab.
      - name: "Upload artifact"
-        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
        with:
          name: SARIF file
          path: results.sarif
@ -64,6 +64,6 @@ jobs:
      # Upload the results to GitHub's code scanning dashboard (optional).
      # Commenting out will disable upload of results to your repo's Code Scanning dashboard
      - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
+        uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
        with:
          sarif_file: results.sarif
--- a/.github/workflows/sigbuild-docker-branch.yml
+++ b/.github/workflows/sigbuild-docker-branch.yml
@ -67,7 +67,7 @@ jobs:
      -
        name: Build and push
        id: docker_build
-        uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0
+        uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
        with:
          push: true
          context: ./tensorflow/tools/tf_sig_build_dockerfiles
--- a/.github/workflows/sigbuild-docker-presubmit.yml
+++ b/.github/workflows/sigbuild-docker-presubmit.yml
@ -60,7 +60,7 @@ jobs:
        name: Login to AR
        # Once this is verified, change the label's name. For now, we will piggyback on gcr.io actions.
        if: contains(github.event.pull_request.labels.*.name, 'build and push to gcr.io for staging')
-        uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0
+        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3.3.0
        with:
          registry: us-central1-docker.pkg.dev
          username: _json_key
@ -73,7 +73,7 @@ jobs:
      -
        name: Build containers, and push to GCR only if the 'build and push to gcr.io for staging' label is applied
        id: docker_build
-        uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0
+        uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
        with:
          push: ${{ contains(github.event.pull_request.labels.*.name, 'build and push to gcr.io for staging') }}
          context: ./tensorflow/tools/tf_sig_build_dockerfiles
--- a/.github/workflows/sigbuild-docker.yml
+++ b/.github/workflows/sigbuild-docker.yml
@ -82,7 +82,7 @@ jobs:
      -
        name: Build and push
        id: docker_build
-        uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0
+        uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0
        with:
          push: true
          context: ./tensorflow/tools/tf_sig_build_dockerfiles