From dee97e51a2179105b282e5927da5c13e6e1f1263 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Thu, 2 Jul 2026 12:50:13 +0000 Subject: [PATCH] Update all dependencies --- .github/workflows/cd.yml | 8 ++++---- .github/workflows/ci.yml | 12 ++++++------ .github/workflows/scorecards.yml | 10 +++++----- mix.exs | 2 +- 4 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index 8cd7d3f6..250dde0b 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -20,7 +20,7 @@ jobs: HEX_API_KEY: ${{ secrets.HEX_API_KEY }} steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: block @@ -30,12 +30,12 @@ jobs: repo.hex.pm:443 builds.hex.pm:443 - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - - uses: erlef/setup-elixir@a6e26b22319003294c58386b6f25edbc7336819a # v1.18.0 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + - uses: erlef/setup-elixir@54075bcc5e249e4758d363f27d099f55d843f124 # v1.24.1 with: otp-version: ${{ matrix.otp }} elixir-version: ${{ matrix.elixir }} - - uses: actions/cache@v4 + - uses: actions/cache@v6 with: path: deps key: ${{ runner.os }}-mix-${{ hashFiles(format('{0}{1}', github.workspace, '/mix.lock')) }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ef607b8b..5596bc10 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -25,7 +25,7 @@ jobs: MIX_ENV: test steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: block @@ -36,10 +36,10 @@ jobs: builds.hex.pm:443 - name: Checkout Github repo - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Sets up an Erlang/OTP environment - uses: erlef/setup-elixir@a6e26b22319003294c58386b6f25edbc7336819a # v1.18.0 + uses: erlef/setup-elixir@54075bcc5e249e4758d363f27d099f55d843f124 # v1.24.1 with: otp-version: ${{ matrix.otp }} elixir-version: ${{ matrix.elixir }} @@ -51,7 +51,7 @@ jobs: echo "::set-output name=mix_hash::$mix_hash" - name: Cache dependecies - uses: actions/cache@v4 + uses: actions/cache@v6 with: path: deps key: ${{ runner.os }}-mix-${{ steps.set_vars.outputs.mix_hash }} @@ -60,7 +60,7 @@ jobs: - name: Cache PLT files id: plt-cache - uses: actions/cache@v4 + uses: actions/cache@v6 with: path: | _build @@ -91,7 +91,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 4eb111d2..87385818 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6 # v2.8.1 + uses: step-security/harden-runner@9af89fc71515a100421586dfdb3dc9c984fbf411 # v2.19.4 with: disable-sudo: true egress-policy: block @@ -38,12 +38,12 @@ jobs: www.bestpractices.dev:443 - name: "Checkout code" - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3 + uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3 with: results_file: results.sarif results_format: sarif @@ -62,7 +62,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: SARIF file path: results.sarif @@ -70,6 +70,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12 + uses: github/codeql-action/upload-sarif@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v4.36.3 with: sarif_file: results.sarif diff --git a/mix.exs b/mix.exs index bcf82b12..9d2f0028 100644 --- a/mix.exs +++ b/mix.exs @@ -42,7 +42,7 @@ defmodule StellarBase.MixProject do {:excoveralls, "~> 0.18.1", only: :test, runtime: false}, {:castore, "~> 1.0"}, {:credo, "~> 1.7", only: [:dev, :test], runtime: false}, - {:ex_doc, "~> 0.34", only: :dev, runtime: false} + {:ex_doc, "~> 0.40", only: :dev, runtime: false} ] end