build(deps): bump the github-actions group with 3 updates

Bumps the github-actions group with 3 updates: [actions/setup-go](https://github.com/actions/setup-go), [github/codeql-action](https://github.com/github/codeql-action) and [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action). Updates `actions/setup-go` from 5.5.0 to 6.0.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@d35c59a...4469467) Updates `github/codeql-action` from 3.30.0 to 3.30.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@2d92b76...f1f6e5f) Updates `aquasecurity/trivy-action` from 0.33.0 to 0.33.1 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@f9424c1...b6643a2) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 3.30.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: aquasecurity/trivy-action dependency-version: 0.33.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>

Author: dependabot[bot]

.github/workflows/lib-build.yaml

@@ -40,7 +40,7 @@ jobs:
  builder: [buildah, docker]
  steps:
  - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4
- - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5
+ - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v5
  with:
  go-version-file: go.mod
  check-latest: true

.github/workflows/lib-codeql.yaml

@@ -19,7 +19,7 @@ jobs:
  steps:
  - name: Checkout repository
  uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4
- - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5
+ - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v5
  with:
  go-version-file: go.mod
  check-latest: true
@@ -29,11 +29,11 @@ jobs:
  sudo apt-get update
  sudo apt-get install -y libze1 libze-dev
  - name: Initialize CodeQL
- uses: github/codeql-action/init@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3
+ uses: github/codeql-action/init@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3
  with:
  languages: 'go'
 
  - name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3
+ uses: github/codeql-action/analyze@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3
  with:
  category: "/language:go"

.github/workflows/lib-publish.yaml

@@ -58,7 +58,7 @@ jobs:
  - intel-idxd-config-initcontainer
  steps:
  - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4
- - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5
+ - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v5
  with:
  go-version-file: go.mod
  check-latest: true
@@ -69,7 +69,7 @@ jobs:
  run: |
  ORG=${{ inputs.registry }} TAG=${{ inputs.image_tag }} make ${IMAGE_NAME} BUILDER=docker
  - name: Trivy scan for image
- uses: aquasecurity/trivy-action@f9424c10c36e288d5fa79bd3dfd1aeb2d6eae808 # 0.33.0
+ uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
  with:
  scan-type: image
  image-ref: ${{ inputs.registry }}/${{ matrix.image }}:${{ inputs.image_tag }}

.github/workflows/lib-scorecard.yaml

@@ -26,6 +26,6 @@ jobs:
  results_format: sarif
  publish_results: true
  - name: "Upload results to security"
- uses: github/codeql-action/upload-sarif@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3
+ uses: github/codeql-action/upload-sarif@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3
  with:
  sarif_file: results.sarif

.github/workflows/lib-trivy.yaml

@@ -32,7 +32,7 @@ jobs:
  - name: Checkout
  uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4
  - name: Run Trivy in config mode for deployments
- uses: aquasecurity/trivy-action@f9424c10c36e288d5fa79bd3dfd1aeb2d6eae808 # 0.33.0
+ uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
  with:
  scan-type: config
  scan-ref: deployments/
@@ -50,7 +50,7 @@ jobs:
  - name: Checkout
  uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4
  - name: Run Trivy in config mode for dockerfiles
- uses: aquasecurity/trivy-action@f9424c10c36e288d5fa79bd3dfd1aeb2d6eae808 # 0.33.0
+ uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
  with:
  scan-type: config
  scan-ref: build/docker/
@@ -64,7 +64,7 @@ jobs:
  - name: Checkout
  uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4
  - name: Run Trivy in fs mode
- uses: aquasecurity/trivy-action@f9424c10c36e288d5fa79bd3dfd1aeb2d6eae808 # 0.33.0
+ uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
  with:
  scan-type: fs
  scan-ref: .
@@ -81,7 +81,7 @@ jobs:
  - name: Checkout
  uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4
  - name: Run Trivy in fs mode
- uses: aquasecurity/trivy-action@f9424c10c36e288d5fa79bd3dfd1aeb2d6eae808 # 0.33.0
+ uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
  with:
  scan-type: fs
  scan-ref: .

.github/workflows/lib-validate.yaml

@@ -35,7 +35,7 @@ jobs:
  runs-on: ubuntu-24.04
  steps:
  - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4
- - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5
+ - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v5
  with:
  go-version-file: go.mod
  check-latest: true
@@ -53,7 +53,7 @@ jobs:
  runs-on: ubuntu-24.04
  steps:
  - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4
- - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5
+ - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v5
  with:
  go-version-file: go.mod
  check-latest: true
@@ -82,7 +82,7 @@ jobs:
  - 1.34.x
  steps:
  - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4
- - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5
+ - uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v5
  with:
  go-version-file: go.mod
  check-latest: true

.github/workflows/trivy-periodic.yaml

@@ -22,7 +22,7 @@ jobs:
  - name: Run Trivy in fs mode
  # Don't fail in case of vulnerabilities, report them in the next step
  continue-on-error: true
- uses: aquasecurity/trivy-action@f9424c10c36e288d5fa79bd3dfd1aeb2d6eae808 # 0.33.0
+ uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
  with:
  scan-type: fs
  scan-ref: .
@@ -31,6 +31,6 @@ jobs:
  format: sarif
  output: trivy-report.sarif
  - name: Upload sarif report to GitHub Security tab
- uses: github/codeql-action/upload-sarif@2d92b76c45b91eb80fc44c74ce3fce0ee94e8f9d # v3
+ uses: github/codeql-action/upload-sarif@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3
  with:
  sarif_file: trivy-report.sarif