From ebe28ad2723369261ce8fde9b9104425549a6a0f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 1 May 2026 19:40:13 +0000 Subject: [PATCH] Bump the github-actions group with 6 updates Bumps the github-actions group with 6 updates: | Package | From | To | | --- | --- | --- | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.5.0` | `3.0.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `8.0.0` | `8.0.1` | | [SamKirkland/FTP-Deploy-Action](https://github.com/samkirkland/ftp-deploy-action) | `4.3.6` | `4.4.0` | | [actions/cache](https://github.com/actions/cache) | `5.0.4` | `5.0.5` | | [actions/github-script](https://github.com/actions/github-script) | `8.0.0` | `9.0.0` | Updates `actions/upload-artifact` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a) Updates `softprops/action-gh-release` from 2.5.0 to 3.0.0 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](https://github.com/softprops/action-gh-release/compare/v2.5.0...b4309332981a82ec1c5618f44dd2e27cc8bfbfda) Updates `actions/download-artifact` from 8.0.0 to 8.0.1 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v8...3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c) Updates `SamKirkland/FTP-Deploy-Action` from 4.3.6 to 4.4.0 - [Release notes](https://github.com/samkirkland/ftp-deploy-action/releases) - [Commits](https://github.com/samkirkland/ftp-deploy-action/compare/a51268f67f6605236975928ae28b0f7e9971d50a...110f9186c050f71550953127052e77650219c287) Updates `actions/cache` from 5.0.4 to 5.0.5 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/668228422ae6a00e4ad889ee87cd7109ec5666a7...27d5ce7f107fe9357f9df03efb73ab90386fccae) Updates `actions/github-script` from 8.0.0 to 9.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/ed597411d8f924073f98dfc5c65a23a2325f34cd...3a2844b7e9c422d3c10d287c895573f7108da1b3) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: softprops/action-gh-release dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: SamKirkland/FTP-Deploy-Action dependency-version: 4.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/cache dependency-version: 5.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/github-script dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/appimage.yml | 6 +++--- .github/workflows/av-whitelist.yml | 4 ++-- .github/workflows/build.yml | 2 +- .github/workflows/debian.yml | 2 +- .github/workflows/dl-stats.yml | 2 +- .github/workflows/draft-release.yml | 4 ++-- .github/workflows/error-db.yml | 2 +- .github/workflows/linux-flatpak.yml | 4 ++-- .github/workflows/linux-makepkg.yml | 4 ++-- .github/workflows/mac-dmg-x64.yml | 4 ++-- .github/workflows/mac-dmg.yml | 4 ++-- .github/workflows/release-check.yml | 2 +- .github/workflows/win-exe.yml | 6 +++--- 13 files changed, 23 insertions(+), 23 deletions(-) diff --git a/.github/workflows/appimage.yml b/.github/workflows/appimage.yml index 8bc12fcb4..9ffa0e984 100644 --- a/.github/workflows/appimage.yml +++ b/.github/workflows/appimage.yml @@ -210,7 +210,7 @@ jobs: gpg --batch --quiet --passphrase-fd 0 --pinentry-mode loopback -u 615D449FE6E6A235 --detach-sign -a cryptomator-*.AppImage gpg --batch --quiet --passphrase-fd 0 --pinentry-mode loopback -u 615D449FE6E6A235 --detach-sign -a cryptomator-*.AppImage.zsync - name: Upload artifacts - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: appimage-${{ matrix.arch }} path: | @@ -220,7 +220,7 @@ jobs: if-no-files-found: error - name: Publish AppImage on GitHub Releases if: inputs.upload-to-draft - uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1 + uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0 with: draft: true fail_on_unmatched_files: true @@ -240,7 +240,7 @@ jobs: aarch64-sha256sum: ${{ steps.sha256sum.outputs.aarch64-sha256sum }} steps: - name: Download AppImage artifacts - uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: pattern: appimage-* path: appimage-artifacts diff --git a/.github/workflows/av-whitelist.yml b/.github/workflows/av-whitelist.yml index 7577662da..a609fc033 100644 --- a/.github/workflows/av-whitelist.yml +++ b/.github/workflows/av-whitelist.yml @@ -51,7 +51,7 @@ jobs: - name: Download file run: curl --silent --fail-with-body --proto "=https" -L "${INPUT_URL}" -o "${{steps.extractName.outputs.fileName}}" - name: Upload artifact - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: ${{ steps.extractName.outputs.fileName }} path: ${{ steps.extractName.outputs.fileName }} @@ -68,7 +68,7 @@ jobs: name: ${{ needs.download-file.outputs.fileName }} path: upload - name: Upload to Kaspersky - uses: SamKirkland/FTP-Deploy-Action@a51268f67f6605236975928ae28b0f7e9971d50a # v4.6.3 + uses: SamKirkland/FTP-Deploy-Action@110f9186c050f71550953127052e77650219c287 # v4.6.3 with: protocol: ftps server: allowlist.kaspersky-labs.com diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4061626ad..c51eeb7de 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -29,7 +29,7 @@ jobs: java-version: ${{ env.JAVA_VERSION }} cache: 'maven' - name: Cache SonarCloud packages - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 with: path: ~/.sonar/cache key: ${{ runner.os }}-sonar diff --git a/.github/workflows/debian.yml b/.github/workflows/debian.yml index 140120f4a..658641051 100644 --- a/.github/workflows/debian.yml +++ b/.github/workflows/debian.yml @@ -145,7 +145,7 @@ jobs: run: | gpg --batch --quiet --passphrase-fd 0 --pinentry-mode loopback -u 615D449FE6E6A235 --detach-sign -a cryptomator_*_amd64.deb - name: Upload artifacts - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: linux-deb-package path: | diff --git a/.github/workflows/dl-stats.yml b/.github/workflows/dl-stats.yml index bfc53db3c..3c9c0b107 100644 --- a/.github/workflows/dl-stats.yml +++ b/.github/workflows/dl-stats.yml @@ -10,7 +10,7 @@ jobs: steps: - name: Get download count of latest releases id: get-stats - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: script: | const query = `query($owner:String!, $name:String!) { diff --git a/.github/workflows/draft-release.yml b/.github/workflows/draft-release.yml index 57a93b7d9..dbe2e777a 100644 --- a/.github/workflows/draft-release.yml +++ b/.github/workflows/draft-release.yml @@ -42,7 +42,7 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any - name: Draft a release - uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0 + uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0 with: draft: true discussion_category_name: releases @@ -60,7 +60,7 @@ jobs: GPG_PRIVATE_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }} GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }} - name: Publish asc on GitHub Releases - uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0 + uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0 with: draft: true fail_on_unmatched_files: true diff --git a/.github/workflows/error-db.yml b/.github/workflows/error-db.yml index 5c2ffebe8..7e27c89ed 100644 --- a/.github/workflows/error-db.yml +++ b/.github/workflows/error-db.yml @@ -14,7 +14,7 @@ jobs: - name: Query Discussion Data if: github.event_name == 'discussion_comment' || github.event_name == 'discussion' && github.event.action != 'deleted' id: query-data - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: script: | const query = `query ($owner: String!, $name: String!, $discussionNumber: Int!) { diff --git a/.github/workflows/linux-flatpak.yml b/.github/workflows/linux-flatpak.yml index 83afbed39..d4753a591 100644 --- a/.github/workflows/linux-flatpak.yml +++ b/.github/workflows/linux-flatpak.yml @@ -77,7 +77,7 @@ jobs: commit: ${{ env.SRC_GIT_SHA }} - name: Copy build script for upload run: cp org.cryptomator.Cryptomator.yaml org.cryptomator.Cryptomator.${{matrix.variant.arch}}.yaml - - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: archive: false if-no-files-found: error @@ -129,7 +129,7 @@ jobs: EOF done < maven-dependency-files-javafx.txt ) > javafx-maven-dependencies-${{ matrix.variant.arch }}.yaml - - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: maven-sources-${{ matrix.variant.arch }} if-no-files-found: error diff --git a/.github/workflows/linux-makepkg.yml b/.github/workflows/linux-makepkg.yml index 7f195c7db..a3041df08 100644 --- a/.github/workflows/linux-makepkg.yml +++ b/.github/workflows/linux-makepkg.yml @@ -69,13 +69,13 @@ jobs: sudo -u builder env PKGDEST="$PKGDEST" SRCDEST="$SRCDEST" makepkg --syncdeps --cleanbuild --noconfirm --log - - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: arch-package if-no-files-found: error path: | ${{ env.PKGDEST }}/*.pkg.tar.zst - - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + - uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: pkgbuild-file if-no-files-found: error diff --git a/.github/workflows/mac-dmg-x64.yml b/.github/workflows/mac-dmg-x64.yml index 550be16a8..096512798 100644 --- a/.github/workflows/mac-dmg-x64.yml +++ b/.github/workflows/mac-dmg-x64.yml @@ -303,7 +303,7 @@ jobs: run: security delete-keychain $RUNNER_TEMP/codesign.keychain-db continue-on-error: true - name: Upload artifacts - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: dmg-${{ matrix.output-suffix }} path: | @@ -312,7 +312,7 @@ jobs: if-no-files-found: error - name: Publish dmg on GitHub Releases if: inputs.upload-to-draft - uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1 + uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0 with: draft: true fail_on_unmatched_files: true diff --git a/.github/workflows/mac-dmg.yml b/.github/workflows/mac-dmg.yml index 683e5ab76..2bdecdf05 100644 --- a/.github/workflows/mac-dmg.yml +++ b/.github/workflows/mac-dmg.yml @@ -302,7 +302,7 @@ jobs: run: security delete-keychain $RUNNER_TEMP/codesign.keychain-db continue-on-error: true - name: Upload artifacts - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: dmg-${{ matrix.output-suffix }} path: | @@ -311,7 +311,7 @@ jobs: if-no-files-found: error - name: Publish dmg on GitHub Releases if: inputs.upload-to-draft - uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1 + uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0 with: draft: true fail_on_unmatched_files: true diff --git a/.github/workflows/release-check.yml b/.github/workflows/release-check.yml index bae89301d..969810c88 100644 --- a/.github/workflows/release-check.yml +++ b/.github/workflows/release-check.yml @@ -50,7 +50,7 @@ jobs: exit 1 fi - name: Cache NVD DB - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 with: path: ~/.m2/repository/org/owasp/dependency-check-data/ key: dependency-check-${{ github.run_id }} diff --git a/.github/workflows/win-exe.yml b/.github/workflows/win-exe.yml index b8fd9ee02..47d949097 100644 --- a/.github/workflows/win-exe.yml +++ b/.github/workflows/win-exe.yml @@ -308,7 +308,7 @@ jobs: GPG_PRIVATE_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }} GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }} - name: Upload artifacts - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: msi-${{ matrix.arch }} path: | @@ -441,7 +441,7 @@ jobs: GPG_PRIVATE_KEY: ${{ secrets.RELEASES_GPG_PRIVATE_KEY }} GPG_PASSPHRASE: ${{ secrets.RELEASES_GPG_PASSPHRASE }} - name: Upload artifacts - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: exe-${{ matrix.executable-suffix }} path: | @@ -461,7 +461,7 @@ jobs: merge-multiple: true - name: Publish installers on GitHub Releases id: publish - uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1 + uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0 with: draft: true fail_on_unmatched_files: true