chore(deps): update actions/checkout action to v5

2025-09-09 13:05:31 +00:00
5 changed files with 15 additions and 30 deletions
--- a/.gitea/workflows/ci.yml
+++ b/.gitea/workflows/ci.yml
@@ -12,12 +12,12 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Check out repository code
-        uses: actions/checkout@v6.0.2
+        uses: actions/checkout@v5.0.0
        with:
          fetch-depth: 0

      - name: Run Hadolint
-        uses: hadolint/hadolint-action@v3.3.0
+        uses: hadolint/hadolint-action@v3.2.0
        with:
          dockerfile: Dockerfile
          output-file: hadolint.out
@@ -38,10 +38,10 @@ jobs:
      #     # command: snyk
      #     args: snyk code test --all-projects --exclude=.archive

-      # - name: Snyk Vulnerability Scan
-      #   uses: snyk/actions/python@master
-      #   continue-on-error: true # Sometimes vulns aren't immediately fixable
-      #   env:
-      #     SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
-      #   with:
-      #     args: test --all-projects
+      - name: Snyk Vulnerability Scan
+        uses: snyk/actions/python@master
+        continue-on-error: true # Sometimes vulns aren't immediately fixable
+        env:
+          SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+        with:
+          args: test --all-projects
--- a/.gitea/workflows/conventional_commit.yml
+++ b/.gitea/workflows/conventional_commit.yml
@@ -11,6 +11,6 @@ jobs:
  validate:
    runs-on: ubuntu-latest
    steps:
-      - uses: https://git.tainton.uk/actions/conventional-commits-check-action@v1.3.0
+      - uses: https://git.tainton.uk/actions/conventional-commits-check-action@v1.2.4
        with:
          commit-message: ${{ gitea.event.pull_request.title }}
--- a/.gitea/workflows/release.yml
+++ b/.gitea/workflows/release.yml
@@ -45,7 +45,7 @@ jobs:
          REPO: ${{ gitea.repository }}

      - name: Check out repository
-        uses: actions/checkout@v6.0.2
+        uses: actions/checkout@v5.0.0
        with:
          fetch-depth: 0
          ref: ${{ needs.tag.outputs.tag_name }}
@@ -54,14 +54,14 @@ jobs:
        uses: docker/setup-buildx-action@v3

      - name: Log in to Gitea Container Registry
-        uses: docker/login-action@v4
+        uses: docker/login-action@v3
        with:
          registry: ${{ vars.PACKAGES_REGISTRY_URL }}
          username: ${{ vars.ACTIONS_USERNAME }}
          password: ${{ secrets.ACTIONS_TOKEN }}

      - name: Log in to GitHub Container Registry
-        uses: docker/login-action@v4
+        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: ${{ vars.GHCR_USERNAME }}
--- a/2
+++ b/2
@@ -1,4 +1,4 @@
-FROM alpine:3.23 AS build
+FROM alpine:3.22 AS build
 LABEL maintainer="Luke Tainton <luke@tainton.uk>"

 FROM build AS webproc
--- a/renovate.json
+++ b/renovate.json
@@ -8,11 +8,6 @@
  "platformCommit": "enabled",
  "rebaseWhen": "behind-base-branch",
  "rollbackPrs": true,
-  "semanticCommits": "enabled",
-  "semanticCommitScope": "deps",
-  "semanticCommitType": "feat",
-  "osvVulnerabilityAlerts": true,
-  "dependencyDashboardOSVVulnerabilitySummary": "all",
  "vulnerabilityAlerts": {
    "commitMessagePrefix": "[SECURITY] ",
    "enabled": true,
@@ -21,15 +16,5 @@
  },
  "lockFileMaintenance": {
    "enabled": true
-  },
-  "packageRules": [
-    {
-      "matchDepTypes": ["devDependencies"],
-      "automerge": true
-    },
-    {
-      "matchUpdateTypes": ["patch"],
-      "automerge": true
-    }
-  ]
+  }
 }