akanealw/Charon
1
0
Fork 0
Code Issues Pull Requests Actions 9 Packages Projects Releases Wiki Activity

fix(deps): update weekly-non-major-updates

Browse Source
This commit is contained in:
renovate[bot]
2026-02-12 21:33:12 +00:00
committed by GitHub
parent 9e88e2ea03
commit 5d19da4966
11 changed files with 31 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/workflows/docker-build.yml
+4 -4
View File
@@ -529,7 +529,7 @@ jobs:
- name: Run Trivy scan (table output)
if: env.TRIGGER_EVENT != 'pull_request' && steps.skip.outputs.skip_build != 'true' && steps.skip.outputs.is_feature_push != 'true'
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.34.0
with:
image-ref: ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.build-and-push.outputs.digest }}
format: 'table'
@@ -540,7 +540,7 @@ jobs:
- name: Run Trivy vulnerability scanner (SARIF)
if: env.TRIGGER_EVENT != 'pull_request' && steps.skip.outputs.skip_build != 'true' && steps.skip.outputs.is_feature_push != 'true'
id: trivy
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.34.0
with:
image-ref: ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.build-and-push.outputs.digest }}
format: 'sarif'
@@ -686,7 +686,7 @@ jobs:
echo "✅ Image freshness validated"
- name: Run Trivy scan on PR image (table output)
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.34.0
with:
image-ref: ${{ steps.pr-image.outputs.image_ref }}
format: 'table'
@@ -695,7 +695,7 @@ jobs:
- name: Run Trivy scan on PR image (SARIF - blocking)
id: trivy-scan
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.34.0
with:
image-ref: ${{ steps.pr-image.outputs.image_ref }}
format: 'sarif'
.github/workflows/e2e-tests-split.yml
+1 -1
View File
@@ -177,7 +177,7 @@ jobs:
- name: Build Docker image
id: build-image
if: steps.resolve-image.outputs.image_source == 'build'
uses: docker/build-push-action@601a80b39c9405e50806ae38af30926f9d957c47 # v6
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6
with:
context: .
file: ./Dockerfile
.github/workflows/nightly-build.yml
+2 -2
View File
@@ -133,7 +133,7 @@ jobs:
- name: Build and push Docker image
id: build
uses: docker/build-push-action@601a80b39c9405e50806ae38af30926f9d957c47 # v6.19.1
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
with:
context: .
platforms: linux/amd64,linux/arm64
@@ -278,7 +278,7 @@ jobs:
severity-cutoff: high
- name: Scan with Trivy
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.34.0
with:
image-ref: ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}@${{ needs.build-and-push-nightly.outputs.digest }}
format: 'sarif'
.github/workflows/renovate.yml
+1 -1
View File
@@ -25,7 +25,7 @@ jobs:
fetch-depth: 1
- name: Run Renovate
uses: renovatebot/github-action@e23f4d9675532445118c886434f5a34292b630b4 # v46.0.2
uses: renovatebot/github-action@44f24283a60f64273f1294932f16ba61193cccca # v46.1.0
with:
configurationFile: .github/renovate.json
token: ${{ secrets.RENOVATE_TOKEN || secrets.GITHUB_TOKEN }}
.github/workflows/security-pr.yml
+3 -3
View File
@@ -266,7 +266,7 @@ jobs:
- name: Run Trivy filesystem scan (SARIF output)
if: steps.check-artifact.outputs.artifact_exists == 'true' || github.event_name == 'push' || github.event_name == 'pull_request'
# aquasecurity/trivy-action v0.33.1
uses: aquasecurity/trivy-action@22438a435773de8c97dc0958cc0b823c45b064ac
uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284
with:
scan-type: 'fs'
scan-ref: ${{ steps.extract.outputs.binary_path }}
@@ -278,7 +278,7 @@ jobs:
- name: Upload Trivy SARIF to GitHub Security
if: steps.check-artifact.outputs.artifact_exists == 'true' || github.event_name == 'push' || github.event_name == 'pull_request'
# github/codeql-action v4
uses: github/codeql-action/upload-sarif@ff33514494ef2488964273e05cbfb9b29533d9f0
uses: github/codeql-action/upload-sarif@2d6b98c7cf7260afd6954ee7de478b21127b40f4
with:
sarif_file: 'trivy-binary-results.sarif'
category: ${{ steps.pr-info.outputs.is_push == 'true' && format('security-scan-{0}', github.event.workflow_run.head_branch) || format('security-scan-pr-{0}', steps.pr-info.outputs.pr_number) }}
@@ -287,7 +287,7 @@ jobs:
- name: Run Trivy filesystem scan (fail on CRITICAL/HIGH)
if: steps.check-artifact.outputs.artifact_exists == 'true' || github.event_name == 'push' || github.event_name == 'pull_request'
# aquasecurity/trivy-action v0.33.1
uses: aquasecurity/trivy-action@22438a435773de8c97dc0958cc0b823c45b064ac
uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284
with:
scan-type: 'fs'
scan-ref: ${{ steps.extract.outputs.binary_path }}
.github/workflows/security-weekly-rebuild.yml
+4 -4
View File
@@ -72,7 +72,7 @@ jobs:
- name: Build Docker image (NO CACHE)
id: build
uses: docker/build-push-action@601a80b39c9405e50806ae38af30926f9d957c47 # v6
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6
with:
context: .
platforms: linux/amd64
@@ -88,7 +88,7 @@ jobs:
BASE_IMAGE=${{ steps.base-image.outputs.digest }}
- name: Run Trivy vulnerability scanner (CRITICAL+HIGH)
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.34.0
with:
image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.build.outputs.digest }}
format: 'table'
@@ -98,7 +98,7 @@ jobs:
- name: Run Trivy vulnerability scanner (SARIF)
id: trivy-sarif
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.34.0
with:
image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.build.outputs.digest }}
format: 'sarif'
@@ -111,7 +111,7 @@ jobs:
sarif_file: 'trivy-weekly-results.sarif'
- name: Run Trivy vulnerability scanner (JSON for artifact)
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.34.0
with:
image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.build.outputs.digest }}
format: 'json'
Dockerfile
+1 -1
View File
@@ -65,7 +65,7 @@ RUN --mount=type=cache,target=/root/.cache/go-build \
# ---- Frontend Builder ----
# Build the frontend using the BUILDPLATFORM to avoid arm64 musl Rollup native issues
# renovate: datasource=docker depName=node
FROM --platform=$BUILDPLATFORM node:24.13.0-alpine AS frontend-builder
FROM --platform=$BUILDPLATFORM node:24.13.1-alpine AS frontend-builder
WORKDIR /app/frontend
# Copy frontend package files
frontend/package-lock.json
Generated
+8 -6
View File
@@ -19,8 +19,8 @@
"class-variance-authority": "^0.7.1",
"clsx": "^2.1.1",
"date-fns": "^4.1.0",
"i18next": "^25.8.5",
"i18next-browser-languagedetector": "^8.2.0",
"i18next": "^25.8.6",
"i18next-browser-languagedetector": "^8.2.1",
"lucide-react": "^0.563.0",
"react": "^19.2.4",
"react-dom": "^19.2.4",
@@ -4842,9 +4842,9 @@
}
},
"node_modules/i18next": {
"version": "25.8.5",
"resolved": "https://registry.npmjs.org/i18next/-/i18next-25.8.5.tgz",
"integrity": "sha512-TApjhgqQU6P7BQlpCTv6zQuXrYAP9rjYWgx2Nm8dsq+Zg9yJlAz+iR16/w7uVtTlSoULbqPTfqYjMK/DAQI+Ng==",
"version": "25.8.6",
"resolved": "https://registry.npmjs.org/i18next/-/i18next-25.8.6.tgz",
"integrity": "sha512-HsS6p2yr/Vo5EPljWuBJ9OxKVFok2Q/Oa6PvFTpv2bMcDt2sQMOnKDQ7FTDDdME+3d1YULQjKj7aVSZP1bCouQ==",
"funding": [
{
"type": "individual",
@@ -4873,7 +4873,9 @@
}
},
"node_modules/i18next-browser-languagedetector": {
"version": "8.2.0",
"version": "8.2.1",
"resolved": "https://registry.npmjs.org/i18next-browser-languagedetector/-/i18next-browser-languagedetector-8.2.1.tgz",
"integrity": "sha512-bZg8+4bdmaOiApD7N7BPT9W8MLZG+nPTOFlLiJiT8uzKXFjhxw4v2ierCXOwB5sFDMtuA5G4kgYZ0AznZxQ/cw==",
"license": "MIT",
"dependencies": {
"@babel/runtime": "^7.23.2"
frontend/package.json
+2 -2
View File
@@ -38,8 +38,8 @@
"class-variance-authority": "^0.7.1",
"clsx": "^2.1.1",
"date-fns": "^4.1.0",
"i18next": "^25.8.5",
"i18next-browser-languagedetector": "^8.2.0",
"i18next": "^25.8.6",
"i18next-browser-languagedetector": "^8.2.1",
"lucide-react": "^0.563.0",
"react": "^19.2.4",
"react-dom": "^19.2.4",
package-lock.json
Generated
+4 -4
View File
@@ -16,7 +16,7 @@
"@playwright/test": "^1.58.2",
"@types/node": "^25.2.3",
"@types/tar": "^6.1.13",
"dotenv": "^17.2.4",
"dotenv": "^17.3.0",
"markdownlint-cli2": "^0.20.0",
"tar": "^7.5.7"
}
@@ -1256,9 +1256,9 @@
}
},
"node_modules/dotenv": {
"version": "17.2.4",
"resolved": "https://registry.npmjs.org/dotenv/-/dotenv-17.2.4.tgz",
"integrity": "sha512-mudtfb4zRB4bVvdj0xRo+e6duH1csJRM8IukBqfTRvHotn9+LBXB8ynAidP9zHqoRC/fsllXgk4kCKlR21fIhw==",
"version": "17.3.0",
"resolved": "https://registry.npmjs.org/dotenv/-/dotenv-17.3.0.tgz",
"integrity": "sha512-i3z5dx/8F45f+Dj0B/qG8oKip9luzyHz6dfJMOKG7zQW/12tT7CrIjs/0J10uNK/Z5O7O0UtfEmx6yFKRQCl4g==",
"dev": true,
"license": "BSD-2-Clause",
"engines": {
package.json
+1 -1
View File
@@ -21,7 +21,7 @@
"@playwright/test": "^1.58.2",
"@types/node": "^25.2.3",
"@types/tar": "^6.1.13",
"dotenv": "^17.2.4",
"dotenv": "^17.3.0",
"markdownlint-cli2": "^0.20.0",
"tar": "^7.5.7"
}