Merge pull request #868 from Wikid82/renovate/feature/beta-release-non-major-updates

fix(deps): update non-major-updates (feature/beta-release)
2026-03-20 20:14:19 -04:00
parent 859ddaef1f fa42e79af3
commit cd8bb2f501
9 changed files with 21 additions and 21 deletions
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -52,7 +52,7 @@ jobs:
        run: bash scripts/ci/check-codeql-parity.sh

      - name: Initialize CodeQL
-        uses: github/codeql-action/init@c6f931105cb2c34c8f901cc885ba1e2e259cf745 # v4
+        uses: github/codeql-action/init@38697555549f1db7851b81482ff19f1fa5c4fedc # v4
        with:
          languages: ${{ matrix.language }}
          queries: security-and-quality
@@ -92,10 +92,10 @@ jobs:
        run: mkdir -p sarif-results

      - name: Autobuild
-        uses: github/codeql-action/autobuild@c6f931105cb2c34c8f901cc885ba1e2e259cf745 # v4
+        uses: github/codeql-action/autobuild@38697555549f1db7851b81482ff19f1fa5c4fedc # v4

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@c6f931105cb2c34c8f901cc885ba1e2e259cf745 # v4
+        uses: github/codeql-action/analyze@38697555549f1db7851b81482ff19f1fa5c4fedc # v4
        with:
          category: "/language:${{ matrix.language }}"
          output: sarif-results/${{ matrix.language }}
--- a/.github/workflows/docker-build.yml
+++ b/.github/workflows/docker-build.yml
@@ -565,7 +565,7 @@ jobs:

      - name: Upload Trivy results
        if: env.TRIGGER_EVENT != 'pull_request' && steps.skip.outputs.skip_build != 'true' && steps.trivy-check.outputs.exists == 'true'
-        uses: github/codeql-action/upload-sarif@c6f931105cb2c34c8f901cc885ba1e2e259cf745 # v4.34.0
+        uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
        with:
          sarif_file: 'trivy-results.sarif'
          category: '.github/workflows/docker-build.yml:build-and-push'
@@ -574,7 +574,7 @@ jobs:
      # Generate SBOM (Software Bill of Materials) for supply chain security
      # Only for production builds (main/development) - feature branches use downstream supply-chain-pr.yml
      - name: Generate SBOM
-        uses: anchore/sbom-action@57aae528053a48a3f6235f2d9461b05fbcb7366d # v0.23.1
+        uses: anchore/sbom-action@e22c389904149dbc22b58101806040fa8d37a610 # v0.24.0
        if: env.TRIGGER_EVENT != 'pull_request' && steps.skip.outputs.skip_build != 'true' && steps.skip.outputs.is_feature_push != 'true'
        with:
          image: ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.build-and-push.outputs.digest }}
@@ -724,14 +724,14 @@ jobs:

      - name: Upload Trivy scan results
        if: always() && steps.trivy-pr-check.outputs.exists == 'true'
-        uses: github/codeql-action/upload-sarif@c6f931105cb2c34c8f901cc885ba1e2e259cf745 # v4.34.0
+        uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
        with:
          sarif_file: 'trivy-pr-results.sarif'
          category: 'docker-pr-image'

      - name: Upload Trivy compatibility results (docker-build category)
        if: always() && steps.trivy-pr-check.outputs.exists == 'true'
-        uses: github/codeql-action/upload-sarif@c6f931105cb2c34c8f901cc885ba1e2e259cf745 # v4.34.0
+        uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
        with:
          sarif_file: 'trivy-pr-results.sarif'
          category: '.github/workflows/docker-build.yml:build-and-push'
@@ -739,7 +739,7 @@ jobs:

      - name: Upload Trivy compatibility results (docker-publish alias)
        if: always() && steps.trivy-pr-check.outputs.exists == 'true'
-        uses: github/codeql-action/upload-sarif@c6f931105cb2c34c8f901cc885ba1e2e259cf745 # v4.34.0
+        uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
        with:
          sarif_file: 'trivy-pr-results.sarif'
          category: '.github/workflows/docker-publish.yml:build-and-push'
@@ -747,7 +747,7 @@ jobs:

      - name: Upload Trivy compatibility results (nightly alias)
        if: always() && steps.trivy-pr-check.outputs.exists == 'true'
-        uses: github/codeql-action/upload-sarif@c6f931105cb2c34c8f901cc885ba1e2e259cf745 # v4.34.0
+        uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
        with:
          sarif_file: 'trivy-pr-results.sarif'
          category: 'trivy-nightly'
--- a/.github/workflows/nightly-build.yml
+++ b/.github/workflows/nightly-build.yml
@@ -263,7 +263,7 @@ jobs:
      - name: Generate SBOM
        id: sbom_primary
        continue-on-error: true
-        uses: anchore/sbom-action@57aae528053a48a3f6235f2d9461b05fbcb7366d  # v0.23.1
+        uses: anchore/sbom-action@e22c389904149dbc22b58101806040fa8d37a610  # v0.24.0
        with:
          image: ${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}@${{ steps.resolve_digest.outputs.digest }}
          format: cyclonedx-json
@@ -451,7 +451,7 @@ jobs:
          trivyignores: '.trivyignore'

      - name: Upload Trivy results
-        uses: github/codeql-action/upload-sarif@c6f931105cb2c34c8f901cc885ba1e2e259cf745  # v4.34.0
+        uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc  # v4.34.1
        with:
          sarif_file: 'trivy-nightly.sarif'
          category: 'trivy-nightly'
--- a/.github/workflows/security-pr.yml
+++ b/.github/workflows/security-pr.yml
@@ -385,7 +385,7 @@ jobs:
      - name: Upload Trivy SARIF to GitHub Security
        if: always() && steps.trivy-sarif-check.outputs.exists == 'true'
        # github/codeql-action v4
-        uses: github/codeql-action/upload-sarif@095e0fe505bb5ab6198675d021352632c2c69a46
+        uses: github/codeql-action/upload-sarif@05b1a5d28f8763fd11e77388fe57846f1ba8e766
        with:
          sarif_file: 'trivy-binary-results.sarif'
          category: ${{ steps.pr-info.outputs.is_push == 'true' && format('security-scan-{0}', github.event_name == 'workflow_run' && github.event.workflow_run.head_branch || github.ref_name) || format('security-scan-pr-{0}', steps.pr-info.outputs.pr_number) }}
--- a/.github/workflows/security-weekly-rebuild.yml
+++ b/.github/workflows/security-weekly-rebuild.yml
@@ -113,7 +113,7 @@ jobs:
          version: 'v0.69.3'

      - name: Upload Trivy results to GitHub Security
-        uses: github/codeql-action/upload-sarif@c6f931105cb2c34c8f901cc885ba1e2e259cf745 # v4.34.0
+        uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v4.34.1
        with:
          sarif_file: 'trivy-weekly-results.sarif'

--- a/.github/workflows/supply-chain-pr.yml
+++ b/.github/workflows/supply-chain-pr.yml
@@ -266,7 +266,7 @@ jobs:
      # Generate SBOM using official Anchore action (auto-updated by Renovate)
      - name: Generate SBOM
        if: steps.set-target.outputs.image_name != ''
-        uses: anchore/sbom-action@57aae528053a48a3f6235f2d9461b05fbcb7366d # v0.23.1
+        uses: anchore/sbom-action@e22c389904149dbc22b58101806040fa8d37a610 # v0.24.0
        id: sbom
        with:
          image: ${{ steps.set-target.outputs.image_name }}
@@ -362,7 +362,7 @@ jobs:

      - name: Upload SARIF to GitHub Security
        if: steps.check-artifact.outputs.artifact_found == 'true'
-        uses: github/codeql-action/upload-sarif@c6f931105cb2c34c8f901cc885ba1e2e259cf745 # v4
+        uses: github/codeql-action/upload-sarif@38697555549f1db7851b81482ff19f1fa5c4fedc # v4
        continue-on-error: true
        with:
          sarif_file: grype-results.sarif
--- a/.github/workflows/supply-chain-verify.yml
+++ b/.github/workflows/supply-chain-verify.yml
@@ -119,7 +119,7 @@ jobs:
      # Generate SBOM using official Anchore action (auto-updated by Renovate)
      - name: Generate and Verify SBOM
        if: steps.image-check.outputs.exists == 'true'
-        uses: anchore/sbom-action@57aae528053a48a3f6235f2d9461b05fbcb7366d # v0.23.1
+        uses: anchore/sbom-action@e22c389904149dbc22b58101806040fa8d37a610 # v0.24.0
        with:
          image: ghcr.io/${{ github.repository_owner }}/charon:${{ steps.tag.outputs.tag }}
          format: cyclonedx-json
--- a/frontend/package-lock.json
+++ b/frontend/package-lock.json
@@ -19,7 +19,7 @@
        "class-variance-authority": "^0.7.1",
        "clsx": "^2.1.1",
        "date-fns": "^4.1.0",
-        "i18next": "^25.8.20",
+        "i18next": "^25.9.0",
        "i18next-browser-languagedetector": "^8.2.1",
        "lucide-react": "^0.577.0",
        "react": "^19.2.4",
@@ -7032,9 +7032,9 @@
      }
    },
    "node_modules/i18next": {
-      "version": "25.8.20",
-      "resolved": "https://registry.npmjs.org/i18next/-/i18next-25.8.20.tgz",
-      "integrity": "sha512-xjo9+lbX/P1tQt3xpO2rfJiBppNfUnNIPKgCvNsTKsvTOCro1Qr/geXVg1N47j5ScOSaXAPq8ET93raK3Rr06A==",
+      "version": "25.9.0",
+      "resolved": "https://registry.npmjs.org/i18next/-/i18next-25.9.0.tgz",
+      "integrity": "sha512-mJ4rVRNWOTkqh5xnaGR6iMFT5vEw3Y2MTJhcjinR/7u8cRv6dAfC0ofuePh5fVPxoh395p6JdrJTStCcNW66gg==",
      "funding": [
        {
          "type": "individual",
--- a/frontend/package.json
+++ b/frontend/package.json
@@ -38,7 +38,7 @@
    "class-variance-authority": "^0.7.1",
    "clsx": "^2.1.1",
    "date-fns": "^4.1.0",
-    "i18next": "^25.8.20",
+    "i18next": "^25.9.0",
    "i18next-browser-languagedetector": "^8.2.1",
    "lucide-react": "^0.577.0",
    "react": "^19.2.4",