chore(deps): Bump the actions group with 3 updates (#21)

hyperpolymath · web-flow · commit 74eaf8e82477 · 2026-03-15T19:48:40.000Z
Bumps the actions group with 3 updates: [erlef/setup-beam](https://github.com/erlef/setup-beam), [webfactory/ssh-agent](https://github.com/webfactory/ssh-agent) and [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog). Updates `erlef/setup-beam` from 1.21.0 to 1.22.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/erlef/setup-beam/releases">erlef/setup-beam's releases</a>.</em></p> <blockquote> <h2>v1.22.0</h2> <h2>What's Changed</h2> <ul> <li> <p><strong>Features</strong></p> <ul> <li>Support <code>mise.toml</code> as <code>version-file</code> (input) by <a href="https://github.com/dinokovac-river"><code>@​dinokovac-river</code></a> in <a href="https://redirect.github.com/erlef/setup-beam/pull/415">erlef/setup-beam#415</a></li> </ul> </li> <li> <p><strong>Dependabot updates</strong></p> <ul> <li>Bump <code>@​actions/core</code> from 1.11.1 to 3.0.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/419">erlef/setup-beam#419</a></li> <li>Bump <code>@​actions/exec</code> from 1.1.1 to 3.0.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/405">erlef/setup-beam#405</a></li> <li>Bump <code>@​actions/tool-cache</code> from 2.0.2 to 4.0.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/407">erlef/setup-beam#407</a></li> <li>Bump <code>@​eslint/js</code> from 9.38.0 to 10.0.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/404">erlef/setup-beam#404</a></li> <li>Bump actions/setup-node from 6.1.0 to 6.2.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/409">erlef/setup-beam#409</a></li> <li>Bump actions/setup-node from 6.2.0 to 6.3.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/423">erlef/setup-beam#423</a></li> <li>Bump eslint from 10.0.1 to 10.0.3 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/420">erlef/setup-beam#420</a></li> <li>Bump eslint-plugin-yml from 1.18.0 to 3.3.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/418">erlef/setup-beam#418</a></li> <li>Bump globals from 17.3.0 to 17.4.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/421">erlef/setup-beam#421</a></li> <li>Bump markdownlint-cli from 0.47.0 to 0.48.0 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/422">erlef/setup-beam#422</a></li> <li>Bump prettier from 3.6.2 to 3.8.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/408">erlef/setup-beam#408</a></li> <li>Bump raven-actions/actionlint from 2.1.0 to 2.1.1 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/410">erlef/setup-beam#410</a></li> <li>Bump raven-actions/actionlint from 2.1.1 to 2.1.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/424">erlef/setup-beam#424</a></li> <li>Bump semver from 7.7.2 to 7.7.4 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/406">erlef/setup-beam#406</a></li> </ul> </li> <li> <p><strong>License updates</strong></p> <ul> <li>Fix for license update automation by <a href="https://github.com/paulo-ferraz-oliveira"><code>@​paulo-ferraz-oliveira</code></a> in <a href="https://redirect.github.com/erlef/setup-beam/pull/412">erlef/setup-beam#412</a></li> <li>Update 3rd party licenses (automation) by <a href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/413">erlef/setup-beam#413</a></li> <li>Update 3rd party licenses (automation) by <a href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/414">erlef/setup-beam#414</a></li> <li>Update 3rd party licenses (automation) by <a href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/416">erlef/setup-beam#416</a></li> <li>Update 3rd party licenses (automation) by <a href="https://github.com/github-actions"><code>@​github-actions</code></a>[bot] in <a href="https://redirect.github.com/erlef/setup-beam/pull/417">erlef/setup-beam#417</a></li> <li>Update 3rd party licenses by <a href="https://github.com/paulo-ferraz-oliveira"><code>@​paulo-ferraz-oliveira</code></a> in <a href="https://redirect.github.com/erlef/setup-beam/pull/411">erlef/setup-beam#411</a></li> </ul> </li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/dinokovac-river"><code>@​dinokovac-river</code></a> made their first contribution in <a href="https://redirect.github.com/erlef/setup-beam/pull/415">erlef/setup-beam#415</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/erlef/setup-beam/compare/v1.21.0...v1.22.0">https://github.com/erlef/setup-beam/compare/v1.21.0...v1.22.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/erlef/setup-beam/commit/9d5b75ddfda22fb979d2270283237aef8aa68d6b"><code>9d5b75d</code></a> Automation: update setup-beam version output to 98c13a9</li> <li><a href="https://github.com/erlef/setup-beam/commit/98c13a9ed3d014f0298b25782ec163d31f6b3c88"><code>98c13a9</code></a> Support <code>mise.toml</code> (<a href="https://redirect.github.com/erlef/setup-beam/issues/415">#415</a>)</li> <li><a href="https://github.com/erlef/setup-beam/commit/0f13bcf18a7fc2199c7096a730e06b4cf105a8fa"><code>0f13bcf</code></a> Automation: update setup-beam version output to c3137f5</li> <li><a href="https://github.com/erlef/setup-beam/commit/c3137f5cd54be80c81bfcbe43822a4b0521689cb"><code>c3137f5</code></a> Bump globals from 17.3.0 to 17.4.0 (<a href="https://redirect.github.com/erlef/setup-beam/issues/421">#421</a>)</li> <li><a href="https://github.com/erlef/setup-beam/commit/4cbacdb2a92d48255a8b35e02b20ec42dacf0693"><code>4cbacdb</code></a> Automation: update setup-beam version output to 687000a</li> <li><a href="https://github.com/erlef/setup-beam/commit/687000ab96a7e7bcd1870902db74cc514cacae5a"><code>687000a</code></a> Bump <code>@​actions/core</code> from 1.11.1 to 3.0.0 (<a href="https://redirect.github.com/erlef/setup-beam/issues/419">#419</a>)</li> <li><a href="https://github.com/erlef/setup-beam/commit/9ba6605098a2a5f503b75b7cd48e103835afd663"><code>9ba6605</code></a> Bump eslint-plugin-yml from 1.18.0 to 3.3.1 (<a href="https://redirect.github.com/erlef/setup-beam/issues/418">#418</a>)</li> <li><a href="https://github.com/erlef/setup-beam/commit/722d91de6ec6f037784d81fb762807fed8639643"><code>722d91d</code></a> Automation: update setup-beam version output to f79887d</li> <li><a href="https://github.com/erlef/setup-beam/commit/f79887d1babe91ea1dfce308d4c8b207564c450d"><code>f79887d</code></a> Bump eslint from 10.0.1 to 10.0.3 (<a href="https://redirect.github.com/erlef/setup-beam/issues/420">#420</a>)</li> <li><a href="https://github.com/erlef/setup-beam/commit/30a0896082f4d05c1f984e3a4b26312a1e6759c1"><code>30a0896</code></a> Bump markdownlint-cli from 0.47.0 to 0.48.0 (<a href="https://redirect.github.com/erlef/setup-beam/issues/422">#422</a>)</li> <li>Additional commits viewable in <a href="https://github.com/erlef/setup-beam/compare/3580539ceec3dc05b0ed51e9e10b08eb7a7c2bb4...9d5b75ddfda22fb979d2270283237aef8aa68d6b">compare view</a></li> </ul> </details> <br /> Updates `webfactory/ssh-agent` from 0.9.1 to 0.10.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/webfactory/ssh-agent/releases">webfactory/ssh-agent's releases</a>.</em></p> <blockquote> <h2>v0.10.0: Upgrade to node-24</h2> <p>This release upgrades from node 20 to node 24, preparing for Node 20's upcoming EOL and getting rid of the related warning message in GitHub.</p> <h2>What's Changed</h2> <ul> <li>use node24 by <a href="https://github.com/jimmymcpeter"><code>@​jimmymcpeter</code></a> in <a href="https://redirect.github.com/webfactory/ssh-agent/pull/243">webfactory/ssh-agent#243</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/jimmymcpeter"><code>@​jimmymcpeter</code></a> made their first contribution in <a href="https://redirect.github.com/webfactory/ssh-agent/pull/243">webfactory/ssh-agent#243</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0">https://github.com/webfactory/ssh-agent/compare/v0.9.1...v0.10.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/webfactory/ssh-agent/commit/e83874834305fe9a4a2997156cb26c5de65a8555"><code>e838748</code></a> use node24 (<a href="https://redirect.github.com/webfactory/ssh-agent/issues/243">#243</a>)</li> <li>See full diff in <a href="https://github.com/webfactory/ssh-agent/compare/a6f90b1f127823b31d4d4a8d96047790581349bd...e83874834305fe9a4a2997156cb26c5de65a8555">compare view</a></li> </ul> </details> <br /> Updates `trufflesecurity/trufflehog` from 3.93.7 to 3.93.8 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/trufflesecurity/trufflehog/releases">trufflesecurity/trufflehog's releases</a>.</em></p> <blockquote> <h2>v3.93.8</h2> <h2>What's Changed</h2> <ul> <li>fix: make LDAP verification context-aware by <a href="https://github.com/mariduv"><code>@​mariduv</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4768">trufflesecurity/trufflehog#4768</a></li> <li>Stop growing filesystem resume data by <a href="https://github.com/rosecodym"><code>@​rosecodym</code></a> in <a href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4797">trufflesecurity/trufflehog#4797</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/trufflesecurity/trufflehog/compare/v3.93.7...v3.93.8">https://github.com/trufflesecurity/trufflehog/compare/v3.93.7...v3.93.8</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/6c05c4a00b91aa542267d8e32a8254774799d68d"><code>6c05c4a</code></a> Stop growing filesystem resume data (<a href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4797">#4797</a>)</li> <li><a href="https://github.com/trufflesecurity/trufflehog/commit/ef63d66d58bb7317d9b220b02af5beae569835ee"><code>ef63d66</code></a> fix: make LDAP verification context-aware (<a href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4768">#4768</a>)</li> <li>See full diff in <a href="https://github.com/trufflesecurity/trufflehog/compare/c3e599b7163e8198a55467f3133db0e7b2a492cb...6c05c4a00b91aa542267d8e32a8254774799d68d">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions </details>
diff --git a/.github/workflows/hypatia-scan.yml b/.github/workflows/hypatia-scan.yml
@@ -25,7 +25,7 @@ jobs:
           fetch-depth: 0  # Full history for better pattern analysis
 
       - name: Setup Elixir for Hypatia scanner
-        uses: erlef/setup-beam@3580539ceec3dc05b0ed51e9e10b08eb7a7c2bb4 # v1.18.2
+        uses: erlef/setup-beam@9d5b75ddfda22fb979d2270283237aef8aa68d6b # v1.18.2
         with:
           elixir-version: '1.19.4'
           otp-version: '28.3'
diff --git a/.github/workflows/mirror.yml b/.github/workflows/mirror.yml
@@ -18,7 +18,7 @@ jobs:
         with:
           fetch-depth: 0
 
-      - uses: webfactory/ssh-agent@a6f90b1f127823b31d4d4a8d96047790581349bd # v0.9.1
+      - uses: webfactory/ssh-agent@e83874834305fe9a4a2997156cb26c5de65a8555 # v0.10.0
         with:
           ssh-private-key: ${{ secrets.GITLAB_SSH_KEY }}
 
@@ -36,7 +36,7 @@ jobs:
         with:
           fetch-depth: 0
 
-      - uses: webfactory/ssh-agent@a6f90b1f127823b31d4d4a8d96047790581349bd # v0.9.1
+      - uses: webfactory/ssh-agent@e83874834305fe9a4a2997156cb26c5de65a8555 # v0.10.0
         with:
           ssh-private-key: ${{ secrets.BITBUCKET_SSH_KEY }}
 
@@ -54,7 +54,7 @@ jobs:
         with:
           fetch-depth: 0
 
-      - uses: webfactory/ssh-agent@a6f90b1f127823b31d4d4a8d96047790581349bd # v0.9.1
+      - uses: webfactory/ssh-agent@e83874834305fe9a4a2997156cb26c5de65a8555 # v0.10.0
         with:
           ssh-private-key: ${{ secrets.CODEBERG_SSH_KEY }}
 
@@ -72,7 +72,7 @@ jobs:
         with:
           fetch-depth: 0
 
-      - uses: webfactory/ssh-agent@a6f90b1f127823b31d4d4a8d96047790581349bd # v0.9.1
+      - uses: webfactory/ssh-agent@e83874834305fe9a4a2997156cb26c5de65a8555 # v0.10.0
         with:
           ssh-private-key: ${{ secrets.SOURCEHUT_SSH_KEY }}
 
@@ -90,7 +90,7 @@ jobs:
         with:
           fetch-depth: 0
 
-      - uses: webfactory/ssh-agent@a6f90b1f127823b31d4d4a8d96047790581349bd # v0.9.1
+      - uses: webfactory/ssh-agent@e83874834305fe9a4a2997156cb26c5de65a8555 # v0.10.0
         with:
           ssh-private-key: ${{ secrets.DISROOT_SSH_KEY }}
 
@@ -108,7 +108,7 @@ jobs:
         with:
           fetch-depth: 0
 
-      - uses: webfactory/ssh-agent@a6f90b1f127823b31d4d4a8d96047790581349bd # v0.9.1
+      - uses: webfactory/ssh-agent@e83874834305fe9a4a2997156cb26c5de65a8555 # v0.10.0
         with:
           ssh-private-key: ${{ secrets.GITEA_SSH_KEY }}
 
diff --git a/.github/workflows/quality.yml b/.github/workflows/quality.yml
@@ -18,7 +18,7 @@ jobs:
           find . -type f -perm /111 -name "*.sh" | head -10 || true
       
       - name: Check for secrets
-        uses: trufflesecurity/trufflehog@c3e599b7163e8198a55467f3133db0e7b2a492cb # v3.93.7
+        uses: trufflesecurity/trufflehog@6c05c4a00b91aa542267d8e32a8254774799d68d # v3.93.8
         with:
           path: ./
           base: ${{ github.event.pull_request.base.sha || github.event.before }}
diff --git a/.github/workflows/secret-scanner.yml b/.github/workflows/secret-scanner.yml
@@ -18,7 +18,7 @@ jobs:
           fetch-depth: 0  # Full history for scanning
 
       - name: TruffleHog Secret Scan
-        uses: trufflesecurity/trufflehog@c3e599b7163e8198a55467f3133db0e7b2a492cb # v3
+        uses: trufflesecurity/trufflehog@6c05c4a00b91aa542267d8e32a8254774799d68d # v3
         with:
           extra_args: --only-verified --fail
 
