chore(deps): update minor-patch dependencies grouped by manager

.github/workflows/pull-request-main.yml

@@ -64,7 +64,7 @@
     # Disable this job until it's updated to be:
     #  1. More generalizable for all workspaces requiring build artifacts
     #  2. Have better attribution for the commits generated from this workflow
     if: false
     permissions:
       contents: write
       pull-requests: write
@@ -87,7 +87,7 @@
         run: pnpm nx run signed-commits:build
 
       - name: Commit back any changes
-        uses: planetscale/ghcommit-action@b68767a2e130a71926b365322e62b583404a5e09 # v0.1.43
+        uses: planetscale/ghcommit-action@25309d8005ac7c3bcd61d3fe19b69e0fe47dbdde # v0.2.20
         with:
           commit_message: "🤖 Update build"
           repo: ${{ github.repository }}

.github/workflows/run-e2e-tests.yml

@@ -433,7 +433,7 @@
       - name: Setup Go
         uses: actions/setup-go@v6
         with:
-          go-version: "1.24.0"
+          go-version: "1.26.2"
           check-latest: true
           cache: false # disable caching as this job doesn't benefit from it
 
@@ -1417,7 +1417,7 @@
       test_results: ${{ steps.set_test_results.outputs.results }}
     steps:
       - name: Download all test result artifacts
-        uses: actions/download-artifact@v4.1.8
+        uses: actions/download-artifact@v4.3.0
         with:
           path: test_results
           pattern: test_result_${{ needs.load-test-configurations.outputs.workflow_id
@@ -1468,7 +1468,7 @@
           { echo "cl_ref=$cl_ref"; echo "cl_short_ref=$cl_short_ref"; echo "cl_ref_path=$cl_ref_path"; } >> "$GITHUB_OUTPUT"
 
       - name: Send Slack notification
-        uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0
+        uses: slackapi/slack-github-action@fcfb566f8b0aab22203f066d80ca1d7e4b5d05b3 # v1.27.1
         if: ${{ inputs.slack_notification_after_tests == 'true' ||
           inputs.slack_notification_after_tests == 'always' ||
           (inputs.slack_notification_after_tests == 'on_failure' &&
@@ -1509,7 +1509,7 @@
           contains(join(needs.*.result, ','), 'failure') &&
           inputs.slack_notification_after_tests_notify_user_id_on_failure != ''
           }}
-        uses: slackapi/slack-github-action@6c661ce58804a1a20f6dc5fbee7f0381b469e001 # v1.25.0
+        uses: slackapi/slack-github-action@fcfb566f8b0aab22203f066d80ca1d7e4b5d05b3 # v1.27.1
         env:
           SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }}
         with:

.github/workflows/solidity-review-artifacts.yml

@@ -226,14 +226,14 @@ jobs:
           mkdir -p code-coverage
 
       - name: Install Foundry
-        uses: foundry-rs/foundry-toolchain@8f1998e9878d786675189ef566a2e4bf24869773 # v1.2.0
+        uses: foundry-rs/foundry-toolchain@8789b3e21e6c11b2697f5eb56eddae542f746c10 # v1.7.0
         with:
           version: ${{ inputs.foundry_version }}
 
       # required for code coverage report generation
       - name: Setup LCOV
         if: ${{ inputs.generate_code_coverage == true }}
-        uses: hrishikesh-kadam/setup-lcov@f5da1b26b0dcf5d893077a3c4f29cf78079c841d # v1.0.0
+        uses: hrishikesh-kadam/setup-lcov@6c1aa0cc9e1c02f9f58f01ac599f1064ccc83470 # v1.1.0
 
       - name: Run Forge build for product contracts
         run: |
@@ -329,7 +329,7 @@ jobs:
           pnpm-version: ^10.0.0
 
       - name: Install Foundry
-        uses: foundry-rs/foundry-toolchain@8f1998e9878d786675189ef566a2e4bf24869773 # v1.2.0
+        uses: foundry-rs/foundry-toolchain@8789b3e21e6c11b2697f5eb56eddae542f746c10 # v1.7.0
         with:
           version: ${{ inputs.foundry_version }}
 
@@ -342,7 +342,7 @@ jobs:
         if: ${{ inputs.generate_slither_reports == true }}
         uses: actions/setup-python@v5.6.0
         with:
-          python-version: "3.8"
+          python-version: "3.14"
 
       - name: Install solc-select and solc
         if: ${{ inputs.generate_slither_reports == true }}

actions/branch-out-upload/action.yml

@@ -183,7 +183,7 @@ runs:
 
     - name: Upload Test Results to Trunk.io
       id: upload-to-trunk
-      uses: trunk-io/analytics-uploader@293e9b144a101ef4b8fe3485a5afd0224fc48255 # v2.0.7
+      uses: trunk-io/analytics-uploader@95a0fb8b29e45b6068304261fb518644b426a803 # v2.0.8
       continue-on-error: ${{ inputs.trunk-upload-only == 'true' }}
       env:
         TRUNK_TELEMETRY: "off"

actions/build-push-docker-manifest/action.yml

@@ -164,12 +164,12 @@ runs:
         echo "name=${DOCKER_REGISTRY_URL}/${DOCKER_REPOSITORY_NAME}" | tee -a "$GITHUB_OUTPUT"
 
     - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
+      uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
       with:
         version: v0.27.0
 
     - name: Configure AWS credentials
-      uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 # v6.0.0
+      uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0
       with:
         role-to-assume: ${{ inputs.aws-role-arn }}
         role-duration-seconds: 900
@@ -178,7 +178,7 @@ runs:
 
     - name: Login to ECR
       id: login-ecr
-      uses: aws-actions/amazon-ecr-login@f2e9fc6c2b355c1890b65e6f6f0e2ac3e6e22f78 # v2.1.2
+      uses: aws-actions/amazon-ecr-login@376925c9d111252e87ae59691e5a442dd100ef6a # v2.1.3
       with:
         registry-type: >-
           ${{
@@ -372,7 +372,7 @@ runs:
 
     - name: Install cosign
       if: inputs.docker-manifest-sign == 'true'
-      uses: sigstore/cosign-installer@c56c2d3e59e4281cc41dea2217323ba5694b171e # v3.8.0
+      uses: sigstore/cosign-installer@7e8b541eb2e61bf99390e1afd4be13a184e9ebc5 # v3.10.1
       with:
         cosign-release: "v2.4.2"
 

actions/build-push-docker/action.yml

@@ -194,7 +194,7 @@ runs:
       if:
         ${{ steps.dockerfile-ecr-parse.outputs.needs-ecr-login == 'true' ||
         inputs.docker-push == 'true' }}
-      uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 # v6.0.0
+      uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0
       with:
         role-to-assume: ${{ inputs.aws-role-arn }}
         role-duration-seconds: 900
@@ -203,14 +203,14 @@ runs:
 
     - name: Login to private ECR registries for base images
       if: ${{ steps.dockerfile-ecr-parse.outputs.needs-ecr-login == 'true' }}
-      uses: aws-actions/amazon-ecr-login@f2e9fc6c2b355c1890b65e6f6f0e2ac3e6e22f78 # v2.1.2
+      uses: aws-actions/amazon-ecr-login@376925c9d111252e87ae59691e5a442dd100ef6a # v2.1.3
       with:
         registries: ${{ steps.dockerfile-ecr-parse.outputs.ecr-registries }}
 
     - name: Login to ECR for publishing
       if: ${{ inputs.docker-push == 'true' }}
       id: login-ecr
-      uses: aws-actions/amazon-ecr-login@f2e9fc6c2b355c1890b65e6f6f0e2ac3e6e22f78 # v2.1.2
+      uses: aws-actions/amazon-ecr-login@376925c9d111252e87ae59691e5a442dd100ef6a # v2.1.3
       with:
         registry-type: >-
           ${{
@@ -340,7 +340,7 @@ runs:
 
     - name: Build & push image
       id: build-image
-      uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
+      uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0
       env:
         DOCKER_BUILD_CHECKS_ANNOTATIONS: true
         DOCKER_BUILD_SUMMARY: true

actions/chip-schema-registration/action.yml

@@ -47,7 +47,7 @@ runs:
     - uses: actions/checkout@v6
 
     - name: Login to ECR
-      uses: aws-actions/amazon-ecr-login@f2e9fc6c2b355c1890b65e6f6f0e2ac3e6e22f78 # v2.1.2
+      uses: aws-actions/amazon-ecr-login@376925c9d111252e87ae59691e5a442dd100ef6a # v2.1.3
       with:
         registries: ${{ inputs.aws-account-id }}
 

actions/ci-beholder-validator/action.yml

@@ -62,7 +62,7 @@ runs:
         docker compose -f "${{ env.ACTIONS_PATH }}/docker-compose.yml" up -d redpanda-console
 
     - name: Configure aws creds
-      uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 # v6.0.0
+      uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0
       with:
         role-to-assume: ${{ inputs.aws-role-arn }}
         role-duration-seconds: ${{ inputs.aws-role-duration-seconds }}
@@ -71,7 +71,7 @@ runs:
 
     - name: Login to aws ecr
       id: login-ecr
-      uses: aws-actions/amazon-ecr-login@f2e9fc6c2b355c1890b65e6f6f0e2ac3e6e22f78 # v2.1.2
+      uses: aws-actions/amazon-ecr-login@376925c9d111252e87ae59691e5a442dd100ef6a # v2.1.3
       with:
         registries: ${{ inputs.aws-account-number }}
 

actions/ci-benchmarking/action.yml

@@ -116,7 +116,7 @@ runs:
 
     - name: Run github-action-benchmark for PRs
       if: ${{ env.IS_PR == 'true' }}
-      uses: benchmark-action/github-action-benchmark@4de1bed97a47495fc4c5404952da0499e31f5c29 # v1.20.3
+      uses: benchmark-action/github-action-benchmark@a60cea5bc7b49e15c1f58f411161f99e0df48372 # v1.22.0
       with:
         tool: "go"
         output-file-path: output.txt
@@ -129,7 +129,7 @@ runs:
 
     - name: Run github-action-benchmark for Merges
       if: ${{ env.IS_MERGE == 'true' }}
-      uses: benchmark-action/github-action-benchmark@4de1bed97a47495fc4c5404952da0499e31f5c29 # v1.20.3
+      uses: benchmark-action/github-action-benchmark@a60cea5bc7b49e15c1f58f411161f99e0df48372 # v1.22.0
       with:
         tool: "go"
         output-file-path: output.txt

actions/ci-lint-charts/action.yml

@@ -46,7 +46,7 @@ runs:
         fi
 
     - name: Set up chart-testing
-      uses: helm/chart-testing-action@e6669bcd63d7cb57cb4380c33043eebe5d111992 # v2.6.1
+      uses: helm/chart-testing-action@6ec842c01de15ebb84c8627d2744a0c2f2755c9f # v2.8.0
 
     - name: Run chart-testing (lint)
       shell: bash

actions/ci-lint-misc/action.yml

@@ -26,7 +26,7 @@ runs:
         fetch-depth: ${{ inputs.checkout-repo-fetch-depth }}
 
     - name: Run actionlint
-      uses: reviewdog/action-actionlint@0d952c597ef8459f634d7145b0b044a9699e5e43 # v1.71.0
+      uses: reviewdog/action-actionlint@6fb7acc99f4a1008869fa8a0f09cfca740837d9d # v1.72.0
 
     - name: Run shellcheck
       uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # v2.0.0

actions/ci-sonarqube-go/action.yml

@@ -90,7 +90,7 @@ runs:
         echo "SONARQUBE_ARGS=$ARGS" >> $GITHUB_ENV
 
     - name: SonarQube Scan
-      uses: sonarsource/sonarqube-scan-action@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9 # v7.0.0
+      uses: sonarsource/sonarqube-scan-action@299e4b793aaa83bf2aba7c9c14bedbb485688ec4 # v7.1.0
       with:
         args: ${{ env.SONARQUBE_ARGS }}
       env:

actions/ci-sonarqube-ts/action.yml

@@ -110,7 +110,7 @@ runs:
         steps.sonarqube_report_paths.outputs.sonarqube_lint_report_paths }}
 
     - name: SonarQube Scan
-      uses: sonarsource/sonarqube-scan-action@a31c9398be7ace6bbfaf30c0bd5d415f843d45e9 # v7.0.0
+      uses: sonarsource/sonarqube-scan-action@299e4b793aaa83bf2aba7c9c14bedbb485688ec4 # v7.1.0
       with:
         args: ${{ env.SONARQUBE_ARGS }}
       env:

actions/ci-test-sol/action.yml

@@ -68,7 +68,7 @@ runs:
         run-install: "true"
 
     - name: Setup foundry
-      uses: foundry-rs/foundry-toolchain@8f1998e9878d786675189ef566a2e4bf24869773 # v1.2.0
+      uses: foundry-rs/foundry-toolchain@8789b3e21e6c11b2697f5eb56eddae542f746c10 # v1.7.0
       with:
         version: ${{ inputs.foundry-version }}
 

actions/cicd-build-publish-artifacts-go/action.yml

@@ -135,15 +135,15 @@ runs:
 
     - name: Setup zig
       if: inputs.use-zig == 'true'
-      uses: goto-bus-stop/setup-zig@7ab2955eb728f5440978d5824358023be3a2802d # v2.2.0
+      uses: goto-bus-stop/setup-zig@abea47f85e598557f500fa1fd2ab7464fcb39406 # v2.2.1
       with:
         version: ${{ inputs.zig-version }}
 
     - name: Setup docker buildx
-      uses: docker/setup-buildx-action@988b5a0280414f521da01fcc63a27aeeb4b104db # v3.6.1
+      uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
     - name: Set up qemu
-      uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
+      uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0
 
     - name: Process params
       shell: bash
@@ -164,7 +164,7 @@ runs:
         fi
 
     - name: Configure aws creds
-      uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 # v6.0.0
+      uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0
       if: inputs.publish == 'true' && inputs.docker-registry == 'aws'
       with:
         role-to-assume: ${{ inputs.aws-role-arn }}
@@ -174,20 +174,20 @@ runs:
 
     - name: Login to aws ecr
       if: inputs.publish == 'true' && inputs.docker-registry == 'aws'
-      uses: aws-actions/amazon-ecr-login@f2e9fc6c2b355c1890b65e6f6f0e2ac3e6e22f78 # v2.1.2
+      uses: aws-actions/amazon-ecr-login@376925c9d111252e87ae59691e5a442dd100ef6a # v2.1.3
       with:
         registries: ${{ steps.process-params.outputs.aws-account-number }}
 
     - name: Update tag
       if: inputs.update-git-tag == 'true'
-      uses: richardsimko/update-tag@e173a8ef8f54ab526a91dad6139a25efed62424c # v1.0.11
+      uses: richardsimko/update-tag@aab2434e9a5040687874aa39d1c6377ec0cb0d94 # v1.1.6
       with:
         tag_name: v0.0.0-devel
       env:
         GITHUB_TOKEN: ${{ github.token }} # ${{ steps.get-gh-token.outputs.access-token }}
 
     - name: Run goreleaser release
-      uses: goreleaser/goreleaser-action@90a3faa9d0182683851fbfa97ca1a2cb983bfca3 # v6.2.1
+      uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6.4.0
       with:
         version: ${{ inputs.goreleaser-version }}
         distribution: ${{ inputs.goreleaser-dist }}

actions/cicd-build-publish-artifacts-ts/action.yml

@@ -85,11 +85,11 @@ runs:
 
     - name: Set up qemu
       if: inputs.setup-qemu == 'true'
-      uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
+      uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0
 
     - name: Setup foundry
       if: inputs.setup-foundry == 'true'
-      uses: foundry-rs/foundry-toolchain@8f1998e9878d786675189ef566a2e4bf24869773 # v1.2.0
+      uses: foundry-rs/foundry-toolchain@8789b3e21e6c11b2697f5eb56eddae542f746c10 # v1.7.0
       with:
         version: ${{ inputs.foundry-version }}
 
@@ -108,7 +108,7 @@ runs:
 
     - name: Upload artifacts to release
       if: inputs.publish-release == 'true'
-      uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # 2.9.0
+      uses: svenstaro/upload-release-action@29e53e917877a24fad85510ded594ab3c9ca12de # 2.11.5
       with:
         repo_token: ${{ github.token }}
         file: ${{ inputs.release-assets }}
@@ -118,7 +118,7 @@ runs:
 
     - name: Upload artifacts to monorepo release
       if: inputs.publish-monorepo-release == 'true'
-      uses: svenstaro/upload-release-action@04733e069f2d7f7f0b4aebc4fbdbce8613b03ccd # 2.9.0
+      uses: svenstaro/upload-release-action@29e53e917877a24fad85510ded594ab3c9ca12de # 2.11.5
       with:
         repo_token: ${{ github.token }}
         file:

actions/cicd-build-publish-charts/action.yml

@@ -53,7 +53,7 @@ runs:
         fetch-depth: ${{ inputs.checkout-repo-fetch-depth }}
 
     - name: Setup helm
-      uses: azure/setup-helm@fe7b79cd5ee1e45176fcad797de68ecaf3ca4814 # v4.2.0
+      uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4.3.1
       with:
         version: v3.12.0
 
@@ -69,7 +69,7 @@ runs:
 
     - name: Configure aws creds
       if: inputs.publish == 'true'
-      uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7 # v6.0.0
+      uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0
       with:
         role-to-assume: ${{ inputs.aws-role-arn }}
         role-duration-seconds: ${{ inputs.aws-role-duration-seconds }}

actions/crib-deploy-environment/action.yml

@@ -232,7 +232,7 @@ runs:
           cli: './cli/**'
 
     - name: Login to AWS ECR for Helm
-      uses: aws-actions/amazon-ecr-login@f2e9fc6c2b355c1890b65e6f6f0e2ac3e6e22f78 # v2.1.2
+      uses: aws-actions/amazon-ecr-login@376925c9d111252e87ae59691e5a442dd100ef6a # v2.1.3
       env:
         AWS_REGION: ${{ inputs.aws-region }}
       with:
@@ -364,7 +364,7 @@ runs:
         failure() && inputs.crib-alert-slack-webhook != '' && inputs.send-alerts
         == 'true'
       id: slack
-      uses: slackapi/slack-github-action@70cd7be8e40a46e8b0eced40b0de447bdb42f68e # v1.26.0
+      uses: slackapi/slack-github-action@fcfb566f8b0aab22203f066d80ca1d7e4b5d05b3 # v1.27.1
       with:
         # For posting a rich message using Block Kit
         payload: ${{ steps.render-slack-template.outputs.result }}