From 48119b52d2c4141f9184036b30ce0bdf308a75c5 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 13 Nov 2023 12:32:38 +0000
Subject: [PATCH] ci: bump the github-actions group with 4 updates

Bumps the github-actions group with 4 updates: [crate-ci/typos](https://github.com/crate-ci/typos), [actions/github-script](https://github.com/actions/github-script), [DeterminateSystems/nix-installer-action](https://github.com/determinatesystems/nix-installer-action) and [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).


Updates `crate-ci/typos` from 1.16.22 to 1.16.23
- [Release notes](https://github.com/crate-ci/typos/releases)
- [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crate-ci/typos/compare/v1.16.22...v1.16.23)

Updates `actions/github-script` from 5 to 6
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](https://github.com/actions/github-script/compare/v5...v6)

Updates `DeterminateSystems/nix-installer-action` from 6 to 7
- [Release notes](https://github.com/determinatesystems/nix-installer-action/releases)
- [Commits](https://github.com/determinatesystems/nix-installer-action/compare/v6...v7)

Updates `aquasecurity/trivy-action` from 0.13.1 to 0.14.0
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/f78e9ecf42a1271402d4f484518b9313235990e1...2b6a709cf9c4025c5438138008beaddbb02086f0)

---
updated-dependencies:
- dependency-name: crate-ci/typos
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions/github-script
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: DeterminateSystems/nix-installer-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/ci.yaml       | 2 +-
 .github/workflows/dogfood.yaml  | 2 +-
 .github/workflows/security.yaml | 2 +-
 .github/workflows/stale.yaml    | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 41365ecf34eb3..476f8bad9180a 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -136,7 +136,7 @@ jobs:
 
       # Check for any typos
       - name: Check for typos
-        uses: crate-ci/typos@v1.16.22
+        uses: crate-ci/typos@v1.16.23
         with:
           config: .github/workflows/typos.toml
 
diff --git a/.github/workflows/dogfood.yaml b/.github/workflows/dogfood.yaml
index b265504c0c73f..a4d7322e8a7e9 100644
--- a/.github/workflows/dogfood.yaml
+++ b/.github/workflows/dogfood.yaml
@@ -38,7 +38,7 @@ jobs:
           echo "tag=${tag}" >> $GITHUB_OUTPUT
 
       - name: Install Nix
-        uses: DeterminateSystems/nix-installer-action@v6
+        uses: DeterminateSystems/nix-installer-action@v7
 
       - name: Run the Magic Nix Cache
         uses: DeterminateSystems/magic-nix-cache-action@v2
diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml
index 55cbe3979b809..5f495961bb63a 100644
--- a/.github/workflows/security.yaml
+++ b/.github/workflows/security.yaml
@@ -122,7 +122,7 @@ jobs:
           image_name: ${{ steps.build.outputs.image }}
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@f78e9ecf42a1271402d4f484518b9313235990e1
+        uses: aquasecurity/trivy-action@2b6a709cf9c4025c5438138008beaddbb02086f0
         with:
           image-ref: ${{ steps.build.outputs.image }}
           format: sarif
diff --git a/.github/workflows/stale.yaml b/.github/workflows/stale.yaml
index 2a3544eb5627e..0b3e3272b52c2 100644
--- a/.github/workflows/stale.yaml
+++ b/.github/workflows/stale.yaml
@@ -31,7 +31,7 @@ jobs:
           # Start with the oldest issues, always.
           ascending: true
       - name: "Close old issues labeled likely-no"
-        uses: actions/github-script@v5
+        uses: actions/github-script@v6
         with:
           github-token: ${{ secrets.GITHUB_TOKEN }}
           script: |