chore: update CI actions, Go 1.25, Alpine 3.22

Updates CI to latest major actions (checkout v5, setup-go v6, upload-artifact v5, CodeQL v4) for security and compatibility. Uses stable major tag for autofix action. Updates Docker images to Go 1.25 and Alpine 3.22 to leverage newer toolchain and patched bases. Updates open-pull-requests-limit to 2 in dependabot.yml and upgrade CodeQL action to v4
2026-01-16 08:22:09 +01:00 · 2025-11-05 22:28:20 +01:00
parent 422b56aa86
commit af15bcccd4
8 changed files with 27 additions and 27 deletions
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -61,7 +61,7 @@ jobs:
        # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
    steps:
    - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@v5

    # Add any setup steps before running the `github/codeql-action/init` action.
    # This includes steps like installing compilers or runtimes (`actions/setup-node`
@ -71,7 +71,7 @@ jobs:

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@v4
      with:
        languages: ${{ matrix.language }}
        build-mode: ${{ matrix.build-mode }}
@ -99,6 +99,6 @@ jobs:
        exit 1

    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@v4
      with:
        category: "/language:${{matrix.language}}"