build(deps): bump the all group with 4 updates

dependabot[bot] · web-flow · commit 599b8b14c5e5 · 2025-09-15T04:08:27.000Z
Bumps the all group with 4 updates: [actions/github-script](https://github.com/actions/github-script), [actions/checkout](https://github.com/actions/checkout), [docker/login-action](https://github.com/docker/login-action) and [google-github-actions/auth](https://github.com/google-github-actions/auth). Updates `actions/github-script` from 7.0.1 to 8.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@60a0d83...ed59741) Updates `actions/checkout` from 4.2.2 to 5.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4.2.2...08c6903) Updates `docker/login-action` from 3.4.0 to 3.5.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v3.4.0...184bdaa) Updates `google-github-actions/auth` from 2.1.10 to 3.0.0 - [Release notes](https://github.com/google-github-actions/auth/releases) - [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md) - [Commits](google-github-actions/auth@ba79af0...7c6bc77) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: docker/login-action dependency-version: 3.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: google-github-actions/auth dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com>
diff --git a/.github/workflows/bench.yml b/.github/workflows/bench.yml
@@ -19,7 +19,7 @@ jobs:
         id: config
         env:
           COMMENT_BODY: ${{ github.event.comment.body }}
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1
+        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
         with:
           script: |
             if (context.eventName === 'workflow_dispatch') {
@@ -51,7 +51,7 @@ jobs:
 
             core.setOutput('head', response.data.head.sha)
 
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           ref: ${{ steps.config.outputs.head }}
 
@@ -67,7 +67,7 @@ jobs:
           oci: false
 
       - name: Login to GitHub Container Registry
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
+        uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0
         id: registry_login
         with:
           registry: ghcr.io
@@ -89,10 +89,10 @@ jobs:
     env:
       TAG: ${{needs.publish-benchmark-container.outputs.head}}
     steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           ref: ${{needs.publish-benchmark-container.outputs.head}}
-      - uses: google-github-actions/auth@ba79af03959ebeac9769e648f473a284504d9193 # v2.1.10
+      - uses: google-github-actions/auth@7c6bc770dae815cd3e89ee6cdf493a5fab2cc093 # v3.0.0
         with:
           workload_identity_provider: projects/306323169285/locations/global/workloadIdentityPools/github-actions-pool/providers/github-actions-provider
           service_account: 'model-transparency-gha@sigstore-infra-playground.iam.gserviceaccount.com'
