Merge branch 'master' into input-valid

Author: Pushpalanka

.clusterfuzzlite/Dockerfile

@@ -1,4 +1,4 @@
-FROM gcr.io/oss-fuzz-base/base-builder-go@sha256:fd6832a7a2b20111b2b792ac71184e9684c84652590f136141072a982e0fc26f
+FROM gcr.io/oss-fuzz-base/base-builder-go@sha256:9a47ebe4dc1d194ed95889081b5802d77616151da508cb1f62f7857d7f3c4f00
 
 COPY . $SRC/skipper
 COPY ./.clusterfuzzlite/build.sh $SRC/

.github/dependabot.yml

@@ -13,6 +13,10 @@ updates:
       all-go-mod-patch-and-minor:
         patterns: ["*"]
         update-types: ["patch", "minor"]
+    ignore:
+      - dependency-name: "github.com/open-policy-agent/opa"
+      - dependency-name: "github.com/open-policy-agent/opa-envoy-plugin"
+      - dependency-name: "github.com/envoyproxy/go-control-plane"
   - package-ecosystem: "github-actions"
     directory: "/" # For GitHub Actions, set the directory to / to check for workflow files in .github/workflows
     schedule:

.github/workflows/codeql-analysis.yml

@@ -47,7 +47,7 @@ jobs:
         fetch-depth: 2
 
     - name: Setup Go
-      uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
+      uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a
       with:
         go-version: '^1.21'
         check-latest: true

.github/workflows/docs.yaml

@@ -20,7 +20,7 @@ jobs:
       - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b
         with:
           python-version: 3.x
-      - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a
+      - uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57
         with:
           key: ${{ github.ref }}
           path: .cache

.github/workflows/gh-packages.yaml

@@ -25,7 +25,7 @@ jobs:
       - name: Checkout
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
 
-      - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
+      - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a
         with:
           # https://www.npmjs.com/package/semver#caret-ranges-123-025-004
           go-version: '^1.21'
@@ -50,7 +50,7 @@ jobs:
         uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349
+        uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5
 
       - name: Login to GitHub Container Registry
         if: github.event_name != 'pull_request'
@@ -61,7 +61,7 @@ jobs:
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Docker meta
-        uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81
+        uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96
         id: meta
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
@@ -73,7 +73,7 @@ jobs:
             org.opencontainers.image.vendor=Zalando SE
 
       - name: Build and push
-        uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75
+        uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355
         with:
           context: ./packaging
           build-args: BASE_IMAGE=golang:alpine

.github/workflows/master.yaml

@@ -13,7 +13,7 @@ jobs:
       contents: read
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
-      - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
+      - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a
         with:
           # https://www.npmjs.com/package/semver#caret-ranges-123-025-004
           go-version: "^1.21"

.github/workflows/openssf-scorecard.yaml

@@ -61,7 +61,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
         with:
           name: SARIF file
           path: results.sarif

.github/workflows/pr.yaml

@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
-      - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
+      - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a
         with:
           # https://www.npmjs.com/package/semver#caret-ranges-123-025-004
           go-version: "^1.21"
@@ -34,7 +34,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
-      - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32
+      - uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a
         with:
           # https://www.npmjs.com/package/semver#caret-ranges-123-025-004
           go-version: "^1.21"