Skip to content

Commit ebf77b2

Browse files
authored
Merge pull request #166 from basecamp/dependabot/github_actions/github-actions-28fb845a17
ci: bump the github-actions group across 1 directory with 9 updates
2 parents 1a6001b + 3593255 commit ebf77b2

4 files changed

Lines changed: 11 additions & 11 deletions

File tree

.github/workflows/release.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -79,15 +79,15 @@ jobs:
7979
8080
- name: Generate GitHub App token
8181
id: app-token
82-
uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
82+
uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
8383
with:
8484
app-id: ${{ vars.RELEASE_CLIENT_ID }}
8585
private-key: ${{ secrets.RELEASE_APP_PRIVATE_KEY }}
8686
repositories: homebrew-tap
8787
permission-contents: write
8888

8989
- name: Install cosign
90-
uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
90+
uses: sigstore/cosign-installer@6f9f17788090df1f26f669e9d70d6ae9567deba6 # v4.1.2
9191

9292
- name: Install Syft
9393
uses: anchore/sbom-action/download-syft@e22c389904149dbc22b58101806040fa8d37a610 # v0.24.0
@@ -102,7 +102,7 @@ jobs:
102102
rm fizzy-tmp
103103
104104
- name: Run GoReleaser
105-
uses: goreleaser/goreleaser-action@e24998b8b67b290c2fa8b7c14fcfa7de2c5c9b8c # v7.1.0
105+
uses: goreleaser/goreleaser-action@5daf1e915a5f0af01ddbcd89a43b8061ff4f1a89 # v7.2.2
106106
with:
107107
version: 'v2.14.1'
108108
args: release --clean

.github/workflows/scorecard.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@ jobs:
3434
path: results.sarif
3535
retention-days: 5
3636

37-
- uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
37+
- uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0
3838
continue-on-error: true
3939
with:
4040
sarif_file: results.sarif

.github/workflows/security.yml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -40,12 +40,12 @@ jobs:
4040
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
4141
with:
4242
persist-credentials: false
43-
- uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # 0.35.0
43+
- uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0
4444
with:
4545
scan-type: fs
4646
format: sarif
4747
output: trivy-results.sarif
48-
- uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
48+
- uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0
4949
with:
5050
sarif_file: trivy-results.sarif
5151
category: trivy
@@ -61,10 +61,10 @@ jobs:
6161
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
6262
with:
6363
persist-credentials: false
64-
- uses: securego/gosec@223e19b8856e00f02cc67804499a83f77e208f3c # v2.25.0
64+
- uses: securego/gosec@4a3bd8af174872c778439083ded7adbf3747e770 # v2.26.1
6565
with:
6666
args: -no-fail -exclude=G304,G401,G501 -exclude-dir=e2e -fmt sarif -out gosec-results.sarif ./...
67-
- uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2
67+
- uses: github/codeql-action/upload-sarif@7211b7c8077ea37d8641b6271f6a365a22a5fbfa # v4.36.0
6868
with:
6969
sarif_file: gosec-results.sarif
7070
category: gosec
@@ -79,4 +79,4 @@ jobs:
7979
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
8080
with:
8181
persist-credentials: false
82-
- uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4.9.0
82+
- uses: actions/dependency-review-action@a1d282b36b6f3519aa1f3fc636f609c47dddb294 # v5.0.0

.github/workflows/test.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@ jobs:
6060
run: go vet ./...
6161

6262
- name: golangci-lint
63-
uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9.2.0
63+
uses: golangci/golangci-lint-action@82606bf257cbaff209d206a39f5134f0cfbfd2ee # v9.2.1
6464
with:
6565
version: v2.10
6666

@@ -97,7 +97,7 @@ jobs:
9797
uses: rhysd/actionlint@914e7df21a07ef503a81201c76d2b11c789d3fca # v1.7.12
9898

9999
- name: Run zizmor
100-
uses: zizmorcore/zizmor-action@b1d7e1fb5de872772f31590499237e7cce841e8e # v0.5.3
100+
uses: zizmorcore/zizmor-action@5f14fd08f7cf1cb1609c1e344975f152c7ee938d # v0.5.6
101101
with:
102102
advanced-security: false
103103

0 commit comments

Comments
 (0)