diff --git a/.github/workflows/bump-release.yml b/.github/workflows/bump-release.yml index f476da6..807d824 100644 --- a/.github/workflows/bump-release.yml +++ b/.github/workflows/bump-release.yml @@ -53,12 +53,12 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 - name: install svu - uses: go-openapi/gh-actions/install/svu@00fc74b63fc83dd6031018ecbeac387ca9131fe2 # v0.1.0 + uses: go-openapi/gh-actions/install/svu@1858418426dbac3d049760855ddbbddf9128d4b4 # v0.1.6 - name: Bump release id: bump-release diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e8cbfa4..9f73cdb 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -22,13 +22,13 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - # Initializes the CodeQL tools for scanning. name: Initialize CodeQL - uses: github/codeql-action/init@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5 + uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6 with: languages: ${{ matrix.language }} - name: Analyze ${{ matrix.language }} - uses: github/codeql-action/analyze@fdbfb4d2750291e159f0156def62b853c2798ca2 # v4.31.5 + uses: github/codeql-action/analyze@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6 diff --git a/.github/workflows/collect-coverage.yml b/.github/workflows/collect-coverage.yml index 66443e9..1ffa60b 100644 --- a/.github/workflows/collect-coverage.yml +++ b/.github/workflows/collect-coverage.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ github.event.pull_request.head.ref }} repository: ${{ github.event.pull_request.head.repo.full_name }} diff --git a/.github/workflows/collect-reports.yml b/.github/workflows/collect-reports.yml index 9da967b..6209775 100644 --- a/.github/workflows/collect-reports.yml +++ b/.github/workflows/collect-reports.yml @@ -32,7 +32,7 @@ jobs: path: reports/ - name: Install go-junit-report - uses: go-openapi/gh-actions/install/go-junit-report@2c8f8152814933c4cead92a51558699238ee9565 + uses: go-openapi/gh-actions/install/go-junit-report@1858418426dbac3d049760855ddbbddf9128d4b4 - name: Convert test reports to a merged JUnit XML # NOTE: codecov test reports only support JUnit format at this moment. See https://docs.codecov.com/docs/test-analytics. @@ -57,7 +57,7 @@ jobs: verbose: true - name: Install go-ctrf-json-reporter - uses: go-openapi/gh-actions/install/go-ctrf-json-reporter@2c8f8152814933c4cead92a51558699238ee9565 + uses: go-openapi/gh-actions/install/go-ctrf-json-reporter@1858418426dbac3d049760855ddbbddf9128d4b4 - name: Convert test reports to CTRF JSON # description: | diff --git a/.github/workflows/contributors.yml b/.github/workflows/contributors.yml index 92a0ee8..16bbe83 100644 --- a/.github/workflows/contributors.yml +++ b/.github/workflows/contributors.yml @@ -18,10 +18,10 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - name: Identify all-time contributors to this repository - uses: github/contributors@abf36819e840f6e8056dcd40d33003ce7c4bc8dd # v1.7.6 + uses: github/contributors@e345de71bbd056a34a70709afd4f4bf0a270cc1a # v1.7.7 env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} REPOSITORY: ${{ github.repository }} diff --git a/.github/workflows/fuzz-test.yml b/.github/workflows/fuzz-test.yml index 2d01b5b..fa4d7ad 100644 --- a/.github/workflows/fuzz-test.yml +++ b/.github/workflows/fuzz-test.yml @@ -25,7 +25,7 @@ jobs: FUZZ_MINIMIZE_TIME: 5m steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 with: diff --git a/.github/workflows/go-test.yml b/.github/workflows/go-test.yml index 1827a83..3b4101b 100644 --- a/.github/workflows/go-test.yml +++ b/.github/workflows/go-test.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 with: @@ -44,7 +44,7 @@ jobs: steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 with: @@ -53,7 +53,7 @@ jobs: cache: true - name: Install gotestsum - uses: go-openapi/gh-actions/install/gotestsum@2c8f8152814933c4cead92a51558699238ee9565 + uses: go-openapi/gh-actions/install/gotestsum@1858418426dbac3d049760855ddbbddf9128d4b4 - name: Run unit tests run: > diff --git a/.github/workflows/markdown-changed.yml b/.github/workflows/markdown-changed.yml index 199ee61..0473fa0 100644 --- a/.github/workflows/markdown-changed.yml +++ b/.github/workflows/markdown-changed.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Originating repo checkout (e.g. public fork) - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ github.event.pull_request.head.sha }} - diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a41715d..d542ef0 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 - @@ -63,7 +63,7 @@ jobs: --with-tag-message '${{ steps.get-message.outputs.message }}' - name: Create github release - uses: softprops/action-gh-release@5be0e66d93ac7ed76da52eca8bb058f665c3a5fe # v2.4.2 + uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2.5.0 with: body: ${{ steps.notes.outputs.content }} tag_name: ${{ inputs.tag }} diff --git a/.github/workflows/scanner.yml b/.github/workflows/scanner.yml index d063e66..78ea3db 100644 --- a/.github/workflows/scanner.yml +++ b/.github/workflows/scanner.yml @@ -24,7 +24,7 @@ jobs: security-events: write steps: - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - @@ -39,7 +39,7 @@ jobs: exit-code: 0 - name: Upload trivy findings to code scanning dashboard - uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6 with: category: trivy sarif_file: trivy-code-report.sarif @@ -59,7 +59,7 @@ jobs: output-file: govulnscan-report.sarif - name: Upload govulnscan findings to code scanning dashboard - uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3 + uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6 with: category: govulnscan sarif_file: govulnscan-report.sarif