diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 39f948ec1c..38a7d4d7db 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -62,7 +62,7 @@ jobs: echo '' > ${{ github.workspace }}/docs/html/performance/index.html - name: Upload artifact - uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4.0.0 + uses: actions/upload-pages-artifact@fc324d3547104276b827a68afc52ff2a11cc49c9 # v5.0.0 with: path: ${{github.workspace}}/docs/html diff --git a/.github/workflows/pr-migration-auto-close.yml b/.github/workflows/pr-migration-auto-close.yml index 19b6afd8fb..cd087d6fc0 100644 --- a/.github/workflows/pr-migration-auto-close.yml +++ b/.github/workflows/pr-migration-auto-close.yml @@ -18,7 +18,7 @@ jobs: steps: - name: Close PRs labeled "auto-close" - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/pr-migration-warn.yml b/.github/workflows/pr-migration-warn.yml index 65cd622466..35edd09996 100644 --- a/.github/workflows/pr-migration-warn.yml +++ b/.github/workflows/pr-migration-warn.yml @@ -18,7 +18,7 @@ jobs: steps: - name: Label and comment on open PRs - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 6ea7166af1..34ed2e3dfc 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -47,7 +47,7 @@ jobs: publish_results: true - name: "Upload artifact" - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # 7.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: Scorecard results path: scorecard_results.sarif @@ -55,6 +55,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1 + uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3 with: sarif_file: scorecard_results.sarif diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 5abbe18c0f..03294c22e7 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -28,7 +28,7 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Run Trivy - uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0 + uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0 with: scan-type: 'config' hide-progress: false @@ -45,6 +45,6 @@ jobs: cat trivy-results.sarif - name: Upload results - uses: github/codeql-action/upload-sarif@c10b8064de6f491fea524254123dbe5e09572f13 # v4.35.1 + uses: github/codeql-action/upload-sarif@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3 with: sarif_file: 'trivy-results.sarif' diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index f391b0fcc3..e43c7fc61a 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -26,4 +26,4 @@ jobs: sparse-checkout: | .github/workflows/*.yml - name: Run zizmor - uses: zizmorcore/zizmor-action@71321a20a9ded102f6e9ce5718a2fcec2c4f70d8 # v0.5.2 + uses: zizmorcore/zizmor-action@b1d7e1fb5de872772f31590499237e7cce841e8e # v0.5.3