diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 1fa679259..178b28050 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -100,7 +100,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3 + uses: github/codeql-action/init@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} @@ -117,7 +117,7 @@ jobs: run: make build -j - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@e46ed2cbd01164d986452f91f178727624ae40d7 # v4.35.3 + uses: github/codeql-action/analyze@9e0d7b8d25671d64c341c19c0152d693099fb5ba # v4.35.5 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/flake_vendorhash.yaml b/.github/workflows/flake_vendorhash.yaml index 04be88696..eb44f05d9 100644 --- a/.github/workflows/flake_vendorhash.yaml +++ b/.github/workflows/flake_vendorhash.yaml @@ -17,7 +17,7 @@ jobs: steps: - name: Generate token id: generate_token - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v2 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v2 with: # OCMBot app-id: ${{ secrets.OCMBOT_APP_ID }} private-key: ${{ secrets.OCMBOT_PRIV_KEY }} diff --git a/.github/workflows/publish-latest.yaml b/.github/workflows/publish-latest.yaml index c46794072..296ce7fea 100644 --- a/.github/workflows/publish-latest.yaml +++ b/.github/workflows/publish-latest.yaml @@ -23,7 +23,7 @@ jobs: steps: - name: Generate token id: generate_token - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v2 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v2 with: # OCMBot app-id: ${{ secrets.OCMBOT_APP_ID }} private-key: ${{ secrets.OCMBOT_PRIV_KEY }} @@ -53,7 +53,7 @@ jobs: path: go-build-cache key: ${{ runner.os }}-go-build-cache-${{ hashFiles('**/go.sum') }} - name: inject go-build-cache into docker - uses: reproducible-containers/buildkit-cache-dance@1b8ab18fbda5ad3646e3fcc9ed9dd41ce2f297b4 # v3.3.2 + uses: reproducible-containers/buildkit-cache-dance@5422eac04292c961a382e0f584ea0f03ad9da723 # v3.4.0 with: cache-source: go-build-cache - name: Build and push @@ -81,7 +81,7 @@ jobs: uses: TooMuch4U/actions-clean@9b358e33df99574ac0bdf2e92fa3db1ae1415563 # v2.2 - name: Generate token id: generate_token - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v2 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v2 with: # OCMBot app-id: ${{ secrets.OCMBOT_APP_ID }} private-key: ${{ secrets.OCMBOT_PRIV_KEY }} diff --git a/.github/workflows/publish-to-other-than-github.yaml b/.github/workflows/publish-to-other-than-github.yaml index 5e53a5222..7dbfbb9f9 100644 --- a/.github/workflows/publish-to-other-than-github.yaml +++ b/.github/workflows/publish-to-other-than-github.yaml @@ -26,7 +26,7 @@ jobs: run: echo "RELEASE_VERSION=$(echo ${{ github.event.client_payload.version }} | tr -d ['v'])" >> $GITHUB_ENV - name: Generate token id: generate_token - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v2 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v2 with: # OCMBot app-id: ${{ secrets.OCMBOT_APP_ID }} private-key: ${{ secrets.OCMBOT_PRIV_KEY }} @@ -112,7 +112,7 @@ jobs: echo "RELEASE_VERSION=$version" | Out-File $env:GITHUB_ENV - name: Generate token id: generate_token - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v2 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v2 with: # OCMBot app-id: ${{ secrets.OCMBOT_APP_ID }} private-key: ${{ secrets.OCMBOT_PRIV_KEY }} @@ -134,7 +134,7 @@ jobs: run: echo "RELEASE_VERSION=$(echo ${{ github.event.client_payload.version }})" >> $GITHUB_ENV - name: Generate token id: generate_token - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v2 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v2 with: # OCMBot app-id: ${{ secrets.OCMBOT_APP_ID }} private-key: ${{ secrets.OCMBOT_PRIV_KEY }} diff --git a/.github/workflows/release-branch.yaml b/.github/workflows/release-branch.yaml index a11ac6b4a..4492a558f 100644 --- a/.github/workflows/release-branch.yaml +++ b/.github/workflows/release-branch.yaml @@ -25,7 +25,7 @@ jobs: steps: - name: Generate token id: generate_token - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v2 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v2 with: # OCMBot app-id: ${{ secrets.OCMBOT_APP_ID }} private-key: ${{ secrets.OCMBOT_PRIV_KEY }} @@ -70,7 +70,7 @@ jobs: steps: - name: Generate token id: generate_token - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v2 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v2 with: # OCMBot app-id: ${{ secrets.OCMBOT_APP_ID }} private-key: ${{ secrets.OCMBOT_PRIV_KEY }} diff --git a/.github/workflows/release-bump-version.yaml b/.github/workflows/release-bump-version.yaml index 8d3c707c7..d8a985e46 100644 --- a/.github/workflows/release-bump-version.yaml +++ b/.github/workflows/release-bump-version.yaml @@ -34,7 +34,7 @@ jobs: fi - name: Generate token id: generate_token - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v2 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v2 with: # OCMBot app-id: ${{ secrets.OCMBOT_APP_ID }} private-key: ${{ secrets.OCMBOT_PRIV_KEY }} diff --git a/.github/workflows/release-drafter.yaml b/.github/workflows/release-drafter.yaml index 48ed4f621..ee0564d7a 100644 --- a/.github/workflows/release-drafter.yaml +++ b/.github/workflows/release-drafter.yaml @@ -33,7 +33,7 @@ jobs: steps: - name: Generate token id: generate_token - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v2 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v2 with: # OCMBot app-id: ${{ secrets.OCMBOT_APP_ID }} private-key: ${{ secrets.OCMBOT_PRIV_KEY }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index a782ac1d1..0a3ffeda3 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -58,7 +58,7 @@ jobs: echo "Branch ${{ env.REF }} is a valid release branch" - name: Generate token id: generate_token - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v2 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v2 with: # OCMBot app-id: ${{ secrets.OCMBOT_APP_ID }} private-key: ${{ secrets.OCMBOT_PRIV_KEY }} @@ -114,7 +114,7 @@ jobs: uses: TooMuch4U/actions-clean@9b358e33df99574ac0bdf2e92fa3db1ae1415563 # v2.2 - name: Generate token id: generate_token - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v2 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v2 with: # OCMBot app-id: ${{ secrets.OCMBOT_APP_ID }} private-key: ${{ secrets.OCMBOT_PRIV_KEY }} diff --git a/.github/workflows/retrigger-publish-to-other.yaml b/.github/workflows/retrigger-publish-to-other.yaml index 502de45aa..201d0ae3e 100644 --- a/.github/workflows/retrigger-publish-to-other.yaml +++ b/.github/workflows/retrigger-publish-to-other.yaml @@ -40,7 +40,7 @@ jobs: steps: - name: Generate token id: generate_token - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v2 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v2 with: # OCMBot app-id: ${{ secrets.OCMBOT_APP_ID }} private-key: ${{ secrets.OCMBOT_PRIV_KEY }}