diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index b5927fe..36f1b08 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -34,7 +34,7 @@ jobs: - name: Checkout code uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v2 - name: Set up Docker - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 - name: Docker run: make docker-build && make git-porcelain check: @@ -60,7 +60,7 @@ jobs: - name: Test run: make test-e2e - name: Upload coverage reports to Codecov - uses: codecov/codecov-action@7f8b4b4bde536c465e797be725718b88c5d95e0e # v5.1.1 + uses: codecov/codecov-action@1e68e06f1dbfde0e4cefc87efeba9e4643565303 # v5.1.2 with: token: ${{ secrets.CODECOV_TOKEN }} files: coverage.out diff --git a/.github/workflows/grype.yaml b/.github/workflows/grype.yaml index 45f514b..d5c928e 100644 --- a/.github/workflows/grype.yaml +++ b/.github/workflows/grype.yaml @@ -29,7 +29,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0 - name: Build local container uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0 @@ -39,7 +39,7 @@ jobs: load: true - name: Scan image - uses: anchore/scan-action@869c549e657a088dc0441b08ce4fc0ecdac2bb65 # v5.3.0 + uses: anchore/scan-action@abae793926ec39a78ab18002bc7fc45bbbd94342 # v6.0.0 with: image: "localbuild/testimage:latest" fail-build: true diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 1b14198..0824bac 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -25,7 +25,7 @@ jobs: fetch-depth: 0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3 - name: Set up Go uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v2 diff --git a/.github/workflows/osv-pr.yml b/.github/workflows/osv-pr.yml index a18d81e..f682343 100644 --- a/.github/workflows/osv-pr.yml +++ b/.github/workflows/osv-pr.yml @@ -13,4 +13,4 @@ permissions: jobs: scan-pr: - uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v1.9.1" \ No newline at end of file + uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v1.9.2" \ No newline at end of file diff --git a/.github/workflows/osv-schedule.yml b/.github/workflows/osv-schedule.yml index 28b81af..91095e6 100644 --- a/.github/workflows/osv-schedule.yml +++ b/.github/workflows/osv-schedule.yml @@ -16,4 +16,4 @@ permissions: jobs: scan-scheduled: - uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v1.9.1" \ No newline at end of file + uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@v1.9.2" \ No newline at end of file diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 8896418..d310c4b 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -59,7 +59,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: SARIF file path: results.sarif