diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 474c3ae..d90d1d2 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -50,7 +50,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 + uses: github/codeql-action/init@f0f3afee809481da311ca3a6ff1ff51d81dbeb24 # v3.26.4 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -60,7 +60,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 + uses: github/codeql-action/autobuild@f0f3afee809481da311ca3a6ff1ff51d81dbeb24 # v3.26.4 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -73,6 +73,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 + uses: github/codeql-action/analyze@f0f3afee809481da311ca3a6ff1ff51d81dbeb24 # v3.26.4 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/ozi.yml b/.github/workflows/ozi.yml index 2e42c22..216f99d 100644 --- a/.github/workflows/ozi.yml +++ b/.github/workflows/ozi.yml @@ -39,7 +39,7 @@ jobs: rekor.sigstore.dev:443 tuf-repo-cdn.sigstore.dev:443 - - uses: OZI-Project/checkpoint@bfd6e529455ff6ec099bfd16be2ab86fa0332a71 + - uses: OZI-Project/checkpoint@cd1117d2d6d352e52d9dfdb603b8ebd7ef964908 with: python-version: "3.10" @@ -68,7 +68,7 @@ jobs: rekor.sigstore.dev:443 tuf-repo-cdn.sigstore.dev:443 - - uses: OZI-Project/checkpoint@bfd6e529455ff6ec099bfd16be2ab86fa0332a71 + - uses: OZI-Project/checkpoint@cd1117d2d6d352e52d9dfdb603b8ebd7ef964908 with: python-version: "3.11" @@ -97,7 +97,7 @@ jobs: rekor.sigstore.dev:443 tuf-repo-cdn.sigstore.dev:443 - - uses: OZI-Project/checkpoint@bfd6e529455ff6ec099bfd16be2ab86fa0332a71 + - uses: OZI-Project/checkpoint@cd1117d2d6d352e52d9dfdb603b8ebd7ef964908 with: python-version: "3.12" @@ -126,7 +126,7 @@ jobs: rekor.sigstore.dev:443 tuf-repo-cdn.sigstore.dev:443 - - uses: OZI-Project/checkpoint@bfd6e529455ff6ec099bfd16be2ab86fa0332a71 + - uses: OZI-Project/checkpoint@cd1117d2d6d352e52d9dfdb603b8ebd7ef964908 with: python-version: "3.13" @@ -162,7 +162,7 @@ jobs: api.github.com:443 github.com:443 - - uses: OZI-Project/draft@38dfc0df2b189018bbae0b016c61ac1d704c2626 + - uses: OZI-Project/draft@d9421ff8095e084639f3b03673b110033452c9e0 id: draft with: github-token: ${{ secrets.GITHUB_TOKEN }} @@ -205,7 +205,7 @@ jobs: cdn03.quay.io:443 downloads.python.org:443 - - uses: OZI-Project/release@f4172eb60419c98b5cf18c89d78cde8b553f5d15 + - uses: OZI-Project/release@7edb07c74e124270a29b2cd5d32ce7c9fdfc0b22 id: release with: tag: ${{ needs.draft.outputs.tag }} @@ -246,6 +246,6 @@ jobs: upload.pypi.org:443 uploads.github.com:443 - - uses: OZI-Project/publish@e53fb3caac6d0530d1cc3d05d0c3e3a6b6fb1c67 + - uses: OZI-Project/publish@cc463a2e9d2e928559e3edb4bd7f0fbcbefd1f11 with: github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 7651bf5..3a0ad31 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -71,6 +71,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@429e1977040da7a23b6822b13c129cd1ba93dbb2 # v3.26.2 + uses: github/codeql-action/upload-sarif@f0f3afee809481da311ca3a6ff1ff51d81dbeb24 # v3.26.4 with: sarif_file: results.sarif