From ce1e2b13cd1afe52e450af86fe68be9feba81b07 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Sun, 28 Apr 2024 22:28:41 +0000 Subject: [PATCH] Update github-actions --- .github/workflows/ci.yml | 14 +++++++------- .github/workflows/codeql.yml | 2 +- .github/workflows/scorecards.yml | 6 +++--- .github/workflows/snyk.yml | 2 +- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 36afca5..069a14e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -13,17 +13,17 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@27135e314dd1818f797af1db9dae03a9f045786b + uses: actions/checkout@8459bc0c7e3759cdf591f513d9f141a95fef0a8f with: fetch-depth: 0 - name: Setup Go - uses: actions/setup-go@c51a7207680f1bee06f4a751214aab70667f9e25 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 with: go-version-file: ./go.mod # Linting - name: Linting - uses: golangci/golangci-lint-action@92ba55cf0d79a9feb999e9bcef95c952bbbe545a + uses: golangci/golangci-lint-action@d149ece3f4b24e9c6b291dbcdfe0b4bb68ed31b2 with: version: latest args: --config=./.github/.golangci.yml ./... @@ -38,11 +38,11 @@ jobs: go: [ '1.21', '1.20' ] steps: - name: Checkout repo - uses: actions/checkout@27135e314dd1818f797af1db9dae03a9f045786b + uses: actions/checkout@8459bc0c7e3759cdf591f513d9f141a95fef0a8f with: fetch-depth: 0 - name: Setup Go - uses: actions/setup-go@c51a7207680f1bee06f4a751214aab70667f9e25 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 with: go-version: ${{ matrix.go }} @@ -55,11 +55,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repo - uses: actions/checkout@27135e314dd1818f797af1db9dae03a9f045786b + uses: actions/checkout@8459bc0c7e3759cdf591f513d9f141a95fef0a8f with: fetch-depth: 0 - name: Setup Go - uses: actions/setup-go@c51a7207680f1bee06f4a751214aab70667f9e25 + uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 with: go-version-file: ./go.mod diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 93b4dee..e8acfcc 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@27135e314dd1818f797af1db9dae03a9f045786b # pin@master + uses: actions/checkout@8459bc0c7e3759cdf591f513d9f141a95fef0a8f # pin@master # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index bc4c623..76a1211 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -22,12 +22,12 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@27135e314dd1818f797af1db9dae03a9f045786b # pin@master + uses: actions/checkout@8459bc0c7e3759cdf591f513d9f141a95fef0a8f # pin@master with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@c1aec4ac820532bab364f02a81873c555a0ba3a1 # pin@master + uses: ossf/scorecard-action@fad9a3cc533bb069b1f01f272f1f630895cd690a # pin@master with: results_file: results.sarif results_format: sarif @@ -42,7 +42,7 @@ jobs: # Upload the results as artifacts (optional). - name: "Upload artifact" - uses: actions/upload-artifact@82c141cc518b40d92cc801eee768e7aafc9c2fa2 # pin@master + uses: actions/upload-artifact@552bf3722c16e81001aea7db72d8cedf64eb5f68 # pin@master with: name: SARIF file path: results.sarif diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml index 98ff9ce..cdc2ac0 100644 --- a/.github/workflows/snyk.yml +++ b/.github/workflows/snyk.yml @@ -17,7 +17,7 @@ jobs: name: Snyk runs-on: ubuntu-latest steps: - - uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # pin@master + - uses: actions/checkout@8459bc0c7e3759cdf591f513d9f141a95fef0a8f # pin@master - name: Run Snyk to check for vulnerabilities uses: snyk/actions/golang@3e2680e8df93a24b52d119b1305fb7cedc60ceae # pin@master env: