Update github-actions

bytemare · Jul 26, 2024 · 7cf8de7 · 7cf8de7
1 parent 9cd8251
commit 7cf8de7
Show file tree

Hide file tree

Showing 3 changed files with 13 additions and 13 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -12,7 +12,7 @@ jobs:
     name: Lint
     runs-on: ubuntu-latest
     steps:
-      - uses: step-security/harden-runner@29e9ae12297382bde04e940b27e0638029f9f3cd
+      - uses: step-security/harden-runner@f0db2aa8a570959027d6be2a227028ad19fd9e8f
         with:
           disable-sudo: true
           egress-policy: block
@@ -34,7 +34,7 @@ jobs:
 
       # Linting
       - name: Linting
-        uses: golangci/golangci-lint-action@d09fb0808ae08b4310fe3140992ba2475deac1c0
+        uses: golangci/golangci-lint-action@9f3ba2c3a8aadb9f3c42d252c4c227a6b0d98539
         with:
           version: latest
           args: --config=./.github/.golangci.yml ./...
@@ -48,7 +48,7 @@ jobs:
       matrix:
         go: [ '1.22', '1.21' ]
     steps:
-      - uses: step-security/harden-runner@29e9ae12297382bde04e940b27e0638029f9f3cd
+      - uses: step-security/harden-runner@f0db2aa8a570959027d6be2a227028ad19fd9e8f
         with:
           disable-sudo: true
           egress-policy: block
@@ -75,7 +75,7 @@ jobs:
     name: Analyze
     runs-on: ubuntu-latest
     steps:
-      - uses: step-security/harden-runner@29e9ae12297382bde04e940b27e0638029f9f3cd
+      - uses: step-security/harden-runner@f0db2aa8a570959027d6be2a227028ad19fd9e8f
         with:
           disable-sudo: true
           egress-policy: block
@@ -106,15 +106,15 @@ jobs:
 
       # Codecov
       - name: Codecov
-        uses: codecov/codecov-action@e1b169f2838f7e502ad9f222fbc6ed3e2594e003
+        uses: codecov/codecov-action@abe5d5a96bcb3214db4d8734f040e1d9a6f5a7bb
         env:
           CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
         with:
           file: .github/coverage.out
 
       # Sonar
       - name: SonarCloud Scan
-        uses: SonarSource/sonarcloud-github-action@b7cc8bf2004f4a9ef190137d8831630e9ae5d2e7
+        uses: SonarSource/sonarcloud-github-action@f5003fc9688ade81ce47b57a3fa97a8d3f12de4c
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -23,7 +23,7 @@ jobs:
       fail-fast: false
 
     steps:
-      - uses: step-security/harden-runner@29e9ae12297382bde04e940b27e0638029f9f3cd
+      - uses: step-security/harden-runner@f0db2aa8a570959027d6be2a227028ad19fd9e8f
         with:
           disable-sudo: true
           egress-policy: block
@@ -35,12 +35,12 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@c2585eca08d6e40bf455acae5248e197cdd25de1
+        uses: github/codeql-action/init@aa96d09e166ab0ac8dc304d5ca5e5a7296ed6dd6
         with:
           languages: go
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@c2585eca08d6e40bf455acae5248e197cdd25de1
+        uses: github/codeql-action/autobuild@aa96d09e166ab0ac8dc304d5ca5e5a7296ed6dd6
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@c2585eca08d6e40bf455acae5248e197cdd25de1
+        uses: github/codeql-action/analyze@aa96d09e166ab0ac8dc304d5ca5e5a7296ed6dd6
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -22,7 +22,7 @@ jobs:
       id-token: write
 
     steps:
-      - uses: step-security/harden-runner@29e9ae12297382bde04e940b27e0638029f9f3cd
+      - uses: step-security/harden-runner@f0db2aa8a570959027d6be2a227028ad19fd9e8f
         with:
           disable-sudo: true
           egress-policy: block
@@ -43,7 +43,7 @@ jobs:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@873d5fdf63bc863d140f57ed481e6a297324030b
+        uses: ossf/scorecard-action@c09630c42e97d04c7cd8f69735ddf0ec53f0e189
         with:
           results_file: results.sarif
           results_format: sarif
@@ -69,6 +69,6 @@ jobs:
 
       # required for Code scanning alerts
       - name: "Upload SARIF results to code scanning"
-        uses: github/codeql-action/upload-sarif@c2585eca08d6e40bf455acae5248e197cdd25de1
+        uses: github/codeql-action/upload-sarif@aa96d09e166ab0ac8dc304d5ca5e5a7296ed6dd6
         with:
           sarif_file: results.sarif