From ee7092a78727f936e8d12f182b555edd1df3817b Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 22 Jul 2024 21:58:44 +0000 Subject: [PATCH] Update github-actions --- .github/workflows/ci.yml | 10 +++++----- .github/workflows/codeql.yml | 8 ++++---- .github/workflows/scorecards.yml | 6 +++--- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 26a6f16..964c30c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -12,7 +12,7 @@ jobs: name: Lint runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@29e9ae12297382bde04e940b27e0638029f9f3cd + - uses: step-security/harden-runner@d7cf128fba8343bb6666acf77451879c0530cac8 with: disable-sudo: true egress-policy: block @@ -34,7 +34,7 @@ jobs: # Linting - name: Linting - uses: golangci/golangci-lint-action@d09fb0808ae08b4310fe3140992ba2475deac1c0 + uses: golangci/golangci-lint-action@9f3ba2c3a8aadb9f3c42d252c4c227a6b0d98539 with: version: latest args: --config=./.github/.golangci.yml ./... @@ -48,7 +48,7 @@ jobs: matrix: go: [ '1.22', '1.21' ] steps: - - uses: step-security/harden-runner@29e9ae12297382bde04e940b27e0638029f9f3cd + - uses: step-security/harden-runner@d7cf128fba8343bb6666acf77451879c0530cac8 with: disable-sudo: true egress-policy: block @@ -75,7 +75,7 @@ jobs: name: Analyze runs-on: ubuntu-latest steps: - - uses: step-security/harden-runner@29e9ae12297382bde04e940b27e0638029f9f3cd + - uses: step-security/harden-runner@d7cf128fba8343bb6666acf77451879c0530cac8 with: disable-sudo: true egress-policy: block @@ -106,7 +106,7 @@ jobs: # Codecov - name: Codecov - uses: codecov/codecov-action@e1b169f2838f7e502ad9f222fbc6ed3e2594e003 + uses: codecov/codecov-action@abe5d5a96bcb3214db4d8734f040e1d9a6f5a7bb env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} with: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 703a615..b02335d 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -23,7 +23,7 @@ jobs: fail-fast: false steps: - - uses: step-security/harden-runner@29e9ae12297382bde04e940b27e0638029f9f3cd + - uses: step-security/harden-runner@d7cf128fba8343bb6666acf77451879c0530cac8 with: disable-sudo: true egress-policy: block @@ -35,12 +35,12 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@c2585eca08d6e40bf455acae5248e197cdd25de1 + uses: github/codeql-action/init@0e346f2c4a1b999b44f1ef93fe08bdb83dae63ab with: languages: go - name: Autobuild - uses: github/codeql-action/autobuild@c2585eca08d6e40bf455acae5248e197cdd25de1 + uses: github/codeql-action/autobuild@0e346f2c4a1b999b44f1ef93fe08bdb83dae63ab - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@c2585eca08d6e40bf455acae5248e197cdd25de1 + uses: github/codeql-action/analyze@0e346f2c4a1b999b44f1ef93fe08bdb83dae63ab diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 24dadbf..8eb9f0c 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -22,7 +22,7 @@ jobs: id-token: write steps: - - uses: step-security/harden-runner@29e9ae12297382bde04e940b27e0638029f9f3cd + - uses: step-security/harden-runner@d7cf128fba8343bb6666acf77451879c0530cac8 with: disable-sudo: true egress-policy: block @@ -43,7 +43,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@873d5fdf63bc863d140f57ed481e6a297324030b + uses: ossf/scorecard-action@cf8594c5485256008de4ec57c936bd4a1a381a0b with: results_file: results.sarif results_format: sarif @@ -69,6 +69,6 @@ jobs: # required for Code scanning alerts - name: "Upload SARIF results to code scanning" - uses: github/codeql-action/upload-sarif@c2585eca08d6e40bf455acae5248e197cdd25de1 + uses: github/codeql-action/upload-sarif@0e346f2c4a1b999b44f1ef93fe08bdb83dae63ab with: sarif_file: results.sarif