bytemare · renovate · Oct 6, 2024 · Oct 5, 2024
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -24,7 +24,7 @@ jobs:
             raw.githubusercontent.com:443
 
       - name: Checkout repo
-        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
+        uses: actions/checkout@6b42224f41ee5dfe5395e27c8b2746f1f9955030
         with:
           fetch-depth: 0
       - name: Setup Go
@@ -34,7 +34,7 @@ jobs:
 
       # Linting
       - name: Linting
-        uses: golangci/golangci-lint-action@ebae5cee81ffe470becee7802f187bbbcd08e8c4
+        uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8
         with:
           version: latest
           args: --config=./.github/.golangci.yml ./...
@@ -59,7 +59,7 @@ jobs:
             sum.golang.org:443
 
       - name: Checkout repo
-        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
+        uses: actions/checkout@6b42224f41ee5dfe5395e27c8b2746f1f9955030
         with:
           fetch-depth: 0
       - name: Setup Go
@@ -92,7 +92,7 @@ jobs:
             storage.googleapis.com:443
 
       - name: Checkout repo
-        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
+        uses: actions/checkout@6b42224f41ee5dfe5395e27c8b2746f1f9955030
         with:
           fetch-depth: 0
       - name: Setup Go
@@ -106,15 +106,15 @@ jobs:
 
       # Codecov
       - name: Codecov
-        uses: codecov/codecov-action@543c3d42fc76502218ecdadc04e65dbd2640a67a
+        uses: codecov/codecov-action@68708a9f7a6b6b5fe33673f782f93725c5eff3c6
         env:
           CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
         with:
           file: .github/coverage.out
 
       # Sonar
       - name: SonarCloud Scan
-        uses: SonarSource/sonarcloud-github-action@eb211723266fe8e83102bac7361f0a05c3ac1d1b
+        uses: SonarSource/sonarcloud-github-action@383f7e52eae3ab0510c3cb0e7d9d150bbaeab838
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -31,16 +31,16 @@ jobs:
             api.github.com:443 github.com:443 objects.githubusercontent.com:443 proxy.golang.org:443 storage.googleapis.com:443 sum.golang.org:443 uploads.github.com:443
 
       - name: Checkout repository
-        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
+        uses: actions/checkout@6b42224f41ee5dfe5395e27c8b2746f1f9955030
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@2617ff2d3f2bf8dd95abadcd289352a4023a4758
+        uses: github/codeql-action/init@7cf65a5b2e089b7207c678633bc4a42884847231
         with:
           languages: go
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@2617ff2d3f2bf8dd95abadcd289352a4023a4758
+        uses: github/codeql-action/autobuild@7cf65a5b2e089b7207c678633bc4a42884847231
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@2617ff2d3f2bf8dd95abadcd289352a4023a4758
+        uses: github/codeql-action/analyze@7cf65a5b2e089b7207c678633bc4a42884847231
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -38,7 +38,7 @@ jobs:
             www.bestpractices.dev:443
 
       - name: "Checkout code"
-        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
+        uses: actions/checkout@6b42224f41ee5dfe5395e27c8b2746f1f9955030
         with:
           persist-credentials: false
 
@@ -69,6 +69,6 @@ jobs:
 
       # required for Code scanning alerts
       - name: "Upload SARIF results to code scanning"
-        uses: github/codeql-action/upload-sarif@2617ff2d3f2bf8dd95abadcd289352a4023a4758
+        uses: github/codeql-action/upload-sarif@7cf65a5b2e089b7207c678633bc4a42884847231
         with:
           sarif_file: results.sarif