From 8b92f2cc5939db05c4d477da8691dbe48aec61e8 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 6 Sep 2024 13:40:52 +0000 Subject: [PATCH] chore(deps): update ci dependencies --- .github/workflows/ci.yml | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ac1285a84..6db6477a2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -43,17 +43,17 @@ jobs: components: rustfmt, clippy - name: 🧰 Install clippy-sarif - uses: taiki-e/install-action@4a27a04f8a48ceb6b30a8541bae8994ce2ea4dd7 # v2 + uses: taiki-e/install-action@e51c197f827397b418bdb8fe5aa6a3f5af5641d0 # v2 with: tool: clippy-sarif - name: 🧰 Install sarif-fmt - uses: taiki-e/install-action@4a27a04f8a48ceb6b30a8541bae8994ce2ea4dd7 # v2 + uses: taiki-e/install-action@e51c197f827397b418bdb8fe5aa6a3f5af5641d0 # v2 with: tool: sarif-fmt - name: 🧰 Install cargo-deny - uses: taiki-e/install-action@4a27a04f8a48ceb6b30a8541bae8994ce2ea4dd7 # v2 + uses: taiki-e/install-action@e51c197f827397b418bdb8fe5aa6a3f5af5641d0 # v2 with: tool: cargo-deny @@ -73,7 +73,7 @@ jobs: - name: 📤 Upload analysis results to GitHub if: always() - uses: github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3 + uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3 continue-on-error: true with: sarif_file: clippy-results.sarif @@ -211,7 +211,7 @@ jobs: - name: 🧰 Install nextest if: startsWith(matrix.target, 'x86_64-') || contains(matrix.target, '-linux-') - uses: taiki-e/install-action@4a27a04f8a48ceb6b30a8541bae8994ce2ea4dd7 # v2 + uses: taiki-e/install-action@e51c197f827397b418bdb8fe5aa6a3f5af5641d0 # v2 env: CARGO_BUILD_TARGET: ${{ matrix.host-target }} with: @@ -219,7 +219,7 @@ jobs: - name: 🧰 Install cargo-deb if: endsWith(matrix.target, '-linux-gnu') - uses: taiki-e/install-action@4a27a04f8a48ceb6b30a8541bae8994ce2ea4dd7 # v2 + uses: taiki-e/install-action@e51c197f827397b418bdb8fe5aa6a3f5af5641d0 # v2 env: CARGO_BUILD_TARGET: ${{ matrix.host-target }} with: @@ -254,7 +254,7 @@ jobs: - name: 📤 Upload CLI binary if: ${{ !contains(matrix.target, '-linux-') || endsWith(matrix.target, '-linux-musl') }} - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4 with: name: PackSquash CLI executable (${{ matrix.target }}) path: | @@ -263,13 +263,13 @@ jobs: - name: 📤 Upload CLI Debian package if: endsWith(matrix.target, '-linux-gnu') - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4 with: name: PackSquash CLI Debian package (${{ matrix.apt-arch }}) path: target/${{ env.CARGO_BUILD_TARGET }}/debian/packsquash_*.deb - name: ✒️ Generate SLSA attestation subject data for binaries - uses: actions/attest-build-provenance@6149ea5740be74af77f260b9db67e633f6b0a9a1 # v1 + uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1 with: subject-path: | target/${{ env.CARGO_BUILD_TARGET }}/release/packsquash @@ -305,13 +305,13 @@ jobs: run: lipo -create -output packsquash packsquash-x64/packsquash packsquash-aarch64/packsquash - name: 📤 Upload universal CLI binary - uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4 with: name: PackSquash CLI executable (universal-apple-darwin) path: packsquash - name: ✒️ Generate SLSA attestation subject data for binary - uses: actions/attest-build-provenance@6149ea5740be74af77f260b9db67e633f6b0a9a1 # v1 + uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1 with: subject-path: packsquash @@ -407,7 +407,7 @@ jobs: runs-on: ubuntu-latest - container: debian:bullseye-slim@sha256:9058862a1be84689bd13292549ba981364f85ff99e50a612f94b188ac69db137 + container: debian:bullseye-slim@sha256:00558f781b91e90469812bad32002f311ab26ef241b4a1996f6600680ec82f5c # Benchmark failure is not critical enough to fail the whole workflow. # We will keep an eye on them anyway, though