diff --git a/.github/workflows/code.yml b/.github/workflows/code.yml index 38b406e2..e2fe4b43 100644 --- a/.github/workflows/code.yml +++ b/.github/workflows/code.yml @@ -29,7 +29,7 @@ jobs: run: go test -timeout 30s -v ./... - name: Linting - uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.0 + uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1 with: version: v1.61.0 @@ -40,16 +40,12 @@ jobs: - name: Checkout Repository uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - name: Setup Python - uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 - with: - python-version: "3.x" - - # v24.10.0 - name: Linting - run: | - pip install git+https://github.com/psf/black@1b2427a2b785cc4aac97c19bb4b9a0de063f9547 - find -name *.py | xargs black --check + uses: psf/black@1b2427a2b785cc4aac97c19bb4b9a0de063f9547 # v24.10.0 + with: + # This recursively scans the entire project. Note that `exclude` must be + # an empty string: "An empty value means no paths are excluded." + options: "--check --exclude=''" # Inherits workflow permissions. jsonnet: @@ -61,7 +57,7 @@ jobs: fetch-depth: 1 - name: Setup Go - uses: actions/setup-go@v2 + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 with: go-version: 1.22 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 6b6f0ccf..a00166ec 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@cf5b0a9041d3c1d336516f1944c96d96598193cc # v2.19.1 with: sarif_file: results.sarif