From 1331fe1f5ab5698132d43e6297d066bdca4bad03 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 5 Feb 2024 22:01:15 +0000 Subject: [PATCH] ci: update all non-major github actions --- .github/workflows/codeql-analysis.yml | 6 +++--- .github/workflows/linting.yaml | 2 +- .github/workflows/release.yaml | 4 ++-- .github/workflows/scorecards.yml | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 673a2ec0..08daa180 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -37,12 +37,12 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5 + uses: github/codeql-action/init@dc021d495cb77b369e4d9d04a501700fd83b8c51 # v2.24.0 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5 + uses: github/codeql-action/autobuild@dc021d495cb77b369e4d9d04a501700fd83b8c51 # v2.24.0 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5 + uses: github/codeql-action/analyze@dc021d495cb77b369e4d9d04a501700fd83b8c51 # v2.24.0 diff --git a/.github/workflows/linting.yaml b/.github/workflows/linting.yaml index 9fa99fb5..2a2e11ea 100644 --- a/.github/workflows/linting.yaml +++ b/.github/workflows/linting.yaml @@ -14,7 +14,7 @@ jobs: - name: Check out code into the Go module directory uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: golangci-lint - uses: reviewdog/action-golangci-lint@94d61e3205b61acf4ddabfeb13c5f8a13eb4167b # v2.5.0 + uses: reviewdog/action-golangci-lint@8e1117c7d327bbfb1eb7ec8dc2d895d13e6e17c3 # v2.6.0 with: go_version_file: "go.mod" level: warning diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index f591baf2..37e351f6 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -15,7 +15,7 @@ jobs: issues: write # needed for github-release-commenter pull-requests: write # needed for release-please and github-release-commenter steps: - - uses: GoogleCloudPlatform/release-please-action@8016a6649226f2ec88ed05441c11bb5410a22d29 # v3.7.10 + - uses: GoogleCloudPlatform/release-please-action@db8f2c60ee802b3748b512940dde88eabd7b7e01 # v3.7.13 id: release with: token: ${{ secrets.GITHUB_TOKEN }} @@ -54,7 +54,7 @@ jobs: if: ${{ steps.release.outputs.release_created }} - name: Comment on prs and issues - uses: apexskier/github-release-commenter@2c48bf8b39f414bc2f0c226e1f997e6207bb1942 # v1.3.2 + uses: apexskier/github-release-commenter@3bd413ad5e1d603bfe2282f9f06f2bdcec079327 # v1.3.6 with: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} comment-template: Included in release {release_link} 🎉 diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 175edd80..a25aff43 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -27,7 +27,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@99c53751e09b9529366343771cc321ec74e9bd3d # v2.0.6 + uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 with: results_file: results.sarif results_format: sarif @@ -43,6 +43,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5 + uses: github/codeql-action/upload-sarif@dc021d495cb77b369e4d9d04a501700fd83b8c51 # v2.24.0 with: sarif_file: results.sarif