diff --git a/.github/workflows/checks-codecov.yaml b/.github/workflows/checks-codecov.yaml index 4565a279d..a2bb5620d 100644 --- a/.github/workflows/checks-codecov.yaml +++ b/.github/workflows/checks-codecov.yaml @@ -86,7 +86,7 @@ jobs: run: make test - name: Upload test coverage artifacts - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: coverage-test path: | @@ -156,7 +156,7 @@ jobs: run: E2E_INSTRUMENTATION=true make acceptance - name: Upload acceptance coverage artifact - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: coverage-acceptance path: ./coverage-acceptance.out @@ -180,19 +180,19 @@ jobs: fetch-depth: 0 - name: Download test coverage artifacts - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: coverage-test path: ./coverage - name: Download acceptance coverage artifact - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: coverage-acceptance path: ./coverage - name: Upload unit test coverage report - uses: codecov/codecov-action@75cd11691c0faa626561e295848008c8a7dddffe # v5.5.4 + uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} with: @@ -201,7 +201,7 @@ jobs: flags: unit - name: Upload generative test coverage report - uses: codecov/codecov-action@75cd11691c0faa626561e295848008c8a7dddffe # v5.5.4 + uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} with: @@ -210,7 +210,7 @@ jobs: flags: generative - name: Upload integration test coverage report - uses: codecov/codecov-action@75cd11691c0faa626561e295848008c8a7dddffe # v5.5.4 + uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} with: @@ -219,7 +219,7 @@ jobs: flags: integration - name: Upload acceptance test coverage report - uses: codecov/codecov-action@75cd11691c0faa626561e295848008c8a7dddffe # v5.5.4 + uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} with: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index a11c260ac..8634947cd 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -110,7 +110,7 @@ jobs: run: make dist - name: Set up QEMU - uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0 + uses: docker/setup-qemu-action@ce360397dd3f832beb865e1373c09c0e9f86d70a # v4 - name: Registry login (quay.io/conforma) run: podman login -u ${{ secrets.BUNDLE_PUSH_USER_CONFORMA }} -p ${{ secrets.BUNDLE_PUSH_PASS_CONFORMA }} quay.io @@ -170,15 +170,15 @@ jobs: run: hack/stats.sh - name: Configure statistics pages - uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5.0.0 + uses: actions/configure-pages@45bfe0192ca1faeb007ade9deae92b16b8254a0d # v6 - name: Upload statistics - uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4.0.0 + uses: actions/upload-pages-artifact@fc324d3547104276b827a68afc52ff2a11cc49c9 # v5 with: path: stats - name: Deploy statistics - uses: actions/deploy-pages@d6db90164ac5ed86f2b6aed7e0febac5b3c0c03e # v4.0.5 + uses: actions/deploy-pages@cd2ce8fcbc39b97be8ca5fce6e763baed58fa128 # v5 - name: Delete snapshot release and tag id: add_tags @@ -202,7 +202,7 @@ jobs: git push -f --tags - name: Rolling release - uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2 + uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3 with: make_latest: true name: Rolling release @@ -212,7 +212,7 @@ jobs: files: dist/* - name: Versioned release - uses: softprops/action-gh-release@a06a81a03ee405af7f2048a818ed3f03bbf83c7b # v2 + uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3 with: make_latest: false name: ${{ steps.add_tags.outputs.tag_name }} diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 248da02f7..b073aca8e 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -67,7 +67,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable # uploads of run results in SARIF format to the repository Actions tab. - name: Upload artifact - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: SARIF file path: results.sarif diff --git a/.github/workflows/update-go-containerregistry.yaml b/.github/workflows/update-go-containerregistry.yaml index c4b72dd4c..54cf419c5 100644 --- a/.github/workflows/update-go-containerregistry.yaml +++ b/.github/workflows/update-go-containerregistry.yaml @@ -51,7 +51,7 @@ jobs: # https://github.com/golang/go/issues/45413 GOPRIVATE: github.com/conforma/go-containerregistry - - uses: actions/create-github-app-token@fee1f7d63c2ff003460e3d139729b119787bc349 # v2.2.2 + - uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1 id: generate-token with: app-id: ${{ vars.EC_AUTOMATION_APP_ID }}