diff --git a/.github/actions/setup-go/action.yaml b/.github/actions/setup-go/action.yaml index db5dc1b0..5a904ed9 100644 --- a/.github/actions/setup-go/action.yaml +++ b/.github/actions/setup-go/action.yaml @@ -4,7 +4,7 @@ runs: using: "composite" steps: - name: Install go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version: "1.22" go-version-file: "go.mod" @@ -16,14 +16,14 @@ runs: echo "go-build=$(go env GOCACHE)" >> $GITHUB_OUTPUT echo "go-mod=$(go env GOMODCACHE)" >> $GITHUB_OUTPUT - name: Go Mod Cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 with: path: ${{ steps.go-cache-paths.outputs.go-mod }} key: ${{ runner.os }}-go-mod-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ runner.os }}-go-mod- - name: Go Build Cache - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 with: path: ${{ steps.go-cache-paths.outputs.go-build }} key: ${{ runner.os }}-go-build-${{ hashFiles('**/go.sum') }} diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index b432cd1e..00dfff12 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -37,7 +37,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3 - name: Generate metadata cspo id: metacspo @@ -73,7 +73,7 @@ jobs: # Load Golang cache build from GitHub - name: Load cspo Golang cache build from GitHub - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 id: cache with: path: /tmp/.cache/cspo @@ -145,7 +145,7 @@ jobs: # Upload artifact digests - name: Upload artifact digests - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: image-digest path: image-digest diff --git a/.github/workflows/pr-verify.yaml b/.github/workflows/pr-verify.yaml index 2fa74020..b11075d6 100644 --- a/.github/workflows/pr-verify.yaml +++ b/.github/workflows/pr-verify.yaml @@ -42,7 +42,7 @@ jobs: done - name: Generate Token - uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1 + uses: actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1 id: generate-token with: app-id: ${{ secrets.SCS_APP_ID }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index a88fe700..76e0471e 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -25,7 +25,7 @@ jobs: - name: Set up QEMU uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3 - name: Generate metadata cspo id: metacspo @@ -105,7 +105,7 @@ jobs: # Upload artifact digests - name: Upload artifact digests - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: image-digest cspo path: image-digest diff --git a/.github/workflows/report-bin-size.yaml b/.github/workflows/report-bin-size.yaml index 7baffb98..c4eee774 100644 --- a/.github/workflows/report-bin-size.yaml +++ b/.github/workflows/report-bin-size.yaml @@ -16,7 +16,7 @@ jobs: run: git config --global --add safe.directory "$GITHUB_WORKSPACE" - name: Install go - uses: actions/setup-go@41dfa10bad2bb2ae585af6ee5bb4d7d973ad74ed # v5.1.0 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version-file: "go.mod" cache: true @@ -26,7 +26,7 @@ jobs: run: make manager-core report-binsize-treemap-all - name: Upload Report - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: reports-${{ github.sha }} path: .reports diff --git a/.github/workflows/schedule-cache-cleaner-cspo-image.yaml b/.github/workflows/schedule-cache-cleaner-cspo-image.yaml index 9137ce32..04798cd4 100644 --- a/.github/workflows/schedule-cache-cleaner-cspo-image.yaml +++ b/.github/workflows/schedule-cache-cleaner-cspo-image.yaml @@ -15,7 +15,7 @@ jobs: steps: # Load Golang cache build from GitHub - name: Load cspo Golang cache build from GitHub - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 id: cache with: path: /tmp/.cache/cspo diff --git a/.github/workflows/schedule-update-bot.yaml b/.github/workflows/schedule-update-bot.yaml index e8422271..f48df14c 100644 --- a/.github/workflows/schedule-update-bot.yaml +++ b/.github/workflows/schedule-update-bot.yaml @@ -35,10 +35,10 @@ jobs: # qemu is not required as of now because we don't build images for arm64 # use docker/setup-qemu-action@v3 if you want to have arm64 images. - name: Set up Docker Buildx # required for building image - uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3 + uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3 - name: Generate Token - uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1 + uses: actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1 id: generate-token with: app-id: ${{ secrets.SCS_APP_ID }}