SEC-090: Automated trusted workflow pinning (2024-11-04) #5226

hashicorp-tsccr · 2024-11-04T18:44:06Z

Bumping GitHub Actions version to latest TSCCR release.

changes in .github/workflows/actionlint.yml
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
changes in .github/workflows/backport.yml
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
changes in .github/workflows/build.yml
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/setup-go from v5.0.2 to v5.1.0 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/upload-artifact from v4.4.0 to v4.4.3 (release notes)
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/setup-go from v5.0.2 to v5.1.0 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/setup-go from v5.0.2 to v5.1.0 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
- bump actions/upload-artifact from v4.4.0 to v4.4.3 (release notes)
- bump actions/upload-artifact from v4.4.0 to v4.4.3 (release notes)
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/setup-go from v5.0.2 to v5.1.0 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
changes in .github/workflows/enos-fmt.yml
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
changes in .github/workflows/enos-run.yml
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/setup-go from v5.0.2 to v5.1.0 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/setup-go from v5.0.2 to v5.1.0 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
- bump crazy-max/ghaction-import-gpg from v6.1.0 to v6.2.0 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
- bump actions/setup-node from v4.0.4 to v4.1.0 (release notes)
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/upload-artifact from v4.4.0 to v4.4.3 (release notes)
- bump actions/upload-artifact from v4.4.0 to v4.4.3 (release notes)
- bump actions/upload-artifact from v4.4.0 to v4.4.3 (release notes)
changes in .github/workflows/fuzz.yml
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/setup-go from v5.0.2 to v5.1.0 (release notes)
- bump actions/upload-artifact from v4.4.0 to v4.4.3 (release notes)
changes in .github/workflows/linting.yml
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/setup-go from v5.0.2 to v5.1.0 (release notes)
changes in .github/workflows/make-gen-delta.yml
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/setup-go from v5.0.2 to v5.1.0 (release notes)
changes in .github/workflows/schema-diff.yml
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
changes in .github/workflows/security-scan.yml
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/setup-go from v5.0.2 to v5.1.0 (release notes)
- bump actions/setup-python from v5.2.0 to v5.3.0 (release notes)
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump github/codeql-action/upload-sarif from codeql-bundle-v2.19.0 to codeql-bundle-v2.19.2 (release notes)
changes in .github/workflows/test-ci-bootstrap-oss.yml
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
changes in .github/workflows/test-ci-cleanup-oss.yml
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
changes in .github/workflows/test-cli-ui_oss.yml
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump crazy-max/ghaction-import-gpg from v6.1.0 to v6.2.0 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
- bump actions/setup-node from v4.0.4 to v4.1.0 (release notes)
changes in .github/workflows/test-race.yml
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/setup-go from v5.0.2 to v5.1.0 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/setup-go from v5.0.2 to v5.1.0 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/setup-go from v5.0.2 to v5.1.0 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
changes in .github/workflows/test-sql.yml
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
changes in .github/workflows/test.yml
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/setup-go from v5.0.2 to v5.1.0 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/setup-go from v5.0.2 to v5.1.0 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)
- bump actions/setup-go from v5.0.2 to v5.1.0 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
- bump actions/cache from v4.0.2 to v4.1.2 (release notes)
changes in .github/workflows/trigger-merge-to-downstream.yml
- bump actions/checkout from v4.1.7 to v4.2.2 (release notes)

This PR was auto-generated by security-tsccr/actions/runs/11625103651

You can alter the configuration of this automation via the hcl config in security-tsccr/automation

This PR can be regenerated by dispatching the GitHub workflow Pin Action Refs. Please reach out to #team-prodsec if you have any questions.

github-actions · 2024-11-04T18:47:41Z

Database schema diff between main and tsccr-auto-pinning/trusted/2024-11-04 @ ad528e6

To understand how these diffs are generated and some limitations see the
documentation of the script.

Functions

Unchanged

Tables

Unchanged

Views

Unchanged

Triggers

Unchanged

Indexes

Unchanged

Constraints

Unchanged

Foreign Key Constraints

Unchanged

Result of tsccr-helper -log-level=info gha update -latest .github/

ad528e6

hashicorp-tsccr bot requested a review from a team as a code owner November 4, 2024 18:44

hashicorp-tsccr bot added the SEC-090/Pinning/Trusted Automated TSCCR pinning PR to trusted SHAs. label Nov 4, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

SEC-090: Automated trusted workflow pinning (2024-11-04) #5226

SEC-090: Automated trusted workflow pinning (2024-11-04) #5226

hashicorp-tsccr bot commented Nov 4, 2024

github-actions bot commented Nov 4, 2024

SEC-090: Automated trusted workflow pinning (2024-11-04) #5226

Are you sure you want to change the base?

SEC-090: Automated trusted workflow pinning (2024-11-04) #5226

Conversation

hashicorp-tsccr bot commented Nov 4, 2024

github-actions bot commented Nov 4, 2024

Functions

Tables

Views

Triggers

Indexes

Constraints

Foreign Key Constraints