From d4dddbc00f45b26bc575d624dd1e3d267a5f1276 Mon Sep 17 00:00:00 2001
From: Saar Sever <saar.sever@orca.security>
Date: Mon, 10 Jun 2024 14:50:35 +0300
Subject: [PATCH] CICD-3007: upgrade actions to node 20

---
 .github/workflows/test-fs-action-sarif.yaml | 20 +++++++-------------
 .github/workflows/test-fs-action.yaml       | 19 +++++++------------
 README.md                                   |  6 +++---
 3 files changed, 17 insertions(+), 28 deletions(-)

diff --git a/.github/workflows/test-fs-action-sarif.yaml b/.github/workflows/test-fs-action-sarif.yaml
index ac4ce68..385c13f 100644
--- a/.github/workflows/test-fs-action-sarif.yaml
+++ b/.github/workflows/test-fs-action-sarif.yaml
@@ -9,25 +9,19 @@ jobs:
     permissions:
       security-events: write
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # ratchet:actions/checkout@v4
       - name: Scan FS
         id: orcasecurity_fs_scan
         uses: ./
         with:
-          api_token:
-            ${{ secrets.ORCA_SECURITY_API_TOKEN }}
-          project_key:
-            "default"
-          path:
-            "test"
-          format:
-            "sarif"
-          output:
-            "results/"
+          api_token: ${{ secrets.ORCA_SECURITY_API_TOKEN }}
+          project_key: "default"
+          path: "test"
+          format: "sarif"
+          output: "results/"
           console_output: "table"
-
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # ratchet:github/codeql-action/upload-sarif@v3
         if: ${{ always() && steps.orcasecurity_fs_scan.outputs.exit_code != 1 }}
         with:
           sarif_file: results/file_system.sarif
\ No newline at end of file
diff --git a/.github/workflows/test-fs-action.yaml b/.github/workflows/test-fs-action.yaml
index 513ee3a..b76fc87 100644
--- a/.github/workflows/test-fs-action.yaml
+++ b/.github/workflows/test-fs-action.yaml
@@ -7,22 +7,17 @@ jobs:
   fs_scan_job:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # ratchet:actions/checkout@v4
       - name: Scan FS
         uses: ./
         with:
-          api_token:
-            ${{ secrets.ORCA_SECURITY_API_TOKEN }}
-          project_key:
-            "default"
-          path:
-            "test"
-          format:
-            "json"
-          output:
-            "results/"
+          api_token: ${{ secrets.ORCA_SECURITY_API_TOKEN }}
+          project_key: "default"
+          path: "test"
+          format: "json"
+          output: "results/"
           console_output: "table"
-      - uses: actions/upload-artifact@v3
+      - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # ratchet:actions/upload-artifact@v4
         if: always()
         with:
           name: orca-results
diff --git a/README.md b/README.md
index 466673e..ad39cfc 100644
--- a/README.md
+++ b/README.md
@@ -45,7 +45,7 @@ jobs:
     steps:
       # Checkout your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Checkout Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Run Orca FS Scan
         uses: orcasecurity/shiftleft-fs-action@v1
@@ -118,7 +118,7 @@ jobs:
       PROJECT_KEY: <project key> # Set the desired project to run the cli scanning with
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       - name: Run Orca FS Scan
         id: orcasecurity_fs_scan
@@ -131,7 +131,7 @@ jobs:
           output:
             "results/"
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         if: ${{ always() && steps.orcasecurity_fs_scan.outputs.exit_code != 1 }}
         with:
           sarif_file: results/file_system.sarif