diff --git a/.github/workflows/bump-release-monorepo.yml b/.github/workflows/bump-release-monorepo.yml index 6264316..8be0ab8 100644 --- a/.github/workflows/bump-release-monorepo.yml +++ b/.github/workflows/bump-release-monorepo.yml @@ -103,7 +103,7 @@ jobs: fetch-depth: 0 - name: Setup Go - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 with: go-version: stable check-latest: true @@ -259,7 +259,7 @@ jobs: ref: ${{ github.ref }} - name: Setup Go - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 with: go-version: stable check-latest: true diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 20be2fb..6cb0879 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -26,9 +26,9 @@ jobs: - # Initializes the CodeQL tools for scanning. name: Initialize CodeQL - uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 + uses: github/codeql-action/init@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10 with: languages: ${{ matrix.language }} - name: Analyze ${{ matrix.language }} - uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 + uses: github/codeql-action/analyze@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10 diff --git a/.github/workflows/fuzz-test.yml b/.github/workflows/fuzz-test.yml index 454956c..6c0a877 100644 --- a/.github/workflows/fuzz-test.yml +++ b/.github/workflows/fuzz-test.yml @@ -26,7 +26,7 @@ jobs: - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 with: go-version: stable check-latest: true @@ -63,7 +63,7 @@ jobs: - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 with: go-version: stable check-latest: true diff --git a/.github/workflows/go-test-monorepo.yml b/.github/workflows/go-test-monorepo.yml index 3ebe490..bdddb90 100644 --- a/.github/workflows/go-test-monorepo.yml +++ b/.github/workflows/go-test-monorepo.yml @@ -26,7 +26,7 @@ jobs: with: fetch-depth: 0 - - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 with: go-version: stable check-latest: true @@ -82,7 +82,7 @@ jobs: - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 id: go-setup with: go-version: '${{ matrix.go }}' diff --git a/.github/workflows/go-test.yml b/.github/workflows/go-test.yml index 9bf28d9..f5fc9ed 100644 --- a/.github/workflows/go-test.yml +++ b/.github/workflows/go-test.yml @@ -19,7 +19,7 @@ jobs: - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 with: go-version: stable check-latest: true @@ -46,7 +46,7 @@ jobs: - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 - - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 with: go-version: '${{ matrix.go }}' check-latest: true diff --git a/.github/workflows/prepare-release-monorepo.yml b/.github/workflows/prepare-release-monorepo.yml index e780dfb..0e3903f 100644 --- a/.github/workflows/prepare-release-monorepo.yml +++ b/.github/workflows/prepare-release-monorepo.yml @@ -102,7 +102,7 @@ jobs: fetch-depth: 0 - name: Setup Go - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 with: go-version: stable check-latest: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2d57990..b6f7ee1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -55,7 +55,7 @@ jobs: ref: ${{ inputs.tag }} fetch-tags: true - - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 with: go-version: stable check-latest: true @@ -90,7 +90,7 @@ jobs: - name: Install git-cliff [monorepo] if: ${{ inputs.is-monorepo == 'true' }} - uses: taiki-e/install-action@3522286d40783523f9c7880e33f785905b4c20d0 # v2.66.1 + uses: taiki-e/install-action@03ef6f57d573ca4522fb02950f326083373b85bf # v2.66.2 with: tool: git-cliff - diff --git a/.github/workflows/scanner.yml b/.github/workflows/scanner.yml index 6f88415..ba0839b 100644 --- a/.github/workflows/scanner.yml +++ b/.github/workflows/scanner.yml @@ -31,7 +31,7 @@ jobs: with: persist-credentials: false - - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0 + uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0 with: go-version: stable check-latest: true @@ -49,7 +49,7 @@ jobs: exit-code: 0 - name: Upload trivy findings to code scanning dashboard - uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 + uses: github/codeql-action/upload-sarif@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10 with: category: trivy sarif_file: trivy-code-report.sarif @@ -69,7 +69,7 @@ jobs: output-file: govulnscan-report.sarif - name: Upload govulnscan findings to code scanning dashboard - uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v4.31.9 + uses: github/codeql-action/upload-sarif@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10 with: category: govulnscan sarif_file: govulnscan-report.sarif