Update github-actions

bytemare · Dec 2, 2024 · 8c84d87 · 8c84d87
1 parent 5037383
commit 8c84d87
Show file tree

Hide file tree

Showing 4 changed files with 24 additions and 24 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -12,25 +12,25 @@ jobs:
     name: Lint
     runs-on: ubuntu-latest
     steps:
-      - uses: step-security/harden-runner@6c3b1c91e8873ae0c705b0709f957c7a6a5eaf10
+      - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f
         with:
           disable-sudo: true
           egress-policy: block
           allowed-endpoints: >
             api.github.com:443 github.com:443 proxy.golang.org:443 objects.githubusercontent.com:443 raw.githubusercontent.com:443
 
       - name: Checkout repo
-        uses: actions/checkout@37b082107ba410260a3aaddf93122e04801ce631
+        uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb
         with:
           fetch-depth: 0
       - name: Setup Go
-        uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7
+        uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a
         with:
           go-version-file: ./go.mod
 
       # Linting
       - name: Linting
-        uses: golangci/golangci-lint-action@d6238b002a20823d52840fda27e2d4891c5952dc
+        uses: golangci/golangci-lint-action@9e66d46e22c9991dbf33ddab82b6b28b69052dec
         with:
           version: latest
           args: --config=./.github/.golangci.yml ./...
@@ -44,19 +44,19 @@ jobs:
       matrix:
         go: [ '1.22', '1.21' ]
     steps:
-      - uses: step-security/harden-runner@6c3b1c91e8873ae0c705b0709f957c7a6a5eaf10
+      - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f
         with:
           disable-sudo: true
           egress-policy: block
           allowed-endpoints: >
             github.com:443 proxy.golang.org:443 storage.googleapis.com:443 sum.golang.org:443
 
       - name: Checkout repo
-        uses: actions/checkout@37b082107ba410260a3aaddf93122e04801ce631
+        uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb
         with:
           fetch-depth: 0
       - name: Setup Go
-        uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7
+        uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a
         with:
           go-version: ${{ matrix.go }}
 
@@ -68,19 +68,19 @@ jobs:
     name: Analyze
     runs-on: ubuntu-latest
     steps:
-      - uses: step-security/harden-runner@6c3b1c91e8873ae0c705b0709f957c7a6a5eaf10
+      - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f
         with:
           disable-sudo: true
           egress-policy: block
           allowed-endpoints: >
             api.codecov.io:443 api.github.com:443 cli.codecov.io:443 ea6ne4j2sb.execute-api.eu-central-1.amazonaws.com:443 github.com:443 proxy.golang.org:443 objects.githubusercontent.com:443 scanner.sonarcloud.io:443 sonarcloud.io:443 storage.googleapis.com:443
 
       - name: Checkout repo
-        uses: actions/checkout@37b082107ba410260a3aaddf93122e04801ce631
+        uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb
         with:
           fetch-depth: 0
       - name: Setup Go
-        uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7
+        uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a
         with:
           go-version-file: ./go.mod
 
@@ -90,15 +90,15 @@ jobs:
 
       # Codecov
       - name: Codecov
-        uses: codecov/codecov-action@c852ea6812cbd15cfa9f9daeb08f30391c54eb91
+        uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a
         env:
           CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
         with:
           file: .github/coverage.out
 
       # Sonar
       - name: SonarCloud Scan
-        uses: SonarSource/sonarcloud-github-action@6bbd64e0cb2194e04addb429d669a9ee873eeeef
+        uses: SonarSource/sonarcloud-github-action@982992a35a56c6bebd7c76c65e5c3e4c18e634c8
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -26,7 +26,7 @@ jobs:
       fail-fast: false
 
     steps:
-      - uses: step-security/harden-runner@6c3b1c91e8873ae0c705b0709f957c7a6a5eaf10
+      - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f
         with:
           disable-sudo: true
           egress-policy: block
@@ -38,16 +38,16 @@ jobs:
             sum.golang.org:443
 
       - name: Checkout repository
-        uses: actions/checkout@37b082107ba410260a3aaddf93122e04801ce631
+        uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@dbf2b1706b768069fb1bb2dd2d8552be7a9e2a51
+        uses: github/codeql-action/init@af49565b852879ee08c297788e61c43f3b415aa4
         with:
           languages: go
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@dbf2b1706b768069fb1bb2dd2d8552be7a9e2a51
+        uses: github/codeql-action/autobuild@af49565b852879ee08c297788e61c43f3b415aa4
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@dbf2b1706b768069fb1bb2dd2d8552be7a9e2a51
+        uses: github/codeql-action/analyze@af49565b852879ee08c297788e61c43f3b415aa4
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -24,7 +24,7 @@ jobs:
       id-token: write
 
     steps:
-      - uses: step-security/harden-runner@6c3b1c91e8873ae0c705b0709f957c7a6a5eaf10
+      - uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f
         with:
           disable-sudo: true
           egress-policy: block
@@ -40,12 +40,12 @@ jobs:
             www.bestpractices.dev:443
 
       - name: "Checkout code"
-        uses: actions/checkout@37b082107ba410260a3aaddf93122e04801ce631
+        uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@665016c9c2c7c34fe934fb13ebf88bff794f9b1d
+        uses: ossf/scorecard-action@83a1bb1ff6a010f9ab75ad12160fe70252c99b71
         with:
           results_file: results.sarif
           results_format: sarif
@@ -60,14 +60,14 @@ jobs:
 
       # Upload the results as artifacts (optional).
       - name: "Upload artifact"
-        uses: actions/upload-artifact@79616d2ded92999fceefea2ca2e4bdf6101fa919
+        uses: actions/upload-artifact@184d73b71b93c222403b2e7f1ffebe4508014249
         with:
           name: SARIF file
           path: results.sarif
           retention-days: 5
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@dbf2b1706b768069fb1bb2dd2d8552be7a9e2a51
+        uses: github/codeql-action/upload-sarif@af49565b852879ee08c297788e61c43f3b415aa4
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml
@@ -14,9 +14,9 @@ jobs:
     name: Snyk
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089
+      - uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb
       - name: Run Snyk to check for vulnerabilities
-        uses: snyk/actions/golang@7968f3f72b7f36280e6380b7c151c6a8d5a61dd0
+        uses: snyk/actions/golang@cdb760004ba9ea4d525f2e043745dfe85bb9077e
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
         with: