From 6df01e326a70da87416b89887c4a08bda28cc998 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 13 Oct 2023 14:07:08 +0000 Subject: [PATCH] chore(deps): pin dependencies --- .github/workflows/invalid-template.yaml | 2 +- .github/workflows/megalinter.yaml | 4 ++-- .github/workflows/pluto.yml | 2 +- .github/workflows/scan-containers.yaml | 8 ++++---- .github/workflows/support.yaml | 2 +- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/invalid-template.yaml b/.github/workflows/invalid-template.yaml index de2669835..54b5b3892 100644 --- a/.github/workflows/invalid-template.yaml +++ b/.github/workflows/invalid-template.yaml @@ -12,7 +12,7 @@ jobs: support: runs-on: ubuntu-22.04 steps: - - uses: dessant/support-requests@v3 + - uses: dessant/support-requests@b1303caf4438e66dea1130aa4c30189dc28e690d # v3 with: github-token: ${{ github.token }} support-label: "template-incomplete" diff --git a/.github/workflows/megalinter.yaml b/.github/workflows/megalinter.yaml index bd1629ee2..99bda7fe2 100644 --- a/.github/workflows/megalinter.yaml +++ b/.github/workflows/megalinter.yaml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 with: fetch-depth: 0 - name: MegaLinter @@ -37,7 +37,7 @@ jobs: SHELLCHECK_OPTS: "-e SC2086" - name: Archive production artifacts if: ${{ success() }} || ${{ failure() }} - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3 with: name: MegaLinter reports path: | diff --git a/.github/workflows/pluto.yml b/.github/workflows/pluto.yml index 00cbc4351..7c12f76bf 100644 --- a/.github/workflows/pluto.yml +++ b/.github/workflows/pluto.yml @@ -9,7 +9,7 @@ jobs: yaml: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Download Pluto uses: FairwindsOps/pluto/github-action@master diff --git a/.github/workflows/scan-containers.yaml b/.github/workflows/scan-containers.yaml index 297072f17..ac00942d6 100644 --- a/.github/workflows/scan-containers.yaml +++ b/.github/workflows/scan-containers.yaml @@ -14,7 +14,7 @@ jobs: name: Detect File Changes runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - uses: dorny/paths-filter@v2 id: filter with: @@ -36,7 +36,7 @@ jobs: file: ${{ fromJSON(needs.detect-file-changes.outputs.yaml_files) }} steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Install Jo run: | sudo apt-get install jo @@ -57,7 +57,7 @@ jobs: fail-fast: false steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Scan Container uses: aquasecurity/trivy-action@fbd16365eb88e12433951383f5e99bd901fc618f # 0.12.0 with: @@ -67,6 +67,6 @@ jobs: format: sarif output: trivy-results.sarif - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@v2 + uses: github/codeql-action/upload-sarif@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2 with: sarif_file: trivy-results.sarif diff --git a/.github/workflows/support.yaml b/.github/workflows/support.yaml index 5dad02534..988c503fa 100644 --- a/.github/workflows/support.yaml +++ b/.github/workflows/support.yaml @@ -12,7 +12,7 @@ jobs: support: runs-on: ubuntu-22.04 steps: - - uses: dessant/support-requests@v3 + - uses: dessant/support-requests@b1303caf4438e66dea1130aa4c30189dc28e690d # v3 with: github-token: ${{ secrets.GITHUB_TOKEN }} support-label: "support"