Merge pull request #132 from uselagoon/dependabot/github_actions/gith…

…ub-actions-f92fa42112 chore(deps): bump the github-actions group with 3 updates
uselagoon · Jul 1, 2024 · d4240d6 · d4240d6
2 parents 8f4429e + fc30c12
commit d4240d6
Show file tree

Hide file tree

Showing 7 changed files with 14 additions and 14 deletions.
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
@@ -11,7 +11,7 @@ jobs:
  packages: write
  runs-on: ubuntu-latest
  steps:
- - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
  with:
  ref: ${{ github.event.pull_request.head.sha }}
  - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
@@ -52,7 +52,7 @@ jobs:
  contents: read
  runs-on: ubuntu-latest
  steps:
- - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
  with:
  fetch-depth: 0
  - id: ccv

diff --git a/.github/workflows/coverage.yaml b/.github/workflows/coverage.yaml
@@ -10,7 +10,7 @@ jobs:
  contents: write
  runs-on: ubuntu-latest
  steps:
- - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
  - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
  with:
  go-version: stable

diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml
@@ -10,7 +10,7 @@ jobs:
  contents: read
  runs-on: ubuntu-latest
  steps:
- - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
  - uses: actions/dependency-review-action@72eb03d02c7872a771aacd928f3123ac62ad6d3a # v4.3.3
  with:
  config-file: .github/dependency-review-config.yaml
diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
@@ -10,7 +10,7 @@ jobs:
  contents: read
  runs-on: ubuntu-latest
  steps:
- - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
  - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
  with:
  go-version: stable
@@ -23,7 +23,7 @@ jobs:
  pull-requests: read
  runs-on: ubuntu-latest
  steps:
- - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
  with:
  fetch-depth: 0
  - uses: wagoid/commitlint-github-action@7f0a61df502599e1f1f50880aaa7ec1e2c0592f2 # v6.0.1
@@ -34,7 +34,7 @@ jobs:
  contents: read
  runs-on: ubuntu-latest
  steps:
- - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
  - uses: docker://rhysd/actionlint:1.7.0@sha256:601d6faeefa07683a4a79f756f430a1850b34d575d734b1d1324692202bf312e # v1.7.0
  with:
  args: -color
diff --git a/.github/workflows/ossf-analysis.yaml b/.github/workflows/ossf-analysis.yaml
@@ -14,7 +14,7 @@ jobs:
  # Needed for GitHub OIDC token if publish_results is true
  id-token: write
  steps:
- - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
  - name: Run analysis
  uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
  with:
@@ -26,6 +26,6 @@ jobs:
  # of the value entered here.
  publish_results: true
  - name: Upload SARIF results to code scanning
- uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8
+ uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
  with:
  sarif_file: results.sarif
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -13,7 +13,7 @@ jobs:
  outputs:
  new-tag: ${{ steps.ccv.outputs.new-tag }}
  steps:
- - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
  with:
  fetch-depth: 0
  - name: Bump tag if necessary
@@ -33,7 +33,7 @@ jobs:
  if: needs.release-tag.outputs.new-tag == 'true'
  runs-on: ubuntu-latest
  steps:
- - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
  with:
  fetch-depth: 0
  - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
@@ -71,11 +71,11 @@ jobs:
  env:
  ARTIFACTS: ${{steps.goreleaser.outputs.artifacts}}
  # attest archives
- - uses: actions/attest-build-provenance@49df96e17e918a15956db358890b08e61c704919 # v1.2.0
+ - uses: actions/attest-build-provenance@bdd51370e0416ac948727f861e03c2f05d32d78e # v1.3.2
  with:
  subject-path: "dist/*.tar.gz"
  # attest images
- - uses: actions/attest-build-provenance@49df96e17e918a15956db358890b08e61c704919 # v1.2.0
+ - uses: actions/attest-build-provenance@bdd51370e0416ac948727f861e03c2f05d32d78e # v1.3.2
  with:
  subject-digest: ${{steps.image_metadata.outputs.digest}}
  subject-name: ${{steps.image_metadata.outputs.name}}

diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
@@ -10,7 +10,7 @@ jobs:
  contents: read
  runs-on: ubuntu-latest
  steps:
- - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+ - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
  with:
  ref: ${{ github.event.pull_request.head.sha }}
  - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1