From c35abce847e99845a92142d6f3b8734922de2cbd Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 10 Jun 2024 16:30:01 +0000 Subject: [PATCH] chore(deps): update github-actions --- .github/workflows/auto-update-contributors.yml | 2 +- .github/workflows/cache-trunk.yml | 2 +- .github/workflows/changie-trigger-release.yml | 2 +- .github/workflows/conventional-pr.yml | 2 +- .github/workflows/lint-post-annotations.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/scan.yml | 8 ++++---- 7 files changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/auto-update-contributors.yml b/.github/workflows/auto-update-contributors.yml index 2fc52c18..61684017 100644 --- a/.github/workflows/auto-update-contributors.yml +++ b/.github/workflows/auto-update-contributors.yml @@ -18,7 +18,7 @@ jobs: timeout-minutes: 5 steps: - name: Contribute List - uses: akhilmhdh/contributors-readme-action@098389139f2fabed92e52606268941dbff381edb # renovate: tag=v2.3.6 + uses: akhilmhdh/contributors-readme-action@1ff4c56187458b34cd602aee93e897344ce34bfc # v2.3.10 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} use_username: true diff --git a/.github/workflows/cache-trunk.yml b/.github/workflows/cache-trunk.yml index 589fc0ff..9193e171 100644 --- a/.github/workflows/cache-trunk.yml +++ b/.github/workflows/cache-trunk.yml @@ -22,6 +22,6 @@ jobs: - name: Checkout uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Trunk Check - uses: trunk-io/trunk-action@65228585e2c6128315f0f2d5190e2eae7f5c32c6 # v1 + uses: trunk-io/trunk-action@f6c5f1b90503c30e02059667dbc247f2257b63c5 # v1 with: check-mode: populate_cache_only diff --git a/.github/workflows/changie-trigger-release.yml b/.github/workflows/changie-trigger-release.yml index eb12fed0..b4ebce13 100644 --- a/.github/workflows/changie-trigger-release.yml +++ b/.github/workflows/changie-trigger-release.yml @@ -17,7 +17,7 @@ jobs: name: dependency-release steps: - name: checkout-repo - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4 with: fetch-depth: 0 # Ensures a full checkout - name: configure-default-git-committer diff --git a/.github/workflows/conventional-pr.yml b/.github/workflows/conventional-pr.yml index d5ddcda5..387be3f2 100644 --- a/.github/workflows/conventional-pr.yml +++ b/.github/workflows/conventional-pr.yml @@ -19,7 +19,7 @@ jobs: permissions: pull-requests: read steps: - - uses: amannn/action-semantic-pull-request@e9fabac35e210fea40ca5b14c0da95a099eff26f # v5 + - uses: amannn/action-semantic-pull-request@e32d7e603df1aa1ba07e981f2a23455dee596825 # v5 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/lint-post-annotations.yml b/.github/workflows/lint-post-annotations.yml index 7a2ce6fa..cd57b1f8 100644 --- a/.github/workflows/lint-post-annotations.yml +++ b/.github/workflows/lint-post-annotations.yml @@ -17,6 +17,6 @@ jobs: uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3 - name: Trunk Check - uses: trunk-io/trunk-action@718b71fb3e4d83f6734f0c372d92ee7d4c9976d7 # v1.1.11 + uses: trunk-io/trunk-action@f6c5f1b90503c30e02059667dbc247f2257b63c5 # v1.1.15 with: post-annotations: true # only for fork PRs diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 69346dab..9fe6f35e 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -41,6 +41,6 @@ jobs: AQUA_LOG_LEVEL: debug AQUA_OPTS: '' - name: trunk-check - uses: trunk-io/trunk-action@718b71fb3e4d83f6734f0c372d92ee7d4c9976d7 # v1.1.11 + uses: trunk-io/trunk-action@f6c5f1b90503c30e02059667dbc247f2257b63c5 # v1.1.15 with: arguments: --github-annotate-new-only=true diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml index b7d57f3c..53311111 100644 --- a/.github/workflows/scan.yml +++ b/.github/workflows/scan.yml @@ -53,7 +53,7 @@ jobs: # This should be informational, and not block as it's experimental and no exclusion logic at this time that I've found. # https://go.dev/security/vuln/#feedback - name: govuln-scan - uses: elgohr/go-vulncheck-action@7221c716360fe4f53422dc89fb726d138cd0a27b # renovate tag=v1 + uses: elgohr/go-vulncheck-action@d21be08de59b71b7d37a2e471188b07c5182b4b0 # renovate tag=v1 continue-on-error: true # - name: mage-vulcheck # run: | @@ -76,7 +76,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@c2dc67199a2e650d535d7de586a07597aea4d9c7 # v2 + uses: github/codeql-action/init@6ac9fc7e8e290bda8fac86290b68e176def71959 # v2 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -89,7 +89,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@c2dc67199a2e650d535d7de586a07597aea4d9c7 # v2 + uses: github/codeql-action/autobuild@6ac9fc7e8e290bda8fac86290b68e176def71959 # v2 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -101,6 +101,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@c2dc67199a2e650d535d7de586a07597aea4d9c7 # v2 + uses: github/codeql-action/analyze@6ac9fc7e8e290bda8fac86290b68e176def71959 # v2 with: category: '/language:${{matrix.language}}'