From de08c30393ee629f0988cb17e01edcfaad2a22b5 Mon Sep 17 00:00:00 2001
From: Bruno Pacheco <brunopacheco1@yahoo.com>
Date: Fri, 12 Jul 2024 10:01:22 +0200
Subject: [PATCH] chore(deps): replace commit ids by tags

---
 .github/workflows/main.yml             |  8 ++++----
 .github/workflows/release.yml          |  8 ++++----
 .github/workflows/weekly_vuln_scan.yml | 11 ++++++++---
 src/ckanext-gdi-userportal             |  2 +-
 4 files changed, 17 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
index 7ab25d7c8..b05d66708 100644
--- a/.github/workflows/main.yml
+++ b/.github/workflows/main.yml
@@ -22,7 +22,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: oss-review-toolkit/ort-ci-github-action@81698a977ebcf51bb3d6ef5c6a04220cf60d3bde
+      - uses: oss-review-toolkit/ort-ci-github-action@v1
         with:
           allow-dynamic-versions: "true"
           fail-on: "issues"
@@ -39,7 +39,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Log in to the Container registry
-        uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446
+        uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
@@ -76,7 +76,7 @@ jobs:
           labels: ${{ steps.meta.outputs.labels }}
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.24.0
         with:
           image-ref: "${{ steps.tag.outputs.last_tag }}"
           format: "table"
@@ -95,7 +95,7 @@ jobs:
 
       - name: Deploy to Azure Web App
         id: deploy-to-webapp
-        uses: azure/webapps-deploy@5c1d76ea769631d040d04d0883468281f78a2375
+        uses: azure/webapps-deploy@v3
         with:
           app-name: ${{ env.AZURE_WEBAPP_NAME }}
           publish-profile: ${{ secrets.AZURE_WEBAPP_PUBLISH_PROFILE }}
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index fccf1816e..a48059912 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -20,7 +20,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - uses: oss-review-toolkit/ort-ci-github-action@81698a977ebcf51bb3d6ef5c6a04220cf60d3bde
+      - uses: oss-review-toolkit/ort-ci-github-action@v1
         with:
           allow-dynamic-versions: "true"
           fail-on: "issues"
@@ -37,7 +37,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Log in to the Container registry
-        uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446
+        uses: docker/login-action@v3
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
@@ -45,7 +45,7 @@ jobs:
 
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@a64d0487d7069df33b279515d35d60fa80e2ea62
+        uses: docker/metadata-action@v5
         with:
           images: ${{ env.IMAGE_NAME }}
           tags: |
@@ -74,7 +74,7 @@ jobs:
           labels: ${{ steps.meta.outputs.labels }}
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.24.0
         with:
           image-ref: "${{ steps.tag.outputs.last_tag }}"
           format: "table"
diff --git a/.github/workflows/weekly_vuln_scan.yml b/.github/workflows/weekly_vuln_scan.yml
index dec39fd3b..3a205f715 100644
--- a/.github/workflows/weekly_vuln_scan.yml
+++ b/.github/workflows/weekly_vuln_scan.yml
@@ -9,6 +9,7 @@ on:
   workflow_dispatch:
 
 env:
+  REGISTRY: ghcr.io
   IMAGE_NAME: ghcr.io/genomicdatainfrastructure/gdi-userportal-ckan-docker
   LATEST_PATCHES: ""
 
@@ -19,8 +20,12 @@ jobs:
       - name: Setup Docker
         run: sudo service docker start
 
-      - name: Login to GitHub Container Registry
-        run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin
+      - name: Log in to the Container registry
+        uses: docker/login-action@v3
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: List Docker Image Tags and Fetch Latest Two
         run: |
@@ -60,7 +65,7 @@ jobs:
         with:
           repository: ${{ github.repository }}
 
-      - uses: oss-review-toolkit/ort-ci-github-action@81698a977ebcf51bb3d6ef5c6a04220cf60d3bde
+      - uses: oss-review-toolkit/ort-ci-github-action@v1
         with:
           allow-dynamic-versions: "true"
           fail-on: "issues"
diff --git a/src/ckanext-gdi-userportal b/src/ckanext-gdi-userportal
index 468453964..761da45cd 160000
--- a/src/ckanext-gdi-userportal
+++ b/src/ckanext-gdi-userportal
@@ -1 +1 @@
-Subproject commit 46845396496451139ba64b5ea8985d56122ceb5d
+Subproject commit 761da45cdbe7e7095fc7d5dc7a1dac7a5fa696c2