diff --git a/.github/workflows/cid-ossf.yml b/.github/workflows/cid-ossf.yml index 02c64eb..e680395 100644 --- a/.github/workflows/cid-ossf.yml +++ b/.github/workflows/cid-ossf.yml @@ -1,4 +1,4 @@ -# cid-workflow-version: 0.0.23 +# cid-workflow-version: 0.0.24 # This file is generated by the CID Workflow GitHub App. # DO NOT EDIT! @@ -36,7 +36,7 @@ jobs: contents: read # required in private repos steps: - name: Harden Runner - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-telemetry: true disable-sudo: true @@ -80,7 +80,7 @@ jobs: results_format: sarif publish_results: true # publish results to OpenSSF REST API - name: Upload Analysis Result - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: SARIF file path: results.sarif diff --git a/.github/workflows/cid-pullrequest.yml b/.github/workflows/cid-pullrequest.yml index f4fa996..d809213 100644 --- a/.github/workflows/cid-pullrequest.yml +++ b/.github/workflows/cid-pullrequest.yml @@ -1,4 +1,4 @@ -# cid-workflow-version: 0.0.23 +# cid-workflow-version: 0.0.24 # This file is generated by the CID Workflow GitHub App. # DO NOT EDIT! @@ -99,7 +99,7 @@ jobs: if: ${{ github.event.inputs.loglevel == 'debug' }} steps: - name: Harden Runner - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-telemetry: true disable-sudo: true @@ -132,7 +132,7 @@ jobs: timeout-minutes: 30 steps: - name: Harden Runner - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-telemetry: true disable-sudo: true @@ -153,7 +153,7 @@ jobs: run: | cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage build - name: upload artifacts - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: build-${{ github.run_id }} path: .dist @@ -167,7 +167,7 @@ jobs: timeout-minutes: 30 steps: - name: Harden Runner - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-telemetry: true disable-sudo: true @@ -188,7 +188,7 @@ jobs: run: | cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage test - name: upload artifacts - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: test-${{ github.run_id }} path: .dist @@ -204,7 +204,7 @@ jobs: timeout-minutes: 30 steps: - name: Harden Runner - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-telemetry: true disable-sudo: true diff --git a/.github/workflows/cid.yml b/.github/workflows/cid.yml index 40eed21..743f958 100644 --- a/.github/workflows/cid.yml +++ b/.github/workflows/cid.yml @@ -1,4 +1,4 @@ -# cid-workflow-version: 0.0.23 +# cid-workflow-version: 0.0.24 # This file is generated by the CID Workflow GitHub App. # DO NOT EDIT! @@ -101,7 +101,7 @@ jobs: if: ${{ github.event.inputs.loglevel == 'debug' }} steps: - name: Harden Runner - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-telemetry: true disable-sudo: true @@ -134,7 +134,7 @@ jobs: timeout-minutes: 30 steps: - name: Harden Runner - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-telemetry: true disable-sudo: true @@ -155,7 +155,7 @@ jobs: run: | cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage build - name: upload artifacts - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: build-${{ github.run_id }} path: .dist @@ -169,7 +169,7 @@ jobs: timeout-minutes: 30 steps: - name: Harden Runner - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-telemetry: true disable-sudo: true @@ -190,7 +190,7 @@ jobs: run: | cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage test - name: upload artifacts - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: test-${{ github.run_id }} path: .dist @@ -206,7 +206,7 @@ jobs: timeout-minutes: 30 steps: - name: Harden Runner - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-telemetry: true disable-sudo: true @@ -253,7 +253,7 @@ jobs: timeout-minutes: 30 steps: - name: Harden Runner - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-telemetry: true disable-sudo: true @@ -280,7 +280,7 @@ jobs: run: | cid --log-level=${CID_LOGLEVEL:-info} workflow run "$CID_WORKFLOW" --stage package - name: upload artifacts - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6 with: name: package-${{ github.run_id }} path: .dist @@ -300,7 +300,7 @@ jobs: timeout-minutes: 30 steps: - name: Harden Runner - uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0 + uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1 with: disable-telemetry: true disable-sudo: true