diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index db737f94..e7a3defd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,7 +16,7 @@ permissions: read-all jobs: build: - uses: miracum/.github/.github/workflows/standard-build.yaml@fc8f3798e3b8537a350cf51438e01a906811532c # v1.12.7 + uses: miracum/.github/.github/workflows/standard-build.yaml@abfae5033f23299a721ddda53263e32d18f33d8a # v1.12.12 permissions: contents: write id-token: write @@ -93,7 +93,7 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Create KinD cluster - uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 + uses: helm/kind-action@a1b0e391336a6ee6713a0583f8c6240d70863de3 # v1.12.0 with: cluster_name: kind @@ -148,14 +148,14 @@ jobs: - name: Upload cluster dump if: always() - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: kind-cluster-dump.txt path: | kind-cluster-dump.txt lint: - uses: miracum/.github/.github/workflows/standard-lint.yaml@fc8f3798e3b8537a350cf51438e01a906811532c # v1.12.7 + uses: miracum/.github/.github/workflows/standard-lint.yaml@abfae5033f23299a721ddda53263e32d18f33d8a # v1.12.12 permissions: contents: read pull-requests: write @@ -170,7 +170,7 @@ jobs: github-token: ${{ secrets.GITHUB_TOKEN }} release: - uses: miracum/.github/.github/workflows/standard-release.yaml@fc8f3798e3b8537a350cf51438e01a906811532c # v1.12.7 + uses: miracum/.github/.github/workflows/standard-release.yaml@abfae5033f23299a721ddda53263e32d18f33d8a # v1.12.12 needs: - lint - build diff --git a/.github/workflows/schedule.yaml b/.github/workflows/schedule.yaml index fb619335..5f11b105 100644 --- a/.github/workflows/schedule.yaml +++ b/.github/workflows/schedule.yaml @@ -10,7 +10,7 @@ permissions: read-all jobs: schedule: - uses: miracum/.github/.github/workflows/standard-schedule.yaml@fc8f3798e3b8537a350cf51438e01a906811532c # v1.12.7 + uses: miracum/.github/.github/workflows/standard-schedule.yaml@abfae5033f23299a721ddda53263e32d18f33d8a # v1.12.12 permissions: contents: read issues: write diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index e3c0684e..3480dd04 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -59,7 +59,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0 with: name: SARIF file path: results.sarif @@ -67,6 +67,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0 + uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: sarif_file: results.sarif diff --git a/.github/workflows/validate-fhir-resources.yaml b/.github/workflows/validate-fhir-resources.yaml index 3f0751cb..55fc1cd4 100644 --- a/.github/workflows/validate-fhir-resources.yaml +++ b/.github/workflows/validate-fhir-resources.yaml @@ -12,7 +12,7 @@ jobs: validate-fhir-resource: name: Validate FHIR resources runs-on: ubuntu-22.04 - container: ghcr.io/miracum/ig-build-tools:v2.1.6@sha256:26bc1eaf0a259e8c16d0eeeb8622c7aecaa45d41e39f158696f9aec90b142596 + container: ghcr.io/miracum/ig-build-tools:v2.1.12@sha256:94096ff41b7ce6937b2e1cc95cc612a4faa54b32487a575c13025f4737334ba3 steps: - name: Checkout code uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2