diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0c183451..fc954b17 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,7 +16,7 @@ permissions: read-all jobs: build: - uses: miracum/.github/.github/workflows/standard-build.yaml@392030c6f94fcfaa509a606af2b0907d022f2257 # v1.8.3 + uses: miracum/.github/.github/workflows/standard-build.yaml@6486774ea526dc545d5e8875fe78e2fecd79526d # v1.11.0 permissions: contents: read id-token: write @@ -40,7 +40,7 @@ jobs: contents: read steps: - name: Checkout - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Create KinD cluster uses: helm/kind-action@0025e74a8c7512023d06dc019c617aa3cf561fde # v1.10.0 @@ -48,7 +48,7 @@ jobs: cluster_name: kind - name: Download image - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ needs.build.outputs.image-slug }} path: /tmp @@ -95,14 +95,14 @@ jobs: - name: Upload cluster dump if: always() - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 with: name: kind-cluster-dump.txt path: | kind-cluster-dump.txt lint: - uses: miracum/.github/.github/workflows/standard-lint.yaml@392030c6f94fcfaa509a606af2b0907d022f2257 # v1.8.3 + uses: miracum/.github/.github/workflows/standard-lint.yaml@6486774ea526dc545d5e8875fe78e2fecd79526d # v1.11.0 permissions: contents: read pull-requests: write @@ -116,7 +116,7 @@ jobs: github-token: ${{ secrets.GITHUB_TOKEN }} release: - uses: miracum/.github/.github/workflows/standard-release.yaml@392030c6f94fcfaa509a606af2b0907d022f2257 # v1.8.3 + uses: miracum/.github/.github/workflows/standard-release.yaml@6486774ea526dc545d5e8875fe78e2fecd79526d # v1.11.0 needs: - build permissions: diff --git a/.github/workflows/lint-pr-title.yaml b/.github/workflows/lint-pr-title.yaml index 0f8ff7ba..dac8af31 100644 --- a/.github/workflows/lint-pr-title.yaml +++ b/.github/workflows/lint-pr-title.yaml @@ -16,6 +16,6 @@ jobs: permissions: pull-requests: write steps: - - uses: amannn/action-semantic-pull-request@e9fabac35e210fea40ca5b14c0da95a099eff26f # v5 + - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/schedule.yaml b/.github/workflows/schedule.yaml index 23bdfe79..07e576f8 100644 --- a/.github/workflows/schedule.yaml +++ b/.github/workflows/schedule.yaml @@ -10,7 +10,7 @@ permissions: read-all jobs: schedule: - uses: miracum/.github/.github/workflows/standard-schedule.yaml@392030c6f94fcfaa509a606af2b0907d022f2257 # v1.8.3 + uses: miracum/.github/.github/workflows/standard-schedule.yaml@6486774ea526dc545d5e8875fe78e2fecd79526d # v1.11.0 permissions: contents: read issues: write diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index c05bce4a..12664c9e 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -32,12 +32,12 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 + uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3 with: results_file: results.sarif results_format: sarif @@ -67,6 +67,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@ceaec5c11a131e0d282ff3b6f095917d234caace # v2.25.3 + uses: github/codeql-action/upload-sarif@d958b976dc5b990f802df244f2dc5d807113327f # v2.25.11 with: sarif_file: results.sarif diff --git a/.github/workflows/validate-fhir-resources.yaml b/.github/workflows/validate-fhir-resources.yaml index 3a30a378..72860241 100644 --- a/.github/workflows/validate-fhir-resources.yaml +++ b/.github/workflows/validate-fhir-resources.yaml @@ -12,10 +12,10 @@ jobs: validate-fhir-resource: name: Validate FHIR resources runs-on: ubuntu-22.04 - container: ghcr.io/miracum/ig-build-tools:v2.0.55@sha256:21cab0f2b6b3c73a68f1c0e74d5d09f3171a14d294d640a862d51977e9f828e4 + container: ghcr.io/miracum/ig-build-tools:v2.1.3@sha256:171494f5e32d29c2865e071359e17f96a73fdfff7652e354a05a83c5582cc4c7 steps: - name: Checkout code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Install Firely.Terminal run: |