chore(deps): update github-actions

bzkf · Mar 22, 2024 · 4adff47 · 4adff47
1 parent b3805f3
commit 4adff47
Show file tree

Hide file tree

Showing 4 changed files with 9 additions and 9 deletions.
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -18,7 +18,7 @@ env:
 jobs:
   build-decompose-xml-image:
     name: build decompose-xmls container image
-    uses: miracum/.github/.github/workflows/standard-build.yaml@99097e53ffa6d6e73b7f0a25fc33125cfc7a5102 # v1.5.0
+    uses: miracum/.github/.github/workflows/standard-build.yaml@f9d64a7dbe928557fde9f96defa3e372bc0eaf21 # v1.6.1
     permissions:
       contents: read
       id-token: write
@@ -35,7 +35,7 @@ jobs:
 
   build-obds-fhir-to-opal-image:
     name: build obds-fhir-to-opal container image
-    uses: miracum/.github/.github/workflows/standard-build.yaml@99097e53ffa6d6e73b7f0a25fc33125cfc7a5102 # v1.5.0
+    uses: miracum/.github/.github/workflows/standard-build.yaml@f9d64a7dbe928557fde9f96defa3e372bc0eaf21 # v1.6.1
     permissions:
       contents: read
       id-token: write
@@ -51,7 +51,7 @@ jobs:
       github-token: ${{ secrets.GITHUB_TOKEN }}
 
   lint:
-    uses: miracum/.github/.github/workflows/standard-lint.yaml@99097e53ffa6d6e73b7f0a25fc33125cfc7a5102 # v1.5.0
+    uses: miracum/.github/.github/workflows/standard-lint.yaml@f9d64a7dbe928557fde9f96defa3e372bc0eaf21 # v1.6.1
     permissions:
       contents: read
       pull-requests: write

diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -17,10 +17,10 @@ jobs:
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
-      - uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0
+      - uses: sigstore/cosign-installer@e1523de7571e31dbe865fd2e80c5c7c23ae71eb4 # v3.4.0
 
       - name: Login to GitHub Container Registry
-        uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3
+        uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
@@ -151,7 +151,7 @@ jobs:
       id-token: write
       contents: write
     # can't be referenced by digest. See <https://github.com/slsa-framework/slsa-github-generator#verification-of-provenance>
-    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.9.0
+    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.10.0
     with:
       base64-subjects: "${{ needs.prepare-artifacts.outputs.hashes }}"
       compile-generator: true # Workaround for https://github.com/slsa-framework/slsa-github-generator/issues/1163

diff --git a/.github/workflows/schedule.yaml b/.github/workflows/schedule.yaml
@@ -10,7 +10,7 @@ permissions: read-all
 
 jobs:
   schedule:
-    uses: miracum/.github/.github/workflows/standard-schedule.yaml@99097e53ffa6d6e73b7f0a25fc33125cfc7a5102 # v1.5.0
+    uses: miracum/.github/.github/workflows/standard-schedule.yaml@f9d64a7dbe928557fde9f96defa3e372bc0eaf21 # v1.6.1
     permissions:
       contents: read
       issues: write

diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml
@@ -38,7 +38,7 @@ jobs:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@483ef80eb98fb506c348f7d62e28055e49fe2398 # v2.3.0
+        uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
         with:
           results_file: results.sarif
           results_format: sarif
@@ -68,6 +68,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@ddccb873888234080b77e9bc2d4764d5ccaaccf9 # v2.21.9
+        uses: github/codeql-action/upload-sarif@a82bad71823183e5b120ab52d521460ecb0585fe # v2.24.9
         with:
           sarif_file: results.sarif