chore(deps): update ci dependencies

ComunidadAylas · Sep 19, 2024 · e731ec9 · e731ec9
1 parent fec1be2
commit e731ec9
Showing 1 changed file with 12 additions and 12 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -43,17 +43,17 @@ jobs:
  components: rustfmt, clippy
 
  - name: 🧰 Install clippy-sarif
- uses: taiki-e/install-action@4a27a04f8a48ceb6b30a8541bae8994ce2ea4dd7 # v2
+ uses: taiki-e/install-action@5b7f19ed4759822ecb1606f4680073f9c0e78410 # v2
  with:
  tool: clippy-sarif
 
  - name: 🧰 Install sarif-fmt
- uses: taiki-e/install-action@4a27a04f8a48ceb6b30a8541bae8994ce2ea4dd7 # v2
+ uses: taiki-e/install-action@5b7f19ed4759822ecb1606f4680073f9c0e78410 # v2
  with:
  tool: sarif-fmt
 
  - name: 🧰 Install cargo-deny
- uses: taiki-e/install-action@4a27a04f8a48ceb6b30a8541bae8994ce2ea4dd7 # v2
+ uses: taiki-e/install-action@5b7f19ed4759822ecb1606f4680073f9c0e78410 # v2
  with:
  tool: cargo-deny
 
@@ -73,7 +73,7 @@ jobs:
 
  - name: 📤 Upload analysis results to GitHub
  if: always()
- uses: github/codeql-action/upload-sarif@2c779ab0d087cd7fe7b826087247c2c81f27bfa6 # v3
+ uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3
  continue-on-error: true
  with:
  sarif_file: clippy-results.sarif
@@ -211,15 +211,15 @@ jobs:
 
  - name: 🧰 Install nextest
  if: startsWith(matrix.target, 'x86_64-') || contains(matrix.target, '-linux-')
- uses: taiki-e/install-action@4a27a04f8a48ceb6b30a8541bae8994ce2ea4dd7 # v2
+ uses: taiki-e/install-action@5b7f19ed4759822ecb1606f4680073f9c0e78410 # v2
  env:
  CARGO_BUILD_TARGET: ${{ matrix.host-target }}
  with:
  tool: nextest
 
  - name: 🧰 Install cargo-deb
  if: endsWith(matrix.target, '-linux-gnu')
- uses: taiki-e/install-action@4a27a04f8a48ceb6b30a8541bae8994ce2ea4dd7 # v2
+ uses: taiki-e/install-action@5b7f19ed4759822ecb1606f4680073f9c0e78410 # v2
  env:
  CARGO_BUILD_TARGET: ${{ matrix.host-target }}
  with:
@@ -254,7 +254,7 @@ jobs:
 
  - name: 📤 Upload CLI binary
  if: ${{ !contains(matrix.target, '-linux-') || endsWith(matrix.target, '-linux-musl') }}
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4
+ uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4
  with:
  name: PackSquash CLI executable (${{ matrix.target }})
  path: |
@@ -263,13 +263,13 @@ jobs:
 
  - name: 📤 Upload CLI Debian package
  if: endsWith(matrix.target, '-linux-gnu')
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4
+ uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4
  with:
  name: PackSquash CLI Debian package (${{ matrix.apt-arch }})
  path: target/${{ env.CARGO_BUILD_TARGET }}/debian/packsquash_*.deb
 
  - name: ✒️ Generate SLSA attestation subject data for binaries
- uses: actions/attest-build-provenance@6149ea5740be74af77f260b9db67e633f6b0a9a1 # v1
+ uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1
  with:
  subject-path: |
  target/${{ env.CARGO_BUILD_TARGET }}/release/packsquash
@@ -305,13 +305,13 @@ jobs:
  run: lipo -create -output packsquash packsquash-x64/packsquash packsquash-aarch64/packsquash
 
  - name: 📤 Upload universal CLI binary
- uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4
+ uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4
  with:
  name: PackSquash CLI executable (universal-apple-darwin)
  path: packsquash
 
  - name: ✒️ Generate SLSA attestation subject data for binary
- uses: actions/attest-build-provenance@6149ea5740be74af77f260b9db67e633f6b0a9a1 # v1
+ uses: actions/attest-build-provenance@1c608d11d69870c2092266b3f9a6f3abbf17002c # v1
  with:
  subject-path: packsquash
 
@@ -407,7 +407,7 @@ jobs:
 
  runs-on: ubuntu-latest
 
- container: debian:bullseye-slim@sha256:9058862a1be84689bd13292549ba981364f85ff99e50a612f94b188ac69db137
+ container: debian:bullseye-slim@sha256:00558f781b91e90469812bad32002f311ab26ef241b4a1996f6600680ec82f5c
 
  # Benchmark failure is not critical enough to fail the whole workflow.
  # We will keep an eye on them anyway, though