Update github-actions (#57)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

.github/workflows/ci.yml

@@ -24,7 +24,7 @@ jobs:
             raw.githubusercontent.com:443
 
       - name: Checkout repo
-        uses: actions/checkout@6b42224f41ee5dfe5395e27c8b2746f1f9955030
+        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
         with:
           fetch-depth: 0
       - name: Setup Go
@@ -34,7 +34,7 @@ jobs:
 
       # Linting
       - name: Linting
-        uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8
+        uses: golangci/golangci-lint-action@3d4174dbf50df14928520a1fe4462fa98338d311
         with:
           version: latest
           args: --config=./.github/.golangci.yml ./...
@@ -59,7 +59,7 @@ jobs:
             sum.golang.org:443
 
       - name: Checkout repo
-        uses: actions/checkout@6b42224f41ee5dfe5395e27c8b2746f1f9955030
+        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
         with:
           fetch-depth: 0
       - name: Setup Go
@@ -92,7 +92,7 @@ jobs:
             storage.googleapis.com:443
 
       - name: Checkout repo
-        uses: actions/checkout@6b42224f41ee5dfe5395e27c8b2746f1f9955030
+        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
         with:
           fetch-depth: 0
       - name: Setup Go
@@ -106,15 +106,15 @@ jobs:
 
       # Codecov
       - name: Codecov
-        uses: codecov/codecov-action@68708a9f7a6b6b5fe33673f782f93725c5eff3c6
+        uses: codecov/codecov-action@1f30f8b7576840249fdd6164afd42b97cb1af0ab
         env:
           CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
         with:
           file: .github/coverage.out
 
       # Sonar
       - name: SonarCloud Scan
-        uses: SonarSource/sonarcloud-github-action@383f7e52eae3ab0510c3cb0e7d9d150bbaeab838
+        uses: SonarSource/sonarcloud-github-action@9f9bba2c7aaf7a55eac26abbac906c3021d211b2
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

.github/workflows/codeql.yml

@@ -31,16 +31,16 @@ jobs:
             api.github.com:443 github.com:443 objects.githubusercontent.com:443 proxy.golang.org:443 storage.googleapis.com:443 sum.golang.org:443 uploads.github.com:443
 
       - name: Checkout repository
-        uses: actions/checkout@6b42224f41ee5dfe5395e27c8b2746f1f9955030
+        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@7cf65a5b2e089b7207c678633bc4a42884847231
+        uses: github/codeql-action/init@ea2cd92c21b192add69983116b8b3222b09da33b
         with:
           languages: go
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@7cf65a5b2e089b7207c678633bc4a42884847231
+        uses: github/codeql-action/autobuild@ea2cd92c21b192add69983116b8b3222b09da33b
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@7cf65a5b2e089b7207c678633bc4a42884847231
+        uses: github/codeql-action/analyze@ea2cd92c21b192add69983116b8b3222b09da33b

.github/workflows/scorecards.yml

@@ -38,7 +38,7 @@ jobs:
             www.bestpractices.dev:443
 
       - name: "Checkout code"
-        uses: actions/checkout@6b42224f41ee5dfe5395e27c8b2746f1f9955030
+        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871
         with:
           persist-credentials: false
 
@@ -61,14 +61,14 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@3eadd8b791cabf7cd572f194da82158c24125bd8
+        uses: actions/upload-artifact@184d73b71b93c222403b2e7f1ffebe4508014249
         with:
           name: SARIF file
           path: results.sarif
           retention-days: 5
 
       # required for Code scanning alerts
       - name: "Upload SARIF results to code scanning"
-        uses: github/codeql-action/upload-sarif@7cf65a5b2e089b7207c678633bc4a42884847231
+        uses: github/codeql-action/upload-sarif@ea2cd92c21b192add69983116b8b3222b09da33b
         with:
           sarif_file: results.sarif