diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c2c1605..bd70c5b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -24,7 +24,7 @@ jobs: raw.githubusercontent.com:443 - name: Checkout repo - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 with: fetch-depth: 0 - name: Setup Go @@ -34,7 +34,7 @@ jobs: # Linting - name: Linting - uses: golangci/golangci-lint-action@9ec89731c3231147ae014c73448ce9a7240d661b + uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86 with: version: latest args: --config=./.github/.golangci.yml ./... @@ -59,7 +59,7 @@ jobs: sum.golang.org:443 - name: Checkout repo - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 with: fetch-depth: 0 - name: Setup Go @@ -92,7 +92,7 @@ jobs: storage.googleapis.com:443 - name: Checkout repo - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 with: fetch-depth: 0 - name: Setup Go @@ -106,7 +106,7 @@ jobs: # Codecov - name: Codecov - uses: codecov/codecov-action@6f75c27045d2e068673192a87c7e9c3eebf59b2a + uses: codecov/codecov-action@922d8d7b314a529f2be903c1e79ee8283c492863 env: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} with: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 6c1c93e..c2bf10a 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -31,16 +31,16 @@ jobs: api.github.com:443 github.com:443 objects.githubusercontent.com:443 proxy.golang.org:443 storage.googleapis.com:443 sum.golang.org:443 uploads.github.com:443 - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@aa96d09e166ab0ac8dc304d5ca5e5a7296ed6dd6 + uses: github/codeql-action/init@5cdd182212d3c2e1b78ee867e1dc499ddc60c0eb with: languages: go - name: Autobuild - uses: github/codeql-action/autobuild@aa96d09e166ab0ac8dc304d5ca5e5a7296ed6dd6 + uses: github/codeql-action/autobuild@5cdd182212d3c2e1b78ee867e1dc499ddc60c0eb - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@aa96d09e166ab0ac8dc304d5ca5e5a7296ed6dd6 + uses: github/codeql-action/analyze@5cdd182212d3c2e1b78ee867e1dc499ddc60c0eb diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index b68ba08..fb7f521 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -38,12 +38,12 @@ jobs: www.bestpractices.dev:443 - name: "Checkout code" - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 + uses: actions/checkout@9a9194f87191a7e9055e3e9b95b8cfb13023bb08 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 + uses: ossf/scorecard-action@da912321c221fa09cefe31859ceaad00353c14f5 with: results_file: results.sarif results_format: sarif @@ -69,6 +69,6 @@ jobs: # required for Code scanning alerts - name: "Upload SARIF results to code scanning" - uses: github/codeql-action/upload-sarif@aa96d09e166ab0ac8dc304d5ca5e5a7296ed6dd6 + uses: github/codeql-action/upload-sarif@5cdd182212d3c2e1b78ee867e1dc499ddc60c0eb with: sarif_file: results.sarif