Update github-actions

.github/workflows/ci.yml

@@ -12,7 +12,7 @@ jobs:
     name: Lint
     runs-on: ubuntu-latest
     steps:
-      - uses: step-security/harden-runner@f0db2aa8a570959027d6be2a227028ad19fd9e8f
+      - uses: step-security/harden-runner@951b48540b429070694bc8abd82fd6901eb123ca
         with:
           disable-sudo: true
           egress-policy: block
@@ -34,7 +34,7 @@ jobs:
 
       # Linting
       - name: Linting
-        uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86
+        uses: golangci/golangci-lint-action@e13590484647602042886c51e2a8e43a670a22b7
         with:
           version: latest
           args: --config=./.github/.golangci.yml ./...
@@ -48,7 +48,7 @@ jobs:
       matrix:
         go: [ '1.22', '1.21' ]
     steps:
-      - uses: step-security/harden-runner@f0db2aa8a570959027d6be2a227028ad19fd9e8f
+      - uses: step-security/harden-runner@951b48540b429070694bc8abd82fd6901eb123ca
         with:
           disable-sudo: true
           egress-policy: block
@@ -75,7 +75,7 @@ jobs:
     name: Analyze
     runs-on: ubuntu-latest
     steps:
-      - uses: step-security/harden-runner@f0db2aa8a570959027d6be2a227028ad19fd9e8f
+      - uses: step-security/harden-runner@951b48540b429070694bc8abd82fd6901eb123ca
         with:
           disable-sudo: true
           egress-policy: block
@@ -106,7 +106,7 @@ jobs:
 
       # Codecov
       - name: Codecov
-        uses: codecov/codecov-action@955f1f08ad225eafd3396525634e1211cf89485f
+        uses: codecov/codecov-action@943cea186cc641c4ac8f55492baec4c2654291b4
         env:
           CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
         with:

.github/workflows/codeql.yml

@@ -23,7 +23,7 @@ jobs:
       fail-fast: false
 
     steps:
-      - uses: step-security/harden-runner@f0db2aa8a570959027d6be2a227028ad19fd9e8f
+      - uses: step-security/harden-runner@951b48540b429070694bc8abd82fd6901eb123ca
         with:
           disable-sudo: true
           egress-policy: block
@@ -35,12 +35,12 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@9c646c24a4c8410122b0d6a1311088e9377eea95
+        uses: github/codeql-action/init@5c02493ebfd65b28fd3b082c65e5af2cd745d91f
         with:
           languages: go
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@9c646c24a4c8410122b0d6a1311088e9377eea95
+        uses: github/codeql-action/autobuild@5c02493ebfd65b28fd3b082c65e5af2cd745d91f
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@9c646c24a4c8410122b0d6a1311088e9377eea95
+        uses: github/codeql-action/analyze@5c02493ebfd65b28fd3b082c65e5af2cd745d91f

.github/workflows/scorecards.yml

@@ -22,7 +22,7 @@ jobs:
       id-token: write
 
     steps:
-      - uses: step-security/harden-runner@f0db2aa8a570959027d6be2a227028ad19fd9e8f
+      - uses: step-security/harden-runner@951b48540b429070694bc8abd82fd6901eb123ca
         with:
           disable-sudo: true
           egress-policy: block
@@ -61,14 +61,14 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029
+        uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a
         with:
           name: SARIF file
           path: results.sarif
           retention-days: 5
 
       # required for Code scanning alerts
       - name: "Upload SARIF results to code scanning"
-        uses: github/codeql-action/upload-sarif@9c646c24a4c8410122b0d6a1311088e9377eea95
+        uses: github/codeql-action/upload-sarif@5c02493ebfd65b28fd3b082c65e5af2cd745d91f
         with:
           sarif_file: results.sarif