From 17ff8c43d7622fb9f3c375fb0c19a0970b9b429a Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 27 Jan 2023 16:12:26 +0100 Subject: [PATCH] deps: update GitHub action dependencies (#1099) Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com> --- .github/workflows/build-os-image.yml | 6 +++--- .github/workflows/codeql.yml | 6 +++--- .github/workflows/scorecard.yml | 2 +- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/build-os-image.yml b/.github/workflows/build-os-image.yml index db9777150..71a3f530a 100644 --- a/.github/workflows/build-os-image.yml +++ b/.github/workflows/build-os-image.yml @@ -637,7 +637,7 @@ jobs: echo "::endgroup::" - name: Create SBOM in SPDX fromat - uses: anchore/sbom-action@54e36e45f34bc64728f51adb8044404daca492a6 # v0.13.2 + uses: anchore/sbom-action@07978da4bdb4faa726e52dfc6b1bed63d4b56479 # v0.13.3 with: path: image.root.tree artifact-name: sbom.spdx.json @@ -645,7 +645,7 @@ jobs: format: spdx-json - name: Create SBOM in CycloneDX fromat - uses: anchore/sbom-action@54e36e45f34bc64728f51adb8044404daca492a6 # v0.13.2 + uses: anchore/sbom-action@07978da4bdb4faa726e52dfc6b1bed63d4b56479 # v0.13.3 with: path: image.root.tree artifact-name: sbom.cyclonedx.json @@ -653,7 +653,7 @@ jobs: format: cyclonedx-json - name: Create SBOM in Syft fromat - uses: anchore/sbom-action@54e36e45f34bc64728f51adb8044404daca492a6 # v0.13.2 + uses: anchore/sbom-action@07978da4bdb4faa726e52dfc6b1bed63d4b56479 # v0.13.3 with: path: image.root.tree artifact-name: sbom.syft.json diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index be92b33dd..e1dfb2a0b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -38,7 +38,7 @@ jobs: go-version: "1.19.5" - name: Initialize CodeQL - uses: github/codeql-action/init@a34ca99b4610d924e04c68db79e503e1f79f9f02 # v2.1.39 + uses: github/codeql-action/init@3ebbd71c74ef574dbc558c82f70e52732c8b44fe # v2.2.1 with: languages: ${{ matrix.language }} @@ -57,9 +57,9 @@ jobs: echo "::endgroup::" - name: Autobuild - uses: github/codeql-action/autobuild@a34ca99b4610d924e04c68db79e503e1f79f9f02 # v2.1.39 + uses: github/codeql-action/autobuild@3ebbd71c74ef574dbc558c82f70e52732c8b44fe # v2.2.1 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@a34ca99b4610d924e04c68db79e503e1f79f9f02 # v2.1.39 + uses: github/codeql-action/analyze@3ebbd71c74ef574dbc558c82f70e52732c8b44fe # v2.2.1 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 3d86fa474..bb4fa96cb 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -39,6 +39,6 @@ jobs: retention-days: 5 - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@a34ca99b4610d924e04c68db79e503e1f79f9f02 # v2.1.39 + uses: github/codeql-action/upload-sarif@3ebbd71c74ef574dbc558c82f70e52732c8b44fe # v2.2.1 with: sarif_file: results.sarif