deps: update GitHub action dependencies (#1085)

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2024-10-01 01:36:09 -04:00 · 2023-01-26 15:22:33 +01:00 · 2023-01-26 15:22:33 +01:00 · 6c068674af
commit 6c068674af
parent 5eecd1345d
4 changed files with 8 additions and 8 deletions
--- a/.github/workflows/build-os-image.yml
+++ b/.github/workflows/build-os-image.yml
@ -637,7 +637,7 @@ jobs:
          echo "::endgroup::"

      - name: Create SBOM in SPDX fromat
-        uses: anchore/sbom-action@06e109483e6aa305a2b2395eabae554e51530e1d # tag=v0.13.1
+        uses: anchore/sbom-action@54e36e45f34bc64728f51adb8044404daca492a6 # v0.13.2
        with:
          path: image.root.tree
          artifact-name: sbom.spdx.json
@ -645,7 +645,7 @@ jobs:
          format: spdx-json

      - name: Create SBOM in CycloneDX fromat
-        uses: anchore/sbom-action@06e109483e6aa305a2b2395eabae554e51530e1d # tag=v0.13.1
+        uses: anchore/sbom-action@54e36e45f34bc64728f51adb8044404daca492a6 # v0.13.2
        with:
          path: image.root.tree
          artifact-name: sbom.cyclonedx.json
@ -653,7 +653,7 @@ jobs:
          format: cyclonedx-json

      - name: Create SBOM in  Syft fromat
-        uses: anchore/sbom-action@06e109483e6aa305a2b2395eabae554e51530e1d # tag=v0.13.1
+        uses: anchore/sbom-action@54e36e45f34bc64728f51adb8044404daca492a6 # v0.13.2
        with:
          path: image.root.tree
          artifact-name: sbom.syft.json
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -38,7 +38,7 @@ jobs:
          go-version: "1.19.5"

      - name: Initialize CodeQL
-        uses: github/codeql-action/init@515828d97454b8354517688ddc5b48402b723750 # v2.1.38
+        uses: github/codeql-action/init@a34ca99b4610d924e04c68db79e503e1f79f9f02 # v2.1.39
        with:
          languages: ${{ matrix.language }}

@ -57,9 +57,9 @@ jobs:
          echo "::endgroup::"

      - name: Autobuild
-        uses: github/codeql-action/autobuild@515828d97454b8354517688ddc5b48402b723750 # v2.1.38
+        uses: github/codeql-action/autobuild@a34ca99b4610d924e04c68db79e503e1f79f9f02 # v2.1.39

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@515828d97454b8354517688ddc5b48402b723750 # v2.1.38
+        uses: github/codeql-action/analyze@a34ca99b4610d924e04c68db79e503e1f79f9f02 # v2.1.39
        with:
          category: "/language:${{ matrix.language }}"
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@ -39,6 +39,6 @@ jobs:
          retention-days: 5

      - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@515828d97454b8354517688ddc5b48402b723750 # v2.1.38
+        uses: github/codeql-action/upload-sarif@a34ca99b4610d924e04c68db79e503e1f79f9f02 # v2.1.39
        with:
          sarif_file: results.sarif
--- a/.github/workflows/test-lint.yml
+++ b/.github/workflows/test-lint.yml
@ -51,7 +51,7 @@ jobs:
          echo "submods=${mods}" >> "$GITHUB_OUTPUT"

      - name: golangci-lint
-        uses: golangci/golangci-lint-action@0ad9a0988b3973e851ab0a07adf248ec2e100376 # v3.3.1
+        uses: golangci/golangci-lint-action@08e2f20817b15149a52b5b3ebe7de50aff2ba8c5 # v3.4.0
        with:
          skip-pkg-cache: true
          skip-build-cache: true