deps: update GitHub action dependencies (#1365)

Co-authored-by: Paul Meyer <49727155+katexochen@users.noreply.github.com>
2024-10-01 01:36:09 -04:00 · 2023-03-08 10:06:42 +01:00 · 2023-03-08 10:06:42 +01:00 · fede4ec6d2
commit fede4ec6d2
parent 1da64e7702
5 changed files with 7 additions and 7 deletions
--- a/.github/actions/e2e_sonobuoy/action.yml
+++ b/.github/actions/e2e_sonobuoy/action.yml
@ -50,7 +50,7 @@ runs:

    - name: Publish test results
      if: (!env.ACT)
-      uses: mikepenz/action-junit-report@4604e7ac662394db76b6ccf33d40069c8f84c5da # v3.7.4
+      uses: mikepenz/action-junit-report@4fa23552acda20a6a1d44f16224a90efbeb6c5f1 # v3.7.5
      with:
        report_paths: "**/junit_01.xml"
        fail_on_failure: true
--- a/.github/workflows/check-links.yml
+++ b/.github/workflows/check-links.yml
@ -25,7 +25,7 @@ jobs:
          ref: ${{ !github.event.pull_request.head.repo.fork && github.head_ref || '' }}

      - name: Link Checker
-        uses: lycheeverse/lychee-action@4dcb8bee2a0a4531cba1a1f392c54e8375d6dd81 # v1.5.4
+        uses: lycheeverse/lychee-action@9ace499fe66cee282a29eaa628fdac2c72fa087f # v1.6.1
        with:
          args: "--verbose --no-progress --max-concurrency 5 --exclude-path './cli/internal/helm/charts/cilium' './**/*.md' './**/*.html'"
          fail: true
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -38,7 +38,7 @@ jobs:
          go-version: "1.20.2"

      - name: Initialize CodeQL
-        uses: github/codeql-action/init@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4
+        uses: github/codeql-action/init@32dc499307d133bb5085bae78498c0ac2cf762d5 # v2.2.5
        with:
          languages: ${{ matrix.language }}

@ -57,9 +57,9 @@ jobs:
          echo "::endgroup::"

      - name: Autobuild
-        uses: github/codeql-action/autobuild@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4
+        uses: github/codeql-action/autobuild@32dc499307d133bb5085bae78498c0ac2cf762d5 # v2.2.5

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4
+        uses: github/codeql-action/analyze@32dc499307d133bb5085bae78498c0ac2cf762d5 # v2.2.5
        with:
          category: "/language:${{ matrix.language }}"
--- a/.github/workflows/release-cli.yml
+++ b/.github/workflows/release-cli.yml
@ -161,7 +161,7 @@ jobs:
      - provenance-subjects
    # This must not be pinned to digest. See:
    # https://github.com/slsa-framework/slsa-github-generator#referencing-slsa-builders-and-generators
-    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.4.0
+    uses: slsa-framework/slsa-github-generator/.github/workflows/generator_generic_slsa3.yml@v1.5.0
    with:
      base64-subjects: "${{ needs.provenance-subjects.outputs.provenance-subjects }}"

--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@ -37,6 +37,6 @@ jobs:
          retention-days: 5

      - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4
+        uses: github/codeql-action/upload-sarif@32dc499307d133bb5085bae78498c0ac2cf762d5 # v2.2.5
        with:
          sarif_file: results.sarif