Skip to content

Commit

Permalink
Update github-actions deps (open-telemetry#10145)
Browse files Browse the repository at this point in the history
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.4` -> `v4.1.5` |
| [codecov/codecov-action](https://togithub.com/codecov/codecov-action)
| action | minor | `4.3.1` -> `4.4.0` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | patch | `v3.25.3` -> `v3.25.5` |
|
[goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action)
| action | minor | `v5.0.0` -> `v5.1.0` |
| [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) |
action | patch | `v2.3.1` -> `v2.3.3` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5)

#### What's Changed

- Update NPM dependencies by
[@&open-telemetry#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703)
- Bump github/codeql-action from 2 to 3 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694)
- Bump actions/setup-node from 1 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696)
- Bump actions/upload-artifact from 2 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695)
- README: Suggest `user.email` to be
`41898282+github-actions[bot]@&open-telemetry#8203;users.noreply.github.com` by
[@&open-telemetry#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707)

**Full Changelog**:
actions/checkout@v4.1.4...v4.1.5

</details>

<details>
<summary>codecov/codecov-action (codecov/codecov-action)</summary>

###
[`v4.4.0`](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0)

[Compare
Source](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0)

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

###
[`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

</details>

<details>
<summary>goreleaser/goreleaser-action
(goreleaser/goreleaser-action)</summary>

###
[`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0)

[Compare
Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0)

#### Important

This version changes the default behavior of `latest` to `~> v1`.

The next major of this action (v6), will change this to `~> v2`, and
will be launched together with GoReleaser v2.

#### What's Changed

- docs: bump actions to latest major by
[@&open-telemetry#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/435](https://togithub.com/goreleaser/goreleaser-action/pull/435)
- chore(deps): bump docker/bake-action from 3 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/436](https://togithub.com/goreleaser/goreleaser-action/pull/436)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/437](https://togithub.com/goreleaser/goreleaser-action/pull/437)
- chore(deps): bump actions/setup-go from 4 to 5 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/443](https://togithub.com/goreleaser/goreleaser-action/pull/443)
- chore(deps): bump actions/upload-artifact from 3 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/444](https://togithub.com/goreleaser/goreleaser-action/pull/444)
- Delete .kodiak.toml by
[@&open-telemetry#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/448](https://togithub.com/goreleaser/goreleaser-action/pull/448)
- chore(deps): bump ip from 2.0.0 to 2.0.1 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/450](https://togithub.com/goreleaser/goreleaser-action/pull/450)
- Upgrade setup-go action version in README by
[@&open-telemetry#8203;kishaningithub](https://togithub.com/kishaningithub) in
[https://github.com/goreleaser/goreleaser-action/pull/455](https://togithub.com/goreleaser/goreleaser-action/pull/455)
- chore(deps): bump tar from 6.1.14 to 6.2.1 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/456](https://togithub.com/goreleaser/goreleaser-action/pull/456)
- chore: use corepack to install yarn by
[@&open-telemetry#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/458](https://togithub.com/goreleaser/goreleaser-action/pull/458)
- feat: lock this major version of the action to use '~> v1' as 'latest'
by [@&open-telemetry#8203;caarlos0](https://togithub.com/caarlos0) in
[https://github.com/goreleaser/goreleaser-action/pull/461](https://togithub.com/goreleaser/goreleaser-action/pull/461)
- chore(deps): bump semver from 7.6.0 to 7.6.2 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/462](https://togithub.com/goreleaser/goreleaser-action/pull/462)
- chore(deps): bump
[@&open-telemetry#8203;actions/http-client](https://togithub.com/actions/http-client)
from 2.2.0 to 2.2.1 by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/451](https://togithub.com/goreleaser/goreleaser-action/pull/451)

#### New Contributors

- [@&open-telemetry#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their
first contribution in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)

**Full Changelog**:
goreleaser/goreleaser-action@v5.0.0...v5.1.0

</details>

<details>
<summary>ossf/scorecard-action (ossf/scorecard-action)</summary>

###
[`v2.3.3`](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

###
[`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJyZW5vdmF0ZWJvdCJdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
  • Loading branch information
renovate[bot] authored and andrzej-stencel committed May 27, 2024
1 parent 13f0424 commit 3154a3a
Show file tree
Hide file tree
Showing 15 changed files with 33 additions and 33 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/api-compatibility.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,13 +22,13 @@ jobs:
steps:

- name: Checkout-Main
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
ref: ${{ github.base_ref }}
path: ${{ github.base_ref }}

- name: Checkout-HEAD
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
path: ${{ github.head_ref }}

Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/build-and-test-windows.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:
runs-on: windows-latest
steps:
- name: Checkout Repo
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Setup Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
Expand All @@ -40,7 +40,7 @@ jobs:
runs-on: windows-latest
steps:
- name: Checkout Repo
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Setup Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
Expand Down
16 changes: 8 additions & 8 deletions .github/workflows/build-and-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Setup Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
Expand All @@ -38,7 +38,7 @@ jobs:
needs: [setup-environment]
steps:
- name: Checkout Repo
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Setup Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
Expand All @@ -62,7 +62,7 @@ jobs:
timeout-minutes: 30
steps:
- name: Checkout Repo
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Setup Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
Expand All @@ -87,7 +87,7 @@ jobs:
needs: [setup-environment]
steps:
- name: Checkout Repo
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Setup Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
Expand Down Expand Up @@ -150,7 +150,7 @@ jobs:
- name: Run vmmeter
uses: self-actuated/vmmeter-action@v1
- name: Checkout Repo
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Setup Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
Expand Down Expand Up @@ -194,7 +194,7 @@ jobs:
needs: [setup-environment]
steps:
- name: Checkout Repo
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Setup Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
Expand All @@ -216,7 +216,7 @@ jobs:
- name: Run Unit Tests With Coverage
run: make gotest-with-cover
- name: Upload coverage report
uses: codecov/codecov-action@5ecb98a3c6b747ed38dc09f787459979aebb39be # 4.3.1
uses: codecov/codecov-action@6d798873df2b1b8e5846dba6fb86631229fbcb17 # 4.4.0
env:
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}

Expand Down Expand Up @@ -256,7 +256,7 @@ jobs:

steps:
- name: Checkout Repo
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Setup Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/builder-integration-test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Setup Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/builder-release.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -10,15 +10,15 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout Repo
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
fetch-depth: 0
- name: Setup Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
go-version: ~1.21.5
- name: Run GoReleaser
uses: goreleaser/goreleaser-action@7ec5c2b0c6cdda6e8bbb49444bc797dd33d74dd8 # v5.0.0
uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0
with:
distribution: goreleaser-pro
version: latest
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/changelog.yml
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,7 @@ jobs:
PR_HEAD: ${{ github.event.pull_request.head.sha }}
steps:
- name: Checkout Repo
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
fetch-depth: 0
- name: Setup Go
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/check-links.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ jobs:
md: ${{ steps.changes.outputs.md }}
steps:
- name: Checkout Repo
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
fetch-depth: 0
- name: Get changed files
Expand All @@ -34,7 +34,7 @@ jobs:
if: ${{needs.changedfiles.outputs.md}}
steps:
- name: Checkout Repo
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
fetch-depth: 0

Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5

- name: Setup Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
Expand All @@ -30,12 +30,12 @@ jobs:

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3
uses: github/codeql-action/init@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3.25.5
with:
languages: go

- name: Autobuild
uses: github/codeql-action/autobuild@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3
uses: github/codeql-action/autobuild@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3.25.5

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3
uses: github/codeql-action/analyze@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3.25.5
2 changes: 1 addition & 1 deletion .github/workflows/contrib-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ jobs:
- other
steps:
- name: Checkout Repo
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Setup Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
with:
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/generate-semantic-conventions-pr.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
already-added: ${{ steps.check-versions.outputs.already-added }}
already-opened: ${{ steps.check-versions.outputs.already-opened }}
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5

- id: check-versions
name: Check versions
Expand Down Expand Up @@ -56,9 +56,9 @@ jobs:
needs:
- check-versions
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Checkout semantic-convention
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
repository: open-telemetry/semantic-convention
path: tmp-semantic-conventions
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/perf.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ jobs:
runperf:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5

- name: Setup Go
uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/prepare-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ jobs:
- validate-versions
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
fetch-depth: 0
# Make sure that there are no open issues with release:blocker label in Core. The release has to be delayed until they are resolved.
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/scorecard.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,12 +29,12 @@ jobs:

steps:
- name: "Checkout code"
uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
persist-credentials: false

- name: "Run analysis"
uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
with:
results_file: results.sarif
results_format: sarif
Expand Down Expand Up @@ -64,6 +64,6 @@ jobs:

# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
uses: github/codeql-action/upload-sarif@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3
uses: github/codeql-action/upload-sarif@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3.25.5
with:
sarif_file: results.sarif
2 changes: 1 addition & 1 deletion .github/workflows/shellcheck.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,6 +13,6 @@ jobs:
name: Shellcheck
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Run ShellCheck
uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # 2.0.0
2 changes: 1 addition & 1 deletion .github/workflows/tidy-dependencies.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ jobs:
runs-on: ubuntu-latest
if: ${{ !contains(github.event.pull_request.labels.*.name, 'dependency-major-update') && (github.actor == 'renovate[bot]' || contains(github.event.pull_request.labels.*.name, 'renovatebot')) }}
steps:
- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
- uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
ref: ${{ github.head_ref }}
- uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
Expand Down

0 comments on commit 3154a3a

Please sign in to comment.