diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 954abcd..ef05a57 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -17,7 +17,7 @@ jobs: fetch-depth: 0 - name: Install Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version-file: go.mod @@ -28,7 +28,7 @@ jobs: args: --issues-exit-code=0 --output.sarif.path linter-results.sarif # we expect some findings, but for this demo just continue - name: Upload SARIF to Code Scanning - uses: github/codeql-action/upload-sarif@192325c86100d080feab897ff886c34abd4c83a3 # v3.30.3 + uses: github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 with: sarif_file: ./linter-results.sarif @@ -41,7 +41,7 @@ jobs: fetch-depth: 0 - name: Install Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version-file: go.mod diff --git a/.github/workflows/upload_assets.yml b/.github/workflows/upload_assets.yml index 421478f..5879fb8 100644 --- a/.github/workflows/upload_assets.yml +++ b/.github/workflows/upload_assets.yml @@ -20,12 +20,12 @@ jobs: fetch-depth: 0 - name: Install Go - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 + uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version-file: go.mod - name: Run GoReleaser - uses: goreleaser/goreleaser-action@9c156ee8a17a598857849441385a2041ef570552 # v6.3.0 + uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6.4.0 with: version: v2 args: release --clean @@ -60,7 +60,7 @@ jobs: #buildkitd-flags: --debug - name: Log in to the Container registry - uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0 + uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }}