Skip to content

Commit b840a0e

Browse files
chore(deps): bump the actions-deps group across 1 directory with 13 updates (#459)
Bumps the actions-deps group with 13 updates in the / directory: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.14.0` | `2.15.0` | | [actions/checkout](https://github.com/actions/checkout) | `6.0.1` | `6.0.2` | | [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `daf9d2d49788d229faa7bd34252ab8ded7f087f3` | `05f9457d921137103bb9687b6b571075f75a65f2` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.18.0` | `6.19.2` | | [anchore/scan-action](https://github.com/anchore/scan-action) | `7.2.3` | `7.3.2` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.31.10` | `4.32.4` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `6.0.0` | `7.0.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `7.0.0` | `8.0.0` | | [docker/login-action](https://github.com/docker/login-action) | `3.6.0` | `3.7.0` | | [peter-evans/dockerhub-description](https://github.com/peter-evans/dockerhub-description) | `cc307723041342d9253937d12db1fff65b63db90` | `07bcfe556c56334af3254ad0b450d72c64cc282b` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `8.0.0` | `8.1.0` | | [iarekylew00t/verified-bot-commit](https://github.com/iarekylew00t/verified-bot-commit) | `2.1.1` | `2.1.6` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.21.1` | `0.23.0` | Updates `step-security/harden-runner` from 2.14.0 to 2.15.0 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@20cf305...a90bcbc) Updates `actions/checkout` from 6.0.1 to 6.0.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@8e8c483...de0fac2) Updates `tj-actions/changed-files` from daf9d2d49788d229faa7bd34252ab8ded7f087f3 to 05f9457d921137103bb9687b6b571075f75a65f2 - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](tj-actions/changed-files@daf9d2d...05f9457) Updates `docker/build-push-action` from 6.18.0 to 6.19.2 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@2634353...10e90e3) Updates `anchore/scan-action` from 7.2.3 to 7.3.2 - [Release notes](https://github.com/anchore/scan-action/releases) - [Changelog](https://github.com/anchore/scan-action/blob/main/RELEASE.md) - [Commits](anchore/scan-action@62b74fb...7037fa0) Updates `github/codeql-action` from 4.31.10 to 4.32.4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@cdefb33...89a39a4) Updates `actions/upload-artifact` from 6.0.0 to 7.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@b7c566a...bbbca2d) Updates `actions/download-artifact` from 7.0.0 to 8.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@37930b1...70fc10c) Updates `docker/login-action` from 3.6.0 to 3.7.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@5e57cd1...c94ce9f) Updates `peter-evans/dockerhub-description` from cc307723041342d9253937d12db1fff65b63db90 to 07bcfe556c56334af3254ad0b450d72c64cc282b - [Release notes](https://github.com/peter-evans/dockerhub-description/releases) - [Commits](peter-evans/dockerhub-description@cc30772...07bcfe5) Updates `peter-evans/create-pull-request` from 8.0.0 to 8.1.0 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@98357b1...c0f553f) Updates `iarekylew00t/verified-bot-commit` from 2.1.1 to 2.1.6 - [Release notes](https://github.com/iarekylew00t/verified-bot-commit/releases) - [Commits](IAreKyleW00t/verified-bot-commit@d7e8eea...b001460) Updates `anchore/sbom-action` from 0.21.1 to 0.23.0 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](anchore/sbom-action@0b82b0b...17ae174) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.15.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-deps - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-deps - dependency-name: tj-actions/changed-files dependency-version: 05f9457d921137103bb9687b6b571075f75a65f2 dependency-type: direct:production dependency-group: actions-deps - dependency-name: docker/build-push-action dependency-version: 6.19.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-deps - dependency-name: anchore/scan-action dependency-version: 7.3.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-deps - dependency-name: github/codeql-action dependency-version: 4.32.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-deps - dependency-name: actions/upload-artifact dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-deps - dependency-name: actions/download-artifact dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-deps - dependency-name: docker/login-action dependency-version: 3.7.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-deps - dependency-name: peter-evans/dockerhub-description dependency-version: 07bcfe556c56334af3254ad0b450d72c64cc282b dependency-type: direct:production dependency-group: actions-deps - dependency-name: peter-evans/create-pull-request dependency-version: 8.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-deps - dependency-name: iarekylew00t/verified-bot-commit dependency-version: 2.1.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-deps - dependency-name: anchore/sbom-action dependency-version: 0.23.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-deps ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent be8fb4d commit b840a0e

14 files changed

Lines changed: 64 additions & 64 deletions

.github/workflows/ci.yaml

Lines changed: 17 additions & 17 deletions
Original file line numberDiff line numberDiff line change
@@ -28,14 +28,14 @@ jobs:
2828
steps:
2929
# Checkout the repository
3030
- name: Harden the runner (Audit all outbound calls)
31-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
31+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
3232
with:
3333
egress-policy: audit
3434
- name: Checkout Code
35-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
35+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
3636
- name: Get changed files
3737
id: changed-files-yaml
38-
uses: tj-actions/changed-files@daf9d2d49788d229faa7bd34252ab8ded7f087f3
38+
uses: tj-actions/changed-files@05f9457d921137103bb9687b6b571075f75a65f2
3939
with:
4040
files_yaml: |
4141
code:
@@ -63,7 +63,7 @@ jobs:
6363
runs-on: ubuntu-latest
6464
steps:
6565
- name: Harden the runner (Audit all outbound calls)
66-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
66+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
6767
with:
6868
egress-policy: audit
6969
- name: Failed
@@ -78,11 +78,11 @@ jobs:
7878
steps:
7979
# Checkout the repository
8080
- name: Harden the runner (Audit all outbound calls)
81-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
81+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
8282
with:
8383
egress-policy: audit
8484
- name: Checkout Code
85-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
85+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
8686
- name: Prepare
8787
id: init
8888
uses: ./.github/actions/prepare
@@ -105,11 +105,11 @@ jobs:
105105
steps:
106106
# Checkout the repository
107107
- name: Harden the runner (Audit all outbound calls)
108-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
108+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
109109
with:
110110
egress-policy: audit
111111
- name: Checkout Code
112-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
112+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
113113
- name: Prepare
114114
id: init
115115
uses: ./.github/actions/prepare
@@ -132,11 +132,11 @@ jobs:
132132
steps:
133133
# Checkout the repository
134134
- name: Harden the runner (Audit all outbound calls)
135-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
135+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
136136
with:
137137
egress-policy: audit
138138
- name: Checkout Code
139-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
139+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
140140
- name: Prepare
141141
id: init
142142
uses: ./.github/actions/prepare
@@ -159,11 +159,11 @@ jobs:
159159
steps:
160160
# Checkout the repository
161161
- name: Harden the runner (Audit all outbound calls)
162-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
162+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
163163
with:
164164
egress-policy: audit
165165
- name: Checkout Code
166-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
166+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
167167
- name: Prepare
168168
id: init
169169
uses: ./.github/actions/prepare
@@ -237,11 +237,11 @@ jobs:
237237
steps:
238238
# Checkout the repository
239239
- name: Harden the runner (Audit all outbound calls)
240-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
240+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
241241
with:
242242
egress-policy: audit
243243
- name: Checkout Code
244-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
244+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
245245
- name: Setup QEMU
246246
uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # main
247247
with:
@@ -252,15 +252,15 @@ jobs:
252252
- name: Set up Docker Buildx
253253
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
254254
- name: Build x86 local container
255-
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
255+
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
256256
with:
257257
tags: openzeppelin-monitor-dev:${{ github.sha }}-amd64
258258
push: false
259259
load: true
260260
file: Dockerfile.development
261261
platforms: linux/amd64
262262
# - name: Build arm64 local container
263-
# uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
263+
# uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
264264
# with:
265265
# tags: openzeppelin-monitor-dev:${{ github.sha }}-arm64
266266
# push: false
@@ -301,7 +301,7 @@ jobs:
301301
echo ">>>>>>>Architecture match for $platform<<<<<<<<"
302302
done
303303
- name: Scan image
304-
uses: anchore/scan-action@62b74fb7bb810d2c45b1865f47a77655621862a5 # v7.2.3
304+
uses: anchore/scan-action@7037fa011853d5a11690026fb85feee79f4c946c # v7.3.2
305305
with:
306306
image: openzeppelin-monitor-dev:${{ github.sha }}-amd64
307307
fail-build: true

.github/workflows/cla.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -17,11 +17,11 @@ jobs:
1717
runs-on: ubuntu-latest
1818
steps:
1919
- name: Harden the runner (Audit all outbound calls)
20-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
20+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
2121
with:
2222
egress-policy: audit
2323
- name: Checkout Private Repo for Allowlist
24-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
24+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
2525
with:
2626
repository: OpenZeppelin/cla-sigs
2727
token: ${{ secrets.CLA_SIGS_ACCESS_PAT }}

.github/workflows/codeql.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -33,19 +33,19 @@ jobs:
3333
build-mode: none
3434
steps:
3535
- name: Harden the runner (Audit all outbound calls)
36-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
36+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
3737
with:
3838
egress-policy: audit
3939
- name: Checkout repository
40-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4.5.4
40+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4.5.4
4141

4242
# Initializes the CodeQL tools for scanning.
4343
- name: Initialize CodeQL
44-
uses: github/codeql-action/init@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10
44+
uses: github/codeql-action/init@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
4545
with:
4646
languages: ${{ matrix.language }}
4747
build-mode: ${{ matrix.build-mode }}
4848
- name: Perform CodeQL Analysis
49-
uses: github/codeql-action/analyze@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v4.31.10
49+
uses: github/codeql-action/analyze@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4
5050
with:
5151
category: /language:${{matrix.language}}

.github/workflows/pr-title.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ jobs:
99
runs-on: ubuntu-latest
1010
steps:
1111
- name: Harden the runner (Audit all outbound calls)
12-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
12+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
1313
with:
1414
egress-policy: audit
1515
- uses: thehanimo/pr-title-checker@7fbfe05602bdd86f926d3fb3bccb6f3aed43bc70 # v1.4.3

.github/workflows/rc.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -23,7 +23,7 @@ jobs:
2323
runs-on: ubuntu-latest
2424
steps:
2525
- name: Harden the runner (Audit all outbound calls)
26-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
26+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
2727
with:
2828
egress-policy: audit
2929
- uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1
@@ -52,7 +52,7 @@ jobs:
5252
env:
5353
INPUT_VERSION: ${{ github.event.inputs.version }}
5454
- name: Checkout repository at commit SHA
55-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
55+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
5656
with:
5757
ref: ${{ github.event.inputs.commit_sha }}
5858
fetch-depth: 0

.github/workflows/release-bins.yml

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@ jobs:
3939
RUSTUP_TOOLCHAIN: stable-${{ matrix.arch }}
4040
steps:
4141
- name: Harden the runner (Audit all outbound calls)
42-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
42+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
4343
with:
4444
egress-policy: audit
4545
- name: Get github app token
@@ -49,7 +49,7 @@ jobs:
4949
app-id: ${{ vars.GH_APP_ID }}
5050
private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
5151
- name: Checkout sources
52-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
52+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
5353
with:
5454
ref: ${{ env.TAG }}
5555
token: ${{ steps.gh-app-token.outputs.token }}
@@ -67,7 +67,7 @@ jobs:
6767
openzeppelin-monitor-${{ env.TAG }}-${{ matrix.arch }}.tar.gz \
6868
openzeppelin-monitor
6969
- name: Upload artifact
70-
uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
70+
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
7171
with:
7272
name: openzeppelin-monitor-${{ matrix.arch }}
7373
path: |
@@ -88,7 +88,7 @@ jobs:
8888
TAG: ${{ needs.build.outputs.release_tag }}
8989
steps:
9090
- name: Harden the runner (Audit all outbound calls)
91-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
91+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
9292
with:
9393
egress-policy: audit
9494
- name: Get github app token
@@ -98,12 +98,12 @@ jobs:
9898
app-id: ${{ vars.GH_APP_ID }}
9999
private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
100100
- name: Checkout sources
101-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
101+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
102102
with:
103103
ref: ${{ env.TAG }}
104104
token: ${{ steps.gh-app-token.outputs.token }}
105105
- name: Download artifacts
106-
uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v7.0.0
106+
uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0
107107
with:
108108
pattern: openzeppelin-monitor-*
109109
path: artifacts

.github/workflows/release-docker.yml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ jobs:
1818
SLACK_CHANNEL: '#oss-releases'
1919
steps:
2020
- name: Harden the runner (Audit all outbound calls)
21-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
21+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
2222
with:
2323
egress-policy: audit
2424
- name: Slack notification
@@ -30,7 +30,7 @@ jobs:
3030
message: Starting docker build and push to dockerhub for ${{ github.repository }} with tag ${{ inputs.tag }}......
3131
if: always()
3232
- name: Checkout release branch
33-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
33+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
3434
with:
3535
ref: ${{ inputs.tag }}
3636
- name: Docker meta
@@ -54,7 +54,7 @@ jobs:
5454
env:
5555
DOCKER_METADATA_SHORT_SHA_LENGTH: 10
5656
- name: Login to Dockerhub
57-
uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef
57+
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9
5858
with:
5959
username: ${{ vars.DOCKERHUB_USERNAME }}
6060
password: ${{ secrets.DOCKERHUB_PAT }}
@@ -65,7 +65,7 @@ jobs:
6565
- name: Set Up Docker Buildx
6666
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
6767
- name: Build Docker image
68-
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
68+
uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
6969
id: build
7070
with:
7171
context: .
@@ -93,7 +93,7 @@ jobs:
9393
push-to-registry: false
9494
github-token: ${{ steps.gh-app-token.outputs.token }}
9595
- name: Docker Hub Description
96-
uses: peter-evans/dockerhub-description@cc307723041342d9253937d12db1fff65b63db90
96+
uses: peter-evans/dockerhub-description@07bcfe556c56334af3254ad0b450d72c64cc282b
9797
with:
9898
username: ${{ vars.DOCKERHUB_USERNAME }}
9999
password: ${{ secrets.DOCKERHUB_PAT }}

.github/workflows/release-docs.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ jobs:
2929
TAG: ${{ inputs.tag || github.event.inputs.tag }}
3030
steps:
3131
- name: Harden the runner (Audit all outbound calls)
32-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
32+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
3333
with:
3434
egress-policy: audit
3535
- name: Get github app token
@@ -39,7 +39,7 @@ jobs:
3939
app-id: ${{ vars.GH_APP_ID }}
4040
private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
4141
- name: Checkout tag
42-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
42+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
4343
with:
4444
ref: ${{ env.TAG }}
4545
token: ${{ steps.gh-app-token.outputs.token }}
@@ -81,7 +81,7 @@ jobs:
8181
echo "PR_TITLE=${PR_TITLE:-}" >> $GITHUB_OUTPUT
8282
- name: Create Pull Request for Docs
8383
if: ${{ steps.validate_tag.outputs.PR_TITLE != '' }}
84-
uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725 # v8.0.0
84+
uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
8585
with:
8686
token: ${{ steps.gh-app-token.outputs.token }}
8787
title: ${{ steps.validate_tag.outputs.PR_TITLE }}

.github/workflows/release-please.yml

Lines changed: 5 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ jobs:
2525
SLACK_CHANNEL: '#oss-releases'
2626
steps:
2727
- name: Harden the runner (Audit all outbound calls)
28-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
28+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
2929
with:
3030
egress-policy: audit
3131
- name: Get github app token
@@ -43,7 +43,7 @@ jobs:
4343
message: Starting release please workflow for ${{ github.repository }}
4444
if: always()
4545
- name: Checkout release branch
46-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
46+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
4747
with:
4848
fetch-depth: 0
4949
token: ${{ steps.gh-app-token.outputs.token }}
@@ -118,7 +118,7 @@ jobs:
118118
if: ${{ needs.release-please.outputs.release_created == 'false' && needs.release-please.outputs.pr_created == 'true' }}
119119
steps:
120120
- name: Harden the runner (Audit all outbound calls)
121-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
121+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
122122
with:
123123
egress-policy: audit
124124
- name: Get github app token
@@ -132,7 +132,7 @@ jobs:
132132
run: |
133133
echo "pr head branch name: >>>>> ${{ needs.release-please.outputs.release_branch }}"
134134
- name: Checkout release branch
135-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
135+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
136136
with:
137137
fetch-depth: 2
138138
token: ${{ steps.gh-app-token.outputs.token }}
@@ -157,7 +157,7 @@ jobs:
157157
fi
158158
- name: Commit cargo update
159159
if: steps.lock-file-commit.outputs.cargo_changed == 'true'
160-
uses: iarekylew00t/verified-bot-commit@d7e8eea1f154881e1f9d70a3fd933e740148b7f4 # v2.1.1
160+
uses: iarekylew00t/verified-bot-commit@b001460501aa4890e4429832db1cdf63e364f162 # v2.1.6
161161
with:
162162
message: 'chore: Updating lock file'
163163
token: ${{ steps.gh-app-token.outputs.token }}

.github/workflows/release-sbom.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ jobs:
1717
SLACK_CHANNEL: '#oss-releases'
1818
steps:
1919
- name: Harden the runner (Audit all outbound calls)
20-
uses: step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76 # v2.14.0
20+
uses: step-security/harden-runner@a90bcbc6539c36a85cdfeb73f7e2f433735f215b # v2.15.0
2121
with:
2222
egress-policy: audit
2323
- name: Get github app token
@@ -27,7 +27,7 @@ jobs:
2727
app-id: ${{ vars.GH_APP_ID }}
2828
private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
2929
- name: Checkout tag
30-
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
30+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
3131
with:
3232
ref: ${{ inputs.tag }}
3333
token: ${{ steps.gh-app-token.outputs.token }}
@@ -40,7 +40,7 @@ jobs:
4040
message: Starting generating sbom for ${{ github.repository }} with tag ${{ inputs.tag }}......
4141
if: always()
4242
- name: Run SBOM
43-
uses: anchore/sbom-action@0b82b0b1a22399a1c542d4d656f70cd903571b5c # v0.21.1
43+
uses: anchore/sbom-action@17ae1740179002c89186b61233e0f892c3118b11 # v0.23.0
4444
with:
4545
upload-artifact-retention: 7
4646
upload-release-assets: false

0 commit comments

Comments
 (0)