diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e659066d..5025d675 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -283,7 +283,7 @@ jobs: run: ./autogen.sh - name: Build & test - uses: vmactions/freebsd-vm@8873d98fd1413b5977cb2f7348fe329775159892 # v1.1.9 + uses: vmactions/freebsd-vm@c3ae29a132c8ef1924775414107a97cac042aad5 # v1.2.0 with: envs: 'CFLAGS_GCC_STYLE' usesh: true @@ -497,7 +497,7 @@ jobs: if-no-files-found: error - name: Attest - uses: actions/attest-build-provenance@c074443f1aee8d4aeeae555aebba3282517141b2 # v2.2.3 + uses: actions/attest-build-provenance@db473fddc028af60658334401dc6fa3ffd8669fd # v2.3.0 if: | github.event_name != 'pull_request' && (startsWith(github.ref, 'refs/heads/release/') || @@ -575,7 +575,7 @@ jobs: if-no-files-found: error - name: Upload report to Codecov - uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v5.4.0 + uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d # v5.4.2 with: token: ${{ secrets.CODECOV_TOKEN }} fail_ci_if_error: true diff --git a/.github/workflows/clang-analyzer.yml b/.github/workflows/clang-analyzer.yml index 56f75197..ad4b10c0 100644 --- a/.github/workflows/clang-analyzer.yml +++ b/.github/workflows/clang-analyzer.yml @@ -66,7 +66,7 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13 + uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 with: sarif_file: build/clang.sarif category: clang-analyzer diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 18702e97..29322f45 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -49,7 +49,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13 + uses: github/codeql-action/init@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -60,7 +60,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13 + uses: github/codeql-action/autobuild@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -74,4 +74,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13 + uses: github/codeql-action/analyze@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 diff --git a/.github/workflows/dev.yml b/.github/workflows/dev.yml index b2417719..a6cbf37f 100644 --- a/.github/workflows/dev.yml +++ b/.github/workflows/dev.yml @@ -430,7 +430,7 @@ jobs: - name: Prepare run: ./autogen.sh - - uses: uraimo/run-on-arch-action@4141da824ffb5eda88d221d9cf835f6a61ed98d9 # v3.0.0 + - uses: uraimo/run-on-arch-action@d94c13912ea685de38fccc1109385b83fd79427d # v3.0.1 name: Configure, build, and test with: arch: ${{ matrix.arch }} diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index a896184b..32e0f420 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -52,7 +52,7 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@1b549b9259bda1cb5ddde3b41741a82a2d15a841 # v3.28.13 + uses: github/codeql-action/upload-sarif@28deaeda66b76a05916b6923827895f2b14ab387 # v3.28.16 with: sarif_file: results.sarif category: ossf-scorecard