From 935b544fdf5e98e7c441221c82c838e3aaf7ae0d Mon Sep 17 00:00:00 2001 From: PierreDemailly Date: Thu, 23 Nov 2023 18:45:12 +0100 Subject: [PATCH] chore: update GitHub Actions --- .github/workflows/agent.yml | 4 ++-- .github/workflows/codeql.yml | 8 ++++---- .github/workflows/config.yml | 2 +- .github/workflows/discord.yml | 2 +- .github/workflows/logql.yml | 2 +- .github/workflows/morphix.yml | 2 +- .github/workflows/notifiers.yml | 2 +- .github/workflows/scorecard.yml | 4 ++-- .github/workflows/slack.yml | 2 +- .github/workflows/teams.yml | 2 +- 10 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/agent.yml b/.github/workflows/agent.yml index c62ca1c..ae0b80e 100644 --- a/.github/workflows/agent.yml +++ b/.github/workflows/agent.yml @@ -23,12 +23,12 @@ jobs: fail-fast: false steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Use Node.js ${{ matrix.node-version }} - uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3.8.1 + uses: actions/setup-node@8f152de45cc393bb48ce5d89d36b731f54556e65 # v4.0.0 with: node-version: ${{ matrix.node-version }} - name: Install dependencies diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index bac409c..83e10eb 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -45,7 +45,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit @@ -54,7 +54,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5 + uses: github/codeql-action/init@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -68,7 +68,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, Go, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5 + uses: github/codeql-action/autobuild@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -81,6 +81,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5 + uses: github/codeql-action/analyze@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/config.yml b/.github/workflows/config.yml index 2558a04..afcde35 100644 --- a/.github/workflows/config.yml +++ b/.github/workflows/config.yml @@ -21,7 +21,7 @@ jobs: fail-fast: false steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 diff --git a/.github/workflows/discord.yml b/.github/workflows/discord.yml index f80af48..bfda5dc 100644 --- a/.github/workflows/discord.yml +++ b/.github/workflows/discord.yml @@ -21,7 +21,7 @@ jobs: fail-fast: false steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 diff --git a/.github/workflows/logql.yml b/.github/workflows/logql.yml index 52a418b..794319f 100644 --- a/.github/workflows/logql.yml +++ b/.github/workflows/logql.yml @@ -21,7 +21,7 @@ jobs: fail-fast: false steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 diff --git a/.github/workflows/morphix.yml b/.github/workflows/morphix.yml index 3f53ba9..f68c889 100644 --- a/.github/workflows/morphix.yml +++ b/.github/workflows/morphix.yml @@ -21,7 +21,7 @@ jobs: fail-fast: false steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 diff --git a/.github/workflows/notifiers.yml b/.github/workflows/notifiers.yml index fe3343e..b7b12e2 100644 --- a/.github/workflows/notifiers.yml +++ b/.github/workflows/notifiers.yml @@ -21,7 +21,7 @@ jobs: fail-fast: false steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 7221a12..6eb4f6c 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -33,7 +33,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit @@ -73,6 +73,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5 + uses: github/codeql-action/upload-sarif@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8 with: sarif_file: results.sarif diff --git a/.github/workflows/slack.yml b/.github/workflows/slack.yml index 649beee..ecb945b 100644 --- a/.github/workflows/slack.yml +++ b/.github/workflows/slack.yml @@ -21,7 +21,7 @@ jobs: fail-fast: false steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 diff --git a/.github/workflows/teams.yml b/.github/workflows/teams.yml index 294ae1c..855c043 100644 --- a/.github/workflows/teams.yml +++ b/.github/workflows/teams.yml @@ -21,7 +21,7 @@ jobs: fail-fast: false steps: - name: Harden Runner - uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 + uses: step-security/harden-runner@eb238b55efaa70779f274895e782ed17c84f2895 # v2.6.1 with: egress-policy: audit - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1