chore(deps): update github-actions (#446)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
chgl · Aug 1, 2024 · 3a35fe9 · 3a35fe9
1 parent 1e60fa1
commit 3a35fe9
Show file tree

Hide file tree

Showing 4 changed files with 11 additions and 11 deletions.
diff --git a/.github/workflows/check-links.yaml b/.github/workflows/check-links.yaml
@@ -14,7 +14,7 @@ jobs:
     permissions:
       issues: write
     steps:
-      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Link Checker
         id: lychee

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -12,7 +12,7 @@ permissions: read-all
 
 jobs:
   build:
-    uses: chgl/.github/.github/workflows/standard-build.yaml@5ee4bf1d08ab0eddbb74eb3f3b8feba6928ee88b # v1.5.31
+    uses: chgl/.github/.github/workflows/standard-build.yaml@7a1bdb5002269260fe339631451eee02f02867f4 # v1.7.4
     permissions:
       contents: read
       id-token: write
@@ -27,7 +27,7 @@ jobs:
       github-token: ${{ secrets.GITHUB_TOKEN }}
 
   lint:
-    uses: chgl/.github/.github/workflows/standard-lint.yaml@5ee4bf1d08ab0eddbb74eb3f3b8feba6928ee88b # v1.5.31
+    uses: chgl/.github/.github/workflows/standard-lint.yaml@7a1bdb5002269260fe339631451eee02f02867f4 # v1.7.4
     permissions:
       contents: read
       pull-requests: write
@@ -40,7 +40,7 @@ jobs:
       github-token: ${{ secrets.GITHUB_TOKEN }}
 
   release:
-    uses: chgl/.github/.github/workflows/standard-release.yaml@5ee4bf1d08ab0eddbb74eb3f3b8feba6928ee88b # v1.5.31
+    uses: chgl/.github/.github/workflows/standard-release.yaml@7a1bdb5002269260fe339631451eee02f02867f4 # v1.7.4
     needs:
       - build
     permissions:
@@ -57,7 +57,7 @@ jobs:
     needs:
       - build
     steps:
-      - uses: imjasonh/setup-crane@00c9e93efa4e1138c9a7a5c594acd6c75a2fbf0c # v0.3
+      - uses: imjasonh/setup-crane@31b88efe9de28ae0ffa220711af4b60be9435f6e # v0.4
       - name: Login to DockerHub
         env:
           DOCKERHUB_TOKEN: "${{ secrets.DOCKERHUB_TOKEN }}"

diff --git a/.github/workflows/daily-trivy-scan.yaml b/.github/workflows/daily-trivy-scan.yaml
@@ -14,7 +14,7 @@ jobs:
       security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
     steps:
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # 0.21.0
+        uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # 0.24.0
         with:
           image-ref: "ghcr.io/chgl/kube-powertools:latest"
           format: "template"
@@ -23,6 +23,6 @@ jobs:
           severity: "CRITICAL,HIGH"
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7
+        uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
         with:
           sarif_file: "trivy-results.sarif"
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -32,12 +32,12 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3
+        uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
         with:
           results_file: results.sarif
           results_format: sarif
@@ -59,14 +59,14 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
+        uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4
         with:
           name: SARIF file
           path: results.sarif
           retention-days: 5
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7
+        uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
         with:
           sarif_file: results.sarif