diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 23f9d07..74356f4 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -19,7 +19,7 @@ jobs: contents: write # Create releases, tags, and release branches pull-requests: write # Open and update pin README pull requests steps: - - uses: googleapis/release-please-action@5c625bfb5d1ff62eadeeb3772007f7f66fdcf071 # v4.4.1 + - uses: googleapis/release-please-action@45996ed1f6d02564a971a2fa1b5860e934307cf7 # v5.0.0 id: release with: release-type: simple diff --git a/action.yml b/action.yml index 79c368b..773b255 100644 --- a/action.yml +++ b/action.yml @@ -140,7 +140,7 @@ runs: id: osv if: ${{ inputs.enable_osv != 'false' }} continue-on-error: true - uses: google/osv-scanner-action/osv-scanner-action@c51854704019a247608d928f370c98740469d4b5 # v2.3.5 + uses: google/osv-scanner-action/osv-scanner-action@9a498708959aeaef5ef730655706c5a1df1edbc2 # v2.3.8 with: scan-args: ${{ steps.osv-args.outputs.args }} @@ -159,7 +159,7 @@ runs: - name: Upload osv-scanner SARIF to Code Scanning if: ${{ always() && inputs.enable_osv != 'false' && inputs.osv_upload_sarif == 'true' && steps.osv-sarif.outputs.upload == 'true' }} - uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2 + uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 with: sarif_file: ${{ inputs.osv_results_file_name }} category: osv-scanner @@ -195,7 +195,7 @@ runs: - name: Upload Scorecard SARIF to Code Scanning if: ${{ always() && inputs.enable_scorecard == 'true' }} - uses: github/codeql-action/upload-sarif@95e58e9a2cdfd71adc6e0353d5c52f41a045d225 # v4.35.2 + uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 with: sarif_file: scorecard.sarif category: scorecard