diff --git a/.github/workflows/_config.yml b/.github/workflows/_config.yml index 3b789d9..eea890c 100644 --- a/.github/workflows/_config.yml +++ b/.github/workflows/_config.yml @@ -39,6 +39,6 @@ on: jobs: csv-to-json: name: "Convert CSV to JSON" - uses: felddy/reusable-workflows/.github/workflows/csv-to-json.yml@v2 + uses: felddy/reusable-workflows/.github/workflows/csv-to-json.yml@v3 with: csv: ${{ inputs.platforms }} diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 2233325..28ef7c5 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -27,7 +27,7 @@ permissions: jobs: diagnostics: name: "Diagnostics" - uses: felddy/reusable-workflows/.github/workflows/diagnostics.yml@v2 + uses: felddy/reusable-workflows/.github/workflows/diagnostics.yml@v3 config: name: "Config" @@ -36,7 +36,7 @@ jobs: metadata: name: "Metadata" needs: [config] - uses: felddy/reusable-workflows/.github/workflows/docker-metadata.yml@v2 + uses: felddy/reusable-workflows/.github/workflows/docker-metadata.yml@v3 with: image_name: ${{ needs.config.outputs.image_name }} @@ -60,7 +60,7 @@ jobs: lint: name: "Lint" needs: [config] - uses: felddy/reusable-workflows/.github/workflows/common-lint.yml@v2 + uses: felddy/reusable-workflows/.github/workflows/common-lint.yml@v3 build-test-image: name: "Build test image" @@ -68,7 +68,7 @@ jobs: - config - lint - metadata - uses: felddy/reusable-workflows/.github/workflows/docker-build-image.yml@v2 + uses: felddy/reusable-workflows/.github/workflows/docker-build-image.yml@v3 with: artifact_name: ${{ needs.config.outputs.image_artifact_name_stem }}-${{ needs.config.outputs.test_platform }} build_arg_1_name: VERSION @@ -85,7 +85,7 @@ jobs: needs: - build-test-image - config - uses: felddy/reusable-workflows/.github/workflows/docker-pytest-image.yml@v2 + uses: felddy/reusable-workflows/.github/workflows/docker-pytest-image.yml@v3 with: data_artifact_name: ${{ needs.config.outputs.data_artifact_name }} data_artifact_path: ${{ needs.config.outputs.data_artifact_path }} @@ -105,7 +105,7 @@ jobs: platform: ${{ fromJson(needs.config.outputs.platforms_json) }} exclude: - platform: ${{ needs.config.outputs.test_platform }} - uses: felddy/reusable-workflows/.github/workflows/docker-build-image.yml@v2 + uses: felddy/reusable-workflows/.github/workflows/docker-build-image.yml@v3 with: artifact_name: ${{ needs.config.outputs.image_artifact_name_stem }}-${{ matrix.platform }} build_arg_1_name: VERSION @@ -127,7 +127,7 @@ jobs: strategy: matrix: platform: ${{ fromJson(needs.config.outputs.platforms_json) }} - uses: felddy/reusable-workflows/.github/workflows/sbom-artifact.yml@v2 + uses: felddy/reusable-workflows/.github/workflows/sbom-artifact.yml@v3 with: image_artifact_name: ${{ needs.config.outputs.image_artifact_name_stem }}-${{ matrix.platform }} sbom_artifact_name: ${{ needs.config.outputs.sbom_artifact_name_stem }}-${{ matrix.platform }} @@ -142,7 +142,7 @@ jobs: if: github.event_name != 'pull_request' permissions: packages: write - uses: felddy/reusable-workflows/.github/workflows/docker-multi-arch-push.yml@v2 + uses: felddy/reusable-workflows/.github/workflows/docker-multi-arch-push.yml@v3 with: artifact_name_pattern: ${{ needs.config.outputs.image_artifact_name_stem }}-* image_tags: ${{ needs.metadata.outputs.image_tags }} @@ -158,7 +158,7 @@ jobs: - docker-secrets - metadata if: needs.metadata.outputs.latest == 'true' - uses: felddy/reusable-workflows/.github/workflows/docker-publish-description.yml@v2 + uses: felddy/reusable-workflows/.github/workflows/docker-publish-description.yml@v3 with: image_name: ${{ needs.config.outputs.image_name }} secrets: diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index f3c12e3..5db5e81 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -51,11 +51,11 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # tag=v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # tag=v6.0.1 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2 # tag=codeql-bundle-v4.31.6 + uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # tag=codeql-bundle-v4.31.7 with: languages: ${{ matrix.language }} @@ -65,7 +65,7 @@ jobs: # manually (see below). # manually (see below). - name: Autobuild - uses: github/codeql-action/autobuild@fe4161a26a8629af62121b670040955b330f9af2 # tag=codeql-bundle-v4.31.6 + uses: github/codeql-action/autobuild@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # tag=codeql-bundle-v4.31.7 # ℹī¸ Command-line programs to run using the OS shell. 📚 # https://git.io/JvXDl @@ -83,4 +83,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@fe4161a26a8629af62121b670040955b330f9af2 # tag=codeql-bundle-v4.31.6 + uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # tag=codeql-bundle-v4.31.7 diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 6c30c58..33e39e3 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -16,6 +16,6 @@ jobs: with: # TODO: change to 'egress-policy: block' after couple of runs egress-policy: audit - name: 'Checkout Repository' - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # tag=v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # tag=v6.0.1 - name: 'Dependency Review' uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # tag=v4.8.2 diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index fa1a937..f0c377f 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -28,7 +28,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # tag=v6.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # tag=v6.0.1 with: persist-credentials: false @@ -60,6 +60,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2 # tag=codeql-bundle-v4.31.6 + uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # tag=codeql-bundle-v4.31.7 with: sarif_file: results.sarif diff --git a/.github/workflows/stale-issues.yml b/.github/workflows/stale-issues.yml index 2a55441..046c411 100644 --- a/.github/workflows/stale-issues.yml +++ b/.github/workflows/stale-issues.yml @@ -18,7 +18,7 @@ jobs: with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 # tag=v10.1.0 + - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # tag=v10.1.1 with: days-before-stale: 28 days-before-close: 7 diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml index 9c18914..f7c91d7 100644 --- a/.github/workflows/sync-labels.yml +++ b/.github/workflows/sync-labels.yml @@ -23,7 +23,7 @@ jobs: uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # tag=v2.13.3 with: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # tag=v6.0.0 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # tag=v6.0.1 - name: Sync repository labels if: success() uses: crazy-max/ghaction-github-labeler@24d110aa46a59976b8a7f35518cb7f14f434c916 # tag=v5.3.0