diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 4baf78f..756b007 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -18,11 +18,11 @@ jobs: with: go-version: stable - run: echo "GOVERSION=$(go version)" >> "$GITHUB_ENV" - - uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0 + - uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0 id: goreleaser with: version: latest - args: build --clean --debug --single-target --snapshot + args: build --clean --verbose --single-target --snapshot - name: Login to GHCR if: github.actor != 'dependabot[bot]' uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 @@ -56,7 +56,7 @@ jobs: with: fetch-depth: 0 - id: ccv - uses: smlx/ccv@c5f6769c943c082c4e8d8ccf2ec4b6f5f517e1f2 # v0.7.3 + uses: smlx/ccv@d3de774e9b607b079940a7a86952f44643743336 # v0.9.0 with: write-tag: false - run: | diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml index cb75737..2c706e1 100644 --- a/.github/workflows/dependency-review.yaml +++ b/.github/workflows/dependency-review.yaml @@ -11,6 +11,6 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - - uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2 + - uses: actions/dependency-review-action@72eb03d02c7872a771aacd928f3123ac62ad6d3a # v4.3.3 with: config-file: .github/dependency-review-config.yaml diff --git a/.github/workflows/ossf-analysis.yaml b/.github/workflows/ossf-analysis.yaml index 04168ec..0d6d3c5 100644 --- a/.github/workflows/ossf-analysis.yaml +++ b/.github/workflows/ossf-analysis.yaml @@ -26,6 +26,6 @@ jobs: # of the value entered here. publish_results: true - name: Upload SARIF results to code scanning - uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: results.sarif diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 9d6ca54..5d000ac 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -18,7 +18,7 @@ jobs: fetch-depth: 0 - name: Bump tag if necessary id: ccv - uses: smlx/ccv@c5f6769c943c082c4e8d8ccf2ec4b6f5f517e1f2 # v0.7.3 + uses: smlx/ccv@d3de774e9b607b079940a7a86952f44643743336 # v0.9.0 release-build: permissions: # create release @@ -55,7 +55,7 @@ jobs: run: mv "$GITHUB_SBOM_PATH" ./sbom.spdx.json env: GITHUB_SBOM_PATH: ${{ steps.sbom.outputs.fileName }} - - uses: goreleaser/goreleaser-action@5742e2a039330cbb23ebf35f046f814d4c6ff811 # v5.1.0 + - uses: goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0 id: goreleaser with: version: latest @@ -71,11 +71,11 @@ jobs: env: ARTIFACTS: ${{steps.goreleaser.outputs.artifacts}} # attest archives - - uses: actions/attest-build-provenance@173725a1209d09b31f9d30a3890cf2757ebbff0d # v1.1.2 + - uses: actions/attest-build-provenance@49df96e17e918a15956db358890b08e61c704919 # v1.2.0 with: subject-path: "dist/*.tar.gz" # attest images - - uses: actions/attest-build-provenance@173725a1209d09b31f9d30a3890cf2757ebbff0d # v1.1.2 + - uses: actions/attest-build-provenance@49df96e17e918a15956db358890b08e61c704919 # v1.2.0 with: subject-digest: ${{steps.image_metadata.outputs.digest}} subject-name: ${{steps.image_metadata.outputs.name}} diff --git a/.goreleaser.yaml b/.goreleaser.yaml index 54192e2..c044a23 100644 --- a/.goreleaser.yaml +++ b/.goreleaser.yaml @@ -1,3 +1,4 @@ +version: 2 builds: - id: lagoon-opensearch-sync binary: lagoon-opensearch-sync