diff --git a/.github/workflows/benchmark-testing.yaml b/.github/workflows/benchmark-testing.yaml index 9fff8c76ac5..c749bdcbe2a 100644 --- a/.github/workflows/benchmark-testing.yaml +++ b/.github/workflows/benchmark-testing.yaml @@ -17,7 +17,7 @@ jobs: # the job by event. steps: - name: Checkout code - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Bootstrap environment uses: ./.github/actions/bootstrap diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index b02e5a3b0a2..51c80c4fdfc 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 - name: Install Go uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 #v5.0.2 diff --git a/.github/workflows/detect-schema-changes.yaml b/.github/workflows/detect-schema-changes.yaml index 1241d687bd5..77e211a5644 100644 --- a/.github/workflows/detect-schema-changes.yaml +++ b/.github/workflows/detect-schema-changes.yaml @@ -30,7 +30,7 @@ jobs: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 - run: python .github/scripts/labeler.py env: diff --git a/.github/workflows/release-version-file.yaml b/.github/workflows/release-version-file.yaml index 6635a053f12..cc18ef4189d 100644 --- a/.github/workflows/release-version-file.yaml +++ b/.github/workflows/release-version-file.yaml @@ -20,7 +20,7 @@ jobs: release: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 - name: Update version file run: make ci-release-version-file diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index bf3e7db4983..b581dc147bf 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -15,7 +15,7 @@ jobs: environment: release runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 - name: Check if running on main if: github.ref != 'refs/heads/main' @@ -105,7 +105,7 @@ jobs: # required for goreleaser signs section with cosign id-token: write steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 with: fetch-depth: 0 diff --git a/.github/workflows/test-fixture-cache-publish.yaml b/.github/workflows/test-fixture-cache-publish.yaml index 3144a0b6bc5..bd23cf1ce40 100644 --- a/.github/workflows/test-fixture-cache-publish.yaml +++ b/.github/workflows/test-fixture-cache-publish.yaml @@ -18,7 +18,7 @@ jobs: permissions: packages: write steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 - name: Bootstrap environment uses: ./.github/actions/bootstrap diff --git a/.github/workflows/update-bootstrap-tools.yml b/.github/workflows/update-bootstrap-tools.yml index 5ae63dd0823..04bbeb26199 100644 --- a/.github/workflows/update-bootstrap-tools.yml +++ b/.github/workflows/update-bootstrap-tools.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest if: github.repository == 'anchore/syft' # only run for main repo steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 - name: Bootstrap environment uses: ./.github/actions/bootstrap diff --git a/.github/workflows/update-cpe-dictionary-index.yml b/.github/workflows/update-cpe-dictionary-index.yml index 2bc9ff5db67..5f7de622cbf 100644 --- a/.github/workflows/update-cpe-dictionary-index.yml +++ b/.github/workflows/update-cpe-dictionary-index.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest if: github.repository == 'anchore/syft' # only run for main repo steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 - name: Bootstrap environment uses: ./.github/actions/bootstrap diff --git a/.github/workflows/update-stereoscope-release.yml b/.github/workflows/update-stereoscope-release.yml index 2c136b23d33..6ea3bb6fab3 100644 --- a/.github/workflows/update-stereoscope-release.yml +++ b/.github/workflows/update-stereoscope-release.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest if: github.repository == 'anchore/syft' # only run for main repo steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 #v5.0.2 with: diff --git a/.github/workflows/validations.yaml b/.github/workflows/validations.yaml index 0413e16371a..c028492c722 100644 --- a/.github/workflows/validations.yaml +++ b/.github/workflows/validations.yaml @@ -17,7 +17,7 @@ jobs: name: "Static analysis" runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 - name: Bootstrap environment uses: ./.github/actions/bootstrap @@ -31,7 +31,7 @@ jobs: name: "Unit tests" runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 - name: Bootstrap environment uses: ./.github/actions/bootstrap @@ -47,7 +47,7 @@ jobs: name: "Integration tests" runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 - name: Bootstrap environment uses: ./.github/actions/bootstrap @@ -65,7 +65,7 @@ jobs: name: "Build snapshot artifacts" runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 - name: Bootstrap environment uses: ./.github/actions/bootstrap @@ -95,7 +95,7 @@ jobs: needs: [Build-Snapshot-Artifacts] runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 - name: Bootstrap environment uses: ./.github/actions/bootstrap @@ -141,7 +141,7 @@ jobs: - name: Install Cosign uses: sigstore/cosign-installer@v3.6.0 - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 - name: Bootstrap environment uses: ./.github/actions/bootstrap @@ -178,7 +178,7 @@ jobs: needs: [Build-Snapshot-Artifacts] runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 - name: Bootstrap environment uses: ./.github/actions/bootstrap @@ -215,7 +215,7 @@ jobs: - Acceptance-Mac - Cli-Linux steps: - - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7 + - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 - name: Delete snapshot cache run: gh cache delete "snapshot-build-${{ github.run_id }}"