From 6944d6309ed40e84d075241baef1c407fdf0362b Mon Sep 17 00:00:00 2001
From: chris3ware <36608309+chris3ware@users.noreply.github.com>
Date: Tue, 3 Sep 2024 09:58:59 +0100
Subject: [PATCH 1/3] fix(scorecard): Update artifact and sarif upload job
 versions

---
 .github/workflows/scorecard.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml
index e2523aa..488ede1 100644
--- a/.github/workflows/scorecard.yaml
+++ b/.github/workflows/scorecard.yaml
@@ -59,7 +59,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: Upload artifact
-        uses: actions/upload-artifact@97a0fba1372883ab732affbe8f94b823f91727db # v3.pre.node20
+        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
         with:
           name: SARIF file
           path: results.sarif
@@ -68,6 +68,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
       - name: Upload to code-scanning
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@2bbafcdd7fbf96243689e764c2f15d9735164f33 # v3.26.6
         with:
           sarif_file: results.sarif

From f89c74846b27081825b128c9617723f920664f04 Mon Sep 17 00:00:00 2001
From: chris3ware <36608309+chris3ware@users.noreply.github.com>
Date: Tue, 3 Sep 2024 10:02:03 +0100
Subject: [PATCH 2/3] fix(terraform-docs): Update ghcommit action version

---
 .github/workflows/terraform-docs.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/terraform-docs.yaml b/.github/workflows/terraform-docs.yaml
index f7f3bd9..fb35afd 100644
--- a/.github/workflows/terraform-docs.yaml
+++ b/.github/workflows/terraform-docs.yaml
@@ -53,7 +53,7 @@ jobs:
       - name: Push verified commit
         if: ${{ steps.terraform-docs.outputs.num_changed != 0 }}
         id: push-with-sig
-        uses: planetscale/ghcommit-action@v0.1.6
+        uses: planetscale/ghcommit-action@c7915d6c18d5ce4eb42b0eff3f10a29fe0766e4c # v0.1.44
         with:
           commit_message: "docs(terraform): Update ${{ env.TF_DOCS_FILE }}"
           repo: ${{ github.repository }}

From fb49f8f4e2f5ceb7c89b6b33f5d8e3be238b3374 Mon Sep 17 00:00:00 2001
From: chris3ware <36608309+chris3ware@users.noreply.github.com>
Date: Tue, 3 Sep 2024 10:05:24 +0100
Subject: [PATCH 3/3] chore(commitlint): Add security scope

---
 commitlint.config.js | 1 +
 1 file changed, 1 insertion(+)

diff --git a/commitlint.config.js b/commitlint.config.js
index 5345a6f..56aa7ac 100644
--- a/commitlint.config.js
+++ b/commitlint.config.js
@@ -18,6 +18,7 @@ module.exports = {
         "get-workflow-token",
         "lint",
         "pr-title",
+        "security",
         "scorecard",
         "release",
         "terraform-docs",