diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8ffe960..ca916b8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: persist-credentials: false @@ -24,7 +24,7 @@ jobs: cache: true - name: goreleaser - uses: goreleaser/goreleaser-action@9c156ee8a17a598857849441385a2041ef570552 # pin@v6 + uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # pin@v6 with: install-only: true diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index 3ac81b6..284dcf6 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -11,7 +11,7 @@ jobs: # If you want to clone the repository as part of your setup steps, for example to install dependencies, you'll need the `contents: read` permission. If you don't clone the repository in your setup steps, Copilot will do this for you automatically after the steps complete. contents: read steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: persist-credentials: false diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 88673fd..bd11c71 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: persist-credentials: false diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 7c60850..4c9a8b4 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: persist-credentials: false diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 0759a26..9a623af 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -18,7 +18,7 @@ jobs: steps: - name: checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # pin@v4 + uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # pin@v4 with: fetch-depth: 0 persist-credentials: false @@ -33,7 +33,7 @@ jobs: run: script/bootstrap - name: goreleaser - uses: goreleaser/goreleaser-action@9c156ee8a17a598857849441385a2041ef570552 # pin@v6 + uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # pin@v6 with: args: release --clean env: @@ -53,12 +53,12 @@ jobs: attestations: write contents: read steps: - - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 + - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 with: artifact-ids: ${{ needs.release.outputs.artifact-id }} - name: attest build provenance - uses: actions/attest-build-provenance@v2.4.0 + uses: actions/attest-build-provenance@v3.0.0 with: subject-path: "." @@ -67,7 +67,7 @@ jobs: runs-on: ubuntu-latest needs: [release, sign] steps: - - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 + - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 with: artifact-ids: ${{ needs.release.outputs.artifact-id }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 8c4d0d8..ca56964 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 with: persist-credentials: false