From 55a93def1a0a6c59cc93e7a9669254bc01749f42 Mon Sep 17 00:00:00 2001
From: Saylor Berman <s.berman@f5.com>
Date: Wed, 12 Nov 2025 11:16:34 -0700
Subject: [PATCH] Update compliances-rules to latest version

---
 .github/workflows/ci.yml              | 4 ++--
 .github/workflows/codeql-analysis.yml | 2 +-
 .github/workflows/mend.yml            | 2 +-
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 94fcd0caaf..a564eab2ba 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -374,7 +374,7 @@ jobs:
 
       - name: Generate Assertion Document
         id: assertiondoc
-        uses: nginxinc/compliance-rules/.github/actions/assertion@b0bda4baf00b030fd4e365821878b4857078e494
+        uses: nginxinc/compliance-rules/.github/actions/assertion@0aab935582c35a00e2c671d8fe25b7fdd72a927b # v0.3.1
         with:
           artifact-name: ${{ github.event.repository.name }}_${{ github.sha }}_${{ github.run_number }}_${{ matrix.gateway.os }}_${{ matrix.gateway.arch }}
           artifact-digest: ${{ matrix.gateway.digest }}
@@ -393,7 +393,7 @@ jobs:
 
       - name: Sign and Store Assertion Document
         id: sign
-        uses: nginxinc/compliance-rules/.github/actions/sign@b0bda4baf00b030fd4e365821878b4857078e494
+        uses: nginxinc/compliance-rules/.github/actions/sign@0aab935582c35a00e2c671d8fe25b7fdd72a927b # v0.3.1
         with:
           assertion-doc: ${{ steps.assertiondoc.outputs.assertion-document-path }}
 
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 34718d6230..d4cb436767 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -26,6 +26,6 @@ jobs:
       actions: read # for github/codeql-action/init to get workflow details
       contents: read # for actions/checkout to fetch code
       security-events: write # for github/codeql-action/autobuild to send a status report
-    uses: nginxinc/compliance-rules/.github/workflows/codeql.yml@a27656f8f9a8748085b434ebe007f5b572709aad # v0.2
+    uses: nginxinc/compliance-rules/.github/workflows/codeql.yml@0aab935582c35a00e2c671d8fe25b7fdd72a927b # v0.3.1
     with:
       requested_languages: go,javascript-typescript,actions
diff --git a/.github/workflows/mend.yml b/.github/workflows/mend.yml
index 6dc3e7098b..2b06e1d9e2 100644
--- a/.github/workflows/mend.yml
+++ b/.github/workflows/mend.yml
@@ -32,7 +32,7 @@ permissions:
 jobs:
   mend:
     if: ${{ (github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork == false) || (github.event_name == 'push' && github.event.repository.fork == false) }}
-    uses: nginxinc/compliance-rules/.github/workflows/mend.yml@a27656f8f9a8748085b434ebe007f5b572709aad # v0.2
+    uses: nginxinc/compliance-rules/.github/workflows/mend.yml@0aab935582c35a00e2c671d8fe25b7fdd72a927b # v0.3.1
     secrets: inherit
     with:
       product_name: nginx-gateway-fabric_${{ github.ref_name }}