diff --git a/.github/workflows/links.yml b/.github/workflows/links.yml index c635541..09123ea 100644 --- a/.github/workflows/links.yml +++ b/.github/workflows/links.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - name: Setup Pages id: pages @@ -33,7 +33,7 @@ jobs: - name: Link Checker env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - uses: lycheeverse/lychee-action@c053181aa0c3d17606addfe97a9075a32723548a # v1.9.3 + uses: lycheeverse/lychee-action@2b973e86fc7b1f6b36a93795fe2c9c6ae1118621 # v1.10.0 with: args: ". --exclude-path CHANGELOG.md ${{ steps.pages.outputs.base_url }}" fail: true diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index 70ebc74..e8a92c0 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -45,9 +45,10 @@ jobs: runs-on: ubuntu-latest concurrency: group: ${{ github.workflow }}-${{ github.ref }} + permissions: write-all steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - uses: actions/create-github-app-token@7bfa3a4717ef143a604ee0a99d859b8886a96d00 # v1.9.3 id: app-token diff --git a/.mega-linter.yml b/.mega-linter.yml index 24bf598..493531b 100644 --- a/.mega-linter.yml +++ b/.mega-linter.yml @@ -33,7 +33,7 @@ REPOSITORY_DEVSKIM_ARGUMENTS: --ignore-globs CHANGELOG.md --ignore-rule-ids DS16 REPOSITORY_KICS_ARGUMENTS: --fail-on high -REPOSITORY_TRIVY_ARGUMENTS: --ignorefile .trivyignore.yaml --severity HIGH,CRITICAL +REPOSITORY_TRIVY_ARGUMENTS: --ignorefile .trivyignore.yaml --severity HIGH,CRITICAL --ignore-unfixed TERRAFORM_TFLINT_UNSECURED_ENV_VARIABLES: - GITHUB_TOKEN