ci: use digest pinning (#23)

* ci: use `digest pinning` * ci: rename `deps-review.yml` * ci(pre-commit): skip `golangci-lint` * style: disable `depguard` linter
DeadNews · Jun 3, 2023 · 79e7d5a · 79e7d5a
1 parent ebb7b19
commit 79e7d5a
Show file tree

Hide file tree

Showing 5 changed files with 13 additions and 21 deletions.
diff --git a/.github/workflows/dependency-review.yml → .github/workflows/deps-review.yml b/.github/workflows/dependency-review.yml → .github/workflows/deps-review.yml
@@ -1,4 +1,4 @@
-name: Dependency Review
+name: Deps Review
 
 on:
   pull_request:
@@ -7,7 +7,8 @@ permissions:
   contents: read
 
 jobs:
-  dependency-review:
+  deps-review:
+    name: Deps Review
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v3

diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -21,7 +21,7 @@ jobs:
       - uses: actions/setup-go@v4
 
       - name: Lint code
-        uses: golangci/golangci-lint-action@v3.4.0
+        uses: golangci/golangci-lint-action@5f1fec7010f6ae3b84ea4f7b2129beb8639b564f # v3.5.0
         with:
           version: latest
 
@@ -59,7 +59,7 @@ jobs:
 
       - name: Upload coverage to Codecov
         if: matrix.os == 'ubuntu-latest' && matrix.go == '1.20'
-        uses: codecov/codecov-action@v3.1.4
+        uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4
 
   goreleaser:
     name: GoReleaser
@@ -76,7 +76,7 @@ jobs:
       - uses: actions/setup-go@v4
 
       - name: Run GoReleaser
-        uses: goreleaser/goreleaser-action@v4.2.0
+        uses: goreleaser/goreleaser-action@f82d6c1c344bcacabba2c841718984797f664a6b # v4.2.0
         with:
           version: latest
           args: release --rm-dist

diff --git a/.golangci.yaml b/.golangci.yaml
@@ -3,7 +3,6 @@ linters:
   disable-all: true
   enable:
     - bodyclose
-    - depguard
     - dogsled
     - dupl
     - errcheck

diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -2,6 +2,7 @@ ci:
   autofix_commit_msg: "chore: auto fixes from `pre-commit` hooks"
   autoupdate_commit_msg: "chore(pre-commit): autoupdate"
   autoupdate_schedule: quarterly
+  skip: [golangci-lint]
 
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
@@ -22,12 +23,12 @@ repos:
       - id: prettier
 
   - repo: https://github.com/crate-ci/typos
-    rev: v1.14.11
+    rev: v1.14.12
     hooks:
       - id: typos
 
   - repo: https://github.com/python-jsonschema/check-jsonschema
-    rev: 0.23.0
+    rev: 0.23.1
     hooks:
       - id: check-github-workflows
       - id: check-renovate
@@ -37,7 +38,7 @@ repos:
     hooks:
       - id: gitleaks
 
-  # - repo: https://github.com/golangci/golangci-lint
-  #   rev: v1.52.2
-  #   hooks:
-  #     - id: golangci-lint
+  - repo: https://github.com/golangci/golangci-lint
+    rev: v1.53.1
+    hooks:
+      - id: golangci-lint
diff --git a/go.sum b/go.sum
@@ -1,19 +1,10 @@
-github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
-github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
-github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
-github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
-github.com/stretchr/testify v1.8.2 h1:+h33VjcLVPDHtOdpUCuF+7gSuG3yGIftsP1YvFihtJ8=
-github.com/stretchr/testify v1.8.2/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
 github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
 github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=