From 28c66e90adb2e509031c1994af77514ac9665761 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 9 May 2024 23:31:51 +0200
Subject: [PATCH] chore(deps): update github actions (#3)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
[](https://renovatebot.com)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.2` -> `v4.1.5` |
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.4` -> `v4.1.5` |
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.1` -> `v4.1.5` |
|
[actions/create-github-app-token](https://togithub.com/actions/create-github-app-token)
| action | minor | `v1.9.3` -> `v1.10.0` |
|
[amannn/action-semantic-pull-request](https://togithub.com/amannn/action-semantic-pull-request)
| action | minor | `v5.4.0` -> `v5.5.2` |
|
[aquasecurity/trivy-action](https://togithub.com/aquasecurity/trivy-action)
| action | minor | `0.19.0` -> `0.20.0` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | minor | `v3.24.10` -> `v3.25.4` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | patch | `v3.25.3` -> `v3.25.4` |
|
[hashicorp/setup-terraform](https://togithub.com/hashicorp/setup-terraform)
| action | minor | `v3.0.0` -> `v3.1.1` |
| rhysd/actionlint | container | minor | `1.6.27` -> `1.7.0` |
|
[streetsidesoftware/cspell-action](https://togithub.com/streetsidesoftware/cspell-action)
| action | minor | `v6.1.0` -> `v6.2.0` |
---
### Release Notes
actions/checkout (actions/checkout)
###
[`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5)
[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5)
#### What's Changed
- Update NPM dependencies by
[@cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703)
- Bump github/codeql-action from 2 to 3 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694)
- Bump actions/setup-node from 1 to 4 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696)
- Bump actions/upload-artifact from 2 to 4 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695)
- README: Suggest `user.email` to be
`41898282+github-actions[bot]@users.noreply.github.com` by
[@cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707)
**Full Changelog**:
https://github.com/actions/checkout/compare/v4.1.4...v4.1.5
###
[`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414)
[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4)
- Disable `extensions.worktreeConfig` when disabling `sparse-checkout`
by [@jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1692](https://togithub.com/actions/checkout/pull/1692)
- Add dependabot config by
[@cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1688](https://togithub.com/actions/checkout/pull/1688)
- Bump the minor-actions-dependencies group with 2 updates by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1693](https://togithub.com/actions/checkout/pull/1693)
- Bump word-wrap from 1.2.3 to 1.2.5 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1643](https://togithub.com/actions/checkout/pull/1643)
###
[`v4.1.3`](https://togithub.com/actions/checkout/releases/tag/v4.1.3)
[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.2...v4.1.3)
#### What's Changed
- Update `actions/checkout` version in `update-main-version.yml` by
[@jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1650](https://togithub.com/actions/checkout/pull/1650)
- Check git version before attempting to disable `sparse-checkout` by
[@jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1656](https://togithub.com/actions/checkout/pull/1656)
- Add SSH user parameter by
[@cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1685](https://togithub.com/actions/checkout/pull/1685)
**Full Changelog**:
https://github.com/actions/checkout/compare/v4.1.2...v4.1.3
actions/create-github-app-token
(actions/create-github-app-token)
###
[`v1.10.0`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.10.0)
[Compare
Source](https://togithub.com/actions/create-github-app-token/compare/v1.9.3...v1.10.0)
##### Features
- **`private-key`:** escaped newlines will be replaced
([#132](https://togithub.com/actions/create-github-app-token/issues/132))
([9d23fb9](https://togithub.com/actions/create-github-app-token/commit/9d23fb93dd620572046d85c7c1032b488c12514f))
amannn/action-semantic-pull-request
(amannn/action-semantic-pull-request)
###
[`v5.5.2`](https://togithub.com/amannn/action-semantic-pull-request/releases/tag/v5.5.2)
[Compare
Source](https://togithub.com/amannn/action-semantic-pull-request/compare/v5.5.1...v5.5.2)
##### Bug Fixes
- Bump tar from 6.1.11 to 6.2.1
([#262](https://togithub.com/amannn/action-semantic-pull-request/issues/262)
by [@EelcoLos](https://togithub.com/EelcoLos))
([9a90d5a](https://togithub.com/amannn/action-semantic-pull-request/commit/9a90d5a5ac979326e3bb9272750cdd4f192ce24a))
###
[`v5.5.1`](https://togithub.com/amannn/action-semantic-pull-request/releases/tag/v5.5.1)
[Compare
Source](https://togithub.com/amannn/action-semantic-pull-request/compare/v5.5.0...v5.5.1)
##### Bug Fixes
- Bump ip from 2.0.0 to 2.0.1
([#263](https://togithub.com/amannn/action-semantic-pull-request/issues/263)
by [@EelcoLos](https://togithub.com/EelcoLos))
([5e7e9ac](https://togithub.com/amannn/action-semantic-pull-request/commit/5e7e9acca3ddc6a9d7b640fe1f905c4fff131f4a))
###
[`v5.5.0`](https://togithub.com/amannn/action-semantic-pull-request/releases/tag/v5.5.0)
[Compare
Source](https://togithub.com/amannn/action-semantic-pull-request/compare/v5.4.0...v5.5.0)
##### Features
- Add outputs for `type`, `scope` and `subject`
([#261](https://togithub.com/amannn/action-semantic-pull-request/issues/261)
by [@bcaurel](https://togithub.com/bcaurel))
([b05f5f6](https://togithub.com/amannn/action-semantic-pull-request/commit/b05f5f6423ef5cdfc7fdff00c4c10dd9a4f54aff))
aquasecurity/trivy-action (aquasecurity/trivy-action)
###
[`v0.20.0`](https://togithub.com/aquasecurity/trivy-action/compare/0.19.0...0.20.0)
[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.19.0...0.20.0)
github/codeql-action (github/codeql-action)
###
[`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)
###
[`v3.25.3`](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3)
###
[`v3.25.2`](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2)
###
[`v3.25.1`](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1)
###
[`v3.25.0`](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.25.0)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.25.0)
hashicorp/setup-terraform (hashicorp/setup-terraform)
###
[`v3.1.1`](https://togithub.com/hashicorp/setup-terraform/releases/tag/v3.1.1)
[Compare
Source](https://togithub.com/hashicorp/setup-terraform/compare/v3.1.0...v3.1.1)
BUG FIXES:
- wrapper: Fix wrapper to output to stdout and stderr immediately when
data is received
([#395](https://togithub.com/hashicorp/setup-terraform/issues/395))
###
[`v3.1.0`](https://togithub.com/hashicorp/setup-terraform/releases/tag/v3.1.0)
[Compare
Source](https://togithub.com/hashicorp/setup-terraform/compare/v3.0.0...v3.1.0)
ENHANCEMENTS:
- Automatically fallback to darwin/amd64 for Terraform versions before
1.0.2 as releases for darwin/arm64 are not available
([#409](https://togithub.com/hashicorp/setup-terraform/issues/409))
streetsidesoftware/cspell-action
(streetsidesoftware/cspell-action)
###
[`v6.2.0`](https://togithub.com/streetsidesoftware/cspell-action/releases/tag/v6.2.0)
[Compare
Source](https://togithub.com/streetsidesoftware/cspell-action/compare/v6.1.0...v6.2.0)
##### Features
- Update CSpell version (8.7.0)
([#1670](https://togithub.com/streetsidesoftware/cspell-action/issues/1670))
([10f5944](https://togithub.com/streetsidesoftware/cspell-action/commit/10f59442a0216115037e026f2cfeb416482ce4e8))
##### Updates and Bug Fixes
- Workflow Bot -- Update ALL Dependencies (main)
([#1649](https://togithub.com/streetsidesoftware/cspell-action/issues/1649))
([b36e1ce](https://togithub.com/streetsidesoftware/cspell-action/commit/b36e1cee35c5cc3c30dcf39d0a6845a6ce0d5b1a))
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Enabled.
â™» **Rebasing**: Whenever PR is behind base branch, or you tick the
rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.
---
- [ ] If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/Hapag-Lloyd/Workflow-Templates).
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
.github/workflows/default_linter_callable.yml | 16 ++++++++--------
.../workflows/default_pull_request_callable.yml | 4 ++--
.github/workflows/default_release_callable.yml | 2 +-
.../default_release_dry_run_callable.yml | 2 +-
.../default_slash_ops_command_help_callable.yml | 2 +-
.github/workflows/default_spelling_callable.yml | 4 ++--
.../docker_dockerhub_release_callable.yml | 6 +++---
.github/workflows/maven_java_callable.yml | 2 +-
.github/workflows/maven_release_callable.yml | 2 +-
.../workflows/maven_release_dry_run_callable.yml | 2 +-
.../terraform_module_terraform_callable.yml | 6 +++---
...terraform_module_terraform_tfsec_callable.yml | 4 ++--
12 files changed, 26 insertions(+), 26 deletions(-)
diff --git a/.github/workflows/default_linter_callable.yml b/.github/workflows/default_linter_callable.yml
index 91f5afe..a788ea6 100644
--- a/.github/workflows/default_linter_callable.yml
+++ b/.github/workflows/default_linter_callable.yml
@@ -56,7 +56,7 @@ jobs:
if: needs.find-changes.outputs.json == 'true'
needs: find-changes
steps:
- - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+ - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Run JSON Lint
run: bash <(curl -s https://raw.githubusercontent.com/CICDToolbox/json-lint/master/pipeline.sh)
@@ -67,7 +67,7 @@ jobs:
if: needs.find-changes.outputs.markdown == 'true'
needs: find-changes
steps:
- - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+ - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Validate Markdown file
run: |
@@ -80,7 +80,7 @@ jobs:
if: needs.find-changes.outputs.renovate-config == 'true'
needs: find-changes
steps:
- - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+ - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- uses: suzuki-shunsuke/github-action-renovate-config-validator@b54483862375f51910a60c4f498e927d4f3df466 # v1.0.1
@@ -88,7 +88,7 @@ jobs:
name: Check shell scripts
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+ - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: ShellCheck
uses: ludeeus/action-shellcheck@00cae500b08a931fb5698e11e79bfbd38e612a38 # 2.0.0
@@ -99,10 +99,10 @@ jobs:
needs: find-changes
if: needs.find-changes.outputs.workflow == 'true'
container:
- image: rhysd/actionlint:1.6.27@sha256:d84eca815fc24f72546ec1f2f416d9500ad3349ce7db098cf7a52256f5fd4384
+ image: rhysd/actionlint:1.7.0@sha256:5acca218639222e4afbc82fc6e9ef56cbe646ade3b07f3f5ec364b638258a244
options: --cpus 1 --user root
steps:
- - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+ - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Validate Github workflows
run: |
@@ -115,7 +115,7 @@ jobs:
needs: find-changes
if: needs.find-changes.outputs.yaml == 'true'
steps:
- - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+ - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: yaml-lint
uses: ibiqlik/action-yamllint@2576378a8e339169678f9939646ee3ee325e845c # v3.1.1
@@ -132,7 +132,7 @@ jobs:
matrix:
file: ${{ fromJson(needs.find-changes.outputs.dockerfile_files) }}
steps:
- - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+ - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Lint Dockerfile
uses: hadolint/hadolint-action@54c9adbab1582c2ef04b2016b760714a4bfde3cf # v3.1.0
with:
diff --git a/.github/workflows/default_pull_request_callable.yml b/.github/workflows/default_pull_request_callable.yml
index 7c6dcbb..ddb48a7 100644
--- a/.github/workflows/default_pull_request_callable.yml
+++ b/.github/workflows/default_pull_request_callable.yml
@@ -21,12 +21,12 @@ jobs:
name: Validate PR title
runs-on: ubuntu-latest
steps:
- - uses: actions/create-github-app-token@7bfa3a4717ef143a604ee0a99d859b8886a96d00 # v1.9.3
+ - uses: actions/create-github-app-token@a0de6af83968303c8c955486bf9739a57d23c7f1 # v1.10.0
id: app-token
with:
app-id: ${{ vars.GET_TOKEN_APP_ID }}
private-key: ${{ secrets.GET_TOKEN_APP_PRIVATE_KEY }}
- - uses: amannn/action-semantic-pull-request@e9fabac35e210fea40ca5b14c0da95a099eff26f # v5.4.0
+ - uses: amannn/action-semantic-pull-request@cfb60706e18bc85e8aec535e3c577abe8f70378e # v5.5.2
env:
GITHUB_TOKEN: ${{ steps.app-token.outputs.token }}
with:
diff --git a/.github/workflows/default_release_callable.yml b/.github/workflows/default_release_callable.yml
index 9997a20..ea70a15 100644
--- a/.github/workflows/default_release_callable.yml
+++ b/.github/workflows/default_release_callable.yml
@@ -21,7 +21,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.4
+ uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
fetch-depth: 0
diff --git a/.github/workflows/default_release_dry_run_callable.yml b/.github/workflows/default_release_dry_run_callable.yml
index a8d2b61..80d4899 100644
--- a/.github/workflows/default_release_dry_run_callable.yml
+++ b/.github/workflows/default_release_dry_run_callable.yml
@@ -21,7 +21,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout dry branch
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.4
+ uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
ref: release-dry-run
diff --git a/.github/workflows/default_slash_ops_command_help_callable.yml b/.github/workflows/default_slash_ops_command_help_callable.yml
index 78e532d..9dac483 100644
--- a/.github/workflows/default_slash_ops_command_help_callable.yml
+++ b/.github/workflows/default_slash_ops_command_help_callable.yml
@@ -17,7 +17,7 @@ jobs:
name: "ChatOps: /help"
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+ - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Choose maintainer
id: vars
diff --git a/.github/workflows/default_spelling_callable.yml b/.github/workflows/default_spelling_callable.yml
index 17512f6..a0917f3 100644
--- a/.github/workflows/default_spelling_callable.yml
+++ b/.github/workflows/default_spelling_callable.yml
@@ -14,8 +14,8 @@ jobs:
cspell:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+ - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- - uses: streetsidesoftware/cspell-action@ca4bb065dd09aca9c90c935f7dc9bb625985226c # v6.1.0
+ - uses: streetsidesoftware/cspell-action@807d7d92b7057593a2de102168506f298405339d # v6.2.0
with:
config: .config/cspell.json
diff --git a/.github/workflows/docker_dockerhub_release_callable.yml b/.github/workflows/docker_dockerhub_release_callable.yml
index 338f5e3..20b7d11 100644
--- a/.github/workflows/docker_dockerhub_release_callable.yml
+++ b/.github/workflows/docker_dockerhub_release_callable.yml
@@ -37,7 +37,7 @@ jobs:
IMAGE_NAME: hlag/${{ inputs.image-name }}
steps:
- name: Checkout
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.4
+ uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Configure Tags
uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
id: meta
@@ -68,13 +68,13 @@ jobs:
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Run Trivy vulnerability scanner
- uses: aquasecurity/trivy-action@d710430a6722f083d3b36b8339ff66b32f22ee55 # 0.19.0
+ uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # 0.20.0
with:
image-ref: ${{ env.IMAGE_NAME }}:trivy-scan
format: "sarif"
output: "trivy-results.sarif"
- name: Upload Trivy scan results to GitHub Security tab
- uses: github/codeql-action/upload-sarif@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.25.3
+ uses: github/codeql-action/upload-sarif@ccf74c947955fd1cf117aef6a0e4e66191ef6f61 # v3.25.4
if: ${{ inputs.upload-security-scan-results }}
with:
sarif_file: "trivy-results.sarif"
diff --git a/.github/workflows/maven_java_callable.yml b/.github/workflows/maven_java_callable.yml
index e413904..401346f 100644
--- a/.github/workflows/maven_java_callable.yml
+++ b/.github/workflows/maven_java_callable.yml
@@ -14,7 +14,7 @@ jobs:
build:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.4
+ - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Set up JDK 21
uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1
with:
diff --git a/.github/workflows/maven_release_callable.yml b/.github/workflows/maven_release_callable.yml
index de61a64..4ee78cc 100644
--- a/.github/workflows/maven_release_callable.yml
+++ b/.github/workflows/maven_release_callable.yml
@@ -29,7 +29,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.4
+ uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
fetch-depth: 0
diff --git a/.github/workflows/maven_release_dry_run_callable.yml b/.github/workflows/maven_release_dry_run_callable.yml
index 63e68c2..daa9760 100644
--- a/.github/workflows/maven_release_dry_run_callable.yml
+++ b/.github/workflows/maven_release_dry_run_callable.yml
@@ -29,7 +29,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Checkout dry branch
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.4
+ uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
with:
ref: release-dry-run
diff --git a/.github/workflows/terraform_module_terraform_callable.yml b/.github/workflows/terraform_module_terraform_callable.yml
index 37f7961..98e95f6 100644
--- a/.github/workflows/terraform_module_terraform_callable.yml
+++ b/.github/workflows/terraform_module_terraform_callable.yml
@@ -31,9 +31,9 @@ jobs:
run:
working-directory: ${{ matrix.directories }}
steps:
- - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+ - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- - uses: hashicorp/setup-terraform@a1502cd9e758c50496cc9ac5308c4843bcd56d36 # v3.0.0
+ - uses: hashicorp/setup-terraform@651471c36a6092792c552e8b1bef71e592b462d8 # v3.1.1
with:
terraform_version: ${{ matrix.terraform }}
@@ -46,7 +46,7 @@ jobs:
tflint:
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+ - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
name: Cache plugin dir
diff --git a/.github/workflows/terraform_module_terraform_tfsec_callable.yml b/.github/workflows/terraform_module_terraform_tfsec_callable.yml
index 7db54da..eccea33 100644
--- a/.github/workflows/terraform_module_terraform_tfsec_callable.yml
+++ b/.github/workflows/terraform_module_terraform_tfsec_callable.yml
@@ -23,7 +23,7 @@ jobs:
steps:
- name: Clone repo
- uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
+ uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5
- name: Run tfsec
uses: tfsec/tfsec-sarif-action@21ded20e8ca120cd9d3d6ab04ef746477542a608 # v0.1.4
@@ -31,7 +31,7 @@ jobs:
sarif_file: tfsec.sarif
- name: Upload SARIF file
- uses: github/codeql-action/upload-sarif@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
+ uses: github/codeql-action/upload-sarif@ccf74c947955fd1cf117aef6a0e4e66191ef6f61 # v3.25.4
with:
# Path to SARIF file relative to the root of the repository
sarif_file: tfsec.sarif