diff --git a/.github/workflows/benchmark-testing.yaml b/.github/workflows/benchmark-testing.yaml index 7735a2299..fc0fd5966 100644 --- a/.github/workflows/benchmark-testing.yaml +++ b/.github/workflows/benchmark-testing.yaml @@ -17,7 +17,7 @@ jobs: # the job by event. steps: - name: Checkout code - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Bootstrap environment uses: ./.github/actions/bootstrap diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 40cdaa41f..c87f64936 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -36,7 +36,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1 - name: Install Go uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 #v5.0.2 diff --git a/.github/workflows/detect-schema-changes.yaml b/.github/workflows/detect-schema-changes.yaml index 77e211a56..3058795ba 100644 --- a/.github/workflows/detect-schema-changes.yaml +++ b/.github/workflows/detect-schema-changes.yaml @@ -30,7 +30,7 @@ jobs: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1 - run: python .github/scripts/labeler.py env: diff --git a/.github/workflows/release-version-file.yaml b/.github/workflows/release-version-file.yaml index cc18ef418..5e18b5fde 100644 --- a/.github/workflows/release-version-file.yaml +++ b/.github/workflows/release-version-file.yaml @@ -20,7 +20,7 @@ jobs: release: runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1 - name: Update version file run: make ci-release-version-file diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index b581dc147..4ce1db1d5 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -15,7 +15,7 @@ jobs: environment: release runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1 - name: Check if running on main if: github.ref != 'refs/heads/main' @@ -105,7 +105,7 @@ jobs: # required for goreleaser signs section with cosign id-token: write steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1 with: fetch-depth: 0 diff --git a/.github/workflows/test-fixture-cache-publish.yaml b/.github/workflows/test-fixture-cache-publish.yaml index bd23cf1ce..f5b1c4afa 100644 --- a/.github/workflows/test-fixture-cache-publish.yaml +++ b/.github/workflows/test-fixture-cache-publish.yaml @@ -18,7 +18,7 @@ jobs: permissions: packages: write steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1 - name: Bootstrap environment uses: ./.github/actions/bootstrap diff --git a/.github/workflows/update-bootstrap-tools.yml b/.github/workflows/update-bootstrap-tools.yml index 04bbeb261..adf415797 100644 --- a/.github/workflows/update-bootstrap-tools.yml +++ b/.github/workflows/update-bootstrap-tools.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest if: github.repository == 'anchore/syft' # only run for main repo steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1 - name: Bootstrap environment uses: ./.github/actions/bootstrap diff --git a/.github/workflows/update-cpe-dictionary-index.yml b/.github/workflows/update-cpe-dictionary-index.yml index 5f7de622c..9b492c619 100644 --- a/.github/workflows/update-cpe-dictionary-index.yml +++ b/.github/workflows/update-cpe-dictionary-index.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest if: github.repository == 'anchore/syft' # only run for main repo steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1 - name: Bootstrap environment uses: ./.github/actions/bootstrap diff --git a/.github/workflows/update-stereoscope-release.yml b/.github/workflows/update-stereoscope-release.yml index 6ea3bb6fa..002e3a84e 100644 --- a/.github/workflows/update-stereoscope-release.yml +++ b/.github/workflows/update-stereoscope-release.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest if: github.repository == 'anchore/syft' # only run for main repo steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1 - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 #v5.0.2 with: diff --git a/.github/workflows/validations.yaml b/.github/workflows/validations.yaml index 9ec3e39ef..b33d039aa 100644 --- a/.github/workflows/validations.yaml +++ b/.github/workflows/validations.yaml @@ -17,7 +17,7 @@ jobs: name: "Static analysis" runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1 - name: Bootstrap environment uses: ./.github/actions/bootstrap @@ -31,7 +31,7 @@ jobs: name: "Unit tests" runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1 - name: Bootstrap environment uses: ./.github/actions/bootstrap @@ -47,7 +47,7 @@ jobs: name: "Integration tests" runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1 - name: Bootstrap environment uses: ./.github/actions/bootstrap @@ -65,7 +65,7 @@ jobs: name: "Build snapshot artifacts" runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1 - name: Bootstrap environment uses: ./.github/actions/bootstrap @@ -95,7 +95,7 @@ jobs: needs: [Build-Snapshot-Artifacts] runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1 - name: Bootstrap environment uses: ./.github/actions/bootstrap @@ -141,7 +141,7 @@ jobs: - name: Install Cosign uses: sigstore/cosign-installer@v3.7.0 - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1 - name: Bootstrap environment uses: ./.github/actions/bootstrap @@ -178,7 +178,7 @@ jobs: needs: [Build-Snapshot-Artifacts] runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1 - name: Bootstrap environment uses: ./.github/actions/bootstrap @@ -215,7 +215,7 @@ jobs: - Acceptance-Mac - Cli-Linux steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 #v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1 - name: Delete snapshot cache run: gh cache delete "snapshot-build-${{ github.run_id }}"