Skip to content

Commit 4b9d196

Browse files
authored
Merge pull request #1029 from kubernetes/dependabot/github_actions/actions-all-a9188bd723
chore(deps): bump the actions-all group across 1 directory with 4 updates
2 parents 186f018 + cf26716 commit 4b9d196

File tree

4 files changed

+10
-10
lines changed

4 files changed

+10
-10
lines changed

.github/workflows/codeql.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -41,7 +41,7 @@ jobs:
4141

4242
steps:
4343
- name: Harden Runner
44-
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
44+
uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
4545
with:
4646
egress-policy: audit
4747

@@ -50,7 +50,7 @@ jobs:
5050

5151
# Initializes the CodeQL tools for scanning.
5252
- name: Initialize CodeQL
53-
uses: github/codeql-action/init@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
53+
uses: github/codeql-action/init@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
5454
with:
5555
languages: ${{ matrix.language }}
5656
# If you wish to specify custom queries, you can do so here or in a config file.
@@ -60,7 +60,7 @@ jobs:
6060
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
6161
# If this step fails, then you should remove it and run the build manually (see below)
6262
- name: Autobuild
63-
uses: github/codeql-action/autobuild@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
63+
uses: github/codeql-action/autobuild@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
6464

6565
# ℹ️ Command-line programs to run using the OS shell.
6666
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -73,6 +73,6 @@ jobs:
7373
# ./location_of_script_within_repo/buildscript.sh
7474

7575
- name: Perform CodeQL Analysis
76-
uses: github/codeql-action/analyze@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
76+
uses: github/codeql-action/analyze@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
7777
with:
7878
category: "/language:${{matrix.language}}"

.github/workflows/dependency-review.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,7 +17,7 @@ jobs:
1717
runs-on: ubuntu-latest
1818
steps:
1919
- name: Harden Runner
20-
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
20+
uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
2121
with:
2222
egress-policy: audit
2323

.github/workflows/scorecards.yml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -31,7 +31,7 @@ jobs:
3131

3232
steps:
3333
- name: Harden Runner
34-
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
34+
uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
3535
with:
3636
egress-policy: audit
3737

@@ -41,7 +41,7 @@ jobs:
4141
persist-credentials: false
4242

4343
- name: "Run analysis"
44-
uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0
44+
uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1
4545
with:
4646
results_file: results.sarif
4747
results_format: sarif
@@ -63,14 +63,14 @@ jobs:
6363
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
6464
# format to the repository Actions tab.
6565
- name: "Upload artifact"
66-
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
66+
uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
6767
with:
6868
name: SARIF file
6969
path: results.sarif
7070
retention-days: 5
7171

7272
# Upload the results to GitHub's code scanning dashboard.
7373
- name: "Upload to code-scanning"
74-
uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
74+
uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10
7575
with:
7676
sarif_file: results.sarif

.github/workflows/tag-release.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ jobs:
1818
contents: write
1919
steps:
2020
- name: Harden Runner
21-
uses: step-security/harden-runner@c95a14d0e5bab51a9f56296a4eb0e416910cd350 # v2.10.3
21+
uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
2222
with:
2323
egress-policy: audit
2424

0 commit comments

Comments
 (0)