diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 0fba75d0..8c4d8045 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -34,7 +34,7 @@ jobs: sum.golang.org:443 - name: Check out code into the Go module directory - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v2.4.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v2.4.0 - name: golangci-lint uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v2 @@ -72,7 +72,7 @@ jobs: id: go - name: Check out code into the Go module directory - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v2.4.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v2.4.0 with: fetch-depth: 0 diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 0b60225f..d2d9dbf0 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -53,7 +53,7 @@ jobs: uploads.github.com:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v2.4.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v2.4.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/codespell.yml b/.github/workflows/codespell.yml index a6ac6631..af0fd402 100644 --- a/.github/workflows/codespell.yml +++ b/.github/workflows/codespell.yml @@ -34,7 +34,7 @@ jobs: github.com:443 - name: Checkout Code - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v2.4.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v2.4.0 with: # Full git history is needed to get a proper list of changed files within `super-linter` fetch-depth: 0 diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 136d429e..a43b3ebb 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -16,7 +16,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: 'Checkout Repository' - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 - name: 'Dependency Review' uses: actions/dependency-review-action@0659a74c94536054bfa5aeb92241f70d680cc78e diff --git a/.github/workflows/gitlabsync.yml b/.github/workflows/gitlabsync.yml index d4d47a65..6e267703 100644 --- a/.github/workflows/gitlabsync.yml +++ b/.github/workflows/gitlabsync.yml @@ -24,7 +24,7 @@ jobs: github.com:443 gitlab.com:443 - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v2 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v2 with: fetch-depth: 0 diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index b3b5907d..f7952757 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -41,7 +41,7 @@ jobs: zrdfepirv2blaprdstr01a.blob.core.windows.net:443 - name: Checkout Code - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v2 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v2 with: # Full git history is needed to get a proper list of changed files within `super-linter` fetch-depth: 0 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3ec48b14..8386a46e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -71,7 +71,7 @@ jobs: id: go - name: Check out code into the Go module directory - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v2.4.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v2.4.0 with: fetch-depth: 0 diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml index 9022d3c3..db4bc485 100644 --- a/.github/workflows/scan.yml +++ b/.github/workflows/scan.yml @@ -38,7 +38,7 @@ jobs: snyk.io:443 - name: Checkout code - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v2.4.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v2.4.0 - name: Run Snyk to check for vulnerabilities uses: snyk/actions/golang@b98d498629f1c368650224d6d212bf7dfa89e4bf # master @@ -74,7 +74,7 @@ jobs: snyk.io:443 - name: Checkout Source - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v2 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v2 - name: Run Gosec Security Scanner uses: securego/gosec@d4617f51baf75f4f809066386a4f9d27b3ac3e46 # master diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 3d721f06..7ed55570 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -47,7 +47,7 @@ jobs: www.bestpractices.dev:443 - name: "Checkout code" - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v2.4.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v2.4.0 with: persist-credentials: false diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index f9594d0e..4280a6b7 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -24,7 +24,7 @@ jobs: metrics.semgrep.dev:443 semgrep.dev:443 - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v2 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v2 - uses: returntocorp/semgrep-action@713efdd345f3035192eaa63f56867b88e63e4e5d # v1 with: diff --git a/.github/workflows/snyk.yml b/.github/workflows/snyk.yml index b9cd464e..ccc03e2a 100644 --- a/.github/workflows/snyk.yml +++ b/.github/workflows/snyk.yml @@ -29,7 +29,7 @@ jobs: proxy.golang.org:443 snyk.io:443 - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v2.4.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v2.4.0 - name: Run Snyk to check for vulnerabilities uses: snyk/actions/golang@b98d498629f1c368650224d6d212bf7dfa89e4bf # master