diff --git a/.github/workflows/push.yaml b/.github/workflows/push.yaml index 78ceb837..accab0f3 100644 --- a/.github/workflows/push.yaml +++ b/.github/workflows/push.yaml @@ -20,7 +20,7 @@ jobs: - name: Checkout uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Setup Cosign - uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0 + uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0 - name: Setup Timoni uses: ./actions/setup - name: Login to GHCR diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index b044240f..e659de0b 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -64,7 +64,7 @@ jobs: - name: Checkout uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Setup Cosign - uses: sigstore/cosign-installer@59acb6260d9c0ba8f4a2f9d9b48431a222b68e20 # v3.5.0 + uses: sigstore/cosign-installer@4959ce089c160fddf62f7b42464195ba1a56d382 # v3.6.0 - name: Setup Timoni uses: ./actions/setup - name: Login to GHCR diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml index cc25531d..a678efe2 100644 --- a/.github/workflows/scan.yml +++ b/.github/workflows/scan.yml @@ -28,10 +28,10 @@ jobs: **/go.sum **/go.mod - name: Init - uses: github/codeql-action/init@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/init@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 with: languages: go - name: Build - uses: github/codeql-action/autobuild@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/autobuild@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 - name: Analyze - uses: github/codeql-action/analyze@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/analyze@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0