diff --git a/.github/workflows/conformance.yml b/.github/workflows/conformance.yml index 1442c3ad..1d66ded9 100644 --- a/.github/workflows/conformance.yml +++ b/.github/workflows/conformance.yml @@ -18,7 +18,7 @@ jobs: name: PHP ${{ matrix.php-version }} Conformance Test steps: - name: Harden Runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 with: egress-policy: block allowed-endpoints: > @@ -51,7 +51,7 @@ jobs: go-version: '1.20' - name: Run HTTP conformance tests - uses: GoogleCloudPlatform/functions-framework-conformance/action@5f2a796b58f099d749e70ecc83f531f6701c64af # v1.8.3 + uses: GoogleCloudPlatform/functions-framework-conformance/action@72a4f36b10f1c6435ab1a86a9ea24bda464cc262 # v1.8.6 env: FUNCTION_TARGET: 'httpFunc' FUNCTION_SIGNATURE_TYPE: 'http' @@ -62,7 +62,7 @@ jobs: cmd: "'php -S localhost:8080 router.php'" - name: Run Declarative HTTP conformance tests - uses: GoogleCloudPlatform/functions-framework-conformance/action@5f2a796b58f099d749e70ecc83f531f6701c64af # v1.8.3 + uses: GoogleCloudPlatform/functions-framework-conformance/action@72a4f36b10f1c6435ab1a86a9ea24bda464cc262 # v1.8.6 env: FUNCTION_TARGET: 'declarativeHttpFunc' FUNCTION_SOURCE: ${{ github.workspace }}/tests/conformance/index.php @@ -72,7 +72,7 @@ jobs: cmd: "'php -S localhost:8080 router.php'" - name: Run Declarative Typed conformance tests - uses: GoogleCloudPlatform/functions-framework-conformance/action@5f2a796b58f099d749e70ecc83f531f6701c64af # v1.8.3 + uses: GoogleCloudPlatform/functions-framework-conformance/action@72a4f36b10f1c6435ab1a86a9ea24bda464cc262 # v1.8.6 env: FUNCTION_TARGET: 'declarativeTypedFunc' FUNCTION_SOURCE: ${{ github.workspace }}/tests/conformance/index.php @@ -83,7 +83,7 @@ jobs: cmd: "'php -S localhost:8080 router.php'" - name: Run CloudEvent conformance tests - uses: GoogleCloudPlatform/functions-framework-conformance/action@5f2a796b58f099d749e70ecc83f531f6701c64af # v1.8.3 + uses: GoogleCloudPlatform/functions-framework-conformance/action@72a4f36b10f1c6435ab1a86a9ea24bda464cc262 # v1.8.6 env: FUNCTION_TARGET: 'cloudEventFunc' FUNCTION_SIGNATURE_TYPE: 'cloudevent' @@ -95,7 +95,7 @@ jobs: cmd: "'php -S localhost:8080 router.php'" - name: Run Declarative CloudEvent conformance tests - uses: GoogleCloudPlatform/functions-framework-conformance/action@e42b1533877f1b639f508ec7fbcfb5be31aca663 # v1.2.1 + uses: GoogleCloudPlatform/functions-framework-conformance/action@72a4f36b10f1c6435ab1a86a9ea24bda464cc262 # v1.8.6 env: FUNCTION_TARGET: 'declarativeCloudEventFunc' FUNCTION_SOURCE: ${{ github.workspace }}/tests/conformance/index.php diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 44074845..d1249c4c 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 with: disable-sudo: true egress-policy: block @@ -26,6 +26,6 @@ jobs: github.com:443 - name: 'Checkout Repository' - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 # v3.5.0 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 - name: 'Dependency Review' uses: actions/dependency-review-action@0efb1d1d84fc9633afcdaad14c485cbbc90ef46c # v2.5.1 diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml index 756bbfe4..97555963 100644 --- a/.github/workflows/lint.yaml +++ b/.github/workflows/lint.yaml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Harden Runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 with: disable-sudo: true egress-policy: block diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 63dcdd67..084eb9a7 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Harden Runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 with: disable-sudo: true egress-policy: block @@ -41,12 +41,12 @@ jobs: rekor.sigstore.dev:443 - name: "Checkout code" - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@99c53751e09b9529366343771cc321ec74e9bd3d # v2.0.6 + uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 with: results_file: results.sarif results_format: sarif @@ -58,6 +58,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@807578363a7869ca324a79039e6db9c843e0e100 # v2.1.27 + uses: github/codeql-action/upload-sarif@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5 with: sarif_file: results.sarif diff --git a/.github/workflows/unit.yml b/.github/workflows/unit.yml index c263b9b0..3ef94640 100644 --- a/.github/workflows/unit.yml +++ b/.github/workflows/unit.yml @@ -17,7 +17,7 @@ jobs: name: PHP ${{ matrix.php-versions }} Unit Test steps: - name: Harden Runner - uses: step-security/harden-runner@8ca2b8b2ece13480cda6dacd3511b49857a23c09 # v2.5.1 + uses: step-security/harden-runner@1b05615854632b887b69ae1be8cbefe72d3ae423 # v2.6.0 with: egress-policy: block allowed-endpoints: >