diff --git a/.github/workflows/build-test.yml b/.github/workflows/build-test.yml index cd14966..5f1a973 100644 --- a/.github/workflows/build-test.yml +++ b/.github/workflows/build-test.yml @@ -21,7 +21,7 @@ jobs: - name: Build Image id: build_image - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 + uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0 with: push: false load: true diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index d0cef2d..05b220a 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -26,16 +26,16 @@ jobs: - name: Initialise CodeQL id: initialise_codeql - uses: github/codeql-action/init@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8 + uses: github/codeql-action/init@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12 with: languages: ${{ matrix.language }} - name: CodeQL Autobuild id: codeql_autobuild - uses: github/codeql-action/autobuild@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8 + uses: github/codeql-action/autobuild@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12 - name: CodeQL Analysis id: codeql_analysis - uses: github/codeql-action/analyze@407ffafae6a767df3e0230c3df91b6443ae8df75 # v2.22.8 + uses: github/codeql-action/analyze@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12 with: category: "language:${{ matrix.language }}" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1200dc1..450f2b5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -35,7 +35,7 @@ jobs: - name: Build and Push id: build_and_push - uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 # v6.2.0 + uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0 with: push: true tags: ghcr.io/${{ github.repository }}:${{ github.ref_name }} diff --git a/.github/workflows/scan-image.yml b/.github/workflows/scan-image.yml index f40441f..d7b0a06 100644 --- a/.github/workflows/scan-image.yml +++ b/.github/workflows/scan-image.yml @@ -22,7 +22,7 @@ jobs: - name: Build Image id: build_image - uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 # v6.2.0 + uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0 with: push: false load: true @@ -30,7 +30,7 @@ jobs: - name: Scan Image id: scan_image - uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0 + uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0 with: image-ref: ollamate exit-code: 1 @@ -42,7 +42,7 @@ jobs: - name: Scan Image (On SARIF Scan Failure) if: failure() && steps.scan_image.outcome == 'failure' id: scan_image_on_failure - uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0 + uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0 with: image-ref: ollamate exit-code: 1 @@ -52,6 +52,6 @@ jobs: - name: Upload SARIF if: always() id: upload_sarif - uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v2.2.7 + uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v2.18.0 with: sarif_file: trivy-results.sarif diff --git a/requirements.dev.txt b/requirements.dev.txt index 05a49f7..08e27da 100644 --- a/requirements.dev.txt +++ b/requirements.dev.txt @@ -1,8 +1,8 @@ -r ./requirements.txt -black==23.10.1 -django-stubs[compatible-mypy]==4.2.6 -flake8==6.1.0 +black==24.4.2 +django-stubs[compatible-mypy]==5.0.2 +flake8==7.1.0 isort==5.12.0 -mypy==1.6.1 +mypy==1.10.1 pre-commit==3.5.0 types-requests==2.31.0