Skip to content

Commit

Permalink
Merge branch 'main' into avbalter/support-nuget-unpinned-dependencies
Browse files Browse the repository at this point in the history
  • Loading branch information
balteravishay authored Apr 14, 2023
2 parents 87f0c1e + d0e952c commit 416c737
Show file tree
Hide file tree
Showing 9 changed files with 39 additions and 39 deletions.
8 changes: 4 additions & 4 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -57,12 +57,12 @@ jobs:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

- name: Checkout repository
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL

uses: github/codeql-action/init@d186a2a36cc67bfa1b860e6170d37fb9634742c7 # v1
uses: github/codeql-action/init@7df0ce34898d659f95c0c4a09eaa8d4e32ee64db # v1
with:
languages: ${{ matrix.language }}
queries: +security-extended
Expand All @@ -74,7 +74,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@d186a2a36cc67bfa1b860e6170d37fb9634742c7 # v1
uses: github/codeql-action/autobuild@7df0ce34898d659f95c0c4a09eaa8d4e32ee64db # v1

# ℹ️ Command-line programs to run using the OS shell.
# 📚 https://git.io/JvXDl
Expand All @@ -88,4 +88,4 @@ jobs:
# make release

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@d186a2a36cc67bfa1b860e6170d37fb9634742c7 # v1
uses: github/codeql-action/analyze@7df0ce34898d659f95c0c4a09eaa8d4e32ee64db # v1
2 changes: 1 addition & 1 deletion .github/workflows/depsreview.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,6 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: 'Checkout Repository'
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
- name: 'Dependency Review'
uses: actions/dependency-review-action@f46c48ed6d4f1227fb2d9ea62bf6bcbed315589e
16 changes: 8 additions & 8 deletions .github/workflows/docker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ jobs:
docs_only: ${{ steps.docs_only_check.outputs.docs_only }}
steps:
- name: Check out code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 #v3.5.1
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab #v3.5.2
with:
fetch-depth: 2
- id: files
Expand Down Expand Up @@ -86,7 +86,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -134,7 +134,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -182,7 +182,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -230,7 +230,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -278,7 +278,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -326,7 +326,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -374,7 +374,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/goreleaser.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ jobs:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

- name: Checkout
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Set up Go
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/integration.yml
Original file line number Diff line number Diff line change
Expand Up @@ -42,7 +42,7 @@ jobs:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

- name: pull_request actions/checkout
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
ref: ${{ github.event.pull_request.head.sha }}

Expand Down
40 changes: 20 additions & 20 deletions .github/workflows/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -54,7 +54,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -99,7 +99,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -147,7 +147,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -182,7 +182,7 @@ jobs:
version: ${{ env.PROTOC_VERSION }}
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -230,7 +230,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -278,7 +278,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -326,7 +326,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -374,7 +374,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -422,7 +422,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -470,7 +470,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -518,7 +518,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -566,7 +566,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -614,7 +614,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -662,7 +662,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -710,7 +710,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -745,7 +745,7 @@ jobs:
version: ${{ env.PROTOC_VERSION }}
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -782,7 +782,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -829,7 +829,7 @@ jobs:
restore-keys: |
${{ runner.os }}-go-
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -864,7 +864,7 @@ jobs:
version: ${{ env.PROTOC_VERSION }}
repo-token: ${{ secrets.GITHUB_TOKEN }}
- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- name: Setup Go
Expand Down Expand Up @@ -893,7 +893,7 @@ jobs:
with:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

- uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
- uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
- uses: actions/setup-go@4d34df0c2316fe8122ab82dc22947d607c0c91f9 # v2.2.0
with:
go-version: ${{ env.GO_VERSION }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/publishimage.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ jobs:
egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs

- name: Clone the code
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab
with:
fetch-depth: 0
- name: Setup Go
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/scorecard-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:

steps:
- name: "Checkout code"
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab

- name: "Run analysis"
uses: ossf/scorecard-action@80e868c13c90f172d68d1f4501dee99e2479f7af # v2.1.3
Expand All @@ -47,6 +47,6 @@ jobs:
retention-days: 5

- name: "Upload SARIF results"
uses: github/codeql-action/upload-sarif@d186a2a36cc67bfa1b860e6170d37fb9634742c7 # v1
uses: github/codeql-action/upload-sarif@7df0ce34898d659f95c0c4a09eaa8d4e32ee64db # v1
with:
sarif_file: results.sarif
2 changes: 1 addition & 1 deletion .github/workflows/slsa-goreleaser.yml
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ jobs:
ldflags: ${{ steps.ldflags.outputs.value }}
steps:
- id: checkout
uses: actions/checkout@83b7061638ee4956cf7545a6f7efe594e5ad0247 # v2.3.4
uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v2.3.4
with:
fetch-depth: 0
- id: ldflags
Expand Down

0 comments on commit 416c737

Please sign in to comment.