From 360b79b4def4b76d23916119405e6e31d302bbb2 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Tue, 21 Nov 2023 20:16:06 +0000 Subject: [PATCH] chore(deps): update github-actions (#1135) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/codeql-analysis.yml | 6 +++--- .github/workflows/dev-aws-ecr.yml | 4 ++-- .github/workflows/node-ci.yml | 2 +- .github/workflows/semantic-pr.yml | 2 +- .github/workflows/storybook-deploy.yml | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 5bfac5628..13964b0e7 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -41,7 +41,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2 + uses: github/codeql-action/init@66b90a5db151a8042fa97405c6cf843bbe433f7b # v2 with: languages: javascript # If you wish to specify custom queries, you can do so here or in a config file. @@ -54,7 +54,7 @@ jobs: id: engines - name: Set up node - uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3 + uses: actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7 # v3 with: node-version: ${{ steps.engines.outputs.nodeVersion }} @@ -65,4 +65,4 @@ jobs: run: yarn build - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2 + uses: github/codeql-action/analyze@66b90a5db151a8042fa97405c6cf843bbe433f7b # v2 diff --git a/.github/workflows/dev-aws-ecr.yml b/.github/workflows/dev-aws-ecr.yml index a790225b2..554953e55 100644 --- a/.github/workflows/dev-aws-ecr.yml +++ b/.github/workflows/dev-aws-ecr.yml @@ -108,7 +108,7 @@ jobs: ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }} ECR_REPOSITORY: portal-client IMAGE_TAG: ${{ github.sha }} - uses: aquasecurity/trivy-action@fbd16365eb88e12433951383f5e99bd901fc618f # 0.12.0 + uses: aquasecurity/trivy-action@2b6a709cf9c4025c5438138008beaddbb02086f0 # 0.14.0 with: image-ref: '${{ steps.login-ecr.outputs.registry }}/portal-client:${{ github.sha }}' format: 'sarif' @@ -116,6 +116,6 @@ jobs: ignore-unfixed: true - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@0116bc2df50751f9724a2e35ef1f24d22f90e4e1 # v2 + uses: github/codeql-action/upload-sarif@66b90a5db151a8042fa97405c6cf843bbe433f7b # v2 with: sarif_file: 'trivy-results.sarif' diff --git a/.github/workflows/node-ci.yml b/.github/workflows/node-ci.yml index 54b81010b..8754059c0 100644 --- a/.github/workflows/node-ci.yml +++ b/.github/workflows/node-ci.yml @@ -28,7 +28,7 @@ jobs: id: engines - name: Set up node - uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3 + uses: actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7 # v3 with: node-version: ${{ steps.engines.outputs.nodeVersion }} diff --git a/.github/workflows/semantic-pr.yml b/.github/workflows/semantic-pr.yml index 43cd8425b..034bd12f5 100644 --- a/.github/workflows/semantic-pr.yml +++ b/.github/workflows/semantic-pr.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Lint pr title - uses: amannn/action-semantic-pull-request@47b15d52c5c30e94a17ec87eb8dd51ff5221fed9 # v5.3.0 + uses: amannn/action-semantic-pull-request@e9fabac35e210fea40ca5b14c0da95a099eff26f # v5.4.0 with: wip: true types: | diff --git a/.github/workflows/storybook-deploy.yml b/.github/workflows/storybook-deploy.yml index 16aa8cf08..c0d84b5a0 100644 --- a/.github/workflows/storybook-deploy.yml +++ b/.github/workflows/storybook-deploy.yml @@ -25,7 +25,7 @@ jobs: id: engines - name: Set up node - uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3 + uses: actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7 # v3 with: node-version: ${{ steps.engines.outputs.nodeVersion }}