contentful · roryscarson · Sep 21, 2023 · Sep 21, 2023 · roryscarson · Sep 21, 2023
diff --git a/.github/workflows/postmerge.yaml b/.github/workflows/postmerge.yaml
@@ -10,7 +10,7 @@ jobs:
   codeql:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - uses: github/codeql-action/init@v2
       with:
         languages: go
@@ -19,7 +19,7 @@ jobs:
   scorecard:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - uses: ossf/[email protected]
       with:
         results_file: results.sarif

diff --git a/.github/workflows/pr.yaml b/.github/workflows/pr.yaml
@@ -6,7 +6,7 @@ jobs:
   lint:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - uses: actions/setup-go@v4
       with:
         go-version: '1.20'
@@ -17,7 +17,7 @@ jobs:
   build:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - uses: actions/setup-go@v4
       with:
         go-version: '1.20'
@@ -26,7 +26,7 @@ jobs:
   test:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - uses: actions/setup-go@v4
       with:
         go-version: '1.20'
@@ -36,5 +36,5 @@ jobs:
   dependency-review:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - uses: actions/dependency-review-action@v3
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
@@ -14,7 +14,7 @@ jobs:
   release:
     runs-on: ubuntu-20.04
     steps:
-      - uses: actions/checkout@8e5e7e5ab8b370d6c329ec480221332ada57f0ab # v3.5.2
+      - uses: actions/checkout@v4 # v3.5.2
 
       - uses: actions/setup-go@fac708d6674e30b6ba41289acaab6d4b75aa0753 # v4.0.1
         with:

diff --git a/.github/workflows/sast.yaml b/.github/workflows/sast.yaml
@@ -14,7 +14,7 @@ jobs:
     if: (github.repository_owner == 'contentful') && (endsWith(github.actor, '[bot]') == false)
     steps:
       - name: Clone repo
-        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4
+        uses: actions/checkout@v4 # v4
         with:
           fetch-depth: 0