diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1e24883..bcbe4a8 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -17,7 +17,7 @@ jobs: fetch-depth: 0 - name: Setup .NET - uses: actions/setup-dotnet@3e891b0cb619bf60e2c25674b222b8940e2c1c25 # v4.1.0 + uses: actions/setup-dotnet@3951f0dfe7a07e2313ec93c75700083e2005cbab # v4.3.0 with: dotnet-version: 6.0.x @@ -47,7 +47,7 @@ jobs: dotnet pack src/Fdc3.AppDirectory/Finos.Fdc3.AppDirectory.csproj --no-build --configuration Release --output packages - name: Upload - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 with: name: package path: packages/*.nupkg diff --git a/.github/workflows/cve-scanning.yml b/.github/workflows/cve-scanning.yml index 0d5b811..bc1e8db 100644 --- a/.github/workflows/cve-scanning.yml +++ b/.github/workflows/cve-scanning.yml @@ -33,7 +33,7 @@ jobs: --enableRetired - name: Upload Test results if: ${{ always() }} - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 with: name: Depcheck report path: ${{ github.workspace }}/reports diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 9a6f908..a49f13e 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -59,7 +59,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 + uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 with: name: SARIF file path: results.sarif