diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index f24539791..533700ed7 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -39,7 +39,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@0b21cf2492b6b02c465a3e5d7c473717ad7721ba # v3 + uses: github/codeql-action/init@b7bf0a3ed3ecfa44160715d7c442788f65f0f923 # v3 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -50,7 +50,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@0b21cf2492b6b02c465a3e5d7c473717ad7721ba # v3 + uses: github/codeql-action/autobuild@b7bf0a3ed3ecfa44160715d7c442788f65f0f923 # v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -64,4 +64,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@0b21cf2492b6b02c465a3e5d7c473717ad7721ba # v3 + uses: github/codeql-action/analyze@b7bf0a3ed3ecfa44160715d7c442788f65f0f923 # v3 diff --git a/.github/workflows/reviewdog.yml b/.github/workflows/reviewdog.yml index 4d09d237c..73bc4de2c 100644 --- a/.github/workflows/reviewdog.yml +++ b/.github/workflows/reviewdog.yml @@ -22,7 +22,7 @@ jobs: check-latest: true - name: golangci-lint - uses: reviewdog/action-golangci-lint@f016e796a429b33094d0da6e86af3fa5479afe65 # v2 + uses: reviewdog/action-golangci-lint@8e1117c7d327bbfb1eb7ec8dc2d895d13e6e17c3 # v2 with: github_token: ${{ secrets.github_token }} golangci_lint_flags: "--config=.golangci.yml --verbose --timeout=5m" @@ -45,7 +45,7 @@ jobs: check-latest: true - name: golangci-lint - uses: reviewdog/action-golangci-lint@f016e796a429b33094d0da6e86af3fa5479afe65 # v2 + uses: reviewdog/action-golangci-lint@8e1117c7d327bbfb1eb7ec8dc2d895d13e6e17c3 # v2 with: github_token: ${{ secrets.github_token }} golangci_lint_flags: "--config=.golangci.yml --verbose --timeout=5m" diff --git a/Dockerfile b/Dockerfile index 8f43978d8..792ba281e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,6 @@ # SPDX-License-Identifier: Apache-2.0 -FROM alpine:3.19.0@sha256:51b67269f354137895d43f3b3d810bfacd3945438e94dc5ac55fdac340352f48 as certs +FROM alpine:3.19.1@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b as certs RUN apk add --update --no-cache ca-certificates diff --git a/Dockerfile-alpine b/Dockerfile-alpine index 8eff58ce3..02eed17c4 100644 --- a/Dockerfile-alpine +++ b/Dockerfile-alpine @@ -1,6 +1,6 @@ # SPDX-License-Identifier: Apache-2.0 -FROM alpine:3.19.0@sha256:51b67269f354137895d43f3b3d810bfacd3945438e94dc5ac55fdac340352f48 +FROM alpine:3.19.1@sha256:c5b1261d6d3e43071626931fc004f70149baeba2c8ec672bd4f27761f8e1ad6b RUN apk add --update --no-cache ca-certificates diff --git a/go.mod b/go.mod index 5579388be..e59bf9ca4 100644 --- a/go.mod +++ b/go.mod @@ -9,7 +9,7 @@ require ( github.com/docker/go-units v0.5.0 github.com/gin-gonic/gin v1.9.1 github.com/go-vela/sdk-go v0.22.0 - github.com/go-vela/server v0.22.0 + github.com/go-vela/server v0.22.2 github.com/go-vela/types v0.22.0 github.com/golang-jwt/jwt/v5 v5.2.0 github.com/google/go-cmp v0.6.0 diff --git a/go.sum b/go.sum index baf6e0ae3..cd8b4286c 100644 --- a/go.sum +++ b/go.sum @@ -150,8 +150,8 @@ github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEe github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= github.com/go-vela/sdk-go v0.22.0 h1:zuFa9BVACP5d5hwbm1o4DVny4amcweGYJgSBDV6En8o= github.com/go-vela/sdk-go v0.22.0/go.mod h1:7N0SW+5L4iboP+B6VQ2PlKvW5Tcj/8zRXJVob9nrSko= -github.com/go-vela/server v0.22.0 h1:zzr7g7sm2Z2mn8hAGlD3wqFHzj8rnQCb4KiCIjTyX1I= -github.com/go-vela/server v0.22.0/go.mod h1:DidWsP+FCWot5ePim0jjvQqhaheOKjSMoVtAfXeNTyU= +github.com/go-vela/server v0.22.2 h1:jDlkQBqi4vxmnJkUVIUTdZeUAEoEVejdd6Mkm25QMrs= +github.com/go-vela/server v0.22.2/go.mod h1:DidWsP+FCWot5ePim0jjvQqhaheOKjSMoVtAfXeNTyU= github.com/go-vela/types v0.22.0 h1:JmAQ9Hy4HnOgbgNsNz5x1wu3Myv47KoC0rxR9x36OQ4= github.com/go-vela/types v0.22.0/go.mod h1:ljNY36D6YkpObBbNF7Xslv3oxN4mGuQAwWhnnK/V06I= github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=