diff --git a/.github/workflows/deps-update.yml b/.github/workflows/deps-update.yml index 771a15b0..bdf3433d 100644 --- a/.github/workflows/deps-update.yml +++ b/.github/workflows/deps-update.yml @@ -12,7 +12,7 @@ jobs: changes-needed: ${{ steps.is-tree-dirty.outputs.result }} steps: - name: Checkout repository - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Set up Go id: setup-go uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v5 @@ -76,7 +76,7 @@ jobs: pull-requests: write steps: - name: Checkout repository - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Download patches uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v4 with: diff --git a/.github/workflows/docsite.yml b/.github/workflows/docsite.yml index 57f57841..5c244f29 100644 --- a/.github/workflows/docsite.yml +++ b/.github/workflows/docsite.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 with: lfs: true submodules: recursive @@ -51,7 +51,7 @@ jobs: steps: # Check out so that actions/configure-pages can access repository details... - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Download Artifact uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v4 with: diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index c1a786b1..afdfff51 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -19,7 +19,7 @@ jobs: id-token: write steps: - name: "Checkout code" - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 with: persist-credentials: false - name: "Run analysis" @@ -37,6 +37,6 @@ jobs: retention-days: 5 # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v3 + uses: github/codeql-action/upload-sarif@19b2f06db2b6f5108140aeb04014ef02b648f789 # v3 with: sarif_file: results.sarif diff --git a/.github/workflows/pr-labeler.yml b/.github/workflows/pr-labeler.yml index 5e296764..258d85f9 100644 --- a/.github/workflows/pr-labeler.yml +++ b/.github/workflows/pr-labeler.yml @@ -11,7 +11,7 @@ jobs: pull-requests: write # Needed to update labels steps: - name: Check out - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Setup go uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v5 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 61d5c4b4..01d346e9 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -17,7 +17,7 @@ jobs: contents: write # To be able to create draft releases steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Setup go uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v5 with: @@ -86,7 +86,7 @@ jobs: contents: write # To be able to create new tags steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 with: ref: ${{ github.event.release.target_commitish }} - name: Setup go diff --git a/.github/workflows/sast.yml b/.github/workflows/sast.yml index 8deb9177..145c6870 100644 --- a/.github/workflows/sast.yml +++ b/.github/workflows/sast.yml @@ -26,15 +26,15 @@ jobs: packages: read steps: - name: Checkout repository - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v3 + uses: github/codeql-action/init@19b2f06db2b6f5108140aeb04014ef02b648f789 # v3 with: languages: go build-mode: autobuild - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@cdefb33c0f6224e58673d9004f47f7cb3e328b89 # v3 + uses: github/codeql-action/analyze@19b2f06db2b6f5108140aeb04014ef02b648f789 # v3 with: category: "/language:go" # Currently, the upload fails for merge group checks, but still run the checks... diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index fccb100f..8f59c591 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -23,7 +23,7 @@ jobs: has-patch: ${{ steps.is-tree-dirty.outputs.result }} steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Setup go id: setup-go uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v5 @@ -105,7 +105,7 @@ jobs: if: always() && needs.generate.outputs.has-patch == 'true' && github.event_name == 'pull_request' && (github.event.pull_request.head.repo.full_name == github.repository || github.event.pull_request.maintainer_can_modify) steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 with: ref: ${{ github.event.pull_request.head.ref }} repository: ${{ github.event.pull_request.head.repo.full_name }} @@ -140,7 +140,7 @@ jobs: name: Linters steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Setup go uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v5 with: @@ -149,7 +149,7 @@ jobs: - name: Verify license headers run: go run ./_tools/headercheck/header_check.go - name: Check documentation for misspellings - uses: crate-ci/typos@65120634e79d8374d1aa2f27e54baa0c364fff5a # v1.42.1 + uses: crate-ci/typos@a1d64977b4aa1709d6328d518aa753f4899352d8 # v1.42.2 lint-go: needs: generate name: GolangCI Lint (${{ matrix.runs-on }} | ${{ matrix.working-directory || 'main' }}) @@ -161,7 +161,7 @@ jobs: runs-on: ${{ matrix.runs-on }} steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Setup go uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v5 with: @@ -181,7 +181,7 @@ jobs: name: GitHub Workflow Linters steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Ensure SHA pinned actions uses: zgosalvez/github-actions-ensure-sha-pinned-actions@6124774845927d14c601359ab8138699fa5b70c3 # v3 with: @@ -204,7 +204,7 @@ jobs: name: Makefile Linters steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Setup go uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v5 with: @@ -223,7 +223,7 @@ jobs: name: Format Check steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Setup go uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v5 with: @@ -255,7 +255,7 @@ jobs: name: Unit tests (go ${{ matrix.go-version }}, ${{ matrix.runs-on }}) steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Setup Go id: setup-go uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v5 @@ -303,7 +303,7 @@ jobs: fail-fast: false steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Setup go id: setup-go uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v5 @@ -328,7 +328,7 @@ jobs: name: Benchmark Report steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Setup go id: setup-go uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v5 @@ -361,7 +361,7 @@ jobs: integration-tests: name: Integration Tests needs: generate - uses: DataDog/dd-trace-go/.github/workflows/orchestrion.yml@e5d6064117ee77b1dc688a3257fb3f5230e4ec24 # ratchet:DataDog/dd-trace-go/.github/workflows/orchestrion.yml@main + uses: DataDog/dd-trace-go/.github/workflows/orchestrion.yml@e3349082ecb3db03a872e6ce8b5dfcbbe7d7707a # ratchet:DataDog/dd-trace-go/.github/workflows/orchestrion.yml@main with: collect-coverage: ${{ github.event_name != 'merge_group' }} orchestrion-version: ${{ github.sha }} @@ -380,7 +380,7 @@ jobs: go-version: [oldstable, stable] steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Setup Go uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v5 with: @@ -438,7 +438,7 @@ jobs: steps: - name: Checkout if: github.event_name != 'merge_group' && !(github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork) - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Download codecov CLI id: codecov-cli if: github.event_name != 'merge_group' && !(github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork) @@ -563,7 +563,7 @@ jobs: matrix: ${{ fromJson(needs.coverage-matrix.outputs.matrix) }} steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Download Artifacts uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v4 with: @@ -582,7 +582,7 @@ jobs: if: github.event_name != 'merge_group' && !(github.event_name == 'pull_request' && github.event.pull_request.head.repo.fork) steps: - name: Checkout - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4 - name: Download codecov CLI id: codecov-cli uses: ./.github/actions/codecov-cli