diff --git a/.github/workflows/container-publish.yml b/.github/workflows/container-publish.yml index 795dbe0..d741b80 100644 --- a/.github/workflows/container-publish.yml +++ b/.github/workflows/container-publish.yml @@ -43,17 +43,17 @@ jobs: uses: actions/checkout@v6 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Log in to the Container registry - uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0 + uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 with: registry: ${{ env.REGISTRY }} username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Set Container Metadata - uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 + uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf id: meta with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} @@ -67,7 +67,7 @@ jobs: type=semver,pattern=v{{major}}.{{minor}},value=${{ inputs.version }} - name: Build & Publish Container ${{ env.IMAGE_NAME }} - uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2 + uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 id: build with: file: "${{ inputs.container-file }}" @@ -87,13 +87,13 @@ jobs: # Build provenance attestations - name: Attest Container Image - uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f # v3.2.0 + uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0 with: subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} subject-digest: ${{ steps.build.outputs.digest }} push-to-registry: true # - name: Attest Container SBOM - # uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f # v3.2.0 + # uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0 # with: # subject-path:: '*.spdx.json' diff --git a/.github/workflows/container-security.yml b/.github/workflows/container-security.yml index 3a3e30d..dda672a 100644 --- a/.github/workflows/container-security.yml +++ b/.github/workflows/container-security.yml @@ -38,10 +38,10 @@ jobs: uses: actions/checkout@v6 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0 + uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Build Initial Container - uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2 + uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 id: build with: file: "${{ inputs.container-file }}" @@ -60,7 +60,7 @@ jobs: fail-build: ${{ inputs.scanning-block }} - name: Upload SARIF artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: sarif path: ${{ steps.scan.outputs.sarif }} diff --git a/.github/workflows/markdown-lint.yml b/.github/workflows/markdown-lint.yml index 92efe3b..40b1d41 100644 --- a/.github/workflows/markdown-lint.yml +++ b/.github/workflows/markdown-lint.yml @@ -16,7 +16,7 @@ jobs: uses: actions/checkout@v6 - name: "Filter Changes" - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 + uses: dorny/paths-filter@fbd0ab8f3e69293af611ebaee6363fc25e6d187d id: changes with: filters: | diff --git a/.github/workflows/self-wiki.yml b/.github/workflows/self-wiki.yml index f0deb5a..ccce472 100644 --- a/.github/workflows/self-wiki.yml +++ b/.github/workflows/self-wiki.yml @@ -18,4 +18,4 @@ jobs: - name: Checkout uses: actions/checkout@v6 - - uses: Andrew-Chen-Wang/github-wiki-action@6448478bd55f1f3f752c93af8ac03207eccc3213 + - uses: Andrew-Chen-Wang/github-wiki-action@64efa0a9436db17670a2259e0ac249d6f08bb352