diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index 263b1d1598..597f2c93a6 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -130,10 +130,10 @@ jobs: rm -rf InvenTree/_testfolder - name: Set up QEMU if: github.event_name != 'pull_request' - uses: docker/setup-qemu-action@53851d14592bedcffcf25ea515637cff71ef929a # pin@v3.3.0 + uses: docker/setup-qemu-action@4574d27a4764455b42196d70a065bc6853246a25 # pin@v3.4.0 - name: Set up Docker Buildx if: github.event_name != 'pull_request' - uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # pin@v3.8.0 + uses: docker/setup-buildx-action@f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca # pin@v3.9.0 - name: Set up cosign if: github.event_name != 'pull_request' uses: sigstore/cosign-installer@c56c2d3e59e4281cc41dea2217323ba5694b171e # pin@v3.8.0 diff --git a/.github/workflows/qc_checks.yaml b/.github/workflows/qc_checks.yaml index 886a7b621e..b783c4206b 100644 --- a/.github/workflows/qc_checks.yaml +++ b/.github/workflows/qc_checks.yaml @@ -653,7 +653,7 @@ jobs: env: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # pin@v3 + uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # pin@v3 with: sarif_file: results.sarif category: zizmor diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index b3ed0c666d..5c6a0b386c 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -67,6 +67,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@dd746615b3b9d728a6a37ca2045b68ca76d4841a # v3.28.8 + uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 with: sarif_file: results.sarif