diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 081a84339..288b48e4a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -195,7 +195,7 @@ jobs: - name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Validate - uses: reviewdog/action-actionlint@e58ee9d111489c31395fbe4857b0be6e7635dbda # v1.70.0 + uses: reviewdog/action-actionlint@0d952c597ef8459f634d7145b0b044a9699e5e43 # v1.71.0 with: github_token: ${{ secrets.GITHUB_TOKEN }} level: ${{ env.REVIEWDOG_LEVEL }} diff --git a/.github/workflows/docker-push.yml b/.github/workflows/docker-push.yml index 2286a0305..9fb9d2c68 100644 --- a/.github/workflows/docker-push.yml +++ b/.github/workflows/docker-push.yml @@ -101,7 +101,7 @@ jobs: id: build_date run: echo "date=$(./.github/scripts/docker.sh generate-build-date)" >> "$GITHUB_OUTPUT" - name: Build and Push - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 + uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6 timeout-minutes: 15 env: SOURCE_DATE_EPOCH: ${{ steps.source_date.outputs.epoch }} diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index a29896ce3..b6876eebf 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -155,7 +155,7 @@ jobs: # - Build metadata (tags/labels) for image identification # - Build-time variables for versioning and traceability - name: Build - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 + uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6 timeout-minutes: 10 with: # Build context directory (current directory) @@ -420,7 +420,7 @@ jobs: # - Build-time variables for versioning and traceability - name: Build for Validation id: build_validate - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 + uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6 timeout-minutes: 15 env: # Set SOURCE_DATE_EPOCH for reproducible builds @@ -508,7 +508,7 @@ jobs: # This second build will be fast due to BuildKit cache from validation build - name: Push Validated Image with Attestations if: success() - uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6 + uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6 timeout-minutes: 5 env: # Set SOURCE_DATE_EPOCH for reproducible builds diff --git a/.github/workflows/maintenance.yml b/.github/workflows/maintenance.yml index affe8e43c..b242ef65a 100644 --- a/.github/workflows/maintenance.yml +++ b/.github/workflows/maintenance.yml @@ -55,7 +55,7 @@ jobs: with: fetch-depth: 0 - name: Convert - uses: alstr/todo-to-issue-action@c45b007d85c8edf3365b139a9d4c65793e7c674f # v5.1.13 + uses: alstr/todo-to-issue-action@64aca8fda7023259aada83ba44ad988c4c443657 # v5.1.14 with: CLOSE_ISSUES: true INSERT_ISSUE_URLS: true diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 433cbe277..f790c362e 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -65,11 +65,11 @@ jobs: - name: Checkout uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - name: Initialize CodeQL - uses: github/codeql-action/init@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4 + uses: github/codeql-action/init@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4 with: languages: python - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v4 + uses: github/codeql-action/analyze@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4 with: category: /language:python dependencies: