GH Actions: Update versions of various actions used

vegastrike · Jul 9, 2023 · c05e452 · c05e452
1 parent 7f0b51e
commit c05e452
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 8 deletions.
diff --git a/.github/workflows/Anchore-Container-Scan.yml b/.github/workflows/Anchore-Container-Scan.yml
@@ -52,7 +52,7 @@ jobs:
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
-      - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 #v3.5.0
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 #v3.5.3
         with:
           fetch-depth: 2
           submodules: false
@@ -65,14 +65,14 @@ jobs:
       #   run: script/cibuild
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@8c0edbc76e98fa90f69d9a2c020dcb50019dc325 #v2.2.1
+        uses: docker/setup-buildx-action@2a1a44ac4aa01993040736bd95bb470da1a38365 #v2.9.0
         env:
           FROM:       ${{ matrix.FROM }}
           MY_OS_NAME: linux
           IS_RELEASE: 1
 
       - name: build local container
-        uses: docker/build-push-action@37abcedcc1da61a57767b7588cb9d03eb57e28b3 #v3.3.0
+        uses: docker/build-push-action@2eb1c1961a95fc15694676618e422e8ba1d63825 #v4.1.1
         env:
           FROM:       ${{ matrix.FROM }}
           MY_OS_NAME: linux
@@ -84,7 +84,7 @@ jobs:
           load: true
 
       - name: Scan image
-        uses: anchore/scan-action@9a22e4caae42db0d4c687ab5431e1c3699d0def1 #v3.3.2
+        uses: anchore/scan-action@24fd7c9060f3c96848dd1929fac8d796fb5ae4b4 #v3.3.6
         with:
           image: "localbuild/${{ matrix.FROM }}"
           fail-build: false

diff --git a/.github/workflows/fortify-on-demand-scan.yml b/.github/workflows/fortify-on-demand-scan.yml
@@ -16,7 +16,7 @@ jobs:
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 #v3.5.3
 
       - name: Fortify on Demand Scan
         # You may pin to the exact commit or the version.

diff --git a/.github/workflows/gh-actions-pr.yml b/.github/workflows/gh-actions-pr.yml
@@ -41,7 +41,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 #v3.5.0
+      uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 #v3.5.3
       with:
         # We must fetch at least the immediate parents so that if this is
         # a pull request then we can check out the head.

diff --git a/.github/workflows/gh-actions-release.yml b/.github/workflows/gh-actions-release.yml
@@ -48,7 +48,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3 #v3.5.0
+      uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 #v3.5.3
       with:
         fetch-depth: 2
         submodules: false
@@ -63,7 +63,7 @@ jobs:
         echo "${TAG_NAME}"
 
     - name: Docker Login
-      uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a #v2.1.0
+      uses: docker/login-action@465a07811f14bebb1938fbed4728c6a1ff8901fc #v2.2.0
       with:
         username: ${{ secrets.DOCKER_HUB_USER }}
         password: ${{ secrets.DOCKER_HUB_KEY }}