Skip to content

Commit

Permalink
Merge pull request #227 from marcransome/dependabot/github_actions/ve…
Browse files Browse the repository at this point in the history 
…rsion-updates-e3f367180a
  • Loading branch information
@dependabot
dependabot[bot] authored Aug 6, 2024
2 parents a60ef77 + d885360 commit 1d98c6b
Show file tree
Hide file tree
Showing 6 changed files with 14 additions and 14 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/codeql-analysis.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -20,15 +20,15 @@ jobs:
security-events: write
steps:
- name: Harden runner
uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Install dependencies
run: brew install popt
- name: Initialize CodeQL
uses: github/codeql-action/init@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
uses: github/codeql-action/init@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0
with:
languages: cpp
queries: security-and-quality
Expand All @@ -38,4 +38,4 @@ jobs:
cmake -S . -B build -D CMAKE_OSX_ARCHITECTURES=arm64
cmake --build build
- name: Perform CodeQL analysis
uses: github/codeql-action/analyze@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
uses: github/codeql-action/analyze@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0
2 changes: 1 addition & 1 deletion .github/workflows/dependency-review.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ jobs:
pull-requests: write
steps:
- name: Harden runner
uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit
- name: Checkout repository
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/markdown-links.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:
- name: Checkout repository
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Harden runner
uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit
- name: Check links in modified Markdown files
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/openssf-scorecard.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ jobs:
id-token: write # Needed to publish results to OpenSSF API and get a badge (see publish_results below)
steps:
- name: Harden runner
uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit
- name: Checkout repository
Expand All @@ -31,12 +31,12 @@ jobs:
results_format: sarif
publish_results: true
- name: Upload Actions artifact
uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
with:
name: SARIF file
path: results.sarif
retention-days: 5
- name: Upload to code scanning dashboard
uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
uses: github/codeql-action/upload-sarif@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0
with:
sarif_file: results.sarif
10 changes: 5 additions & 5 deletions .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ jobs:
sha256-filename-darwin-x86_64: ${{ steps.checksum.outputs.sha256-filename-darwin-x86_64 }}
steps:
- name: Harden runner
uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit
- name: Checkout repository
Expand Down Expand Up @@ -67,14 +67,14 @@ jobs:
echo "sha256-checksum-darwin-${ARCHITECTURE}=$(cat "${ARTIFACT_NAME}.sha256" | base64)" >> "${GITHUB_OUTPUT}"
echo "sha256-filename-darwin-${ARCHITECTURE}=${ARTIFACT_NAME}.sha256" >> "${GITHUB_OUTPUT}"
- name: Upload build artifact
uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
with:
name: ${{ steps.artifact.outputs.name }}
path: ${{ steps.artifact.outputs.name }}
if-no-files-found: error
retention-days: 7
- name: Upload SHA-256 checksum file
uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
uses: actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a # v4.3.6
with:
name: ${{ steps.artifact.outputs.name }}.sha256
path: ${{ steps.artifact.outputs.name }}.sha256
Expand All @@ -89,7 +89,7 @@ jobs:
CHECKSUMS: ${{ toJSON(needs.build.outputs) }}
steps:
- name: Harden runner
uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit
- id: checksums
Expand Down Expand Up @@ -117,7 +117,7 @@ jobs:
if: startsWith(github.ref, 'refs/tags/v')
steps:
- name: Harden runner
uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit
- name: Download x86_64 build artifact
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/test.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ jobs:
runs-on: ${{ matrix.os }}
steps:
- name: Harden runner
uses: step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c # v2.9.0
uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
with:
egress-policy: audit
- name: Checkout repository
Expand Down

0 comments on commit 1d98c6b

Please sign in to comment.