2 years ago · 7d178d4e6b
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -46,7 +46,7 @@ jobs:
 
				 
			
 
				     steps:
			
 
				       - name: Checkout
			
 
				-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				 
			
 
				       - name: Setup Go
			
 
				         uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
			
@@ -72,7 +72,7 @@ jobs:
 
				 
			
 
				     steps:
			
 
				       - name: Checkout
			
 
				-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				 
			
 
				       - name: Setup Go
			
 
				         uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
			
@@ -100,7 +100,7 @@ jobs:
 
				 
			
 
				     steps:
			
 
				       - name: Checkout
			
 
				-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				 
			
 
				       - name: Fetch History
			
 
				         run: git fetch --prune --unshallow
			
--- a/.github/workflows/dlc.yml
+++ b/.github/workflows/dlc.yml
@@ -14,7 +14,7 @@ jobs:
 
				     runs-on: ubuntu-latest
			
 
				     steps:
			
 
				       - name: "Checkout Code"
			
 
				-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				 
			
 
				       - name: "Run FOSSA Scan"
			
 
				         uses: fossas/fossa-action@47ef11b1e1e3812e88dae436ccbd2d0cbd1adab0 # main
			
--- a/.github/workflows/docs.yml
+++ b/.github/workflows/docs.yml
@@ -15,7 +15,7 @@ jobs:
 
				     permissions:
			
 
				       contents: write
			
 
				     steps:
			
 
				-      - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				         with:
			
 
				           fetch-depth: 0
			
 
				 
			
--- a/.github/workflows/e2e-managed.yml
+++ b/.github/workflows/e2e-managed.yml
@@ -64,7 +64,7 @@ jobs:
 
				 
			
 
				     # Check out merge commit
			
 
				     - name: Fork based /ok-to-test-managed checkout
			
 
				-      uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				       with:
			
 
				         ref: 'refs/pull/${{ env.GITHUB_PR_NUMBER }}/merge'
			
 
				 
			
--- a/.github/workflows/e2e.yml
+++ b/.github/workflows/e2e.yml
@@ -58,7 +58,7 @@ jobs:
 
				     steps:
			
 
				 
			
 
				     - name: Branch based PR checkout
			
 
				-      uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				 
			
 
				     - name: Fetch History
			
 
				       run: git fetch --prune --unshallow
			
@@ -77,7 +77,7 @@ jobs:
 
				 
			
 
				     # Check out merge commit
			
 
				     - name: Fork based /ok-to-test checkout
			
 
				-      uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				       with:
			
 
				         ref: 'refs/pull/${{ github.event.client_payload.pull_request.number }}/merge'
			
 
				 
			
--- a/.github/workflows/helm.yml
+++ b/.github/workflows/helm.yml
@@ -22,7 +22,7 @@ jobs:
 
				     runs-on: ubuntu-latest
			
 
				     steps:
			
 
				       - name: Checkout
			
 
				-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				         with:
			
 
				           fetch-depth: 0
			
 
				 
			
@@ -74,7 +74,7 @@ jobs:
 
				     runs-on: ubuntu-latest
			
 
				     steps:
			
 
				       - name: Checkout
			
 
				-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				         with:
			
 
				           fetch-depth: 0
			
 
				 
			
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -50,7 +50,7 @@ jobs:
 
				     steps:
			
 
				 
			
 
				       - name: Checkout
			
 
				-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				         with:
			
 
				           ref: ${{ inputs.ref }}
			
 
				 
			
@@ -80,7 +80,7 @@ jobs:
 
				         run: git fetch --prune --unshallow
			
 
				 
			
 
				       - name: Login to Docker
			
 
				-        uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
			
 
				+        uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
			
 
				         if: env.IS_FORK == 'false'
			
 
				         with:
			
 
				           registry: ghcr.io
			
@@ -140,7 +140,7 @@ jobs:
 
				     needs: build-publish
			
 
				     steps:
			
 
				       - name: Checkout
			
 
				-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				       - name: Sign image
			
 
				         if: env.IS_FORK == 'false'
			
 
				         uses: ./.github/actions/sign
			
--- a/.github/workflows/rebuild-image.yml
+++ b/.github/workflows/rebuild-image.yml
@@ -20,7 +20,7 @@ jobs:
 
				 
			
 
				     steps:
			
 
				       - name: Checkout
			
 
				-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				         with:
			
 
				           fetch-depth: 0
			
 
				           ref: ${{ github.event.inputs.ref }}
			
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -22,13 +22,13 @@ jobs:
 
				 
			
 
				     steps:
			
 
				       - name: Checkout
			
 
				-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				         with:
			
 
				           fetch-depth: 0
			
 
				           ref: ${{ github.event.inputs.source_ref }}
			
 
				 
			
 
				       - name: Create Release
			
 
				-        uses: softprops/action-gh-release@9d7c94cfd0a1f3ed45544c887983e9fa900f0564 # v2.0.4
			
 
				+        uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1
			
 
				         with:
			
 
				           tag_name: ${{ github.event.inputs.version }}
			
 
				           target_commitish: ${{ github.event.inputs.source_ref }}
			
@@ -71,7 +71,7 @@ jobs:
 
				 
			
 
				     steps:
			
 
				       - name: Checkout
			
 
				-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				         with:
			
 
				           fetch-depth: 0
			
 
				 
			
@@ -86,7 +86,7 @@ jobs:
 
				         run: go mod download
			
 
				 
			
 
				       - name: Login to Docker
			
 
				-        uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0
			
 
				+        uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3.0.0
			
 
				         with:
			
 
				           registry: ghcr.io
			
 
				           username: ${{ secrets.GHCR_USERNAME }}
			
@@ -113,7 +113,7 @@ jobs:
 
				           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
			
 
				 
			
 
				       - name: Update Release
			
 
				-        uses: softprops/action-gh-release@9d7c94cfd0a1f3ed45544c887983e9fa900f0564 # v2.0.4
			
 
				+        uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844 # v1
			
 
				         with:
			
 
				           tag_name: ${{ github.event.inputs.version }}
			
 
				           files: |
			
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -20,7 +20,7 @@ jobs:
 
				 
			
 
				     steps:
			
 
				       - name: "Checkout code"
			
 
				-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				         with:
			
 
				           persist-credentials: false
			
 
				 
			
--- a/.github/workflows/update-deps.yml
+++ b/.github/workflows/update-deps.yml
@@ -20,7 +20,7 @@ jobs:
 
				 
			
 
				     steps:
			
 
				       - name: Checkout
			
 
				-        uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				         with:
			
 
				           fetch-depth: 0
			
 
				           ref: ${{ github.event.inputs.ref }}
			
@@ -52,7 +52,7 @@ jobs:
 
				       with:
			
 
				         app_id: ${{ secrets.APP_ID }}
			
 
				         private_key: ${{ secrets.PRIVATE_KEY }}
			
 
				-    - uses: actions/checkout@9bb56186c3b09b4f86b1c65136769dd318469633 # v4.1.2
			
 
				+    - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
			
 
				       with:
			
 
				         token: ${{ steps.generate_token.outputs.token }}
			
 
				         ref: ${{ matrix.branch }}