diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 231df71..899d6cd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -25,7 +25,7 @@ jobs: persist-credentials: false - name: Set up Go - uses: actions/setup-go@4a2405e6aebff6aabd8e43618539aa35cf90ac92 # v5.2.0 + uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.5.0 with: go-version: ${{ matrix.go-version }} @@ -51,7 +51,7 @@ jobs: call_reusable_ci: name: Standardized CI - uses: complytime/org-infra/.github/workflows/reusable_ci.yml@37b9e82025fb9d0b4079cfe0bbd7f0434f79e692 # main + uses: complytime/org-infra/.github/workflows/reusable_ci.yml@638b2037394ca0f0b860a135c7c27dce75fd3c03 # v0.5.0 permissions: contents: read issues: read @@ -59,7 +59,7 @@ jobs: call_reusable_security: name: Security Scan - uses: complytime/org-infra/.github/workflows/reusable_security.yml@638b2037394ca0f0b860a135c7c27dce75fd3c03 # main + uses: complytime/org-infra/.github/workflows/reusable_security.yml@638b2037394ca0f0b860a135c7c27dce75fd3c03 # v0.5.0 permissions: contents: read id-token: write @@ -68,7 +68,7 @@ jobs: call_reusable_vuln_scan: name: Vulnerability Scan - uses: complytime/org-infra/.github/workflows/reusable_vuln_scan.yml@638b2037394ca0f0b860a135c7c27dce75fd3c03 # main + uses: complytime/org-infra/.github/workflows/reusable_vuln_scan.yml@638b2037394ca0f0b860a135c7c27dce75fd3c03 # v0.5.0 permissions: contents: read actions: read diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml index 3a4f050..baf9df6 100644 --- a/.github/workflows/container.yml +++ b/.github/workflows/container.yml @@ -12,7 +12,7 @@ permissions: jobs: push: - uses: complytime/org-infra/.github/workflows/reusable_publish_ghcr.yml@68fa970f535858f703369a6de4baa2237c38fa3c # main + uses: complytime/org-infra/.github/workflows/reusable_publish_ghcr.yml@638b2037394ca0f0b860a135c7c27dce75fd3c03 # v0.5.0 permissions: contents: read packages: write @@ -33,7 +33,7 @@ jobs: always() && needs.push.result == 'success' && needs.push.outputs.image != '' - uses: complytime/org-infra/.github/workflows/reusable_trivy_image_scan.yml@e266be092e71ac9343fcd6d5cafc50402161981e # main + uses: complytime/org-infra/.github/workflows/reusable_trivy_image_scan.yml@638b2037394ca0f0b860a135c7c27dce75fd3c03 # v0.5.0 permissions: contents: read packages: write @@ -49,7 +49,7 @@ jobs: if: >- always() && needs.push.result == 'success' - uses: complytime/org-infra/.github/workflows/reusable_sign_and_verify.yml@e30c5cd87e7aeddb8aa7bfeccff4d362bd886270 # main + uses: complytime/org-infra/.github/workflows/reusable_sign_and_verify.yml@638b2037394ca0f0b860a135c7c27dce75fd3c03 # v0.5.0 permissions: contents: read packages: write diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2f5660d..f3d9ce7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -24,7 +24,7 @@ jobs: persist-credentials: false - name: Set up Go - uses: actions/setup-go@4a2405e6aebff6aabd8e43618539aa35cf90ac92 # v5.2.0 + uses: actions/setup-go@924ae3a1cded613372ab5595356fb5720e22ba16 # v6.5.0 with: go-version: '1.26' cache: false