diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 7d09480..874a897 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -10,7 +10,7 @@ permissions: jobs: dependency-review: - uses: cuioss/cuioss-organization/.github/workflows/reusable-dependency-review.yml@3f9cd7e3bb36442219efdc7d0e79aea15881dc78 # v0.2.7 + uses: cuioss/cuioss-organization/.github/workflows/reusable-dependency-review.yml@d38bc3643f0d0faa34ece1c2d854cf97f9a0abd4 # v0.2.8 permissions: contents: read pull-requests: write diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml index 12fb37f..febe833 100644 --- a/.github/workflows/maven.yml +++ b/.github/workflows/maven.yml @@ -17,7 +17,7 @@ jobs: # Run on push events, OR on pull_request only if from a fork # This prevents duplicate runs: push handles internal branches, PR handles forks if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name != github.event.pull_request.base.repo.full_name - uses: cuioss/cuioss-organization/.github/workflows/reusable-maven-build.yml@3f9cd7e3bb36442219efdc7d0e79aea15881dc78 # v0.2.7 + uses: cuioss/cuioss-organization/.github/workflows/reusable-maven-build.yml@d38bc3643f0d0faa34ece1c2d854cf97f9a0abd4 # v0.2.8 secrets: SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} OSS_SONATYPE_USERNAME: ${{ secrets.OSS_SONATYPE_USERNAME }} diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index f2fc03b..6a56ddd 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -13,7 +13,7 @@ permissions: jobs: analysis: - uses: cuioss/cuioss-organization/.github/workflows/reusable-scorecards.yml@3f9cd7e3bb36442219efdc7d0e79aea15881dc78 # v0.2.7 + uses: cuioss/cuioss-organization/.github/workflows/reusable-scorecards.yml@d38bc3643f0d0faa34ece1c2d854cf97f9a0abd4 # v0.2.8 permissions: security-events: write id-token: write