File tree Expand file tree Collapse file tree 3 files changed +11
-11
lines changed
Expand file tree Collapse file tree 3 files changed +11
-11
lines changed Original file line number Diff line number Diff line change 9696 uses : actions/checkout@v4
9797 -
9898 name : Lint code
99- uses : golangci/golangci-lint-action@v6
99+ uses : golangci/golangci-lint-action@4696ba8babb6127d732c3c6dde519db15edab9ea # v6.5.1
100100 with :
101101 version : latest
102102 args : --timeout=10m
@@ -127,7 +127,7 @@ jobs:
127127 run : go mod download
128128 -
129129 name : Setup gotestsum
130- uses : autero1/action-gotestsum@v2.0.0
130+ uses : autero1/action-gotestsum@7263b9d73912eec65f46337689e59fac865c425f # v2.0.0
131131 with :
132132 gotestsum_version : 1.12.0
133133 -
@@ -160,7 +160,7 @@ jobs:
160160 run : go mod download
161161 -
162162 name : Setup gotestsum
163- uses : autero1/action-gotestsum@v2.0.0
163+ uses : autero1/action-gotestsum@7263b9d73912eec65f46337689e59fac865c425f # v2.0.0
164164 with :
165165 gotestsum_version : 1.12.0
166166 -
@@ -193,7 +193,7 @@ jobs:
193193 run : go mod download
194194 -
195195 name : Setup gotestsum
196- uses : autero1/action-gotestsum@v2.0.0
196+ uses : autero1/action-gotestsum@7263b9d73912eec65f46337689e59fac865c425f # v2.0.0
197197 with :
198198 gotestsum_version : 1.12.0
199199 -
Original file line number Diff line number Diff line change 3939 ${{ runner.os }}-go-
4040
4141 name : Download cyclonedx-gomod
42- uses : Zenithar/gh-gomod-generate-sbom@v1.0.1
42+ uses : Zenithar/gh-gomod-generate-sbom@cd97098f01c993f4aa90ccb8aaf6d795d6194898 # v1.0.1
4343 with :
4444 version : v1.2.0
4545 env :
4949 uses : sigstore/cosign-installer@v3.8.1
5050 -
5151 name : Import Code-Signing Certificates
52- uses : Apple-Actions/import-codesign-certs@v3
52+ uses : Apple-Actions/import-codesign-certs@63fff01cd422d4b7b855d40ca1e9d34d2de9427d # v3
5353 with :
5454 p12-file-base64 : ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_P12_BASE64 }}
5555 p12-password : ${{ secrets.APPLE_DEVELOPER_CERTIFICATE_PASSWORD }}
6161 brew install coreutils
6262
6363 name : Run GoReleaser
64- uses : goreleaser/goreleaser-action@v6
64+ uses : goreleaser/goreleaser-action@286f3b13b1b49da4ac219696163fb8c1c93e1200 # v6.0.0
6565 with :
6666 version : latest
6767 args : release --rm-dist --skip-publish
@@ -183,7 +183,7 @@ jobs:
183183 done
184184
185185 name : Upload to release
186- uses : AButler/upload-release-assets@v2.0
186+ uses : AButler/upload-release-assets@ec6d3263266dc57eb6645b5f75e827987f7c217d # v2.0
187187 with :
188188 files : ' .dist/*'
189189 repo-token : ${{ secrets.GITHUB_TOKEN }}
Original file line number Diff line number Diff line change 3030 run : go list -json -m all > go.list
3131 -
3232 name : Nancy
33- uses : sonatype-nexus-community/nancy-github-action@v1.0.3
33+ uses : sonatype-nexus-community/nancy-github-action@aae196481b961d446f4bff9012e4e3b63d7921a4 # v1.0.2
3434
3535 trivy :
3636 name : Trivy scanner
4646 uses : actions/checkout@v4
4747 -
4848 name : Run Trivy vulnerability scanner in repo mode
49- uses : aquasecurity/trivy-action@master
49+ uses : aquasecurity/trivy-action@6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5 # v0.30.0
5050 with :
5151 scan-type : ' fs'
5252 ignore-unfixed : true
@@ -101,7 +101,7 @@ jobs:
101101 -
102102 uses : actions/checkout@v4
103103 -
104- uses : returntocorp/semgrep-action@v1
104+ uses : returntocorp/semgrep-action@713efdd345f3035192eaa63f56867b88e63e4e5d # v1
105105 with :
106106 generateSarif : " 1"
107107 config : >-
You can’t perform that action at this time.
0 commit comments