Skip to content

Commit 6a45f56

Browse files
hashicorp-tsccr[bot]hashicorp-tsccr[bot]
authored
SEC-090: Automated trusted workflow pinning (2025-04-07) (#423)
1 parent ce24204 commit 6a45f56

File tree

3 files changed

+29
-15
lines changed

3 files changed

+29
-15
lines changed

.github/workflows/release.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -89,7 +89,7 @@ jobs:
8989
cd .changes
9090
sed -e "1{/# /d;}" -e "2{/^$/d;}" ${{ needs.changelog-version.outputs.version }}.md > release-notes.txt
9191
92-
- uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
92+
- uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
9393
with:
9494
name: release-notes
9595
path: ./.changes/release-notes.txt

.github/workflows/test.yml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -23,13 +23,13 @@ jobs:
2323
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
2424

2525
- name: Set up Go
26-
uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
26+
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
2727
with:
2828
go-version-file: 'go.mod'
2929
id: go
3030

3131
- name: Run linters
32-
uses: golangci/golangci-lint-action@4696ba8babb6127d732c3c6dde519db15edab9ea # v6.5.1
32+
uses: golangci/golangci-lint-action@1481404843c368bc19ca9406f87d6e0fc97bdcfd # v7.0.0
3333
with:
3434
version: latest
3535

@@ -71,7 +71,7 @@ jobs:
7171
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
7272

7373
- name: Setup Go
74-
uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
74+
uses: actions/setup-go@0aaccfd150d50ccaeb58ebd88d36e91967a5f35b # v5.4.0
7575
with:
7676
go-version-file: 'go.mod'
7777
check-latest: true

.golangci.yml

Lines changed: 25 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,12 @@
1-
issues:
2-
max-issues-per-linter: 0
3-
max-same-issues: 0
4-
1+
version: "2"
52
linters:
6-
disable-all: true
3+
default: none
74
enable:
85
- copyloopvar
96
- durationcheck
107
- errcheck
118
- forcetypeassert
129
- godot
13-
- gofmt
14-
- gosimple
1510
- govet
1611
- ineffassign
1712
- makezero
@@ -23,7 +18,26 @@ linters:
2318
- unparam
2419
- unused
2520
- usetesting
26-
27-
run:
28-
# Prevent false positive timeouts in CI
29-
timeout: 5m
21+
exclusions:
22+
generated: lax
23+
presets:
24+
- comments
25+
- common-false-positives
26+
- legacy
27+
- std-error-handling
28+
paths:
29+
- third_party$
30+
- builtin$
31+
- examples$
32+
issues:
33+
max-issues-per-linter: 0
34+
max-same-issues: 0
35+
formatters:
36+
enable:
37+
- gofmt
38+
exclusions:
39+
generated: lax
40+
paths:
41+
- third_party$
42+
- builtin$
43+
- examples$

0 commit comments

Comments
 (0)