diff --git a/.github/actions/metadata/action.yaml b/.github/actions/metadata/action.yaml index 349f1a02..a2a50d5b 100644 --- a/.github/actions/metadata/action.yaml +++ b/.github/actions/metadata/action.yaml @@ -22,7 +22,7 @@ runs: steps: - name: Docker manager metadata id: meta - uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0 + uses: docker/metadata-action@31cebacef4805868f9ce9a0cb03ee36c32df2ac4 # v5.3.0 with: images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} flavor: ${{ inputs.metadata_flavor }} diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 5137b091..fac29f98 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -56,7 +56,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Install Cosign - uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0 + uses: sigstore/cosign-installer@9614fae9e5c5eddabb09f90a270fcb487c9f7149 # v3.3.0 - name: Install Bom shell: bash diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 95157b60..8e5989d6 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -44,7 +44,7 @@ jobs: password: ${{ secrets.GITHUB_TOKEN }} - name: Install Cosign - uses: sigstore/cosign-installer@1fc5bd396d372bee37d608f955b336615edf79c8 # v3.2.0 + uses: sigstore/cosign-installer@9614fae9e5c5eddabb09f90a270fcb487c9f7149 # v3.3.0 - name: Install Bom shell: bash diff --git a/.github/workflows/schedule-update-bot.yaml b/.github/workflows/schedule-update-bot.yaml index 5cbf6731..82d9dcc3 100644 --- a/.github/workflows/schedule-update-bot.yaml +++ b/.github/workflows/schedule-update-bot.yaml @@ -44,7 +44,7 @@ jobs: echo "LOG_LEVEL=${{ github.event.inputs.logLevel || env.LOG_LEVEL }}" >> "$GITHUB_ENV" - name: Renovate - uses: renovatebot/github-action@5c6c06aa0e3d7a6a9b6cba05c078c51631b5f11a # v39.1.1 + uses: renovatebot/github-action@b8ce565a2e98de1fec9696a76fba7beb01ec29b2 # v39.2.3 env: RENOVATE_HOST_RULES: '[{"hostType": "docker", "matchHost": "ghcr.io", "username": "${{ github.actor }}", "password": "${{ secrets.GITHUB_TOKEN }}" }]' RENOVATE_ALLOWED_POST_UPGRADE_COMMANDS: '[".*"]'