Commit ddbd99c
Changed files (5)
.github
workflows
.github/workflows/dev-publish.yml
@@ -124,7 +124,7 @@ jobs:
# Uses the `docker/login-action` action to log in to the Container registry using the account and password that will publish the packages. Once published, the packages are scoped to the account defined here.
- name: Log in to the Container registry
- uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772
+ uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 #v3.4.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
@@ -132,7 +132,7 @@ jobs:
# This step uses [docker/metadata-action](https://github.com/docker/metadata-action#about) to extract tags and labels that will be applied to the specified image. The `id` "meta" allows the output of this step to be referenced in a subsequent step. The `images` value provides the base name for the tags and labels.
- name: Extract metadata (tags, labels) for Docker
id: meta
- uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804
+ uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 #v5.7.0
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
@@ -143,7 +143,7 @@ jobs:
# It uses the `tags` and `labels` parameters to tag and label the image with the output from the "meta" step.
- name: Build and push Docker image
id: push
- uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4
+ uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 #v6.18.0
with:
context: ./
file: ./dcr/Dockerfile
.github/workflows/docs.yml
@@ -34,7 +34,7 @@ jobs:
run: npm i
- name: Add additional deps
- run: npm i @rollup/rollup-linux-x64-gnu@4.32.1
+ run: npm i @rollup/rollup-linux-x64-gnu@4.44.1
- name: Build docs
run: npm run docs:build
.github/workflows/osv.yml
@@ -30,7 +30,7 @@ jobs:
security-events: write
contents: read
actions: read
- uses: 'google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@6fc714450122bda9d00e4ad5d639ad6a39eedb1f' # v2.0.1
+ uses: 'google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@40a8940a65eab1544a6af759e43d936201a131a2' # v2.0.3
with:
# Example of specifying custom arguments
scan-args: |-
@@ -42,7 +42,7 @@ jobs:
security-events: write
contents: read
actions: read
- uses: 'google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@6fc714450122bda9d00e4ad5d639ad6a39eedb1f' # v2.0.1
+ uses: 'google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@40a8940a65eab1544a6af759e43d936201a131a2' # v2.0.3
with:
# Example of specifying custom arguments
scan-args: |-
.github/workflows/publish.yml
@@ -110,14 +110,14 @@ jobs:
run: echo ZX_VERSION=$(jq -r '.version' package.json) >> $GITHUB_ENV
- name: Log in to the Container registry
- uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772
+ uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 #v3.4.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata (tags, labels) for Docker
id: meta
- uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804
+ uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 #v5.7.0
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
@@ -125,7 +125,7 @@ jobs:
type=semver,pattern={{version}},value=v${{ env.ZX_VERSION }}
- name: Build and push Docker image
id: push
- uses: docker/build-push-action@471d1dc4e07e5cdedd4c2171150001c434f0b7a4
+ uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 #v6.18.0
with:
context: ./
file: ./dcr/Dockerfile
.github/workflows/zizmor.yml
@@ -22,9 +22,9 @@ jobs:
persist-credentials: false
- name: Install the latest version of uv
- uses: astral-sh/setup-uv@d4b2f3b6ecc6e67c4457f6d3e41ec42d3d0fcb86 #v5.4.2
+ uses: astral-sh/setup-uv@bd01e18f51369d5a26f1651c3cb451d3417e3bba #v6.3.1
with:
enable-cache: false
- name: Run zizmor
- run: uvx zizmor@1.6.0 .github/workflows -v -p --min-severity=medium
+ run: uvx zizmor@1.11.0 .github/workflows -v -p --min-severity=medium