From e5b9ae8a90ed7565444059f73e4c8a3e85403825 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 19 Nov 2025 16:47:27 +0000 Subject: [PATCH] chore(deps): pin dependencies --- .github/workflows/caddy-major-monitor.yml | 2 +- .github/workflows/codeql.yml | 8 ++++---- .github/workflows/docker-build.yml | 2 +- .github/workflows/docker-publish.yml | 2 +- .github/workflows/renovate.yml | 4 ++-- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/.github/workflows/caddy-major-monitor.yml b/.github/workflows/caddy-major-monitor.yml index 95635ee3..05eace8f 100644 --- a/.github/workflows/caddy-major-monitor.yml +++ b/.github/workflows/caddy-major-monitor.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check for Caddy v3 and open issue - uses: actions/github-script@v7 + uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 with: script: | const upstream = { owner: 'caddyserver', repo: 'caddy' }; diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index f378e56a..aa7dd7b7 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -28,17 +28,17 @@ jobs: language: [ 'go', 'javascript-typescript' ] steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@c3d42c5d08633d8b33635fbd94b000a0e2585b3c # v3 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@v3 + uses: github/codeql-action/autobuild@c3d42c5d08633d8b33635fbd94b000a0e2585b3c # v3 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@c3d42c5d08633d8b33635fbd94b000a0e2585b3c # v3 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index 5dccaf88..f775c17a 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -159,7 +159,7 @@ jobs: # Step 10: Upload Trivy results to GitHub Security tab - name: 📤 Upload Trivy results to GitHub Security - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@c3d42c5d08633d8b33635fbd94b000a0e2585b3c # v3 if: github.event_name != 'pull_request' && steps.skip.outputs.skip_build != 'true' && (steps.trivy.outcome == 'success' || steps.trivy.outcome == 'failure') with: sarif_file: 'trivy-results.sarif' diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 7a91053f..cfdec9d7 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -133,6 +133,6 @@ jobs: - name: Upload Trivy results if: github.event_name != 'pull_request' && steps.skip.outputs.skip_build != 'true' - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@c3d42c5d08633d8b33635fbd94b000a0e2585b3c # v3 with: sarif_file: 'trivy-results.sarif' diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index 6463e658..947f2641 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -15,11 +15,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 with: fetch-depth: 1 - name: Run Renovate - uses: renovatebot/github-action@v40.1.11 + uses: renovatebot/github-action@063e0c946b9c1af35ef3450efc44114925d6e8e6 # v40.1.11 with: configurationFile: .github/renovate.json token: ${{ secrets.PROJECT_TOKEN }}