diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 33ac234b2d567..8c4e21466c03d 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -187,7 +187,7 @@ jobs:
# Check for any typos
- name: Check for typos
- uses: crate-ci/typos@b1ae8d918b6e85bd611117d3d9a3be4f903ee5e4 # v1.33.1
+ uses: crate-ci/typos@392b78fe18a52790c53f42456e46124f77346842 # v1.34.0
with:
config: .github/workflows/typos.toml
@@ -921,7 +921,7 @@ jobs:
# the check to pass. This is desired in PRs, but not in mainline.
- name: Publish to Chromatic (non-mainline)
if: github.ref != 'refs/heads/main' && github.repository_owner == 'coder'
- uses: chromaui/action@b5848056bb67ce5f1cccca8e62a37cbd9dd42871 # v13.0.1
+ uses: chromaui/action@4d8ebd13658d795114f8051e25c28d66f14886c6 # v13.1.2
env:
NODE_OPTIONS: "--max_old_space_size=4096"
STORYBOOK: true
@@ -953,7 +953,7 @@ jobs:
# infinitely "in progress" in mainline unless we re-review each build.
- name: Publish to Chromatic (mainline)
if: github.ref == 'refs/heads/main' && github.repository_owner == 'coder'
- uses: chromaui/action@b5848056bb67ce5f1cccca8e62a37cbd9dd42871 # v13.0.1
+ uses: chromaui/action@4d8ebd13658d795114f8051e25c28d66f14886c6 # v13.1.2
env:
NODE_OPTIONS: "--max_old_space_size=4096"
STORYBOOK: true
diff --git a/.github/workflows/docs-ci.yaml b/.github/workflows/docs-ci.yaml
index 30ac97706d9f8..f65ab434a9309 100644
--- a/.github/workflows/docs-ci.yaml
+++ b/.github/workflows/docs-ci.yaml
@@ -28,7 +28,7 @@ jobs:
- name: Setup Node
uses: ./.github/actions/setup-node
- - uses: tj-actions/changed-files@666c9d29007687c52e3c7aa2aac6c0ffcadeadc3 # v45.0.7
+ - uses: tj-actions/changed-files@cf79a64fed8a943fb1073260883d08fe0dfb4e56 # v45.0.7
id: changed-files
with:
files: |
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 89ba2b810e8b0..9018ea334d23f 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -47,6 +47,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
- uses: github/codeql-action/upload-sarif@39edc492dbe16b1465b0cafca41432d857bdb31a # v3.29.1
+ uses: github/codeql-action/upload-sarif@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2
with:
sarif_file: results.sarif
diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml
index e6abdf9f601df..e4b213287db0a 100644
--- a/.github/workflows/security.yaml
+++ b/.github/workflows/security.yaml
@@ -38,7 +38,7 @@ jobs:
uses: ./.github/actions/setup-go
- name: Initialize CodeQL
- uses: github/codeql-action/init@39edc492dbe16b1465b0cafca41432d857bdb31a # v3.29.1
+ uses: github/codeql-action/init@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2
with:
languages: go, javascript
@@ -48,7 +48,7 @@ jobs:
rm Makefile
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@39edc492dbe16b1465b0cafca41432d857bdb31a # v3.29.1
+ uses: github/codeql-action/analyze@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2
- name: Send Slack notification on failure
if: ${{ failure() }}
@@ -142,7 +142,7 @@ jobs:
echo "image=$(cat "$image_job")" >> $GITHUB_OUTPUT
- name: Run Trivy vulnerability scanner
- uses: aquasecurity/trivy-action@76071ef0d7ec797419534a183b498b4d6366cf37
+ uses: aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4
with:
image-ref: ${{ steps.build.outputs.image }}
format: sarif
@@ -150,7 +150,7 @@ jobs:
severity: "CRITICAL,HIGH"
- name: Upload Trivy scan results to GitHub Security tab
- uses: github/codeql-action/upload-sarif@39edc492dbe16b1465b0cafca41432d857bdb31a # v3.29.1
+ uses: github/codeql-action/upload-sarif@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2
with:
sarif_file: trivy-results.sarif
category: "Trivy"
diff --git a/.github/workflows/weekly-docs.yaml b/.github/workflows/weekly-docs.yaml
index 03db4079878a1..afcc4c3a84236 100644
--- a/.github/workflows/weekly-docs.yaml
+++ b/.github/workflows/weekly-docs.yaml
@@ -29,7 +29,7 @@ jobs:
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Check Markdown links
- uses: umbrelladocs/action-linkspector@e2ccef58c4b9eb89cd71ee23a8629744bba75aa6 # v1.3.5
+ uses: umbrelladocs/action-linkspector@3a951c1f0dca72300c2320d0eb39c2bafe429ab1 # v1.3.6
id: markdown-link-check
# checks all markdown files from /docs including all subfolders
with:
pFad - Phonifier reborn
Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.
Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.
Alternative Proxies:
Alternative Proxy
pFad Proxy
pFad v3 Proxy
pFad v4 Proxy