chore(deps): bump actions/checkout from 3 to 4 (#1475)

* chore(deps): bump actions/checkout from 3 to 4 Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v3...3df4ab1) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> * chore: update tag comments and standardize comments to # vx.x.x Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
anchore · Sep 15, 2023 · 655c65f · 655c65f
1 parent e61cb5f
commit 655c65f
Show file tree

Hide file tree

Showing 5 changed files with 11 additions and 11 deletions.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -43,7 +43,7 @@ jobs:
 
  steps:
  - name: Checkout repository
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
+ uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
 
  - name: Utilize Go Module Cache
  uses: actions/cache@69d9d449aced6a2ede0bc19182fadc3a0a42d2b0 # v3.2.6

diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -20,12 +20,12 @@ jobs:
 
  steps:
  - name: "Checkout code"
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # tag=v3.0.0
+ uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
  with:
  persist-credentials: false
 
  - name: "Run analysis"
- uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # tag=v2.2.0
+ uses: ossf/scorecard-action@08b4669551908b1024bb425080c797723083c031 # v2.2.0
  with:
  results_file: results.sarif
  results_format: sarif
@@ -38,6 +38,6 @@ jobs:
 
  # Upload the results to GitHub's code scanning dashboard.
  - name: "Upload to code-scanning"
- uses: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a # tag=v1.0.26
+ uses: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a # v1.0.26
  with:
  sarif_file: results.sarif
diff --git a/.github/workflows/update-bootstrap-tools.yml b/.github/workflows/update-bootstrap-tools.yml
@@ -17,7 +17,7 @@ jobs:
  runs-on: ubuntu-latest
  if: github.repository == 'anchore/grype' # only run for main repo
  steps:
- - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v2.5.0
+ - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
 
  - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
  with:

diff --git a/.github/workflows/update-syft-release.yml b/.github/workflows/update-syft-release.yml
@@ -17,7 +17,7 @@ jobs:
  runs-on: ubuntu-latest
  if: github.repository == 'anchore/grype' # only run for main repo
  steps:
- - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v2.5.0
+ - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
 
  - uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
  with:

diff --git a/.github/workflows/validations.yaml b/.github/workflows/validations.yaml
@@ -16,7 +16,7 @@ jobs:
  name: "Static analysis"
  runs-on: ubuntu-20.04
  steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
 
  - name: Bootstrap environment
  uses: ./.github/actions/bootstrap
@@ -29,7 +29,7 @@ jobs:
  name: "Unit tests"
  runs-on: ubuntu-20.04
  steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac
 
  - name: Bootstrap environment
  uses: ./.github/actions/bootstrap
@@ -42,7 +42,7 @@ jobs:
  name: "Quality tests"
  runs-on: ubuntu-22.04-4core-16gb
  steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
  with:
  submodules: true
 
@@ -59,7 +59,7 @@ jobs:
  name: "Integration tests"
  runs-on: ubuntu-20.04
  steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
 
  - name: Bootstrap environment
  uses: ./.github/actions/bootstrap
@@ -80,7 +80,7 @@ jobs:
  name: "Build snapshot artifacts"
  runs-on: ubuntu-20.04
  steps:
- - uses: actions/checkout@v3
+ - uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
 
  - name: Bootstrap environment
  uses: ./.github/actions/bootstrap