Merge pull request #2460 from tarlepp/chore(c)/github-actions-update

tarlepp · web-flow · commit aa52c1b4f46e · 2023-10-15T14:10:48.000+03:00
Chore(CI) - Updated GitHub action configuration
diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml
@@ -22,7 +22,7 @@ jobs:
       fail-fast: false
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4.1.0
         with:
           fetch-depth: '0'
 
@@ -67,7 +67,7 @@ jobs:
       fail-fast: false
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4.1.0
         with:
           fetch-depth: '0'
 
@@ -118,7 +118,7 @@ jobs:
       fail-fast: false
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4.1.0
         with:
           fetch-depth: '0'
 
@@ -207,7 +207,7 @@ jobs:
       fail-fast: false
     steps:
       - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4.1.0
         with:
           fetch-depth: '0'
 
@@ -317,7 +317,7 @@ jobs:
 
     steps:
       - name: Make checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4.1.0
 
       - name: Lint `./README.md`
         uses: avto-dev/markdown-lint@v1
@@ -350,7 +350,7 @@ jobs:
       - test
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4.1.0
 
       - name: Set tag var
         id: vars
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
@@ -34,12 +34,12 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@v3.1.0
+        uses: actions/checkout@v4.1.0
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@v2.1.2
+        uses: ossf/scorecard-action@v2.3.0
         with:
           results_file: results.sarif
           results_format: sarif
@@ -69,6 +69,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@v2.2.4
+        uses: github/codeql-action/upload-sarif@v2.22.2
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/vulnerability-scan.yml b/.github/workflows/vulnerability-scan.yml
@@ -14,7 +14,7 @@ jobs:
 
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4.1.0
 
       - name: Build the Docker image
         run: docker build . --file Dockerfile --tag symfony-flex-backend:master
