Merge remote-tracking branch 'origin/main' into finish_as_root

Author: anthony-nhs

.github/workflows/build_all_images.yml

@@ -17,7 +17,7 @@ jobs:
       language_folders: ${{ steps.find-folders.outputs.languages }}
       project_folders: ${{ steps.find-folders.outputs.projects }}
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
 
       - id: find-folders
         run: |

.github/workflows/build_multi_arch_image.yml

@@ -53,7 +53,7 @@ jobs:
               username: ${{github.actor}}
               password: ${{secrets.GITHUB_TOKEN}}
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
         with:
           fetch-depth: 0
       - name: setup node
@@ -88,7 +88,7 @@ jobs:
           IMAGE_TAG: ":${{ inputs.docker_tag }}-${{ matrix.arch }}"
           BASE_FOLDER: "${{ inputs.base_folder }}"
       - name: Check docker vulnerabilities - json output
-        uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
+        uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284
         with:
           scan-type: "image"
           image-ref:  "ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}:${{ inputs.docker_tag }}-${{ matrix.arch }}"
@@ -105,7 +105,7 @@ jobs:
           name: "scan_results_docker_${{ inputs.container_name }}_${{ matrix.arch }}.json"
           path: scan_results_docker.json
       - name: Check docker vulnerabilities - table output
-        uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
+        uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284
         with:
           scan-type: "image"
           image-ref:  "ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}:${{ inputs.docker_tag }}-${{ matrix.arch }}"

.github/workflows/ci.yml

@@ -11,7 +11,7 @@ jobs:
       tag_format: '${{ steps.load-config.outputs.TAG_FORMAT }}'
     steps:
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
       - name: Get asdf version
         id: asdf-version
         run: >-

.github/workflows/pull_request.yml

@@ -20,7 +20,7 @@ jobs:
       tag_format: '${{ steps.load-config.outputs.TAG_FORMAT }}'
     steps:
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
       - name: Get asdf version
         id: asdf-version
         run: >-
@@ -41,7 +41,7 @@ jobs:
       SONAR_TOKEN: '${{ secrets.SONAR_TOKEN }}'
   pr_title_format_check:
     uses: >-
-      NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml@5ccebbf821beef2de6abdce9e392b3cbeb4999e3
+      NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml@997a1946c83bb2a9eda418847ed640738af949ff
   get_issue_number:
     runs-on: ubuntu-22.04
     needs: quality_checks
@@ -75,7 +75,7 @@ jobs:
       sha_short: '${{ steps.commit_id.outputs.sha_short }}'
     steps:
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
         with:
           ref: '${{ env.BRANCH_NAME }}'
       - name: Get Commit ID

.github/workflows/release.yml

@@ -12,7 +12,7 @@ jobs:
       tag_format: '${{ steps.load-config.outputs.TAG_FORMAT }}'
     steps:
       - name: Checkout code
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
       - name: Get asdf version
         id: asdf-version
         run: >-