diff --git a/.github/workflows/codeql-actions.yml b/.github/workflows/codeql-actions.yml index f72a36f1d..edf5004cb 100644 --- a/.github/workflows/codeql-actions.yml +++ b/.github/workflows/codeql-actions.yml @@ -37,7 +37,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3 + uses: github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3 with: languages: actions build-mode: none @@ -45,6 +45,6 @@ jobs: queries: security-extended - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3 + uses: github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3 with: category: "/language:actions" diff --git a/.github/workflows/codeql-python.yml b/.github/workflows/codeql-python.yml index 9f07809fd..5441283cc 100644 --- a/.github/workflows/codeql-python.yml +++ b/.github/workflows/codeql-python.yml @@ -42,7 +42,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3 + uses: github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3 with: languages: python build-mode: none @@ -61,6 +61,6 @@ jobs: pip install dist/*.whl - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3 + uses: github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3 with: category: "/language:python" diff --git a/.github/workflows/release-python.yml b/.github/workflows/release-python.yml index 2fab53cb7..06c0b35b2 100644 --- a/.github/workflows/release-python.yml +++ b/.github/workflows/release-python.yml @@ -37,17 +37,16 @@ jobs: outputs: version: ${{ steps.pre-publish.outputs.version }} steps: - - uses: mongodb-labs/drivers-github-tools/secure-checkout@v2 + - uses: mongodb-labs/drivers-github-tools/secure-checkout@v3 with: app_id: ${{ vars.APP_ID }} private_key: ${{ secrets.APP_PRIVATE_KEY }} - - uses: mongodb-labs/drivers-github-tools/setup@v2 + - uses: mongodb-labs/drivers-github-tools/setup@v3 with: aws_role_arn: ${{ secrets.AWS_ROLE_ARN }} aws_region_name: ${{ vars.AWS_REGION_NAME }} aws_secret_id: ${{ secrets.AWS_SECRET_ID }} - artifactory_username: ${{ vars.ARTIFACTORY_USERNAME }} - - uses: mongodb-labs/drivers-github-tools/python/pre-publish@v2 + - uses: mongodb-labs/drivers-github-tools/python/pre-publish@v3 id: pre-publish with: working_directory: ./bindings/python @@ -106,17 +105,16 @@ jobs: attestations: write security-events: write steps: - - uses: mongodb-labs/drivers-github-tools/secure-checkout@v2 + - uses: mongodb-labs/drivers-github-tools/secure-checkout@v3 with: app_id: ${{ vars.APP_ID }} private_key: ${{ secrets.APP_PRIVATE_KEY }} - - uses: mongodb-labs/drivers-github-tools/setup@v2 + - uses: mongodb-labs/drivers-github-tools/setup@v3 with: aws_role_arn: ${{ secrets.AWS_ROLE_ARN }} aws_region_name: ${{ vars.AWS_REGION_NAME }} aws_secret_id: ${{ secrets.AWS_SECRET_ID }} - artifactory_username: ${{ vars.ARTIFACTORY_USERNAME }} - - uses: mongodb-labs/drivers-github-tools/python/post-publish@v2 + - uses: mongodb-labs/drivers-github-tools/python/post-publish@v3 with: following_version: ${{ env.FOLLOWING_VERSION }} working_directory: ./bindings/python diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index b0594ebce..80f718c81 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -18,4 +18,4 @@ jobs: with: persist-credentials: false - name: Run zizmor - uses: zizmorcore/zizmor-action@873539476a7f9b0da7504d0d9e9a6a5275094d98 \ No newline at end of file + uses: zizmorcore/zizmor-action@0696496a48b64e0568faa46ddaf5f6fe48b83b04 \ No newline at end of file