diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e56a565..24cf5aa 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -39,12 +39,12 @@ jobs: uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Initialize CodeQL - uses: github/codeql-action/init@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v3 + uses: github/codeql-action/init@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v3 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@54f647b7e1bb85c95cddabcd46b0c578ec92bc1a # v3 + uses: github/codeql-action/analyze@99df26d4f13ea111d4ec1a7dddef6063f76b97e9 # v3 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/mvp-smoke.yml b/.github/workflows/mvp-smoke.yml index 2e9f022..d049dd2 100644 --- a/.github/workflows/mvp-smoke.yml +++ b/.github/workflows/mvp-smoke.yml @@ -39,7 +39,7 @@ jobs: uses: Swatinem/rust-cache@65012b490220f477f20ab979e35ae732e6de4e68 # v2 - name: Install just - uses: taiki-e/install-action@16b05812d776ae1dfaabc8277e421fb6d2506419 # v2.82.7 + uses: taiki-e/install-action@c7eb1735f09259a5035e8e5d44b1406b1cddc0fb # v2.83.0 with: # Governance R1 requires versioned family-tool pins # (just|must|trust|adjust|bust|dust|intend); bare `tool: just` diff --git a/.github/workflows/s4-loop.yml b/.github/workflows/s4-loop.yml index e9fc2c9..b8dc7b9 100644 --- a/.github/workflows/s4-loop.yml +++ b/.github/workflows/s4-loop.yml @@ -39,7 +39,7 @@ jobs: - name: Cache Cargo uses: Swatinem/rust-cache@65012b490220f477f20ab979e35ae732e6de4e68 # v2 - name: Install just - uses: taiki-e/install-action@16b05812d776ae1dfaabc8277e421fb6d2506419 # v2.82.7 + uses: taiki-e/install-action@c7eb1735f09259a5035e8e5d44b1406b1cddc0fb # v2.83.0 with: tool: just@1.51.0 - name: Install system dependencies diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml index 60910d9..0938dab 100644 --- a/.github/workflows/security-scan.yml +++ b/.github/workflows/security-scan.yml @@ -20,6 +20,6 @@ permissions: jobs: scan: - uses: hyperpolymath/panic-attack/.github/workflows/scan-and-report.yml@6693e01727aefdc01cbb5ddd728e9a510128f2a2 # main 2026-07-07 (skip dispatch without VERISIMDB_PAT) + uses: hyperpolymath/panic-attack/.github/workflows/scan-and-report.yml@4591649f42b16089a9b1d4eaf3bb2f780c23e8ac # main 2026-07-07 (skip dispatch without VERISIMDB_PAT) secrets: VERISIMDB_PAT: ${{ secrets.VERISIMDB_PAT }}