diff --git a/.github/workflows/aws-ci.yml b/.github/workflows/aws-ci.yml index a858711..3d2e729 100644 --- a/.github/workflows/aws-ci.yml +++ b/.github/workflows/aws-ci.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 #v4 + uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 #v4 with: role-to-assume: ${{ secrets.CI_MAIN_TESTING_ACCOUNT_ROLE_ARN }} role-duration-seconds: 7200 @@ -29,7 +29,7 @@ jobs: $roleArn=$(cat ./response.json) "roleArn=$($roleArn -replace '"', '')" >> $env:GITHUB_OUTPUT - name: Configure Test Runner Credentials - uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 #v4 + uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 #v4 with: role-to-assume: ${{ steps.lambda.outputs.roleArn }} role-duration-seconds: 7200 diff --git a/.github/workflows/closed-issue-message.yml b/.github/workflows/closed-issue-message.yml index 11d5a82..e2fd6d2 100644 --- a/.github/workflows/closed-issue-message.yml +++ b/.github/workflows/closed-issue-message.yml @@ -9,7 +9,7 @@ jobs: auto_comment: runs-on: ubuntu-latest steps: - - uses: aws-actions/closed-issue-message@v1 + - uses: aws-actions/closed-issue-message@v2 with: # These inputs are both required repo-token: "${{ secrets.GITHUB_TOKEN }}" diff --git a/.github/workflows/create-release-pr.yml b/.github/workflows/create-release-pr.yml index 1319d50..e3ab5b2 100644 --- a/.github/workflows/create-release-pr.yml +++ b/.github/workflows/create-release-pr.yml @@ -25,13 +25,13 @@ jobs: steps: # Assume an AWS Role that provides access to the Access Token - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@8c3f20df09ac63af7b3ae3d7c91f105f857d8497 #v4 + uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 #v4 with: role-to-assume: ${{ secrets.RELEASE_WORKFLOW_ACCESS_TOKEN_ROLE_ARN }} aws-region: us-west-2 # Retrieve the Access Token from Secrets Manager - name: Retrieve secret from AWS Secrets Manager - uses: aws-actions/aws-secretsmanager-get-secrets@5e19ff380d035695bdd56bbad320ca535c9063f2 #v2.0.9 + uses: aws-actions/aws-secretsmanager-get-secrets@a9a7eb4e2f2871d30dc5b892576fde60a2ecc802 #v2.0.10 with: secret-ids: | AWS_SECRET, ${{ secrets.RELEASE_WORKFLOW_ACCESS_TOKEN_NAME }} diff --git a/.github/workflows/semgrep-analysis.yml b/.github/workflows/semgrep-analysis.yml index 671f957..1dc51ce 100644 --- a/.github/workflows/semgrep-analysis.yml +++ b/.github/workflows/semgrep-analysis.yml @@ -35,7 +35,7 @@ jobs: p/owasp-top-ten - name: Upload SARIF file for GitHub Advanced Security Dashboard - uses: github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 #v3.30.5 + uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db #v4.31.3 with: sarif_file: semgrep.sarif if: always() diff --git a/.github/workflows/sync-main-dev.yml b/.github/workflows/sync-main-dev.yml index aa4b15c..f512e98 100644 --- a/.github/workflows/sync-main-dev.yml +++ b/.github/workflows/sync-main-dev.yml @@ -27,13 +27,13 @@ jobs: steps: # Assume an AWS Role that provides access to the Access Token - name: Configure AWS Credentials - uses: aws-actions/configure-aws-credentials@8c3f20df09ac63af7b3ae3d7c91f105f857d8497 #v4 + uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8 #v4 with: role-to-assume: ${{ secrets.RELEASE_WORKFLOW_ACCESS_TOKEN_ROLE_ARN }} aws-region: us-west-2 # Retrieve the Access Token from Secrets Manager - name: Retrieve secret from AWS Secrets Manager - uses: aws-actions/aws-secretsmanager-get-secrets@5e19ff380d035695bdd56bbad320ca535c9063f2 #v2.0.9 + uses: aws-actions/aws-secretsmanager-get-secrets@a9a7eb4e2f2871d30dc5b892576fde60a2ecc802 #v2.0.10 with: secret-ids: | AWS_SECRET, ${{ secrets.RELEASE_WORKFLOW_ACCESS_TOKEN_NAME }}