Align files (#133)

architectbot · actions-user · web-flow · commit e21d7e6bee51 · 2025-05-14T19:07:29.000+02:00
Co-authored-by: github-actions &lt;action@github.com&gt;
diff --git a/.github/workflows/zz_generated.fix_vulnerabilities.yaml b/.github/workflows/zz_generated.fix_vulnerabilities.yaml
@@ -2,7 +2,7 @@
 #
 #    devctl
 #
-#    https://github.com/giantswarm/devctl/blob/4460c761238f42b86238478267338d8e2a74d901/pkg/gen/input/workflows/internal/file/fix_vulnerabilities.yaml.template
+#    https://github.com/giantswarm/devctl/blob/c1b16989bf49dfec3938304f370ac314ebe17c65/pkg/gen/input/workflows/internal/file/fix_vulnerabilities.yaml.template
 #
 name: Fix Vulnerabilities
 on:
@@ -61,7 +61,7 @@ jobs:
     steps:
       - name: Generate a token
         id: generate_token
-        uses: actions/create-github-app-token@3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5 # v2.0.2
+        uses: actions/create-github-app-token@df432ceedc7162793a195dd1713ff69aefc7379e # v2.0.6
         with:
           app-id: ${{ secrets.HERALD_APP_ID }}
           private-key: ${{ secrets.HERALD_APP_KEY }}
@@ -79,7 +79,7 @@ jobs:
           git checkout -b "${branch}"
           git pull origin "${branch}" || true
       - name: Run nancy-fixer fix
-        uses: docker://gsoci.azurecr.io/giantswarm/nancy-fixer:0.4.4
+        uses: docker://gsoci.azurecr.io/giantswarm/nancy-fixer:0.5.0
         timeout-minutes: 20
       - name: Set up git identity
         run: |
diff --git a/.github/workflows/zz_generated.gitleaks.yaml b/.github/workflows/zz_generated.gitleaks.yaml
@@ -2,7 +2,7 @@
 #
 #    devctl
 #
-#    https://github.com/giantswarm/devctl/blob/f2b5cf71dfa175afa70f721eca503072d0e7d4c4/pkg/gen/input/workflows/internal/file/gitleaks.yaml.template
+#    https://github.com/giantswarm/devctl/blob/514b1ba81e42eccaed3cea986fe7ec70e5033bb7/pkg/gen/input/workflows/internal/file/gitleaks.yaml.template
 #
 name: gitleaks
 
@@ -16,4 +16,4 @@ jobs:
       with:
         fetch-depth: '0'
     - name: gitleaks-action
-      uses: giantswarm/gitleaks-action@main
+      uses: giantswarm/gitleaks-action@867a11ebfc8f614779675c29d5e98bbb228dea95 # main
diff --git a/.github/workflows/zz_generated.run_ossf_scorecard.yaml b/.github/workflows/zz_generated.run_ossf_scorecard.yaml
@@ -2,7 +2,7 @@
 #
 #    devctl
 #
-#    https://github.com/giantswarm/devctl/blob/f2b5cf71dfa175afa70f721eca503072d0e7d4c4/pkg/gen/input/workflows/internal/file/run_ossf_scorecard.yaml.template
+#    https://github.com/giantswarm/devctl/blob/de423b259314ab8af8152bc058ccf66b31040970/pkg/gen/input/workflows/internal/file/run_ossf_scorecard.yaml.template
 #
 
 # This workflow uses actions that are not certified by GitHub. They are provided
@@ -75,6 +75,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@45775bd8235c68ba998cffa5171334d58593da47 # v3.28.15
+        uses: github/codeql-action/upload-sarif@60168efe1c415ce0f5521ea06d5c2062adbeed1b # v3.28.17
         with:
           sarif_file: results.sarif

Original file line number	Diff line number	Diff line change
`@@ -2,7 +2,7 @@`
`2`	`2`	`#`
`3`	`3`	`# devctl`
`4`	`4`	`#`
`5`		`-# https://github.com/giantswarm/devctl/blob/f2b5cf71dfa175afa70f721eca503072d0e7d4c4/pkg/gen/input/workflows/internal/file/gitleaks.yaml.template`
	`5`	`+# https://github.com/giantswarm/devctl/blob/514b1ba81e42eccaed3cea986fe7ec70e5033bb7/pkg/gen/input/workflows/internal/file/gitleaks.yaml.template`
`6`	`6`	`#`
`7`	`7`	`name: gitleaks`
`8`	`8`
`@@ -16,4 +16,4 @@ jobs:`
`16`	`16`	`with:`
`17`	`17`	`fetch-depth: '0'`
`18`	`18`	`- name: gitleaks-action`
`19`		`- uses: giantswarm/gitleaks-action@main`
	`19`	`+ uses: giantswarm/gitleaks-action@867a11ebfc8f614779675c29d5e98bbb228dea95 # main`