From 1320d4afa20aa11da3c750933f7dda6d94d17ed1 Mon Sep 17 00:00:00 2001
From: Taras Drozdovskyi <t.drozdovsky@samsung.com>
Date: Mon, 3 Jun 2024 22:02:45 +0300
Subject: [PATCH] ci: Update 3rd-party components

Signed-off-by: Taras Drozdovskyi <t.drozdovsky@samsung.com>
---
 .github/workflows/build.yml               |  2 +-
 .github/workflows/codeql.yml              |  6 +++---
 .github/workflows/fossology.yml           |  2 +-
 .github/workflows/license-finder.yml      |  2 +-
 .github/workflows/linter.yml              |  4 ++--
 .github/workflows/publish.yml             | 10 +++++-----
 .github/workflows/scancode.yml            |  2 +-
 .github/workflows/scorecards-analysis.yml |  8 ++++----
 8 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 0fc0dd4c..a6dfbbf1 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -12,7 +12,7 @@ jobs:
         platform: [numaker_pfm_m2351, m2351_badge, mps2_an505_qemu]
     runs-on: ubuntu-20.04
     steps:
-      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f
+      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
 
       - name: Install extra tools
         run: |
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index cf49c4f3..15cdbe31 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -51,11 +51,11 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f
+      uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@d39d31e687223d841ef683f52467bd88e9b21c14
+      uses: github/codeql-action/init@f079b8493333aace61c81488f8bd40919487bd9f
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -89,6 +89,6 @@ jobs:
         make
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@d39d31e687223d841ef683f52467bd88e9b21c14
+      uses: github/codeql-action/analyze@f079b8493333aace61c81488f8bd40919487bd9f
       with:
         category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/fossology.yml b/.github/workflows/fossology.yml
index d4a47562..a968c230 100644
--- a/.github/workflows/fossology.yml
+++ b/.github/workflows/fossology.yml
@@ -9,7 +9,7 @@ jobs:
     name: Check license, copyright, keyword
     runs-on: ubuntu-22.04
     steps:
-      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f
+      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
       - run: |
           docker run --rm --name "fossologyscanner" -w "/opt/repo" -v ${PWD}:/opt/repo \
             -e GITHUB_TOKEN=${{ github.token }} \
diff --git a/.github/workflows/license-finder.yml b/.github/workflows/license-finder.yml
index 0fc95fc4..9646b3eb 100644
--- a/.github/workflows/license-finder.yml
+++ b/.github/workflows/license-finder.yml
@@ -12,7 +12,7 @@ jobs:
       image: gianlucadb0/license_finder
 
     steps:
-      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f
+      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
 
       - name: License finder run
         run: | 
diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml
index 2097ca82..a7748247 100644
--- a/.github/workflows/linter.yml
+++ b/.github/workflows/linter.yml
@@ -9,8 +9,8 @@ jobs:
   cpp-linter:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f
-      - uses: cpp-linter/cpp-linter-action@a3ed7553c695735e6d1af356a0c0211a77d42c7b 
+      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
+      - uses: cpp-linter/cpp-linter-action@8147325db2bef1f2ce985e84c1bf1bd02e6b2549  
         id: linter
         continue-on-error: true
         env:
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index de9acd70..71cd2c5a 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -20,12 +20,12 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4
+        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10
         with:
           egress-policy: audit
 
       - name: Checkout repository
-        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
 
       - name: Install extra tools
         run: |
@@ -78,7 +78,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4
+        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10
         with:
           egress-policy: audit
 
@@ -111,7 +111,7 @@ jobs:
     if: startsWith(github.ref, 'refs/tags/')
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4
+        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10
         with:
           egress-policy: audit
 
@@ -126,7 +126,7 @@ jobs:
           name: ${{ needs.build.outputs.version }}_ns.bin
 
       - name: Upload assets
-        uses: softprops/action-gh-release@9d7c94cfd0a1f3ed45544c887983e9fa900f0564 # v2.0.4
+        uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87
         with:
           files: |
             ${{ needs.build.outputs.version }}_s.bin
diff --git a/.github/workflows/scancode.yml b/.github/workflows/scancode.yml
index 3d552314..c876d651 100644
--- a/.github/workflows/scancode.yml
+++ b/.github/workflows/scancode.yml
@@ -12,7 +12,7 @@ jobs:
       image: gianlucadb0/scancode-toolkit
 
     steps:
-      - uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f
+      - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
 
       - name: Create results directory
         run: mkdir results
diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml
index d67fae99..475988ef 100644
--- a/.github/workflows/scorecards-analysis.yml
+++ b/.github/workflows/scorecards-analysis.yml
@@ -32,17 +32,17 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4
+        uses: step-security/harden-runner@f086349bfa2bd1361f7909c78558e816508cdc10
         with:
           egress-policy: audit
 
       - name: "Checkout code"
-        uses: actions/checkout@1d96c772d19495a3b5c517cd2bc0cb401ea0529f
+        uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1
+        uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534
         with:
           results_file: results.sarif
           results_format: sarif
@@ -72,6 +72,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@d39d31e687223d841ef683f52467bd88e9b21c14
+        uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f
         with:
           sarif_file: results.sarif
\ No newline at end of file