Pin action refs to latest trusted by TSCCR #118

hashicorp-tsccr · 2025-05-01T06:02:40Z

Bumping GitHub Actions version to latest TSCCR release.

changes in .github/workflows/actionlint.yml
- bump actions/checkout from v4.1.1 to v4.2.2 (release notes)
changes in .github/workflows/hil.yml
- bump actions/checkout from v4.1.1 to v4.2.2 (release notes)
- bump actions/setup-go from v4.1.0 to v5.4.0 (release notes)
- bump golangci/golangci-lint-action from 08e2f20817b15149a52b5b3ebe7de50aff2ba8c5 to v7.0.0 (release notes)
- bump actions/checkout from v4.1.1 to v4.2.2 (release notes)
- bump actions/setup-go from v4.1.0 to v5.4.0 (release notes)
- bump actions/upload-artifact from v4.3.3 to v4.6.2 (release notes)
- bump actions/upload-artifact from v4.3.3 to v4.6.2 (release notes)
- bump actions/checkout from v4.1.1 to v4.2.2 (release notes)
- bump actions/setup-go from v4.1.0 to v5.4.0 (release notes)
- bump actions/upload-artifact from v4.3.3 to v4.6.2 (release notes)
- bump actions/upload-artifact from v4.3.3 to v4.6.2 (release notes)

You can alter the configuration of this automation via the hcl config in security-tsccr/automation

This PR can be regenerated by dispatching the GitHub workflow Pin Action Refs. Please reach out to #team-prodsec if you have any questions.

Result of tsccr-helper -log-level=info gha update -latest .github/

9e35217

hashicorp-tsccr bot added automated Auto-pinning dependencies Auto-pinning github_actions Auto-pinning SEC-090 Auto-pinning labels May 1, 2025

hashicorp-tsccr bot requested review from a team as code owners May 1, 2025 06:02

Provide feedback