Merge pull request #593 from fxamacker/dependabot/github_actions/acti…

…ons/checkout-4.2.1 Bump actions/checkout from 4.2.0 to 4.2.1
fxamacker · Oct 12, 2024 · 10f5fdc · 10f5fdc
2 parents b43cf6f + b7a1d22
commit 10f5fdc
Show file tree

Hide file tree

Showing 5 changed files with 11 additions and 29 deletions.
diff --git a/.github/workflows/ci-go-cover.yml b/.github/workflows/ci-go-cover.yml
@@ -40,7 +40,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout code
-      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+      uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
     - name: Install Go
       uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
       with:

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -13,10 +13,9 @@ on:
     branches:
       - 'main'
       - 'master'
-      - 'release*'
-      - 'feature/stream-mode'
-    tags:
-      - 'v*'
+      - 'release**'   # Match both 'release-v2.3.4' and 'release/*'.
+      - 'feature/**'
+      - 'v**'
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.run_id }}
@@ -41,7 +40,7 @@ jobs:
         check-latest: true
 
     - name: Checkout code
-      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+      uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
       with:
         fetch-depth: 1
 

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -31,7 +31,7 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+      uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL

diff --git a/.github/workflows/govulncheck.yml b/.github/workflows/govulncheck.yml
@@ -10,28 +10,11 @@ permissions: {}
 on:
   workflow_dispatch:
   pull_request:
-    paths:
-      - '**'
-      - '!**.md'
+    # Run govulncheck on PR for all branches and paths.
   push:
-    paths:
-      - '**'
-      - '!**.md'
-    branches:
-      - 'main'
-      - 'master'
-      - 'release*'
-      - 'feature/stream-mode'
-    tags:
-      - 'v*'
+    # Run govulncheck on push for all branches and paths.
   schedule:
-    - cron: '25 14 * * 0'
-      #       |  | | | |
-      #       |  | | | day of the week (0–6 with 0=Sunday) 
-      #       |  | | month (1–12)
-      #       |  | day of month (1–31)
-      #       | hour (0–23 in UTC)
-      #       minute (0–59)
+    - cron: '45 12 * * *' # Daily at 12:45 UTC / 7:45 AM Central
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.run_id }}
@@ -45,7 +28,7 @@ jobs:
       contents: read
     steps:
     - name: Checkout source
-      uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+      uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
       with:
         fetch-depth: 1
 

diff --git a/.github/workflows/safer-golangci-lint.yml b/.github/workflows/safer-golangci-lint.yml
@@ -36,7 +36,7 @@ jobs:
       contents: read
     steps:
       - name: Checkout source
-        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
         with:
           fetch-depth: 1