diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 21cc40f6..f075f778 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -67,7 +67,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # tag=v4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # tag=v4.3.4 with: name: SARIF file path: results.sarif diff --git a/.github/workflows/witness.yml b/.github/workflows/witness.yml index 9fe00e3c..d5b54b68 100644 --- a/.github/workflows/witness.yml +++ b/.github/workflows/witness.yml @@ -56,7 +56,7 @@ jobs: go-version: 1.21.x - if: ${{ inputs.artifact-download != '' }} - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: ${{ inputs.artifact-download }} path: /tmp @@ -80,7 +80,7 @@ jobs: run: ${{ inputs.command }} - if: ${{ inputs.artifact-upload-path != '' && inputs.artifact-upload-name != ''}} - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3 + uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 with: name: ${{ inputs.artifact-upload-name }} path: ${{ inputs.artifact-upload-path }}