From 2a44bc6106ac0a3d09da4dc43e6cc805e5a59bc0 Mon Sep 17 00:00:00 2001
From: Phillip Wirth <phillip.wirth@dataport.de>
Date: Wed, 15 Jan 2025 18:05:23 +0100
Subject: [PATCH] BC-8113 update gh-actions

---
 .github/workflows/push.yml | 4 ++--
 .github/workflows/test.yml | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
index 717ad01..d39a50d 100644
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -140,7 +140,7 @@ jobs:
       security-events: write
     steps:
       - name: run trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2
+        uses: aquasecurity/trivy-action@0.29
         with:
           image-ref: 'ghcr.io/${{ github.repository }}:${{ needs.branch_meta.outputs.sha }}'
           format: 'sarif'
@@ -155,4 +155,4 @@ jobs:
         if: ${{ always() }}
         uses: github/codeql-action/upload-sarif@v3
         with:
-          sarif_file: 'trivy-results.sarif'
\ No newline at end of file
+          sarif_file: 'trivy-results.sarif'
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index f6605b7..5018886 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -66,7 +66,7 @@ jobs:
           distribution: 'temurin'
           java-version: '21'
       - name: SonarCloud upload coverage
-        uses: SonarSource/sonarcloud-github-action@v3.0.0
+        uses: SonarSource/sonarcloud-github-action@v4.0.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }}