diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 884a3d09..3d34fa91 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,16 +18,14 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version-file: 'go.mod' - cache: true - name: Build run: make - dependabot: needs: - build @@ -39,7 +37,7 @@ jobs: steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@v2 + uses: dependabot/fetch-metadata@dbb049abf0d677abbd7f7eee0375145b417fdd34 # v2.2.0 with: github-token: "${{ secrets.GITHUB_TOKEN }}" - name: Enable auto-merge for Dependabot PRs diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index bb1a3344..27260e3f 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -14,17 +14,16 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version-file: 'go.mod' - cache: true - name: make run: make - name: Create Release id: create_release - uses: actions/create-release@v1.1.4 + uses: actions/create-release@0cb9c9b65d5d1901c1f53e5e66eaf4afd303e70e # v1.1.4 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -32,7 +31,7 @@ jobs: release_name: Release ${{ github.ref }} draft: false prerelease: false - - uses: actions/upload-release-asset@v1.0.2 + - uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5 # v1.0.2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -40,7 +39,7 @@ jobs: asset_path: ./bin/release/aws_finder-darwin-amd64 asset_name: aws_finder-darwin-amd64 asset_content_type: application/octet-stream - - uses: actions/upload-release-asset@v1.0.2 + - uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5 # v1.0.2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -48,7 +47,7 @@ jobs: asset_path: ./bin/release/aws_finder-darwin-arm64 asset_name: aws_finder-darwin-arm64 asset_content_type: application/octet-stream - - uses: actions/upload-release-asset@v1.0.2 + - uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5 # v1.0.2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -56,7 +55,7 @@ jobs: asset_path: ./bin/release/aws_finder-linux-amd64 asset_name: aws_finder-linux-amd64 asset_content_type: application/octet-stream - - uses: actions/upload-release-asset@v1.0.2 + - uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5 # v1.0.2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -64,7 +63,7 @@ jobs: asset_path: ./bin/release/aws_finder-linux-arm64 asset_name: aws_finder-linux-arm64 asset_content_type: application/octet-stream - - uses: actions/upload-release-asset@v1.0.2 + - uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5 # v1.0.2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: @@ -72,7 +71,7 @@ jobs: asset_path: ./bin/release/aws_finder-windows-amd64.exe asset_name: aws_finder-windows-amd64.exe asset_content_type: application/octet-stream - - uses: actions/upload-release-asset@v1.0.2 + - uses: actions/upload-release-asset@e8f9f06c4b078e705bd2ea027f0926603fc9b4d5 # v1.0.2 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/scorecard-analysis.yml b/.github/workflows/scorecard-analysis.yml index a5e221de..543507fc 100644 --- a/.github/workflows/scorecard-analysis.yml +++ b/.github/workflows/scorecard-analysis.yml @@ -34,6 +34,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: sarif_file: results.sarif diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index f0079047..d475baac 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -23,17 +23,16 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@v4 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 with: languages: go - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0 with: go-version-file: 'go.mod' - cache: true - name: Build run: make - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0 diff --git a/cmd/aws_finder/main.go b/cmd/aws_finder/main.go index 191dec68..21d44cbe 100644 --- a/cmd/aws_finder/main.go +++ b/cmd/aws_finder/main.go @@ -25,7 +25,7 @@ func main() { source <(%[1]s completion bash) source <(%[1]s completion zsh) `, exeName), - Args: cobra.ExactValidArgs(1), + Args: cobra.MatchAll(cobra.ExactArgs(1), cobra.OnlyValidArgs), ValidArgs: []string{"bash", "zsh"}, RunE: func(cmd *cobra.Command, args []string) error { switch args[0] {