Skip to content

Update GitHub Action Versions#60

Open
snowdream wants to merge 1 commit intomainfrom
gh-actions-update-1772932160
Open

Update GitHub Action Versions#60
snowdream wants to merge 1 commit intomainfrom
gh-actions-update-1772932160

Conversation

@snowdream
Copy link
Copy Markdown
Contributor

@snowdream snowdream commented Mar 8, 2026

GitHub Actions Version Updates

github-advanced-security[bot]
github-advanced-security bot found potential problems Mar 8, 2026
View reviewed changes
.github/workflows/main.yml
# https://github.com/docker/setup-qemu-action
name: Set up QEMU
uses: docker/setup-qemu-action@v3.7.0
uses: docker/setup-qemu-action@v4.0.0

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'GitHub Actions Continuous Delivery' step
Uses Step
Loading
uses 'docker/setup-qemu-action' with ref 'v4.0.0', not a pinned commit hash
.github/workflows/main.yml
# docker buildx create --driver-opt env.http_proxy=$http_proxy --driver-opt env.https_proxy=$https_proxy --driver-opt '"env.no_proxy='$no_proxy'"'
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3.12.0
uses: docker/setup-buildx-action@v4.0.0

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'GitHub Actions Continuous Delivery' step
Uses Step
Loading
uses 'docker/setup-buildx-action' with ref 'v4.0.0', not a pinned commit hash
.github/workflows/main.yml
"env.no_proxy='${{ env.no_proxy}}'"
- name: Login to DockerHub
uses: docker/login-action@v3.7.0
uses: docker/login-action@v4.0.0

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'GitHub Actions Continuous Delivery' step
Uses Step
Loading
uses 'docker/login-action' with ref 'v4.0.0', not a pinned commit hash
.github/workflows/main.yml
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: Login to Quay.io
uses: docker/login-action@v3.7.0
uses: docker/login-action@v4.0.0

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'GitHub Actions Continuous Delivery' step
Uses Step
Loading
uses 'docker/login-action' with ref 'v4.0.0', not a pinned commit hash
.github/workflows/main.yml
password: ${{ secrets.QUAY_ROBOT_TOKEN }}
- name: Login to GitHub Container Registry
uses: docker/login-action@v3.7.0
uses: docker/login-action@v4.0.0

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'GitHub Actions Continuous Delivery' step
Uses Step
Loading
uses 'docker/login-action' with ref 'v4.0.0', not a pinned commit hash
.github/workflows/main.yml
- name: Docker meta
id: meta
uses: docker/metadata-action@v5.10.0
uses: docker/metadata-action@v6.0.0

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'GitHub Actions Continuous Delivery' step
Uses Step: meta
Loading
uses 'docker/metadata-action' with ref 'v6.0.0', not a pinned commit hash
.github/workflows/main.yml
DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index
- name: Build and push
uses: docker/build-push-action@v6.19.2
uses: docker/build-push-action@v7.0.0

Check warning

Code scanning / CodeQL

Unpinned tag for a non-immutable Action in workflow Medium

Unpinned 3rd party Action 'GitHub Actions Continuous Delivery' step
Uses Step
Loading
uses 'docker/build-push-action' with ref 'v7.0.0', not a pinned commit hash
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@snowdream