ci: update actions

Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>

.github/workflows/ci.yml

@@ -37,25 +37,21 @@ jobs:
           - goreleaser
           - goreleaser-pro
     steps:
-      -
+      - name: Checkout
-        name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 0
-      -
+      - name: Set up Go
-        name: Set up Go
         uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
         with:
           go-version: stable
-      -
+      - name: Check
-        name: Check
         uses: ./
         with:
           version: ${{ matrix.version }}
           args: check --verbose
           workdir: ./test
-      -
+      - name: GoReleaser
-        name: GoReleaser
         if: ${{ !(github.event_name == 'pull_request' && matrix.distribution == 'goreleaser-pro') }}
         uses: ./
         env:
@@ -81,30 +77,25 @@ jobs:
           - true
           - false
     steps:
-      -
+      - name: Checkout
-        name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 0
-      -
+      - name: Set up Go
-        name: Set up Go
         uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
         with:
           go-version: 1.18
-      -
+      - name: Install cosign
-        name: Install cosign
         if: matrix.cosign
-        uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2
+        uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
-      -
+      - name: GoReleaser
-        name: GoReleaser
         if: ${{ !(github.event_name == 'pull_request' && matrix.distribution == 'goreleaser-pro') }}
         uses: ./
         with:
           distribution: ${{ matrix.distribution }}
           version: ${{ matrix.version }}
           install-only: true
-      -
+      - name: Check
-        name: Check
         if: ${{ !(github.event_name == 'pull_request' && matrix.distribution == 'goreleaser-pro') }}
         run: |
           goreleaser check --verbose
@@ -120,25 +111,21 @@ jobs:
           - macos-latest
           - windows-latest
     steps:
-      -
+      - name: Checkout
-        name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 0
-      -
+      - name: Set up Go
-        name: Set up Go
         uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
         with:
           go-version: 1.18
-      -
+      - name: Import GPG key
-        name: Import GPG key
         id: import_gpg
         uses: crazy-max/ghaction-import-gpg@2dc316deee8e90f13e1a351ab510b4d5bc0c82cd # v7.0.0
         with:
           gpg_private_key: ${{ secrets.GPG_PRIVATE_KEY_TEST }}
           passphrase: ${{ secrets.PASSPHRASE_TEST }}
-      -
+      - name: Check
-        name: Check
         uses: ./
         with:
           version: latest
@@ -146,8 +133,7 @@ jobs:
           workdir: ./test
         env:
           GPG_FINGERPRINT: ${{ steps.import_gpg.outputs.fingerprint }}
-      -
+      - name: GoReleaser
-        name: GoReleaser
         uses: ./
         with:
           version: latest
@@ -159,31 +145,26 @@ jobs:
   upload-artifact:
     runs-on: ubuntu-latest
     steps:
-      -
+      - name: Checkout
-        name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 0
-      -
+      - name: Set up Go
-        name: Set up Go
         uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
         with:
           go-version: 1.18
-      -
+      - name: Check
-        name: Check
         uses: ./
         with:
           args: check --verbose
           workdir: ./test
-      -
+      - name: GoReleaser
-        name: GoReleaser
         uses: ./
         with:
           args: release --skip=publish --clean --snapshot
           workdir: ./test
-      -
+      - name: Upload assets
-        name: Upload assets
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
         with:
           name: myapp
           path: ./test/dist/*
@@ -191,24 +172,20 @@ jobs:
   dist:
     runs-on: ubuntu-latest
     steps:
-      -
+      - name: Checkout
-        name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 0
-      -
+      - name: Set up Go
-        name: Set up Go
         uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
         with:
           go-version: 1.18
-      -
+      - name: GoReleaser
-        name: GoReleaser
         uses: ./
         with:
           args: release --config .goreleaser-dist.yml --skip=publish --clean --snapshot
           workdir: ./test
-      -
+      - name: Check dist
-        name: Check dist
         run: |
           tree -nh ./test/_output
 
@@ -225,18 +202,15 @@ jobs:
           - goreleaser-pro
           - goreleaser
     steps:
-      -
+      - name: Checkout
-        name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 0
-      -
+      - name: Set up Go
-        name: Set up Go
         uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0
         with:
           go-version: 1.18
-      -
+      - name: GoReleaser
-        name: GoReleaser
         uses: ./
         with:
           install-only: true
@@ -244,10 +218,8 @@ jobs:
           version: nightly
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      -
+      - name: Check
-        name: Check
         run: |
           goreleaser check -f ./test/.goreleaser.yml
           goreleaser --version
           goreleaser --version | grep nightly
-

.github/workflows/release-major-tag.yml

@@ -28,19 +28,15 @@ jobs:
   tag:
     runs-on: ubuntu-latest
     steps:
-      -
+      - name: Checkout
-        name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 0
-      -
+      - name: Git config
-        name: Git config
         run: |
           git config user.name "github-actions[bot]"
           git config user.email "41898282+github-actions[bot]@users.noreply.github.com"
-      -
+      - name: Move ${{ github.event.inputs.major_version }} to ${{ github.event.inputs.target }}
-        name: Move ${{ github.event.inputs.major_version }} to ${{ github.event.inputs.target }}
         run: git tag -f ${{ github.event.inputs.major_version }} ${{ github.event.inputs.target }}
-      -
+      - name: Push
-        name: Push
         run: git push origin ${{ github.event.inputs.major_version }} --force

.github/workflows/test.yml

@@ -19,30 +19,24 @@ jobs:
   test:
     runs-on: ubuntu-latest
     steps:
-      -
+      - name: Checkout
-        name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           fetch-depth: 0
-      -
+      - name: Setup Node.js
-        name: Setup Node.js
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
-        uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v6.0.0
         with:
           node-version-file: '.node-version'
           cache: npm
-      -
+      - name: Install cosign
-        name: Install cosign
+        uses: sigstore/cosign-installer@cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003 # v4.1.1
-        uses: sigstore/cosign-installer@d58896d6a1865668819e1d91763c7751a165e159 # v3.9.2
+      - name: Install dependencies
-      -
-        name: Install dependencies
         run: npm ci
-      -
+      - name: Test
-        name: Test
         run: npm test
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-      -
+      - name: Upload coverage
-        name: Upload coverage
         uses: codecov/codecov-action@57e3a136b779b570ffcdbf80b3bdc90e7fab3de2 # v6.0.0
         with:
           files: ./coverage/clover.xml

.github/workflows/validate.yml

@@ -19,45 +19,35 @@ jobs:
   lint:
     runs-on: ubuntu-latest
     steps:
-      -
+      - name: Checkout
-        name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-      -
+      - name: Setup Node.js
-        name: Setup Node.js
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
-        uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v6.0.0
         with:
           node-version-file: '.node-version'
           cache: npm
-      -
+      - name: Install dependencies
-        name: Install dependencies
         run: npm ci
-      -
+      - name: Format check
-        name: Format check
         run: npm run format-check
-      -
+      - name: Lint
-        name: Lint
         run: npm run lint
 
   build:
     runs-on: ubuntu-latest
     steps:
-      -
+      - name: Checkout
-        name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-      -
+      - name: Setup Node.js
-        name: Setup Node.js
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.0.0
-        uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v6.0.0
         with:
           node-version-file: '.node-version'
           cache: npm
-      -
+      - name: Install dependencies
-        name: Install dependencies
         run: npm ci --ignore-scripts
-      -
+      - name: Rebuild dist
-        name: Rebuild dist
         run: npm run build
-      -
+      - name: Compare dist
-        name: Compare dist
         id: diff
         run: |
           if [ "$(git diff --ignore-space-at-eol dist | wc -l)" -gt "0" ]; then
@@ -65,10 +55,9 @@ jobs:
             git diff dist
             exit 1
           fi
-      -
+      - name: Upload built dist on failure
-        name: Upload built dist on failure
         if: ${{ failure() && steps.diff.conclusion == 'failure' }}
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+        uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1
         with:
           name: dist
           path: dist
@@ -76,20 +65,16 @@ jobs:
   vendor:
     runs-on: ubuntu-latest
     steps:
-      -
+      - name: Checkout
-        name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
-      -
+      - name: Setup Node.js
-        name: Setup Node.js
+        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.0.0
-        uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v6.0.0
         with:
           node-version-file: '.node-version'
           cache: npm
-      -
+      - name: Refresh package-lock.json
-        name: Refresh package-lock.json
         run: npm install --package-lock-only
-      -
+      - name: Compare package-lock.json
-        name: Compare package-lock.json
         run: |
           if [ -n "$(git status --porcelain -- package-lock.json)" ]; then
             echo "package-lock.json is out of sync with package.json. Run 'npm install' and commit." >&2