diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 558a1f7..83ac0c3 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -14,8 +14,8 @@ jobs:
name: Generate eBPF Object
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v6 # v4.2.2
- - uses: actions/setup-go@v6 # v5.3.0
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+ - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
with:
go-version: '1.26.2'
- name: Install toolchain
@@ -23,7 +23,7 @@ jobs:
- name: Generate BPF
run: make generate
- name: Upload BPF object
- uses: actions/upload-artifact@v7 # v4.6.1
+ uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
with:
name: procscope-bpf-object
path: internal/tracer/procscope_bpfel.o
@@ -35,14 +35,14 @@ jobs:
runs-on: ubuntu-latest
strategy:
matrix:
- go-version: ['1.25', '1.26.2']
+ go-version: ['1.26.2']
steps:
- - uses: actions/checkout@v6 # v4.2.2
- - uses: actions/setup-go@v6 # v5.3.0
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+ - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
with:
go-version: ${{ matrix.go-version }}
- name: Download BPF object
- uses: actions/download-artifact@v8 # v4.1.9
+ uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4.1.9
with:
name: procscope-bpf-object
path: internal/tracer
@@ -65,12 +65,12 @@ jobs:
name: Lint
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v6 # v4.2.2
- - uses: actions/setup-go@v6 # v5.3.0
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+ - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
with:
go-version: '1.26.2'
- name: golangci-lint
- uses: golangci/golangci-lint-action@v9 # v6.1.1
+ uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1
continue-on-error: true
with:
version: v1.64.5
@@ -79,8 +79,8 @@ jobs:
name: Vulnerability Check
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v6 # v4.2.2
- - uses: actions/setup-go@v6 # v5.3.0
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+ - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
with:
go-version: '1.26.2'
- name: Install govulncheck
@@ -93,12 +93,12 @@ jobs:
needs: generate-bpf
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v6 # v4.2.2
- - uses: actions/setup-go@v6 # v5.3.0
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+ - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
with:
go-version: '1.26.2'
- name: Download BPF object
- uses: actions/download-artifact@v8 # v4.1.9
+ uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4.1.9
with:
name: procscope-bpf-object
path: internal/tracer
@@ -113,7 +113,7 @@ jobs:
- name: Lint Debian Package
run: lintian ./procscope_*.deb || true
- name: Upload Debian Package
- uses: actions/upload-artifact@v7 # v4.6.1
+ uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
with:
name: procscope-deb
path: ./procscope_*.deb
@@ -127,9 +127,9 @@ jobs:
steps:
- name: Install dependencies
run: pacman -Syu --noconfirm git go nodejs
- - uses: actions/checkout@v6 # v4.2.2
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Download BPF object
- uses: actions/download-artifact@v8 # v4.1.9
+ uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 # v4.1.9
with:
name: procscope-bpf-object
path: internal/tracer
@@ -139,7 +139,7 @@ jobs:
chown -R builduser:builduser .
su builduser -c "cd arch && makepkg -sf"
- name: Upload Arch Package
- uses: actions/upload-artifact@v7 # v4.6.1
+ uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
with:
name: procscope-pkg-tar-zst
path: arch/*.pkg.tar.zst
diff --git a/.github/workflows/growth-automation.yml b/.github/workflows/growth-automation.yml
index 7910b6f..2798d86 100644
--- a/.github/workflows/growth-automation.yml
+++ b/.github/workflows/growth-automation.yml
@@ -16,11 +16,11 @@ jobs:
contents: write
issues: write
steps:
- - uses: actions/checkout@v6 # v4.2.2
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- - uses: actions/setup-python@v6 # v5.5.0
+ - uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
with:
python-version: '3.11'
diff --git a/.github/workflows/packaging-quality.yml b/.github/workflows/packaging-quality.yml
index 4e31ba0..60553d7 100644
--- a/.github/workflows/packaging-quality.yml
+++ b/.github/workflows/packaging-quality.yml
@@ -29,7 +29,7 @@ jobs:
- name: Install deps
run: pacman -Syu --noconfirm git go nodejs namcap
- - uses: actions/checkout@v6 # v4.2.2
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Validate .SRCINFO is in sync
run: |
@@ -50,7 +50,7 @@ jobs:
name: Debian metadata validation
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v6 # v4.2.2
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Install packaging tools
run: |
diff --git a/.github/workflows/release-preflight.yml b/.github/workflows/release-preflight.yml
index 9a4eb29..6a9989c 100644
--- a/.github/workflows/release-preflight.yml
+++ b/.github/workflows/release-preflight.yml
@@ -19,11 +19,11 @@ jobs:
name: Validate release packaging consistency
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v6 # v4.2.2
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- - uses: actions/setup-python@v6 # v5.5.0
+ - uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
with:
python-version: '3.11'
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index a2a3277..5033e19 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -15,15 +15,15 @@ jobs:
permissions:
contents: write
steps:
- - uses: actions/checkout@v6 # v4.2.2
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
fetch-depth: 0
- - uses: actions/setup-go@v6 # v5.3.0
+ - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
with:
go-version: '1.26.2'
- - uses: actions/setup-python@v6 # v5.5.0
+ - uses: actions/setup-python@8d9ed9ac5c53483de85588cdf95a591a75ab9f55 # v5.5.0
with:
python-version: '3.11'
@@ -32,7 +32,7 @@ jobs:
python scripts/release_preflight.py --tag "${GITHUB_REF_NAME}"
- name: Run GoReleaser
- uses: goreleaser/goreleaser-action@v7 # v6.4.0
+ uses: goreleaser/goreleaser-action@e435ccd777264be153ace6237001ef4d979d3a7a # v6.4.0
with:
version: '~> v2'
args: release --clean
diff --git a/.github/workflows/security-suite.yml b/.github/workflows/security-suite.yml
index f3d9dc1..0a1b956 100644
--- a/.github/workflows/security-suite.yml
+++ b/.github/workflows/security-suite.yml
@@ -26,13 +26,13 @@ jobs:
matrix:
language: ['go']
steps:
- - uses: actions/checkout@v6 # v4.2.2
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Setup Go
- uses: actions/setup-go@v6 # v5.3.0
+ uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
with:
go-version: '1.26.2'
- name: Initialize CodeQL
- uses: github/codeql-action/init@v4 # v3.28.10
+ uses: github/codeql-action/init@a65a038433a26f4363cf9f029e3b9ceac831ad5d # v3.28.10
with:
languages: ${{ matrix.language }}
- name: Install toolchain
@@ -42,7 +42,7 @@ jobs:
- name: Build
run: make build
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@v4 # v3.28.10
+ uses: github/codeql-action/analyze@a65a038433a26f4363cf9f029e3b9ceac831ad5d # v3.28.10
dependency-review:
name: Dependency Review
@@ -52,8 +52,8 @@ jobs:
contents: read
pull-requests: write
steps:
- - uses: actions/checkout@v6 # v4.2.2
- - uses: actions/dependency-review-action@v4 # v4.9.1
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+ - uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4.9.0
scorecard:
name: OpenSSF Scorecard
@@ -65,16 +65,16 @@ jobs:
contents: read
actions: read
steps:
- - uses: actions/checkout@v6 # v4.2.2
+ - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
persist-credentials: false
- name: Run analysis
- uses: ossf/scorecard-action@v2.4.3 # v2.4.3
+ uses: ossf/scorecard-action@99c09fe975337306107572b4fdf4db224cf8e2f2 # v2.4.3
with:
results_file: results.sarif
results_format: sarif
publish_results: true
- name: Upload SARIF
- uses: github/codeql-action/upload-sarif@v4 # v3.28.10
+ uses: github/codeql-action/upload-sarif@a65a038433a26f4363cf9f029e3b9ceac831ad5d # v3.28.10
with:
sarif_file: results.sarif
diff --git a/README.md b/README.md
index dda9f1d..32f3f9f 100644
--- a/README.md
+++ b/README.md
@@ -28,6 +28,9 @@ Trace malware behavior, investigate suspicious binaries, and audit container wor
+
+ 
+
