chore(deps): update github actions

.gitconfig

@@ -1,18 +0,0 @@
-[core]
-	autocrlf = input
-	whitespace = trailing-space,space-before-tab
-
-[pull]
-	rebase = true
-
-[push]
-	default = current
-
-[rebase]
-	autoStash = true
-
-[alias]
-	st = status
-	co = checkout
-	br = branch
-	lg = log --oneline --graph --decorate --all

.github/workflows/build.yml

@@ -40,7 +40,7 @@ jobs:
         REGISTRY: ""
 
     - name: Run Trivy vulnerability scanner (k3kcli)
-      uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
+      uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # 0.34.2
       with:
         ignore-unfixed: true
         severity: 'MEDIUM,HIGH,CRITICAL'
@@ -50,13 +50,13 @@ jobs:
         output: 'trivy-results-k3kcli.sarif'
 
     - name: Upload Trivy scan results to GitHub Security tab (k3kcli)
-      uses: github/codeql-action/upload-sarif@38e701f46e33fb233075bf4238cb1e5d68e429e4 # v3
+      uses: github/codeql-action/upload-sarif@820e3160e279568db735cee8ed8f8e77a6da7818 # v3
       with:
         sarif_file: trivy-results-k3kcli.sarif
         category: k3kcli
 
     - name: Run Trivy vulnerability scanner (k3k)
-      uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
+      uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # 0.34.2
       with:
         ignore-unfixed: true
         severity: 'MEDIUM,HIGH,CRITICAL'
@@ -66,13 +66,13 @@ jobs:
         output: 'trivy-results-k3k.sarif'
 
     - name: Upload Trivy scan results to GitHub Security tab (k3k)
-      uses: github/codeql-action/upload-sarif@38e701f46e33fb233075bf4238cb1e5d68e429e4 # v3
+      uses: github/codeql-action/upload-sarif@820e3160e279568db735cee8ed8f8e77a6da7818 # v3
       with:
         sarif_file: trivy-results-k3k.sarif
         category: k3k
 
     - name: Run Trivy vulnerability scanner (k3k-kubelet)
-      uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
+      uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # 0.34.2
       with:
         ignore-unfixed: true
         severity: 'MEDIUM,HIGH,CRITICAL'
@@ -82,7 +82,7 @@ jobs:
         output: 'trivy-results-k3k-kubelet.sarif'
 
     - name: Upload Trivy scan results to GitHub Security tab (k3k-kubelet)
-      uses: github/codeql-action/upload-sarif@38e701f46e33fb233075bf4238cb1e5d68e429e4 # v3
+      uses: github/codeql-action/upload-sarif@820e3160e279568db735cee8ed8f8e77a6da7818 # v3
       with:
         sarif_file: trivy-results-k3k-kubelet.sarif
         category: k3k-kubelet

.github/workflows/fossa.yml

@@ -15,7 +15,7 @@ jobs:
     timeout-minutes: 30
     steps:
     - name: Checkout
-      uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
+      uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
     # The FOSSA token is shared between all repos in Rancher's GH org. It can be
     # used directly and there is no need to request specific access to EIO.

.github/workflows/release.yml

@@ -41,7 +41,7 @@ jobs:
         image: tonistiigi/binfmt:qemu-v10.0.4-56
 
     - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
+      uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3
       with:
         version: v0.30.1
 
@@ -62,7 +62,7 @@ jobs:
         echo "DOCKER_PASSWORD=${{ github.token }}"  >> $GITHUB_ENV
 
     - name: Login to container registry
-      uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3
+      uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3
       with:
         registry: ${{ env.REGISTRY }}
         username: ${{ env.DOCKER_USERNAME }}