chore(deps): update actions/checkout action to v3.6.0 #768

	# Copyright 2020 Wayback Archiver. All rights reserved.
	# Use of this source code is governed by the MIT license
	# that can be found in the LICENSE file.

	name: Go Report Card

	on:
	push:
	branches:
	- '**'
	pull_request:
	branches:
	- '**'
	types: [ opened, synchronize, reopened ]
	workflow_call:
	inputs:
	egress-policy:
	type: string
	default: 'block'
	description: 'Harden-Runner egress traffic policy'

	permissions:
	contents: read

	jobs:
	goreportcard:
	if: ${{ github.ref == 'refs/heads/main' }}
	runs-on: ubuntu-latest
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@1f99358870fe1c846a3ccba386cc2b2246836776 # v2.2.1
	with:
	disable-sudo: true
	egress-policy: ${{ inputs.egress-policy \|\| 'block' }}
	disable-telemetry: true
	allowed-endpoints: >
	github.com:443
	api.github.com:443
	goreportcard.com:443

	- name: Check out code base
	if: github.event_name == 'push'
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
	with:
	fetch-depth: 0
	persist-credentials: false

	- name: Check out code base
	if: github.event_name == 'pull_request'
	uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
	with:
	fetch-depth: 0
	persist-credentials: false
	ref: ${{ github.event.pull_request.head.sha }}

	- name: Run Go report card
	run: \|
	path=$(curl -sf -X POST -F "repo=github.com/$GITHUB_REPOSITORY" https://goreportcard.com/checks \| jq -r '.redirect')
	echo -e "See report for https://goreportcard.com${path}" >> $GITHUB_STEP_SUMMARY

Provide feedback