diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index b6fb10d2..c39c5589 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -26,7 +26,7 @@ jobs: runs-on: ubuntu-latest steps: - name: check out code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: install dependencies run: npm install - name: run markdownlint @@ -36,7 +36,7 @@ jobs: runs-on: ubuntu-latest steps: - name: check out code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - uses: actions/setup-python@v6 with: python-version: '3.x' @@ -49,7 +49,7 @@ jobs: runs-on: ubuntu-latest steps: - name: check out code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: run misspell run: make misspell @@ -57,7 +57,7 @@ jobs: name: linkspector runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: Run linkspector uses: umbrelladocs/action-linkspector@v1 with: @@ -68,7 +68,7 @@ jobs: sanity: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - name: run sanitycheck.py run: python3 ./internal/tools/sanitycheck.py @@ -76,7 +76,7 @@ jobs: runs-on: ubuntu-latest steps: - name: check out code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: install tools run: make install-tools - name: run checklicense diff --git a/.github/workflows/component-build-images.yml b/.github/workflows/component-build-images.yml index a4c95447..3256e771 100644 --- a/.github/workflows/component-build-images.yml +++ b/.github/workflows/component-build-images.yml @@ -33,7 +33,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Generate run: make clean docker-generate-protobuf - name: Check Clean Work Tree @@ -144,7 +144,7 @@ jobs: setup-qemu: true steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: fetch-depth: 0 - name: Load environment variables from .env file diff --git a/.github/workflows/dependabot-auto-update-protobuf-diff.yml b/.github/workflows/dependabot-auto-update-protobuf-diff.yml index 96dd1bd4..df209a50 100644 --- a/.github/workflows/dependabot-auto-update-protobuf-diff.yml +++ b/.github/workflows/dependabot-auto-update-protobuf-diff.yml @@ -18,7 +18,7 @@ jobs: if: github.event.pull_request.user.login == 'dependabot[bot]' steps: - name: Checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: ref: ${{ github.head_ref }} token: ${{ secrets.DEPENDABOT_TOKEN }} diff --git a/.github/workflows/fossa.yml b/.github/workflows/fossa.yml index 9c799189..cd201b40 100644 --- a/.github/workflows/fossa.yml +++ b/.github/workflows/fossa.yml @@ -15,7 +15,7 @@ jobs: fossa: runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 - uses: fossas/fossa-action@3ebcea1862c6ffbd5cf1b4d0bd6b3fe7bd6f2cac # v1.7.0 with: diff --git a/.github/workflows/gradle-wrapper-validation.yml b/.github/workflows/gradle-wrapper-validation.yml index 826f2890..8213f88c 100644 --- a/.github/workflows/gradle-wrapper-validation.yml +++ b/.github/workflows/gradle-wrapper-validation.yml @@ -16,6 +16,6 @@ jobs: validation: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 - uses: gradle/actions/wrapper-validation@v5.0.0 diff --git a/.github/workflows/label-pr.yml b/.github/workflows/label-pr.yml index f9273e81..bd09d13e 100644 --- a/.github/workflows/label-pr.yml +++ b/.github/workflows/label-pr.yml @@ -18,7 +18,7 @@ jobs: contents: read steps: - name: Checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: Check for changed files id: file_changes diff --git a/.github/workflows/ossf-scorecard.yml b/.github/workflows/ossf-scorecard.yml index e54c1f99..0ffd2d49 100644 --- a/.github/workflows/ossf-scorecard.yml +++ b/.github/workflows/ossf-scorecard.yml @@ -22,7 +22,7 @@ jobs: # Needed for GitHub OIDC token if publish_results is true id-token: write steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: persist-credentials: false @@ -36,7 +36,7 @@ jobs: # uploads of run results in SARIF format to the repository Actions tab. # https://docs.github.com/en/actions/advanced-guides/storing-workflow-data-as-artifacts - name: "Upload artifact" - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: SARIF file path: results.sarif @@ -45,6 +45,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@16140ae1a102900babc80a33c44059580f687047 # v3.29.5 + uses: github/codeql-action/upload-sarif@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v3.29.5 with: sarif_file: results.sarif diff --git a/.github/workflows/run-integration-tests.yml b/.github/workflows/run-integration-tests.yml index a64c774b..7fa3d009 100644 --- a/.github/workflows/run-integration-tests.yml +++ b/.github/workflows/run-integration-tests.yml @@ -17,7 +17,7 @@ jobs: if: github.event.review.state == 'APPROVED' steps: - name: check out code - uses: actions/checkout@v5 + uses: actions/checkout@v6 - name: run tracetesting run: | make build && docker system prune -f && make run-tracetesting