diff --git a/.github/workflows/build-webui.yml b/.github/workflows/build-webui.yml index 59edb883fb..0dd9f685cf 100644 --- a/.github/workflows/build-webui.yml +++ b/.github/workflows/build-webui.yml @@ -37,7 +37,7 @@ jobs: - name: Release if: ${{ inputs.release }} - uses: ncipollo/release-action@cdcc88a9acf3ca41c16c37bb7d21b9ad48560d87 # v1.15.0 + uses: ncipollo/release-action@440c8c1cb0ed28b9f43e4d1d670870f059653174 # v1.16.0 with: artifactErrorsFailBuild: true allowUpdates: true @@ -48,7 +48,7 @@ jobs: prerelease: true - name: Upload artifact - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1 with: name: ui path: 'ui/dist/webui/index.html' diff --git a/.github/workflows/built-tests.yml b/.github/workflows/built-tests.yml index 3decb21191..52a33f9b5e 100644 --- a/.github/workflows/built-tests.yml +++ b/.github/workflows/built-tests.yml @@ -53,7 +53,7 @@ jobs: script: 'wasm.py' - name: Upload wasm artifact - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1 with: path: 'ui/gsa.wasm' name: wasm @@ -128,7 +128,7 @@ jobs: - name: Upload test results to Codecov if: ${{ !cancelled() && matrix.test-type == 'unit' && matrix.os != 'self-hosted' }} - uses: codecov/test-results-action@44ecb3a270cd942bdf0fa8f2ce14cb32493e810a # v1.0.3 + uses: codecov/test-results-action@5c441a7bcc06f8706cde90192857d337c5dab8a6 # v1.0.4 with: token: ${{ secrets.CODECOV_TOKEN }} name: ${{ matrix.os }} unit tests @@ -137,7 +137,7 @@ jobs: verbose: true - name: Upload results - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1 if: ${{ !cancelled() }} with: name: ${{ matrix.os }}-${{ matrix.test }}-results @@ -153,7 +153,7 @@ jobs: os: [ ubuntu-24.04, ubuntu-24.04-arm, windows-latest, macos-13, macos-14, self-hosted ] steps: - name: Merge - uses: actions/upload-artifact/merge@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 + uses: actions/upload-artifact/merge@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1 with: name: ${{ matrix.os }}-results compression-level: '9' @@ -216,7 +216,7 @@ jobs: - name: Upload test results to Codecov if: ${{ !cancelled() }} - uses: codecov/test-results-action@44ecb3a270cd942bdf0fa8f2ce14cb32493e810a # v1.0.3 + uses: codecov/test-results-action@5c441a7bcc06f8706cde90192857d337c5dab8a6 # v1.0.4 with: token: ${{ secrets.CODECOV_TOKEN }} name: Web UI tests diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index bf1a2ddc8a..44d7269253 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -52,12 +52,12 @@ jobs: check-latest: true - name: Initialize CodeQL - uses: github/codeql-action/init@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 + uses: github/codeql-action/init@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 + uses: github/codeql-action/analyze@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 55ab02a8ee..f400be491b 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -37,7 +37,7 @@ jobs: continue-on-error: true - name: Upload analysis results to GitHub - uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 + uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10 with: sarif_file: ./ui/eslint-results.sarif wait-for-processing: true @@ -68,7 +68,7 @@ jobs: continue-on-error: true - name: Upload analysis results to GitHub - uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 + uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10 with: sarif_file: ./golangci-lint-results.sarif wait-for-processing: true @@ -81,6 +81,6 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: typos-action - uses: crate-ci/typos@51f257b946f503b768e522781f56e9b7b5570d48 # v1.29.7 + uses: crate-ci/typos@212923e4ff05b7fc2294a204405eec047b807138 # v1.29.9 with: config: typos.toml diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 1e2314a2d6..1b94d5bd76 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -23,20 +23,20 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 + uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1 with: results_file: results.sarif results_format: sarif publish_results: true - name: "Upload artifact" - uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0 + uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1 with: name: SARIF file path: results.sarif retention-days: 5 - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9 + uses: github/codeql-action/upload-sarif@b56ba49b26e50535fa1e7f7db0f4f7b4bf65d80d # v3.28.10 with: sarif_file: results.sarif