diff --git a/.github/workflows/build-and-deploy.yml b/.github/workflows/build-and-deploy.yml index 16ff31403e06..5ac9578530d4 100644 --- a/.github/workflows/build-and-deploy.yml +++ b/.github/workflows/build-and-deploy.yml @@ -101,10 +101,10 @@ jobs: 54.185.253.63:443 - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm @@ -134,10 +134,10 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 66a3d9a972b2..1eff8fa5d49f 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -41,12 +41,12 @@ jobs: timeout-minutes: 30 steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Initialize CodeQL - uses: github/codeql-action/init@e2b3eafc8d227b0241d48be5f425d47c2d750a13 + uses: github/codeql-action/init@662472033e021d55d94146f66f6058822b0b39fd with: languages: javascript - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@e2b3eafc8d227b0241d48be5f425d47c2d750a13 + uses: github/codeql-action/analyze@662472033e021d55d94146f66f6058822b0b39fd diff --git a/.github/workflows/deploy-storybook.yml b/.github/workflows/deploy-storybook.yml index 474b29f8be12..a4841539519d 100644 --- a/.github/workflows/deploy-storybook.yml +++ b/.github/workflows/deploy-storybook.yml @@ -33,10 +33,10 @@ jobs: timeout-minutes: 10 steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm @@ -50,7 +50,7 @@ jobs: run: npm run storybook:build - name: Checkout gh-pages - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 with: ref: gh-pages token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} diff --git a/.github/workflows/lint-css-js-md.yml b/.github/workflows/lint-css-js-md.yml index 0a28544729ba..68e009907655 100644 --- a/.github/workflows/lint-css-js-md.yml +++ b/.github/workflows/lint-css-js-md.yml @@ -74,10 +74,10 @@ jobs: 54.185.253.63:443 - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm diff --git a/.github/workflows/lint-i18n.yml b/.github/workflows/lint-i18n.yml index 43488c222597..656439eab021 100644 --- a/.github/workflows/lint-i18n.yml +++ b/.github/workflows/lint-i18n.yml @@ -47,7 +47,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup PHP uses: shivammathur/setup-php@v2 @@ -60,7 +60,7 @@ jobs: run: wp package install wp-cli/i18n-command:dev-main - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm diff --git a/.github/workflows/lint-php.yml b/.github/workflows/lint-php.yml index f81dad8d724e..e3b9a9f0f36b 100644 --- a/.github/workflows/lint-php.yml +++ b/.github/workflows/lint-php.yml @@ -55,7 +55,7 @@ jobs: dl.cloudsmith.io:443 - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup PHP uses: shivammathur/setup-php@e6f75134d35752277f093989e72e140eaa222f35 diff --git a/.github/workflows/lint-plugin-check.yml b/.github/workflows/lint-plugin-check.yml index f9fa023f9d2f..9c9e2ef9fd4d 100644 --- a/.github/workflows/lint-plugin-check.yml +++ b/.github/workflows/lint-plugin-check.yml @@ -47,10 +47,10 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm diff --git a/.github/workflows/npm-release.yml b/.github/workflows/npm-release.yml index b268f9c4aa08..493d3e9fc853 100644 --- a/.github/workflows/npm-release.yml +++ b/.github/workflows/npm-release.yml @@ -34,10 +34,10 @@ jobs: environment: Production steps: - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm @@ -107,13 +107,13 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 with: token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} # See go/npm-publish - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm diff --git a/.github/workflows/plugin-release.yml b/.github/workflows/plugin-release.yml index cdd7c1141927..199fbe3bb759 100644 --- a/.github/workflows/plugin-release.yml +++ b/.github/workflows/plugin-release.yml @@ -46,7 +46,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Verify semver compatibility run: | @@ -127,7 +127,7 @@ jobs: # Grab current assets version from `web-stories.php` and pass on to next steps. # - name: Checkout - # uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + # uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # with: # ref: @@ -143,7 +143,7 @@ jobs: # ASSETS_VERSION_REGEX: "https://wp.stories.google/static/([^']+)" - name: Checkout wp.stories.google - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 with: repository: GoogleForCreators/wp.stories.google lfs: true @@ -222,7 +222,7 @@ jobs: echo "" > assets_version/assets_version.txt - name: Upload assets version - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 with: name: assets-version path: public/static/assets_version @@ -250,7 +250,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 with: fetch-depth: 0 # 0 indicates all history for all branches and tags. token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} @@ -269,7 +269,7 @@ jobs: continue-on-error: true - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm @@ -396,7 +396,7 @@ jobs: mv build/*.zip build/release-assets/ - name: Upload artifacts - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 with: name: release-assets path: build/release-assets @@ -413,7 +413,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Download release artifacts uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 @@ -449,13 +449,13 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 with: ref: main token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 42ad65510f8f..4ebfd97f1b00 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -30,7 +30,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: 'Checkout code' - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 with: persist-credentials: false @@ -48,7 +48,7 @@ jobs: # Upload the results as artifacts (optional). - name: 'Upload artifact' - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 with: name: SARIF file path: results.sarif @@ -56,6 +56,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: 'Upload to code-scanning' - uses: github/codeql-action/upload-sarif@e2b3eafc8d227b0241d48be5f425d47c2d750a13 + uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd with: sarif_file: results.sarif diff --git a/.github/workflows/tests-e2e.yml b/.github/workflows/tests-e2e.yml index f67dd07d1d7c..fc1de6d03c30 100644 --- a/.github/workflows/tests-e2e.yml +++ b/.github/workflows/tests-e2e.yml @@ -75,10 +75,10 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm @@ -116,7 +116,7 @@ jobs: run: bun run workflow:build-plugin - name: Upload bundle - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 with: name: web-stories path: build/web-stories @@ -175,7 +175,7 @@ jobs: 34.104.35.123:443 - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Download bundle uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 @@ -187,7 +187,7 @@ jobs: run: sudo apt-get install libgbm1 - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm @@ -239,7 +239,7 @@ jobs: ARTIFACT_NAME: failures-artifacts-${{ matrix.wp }}-${{ matrix.shard }} - name: Upload artifacts - uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 + uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 if: always() with: name: ${{ env.ARTIFACT_NAME }} diff --git a/.github/workflows/tests-karma-dashboard.yml b/.github/workflows/tests-karma-dashboard.yml index 1691a81f3edb..b3911a46b138 100644 --- a/.github/workflows/tests-karma-dashboard.yml +++ b/.github/workflows/tests-karma-dashboard.yml @@ -65,10 +65,10 @@ jobs: 34.104.35.123:443 - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm diff --git a/.github/workflows/tests-karma-editor.yml b/.github/workflows/tests-karma-editor.yml index fb071c27370b..4804bd8fdb84 100644 --- a/.github/workflows/tests-karma-editor.yml +++ b/.github/workflows/tests-karma-editor.yml @@ -103,10 +103,10 @@ jobs: 34.104.35.123:443 - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm diff --git a/.github/workflows/tests-unit-js.yml b/.github/workflows/tests-unit-js.yml index 2cfacb2625b7..7175f467c197 100644 --- a/.github/workflows/tests-unit-js.yml +++ b/.github/workflows/tests-unit-js.yml @@ -67,16 +67,16 @@ jobs: fonts.gstatic.com:443 - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm - name: Setup Jest cache - uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 + uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a with: path: .jest-cache key: ${{ runner.os }}-${{ env.NVMRC }}-jest diff --git a/.github/workflows/tests-unit-php.yml b/.github/workflows/tests-unit-php.yml index 51321c93988d..c4b0644002c9 100644 --- a/.github/workflows/tests-unit-php.yml +++ b/.github/workflows/tests-unit-php.yml @@ -100,7 +100,7 @@ jobs: dl.cloudsmith.io:443 - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # PHP-Scoper only works on PHP 7.4+ and we need to prefix our dependencies to accurately test them. # So we temporarily switch PHP versions, do a full install and then remove the package. diff --git a/.github/workflows/update-browserslist.yml b/.github/workflows/update-browserslist.yml index cb6392173b9e..1071c4f92e85 100644 --- a/.github/workflows/update-browserslist.yml +++ b/.github/workflows/update-browserslist.yml @@ -27,12 +27,12 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 with: token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm diff --git a/.github/workflows/update-google-fonts.yml b/.github/workflows/update-google-fonts.yml index 7e764ec69d4e..a5667c7fa1b9 100644 --- a/.github/workflows/update-google-fonts.yml +++ b/.github/workflows/update-google-fonts.yml @@ -27,12 +27,12 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 with: token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm diff --git a/.github/workflows/update-product-schema.yml b/.github/workflows/update-product-schema.yml index 9072d569f19f..27d1117a3653 100644 --- a/.github/workflows/update-product-schema.yml +++ b/.github/workflows/update-product-schema.yml @@ -27,7 +27,7 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 with: token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} diff --git a/.github/workflows/update-templates.yml b/.github/workflows/update-templates.yml index c57cc535b089..4376d643aaa5 100644 --- a/.github/workflows/update-templates.yml +++ b/.github/workflows/update-templates.yml @@ -27,12 +27,12 @@ jobs: egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs - name: Checkout - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 with: token: ${{ secrets.GOOGLEFORCREATORS_BOT_TOKEN }} - name: Setup Node - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af with: node-version-file: '.nvmrc' cache: npm