diff --git a/.github/workflows/audit-dev.yml b/.github/workflows/audit-dev.yml index 9d31ed8a..8ad8022e 100644 --- a/.github/workflows/audit-dev.yml +++ b/.github/workflows/audit-dev.yml @@ -35,7 +35,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: diff --git a/.github/workflows/audit-release.yml b/.github/workflows/audit-release.yml index f077c511..e374d1e2 100644 --- a/.github/workflows/audit-release.yml +++ b/.github/workflows/audit-release.yml @@ -27,7 +27,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: ref: v2 - name: Install Node.js diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index 74f75e17..9ea5669a 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -28,7 +28,7 @@ jobs: pkg-containers.githubusercontent.com:443 uploads.github.com:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Initialize CodeQL uses: github/codeql-action/init@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 with: @@ -55,7 +55,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -84,7 +84,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -113,7 +113,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install tooling uses: asdf-vm/actions/install@4f8f7939dd917fc656bb7c3575969a5988c28364 # v3.0.0 - name: Install Node.js @@ -162,7 +162,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -207,7 +207,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -248,7 +248,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -292,7 +292,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -341,7 +341,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -378,7 +378,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -425,7 +425,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -473,7 +473,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -502,7 +502,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -531,7 +531,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: diff --git a/.github/workflows/config-npm.yml b/.github/workflows/config-npm.yml index 99524db2..468cd037 100644 --- a/.github/workflows/config-npm.yml +++ b/.github/workflows/config-npm.yml @@ -35,7 +35,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -64,7 +64,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 1d0d6d9d..42fee0bf 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -37,7 +37,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index 97c00296..d9d23200 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -29,7 +29,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: fetch-depth: 0 # To fetch all tags - name: Install Node.js @@ -73,7 +73,7 @@ jobs: actions-results-receiver-production.githubapp.com:443 github.com:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: fetch-depth: 0 # To fetch all major version branches - name: Get release version @@ -154,7 +154,7 @@ jobs: rekor.sigstore.dev:443 sigstore-tuf-root.storage.googleapis.com:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 00089486..fd0a9ad1 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -36,7 +36,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: diff --git a/.github/workflows/reusable-fuzz.yml b/.github/workflows/reusable-fuzz.yml index dc56ceef..f702a0a1 100644 --- a/.github/workflows/reusable-fuzz.yml +++ b/.github/workflows/reusable-fuzz.yml @@ -43,7 +43,7 @@ jobs: pipelines.actions.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Create identifier uses: actions/github-script@e69ef5462fd455e02edcaf4dd7708eda96b9eda0 # v7.0.0 id: run-id diff --git a/.github/workflows/secrets.yml b/.github/workflows/secrets.yml index 35c75f7f..29b879b4 100644 --- a/.github/workflows/secrets.yml +++ b/.github/workflows/secrets.yml @@ -29,7 +29,7 @@ jobs: objects.githubusercontent.com:443 pkg-containers.githubusercontent.com:443 - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 with: fetch-depth: 0 - name: Scan for secrets diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index d9f6e25d..c55808d7 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -16,7 +16,7 @@ jobs: image: returntocorp/semgrep steps: - name: Checkout repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - name: Perform Semgrep analysis run: semgrep ci --sarif --output semgrep.sarif env: