diff --git a/.github/workflows/audit-dev.yml b/.github/workflows/audit-dev.yml index 8ad8022e..5a34a110 100644 --- a/.github/workflows/audit-dev.yml +++ b/.github/workflows/audit-dev.yml @@ -35,7 +35,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: diff --git a/.github/workflows/audit-release.yml b/.github/workflows/audit-release.yml index e374d1e2..dbaa261a 100644 --- a/.github/workflows/audit-release.yml +++ b/.github/workflows/audit-release.yml @@ -27,7 +27,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: ref: v2 - name: Install Node.js diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml index 9ea5669a..e0c52a4d 100644 --- a/.github/workflows/checks.yml +++ b/.github/workflows/checks.yml @@ -28,7 +28,7 @@ jobs: pkg-containers.githubusercontent.com:443 uploads.github.com:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Initialize CodeQL uses: github/codeql-action/init@461ef6c76dfe95d5c364de2f431ddbd31a417628 # v3.26.9 with: @@ -55,7 +55,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -84,7 +84,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -113,7 +113,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install tooling uses: asdf-vm/actions/install@4f8f7939dd917fc656bb7c3575969a5988c28364 # v3.0.0 - name: Install Node.js @@ -162,7 +162,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -207,7 +207,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -248,7 +248,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -292,7 +292,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -341,7 +341,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -378,7 +378,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -425,7 +425,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -473,7 +473,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -502,7 +502,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -531,7 +531,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: diff --git a/.github/workflows/config-npm.yml b/.github/workflows/config-npm.yml index 468cd037..ab83b5f9 100644 --- a/.github/workflows/config-npm.yml +++ b/.github/workflows/config-npm.yml @@ -35,7 +35,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: @@ -64,7 +64,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: diff --git a/.github/workflows/nightly.yml b/.github/workflows/nightly.yml index 42fee0bf..b2198eed 100644 --- a/.github/workflows/nightly.yml +++ b/.github/workflows/nightly.yml @@ -37,7 +37,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index d9d23200..3c1657fe 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -29,7 +29,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 # To fetch all tags - name: Install Node.js @@ -73,7 +73,7 @@ jobs: actions-results-receiver-production.githubapp.com:443 github.com:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 # To fetch all major version branches - name: Get release version @@ -154,7 +154,7 @@ jobs: rekor.sigstore.dev:443 sigstore-tuf-root.storage.googleapis.com:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index fd0a9ad1..7bec3c94 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -36,7 +36,7 @@ jobs: objects.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Install Node.js uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 with: diff --git a/.github/workflows/reusable-fuzz.yml b/.github/workflows/reusable-fuzz.yml index f702a0a1..0d6b1984 100644 --- a/.github/workflows/reusable-fuzz.yml +++ b/.github/workflows/reusable-fuzz.yml @@ -43,7 +43,7 @@ jobs: pipelines.actions.githubusercontent.com:443 registry.npmjs.org:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Create identifier uses: actions/github-script@e69ef5462fd455e02edcaf4dd7708eda96b9eda0 # v7.0.0 id: run-id diff --git a/.github/workflows/secrets.yml b/.github/workflows/secrets.yml index 29b879b4..7905ef70 100644 --- a/.github/workflows/secrets.yml +++ b/.github/workflows/secrets.yml @@ -29,7 +29,7 @@ jobs: objects.githubusercontent.com:443 pkg-containers.githubusercontent.com:443 - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Scan for secrets diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index c55808d7..c9c39e8e 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -16,7 +16,7 @@ jobs: image: returntocorp/semgrep steps: - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Perform Semgrep analysis run: semgrep ci --sarif --output semgrep.sarif env: