From 2b2ee8be52acc6ee77bc13c72a6d8c7f83e9fcc2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 30 Jun 2026 23:59:40 +0000 Subject: [PATCH] build(deps): bump the dependencies group across 1 directory with 9 updates Bumps the dependencies group with 9 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `6.0.2` | `7.0.0` | | [envoyproxy/toolshed/actions/github/container/auth](https://github.com/envoyproxy/toolshed) | `f3c0acc8c3799305101f5669042b388edfb070c7` | `303f50e2d2bfcd0259230e3227cd08e8a95f2c69` | | [github/codeql-action/init](https://github.com/github/codeql-action) | `4.35.4` | `4.36.2` | | [github/codeql-action/autobuild](https://github.com/github/codeql-action) | `4.35.4` | `4.36.2` | | [github/codeql-action/analyze](https://github.com/github/codeql-action) | `4.35.4` | `4.36.2` | | [actions/setup-python](https://github.com/actions/setup-python) | `6.2.0` | `6.3.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `4.0.0` | `4.1.0` | | [actions-rust-lang/setup-rust-toolchain](https://github.com/actions-rust-lang/setup-rust-toolchain) | `1.16.1` | `1.17.0` | | [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) | `4.35.4` | `4.36.2` | Updates `actions/checkout` from 6.0.2 to 7.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/de0fac2e4500dabe0009e67214ff5f5447ce83dd...9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0) Updates `envoyproxy/toolshed/actions/github/container/auth` from f3c0acc8c3799305101f5669042b388edfb070c7 to 303f50e2d2bfcd0259230e3227cd08e8a95f2c69 - [Release notes](https://github.com/envoyproxy/toolshed/releases) - [Commits](https://github.com/envoyproxy/toolshed/compare/f3c0acc8c3799305101f5669042b388edfb070c7...303f50e2d2bfcd0259230e3227cd08e8a95f2c69) Updates `github/codeql-action/init` from 4.35.4 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/68bde559dea0fdcac2102bfdf6230c5f70eb485e...8aad20d150bbac5944a9f9d289da16a4b0d87c1e) Updates `github/codeql-action/autobuild` from 4.35.4 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/68bde559dea0fdcac2102bfdf6230c5f70eb485e...8aad20d150bbac5944a9f9d289da16a4b0d87c1e) Updates `github/codeql-action/analyze` from 4.35.4 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/68bde559dea0fdcac2102bfdf6230c5f70eb485e...8aad20d150bbac5944a9f9d289da16a4b0d87c1e) Updates `actions/setup-python` from 6.2.0 to 6.3.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/a309ff8b426b58ec0e2a45f0f869d46889d02405...ece7cb06caefa5fff74198d8649806c4678c61a1) Updates `docker/setup-buildx-action` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd...d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5) Updates `actions-rust-lang/setup-rust-toolchain` from 1.16.1 to 1.17.0 - [Release notes](https://github.com/actions-rust-lang/setup-rust-toolchain/releases) - [Changelog](https://github.com/actions-rust-lang/setup-rust-toolchain/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions-rust-lang/setup-rust-toolchain/compare/46268bd060767258de96ed93c1251119784f2ab6...166cdcfd11aee3cb47222f9ddb555ce30ddb9659) Updates `github/codeql-action/upload-sarif` from 4.35.4 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/68bde559dea0fdcac2102bfdf6230c5f70eb485e...8aad20d150bbac5944a9f9d289da16a4b0d87c1e) --- updated-dependencies: - dependency-name: actions-rust-lang/setup-rust-toolchain dependency-version: 1.17.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: actions/setup-python dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: docker/setup-buildx-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: envoyproxy/toolshed/actions/github/container/auth dependency-version: 796a4a762426c9afb8399244740e572a2e4947b2 dependency-type: direct:production dependency-group: dependencies - dependency-name: github/codeql-action/analyze dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github/codeql-action/autobuild dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github/codeql-action/init dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github/codeql-action/upload-sarif dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/_bazel.yml | 10 +++++----- .github/workflows/_bazel_registry.yml | 4 ++-- .github/workflows/_publish_release.yml | 4 ++-- .github/workflows/actions.yml | 2 +- .github/workflows/bazel.yml | 4 ++-- .github/workflows/codeql.yml | 8 ++++---- .github/workflows/copilot-setup-steps.yml | 4 ++-- .github/workflows/docker.yml | 4 ++-- .github/workflows/jq.yml | 2 +- .github/workflows/js.yml | 2 +- .github/workflows/lint.yml | 4 ++-- .github/workflows/py.yml | 20 ++++++++++---------- .github/workflows/rust.yml | 8 ++++---- .github/workflows/scorecard.yml | 4 ++-- .github/workflows/sh.yml | 2 +- .github/workflows/update-versions.yml | 2 +- 16 files changed, 42 insertions(+), 42 deletions(-) diff --git a/.github/workflows/_bazel.yml b/.github/workflows/_bazel.yml index 9a1101901a..bba6a14ec3 100644 --- a/.github/workflows/_bazel.yml +++ b/.github/workflows/_bazel.yml @@ -58,7 +58,7 @@ jobs: target: /home/runner/.cache chown: "runner:runner" - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Bazel uses: bazelbuild/setup-bazelisk@b39c379c82683a5f25d34f0d062761f62693e0b2 # v3 - name: Install libtinfo5 @@ -81,7 +81,7 @@ jobs: - name: RBE auth check id: rbe if: inputs.rbe && github.event_name == 'pull_request' - uses: envoyproxy/toolshed/actions/github/container/auth@f3c0acc8c3799305101f5669042b388edfb070c7 + uses: envoyproxy/toolshed/actions/github/container/auth@303f50e2d2bfcd0259230e3227cd08e8a95f2c69 with: container: hello-world - name: Bazel targets (${{ inputs.action }}/${{ inputs.bazel-mode }}) @@ -145,7 +145,7 @@ jobs: name: Bazel (x-compile x86 -> arm) steps: - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Bazel uses: bazelbuild/setup-bazelisk@b39c379c82683a5f25d34f0d062761f62693e0b2 # v3 - name: Install libtinfo5 @@ -195,7 +195,7 @@ jobs: SDK_PREFIX: "Payload/Library/Developer/CommandLineTools/SDKs/MacOSX15.5.sdk" steps: - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Extract macOS arm64 sysroot run: | set -euo pipefail @@ -275,7 +275,7 @@ jobs: name: Bazel (x-compile arm -> x86) steps: - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Bazel uses: bazelbuild/setup-bazelisk@b39c379c82683a5f25d34f0d062761f62693e0b2 # v3 - name: Install libtinfo5 diff --git a/.github/workflows/_bazel_registry.yml b/.github/workflows/_bazel_registry.yml index 6e064e054b..01b9204ea2 100644 --- a/.github/workflows/_bazel_registry.yml +++ b/.github/workflows/_bazel_registry.yml @@ -39,7 +39,7 @@ jobs: outputs: versions: ${{ steps.versions.outputs.value }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - uses: envoyproxy/toolshed/actions/jq@5171ddd579f53dcef432bc54e16e2d2c90864968 # actions-v0.4.13 id: versions with: @@ -61,7 +61,7 @@ jobs: matrix: version: ${{ fromJSON(needs.module.outputs.versions) }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - uses: envoyproxy/toolshed/actions/jq@5171ddd579f53dcef432bc54e16e2d2c90864968 # actions-v0.4.13 with: input: ${{ inputs.modules-root }}/modules/${{ inputs.module }}/${{ matrix.version }}/${{ inputs.source }} diff --git a/.github/workflows/_publish_release.yml b/.github/workflows/_publish_release.yml index 92a68f6cb1..9363c9ebe6 100644 --- a/.github/workflows/_publish_release.yml +++ b/.github/workflows/_publish_release.yml @@ -111,7 +111,7 @@ jobs: token: ${{ steps.appauth.outputs.token }} - if: inputs.dry-run - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: path: temprepo - if: inputs.dry-run @@ -216,7 +216,7 @@ jobs: && ! fromJSON(needs.release.outputs.version).is_dev runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Get docker version id: docker-version diff --git a/.github/workflows/actions.yml b/.github/workflows/actions.yml index 2aa850678e..71d58f14f8 100644 --- a/.github/workflows/actions.yml +++ b/.github/workflows/actions.yml @@ -51,7 +51,7 @@ jobs: matrix: test: ${{ fromJSON(needs.request.outputs.tests) }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Run test uses: envoyproxy/toolshed/actions/test-runner@5171ddd579f53dcef432bc54e16e2d2c90864968 # actions-v0.4.13 with: diff --git a/.github/workflows/bazel.yml b/.github/workflows/bazel.yml index 01389d1759..a308727d7d 100644 --- a/.github/workflows/bazel.yml +++ b/.github/workflows/bazel.yml @@ -144,13 +144,13 @@ jobs: - bzlmod steps: - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Bazel uses: bazelbuild/setup-bazelisk@b39c379c82683a5f25d34f0d062761f62693e0b2 # v3 - name: RBE auth check id: rbe if: github.event_name == 'pull_request' - uses: envoyproxy/toolshed/actions/github/container/auth@f3c0acc8c3799305101f5669042b388edfb070c7 + uses: envoyproxy/toolshed/actions/github/container/auth@303f50e2d2bfcd0259230e3227cd08e8a95f2c69 with: container: hello-world - name: Configure repo Bazel settings diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index edf2a40142..ba768624d4 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -49,18 +49,18 @@ jobs: chown: "runner:runner" - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Initialize CodeQL - uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 + uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 with: languages: ${{ matrix.language }} config-file: ./.github/codeql/codeql-config.yml - name: Autobuild - uses: github/codeql-action/autobuild@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 + uses: github/codeql-action/autobuild@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 + uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index a740ce36ec..eccd6d4e28 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -21,7 +21,7 @@ jobs: sudo rm -rf /usr/local/lib/android & sudo rm -rf /usr/share/dotnet & - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Install deps shell: bash run: | @@ -85,7 +85,7 @@ jobs: bazel --version working-directory: bazel - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.12" - name: Pants diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index fd9bb46e43..0728909825 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -48,10 +48,10 @@ jobs: - arm64 name: build (${{ matrix.arch }}) steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 + uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0 - name: Get docker version id: docker-version diff --git a/.github/workflows/jq.yml b/.github/workflows/jq.yml index 40a69b103d..2fc19f06d9 100644 --- a/.github/workflows/jq.yml +++ b/.github/workflows/jq.yml @@ -34,7 +34,7 @@ jobs: if: fromJSON(needs.request.outputs.run) steps: - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Verify tools run: | jq --version diff --git a/.github/workflows/js.yml b/.github/workflows/js.yml index 1a74a8303a..3e59d62d02 100644 --- a/.github/workflows/js.yml +++ b/.github/workflows/js.yml @@ -48,7 +48,7 @@ jobs: - retest - torun steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 1391c1c1e6..a1267986d7 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -19,8 +19,8 @@ jobs: lint: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.13" - run: pip install --require-hashes -r ci/requirements.txt diff --git a/.github/workflows/py.yml b/.github/workflows/py.yml index 2c9fde2a1f..f9717cd518 100644 --- a/.github/workflows/py.yml +++ b/.github/workflows/py.yml @@ -45,8 +45,8 @@ jobs: github.repository_owner == 'envoyproxy' && fromJSON(needs.request.outputs.run) steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.12" - name: Initialize Pants @@ -68,8 +68,8 @@ jobs: if: >- fromJSON(needs.request.outputs.run) steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.12" - name: Initialize Pants @@ -86,8 +86,8 @@ jobs: if: >- fromJSON(needs.request.outputs.run) steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.12" - name: Initialize Pants @@ -102,8 +102,8 @@ jobs: # TODO: reenable once plugin is fixed if: false steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.12" - name: Initialize Pants @@ -125,8 +125,8 @@ jobs: if: >- fromJSON(needs.request.outputs.run) steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + - uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # v6.3.0 with: python-version: "3.12" - name: Initialize Pants diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index b98716329e..79048d6940 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -47,8 +47,8 @@ jobs: - integration name: test (${{ matrix.toolchain }}, ${{ matrix.test-type }}) steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - - uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 # v1 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + - uses: actions-rust-lang/setup-rust-toolchain@166cdcfd11aee3cb47222f9ddb555ce30ddb9659 # v1 with: toolchain: ${{ matrix.toolchain }} - name: Install cargo-tarpaulin @@ -81,10 +81,10 @@ jobs: runs-on: ubuntu-22.04-arm rust-target: aarch64-unknown-linux-gnu steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Install Rust toolchain - uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 # v1 + uses: actions-rust-lang/setup-rust-toolchain@166cdcfd11aee3cb47222f9ddb555ce30ddb9659 # v1 with: toolchain: stable diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 13d560a153..073e401b31 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -25,7 +25,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false @@ -44,6 +44,6 @@ jobs: retention-days: 5 - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 + uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 with: sarif_file: results.sarif diff --git a/.github/workflows/sh.yml b/.github/workflows/sh.yml index 9f0b13c04c..bf72b42f4c 100644 --- a/.github/workflows/sh.yml +++ b/.github/workflows/sh.yml @@ -44,7 +44,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - run: | sudo apt-get update sudo apt-get -qq install -y inotify-tools diff --git a/.github/workflows/update-versions.yml b/.github/workflows/update-versions.yml index f35e6666e4..fc77a1abbf 100644 --- a/.github/workflows/update-versions.yml +++ b/.github/workflows/update-versions.yml @@ -35,7 +35,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Determine release tag id: release env: