diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index b94d64c3..0b3153e3 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -28,19 +28,19 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2 + uses: github/codeql-action/init@96f518a34f7a870018057716cc4d7a5c014bd61c # v3.29.10 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} queries: security-extended - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2 + uses: github/codeql-action/analyze@96f518a34f7a870018057716cc4d7a5c014bd61c # v3.29.10 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index cc30713c..d106a878 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -14,7 +14,7 @@ jobs: contents: write steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Set up Python diff --git a/.github/workflows/pre_commit.yml b/.github/workflows/pre_commit.yml index 7cf1adf6..127d23f4 100644 --- a/.github/workflows/pre_commit.yml +++ b/.github/workflows/pre_commit.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: CHECKOUT REPOSITORY - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Set up Python @@ -37,7 +37,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: CHECKOUT REPOSITORY - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Set up Python @@ -54,11 +54,11 @@ jobs: contents: read steps: - name: Checkout code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Run Zizmor scan - uses: open-edge-platform/anomalib/.github/actions/security/zizmor@90e1192dd7d420cb243a93ce17809e43f23fc36d + uses: open-edge-platform/anomalib/.github/actions/security/zizmor@f6ec1c57363a9894ff57184a5bfb78efa8f3de1b with: scan-scope: "changed" severity-level: "MEDIUM" @@ -70,11 +70,11 @@ jobs: contents: read steps: - name: Checkout code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Run Bandit scan - uses: open-edge-platform/anomalib/.github/actions/security/bandit@90e1192dd7d420cb243a93ce17809e43f23fc36d + uses: open-edge-platform/anomalib/.github/actions/security/bandit@f6ec1c57363a9894ff57184a5bfb78efa8f3de1b with: scan-scope: "changed" severity-level: "LOW" diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 6379b915..d6a9b52d 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Set up Python 3.10 @@ -48,7 +48,7 @@ jobs: id-token: write # required by trusted publisher steps: - name: Download artifacts - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v5 with: path: dist pattern: artifact-* diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 517c95fa..1c21428c 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -35,6 +35,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@181d5eefc20863364f96762470ba6f862bdef56b # v3.29.2 + uses: github/codeql-action/upload-sarif@96f518a34f7a870018057716cc4d7a5c014bd61c # v3.29.10 with: sarif_file: results.sarif diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml index 34837422..1822d459 100644 --- a/.github/workflows/security-scan.yml +++ b/.github/workflows/security-scan.yml @@ -20,11 +20,11 @@ jobs: security-events: write # Needed to upload the results to code-scanning dashboard steps: - name: Checkout code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Run Zizmor scan - uses: open-edge-platform/anomalib/.github/actions/security/zizmor@90e1192dd7d420cb243a93ce17809e43f23fc36d + uses: open-edge-platform/anomalib/.github/actions/security/zizmor@f6ec1c57363a9894ff57184a5bfb78efa8f3de1b with: scan-scope: "all" severity-level: "LOW" @@ -38,11 +38,11 @@ jobs: security-events: write # Needed to upload the results to code-scanning dashboard steps: - name: Checkout code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Run Bandit scan - uses: open-edge-platform/anomalib/.github/actions/security/bandit@90e1192dd7d420cb243a93ce17809e43f23fc36d + uses: open-edge-platform/anomalib/.github/actions/security/bandit@f6ec1c57363a9894ff57184a5bfb78efa8f3de1b with: scan-scope: "all" severity-level: "LOW" @@ -57,7 +57,7 @@ jobs: security-events: write # Needed to upload the results to code-scanning dashboard steps: - name: Checkout code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Set up Python @@ -72,7 +72,7 @@ jobs: - name: Run Trivy scan id: trivy - uses: open-edge-platform/anomalib/.github/actions/security/trivy@90e1192dd7d420cb243a93ce17809e43f23fc36d + uses: open-edge-platform/anomalib/.github/actions/security/trivy@f6ec1c57363a9894ff57184a5bfb78efa8f3de1b with: scan_type: "fs" scan-scope: all diff --git a/.github/workflows/test_accuracy.yml b/.github/workflows/test_accuracy.yml index ead050f4..97ae49bc 100644 --- a/.github/workflows/test_accuracy.yml +++ b/.github/workflows/test_accuracy.yml @@ -12,7 +12,7 @@ jobs: test_accuracy: runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0 diff --git a/.github/workflows/test_precommit.yml b/.github/workflows/test_precommit.yml index a9dc27ca..6452e891 100644 --- a/.github/workflows/test_precommit.yml +++ b/.github/workflows/test_precommit.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: CHECKOUT REPOSITORY - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: Set up Python @@ -51,7 +51,7 @@ jobs: run: | brew install colima docker colima start - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - uses: actions/setup-python@a26af69be951a213d495a4c3e4e4022e16d87065 # v5.6.0