Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/workflows/build-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,7 @@ jobs:
CFLAGS: "-O2 -D_FORTIFY_SOURCE=3 -Wall"
steps:
- name: Repository checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
with:
persist-credentials: false

Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/cifuzz.yml
Original file line number Diff line number Diff line change
Expand Up @@ -60,14 +60,14 @@ jobs:
sanitizer: ${{ matrix.sanitizer }}
output-sarif: true
- name: Upload Crash
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
if: failure() && steps.build.outcome == 'success'
with:
name: ${{ matrix.sanitizer }}-${{ matrix.architecture }}-artifacts
path: ./out/artifacts
- name: Upload Sarif
if: always() && steps.build.outcome == 'success'
uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e
uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e
with:
# Path to SARIF file relative to the root of the repository
sarif_file: cifuzz-sarif/results.sarif
Expand Down
12 changes: 6 additions & 6 deletions .github/workflows/claude-review.yml
Original file line number Diff line number Diff line change
Expand Up @@ -67,7 +67,7 @@ jobs:

- name: Fetch PR context and create tracking comment
id: context
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3
with:
script: |
const owner = context.repo.owner;
Expand Down Expand Up @@ -130,7 +130,7 @@ jobs:
# archive: false makes upload-artifact use the file's basename
# (pr-context.json) as the artifact name, ignoring the name input.
- name: Upload PR context
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
with:
path: pr-context.json
archive: false
Expand All @@ -146,7 +146,7 @@ jobs:
id-token: write # Authenticate with AWS via OIDC

steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
with:
# Need full history for git worktree add to work on all PR commits.
fetch-depth: 0
Expand Down Expand Up @@ -178,7 +178,7 @@ jobs:
sudo apt-get update && sudo apt-get install -y bubblewrap socat

- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7
uses: aws-actions/configure-aws-credentials@e7f100cf4c008499ea8adda475de1042d6975c7b
with:
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/${{ secrets.AWS_ROLE_NAME }}
role-session-name: GitHubActions-Claude-${{ github.run_id }}
Expand Down Expand Up @@ -382,7 +382,7 @@ jobs:

- name: Upload review result
if: always()
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
with:
path: review-result.json
if-no-files-found: ignore
Expand All @@ -406,7 +406,7 @@ jobs:
name: review-result.json

- name: Post review comments
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3
env:
REVIEW_RESULT: ${{ needs.review.result }}
PR_NUMBER: ${{ needs.setup.outputs.pr_number }}
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/codeql.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@v4
uses: actions/checkout@v7

- name: Install Dependencies
run: |
Expand All @@ -40,7 +40,7 @@ jobs:
libffi-dev

- name: Initialize CodeQL
uses: github/codeql-action/init@v3
uses: github/codeql-action/init@v4
with:
languages: ${{ matrix.language }}
queries: security-extended,security-and-quality
Expand All @@ -63,6 +63,6 @@ jobs:
run-clang-tidy -p builddir "src/.*\.c$"

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v3
uses: github/codeql-action/analyze@v4
with:
category: "/language:${{matrix.language}}"
4 changes: 2 additions & 2 deletions .github/workflows/coverage.yml
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ jobs:
if: github.repository == 'systemd/systemd' || github.repository == 'systemd/systemd-stable'

steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
with:
persist-credentials: false
- uses: systemd/mkosi@66d51024b7149f40be4702e84275c936373ace97
Expand Down Expand Up @@ -130,7 +130,7 @@ jobs:
--quiet

- name: Archive failed test journals
uses: actions/upload-artifact@v7
uses: actions/upload-artifact@v7.0.1
if: failure() && (github.repository == 'systemd/systemd' || github.repository == 'systemd/systemd-stable')
with:
name: ci-coverage-${{ github.run_id }}-${{ github.run_attempt }}-arch-rolling-failed-test-journals
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/coverity.yml
Original file line number Diff line number Diff line change
Expand Up @@ -22,7 +22,7 @@ jobs:
COVERITY_SCAN_NOTIFICATION_EMAIL: "${{ secrets.COVERITY_SCAN_NOTIFICATION_EMAIL }}"
steps:
- name: Repository checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
with:
persist-credentials: false
# Reuse the setup phase of the unit test script to avoid code duplication
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/development-freeze.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
name: Pull Request Metadata

- name: Repository checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
with:
fetch-depth: 0
persist-credentials: false
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/differential-shellcheck.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ jobs:

steps:
- name: Repository checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
with:
fetch-depth: 0
persist-credentials: false
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/gather-pr-metadata.yml
Original file line number Diff line number Diff line change
Expand Up @@ -16,16 +16,16 @@ jobs:

steps:
- name: Repository checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
with:
persist-credentials: false

- id: metadata
name: Gather Pull Request Metadata
uses: redhat-plumbers-in-action/gather-pull-request-metadata@b86d1eaf7038cf88a56b26ba3e504f10e07b0ce5
uses: redhat-plumbers-in-action/gather-pull-request-metadata@ecc2e46fe4f0b2e9a7b236d6012bc9f74af318d0

- name: Upload Pull Request Metadata artifact
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f
uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a
with:
name: Pull Request Metadata
path: ${{ steps.metadata.outputs.metadata-file }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/issue-labeler.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ jobs:
template: [ bug_report.yml, feature_request.yml ]

steps:
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
with:
persist-credentials: false

Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/labeler.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:

steps:
- name: Repository checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
if: github.event_name == 'pull_request'
with:
persist-credentials: false
Expand All @@ -44,7 +44,7 @@ jobs:
sync-labels: false

- name: Set or remove labels based on systemd development workflow
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3
if: startsWith(github.event_name, 'pull_request') && github.event.action != 'closed' && !github.event.pull_request.draft
with:
script: |
Expand Down Expand Up @@ -85,7 +85,7 @@ jobs:
}

- name: Add please-review label on command in issue comment
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3
if: github.event_name == 'issue_comment' && github.event.issue.pull_request && startsWith(github.event.comment.body, '/please-review')
with:
script: |
Expand All @@ -97,7 +97,7 @@ jobs:
})

- name: Remove specific labels when PR is closed or merged
uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3
if: startsWith(github.event_name, 'pull_request') && github.event.action == 'closed'
with:
script: |
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/linter.yml
Original file line number Diff line number Diff line change
Expand Up @@ -23,14 +23,14 @@ jobs:

steps:
- name: Repo checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
with:
# We need a full repo clone
fetch-depth: 0
persist-credentials: false

- name: Lint Code Base
uses: super-linter/super-linter/slim@61abc07d755095a68f4987d1c2c3d1d64408f1f9
uses: super-linter/super-linter/slim@4ce20838b8ab83717e78138c5b3a1407148e0918
env:
DEFAULT_BRANCH: main
MULTI_STATUS: false
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/make-release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@ jobs:

steps:
- name: Release
uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe
uses: softprops/action-gh-release@718ea10b132b3b2eba29c1007bb80653f286566b
with:
prerelease: ${{ contains(github.ref_name, '-rc') }}
draft: ${{ github.repository == 'systemd/systemd' }}
2 changes: 1 addition & 1 deletion .github/workflows/scorecards.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ jobs:

steps:
- name: Checkout code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0
with:
persist-credentials: false

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/unit-tests-musl.yml
Original file line number Diff line number Diff line change
Expand Up @@ -20,7 +20,7 @@ jobs:
runs-on: ubuntu-latest
steps:
- name: Repository checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
with:
persist-credentials: false

Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/unit-tests.yml
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ jobs:
runner: ubuntu-24.04-s390x
steps:
- name: Repository checkout
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
with:
persist-credentials: false
- name: Install build dependencies
Expand Down
Loading