diff --git a/.github/actions/setup-gradle/action.yml b/.github/actions/setup-gradle/action.yml index e92df67327a..387d840365a 100644 --- a/.github/actions/setup-gradle/action.yml +++ b/.github/actions/setup-gradle/action.yml @@ -21,7 +21,7 @@ runs: run: mkdir -p ~/.gradle ; cp .github/ci-gradle.properties ~/.gradle/gradle.properties - name: Set up JDK - uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0 + uses: actions/setup-java@1bcf9fb12cf4aa7d266a90ae39939e61372fe520 # v5.4.0 with: distribution: 'temurin' java-version: '21' diff --git a/.github/workflows/build-android.yml b/.github/workflows/build-android.yml index 867cc9a6ecd..25ad75fe6ba 100644 --- a/.github/workflows/build-android.yml +++ b/.github/workflows/build-android.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 1 @@ -62,7 +62,7 @@ jobs: needs: [build-common] steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 1 @@ -79,7 +79,7 @@ jobs: needs: [ build-common ] steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 1 @@ -100,7 +100,7 @@ jobs: needs: [build-common] steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 1 @@ -117,7 +117,7 @@ jobs: needs: [ build-common ] steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 1 @@ -142,7 +142,7 @@ jobs: needs: [build-common] steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 1 @@ -159,7 +159,7 @@ jobs: needs: [build-common] steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 1 @@ -176,7 +176,7 @@ jobs: needs: [build-common] steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 1 diff --git a/.github/workflows/build-cli-tools.yml b/.github/workflows/build-cli-tools.yml index ff976cd492f..d185a8886c5 100644 --- a/.github/workflows/build-cli-tools.yml +++ b/.github/workflows/build-cli-tools.yml @@ -25,7 +25,7 @@ jobs: timeout-minutes: 30 steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 1 diff --git a/.github/workflows/build-docs.yml b/.github/workflows/build-docs.yml index b918c81bcc7..2802816cad9 100644 --- a/.github/workflows/build-docs.yml +++ b/.github/workflows/build-docs.yml @@ -32,7 +32,7 @@ jobs: private-key: ${{ secrets.BOT_PRIVATE_KEY }} - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: token: ${{ steps.app-token.outputs.token || github.token }} diff --git a/.github/workflows/build-scripts.yml b/.github/workflows/build-scripts.yml index 27361b1fc20..8792f79d840 100644 --- a/.github/workflows/build-scripts.yml +++ b/.github/workflows/build-scripts.yml @@ -24,12 +24,12 @@ jobs: timeout-minutes: 20 steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 1 - name: Setup Python - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # @v6.2.0 + uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1 # @v6.3.0 with: python-version: '3.14' diff --git a/.github/workflows/pr-dependabot-dependency-guard-update.yml b/.github/workflows/pr-dependabot-dependency-guard-update.yml index 6d07e4fae58..eb02e7a3186 100644 --- a/.github/workflows/pr-dependabot-dependency-guard-update.yml +++ b/.github/workflows/pr-dependabot-dependency-guard-update.yml @@ -40,7 +40,7 @@ jobs: private-key: ${{ secrets.BOT_PRIVATE_KEY }} - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: ${{ github.head_ref }} token: ${{ steps.app-token.outputs.token || github.token }} diff --git a/.github/workflows/pr-request-report-labels.yml b/.github/workflows/pr-request-report-labels.yml index 1fb80c6fe57..ea900f6e185 100644 --- a/.github/workflows/pr-request-report-labels.yml +++ b/.github/workflows/pr-request-report-labels.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Validate report label id: validate diff --git a/.github/workflows/quality-checks.yml b/.github/workflows/quality-checks.yml index 5f79484e526..f091376ee6d 100644 --- a/.github/workflows/quality-checks.yml +++ b/.github/workflows/quality-checks.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 1 @@ -48,7 +48,7 @@ jobs: steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 1 @@ -74,7 +74,7 @@ jobs: steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 1 @@ -91,7 +91,7 @@ jobs: steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 1 diff --git a/.github/workflows/quality-markdown.yml b/.github/workflows/quality-markdown.yml index ea88a06715c..64afdd2d420 100644 --- a/.github/workflows/quality-markdown.yml +++ b/.github/workflows/quality-markdown.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Cargo cache uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 # v1.16.1 diff --git a/.github/workflows/security-codeql.yml b/.github/workflows/security-codeql.yml index 0c4873869ef..aef795403f6 100644 --- a/.github/workflows/security-codeql.yml +++ b/.github/workflows/security-codeql.yml @@ -34,7 +34,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Setup Gradle environment if: matrix.language == 'java-kotlin' diff --git a/.github/workflows/security-fluidscan.yml b/.github/workflows/security-fluidscan.yml index 5c6847d7e9d..6b1e54858e4 100644 --- a/.github/workflows/security-fluidscan.yml +++ b/.github/workflows/security-fluidscan.yml @@ -20,7 +20,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/security-scorecard.yml b/.github/workflows/security-scorecard.yml index 6d9c859b9ed..9ad9a1e6f28 100644 --- a/.github/workflows/security-scorecard.yml +++ b/.github/workflows/security-scorecard.yml @@ -23,7 +23,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/shippable_builds.yml b/.github/workflows/shippable_builds.yml index 7907807b6ae..41f0c2a20c7 100644 --- a/.github/workflows/shippable_builds.yml +++ b/.github/workflows/shippable_builds.yml @@ -222,7 +222,7 @@ jobs: - name: Checkout repository if: ${{ contains(matrix.releaseTarget, 'github') || needs.dump_config.outputs.releaseType == 'daily' }} - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 token: ${{ steps.app-token.outputs.token || github.token }} @@ -518,7 +518,7 @@ jobs: cat $GITHUB_OUTPUT - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: ${{ steps.sha.outputs.app_sha }} @@ -742,7 +742,7 @@ jobs: cat $GITHUB_OUTPUT - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: ${{ steps.shanotes.outputs.app_sha }} @@ -818,7 +818,7 @@ jobs: - name: Publish to GitHub Releases id: publish_gh if: ${{ contains(matrix.releaseTarget, 'github') }} - uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0 + uses: softprops/action-gh-release@718ea10b132b3b2eba29c1007bb80653f286566b # v3.0.1 with: token: ${{ steps.app-token.outputs.token || github.token }} target_commitish: ${{ steps.shanotes.outputs.app_sha }} diff --git a/.github/workflows/translation-update.yml b/.github/workflows/translation-update.yml index fdaac17332e..e2fa89b6d88 100644 --- a/.github/workflows/translation-update.yml +++ b/.github/workflows/translation-update.yml @@ -32,7 +32,7 @@ jobs: steps: - name: Checkout the repo - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 diff --git a/.github/workflows/validate-gradle.yml b/.github/workflows/validate-gradle.yml index d095d17a4dd..916d42777e2 100644 --- a/.github/workflows/validate-gradle.yml +++ b/.github/workflows/validate-gradle.yml @@ -12,5 +12,5 @@ jobs: name: Validate Gradle Wrapper runs-on: ubuntu-latest steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - - uses: gradle/actions/wrapper-validation@0723195856401067f7a2779048b490ace7a47d7c # v5.0.2 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 + - uses: gradle/actions/wrapper-validation@3f131e8634966bd73d06cc69884922b02e6faf92 # v6.2.0 diff --git a/.github/workflows/validate-workflows.yml b/.github/workflows/validate-workflows.yml index 430ab5a1347..80f54e17381 100644 --- a/.github/workflows/validate-workflows.yml +++ b/.github/workflows/validate-workflows.yml @@ -21,7 +21,7 @@ jobs: validate-workflows: runs-on: ubuntu-latest steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Ensure GitHub actions are SHA pinned env: