diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c3fa112..90edd30 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index 2872b6f..441fa02 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -11,7 +11,7 @@ jobs: # If you want to clone the repository as part of your setup steps, for example to install dependencies, you'll need the `contents: read` permission. If you don't clone the repository in your setup steps, Copilot will do this for you automatically after the steps complete. contents: read steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 5839fe4..3403a36 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false @@ -27,4 +27,4 @@ jobs: run: script/bootstrap - name: run golangci-lint - uses: golangci/golangci-lint-action@v8 + uses: golangci/golangci-lint-action@v9 diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index c9c6a6f..867c8ff 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 2f36fc5..73e4eee 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -19,7 +19,7 @@ jobs: steps: - name: checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # pin@v5.0.0 + uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # pin@v5.0.1 with: fetch-depth: 0 persist-credentials: false @@ -50,7 +50,7 @@ jobs: run: script/build --release - name: upload artifact - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # pin@v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # pin@v6.0.0 id: upload-artifact with: name: ${{ steps.build.outputs.artifact_dir }} # name and path can just both be artifact_dir (ex: "dist") to keep it simple @@ -65,7 +65,7 @@ jobs: attestations: write contents: read steps: - - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # pin@v6.0.0 + - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # pin@v7.0.0 with: artifact-ids: ${{ needs.release.outputs.artifact-id }} path: ${{ needs.release.outputs.artifact_dir }} @@ -76,7 +76,7 @@ jobs: run: tree -L 2 -a --dirsfirst -C -F -h -D "${ARTIFACT_PATH}" - name: attest build provenance - uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # pin@v3.0.0 + uses: actions/attest-build-provenance@00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8 # pin@v3.1.0 with: subject-path: "${{ needs.release.outputs.artifact_dir }}/" @@ -85,7 +85,7 @@ jobs: runs-on: ubuntu-latest needs: [release, sign] steps: - - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # pin@v6.0.0 + - uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # pin@v7.0.0 with: artifact-ids: ${{ needs.release.outputs.artifact-id }} path: ${{ needs.release.outputs.artifact_dir }} diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 1ff7510..6ebc578 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -13,7 +13,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5 + - uses: actions/checkout@v6 with: persist-credentials: false