diff --git a/.github/workflows/ci-build.yml b/.github/workflows/ci-build.yml index 7df381f..f1e64f9 100644 --- a/.github/workflows/ci-build.yml +++ b/.github/workflows/ci-build.yml @@ -34,7 +34,7 @@ jobs: egress-policy: audit - name: 'Checkout' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 # avoid shallow clone so nbgv can do its work. diff --git a/.github/workflows/ci-manual-build-test-sign.yml b/.github/workflows/ci-manual-build-test-sign.yml index 6557bbc..65928ff 100644 --- a/.github/workflows/ci-manual-build-test-sign.yml +++ b/.github/workflows/ci-manual-build-test-sign.yml @@ -39,7 +39,7 @@ jobs: egress-policy: audit - name: 'Checkout repository' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 # avoid shallow clone so nbgv can do its work. diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 98a4b83..0f35203 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -54,7 +54,7 @@ jobs: egress-policy: audit - name: 'Checkout repository' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 # avoid shallow clone so nbgv can do its work. diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index f3ab11f..d776e60 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -19,7 +19,7 @@ jobs: egress-policy: audit - name: 'Checkout Repository' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: 'Dependency Review' uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0 diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml index 3e31856..12fa805 100644 --- a/.github/workflows/devskim.yml +++ b/.github/workflows/devskim.yml @@ -21,7 +21,7 @@ jobs: uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0 with: egress-policy: audit - - uses: actions/checkout@v4 + - uses: actions/checkout@v5 - uses: microsoft/DevSkim-Action@v1 - uses: github/codeql-action/upload-sarif@v3 with: diff --git a/.github/workflows/generate-publish-docs.yml b/.github/workflows/generate-publish-docs.yml index 971a58e..2745671 100644 --- a/.github/workflows/generate-publish-docs.yml +++ b/.github/workflows/generate-publish-docs.yml @@ -35,7 +35,7 @@ jobs: egress-policy: audit - name: 'Checkout' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 # avoid shallow clone so nbgv can do its work. diff --git a/.github/workflows/markdown-link-check.yml b/.github/workflows/markdown-link-check.yml index 0eec6ce..6291860 100644 --- a/.github/workflows/markdown-link-check.yml +++ b/.github/workflows/markdown-link-check.yml @@ -28,7 +28,7 @@ jobs: egress-policy: audit - name: 'Checkout Repository' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: 'Check for dead links in markdown files' uses: gaurav-nelson/github-action-markdown-link-check@1b916f2cf6c36510a6059943104e3c42ce6c16bc # 1.0.16