diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml index 4519557..82e8467 100644 --- a/.github/workflows/bandit.yml +++ b/.github/workflows/bandit.yml @@ -15,10 +15,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: '3.11' @@ -29,6 +29,6 @@ jobs: run: bandit -r . -f sarif -o bandit-results.sarif --exit-zero - name: Upload Bandit SARIF results - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v4 with: sarif_file: bandit-results.sarif diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1d88b55..c42de4b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,9 +8,9 @@ jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: '3.11' - name: Install dependencies @@ -25,9 +25,9 @@ jobs: permissions: contents: write # Required for uploads steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: '3.11' - name: Install build deps @@ -37,7 +37,7 @@ jobs: run: python -m build # Example: Build JS (TensorFlow.js predictions) - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@v6 with: node-version: '20' - name: Build JS bundle diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 94da6eb..0443191 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -23,17 +23,17 @@ jobs: language: [python, javascript] steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Initialize CodeQL - uses: github/codeql-action/init@45580472a5bb82c4681c4ac726cfdb60060c2ee1 # v3.32.4 + uses: github/codeql-action/init@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5 with: languages: ${{ matrix.language }} - name: Autobuild - uses: github/codeql-action/autobuild@45580472a5bb82c4681c4ac726cfdb60060c2ee1 # v3.32.4 + uses: github/codeql-action/autobuild@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@45580472a5bb82c4681c4ac726cfdb60060c2ee1 # v3.32.4 + uses: github/codeql-action/analyze@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml index 2c7f049..ed0c15d 100644 --- a/.github/workflows/devskim.yml +++ b/.github/workflows/devskim.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Run DevSkim scanner uses: microsoft/DevSkim-Action@v1 @@ -26,6 +26,6 @@ jobs: directory-to-scan: . - name: Upload DevSkim SARIF file - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v4 with: sarif_file: devskim-results.sarif diff --git a/.github/workflows/google.yml b/.github/workflows/google.yml index 36fa0b7..2715245 100644 --- a/.github/workflows/google.yml +++ b/.github/workflows/google.yml @@ -60,7 +60,7 @@ jobs: steps: - name: 'Checkout' - uses: 'actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98' # actions/checkout@v4 + uses: 'actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5' # actions/checkout@v4 # Configure Workload Identity Federation and generate an access token. # @@ -74,7 +74,7 @@ jobs: # Authenticate Docker to Google Cloud Artifact Registry - name: 'Docker Auth' - uses: 'docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9' # docker/login-action@v3 + uses: 'docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2' # docker/login-action@v4.0.0 with: username: 'oauth2accesstoken' password: '${{ steps.auth.outputs.auth_token }}' diff --git a/.github/workflows/psscriptanalyzer.yml b/.github/workflows/psscriptanalyzer.yml index 543a69d..de07959 100644 --- a/.github/workflows/psscriptanalyzer.yml +++ b/.github/workflows/psscriptanalyzer.yml @@ -15,7 +15,7 @@ jobs: runs-on: windows-latest steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Run PSScriptAnalyzer uses: microsoft/psscriptanalyzer-action@6b2948b1944407914a58661c49941824d149734f # v1.1 @@ -26,6 +26,6 @@ jobs: settings: CodeFormatting - name: Upload PSScriptAnalyzer results - uses: github/codeql-action/upload-sarif@45580472a5bb82c4681c4ac726cfdb60060c2ee1 # v3.32.4 + uses: github/codeql-action/upload-sarif@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5 with: sarif_file: results.sarif diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index e905a51..4c393aa 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v6.0.2 + uses: actions/checkout@v6 with: persist-credentials: false @@ -44,7 +44,7 @@ jobs: # Upload the results as artifacts - name: Upload artifact - uses: actions/upload-artifact@v6 + uses: actions/upload-artifact@v7 with: name: SARIF file path: results.sarif diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 8dd4fb5..1f8f1bc 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -17,10 +17,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Python - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: '3.11' @@ -39,7 +39,7 @@ jobs: --error || true - name: Upload Semgrep SARIF results - uses: github/codeql-action/upload-sarif@45580472a5bb82c4681c4ac726cfdb60060c2ee1 # v3.32.4 + uses: github/codeql-action/upload-sarif@c793b717bc78562f491db7b0e93a3a178b099162 # v4.32.5 if: always() with: sarif_file: semgrep.sarif