From 237b7eb77d7f7cae74ca3b6d8da58c91e36ebb01 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 1 Jan 2026 04:19:16 +0000 Subject: [PATCH] chore(deps): bump the all-actions group across 1 directory with 15 updates Bumps the all-actions group with 15 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.2.2` | `6.0.1` | | [EnricoMi/publish-unit-test-result-action](https://github.com/enricomi/publish-unit-test-result-action) | `2.20.0` | `2.22.0` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `4.6.0` | `5.5.2` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `6` | | [actions/labeler](https://github.com/actions/labeler) | `5.0.0` | `6.0.1` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.7.1` | `4.8.2` | | [dependency-check/Dependency-Check_Action](https://github.com/dependency-check/dependency-check_action) | `2ba636726705b0f74f126ebeaacaf2ad4600b967` | `1e54355a8b4c8abaa8cc7d0b70aa655a3bb15a6c` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4.3.0` | `7.0.0` | | [actions/cache](https://github.com/actions/cache) | `4.2.3` | `5.0.1` | | [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) | `16.0.0` | `22.0.0` | | [azure/k8s-set-context](https://github.com/azure/k8s-set-context) | `4.0.1` | `4.0.2` | | [mongolyy/reviewdog-action-biome](https://github.com/mongolyy/reviewdog-action-biome) | `2.0.0` | `2.7.1` | | [JetBrains/qodana-action](https://github.com/jetbrains/qodana-action) | `2025.1.1` | `2025.3.1` | | [amannn/action-semantic-pull-request](https://github.com/amannn/action-semantic-pull-request) | `5.5.3` | `6.1.1` | | [actions/stale](https://github.com/actions/stale) | `9.1.0` | `10.1.1` | Updates `actions/checkout` from 4.2.2 to 6.0.1 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...8e8c483db84b4bee98b60c0593521ed34d9990e8) Updates `EnricoMi/publish-unit-test-result-action` from 2.20.0 to 2.22.0 - [Release notes](https://github.com/enricomi/publish-unit-test-result-action/releases) - [Commits](https://github.com/enricomi/publish-unit-test-result-action/compare/3a74b2957438d0b6e2e61d67b05318aa25c9e6c6...27d65e188ec43221b20d26de30f4892fad91df2f) Updates `codecov/codecov-action` from 4.6.0 to 5.5.2 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238...671740ac38dd9b0130fbe1cec585b89eea48d3de) Updates `actions/upload-artifact` from 4 to 6 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v6) Updates `actions/labeler` from 5.0.0 to 6.0.1 - [Release notes](https://github.com/actions/labeler/releases) - [Commits](https://github.com/actions/labeler/compare/8558fd74291d67161a8a78ce36a881fa63b766a9...634933edcd8ababfe52f92936142cc22ac488b1b) Updates `actions/dependency-review-action` from 4.7.1 to 4.8.2 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](https://github.com/actions/dependency-review-action/compare/da24556b548a50705dd671f47852072ea4c105d9...3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261) Updates `dependency-check/Dependency-Check_Action` from 2ba636726705b0f74f126ebeaacaf2ad4600b967 to 1e54355a8b4c8abaa8cc7d0b70aa655a3bb15a6c - [Release notes](https://github.com/dependency-check/dependency-check_action/releases) - [Commits](https://github.com/dependency-check/dependency-check_action/compare/2ba636726705b0f74f126ebeaacaf2ad4600b967...1e54355a8b4c8abaa8cc7d0b70aa655a3bb15a6c) Updates `actions/download-artifact` from 4.3.0 to 7.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/d3f86a106a0bac45b974a628896c90dbdf5c8093...37930b1c2abaa49bbe596cd826c3c89aef350131) Updates `actions/cache` from 4.2.3 to 5.0.1 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/5a3ec84eff668545956fd18022155c47e93e2684...9255dc7a253b0ccc959486e2bca901246202afeb) Updates `DavidAnson/markdownlint-cli2-action` from 16.0.0 to 22.0.0 - [Release notes](https://github.com/davidanson/markdownlint-cli2-action/releases) - [Commits](https://github.com/davidanson/markdownlint-cli2-action/compare/b4c9feab76d8025d1e83c653fa3990936df0e6c8...07035fd053f7be764496c0f8d8f9f41f98305101) Updates `azure/k8s-set-context` from 4.0.1 to 4.0.2 - [Release notes](https://github.com/azure/k8s-set-context/releases) - [Changelog](https://github.com/Azure/k8s-set-context/blob/main/CHANGELOG.md) - [Commits](https://github.com/azure/k8s-set-context/compare/212a19233d93f03eceaac31ae5a1d1acf650b6ef...ae59a723ba9abe7a9655538854a025448dbab4aa) Updates `mongolyy/reviewdog-action-biome` from 2.0.0 to 2.7.1 - [Release notes](https://github.com/mongolyy/reviewdog-action-biome/releases) - [Commits](https://github.com/mongolyy/reviewdog-action-biome/compare/25e6813418e91845859fadb665e49c7590667caf...abafdf75a79678ef8e2715298ee2dfc12262c82f) Updates `JetBrains/qodana-action` from 2025.1.1 to 2025.3.1 - [Release notes](https://github.com/jetbrains/qodana-action/releases) - [Commits](https://github.com/jetbrains/qodana-action/compare/e14351bdf4707c4cecc25a86a9190745b7b40de8...42dad391966aca8ca344ca2340a7f43a5507e9b2) Updates `amannn/action-semantic-pull-request` from 5.5.3 to 6.1.1 - [Release notes](https://github.com/amannn/action-semantic-pull-request/releases) - [Changelog](https://github.com/amannn/action-semantic-pull-request/blob/main/CHANGELOG.md) - [Commits](https://github.com/amannn/action-semantic-pull-request/compare/0723387faaf9b38adef4775cd42cfd5155ed6017...48f256284bd46cdaab1048c3721360e808335d50) Updates `actions/stale` from 9.1.0 to 10.1.1 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/5bef64f19d7facfb25b37b414482c7164d639639...997185467fa4f803885201cee163a9f38240193d) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: EnricoMi/publish-unit-test-result-action dependency-version: 2.22.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: codecov/codecov-action dependency-version: 5.5.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: actions/upload-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: actions/labeler dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: actions/dependency-review-action dependency-version: 4.8.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: dependency-check/Dependency-Check_Action dependency-version: 1e54355a8b4c8abaa8cc7d0b70aa655a3bb15a6c dependency-type: direct:production dependency-group: all-actions - dependency-name: actions/download-artifact dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: actions/cache dependency-version: 5.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: DavidAnson/markdownlint-cli2-action dependency-version: 22.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: azure/k8s-set-context dependency-version: 4.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-actions - dependency-name: mongolyy/reviewdog-action-biome dependency-version: 2.7.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: JetBrains/qodana-action dependency-version: 2025.3.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: amannn/action-semantic-pull-request dependency-version: 6.1.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions - dependency-name: actions/stale dependency-version: 10.1.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/backend-ci.yml | 10 +++---- .github/workflows/ci.yml | 32 ++++++++++----------- .github/workflows/cleanup-cache.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/deploy.yml | 10 +++---- .github/workflows/frontend-ci.yml | 12 ++++---- .github/workflows/labeler.yml | 2 +- .github/workflows/qodana_code_quality.yml | 4 +-- .github/workflows/ruler-check.yml | 2 +- .github/workflows/semantic-pull-request.yml | 2 +- .github/workflows/stale.yml | 2 +- .github/workflows/sync-labels.yml | 2 +- .github/workflows/test-pnpm.yml | 2 +- 13 files changed, 42 insertions(+), 42 deletions(-) diff --git a/.github/workflows/backend-ci.yml b/.github/workflows/backend-ci.yml index 746ae366..9843f606 100644 --- a/.github/workflows/backend-ci.yml +++ b/.github/workflows/backend-ci.yml @@ -45,7 +45,7 @@ jobs: pull-requests: read # Or 'write' if reviewdog needs to create PR review comments directly steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - name: Setup Java uses: ./.github/actions/setup/java @@ -73,7 +73,7 @@ jobs: NVD_API_KEY: ${{ secrets.NVD_API_KEY }} steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - name: Setup Java uses: ./.github/actions/setup/java @@ -85,14 +85,14 @@ jobs: run: ./gradlew test - name: Publish Test Results - uses: EnricoMi/publish-unit-test-result-action@3a74b2957438d0b6e2e61d67b05318aa25c9e6c6 # v2.20.0 + uses: EnricoMi/publish-unit-test-result-action@27d65e188ec43221b20d26de30f4892fad91df2f # v2.22.0 if: always() with: files: | **/build/test-results/**/*.xml - name: Upload coverage to Codecov - uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4 + uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v4 if: secrets.CODECOV_TOKEN != '' with: files: ./server/thryve/build/reports/kover/report.xml # Updated path for Kover @@ -103,7 +103,7 @@ jobs: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - name: Upload build artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v6 with: name: backend-artifacts path: | diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 177f30a1..1030ac94 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -36,10 +36,10 @@ jobs: steps: - name: Checkout repository # Pinned to v4 commit hash for security - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - name: Run Labeler # Pinned to v5 commit hash for security - uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5 + uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b # v5 with: repo-token: ${{ secrets.GITHUB_TOKEN }} @@ -56,7 +56,7 @@ jobs: steps: - name: Checkout repository # Pinned to v4 commit hash for security - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - name: Initialize CodeQL # Pinned to v3 commit hash for security uses: github/codeql-action/init@7c651bd38dd1af6b6a3150197b37799cb367fb05 # v3 @@ -80,7 +80,7 @@ jobs: steps: - name: Checkout repository # Pinned to v4 commit hash for security - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 with: # Full git history is needed to get a proper list of changed files within `super-linter` fetch-depth: 0 @@ -108,10 +108,10 @@ jobs: steps: - name: Checkout repository # Pinned to v4 commit hash for security - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - name: Dependency Review # Pinned to v4 commit hash for security - uses: actions/dependency-review-action@da24556b548a50705dd671f47852072ea4c105d9 # v4 + uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4 with: # You can specify configuration options here, e.g.: # fail-on-severity: critical @@ -129,9 +129,9 @@ jobs: steps: - name: Checkout repository # Pinned to v4 commit hash for security - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - name: Run OWASP Dependency Check - uses: dependency-check/Dependency-Check_Action@2ba636726705b0f74f126ebeaacaf2ad4600b967 + uses: dependency-check/Dependency-Check_Action@1e54355a8b4c8abaa8cc7d0b70aa655a3bb15a6c with: project: 'hatchgrid-monorepo' path: '.' @@ -143,7 +143,7 @@ jobs: - name: Upload OWASP Dependency Check Report if: always() # Ensure report is uploaded even if previous steps fail # Pinned to v4 commit hash for security - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v4 with: name: owasp-dependency-check-report path: reports/dependency-check-report.html # Default path for HTML report @@ -170,7 +170,7 @@ jobs: steps: - name: Checkout repository # Pinned to v4 commit hash for security - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - name: Setup Java uses: ./.github/actions/setup/java @@ -185,21 +185,21 @@ jobs: - name: Download backend artifacts # Pinned to v4 commit hash for security - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v4 with: name: backend-artifacts path: backend-artifacts - name: Download frontend artifacts # Pinned to v4 commit hash for security - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4 + uses: actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131 # v4 with: name: frontend-artifacts path: frontend-artifacts - name: Cache Gradle # Pinned to v4 commit hash for security - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4 + uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v4 with: path: | ~/.gradle/caches @@ -220,7 +220,7 @@ jobs: - name: Upload test report # Pinned to v4 commit hash for security - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v4 with: name: test-report path: test-report/ @@ -230,9 +230,9 @@ jobs: name: Markdown lint (docs) runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - name: Markdownlint - uses: DavidAnson/markdownlint-cli2-action@b4c9feab76d8025d1e83c653fa3990936df0e6c8 + uses: DavidAnson/markdownlint-cli2-action@07035fd053f7be764496c0f8d8f9f41f98305101 with: globs: | **/*.md diff --git a/.github/workflows/cleanup-cache.yml b/.github/workflows/cleanup-cache.yml index cc368dee..181ea363 100644 --- a/.github/workflows/cleanup-cache.yml +++ b/.github/workflows/cleanup-cache.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - name: Ensure gh-actions-cache extension is installed run: | diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 3321e38b..778a95d2 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -21,7 +21,7 @@ jobs: matrix: language: [ 'java-kotlin', 'javascript-typescript' ] steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - uses: github/codeql-action/init@7a63fc29565e929abdb0fc4f6955b7d6c2397477 #v3 with: languages: ${{ matrix.language }} diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 4190462a..f827fa41 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -65,7 +65,7 @@ jobs: steps: - name: Checkout repository # Pinned to v4 commit hash for security - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - name: Build and push backend Docker image id: build-backend @@ -94,7 +94,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - name: Set environment-specific configuration id: env-config @@ -153,7 +153,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - name: Set environment-specific configuration id: env-config @@ -211,13 +211,13 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - name: Setup kubectl uses: azure/setup-kubectl@776406bce94f63e41d621b960d78ee25c8b76ede # v4.0.1 - name: Set Kubernetes context - uses: azure/k8s-set-context@212a19233d93f03eceaac31ae5a1d1acf650b6ef # v4.0.1 + uses: azure/k8s-set-context@ae59a723ba9abe7a9655538854a025448dbab4aa # v4.0.2 with: method: kubeconfig kubeconfig: ${{ secrets.KUBECONFIG }} diff --git a/.github/workflows/frontend-ci.yml b/.github/workflows/frontend-ci.yml index 04485a0d..6f183ca9 100644 --- a/.github/workflows/frontend-ci.yml +++ b/.github/workflows/frontend-ci.yml @@ -42,7 +42,7 @@ jobs: # Permissions are inherited from workflow level steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - name: 🧩 Setup Node.js and pnpm uses: ./.github/actions/setup/node @@ -51,7 +51,7 @@ jobs: - name: Run Biome with Reviewdog - uses: mongolyy/reviewdog-action-biome@25e6813418e91845859fadb665e49c7590667caf + uses: mongolyy/reviewdog-action-biome@abafdf75a79678ef8e2715298ee2dfc12262c82f with: github_token: ${{ secrets.GITHUB_TOKEN }} workdir: ./client @@ -64,7 +64,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - name: Setup Node.js and pnpm uses: ./.github/actions/setup/node @@ -75,7 +75,7 @@ jobs: run: pnpm build - name: Upload build artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v6 with: name: frontend-artifacts path: | @@ -91,7 +91,7 @@ jobs: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - name: Setup Node.js and pnpm uses: ./.github/actions/setup/node @@ -102,7 +102,7 @@ jobs: run: pnpm test - name: Upload coverage to Codecov - uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4 + uses: codecov/codecov-action@671740ac38dd9b0130fbe1cec585b89eea48d3de # v4 if: secrets.CODECOV_TOKEN != '' with: files: ./coverage/lcov.info # Adjust path if necessary, common for JS projects diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml index d8e2844e..763b4373 100644 --- a/.github/workflows/labeler.yml +++ b/.github/workflows/labeler.yml @@ -12,7 +12,7 @@ jobs: label: runs-on: ubuntu-latest steps: - - uses: actions/labeler@8558fd74291d67161a8a78ce36a881fa63b766a9 # v5 + - uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b # v5 with: repo-token: ${{ secrets.GITHUB_TOKEN }} sync-labels: true diff --git a/.github/workflows/qodana_code_quality.yml b/.github/workflows/qodana_code_quality.yml index b567fb77..283cfce6 100644 --- a/.github/workflows/qodana_code_quality.yml +++ b/.github/workflows/qodana_code_quality.yml @@ -24,12 +24,12 @@ jobs: pull-requests: write checks: write steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 with: ref: ${{ github.event.pull_request.head.sha || github.sha }} fetch-depth: 0 - name: 'Qodana Scan' - uses: JetBrains/qodana-action@e14351bdf4707c4cecc25a86a9190745b7b40de8 #v2025.1.1^ + uses: JetBrains/qodana-action@42dad391966aca8ca344ca2340a7f43a5507e9b2 #v2025.1.1^ env: QODANA_TOKEN: ${{ secrets.QODANA_TOKEN }} with: diff --git a/.github/workflows/ruler-check.yml b/.github/workflows/ruler-check.yml index b8b0c10c..0ea4ba6a 100644 --- a/.github/workflows/ruler-check.yml +++ b/.github/workflows/ruler-check.yml @@ -8,7 +8,7 @@ jobs: check-ruler: runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - name: 🧩 Setup Node.js and pnpm uses: ./.github/actions/setup/node with: diff --git a/.github/workflows/semantic-pull-request.yml b/.github/workflows/semantic-pull-request.yml index 3909270b..feeb5f43 100644 --- a/.github/workflows/semantic-pull-request.yml +++ b/.github/workflows/semantic-pull-request.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-latest steps: # Pinned to v5 commit hash for security - - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5 + - uses: amannn/action-semantic-pull-request@48f256284bd46cdaab1048c3721360e808335d50 # v5 id: lint_pr_title env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 916fd1ed..9dda56f1 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -12,7 +12,7 @@ jobs: stale: runs-on: ubuntu-latest steps: - - uses: actions/stale@5bef64f19d7facfb25b37b414482c7164d639639 #v9 + - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d #v9 with: days-before-stale: 120 days-before-close: 60 diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml index 6d8fc80f..28a7b355 100644 --- a/.github/workflows/sync-labels.yml +++ b/.github/workflows/sync-labels.yml @@ -19,7 +19,7 @@ jobs: cancel-in-progress: false steps: # existing steps here - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4 - uses: crazy-max/ghaction-github-labeler@24d110aa46a59976b8a7f35518cb7f14f434c916 #v5 with: github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/test-pnpm.yml b/.github/workflows/test-pnpm.yml index 6284a0b4..34076489 100644 --- a/.github/workflows/test-pnpm.yml +++ b/.github/workflows/test-pnpm.yml @@ -11,7 +11,7 @@ jobs: steps: - name: Checkout repository # Pinned to v4 commit hash for security - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4