Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore(deps): update github-actions #3711

Merged
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .github/actions/secure-builder-checkout/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ runs:
# and has an associated release. This will require exceptions
# for e2e tests.
- name: Checkout the repository
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
repository: ${{ inputs.repository }}
ref: ${{ inputs.ref }}
Expand Down
2 changes: 1 addition & 1 deletion .github/actions/secure-project-checkout/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -40,7 +40,7 @@ runs:
using: "composite"
steps:
- name: Checkout the repository
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: ${{ inputs.fetch-depth }}
ref: ${{ inputs.checkout-sha1 }}
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/builder_container-based_slsa3.yml
Original file line number Diff line number Diff line change
Expand Up @@ -228,7 +228,7 @@ jobs:
runs-on: ubuntu-latest
needs: [rng, detect-env, generate-builder]
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Checkout builder repository
uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@main
with:
Expand Down Expand Up @@ -372,7 +372,7 @@ jobs:
set-executable: true

- name: Checkout the source repository
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
fetch-depth: 1
persist-credentials: false
Expand Down Expand Up @@ -598,7 +598,7 @@ jobs:
path: "${{ needs.provenance.outputs.provenance-name }}"

- name: Upload provenance new tag
uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 # v2.0.5
uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6
if: startsWith(github.ref, 'refs/tags/') && inputs.upload-tag-name == ''
id: release-new-tags
with:
Expand All @@ -609,7 +609,7 @@ jobs:
draft: ${{ inputs.draft-release }}

- name: Upload provenance tag name
uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 # v2.0.5
uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6
if: inputs.upload-tag-name != ''
with:
prerelease: ${{ inputs.prerelease }}
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/builder_go_slsa3.yml
Original file line number Diff line number Diff line change
Expand Up @@ -399,7 +399,7 @@ jobs:
sha256: "${{ needs.provenance.outputs.go-provenance-sha256 }}"

- name: Upload provenance
uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 # v2.0.5
uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6
with:
tag_name: ${{ inputs.upload-tag-name }}
prerelease: ${{ inputs.prerelease }}
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/codeql-analysis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -55,11 +55,11 @@ jobs:

steps:
- name: Checkout repository
uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
uses: github/codeql-action/init@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7
uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
with:
languages: ${{ matrix.language }}
# If you wish to specify custom queries, you can do so here or in a config file.
Expand All @@ -72,7 +72,7 @@ jobs:
# Autobuild attempts to build any compiled languages (C/C++, C#, or Java).
# If this step fails, then you should remove it and run the build manually (see below)
- name: Autobuild
uses: github/codeql-action/autobuild@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7
uses: github/codeql-action/autobuild@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11

# Command-line programs to run using the OS shell.
# 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
Expand All @@ -85,7 +85,7 @@ jobs:
# ./location_of_script_within_repo/buildscript.sh

- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7
uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11

# NOTE: Checks that the matrix job above completes successfully.
# This is necessary because the matrix strategy generates new jobs with
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -39,7 +39,7 @@ jobs:
permissions:
id-token: write # Needed to detect the current reusable repository and ref.
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Detect the builder ref
id: detect
uses: slsa-framework/slsa-github-generator/.github/actions/detect-workflow-js@main
Expand Down Expand Up @@ -71,7 +71,7 @@ jobs:
contents: read
issues: write
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
repository: slsa-framework/example-package
ref: main
Expand All @@ -85,7 +85,7 @@ jobs:
contents: read
issues: write
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
repository: slsa-framework/example-package
ref: main
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/e2e.detect-workflow-js.schedule.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ jobs:
id-token: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- id: detect
uses: ./.github/actions/detect-workflow-js
- id: verify
Expand Down Expand Up @@ -70,7 +70,7 @@ jobs:
contents: read
issues: write
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
repository: slsa-framework/example-package
ref: main
Expand All @@ -84,7 +84,7 @@ jobs:
contents: read
issues: write
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
repository: slsa-framework/example-package
ref: main
Expand Down
6 changes: 3 additions & 3 deletions .github/workflows/e2e.sign-attestations.schedule.yml
Original file line number Diff line number Diff line change
Expand Up @@ -33,7 +33,7 @@ jobs:
id-token: write
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- id: setup
uses: ./.github/actions/sign-attestations
with:
Expand Down Expand Up @@ -62,7 +62,7 @@ jobs:
contents: read
issues: write
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
repository: slsa-framework/example-package
ref: main
Expand All @@ -76,7 +76,7 @@ jobs:
contents: read
issues: write
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
repository: slsa-framework/example-package
ref: main
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/e2e.upload-folder.schedule.yml
Original file line number Diff line number Diff line change
Expand Up @@ -37,7 +37,7 @@ jobs:
sha256: ${{ steps.upload.outputs.sha256 }}
sha256-noroot: ${{ steps.upload-noroot.outputs.sha256 }}
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Create folder
run: |
set -euo pipefail
Expand Down Expand Up @@ -100,7 +100,7 @@ jobs:
needs: [secure-upload-folder]
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Download in new folder
uses: ./.github/actions/secure-download-folder
Expand Down Expand Up @@ -180,7 +180,7 @@ jobs:
contents: read
issues: write
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
repository: slsa-framework/example-package
ref: main
Expand All @@ -194,7 +194,7 @@ jobs:
contents: read
issues: write
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
repository: slsa-framework/example-package
ref: main
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/generator_generic_slsa3.yml
Original file line number Diff line number Diff line change
Expand Up @@ -285,7 +285,7 @@ jobs:
sha256: "${{ needs.generator.outputs.provenance-sha256 }}"

- name: Upload provenance
uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 # v2.0.5
uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6
id: release
with:
draft: ${{ inputs.draft-release }}
Expand Down
34 changes: 17 additions & 17 deletions .github/workflows/pre-submit.actions.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,13 +27,13 @@ jobs:
name: verify no checkout in Actions
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- run: ./.github/workflows/scripts/pre-submit.actions/checkout.sh

check-tscommon-tarball:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Untar the package tarball
working-directory: .github/actions/tscommon
Expand Down Expand Up @@ -75,7 +75,7 @@ jobs:
- .github/actions/verify-token
- .github/actions/detect-workflow-js
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

- name: Set Node.js 18
uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
Expand Down Expand Up @@ -121,7 +121,7 @@ jobs:
compute-sha256:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- run: |
echo "foo" > artifact
- id: compute-sha256
Expand All @@ -136,7 +136,7 @@ jobs:
rng:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- run: |
echo "foo" > artifact
- id: rng
Expand All @@ -150,10 +150,10 @@ jobs:
references:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
path: __THIS_REPO__
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
repository: slsa-framework/example-package
ref: main
Expand All @@ -176,7 +176,7 @@ jobs:
secure-project-checkout-go:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
path: __BUILDER_CHECKOUT_DIR__

Expand All @@ -189,7 +189,7 @@ jobs:
secure-project-checkout-node:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
path: __BUILDER_CHECKOUT_DIR__

Expand All @@ -209,7 +209,7 @@ jobs:
UPLOAD_FOLDER_NO_ROOT_NAME: "upload-root/upload-folder"
DOWNLOAD_FOLDER_NO_ROOT_NAME: "download-root/download-folder"
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Create folder
run: |
set -euo pipefail
Expand Down Expand Up @@ -366,7 +366,7 @@ jobs:
secure-download-artifact:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
path: __BUILDER_CHECKOUT_DIR__

Expand All @@ -393,7 +393,7 @@ jobs:
secure-download-artifact-builder-name:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
path: __BUILDER_CHECKOUT_DIR__

Expand Down Expand Up @@ -426,7 +426,7 @@ jobs:
secure-download-artifact-builder-repo-folder:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
path: __BUILDER_CHECKOUT_DIR__

Expand Down Expand Up @@ -460,7 +460,7 @@ jobs:
secure-download-artifact-builder-repo-file:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
with:
path: __BUILDER_CHECKOUT_DIR__

Expand Down Expand Up @@ -494,7 +494,7 @@ jobs:
generate-builder-generic-compile:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: ./.github/actions/generate-builder
with:
repository: "slsa-framework/slsa-github-generator"
Expand All @@ -508,7 +508,7 @@ jobs:
generate-builder-generic-no-compile:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Detect the builder ref
id: detect
uses: ./.github/actions/detect-workflow-js
Expand All @@ -526,7 +526,7 @@ jobs:
generate-attestations:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Test generate attestations
id: generate
uses: ./.github/actions/generate-attestations
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/pre-submit.apis.yml
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,6 @@ jobs:
name: verify safe APIs
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Check safe file systems APIs
run: ./.github/workflows/scripts/pre-submit.apis/verify-safefs.sh
2 changes: 1 addition & 1 deletion .github/workflows/pre-submit.delegators.yml
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,6 @@ jobs:
name: verify identical delegators
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- name: Compare diff between the delegator workflows
run: ./.github/workflows/scripts/pre-submit.delegators/compare-diff.sh
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,7 @@ jobs:
HEAD_SHA: ${{ github.event.pull_request.head.sha }}
GITHUB_HEAD_REPOSITORY: ${{ github.event.pull_request.head.repo.full_name }}
steps:
- uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
- uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7
with:
name: ${{ needs.build-container-based.outputs.build-outputs-name }}
Expand Down
Loading
Loading