diff --git a/.github/workflows/cache.yml b/.github/workflows/cache.yml index 4474544e02..701fdd6bf8 100644 --- a/.github/workflows/cache.yml +++ b/.github/workflows/cache.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: ⤵️ Check out code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: '🧹 Cleanup' run: | diff --git a/.github/workflows/chromatic.yml b/.github/workflows/chromatic.yml index d259f88494..e55d84881f 100644 --- a/.github/workflows/chromatic.yml +++ b/.github/workflows/chromatic.yml @@ -29,7 +29,7 @@ jobs: run: working-directory: packages/ui steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: fetch-depth: 0 - uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0 @@ -50,7 +50,7 @@ jobs: # 👇 Runs Chromatic CLI in ./packages/ui - name: Publish to Chromatic - uses: chromaui/action@3dcb6636a4f8eed347ef6214f5d74d2b5fee45e4 # v11 + uses: chromaui/action@a7f65ed179bcbe19fd793367d699f43e0f0540a7 # v11 with: workingDir: packages/ui projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 762b0bcbfa..1eb8e8fbf3 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -23,8 +23,8 @@ jobs: security-events: write steps: - name: ⤵️ Check out code from GitHub - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: 🏗 Initialize CodeQL - uses: github/codeql-action/init@d39d31e687223d841ef683f52467bd88e9b21c14 # v3 + uses: github/codeql-action/init@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3 - name: 🚀 Perform CodeQL Analysis - uses: github/codeql-action/analyze@d39d31e687223d841ef683f52467bd88e9b21c14 # v3 + uses: github/codeql-action/analyze@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3 diff --git a/.github/workflows/crowdin.yml b/.github/workflows/crowdin.yml index afa840a9a2..038a636a0f 100644 --- a/.github/workflows/crowdin.yml +++ b/.github/workflows/crowdin.yml @@ -32,7 +32,7 @@ jobs: HUSKY: 0 steps: - name: Checkout - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Import GPG key id: import_gpg @@ -97,7 +97,7 @@ jobs: - name: Check for updated files if: (github.event_name != 'pull_request' && github.ref_name == 'dev') || github.event_name == 'scheduled' - uses: tj-actions/verify-changed-files@ab875806658e59162bc5f42e4df5c2d4682c459e # v20 + uses: tj-actions/verify-changed-files@6ed7632824d235029086612d4330d659005af687 # v20 id: verify-changed-files with: files: '**/locales/*/*.json' @@ -114,7 +114,7 @@ jobs: - name: Get files to commit if: steps.run-prettier.conclusion == 'success' - uses: tj-actions/verify-changed-files@ab875806658e59162bc5f42e4df5c2d4682c459e # v20 + uses: tj-actions/verify-changed-files@6ed7632824d235029086612d4330d659005af687 # v20 id: get-pending-files with: separator:
diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml index ae00d80d17..e1b8e4fc80 100644 --- a/.github/workflows/labels.yml +++ b/.github/workflows/labels.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: ⤵️ Check out code from GitHub - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: 🚀 Run Label Syncer uses: micnncim/action-label-syncer@3abd5ab72fda571e69fffd97bd4e0033dd5f495c # v1.3.0 env: diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index de58df348a..b4694b8375 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -18,7 +18,7 @@ jobs: steps: # Setup steps - name: Checkout - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: ref: ${{ github.head_ref }} diff --git a/.github/workflows/nextjs_bundle_analysis.yml b/.github/workflows/nextjs_bundle_analysis.yml index 1c299cb64c..b552921064 100644 --- a/.github/workflows/nextjs_bundle_analysis.yml +++ b/.github/workflows/nextjs_bundle_analysis.yml @@ -32,7 +32,7 @@ jobs: HUSKY: 0 runs-on: ubuntu-latest steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0 name: Install pnpm diff --git a/.github/workflows/njsscan.yml b/.github/workflows/njsscan.yml index 7a8e3bbc46..a3cc0961f6 100644 --- a/.github/workflows/njsscan.yml +++ b/.github/workflows/njsscan.yml @@ -30,13 +30,13 @@ jobs: name: njsscan code scanning steps: - name: ⤵️ Check out code from GitHub - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: 🧐 nodejsscan scan id: njsscan uses: ajinabraham/njsscan-action@74e5a58c1edb363b84c9ddd626b0e22f038ac09e with: args: '. --sarif --output results.sarif || true' - name: Upload njsscan report - uses: github/codeql-action/upload-sarif@d39d31e687223d841ef683f52467bd88e9b21c14 # v3 + uses: github/codeql-action/upload-sarif@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3 with: sarif_file: results.sarif