diff --git a/.github/workflows/cache.yml b/.github/workflows/cache.yml index 4474544e02d..9ace15ef153 100644 --- a/.github/workflows/cache.yml +++ b/.github/workflows/cache.yml @@ -9,7 +9,7 @@ jobs: runs-on: ubuntu-latest steps: - name: ⤵️ Check out code - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: '🧹 Cleanup' run: | diff --git a/.github/workflows/chromatic.yml b/.github/workflows/chromatic.yml index d259f884941..a735db6c205 100644 --- a/.github/workflows/chromatic.yml +++ b/.github/workflows/chromatic.yml @@ -29,7 +29,7 @@ jobs: run: working-directory: packages/ui steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: fetch-depth: 0 - uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0 @@ -50,7 +50,7 @@ jobs: # 👇 Runs Chromatic CLI in ./packages/ui - name: Publish to Chromatic - uses: chromaui/action@3dcb6636a4f8eed347ef6214f5d74d2b5fee45e4 # v11 + uses: chromaui/action@a7f65ed179bcbe19fd793367d699f43e0f0540a7 # v11 with: workingDir: packages/ui projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 762b0bcbfa3..d2ba9d9fc14 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -23,8 +23,8 @@ jobs: security-events: write steps: - name: ⤵️ Check out code from GitHub - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: 🏗 Initialize CodeQL - uses: github/codeql-action/init@d39d31e687223d841ef683f52467bd88e9b21c14 # v3 + uses: github/codeql-action/init@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3 - name: 🚀 Perform CodeQL Analysis - uses: github/codeql-action/analyze@d39d31e687223d841ef683f52467bd88e9b21c14 # v3 + uses: github/codeql-action/analyze@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3 diff --git a/.github/workflows/crowdin.yml b/.github/workflows/crowdin.yml index afa840a9a24..51efdf84bf6 100644 --- a/.github/workflows/crowdin.yml +++ b/.github/workflows/crowdin.yml @@ -32,7 +32,7 @@ jobs: HUSKY: 0 steps: - name: Checkout - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: Import GPG key id: import_gpg @@ -97,7 +97,7 @@ jobs: - name: Check for updated files if: (github.event_name != 'pull_request' && github.ref_name == 'dev') || github.event_name == 'scheduled' - uses: tj-actions/verify-changed-files@ab875806658e59162bc5f42e4df5c2d4682c459e # v20 + uses: tj-actions/verify-changed-files@6ed7632824d235029086612d4330d659005af687 # v20 id: verify-changed-files with: files: '**/locales/*/*.json' @@ -114,7 +114,7 @@ jobs: - name: Get files to commit if: steps.run-prettier.conclusion == 'success' - uses: tj-actions/verify-changed-files@ab875806658e59162bc5f42e4df5c2d4682c459e # v20 + uses: tj-actions/verify-changed-files@6ed7632824d235029086612d4330d659005af687 # v20 id: get-pending-files with: separator:
diff --git a/.github/workflows/labels.yml b/.github/workflows/labels.yml index ae00d80d175..95767f129b4 100644 --- a/.github/workflows/labels.yml +++ b/.github/workflows/labels.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: ⤵️ Check out code from GitHub - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: 🚀 Run Label Syncer uses: micnncim/action-label-syncer@3abd5ab72fda571e69fffd97bd4e0033dd5f495c # v1.3.0 env: diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index de58df348a8..8fd5b06a82e 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -18,7 +18,7 @@ jobs: steps: # Setup steps - name: Checkout - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 with: ref: ${{ github.head_ref }} diff --git a/.github/workflows/nextjs_bundle_analysis.yml b/.github/workflows/nextjs_bundle_analysis.yml index 1c299cb64cb..d167c3ce435 100644 --- a/.github/workflows/nextjs_bundle_analysis.yml +++ b/.github/workflows/nextjs_bundle_analysis.yml @@ -32,7 +32,7 @@ jobs: HUSKY: 0 runs-on: ubuntu-latest steps: - - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - uses: pnpm/action-setup@fe02b34f77f8bc703788d5817da081398fad5dd2 # v4.0.0 name: Install pnpm diff --git a/.github/workflows/njsscan.yml b/.github/workflows/njsscan.yml index 7a8e3bbc468..f0607e5de14 100644 --- a/.github/workflows/njsscan.yml +++ b/.github/workflows/njsscan.yml @@ -30,13 +30,13 @@ jobs: name: njsscan code scanning steps: - name: ⤵️ Check out code from GitHub - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 - name: 🧐 nodejsscan scan id: njsscan uses: ajinabraham/njsscan-action@74e5a58c1edb363b84c9ddd626b0e22f038ac09e with: args: '. --sarif --output results.sarif || true' - name: Upload njsscan report - uses: github/codeql-action/upload-sarif@d39d31e687223d841ef683f52467bd88e9b21c14 # v3 + uses: github/codeql-action/upload-sarif@b7cec7526559c32f1616476ff32d17ba4c59b2d6 # v3 with: sarif_file: results.sarif