diff --git a/.github/workflows/ci-actions.yaml b/.github/workflows/ci-actions.yaml index 9614078..10b7366 100644 --- a/.github/workflows/ci-actions.yaml +++ b/.github/workflows/ci-actions.yaml @@ -24,7 +24,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false @@ -37,7 +37,7 @@ jobs: GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Upload SARIF file - uses: github/codeql-action/upload-sarif@f443b600d91635bebf5b0d9ebc620189c0d6fba5 # v4.30.8 + uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4 with: sarif_file: results.sarif category: zizmor diff --git a/.github/workflows/ci-code.yaml b/.github/workflows/ci-code.yaml index 7b0f3c0..2d5b56f 100644 --- a/.github/workflows/ci-code.yaml +++ b/.github/workflows/ci-code.yaml @@ -38,7 +38,7 @@ jobs: - name: Cache cargo-make binary id: cache-cargo-make - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 with: path: ~/.cargo/bin/cargo-make key: ${{ runner.os }}-cargo-make-${{ steps.get-version.outputs.cargo_make_version }} @@ -64,13 +64,13 @@ jobs: egress-policy: audit - name: checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: submodules: recursive persist-credentials: false - name: Restore cached cargo-make - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 with: path: ~/.cargo/bin/cargo-make key: ${{ runner.os }}-cargo-make-${{ needs.setup-cargo-make.outputs.cargo_make_version }} @@ -89,13 +89,13 @@ jobs: egress-policy: audit - name: checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: submodules: recursive persist-credentials: false - name: Restore cached cargo-make - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 with: path: ~/.cargo/bin/cargo-make key: ${{ runner.os }}-cargo-make-${{ needs.setup-cargo-make.outputs.cargo_make_version }} @@ -120,13 +120,13 @@ jobs: egress-policy: audit - name: checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: submodules: recursive persist-credentials: false - name: Restore cached cargo-make - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 with: path: ~/.cargo/bin/cargo-make key: ${{ runner.os }}-cargo-make-${{ needs.setup-cargo-make.outputs.cargo_make_version }} @@ -152,13 +152,13 @@ jobs: egress-policy: audit - name: checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: submodules: recursive persist-credentials: false - name: Restore cached cargo-make - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 with: path: ~/.cargo/bin/cargo-make key: ${{ runner.os }}-cargo-make-${{ needs.setup-cargo-make.outputs.cargo_make_version }} @@ -184,13 +184,13 @@ jobs: egress-policy: audit - name: checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: submodules: recursive persist-credentials: false - name: Restore cached cargo-make - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 with: path: ~/.cargo/bin/cargo-make key: ${{ runner.os }}-cargo-make-${{ needs.setup-cargo-make.outputs.cargo_make_version }} @@ -215,13 +215,13 @@ jobs: egress-policy: audit - name: checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: submodules: recursive persist-credentials: false - name: Restore cached cargo-make - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 with: path: ~/.cargo/bin/cargo-make key: ${{ runner.os }}-cargo-make-${{ needs.setup-cargo-make.outputs.cargo_make_version }} diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index 9e3dbd5..3f30232 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -47,7 +47,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 persist-credentials: false @@ -93,7 +93,7 @@ jobs: - name: generate cultivator token if: ${{ github.event_name == 'release' }} - uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 + uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 id: generate-token with: app-id: "${{ secrets.EDERA_CULTIVATION_APP_ID }}" diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 0362a30..a88d4ea 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -26,7 +26,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 persist-credentials: false @@ -35,14 +35,14 @@ jobs: uses: dtolnay/rust-toolchain@5d458579430fc14a04a08a1e7d3694f545e91ce6 # zizmor: ignore[stale-action-refs] -- pinned to stable branch - name: generate cultivator token - uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 + uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 id: generate-token with: app-id: "${{ secrets.EDERA_CULTIVATION_APP_ID }}" private-key: "${{ secrets.EDERA_CULTIVATION_APP_PRIVATE_KEY }}" - name: Run release-plz - uses: release-plz/action@d529f731ae3e89610ada96eda34e5c6ba3b12214 # v0.5 + uses: release-plz/action@f708778669256143d984cce4b23592637532e040 # v0.5 with: command: release env: @@ -67,7 +67,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 persist-credentials: false @@ -76,14 +76,14 @@ jobs: uses: dtolnay/rust-toolchain@5d458579430fc14a04a08a1e7d3694f545e91ce6 # zizmor: ignore[stale-action-refs] -- pinned to stable branch - name: generate cultivator token - uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 + uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 id: generate-token with: app-id: "${{ secrets.EDERA_CULTIVATION_APP_ID }}" private-key: "${{ secrets.EDERA_CULTIVATION_APP_PRIVATE_KEY }}" - name: Run release-plz - uses: release-plz/action@d529f731ae3e89610ada96eda34e5c6ba3b12214 # v0.5 + uses: release-plz/action@f708778669256143d984cce4b23592637532e040 # v0.5 with: command: release-pr env: