diff --git a/.github/workflows/build-ci-container.yml b/.github/workflows/build-ci-container.yml index 28fc7de2ee..1a3e773700 100644 --- a/.github/workflows/build-ci-container.yml +++ b/.github/workflows/build-ci-container.yml @@ -26,7 +26,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout LLVM - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: sparse-checkout: .github/workflows/containers/github-action-ci/ - name: Change podman Root Direcotry @@ -65,7 +65,7 @@ jobs: echo "container-name-tag=$container_name:$tag" >> $GITHUB_OUTPUT - name: Checkout LLVM - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: sparse-checkout: .github/workflows/containers/github-action-ci/ @@ -81,7 +81,7 @@ jobs: # $GITHUB_WORKSPACE to avoid space limitations on the default drive # and use the permissions setup for /mnt/podman. - name: Download stage1-toolchain - uses: actions/download-artifact@v4 + uses: actions/download-artifact@v5 with: name: stage1-toolchain path: /mnt/podman diff --git a/.github/workflows/ci-post-commit-analyzer.yml b/.github/workflows/ci-post-commit-analyzer.yml index d614dd07b3..2a4cb7f5df 100644 --- a/.github/workflows/ci-post-commit-analyzer.yml +++ b/.github/workflows/ci-post-commit-analyzer.yml @@ -41,7 +41,7 @@ jobs: LLVM_VERSION: 18 steps: - name: Checkout Source - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.1.1 - name: Setup ccache uses: hendrikmuhs/ccache-action@v1 @@ -87,7 +87,7 @@ jobs: scan-build --generate-index-only build/analyzer-results - name: Upload Results - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 #v4.3.0 + uses: actions/upload-artifact@2848b2cda0e5190984587ec6bb1f36730ca78d50 #v4.3.0 if: always() with: name: analyzer-results diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 800e929157..5d08286d21 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -60,12 +60,12 @@ jobs: # a local checkout beforehand. - name: Fetch LLVM sources (Push) if: ${{ github.event_name == 'push' }} - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: fetch-depth: 1 - name: Get subprojects that have doc changes id: docs-changed-subprojects - uses: tj-actions/changed-files@v39 + uses: tj-actions/changed-files@v47 with: files_yaml: | llvm: @@ -96,11 +96,11 @@ jobs: - 'flang/include/flang/Optimizer/Dialect/FIROps.td' - name: Fetch LLVM sources (PR) if: ${{ github.event_name == 'pull_request' }} - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: fetch-depth: 1 - name: Setup Python env - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: '3.11' cache: 'pip' diff --git a/.github/workflows/email-check.yaml b/.github/workflows/email-check.yaml index 8f32d02097..c23c8e4bde 100644 --- a/.github/workflows/email-check.yaml +++ b/.github/workflows/email-check.yaml @@ -14,7 +14,7 @@ jobs: if: github.repository == 'llvm/llvm-project' steps: - name: Fetch LLVM sources - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: ref: ${{ github.event.pull_request.head.sha }} @@ -38,7 +38,7 @@ jobs: [{"body" : "$COMMENT"}] EOF - - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 #v4.3.0 + - uses: actions/upload-artifact@2848b2cda0e5190984587ec6bb1f36730ca78d50 #v4.3.0 if: always() with: name: workflow-args diff --git a/.github/workflows/issue-release-workflow.yml b/.github/workflows/issue-release-workflow.yml index 5027d4f3ea..a385ccced2 100644 --- a/.github/workflows/issue-release-workflow.yml +++ b/.github/workflows/issue-release-workflow.yml @@ -42,7 +42,7 @@ jobs: contains(github.event.action == 'opened' && github.event.issue.body || github.event.comment.body, '/cherry-pick') steps: - name: Fetch LLVM sources - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: repository: llvm/llvm-project # GitHub stores the token used for checkout and uses it for pushes diff --git a/.github/workflows/issue-subscriber.yml b/.github/workflows/issue-subscriber.yml index ef4fdf4418..bd40d5ccdf 100644 --- a/.github/workflows/issue-subscriber.yml +++ b/.github/workflows/issue-subscriber.yml @@ -14,7 +14,7 @@ jobs: if: github.repository == 'llvm/llvm-project' steps: - name: Checkout Automation Script - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: sparse-checkout: llvm/utils/git/ ref: main diff --git a/.github/workflows/issue-write.yml b/.github/workflows/issue-write.yml index 5334157a7f..ad6265e0c6 100644 --- a/.github/workflows/issue-write.yml +++ b/.github/workflows/issue-write.yml @@ -25,7 +25,7 @@ jobs: ) steps: - name: Fetch Sources - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: sparse-checkout: | .github/workflows/unprivileged-download-artifact/action.yml @@ -39,7 +39,7 @@ jobs: - name: 'Comment on PR' if: steps.download-artifact.outputs.artifact-id != '' - uses: actions/github-script@v3 + uses: actions/github-script@v8 with: github-token: ${{ secrets.GITHUB_TOKEN }} script: | diff --git a/.github/workflows/libclang-abi-tests.yml b/.github/workflows/libclang-abi-tests.yml index 9e839ff49e..c594b2af7c 100644 --- a/.github/workflows/libclang-abi-tests.yml +++ b/.github/workflows/libclang-abi-tests.yml @@ -38,7 +38,7 @@ jobs: LLVM_VERSION_PATCH: ${{ steps.version.outputs.patch }} steps: - name: Checkout source - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: fetch-depth: 250 @@ -130,7 +130,7 @@ jobs: sed -i 's/LLVM_[0-9]\+/LLVM_NOVERSION/' $lib-${{ matrix.ref }}.abi done - name: Upload ABI file - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: ${{ matrix.name }} path: '*${{ matrix.ref }}.abi' @@ -143,12 +143,12 @@ jobs: - abi-dump steps: - name: Download baseline - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v5 with: name: build-baseline path: build-baseline - name: Download latest - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v5 with: name: build-latest path: build-latest @@ -162,7 +162,7 @@ jobs: done - name: Upload ABI Comparison if: always() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: compat-report-${{ github.sha }} path: compat_reports/ diff --git a/.github/workflows/libcxx-build-and-test.yaml b/.github/workflows/libcxx-build-and-test.yaml index 1456f245cf..b625f46e72 100644 --- a/.github/workflows/libcxx-build-and-test.yaml +++ b/.github/workflows/libcxx-build-and-test.yaml @@ -66,13 +66,13 @@ jobs: cc: 'gcc-14' cxx: 'g++-14' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5.0.0 - name: ${{ matrix.config }}.${{ matrix.cxx }} run: libcxx/utils/ci/run-buildbot ${{ matrix.config }} env: CC: ${{ matrix.cc }} CXX: ${{ matrix.cxx }} - - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 + - uses: actions/upload-artifact@2848b2cda0e5190984587ec6bb1f36730ca78d50 # v4.3.0 if: always() with: name: ${{ matrix.config }}-${{ matrix.cxx }}-results @@ -110,13 +110,13 @@ jobs: cc: 'clang-18' cxx: 'clang++-18' steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5.0.0 - name: ${{ matrix.config }} run: libcxx/utils/ci/run-buildbot ${{ matrix.config }} env: CC: ${{ matrix.cc }} CXX: ${{ matrix.cxx }} - - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 + - uses: actions/upload-artifact@2848b2cda0e5190984587ec6bb1f36730ca78d50 # v4.3.0 if: always() # Upload artifacts even if the build or test suite fails with: name: ${{ matrix.config }}-${{ matrix.cxx }}-results @@ -174,13 +174,13 @@ jobs: machine: libcxx-runners-8-set runs-on: ${{ matrix.machine }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5.0.0 - name: ${{ matrix.config }} run: libcxx/utils/ci/run-buildbot ${{ matrix.config }} env: CC: clang-19 CXX: clang++-19 - - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 # v4.3.0 + - uses: actions/upload-artifact@2848b2cda0e5190984587ec6bb1f36730ca78d50 # v4.3.0 if: always() with: name: ${{ matrix.config }}-results @@ -206,7 +206,7 @@ jobs: - { config: mingw-static, mingw: true } - { config: mingw-dll-i686, mingw: true } steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v5.0.0 - name: Install dependencies run: | choco install -y ninja diff --git a/.github/workflows/libcxx-check-generated-files.yml b/.github/workflows/libcxx-check-generated-files.yml index 570055624b..9b98cd820f 100644 --- a/.github/workflows/libcxx-check-generated-files.yml +++ b/.github/workflows/libcxx-check-generated-files.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Fetch LLVM sources - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 - name: Install dependencies uses: aminya/setup-cpp@v1 diff --git a/.github/workflows/libcxx-restart-preempted-jobs.yaml b/.github/workflows/libcxx-restart-preempted-jobs.yaml index 21879ce19c..5057f9e7c8 100644 --- a/.github/workflows/libcxx-restart-preempted-jobs.yaml +++ b/.github/workflows/libcxx-restart-preempted-jobs.yaml @@ -29,7 +29,7 @@ jobs: runs-on: ubuntu-latest steps: - name: "Restart Job" - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea #v7.0.1 + uses: actions/github-script@ffc2c79a5b2490bd33e0a41c1de74b877714d736 #v3.2.0 with: script: | const failure_regex = /Process completed with exit code 1./ diff --git a/.github/workflows/llvm-bugs.yml b/.github/workflows/llvm-bugs.yml index c392078fa4..82a5b6fe7f 100644 --- a/.github/workflows/llvm-bugs.yml +++ b/.github/workflows/llvm-bugs.yml @@ -14,13 +14,13 @@ jobs: runs-on: ubuntu-latest if: github.repository == 'llvm/llvm-project' steps: - - uses: actions/setup-node@v4 + - uses: actions/setup-node@v5 with: node-version: 18 check-latest: true - run: npm install mailgun.js form-data - name: Send notification - uses: actions/github-script@v6 + uses: actions/github-script@v8 env: MAILGUN_API_KEY: ${{ secrets.LLVM_BUGS_KEY }} with: diff --git a/.github/workflows/llvm-tests.yml b/.github/workflows/llvm-tests.yml index 26e644229a..83434e3dc9 100644 --- a/.github/workflows/llvm-tests.yml +++ b/.github/workflows/llvm-tests.yml @@ -48,7 +48,7 @@ jobs: LLVM_VERSION_PATCH: ${{ steps.version.outputs.patch }} steps: - name: Checkout source - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: fetch-depth: 250 @@ -137,14 +137,14 @@ jobs: # Remove symbol versioning from dumps, so we can compare across major versions. sed -i 's/LLVM_${{ matrix.llvm_version_major }}/LLVM_NOVERSION/' ${{ matrix.ref }}.abi - name: Upload ABI file - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: ${{ matrix.name }} path: ${{ matrix.ref }}.abi - name: Upload symbol list file if: matrix.name == 'build-baseline' - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: symbol-list path: llvm.symbols @@ -157,17 +157,17 @@ jobs: - abi-dump steps: - name: Download baseline - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v5 with: name: build-baseline path: build-baseline - name: Download latest - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v5 with: name: build-latest path: build-latest - name: Download symbol list - uses: actions/download-artifact@v3 + uses: actions/download-artifact@v5 with: name: symbol-list path: symbol-list @@ -186,7 +186,7 @@ jobs: abi-compliance-checker $EXTRA_ARGS -l libLLVM.so -old build-baseline/*.abi -new build-latest/*.abi || test "${{ needs.abi-dump-setup.outputs.ABI_HEADERS }}" = "llvm-c" - name: Upload ABI Comparison if: always() - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: compat-report-${{ github.sha }} path: compat_reports/ diff --git a/.github/workflows/merged-prs.yml b/.github/workflows/merged-prs.yml index e29afd4097..8bab4678a0 100644 --- a/.github/workflows/merged-prs.yml +++ b/.github/workflows/merged-prs.yml @@ -21,7 +21,7 @@ jobs: (github.event.pull_request.merged == true) steps: - name: Checkout Automation Script - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: sparse-checkout: llvm/utils/git/ ref: main diff --git a/.github/workflows/new-prs.yml b/.github/workflows/new-prs.yml index 88175d6f8d..c7bad8375b 100644 --- a/.github/workflows/new-prs.yml +++ b/.github/workflows/new-prs.yml @@ -35,7 +35,7 @@ jobs: (github.event.pull_request.author_association != 'OWNER') steps: - name: Checkout Automation Script - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: sparse-checkout: llvm/utils/git/ ref: main @@ -67,7 +67,7 @@ jobs: github.event.pull_request.draft == false && github.event.pull_request.commits < 10 steps: - - uses: actions/labeler@v4 + - uses: actions/labeler@v6 with: configuration-path: .github/new-prs-labeler.yml # workaround for https://github.com/actions/labeler/issues/112 diff --git a/.github/workflows/pr-code-format.yml b/.github/workflows/pr-code-format.yml index 22357e5d99..fc5040aef1 100644 --- a/.github/workflows/pr-code-format.yml +++ b/.github/workflows/pr-code-format.yml @@ -14,7 +14,7 @@ jobs: if: github.repository == 'llvm/llvm-project' steps: - name: Fetch LLVM sources - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: ref: ${{ github.event.pull_request.head.sha }} @@ -27,7 +27,7 @@ jobs: - name: Get changed files id: changed-files - uses: tj-actions/changed-files@v39 + uses: tj-actions/changed-files@v47 with: separator: "," skip_initial_fetch: true @@ -35,7 +35,7 @@ jobs: # We need to pull the script from the main branch, so that we ensure # we get the latest version of this script. - name: Fetch code formatting utils - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: repository: ${{ github.repository }} ref: ${{ github.base_ref }} @@ -58,7 +58,7 @@ jobs: clangformat: 18.1.7 - name: Setup Python env - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: python-version: '3.11' cache: 'pip' @@ -88,7 +88,7 @@ jobs: --end-rev $END_REV \ --changed-files "$CHANGED_FILES" - - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 #v4.3.0 + - uses: actions/upload-artifact@2848b2cda0e5190984587ec6bb1f36730ca78d50 #v4.3.0 if: always() with: name: workflow-args diff --git a/.github/workflows/pr-request-release-note.yml b/.github/workflows/pr-request-release-note.yml index 2fa501dda1..051315570b 100644 --- a/.github/workflows/pr-request-release-note.yml +++ b/.github/workflows/pr-request-release-note.yml @@ -19,7 +19,7 @@ jobs: # We need to pull the script from the main branch, so that we ensure # we get the latest version of this script. - name: Checkout Scripts - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.1.1 with: sparse-checkout: | llvm/utils/git/requirements.txt @@ -41,7 +41,7 @@ jobs: request-release-note \ --pr-number ${{ github.event.pull_request.number}} - - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 #v4.3.0 + - uses: actions/upload-artifact@2848b2cda0e5190984587ec6bb1f36730ca78d50 #v4.3.0 if: always() with: name: workflow-args diff --git a/.github/workflows/pr-subscriber.yml b/.github/workflows/pr-subscriber.yml index 272d3e2f9e..dd302e0b3f 100644 --- a/.github/workflows/pr-subscriber.yml +++ b/.github/workflows/pr-subscriber.yml @@ -14,7 +14,7 @@ jobs: if: github.repository == 'llvm/llvm-project' steps: - name: Checkout Automation Script - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: sparse-checkout: llvm/utils/git/ ref: main diff --git a/.github/workflows/release-binaries.yml b/.github/workflows/release-binaries.yml index 925912df68..85d6a063fa 100644 --- a/.github/workflows/release-binaries.yml +++ b/.github/workflows/release-binaries.yml @@ -64,12 +64,12 @@ jobs: steps: # It's good practice to use setup-python, but this is also required on macos-14 # due to https://github.com/actions/runner-images/issues/10385 - - uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f + - uses: actions/setup-python@2e3e4b15a884dc73a63f962bff250a855150a234 with: python-version: '3.12' - name: Checkout LLVM - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.1.1 - name: Install Dependencies shell: bash @@ -153,7 +153,7 @@ jobs: steps: - name: Checkout Actions - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.1.1 with: ref: ${{ (github.event_name == 'pull_request' && github.sha) || 'main' }} sparse-checkout: | @@ -174,7 +174,7 @@ jobs: run: mv workflows ../workflows-main - name: Checkout LLVM - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.1.1 with: ref: ${{ needs.prepare.outputs.ref }} @@ -227,7 +227,7 @@ jobs: runs-on: ${{ inputs.runs-on }} steps: - name: Checkout Actions - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: ref: ${{ (github.event_name == 'pull_request' && github.sha) || 'main' }} sparse-checkout: | @@ -261,7 +261,7 @@ jobs: runs-on: ${{ inputs.runs-on }} steps: - name: Checkout Actions - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: ref: ${{ (github.event_name == 'pull_request' && github.sha) || 'main' }} sparse-checkout: | @@ -310,7 +310,7 @@ jobs: runs-on: ${{ inputs.runs-on }} steps: - name: Checkout Actions - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: ref: ${{ (github.event_name == 'pull_request' && github.sha) || 'main' }} sparse-checkout: | @@ -360,7 +360,7 @@ jobs: runs-on: ${{ inputs.runs-on }} steps: - name: Checkout Actions - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: ref: ${{ (github.event_name == 'pull_request' && github.sha) || 'main' }} sparse-checkout: | @@ -384,7 +384,7 @@ jobs: # and other steps expect D:\files. mv ${{ steps.setup-stage.outputs.build-prefix }}/build/tools/clang/stage2-bins/${{ needs.prepare.outputs.release-binary-filename }} . - - uses: actions/upload-artifact@26f96dfa697d77e81fd5907df203aa23a56210a8 #v4.3.0 + - uses: actions/upload-artifact@2848b2cda0e5190984587ec6bb1f36730ca78d50 #v4.3.0 with: name: ${{ runner.os }}-${{ runner.arch }}-release-binary # Due to path differences on Windows when running in bash vs running on node, @@ -421,14 +421,14 @@ jobs: steps: - name: 'Download artifact' - uses: actions/download-artifact@6b208ae046db98c579e8a3aa621ab581ff575935 # v4.1.1 + uses: actions/download-artifact@4a24838f3d5601fd639834081e118c2995d51e1c # v4.1.1 with: pattern: '*-release-binary' merge-multiple: true - name: Attest Build Provenance id: provenance - uses: actions/attest-build-provenance@897ed5eab6ed058a474202017ada7f40bfa52940 # v1.0.0 + uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0 with: subject-path: ${{ needs.prepare.outputs.release-binary-filename }} @@ -437,13 +437,13 @@ jobs: mv ${{ steps.provenance.outputs.bundle-path }} ${{ needs.prepare.outputs.release-binary-filename }}.jsonl - name: Upload Build Provenance - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 #v4.3.3 + uses: actions/upload-artifact@2848b2cda0e5190984587ec6bb1f36730ca78d50 #v4.3.3 with: name: ${{ needs.prepare.outputs.release-binary-filename }}-attestation path: ${{ needs.prepare.outputs.release-binary-filename }}.jsonl - name: Checkout Release Scripts - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.1.1 with: sparse-checkout: | llvm/utils/release/github-upload-release.py @@ -473,7 +473,7 @@ jobs: runs-on: ${{ inputs.runs-on }} steps: - name: Checkout Actions - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: ref: ${{ (github.event_name == 'pull_request' && github.sha) || 'main' }} sparse-checkout: | diff --git a/.github/workflows/release-documentation.yml b/.github/workflows/release-documentation.yml index 70e5f08b6f..9059eccd33 100644 --- a/.github/workflows/release-documentation.yml +++ b/.github/workflows/release-documentation.yml @@ -34,10 +34,10 @@ jobs: upload: ${{ inputs.upload && !contains(inputs.release-version, 'rc') }} steps: - name: Checkout LLVM - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.1.1 - name: Setup Python env - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: cache: 'pip' cache-dependency-path: './llvm/docs/requirements.txt' @@ -59,14 +59,14 @@ jobs: ./llvm/utils/release/build-docs.sh -release "${{ inputs.release-version }}" -no-doxygen - name: Create Release Notes Artifact - uses: actions/upload-artifact@v3 + uses: actions/upload-artifact@v4 with: name: release-notes path: docs-build/html-export/ - name: Clone www-releases if: env.upload - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.1.1 with: repository: ${{ github.repository_owner }}/www-releases ref: main diff --git a/.github/workflows/release-doxygen.yml b/.github/workflows/release-doxygen.yml index ea95e5bb12..bb4627beb1 100644 --- a/.github/workflows/release-doxygen.yml +++ b/.github/workflows/release-doxygen.yml @@ -40,10 +40,10 @@ jobs: upload: ${{ inputs.upload && !contains(inputs.release-version, 'rc') }} steps: - name: Checkout LLVM - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.1.1 - name: Setup Python env - uses: actions/setup-python@v5 + uses: actions/setup-python@v6 with: cache: 'pip' cache-dependency-path: './llvm/docs/requirements.txt' diff --git a/.github/workflows/release-lit.yml b/.github/workflows/release-lit.yml index 9d6f3140e6..7dc58899ea 100644 --- a/.github/workflows/release-lit.yml +++ b/.github/workflows/release-lit.yml @@ -28,7 +28,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout LLVM - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.1.1 with: ref: "llvmorg-${{ inputs.release-version }}" diff --git a/.github/workflows/release-sources.yml b/.github/workflows/release-sources.yml index a6c86823f9..4d441411c7 100644 --- a/.github/workflows/release-sources.yml +++ b/.github/workflows/release-sources.yml @@ -71,7 +71,7 @@ jobs: attestations: write steps: - name: Checkout LLVM - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.1.1 with: ref: ${{ needs.inputs.outputs.ref }} fetch-tags: true @@ -92,14 +92,14 @@ jobs: - name: Attest Build Provenance if: github.event_name != 'pull_request' id: provenance - uses: actions/attest-build-provenance@897ed5eab6ed058a474202017ada7f40bfa52940 # v1.0.0 + uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a # v3.0.0 with: subject-path: "*.xz" - if: github.event_name != 'pull_request' run: | mv ${{ steps.provenance.outputs.bundle-path }} . - name: Create Tarball Artifacts - uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 #v4.3.3 + uses: actions/upload-artifact@2848b2cda0e5190984587ec6bb1f36730ca78d50 #v4.3.3 with: path: | *.xz diff --git a/.github/workflows/release-tasks.yml b/.github/workflows/release-tasks.yml index 780dd0ff63..0c5b43dcb2 100644 --- a/.github/workflows/release-tasks.yml +++ b/.github/workflows/release-tasks.yml @@ -38,7 +38,7 @@ jobs: sudo apt-get install python3-github - name: Checkout LLVM - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v4.1.1 - name: Create Release env: diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index ff61cf83a6..be464817fe 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -31,12 +31,12 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8 # v3.1.0 + uses: actions/checkout@ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493 # v3.1.0 with: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@0864cf19026789058feabb7e87baa5f140aac736 # v2.3.1 + uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3 with: results_file: results.sarif results_format: sarif @@ -49,7 +49,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0 + uses: actions/upload-artifact@2848b2cda0e5190984587ec6bb1f36730ca78d50 # v3.1.0 with: name: SARIF file path: results.sarif @@ -57,6 +57,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@17573ee1cc1b9d061760f3a006fc4aac4f944fd5 # v2.2.4 + uses: github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 with: sarif_file: results.sarif diff --git a/.github/workflows/version-check.yml b/.github/workflows/version-check.yml index 894e07d323..9039ccecbf 100644 --- a/.github/workflows/version-check.yml +++ b/.github/workflows/version-check.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Fetch LLVM sources - uses: actions/checkout@v4 + uses: actions/checkout@v5.0.0 with: fetch-depth: 0