Merge pull request #772 from OWASP/update-action

update workflow action versions and package versions

Author: jgadsden

.github/workflows/browserstack.yaml

@@ -17,10 +17,10 @@ jobs:
     if: github.repository == 'OWASP/threat-dragon'
     steps:
       - name: Checkout
-        uses: actions/checkout@v4.1.0
+        uses: actions/checkout@v4.1.1
 
       - name: Use Node.js 18.x
-        uses: actions/setup-node@v3.8.0
+        uses: actions/setup-node@v4.0.0
         with:
           node-version: '18'
 

.github/workflows/housekeeping.yaml

@@ -34,7 +34,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4.1.0
+        uses: actions/checkout@v4.1.1
         with:
           ref: main
 
@@ -60,7 +60,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4.1.0
+        uses: actions/checkout@v4.1.1
         with:
           ref: main
 
@@ -84,7 +84,7 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout markdown
-        uses: actions/checkout@v4.1.0
+        uses: actions/checkout@v4.1.1
 
       - name: Link Checker
         uses: lycheeverse/lychee-action@v1.8.0

.github/workflows/pull_request.yaml

@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout markdown
-        uses: actions/checkout@v4.1.0
+        uses: actions/checkout@v4.1.1
 
       - name: Link Checker
         uses: lycheeverse/lychee-action@v1.8.0
@@ -31,7 +31,7 @@ jobs:
     runs-on: ubuntu-22.04
     steps:
       - name: Checkout markdown
-        uses: actions/checkout@v4.1.0
+        uses: actions/checkout@v4.1.1
 
       # do not use  **/*.md as this will include the third party packages
       - name: Lint markdown
@@ -49,7 +49,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4.1.0
+        uses: actions/checkout@v4.1.1
 
       - name: Initialize CodeQL
         uses: github/codeql-action/init@v2.22.1
@@ -74,10 +74,10 @@ jobs:
         working-directory: td.server
     steps:
       - name: Checkout
-        uses: actions/checkout@v4.1.0
+        uses: actions/checkout@v4.1.1
 
       - name: Use Node.js 18.x
-        uses: actions/setup-node@v3.8.0
+        uses: actions/setup-node@v4.0.0
         with:
           node-version: '18'
 
@@ -106,10 +106,10 @@ jobs:
         working-directory: td.vue
     steps:
       - name: Checkout
-        uses: actions/checkout@v4.1.0
+        uses: actions/checkout@v4.1.1
 
       - name: Use Node.js 18.x
-        uses: actions/setup-node@v3.8.0
+        uses: actions/setup-node@v4.0.0
         with:
           node-version: '18'
 
@@ -138,10 +138,10 @@ jobs:
         working-directory: td.vue
     steps:
       - name: Checkout
-        uses: actions/checkout@v4.1.0
+        uses: actions/checkout@v4.1.1
 
       - name: Use Node.js 18.x
-        uses: actions/setup-node@v3.8.0
+        uses: actions/setup-node@v4.0.0
         with:
           node-version: '18'
 
@@ -171,15 +171,15 @@ jobs:
         working-directory: td.vue
     steps:
       - name: Checkout
-        uses: actions/checkout@v4.1.0
+        uses: actions/checkout@v4.1.1
 
       # ubuntu does not find this chrome driver
       # so until this is fixed, use only windows-latest
       - name: Setup Chrome
         uses: browser-actions/setup-chrome@v1.2.1
 
       - name: Use Node.js 18.x
-        uses: actions/setup-node@v3.8.0
+        uses: actions/setup-node@v4.0.0
         with:
           node-version: '18'
 
@@ -210,7 +210,7 @@ jobs:
     if: github.repository == 'OWASP/threat-dragon'
     steps:
       - name: Checkout
-        uses: actions/checkout@v4.1.0
+        uses: actions/checkout@v4.1.1
 
       - name: Set up Docker Buildx
         id: buildx
@@ -253,7 +253,7 @@ jobs:
         working-directory: td.vue
     steps:
       - name: Checkout
-        uses: actions/checkout@v4.1.0
+        uses: actions/checkout@v4.1.1
 
       - name: Run Threat Dragon
         run: |
@@ -269,7 +269,7 @@ jobs:
             ${{ env.IMAGE_NAME }}
 
       - name: Use Node.js 18.x
-        uses: actions/setup-node@v3.8.0
+        uses: actions/setup-node@v4.0.0
         with:
           node-version: '18'
 
@@ -303,7 +303,7 @@ jobs:
         working-directory: td.vue
     steps:
       - name: Checkout
-        uses: actions/checkout@v4.1.0
+        uses: actions/checkout@v4.1.1
 
       - name: Run Threat Dragon
         run: |
@@ -319,7 +319,7 @@ jobs:
             ${{ env.IMAGE_NAME }}
 
       - name: Use Node.js 18.x
-        uses: actions/setup-node@v3.8.0
+        uses: actions/setup-node@v4.0.0
         with:
           node-version: '18'
 
@@ -363,7 +363,7 @@ jobs:
             ${{ env.IMAGE_NAME }}
 
       - name: Checkout
-        uses: actions/checkout@v4.1.0
+        uses: actions/checkout@v4.1.1
 
       # There's probably a better way of doing this.
       # Not a great idea to chmod 777, even if it's only
@@ -398,7 +398,7 @@ jobs:
     steps:
       # Need .trivyignore
       - name: Checkout
-        uses: actions/checkout@v4.1.0
+        uses: actions/checkout@v4.1.1
 
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@0.12.0
@@ -413,10 +413,10 @@ jobs:
     needs: [e2e_smokes]
     steps:
       - name: Check out
-        uses: actions/checkout@v4.1.0
+        uses: actions/checkout@v4.1.1
 
       - name: Use Node.js 18.x
-        uses: actions/setup-node@v3.8.0
+        uses: actions/setup-node@v4.0.0
         with:
           node-version: '18'