diff --git a/.github/workflows/assistant-to-the-branch-manager.yml b/.github/workflows/assistant-to-the-branch-manager.yml index 458fcdb9b..0108d8a7e 100644 --- a/.github/workflows/assistant-to-the-branch-manager.yml +++ b/.github/workflows/assistant-to-the-branch-manager.yml @@ -16,7 +16,7 @@ jobs: assistant_to_the_branch_manager: runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: # Setting persist-credentials instructs actions/checkout not to persist the credentials # in configuration or environment. Since we don't rely on the credentials used for diff --git a/.github/workflows/branch-manager.yml b/.github/workflows/branch-manager.yml index ba2f71ba5..f6b28e88d 100644 --- a/.github/workflows/branch-manager.yml +++ b/.github/workflows/branch-manager.yml @@ -24,7 +24,7 @@ jobs: branch_manager: runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: # Setting `persist-credentials: false` prevents the github-action account from being the # account that is attempted to be used for authentication, instead the remote is set to diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b35ca3f79..f0f56ad4d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -23,7 +23,7 @@ jobs: # Because the checkout and setup node action is contained in the dev-infra repo, we must # checkout the repo to be able to run the action we have created. Other repos will skip # this step. - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: ./github-actions/npm/checkout-and-setup-node - uses: ./github-actions/bazel/setup - uses: ./github-actions/bazel/configure-remote @@ -38,7 +38,7 @@ jobs: # Because the checkout and setup node action is contained in the dev-infra repo, we must # checkout the repo to be able to run the action we have created. Other repos will skip # this step. - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: ./github-actions/npm/checkout-and-setup-node - uses: ./github-actions/bazel/setup - uses: ./github-actions/bazel/configure-remote @@ -52,7 +52,7 @@ jobs: # Because the checkout and setup node action is contained in the dev-infra repo, we must # checkout the repo to be able to run the action we have created. Other repos will skip # this step. - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: ./github-actions/npm/checkout-and-setup-node - uses: ./github-actions/bazel/setup - uses: ./github-actions/bazel/configure-remote @@ -67,7 +67,7 @@ jobs: # Because the checkout and setup node action is contained in the dev-infra repo, we must # checkout the repo to be able to run the action we have created. Other repos will skip # this step. - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: ./github-actions/npm/checkout-and-setup-node - uses: ./github-actions/bazel/setup - run: yarn install --immutable diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 1adecbe51..3ce81e4e8 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -25,12 +25,12 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Initialize CodeQL - uses: github/codeql-action/init@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11 + uses: github/codeql-action/init@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12 with: languages: ${{ matrix.language }} - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@6db8d6351fd0be61f9ed8ebd12ccd35dcec51fea # v3.26.11 + uses: github/codeql-action/analyze@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12 with: category: '/language:${{matrix.language}}' diff --git a/.github/workflows/commit-message-based-labels.yml b/.github/workflows/commit-message-based-labels.yml index 7deda7333..8f79fd80a 100644 --- a/.github/workflows/commit-message-based-labels.yml +++ b/.github/workflows/commit-message-based-labels.yml @@ -12,7 +12,7 @@ jobs: commit_message_based_labels: runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: ./github-actions/commit-message-based-labels with: angular-robot-key: ${{ secrets.ANGULAR_ROBOT_PRIVATE_KEY }} diff --git a/.github/workflows/feature-request.yml b/.github/workflows/feature-request.yml index c9aaf4762..39906f89d 100644 --- a/.github/workflows/feature-request.yml +++ b/.github/workflows/feature-request.yml @@ -10,7 +10,7 @@ jobs: feature_triage: runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: ./github-actions/feature-request with: angular-robot-key: ${{ secrets.ANGULAR_ROBOT_PRIVATE_KEY }} diff --git a/.github/workflows/ng-renovate.yml b/.github/workflows/ng-renovate.yml index 8f6e90acd..4127dca81 100644 --- a/.github/workflows/ng-renovate.yml +++ b/.github/workflows/ng-renovate.yml @@ -15,7 +15,7 @@ jobs: renovate: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - run: yarn --cwd .github/ng-renovate install --immutable shell: bash diff --git a/.github/workflows/org-wide-actions.yml b/.github/workflows/org-wide-actions.yml index d7a872069..2567dd590 100644 --- a/.github/workflows/org-wide-actions.yml +++ b/.github/workflows/org-wide-actions.yml @@ -14,7 +14,7 @@ jobs: if: github.repository == 'angular/dev-infra' runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: ./.github/local-actions/labels-sync with: angular-robot-key: ${{ secrets.ANGULAR_ROBOT_PRIVATE_KEY }} @@ -28,7 +28,7 @@ jobs: if: github.repository == 'angular/dev-infra' runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: ./.github/local-actions/lock-closed with: lock-bot-key: ${{ secrets.LOCK_BOT_PRIVATE_KEY }} diff --git a/.github/workflows/post-approval-changes.yml b/.github/workflows/post-approval-changes.yml index a95a67043..73d0c1a0f 100644 --- a/.github/workflows/post-approval-changes.yml +++ b/.github/workflows/post-approval-changes.yml @@ -9,7 +9,7 @@ jobs: post_approval_changes: runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: ./github-actions/post-approval-changes with: angular-robot-key: ${{ secrets.ANGULAR_ROBOT_PRIVATE_KEY }} diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml index 8e896ecce..bcdf3d72b 100644 --- a/.github/workflows/pr.yml +++ b/.github/workflows/pr.yml @@ -22,7 +22,7 @@ jobs: # Because the checkout and setup node action is contained in the dev-infra repo, we must # checkout the repo to be able to run the action we have created. Other repos will skip # this step. - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: ./github-actions/npm/checkout-and-setup-node - uses: ./github-actions/bazel/setup - uses: ./github-actions/bazel/configure-remote @@ -49,7 +49,7 @@ jobs: # Because the checkout and setup node action is contained in the dev-infra repo, we must # checkout the repo to be able to run the action we have created. Other repos will skip # this step. - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: ./github-actions/npm/checkout-and-setup-node - uses: ./github-actions/bazel/setup - uses: ./github-actions/bazel/configure-remote @@ -63,7 +63,7 @@ jobs: # Because the checkout and setup node action is contained in the dev-infra repo, we must # checkout the repo to be able to run the action we have created. Other repos will skip # this step. - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: ./github-actions/npm/checkout-and-setup-node - uses: ./github-actions/bazel/setup - uses: ./github-actions/bazel/configure-remote @@ -78,7 +78,7 @@ jobs: # Because the checkout and setup node action is contained in the dev-infra repo, we must # checkout the repo to be able to run the action we have created. Other repos will skip # this step. - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: ./github-actions/npm/checkout-and-setup-node - uses: ./github-actions/bazel/setup - run: yarn install --immutable diff --git a/.github/workflows/publish-snapshots.yml b/.github/workflows/publish-snapshots.yml index 93de42b8c..39fa68ba0 100644 --- a/.github/workflows/publish-snapshots.yml +++ b/.github/workflows/publish-snapshots.yml @@ -19,7 +19,7 @@ jobs: # Because the checkout and setup node action is contained in the dev-infra repo, we must # checkout the repo to be able to run the action we have created. Other repos will skip # this step. - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: fetch-depth: 1 - uses: ./github-actions/npm/checkout-and-setup-node diff --git a/.github/workflows/slash-commands.yml b/.github/workflows/slash-commands.yml index def521fb8..ee36027fd 100644 --- a/.github/workflows/slash-commands.yml +++ b/.github/workflows/slash-commands.yml @@ -12,7 +12,7 @@ jobs: slash_commands: runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: ./github-actions/slash-commands with: angular-robot-key: ${{ secrets.ANGULAR_ROBOT_PRIVATE_KEY }} diff --git a/.github/workflows/update-changelog.yml b/.github/workflows/update-changelog.yml index 201a55f18..c80865a03 100644 --- a/.github/workflows/update-changelog.yml +++ b/.github/workflows/update-changelog.yml @@ -14,7 +14,7 @@ jobs: update_changelog: runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: # Setting `persist-credentials: false` prevents the github-action account from being the # account that is attempted to be used for authentication, instead the remote is set to diff --git a/github-actions/npm/checkout-and-setup-node/action.yml b/github-actions/npm/checkout-and-setup-node/action.yml index 2f5329b70..9a89481ab 100644 --- a/github-actions/npm/checkout-and-setup-node/action.yml +++ b/github-actions/npm/checkout-and-setup-node/action.yml @@ -32,7 +32,7 @@ inputs: runs: using: composite steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: filter: blob:none persist-credentials: false