diff --git a/.github/workflows/backend-lint-and-test.yaml b/.github/workflows/backend-lint-and-test.yaml index 3e6e6cf316..574e0dadbb 100644 --- a/.github/workflows/backend-lint-and-test.yaml +++ b/.github/workflows/backend-lint-and-test.yaml @@ -30,7 +30,7 @@ jobs: run_workflow: ${{ steps.run_workflow.outputs.run }} steps: - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -62,17 +62,17 @@ jobs: contents: read # to checkout code steps: - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: "3.13" - name: Install uv - uses: astral-sh/setup-uv@3259c6206f993105e3a61b142c2d97bf4b9ef83d # v7.1.0 + uses: astral-sh/setup-uv@1e862dfacbd1d6d858c55d9b792c756523627244 # v7.1.4 with: version: "0.9.7" enable-cache: false diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index c84b0d5ba3..7053e6e88c 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -31,7 +31,7 @@ jobs: run_workflow: ${{ steps.run_workflow.outputs.run }} steps: - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -67,17 +67,17 @@ jobs: contents: read steps: - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Initial cleanup - uses: open-edge-platform/geti-ci/actions/cleanup-runner@b7d997c1651b1e1b99a280033bd268b55ccb7923 + uses: open-edge-platform/geti-ci/actions/cleanup-runner@afe1729816efe6eb87b6b3a5643ad8aa44fba5ee with: type: "initial" - name: Pre-build cleanup - uses: open-edge-platform/geti-ci/actions/cleanup-runner@b7d997c1651b1e1b99a280033bd268b55ccb7923 + uses: open-edge-platform/geti-ci/actions/cleanup-runner@afe1729816efe6eb87b6b3a5643ad8aa44fba5ee with: type: "pre-build" @@ -86,7 +86,7 @@ jobs: - name: Extract metadata (tags, labels) for Docker id: meta - uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # v5.8.0 + uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0 with: tags: | type=sha @@ -219,7 +219,7 @@ jobs: continue-on-error: true steps: - name: Download all image size artifacts - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: pattern: image-sizes-* merge-multiple: true diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index bf283ef98f..80c0f0160c 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -26,7 +26,7 @@ jobs: run_rust: "${{ steps.prepare_outputs.outputs.run_rust }}" steps: - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -106,13 +106,13 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@f443b600d91635bebf5b0d9ebc620189c0d6fba5 # v4.30.8 + uses: github/codeql-action/init@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6 if: ${{ matrix.run == 'true' }} with: languages: ${{ matrix.language }} @@ -120,7 +120,7 @@ jobs: queries: security-extended - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@f443b600d91635bebf5b0d9ebc620189c0d6fba5 # v4.30.8 + uses: github/codeql-action/analyze@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6 if: ${{ matrix.run == 'true' }} with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml index 5bc4b14c34..e4f04eab90 100644 --- a/.github/workflows/dependency-review.yaml +++ b/.github/workflows/dependency-review.yaml @@ -9,8 +9,8 @@ jobs: runs-on: ubuntu-24.04 steps: - name: "Checkout Repository" - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: "Dependency Review" - uses: actions/dependency-review-action@40c09b7dc99638e5ddb0bfd91c1673effc064d8a # v4.8.1 + uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2 diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml index b24e20de61..0ed4bd10b5 100644 --- a/.github/workflows/docs.yaml +++ b/.github/workflows/docs.yaml @@ -15,15 +15,15 @@ jobs: contents: write # needed to commit docs steps: - name: Runner cleanup - uses: open-edge-platform/geti-ci/actions/cleanup-runner@60c5b06ac4b2c056f3567e84aa7fa06930cdc4e4 + uses: open-edge-platform/geti-ci/actions/cleanup-runner@afe1729816efe6eb87b6b3a5643ad8aa44fba5ee with: type: "initial" - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: "3.12" - name: Install dependencies diff --git a/.github/workflows/docs_stable.yaml b/.github/workflows/docs_stable.yaml index ec8ecd7d9b..d039b2f2b9 100644 --- a/.github/workflows/docs_stable.yaml +++ b/.github/workflows/docs_stable.yaml @@ -13,16 +13,16 @@ jobs: contents: write # needed to commit docs steps: - name: Runner cleanup - uses: open-edge-platform/geti-ci/actions/cleanup-runner@60c5b06ac4b2c056f3567e84aa7fa06930cdc4e4 + uses: open-edge-platform/geti-ci/actions/cleanup-runner@afe1729816efe6eb87b6b3a5643ad8aa44fba5ee with: type: "initial" - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 # otherwise, you will failed to push refs to dest repo persist-credentials: false - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: "3.12" - name: Install dependencies diff --git a/.github/workflows/lib-lint-and-test.yaml b/.github/workflows/lib-lint-and-test.yaml index 263c42ccf9..67ecc7dc9b 100644 --- a/.github/workflows/lib-lint-and-test.yaml +++ b/.github/workflows/lib-lint-and-test.yaml @@ -31,7 +31,7 @@ jobs: run_workflow: ${{ steps.run_workflow.outputs.run }} steps: - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -63,17 +63,17 @@ jobs: contents: read steps: - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: "3.13" - name: Install uv - uses: astral-sh/setup-uv@3259c6206f993105e3a61b142c2d97bf4b9ef83d # v7.1.0 + uses: astral-sh/setup-uv@1e862dfacbd1d6d858c55d9b792c756523627244 # v7.1.4 with: version: "0.9.7" enable-cache: false @@ -116,17 +116,17 @@ jobs: name: unit-tests-with-Python${{ matrix.python-version }} steps: - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: "3.13" - name: Install uv - uses: astral-sh/setup-uv@3259c6206f993105e3a61b142c2d97bf4b9ef83d # v7.1.0 + uses: astral-sh/setup-uv@1e862dfacbd1d6d858c55d9b792c756523627244 # v7.1.4 with: version: "0.9.7" enable-cache: false @@ -170,17 +170,17 @@ jobs: name: integration-tests-${{ matrix.task }}-py${{ matrix.python-version }} steps: - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: ${{ matrix.python-version }} - name: Install uv - uses: astral-sh/setup-uv@3259c6206f993105e3a61b142c2d97bf4b9ef83d # v7.1.0 + uses: astral-sh/setup-uv@1e862dfacbd1d6d858c55d9b792c756523627244 # v7.1.4 with: version: "0.9.7" enable-cache: false diff --git a/.github/workflows/pr-security-scan.yaml b/.github/workflows/pr-security-scan.yaml index 51ff99b415..50f84aae61 100644 --- a/.github/workflows/pr-security-scan.yaml +++ b/.github/workflows/pr-security-scan.yaml @@ -19,11 +19,11 @@ jobs: contents: read steps: - name: Checkout code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Run Zizmor scan - uses: open-edge-platform/geti-ci/actions/zizmor@60c5b06ac4b2c056f3567e84aa7fa06930cdc4e4 + uses: open-edge-platform/geti-ci/actions/zizmor@afe1729816efe6eb87b6b3a5643ad8aa44fba5ee with: scan-scope: "changed" severity-level: "MEDIUM" @@ -36,11 +36,11 @@ jobs: contents: read steps: - name: Checkout code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Run Bandit scan - uses: open-edge-platform/geti-ci/actions/bandit@60c5b06ac4b2c056f3567e84aa7fa06930cdc4e4 + uses: open-edge-platform/geti-ci/actions/bandit@afe1729816efe6eb87b6b3a5643ad8aa44fba5ee with: scan-scope: "changed" severity-level: "LOW" diff --git a/.github/workflows/pr_comment_trigger.yaml b/.github/workflows/pr_comment_trigger.yaml index 1e400c0251..98333d83ac 100644 --- a/.github/workflows/pr_comment_trigger.yaml +++ b/.github/workflows/pr_comment_trigger.yaml @@ -79,7 +79,7 @@ jobs: run: echo "$(git branch)" - name: Install Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6 with: python-version: "3.12" diff --git a/.github/workflows/publish.yaml b/.github/workflows/publish.yaml index d15b34e2fd..9e106a9e77 100644 --- a/.github/workflows/publish.yaml +++ b/.github/workflows/publish.yaml @@ -13,24 +13,24 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Set up Python 3.12 - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: "3.12" - name: Install build tools run: python -m pip install build - name: Build sdist run: python -m build --sdist library/ - - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: artifact-sdist path: library/dist/*.tar.gz - name: Build wheel run: python -m build --wheel library/ - - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: artifact-wheel path: library/dist/*.whl @@ -45,7 +45,7 @@ jobs: id-token: write # required by trusted publisher steps: - name: Download artifacts - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: path: library/dist pattern: artifact-* @@ -59,7 +59,7 @@ jobs: regex: '^refs/tags/[0-9]+\.[0-9]+\.[0-9]+(\.[0-9]+rc[0-9]+|rc[0-9]+)?$' - name: Upload package distributions to github if: ${{ steps.check-tag.outputs.match != '' }} - uses: svenstaro/upload-release-action@81c65b7cd4de9b2570615ce3aad67a41de5b1a13 # v2 + uses: svenstaro/upload-release-action@6b7fa9f267e90b50a19fef07b3596790bb941741 # v2 with: repo_token: ${{ secrets.GITHUB_TOKEN }} file: library/dist/* diff --git a/.github/workflows/renovate-config-validator.yml b/.github/workflows/renovate-config-validator.yml index 6c82649e0b..cdd96f4f58 100644 --- a/.github/workflows/renovate-config-validator.yml +++ b/.github/workflows/renovate-config-validator.yml @@ -29,7 +29,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout configuration - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false diff --git a/.github/workflows/renovate.yml b/.github/workflows/renovate.yml index 82c8a9fa9a..8315f747ec 100644 --- a/.github/workflows/renovate.yml +++ b/.github/workflows/renovate.yml @@ -60,19 +60,19 @@ jobs: steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Get token id: get-github-app-token - uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 + uses: actions/create-github-app-token@7e473efe3cb98aa54f8d4bac15400b15fad77d94 # v2.2.0 with: app-id: ${{ secrets.RENOVATE_APP_ID }} private-key: ${{ secrets.RENOVATE_APP_PEM }} - name: Self-hosted Renovate - uses: renovatebot/github-action@70ea19f1b0dc8a9cc7af1b4278f8d3fd9778b577 # v43.0.17 + uses: renovatebot/github-action@5712c6a41dea6cdf32c72d92a763bd417e6606aa # v44.0.5 with: configurationFile: .github/renovate.json5 token: "${{ steps.get-github-app-token.outputs.token }}" diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index 6d6b0e03bf..618f8f2c8a 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -22,7 +22,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -35,6 +35,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard - name: Upload to code-scanning - uses: github/codeql-action/upload-sarif@f443b600d91635bebf5b0d9ebc620189c0d6fba5 # v4.30.8 + uses: github/codeql-action/upload-sarif@fe4161a26a8629af62121b670040955b330f9af2 # v4.31.6 with: sarif_file: results.sarif diff --git a/.github/workflows/security-scan.yaml b/.github/workflows/security-scan.yaml index 59006adca3..cd5635d535 100644 --- a/.github/workflows/security-scan.yaml +++ b/.github/workflows/security-scan.yaml @@ -20,11 +20,11 @@ jobs: security-events: write # Needed to upload the results to code-scanning dashboard steps: - name: Checkout code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Run Zizmor scan - uses: open-edge-platform/geti-ci/actions/zizmor@60c5b06ac4b2c056f3567e84aa7fa06930cdc4e4 + uses: open-edge-platform/geti-ci/actions/zizmor@afe1729816efe6eb87b6b3a5643ad8aa44fba5ee with: scan-scope: "all" severity-level: "LOW" @@ -38,11 +38,11 @@ jobs: security-events: write # Needed to upload the results to code-scanning dashboard steps: - name: Checkout code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Run Bandit scan - uses: open-edge-platform/geti-ci/actions/bandit@60c5b06ac4b2c056f3567e84aa7fa06930cdc4e4 + uses: open-edge-platform/geti-ci/actions/bandit@afe1729816efe6eb87b6b3a5643ad8aa44fba5ee with: scan-scope: "all" severity-level: "LOW" @@ -57,12 +57,12 @@ jobs: security-events: write # Needed to upload the results to code-scanning dashboard steps: - name: Checkout code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Run Trivy scan id: trivy - uses: open-edge-platform/geti-ci/actions/trivy@60c5b06ac4b2c056f3567e84aa7fa06930cdc4e4 + uses: open-edge-platform/geti-ci/actions/trivy@afe1729816efe6eb87b6b3a5643ad8aa44fba5ee with: scan_type: "fs" scan-scope: all diff --git a/.github/workflows/stale_marker.yaml b/.github/workflows/stale_marker.yaml index 3d13c1331f..5625669bd2 100644 --- a/.github/workflows/stale_marker.yaml +++ b/.github/workflows/stale_marker.yaml @@ -10,7 +10,7 @@ jobs: stale: runs-on: ubuntu-latest steps: - - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 # v10.1.0 + - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1 with: stale-issue-message: "This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 7 days." stale-pr-message: "This PR is stale because it has been open 90 days with no activity." diff --git a/.github/workflows/ui-lint-and-test.yaml b/.github/workflows/ui-lint-and-test.yaml index d71047d6a9..92d867a12b 100644 --- a/.github/workflows/ui-lint-and-test.yaml +++ b/.github/workflows/ui-lint-and-test.yaml @@ -31,7 +31,7 @@ jobs: run_workflow: ${{ steps.run_workflow.outputs.run }} steps: - name: Checkout repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -65,17 +65,17 @@ jobs: contents: read # to checkout code steps: - name: Checkout code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: "3.13" - name: Install uv - uses: astral-sh/setup-uv@3259c6206f993105e3a61b142c2d97bf4b9ef83d # v7.1.0 + uses: astral-sh/setup-uv@1e862dfacbd1d6d858c55d9b792c756523627244 # v7.1.4 with: version: "0.9.7" enable-cache: false @@ -97,7 +97,7 @@ jobs: export PYTHONPATH=. uv run app/cli.py gen-api --target-path openapi-spec.json - - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: openapi-spec path: application/backend/openapi-spec.json @@ -111,11 +111,11 @@ jobs: contents: read # to checkout code steps: - name: Checkout code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 id: setup-node with: node-version-file: application/ui/.nvmrc @@ -132,7 +132,7 @@ jobs: working-directory: "application/ui" run: tar -czf dist.tar.gz dist - - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: ui-dist path: "application/ui/dist.tar.gz" @@ -148,11 +148,11 @@ jobs: contents: read # to checkout code steps: - name: Checkout code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 id: setup-node with: node-version-file: application/ui/.nvmrc @@ -162,7 +162,7 @@ jobs: run: npm ci - name: Download OpenAPI spec artifact - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: openapi-spec path: application/ui/src/api @@ -199,11 +199,11 @@ jobs: pull-requests: write steps: - name: Checkout code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false - - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 id: setup-node with: node-version-file: application/ui/.nvmrc @@ -213,7 +213,7 @@ jobs: run: npm ci - name: Download OpenAPI spec artifact - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: openapi-spec path: application/ui/src/api @@ -308,12 +308,12 @@ jobs: image: mcr.microsoft.com/playwright:v1.54.0-noble@sha256:18d6adb6aaccf1b0f30eba890069972e089138e4a59ddb5303d7e7290e4e38b6 steps: - name: Checkout code - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false ref: ${{ inputs.ref || '' }} - - uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 + - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0 id: setup-node with: node-version-file: application/ui/.nvmrc @@ -322,7 +322,7 @@ jobs: working-directory: "application/ui" run: npm ci - - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + - uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: ui-dist path: "application/ui" @@ -332,7 +332,7 @@ jobs: run: tar -xzf dist.tar.gz - name: Download OpenAPI spec artifact - uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0 + uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0 with: name: openapi-spec path: application/ui/src/api @@ -346,7 +346,7 @@ jobs: run: npm run test:component -- --project "component" - name: Upload blob report to GitHub Actions Artifacts - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 if: always() with: name: playwright-report