diff --git a/.github/workflows/cargo-deny.yml b/.github/workflows/cargo-deny.yml index 44672ea..308f03b 100644 --- a/.github/workflows/cargo-deny.yml +++ b/.github/workflows/cargo-deny.yml @@ -19,7 +19,7 @@ jobs: name: cargo-deny (licenses + advisories + bans) runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: EmbarkStudios/cargo-deny-action@6c8f9facfa5047ec02d8485b6bf52b587b7777d1 # v2 with: command: check diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2d85f37..6f70f1f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,7 +16,7 @@ jobs: name: fmt runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.2 - uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: components: rustfmt @@ -26,7 +26,7 @@ jobs: name: clippy runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.2 - uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: components: clippy @@ -46,7 +46,7 @@ jobs: name: leptos build runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.2 - uses: dtolnay/rust-toolchain@29eef336d9b2848a0b548edc03f92a220660cdb8 # stable with: targets: wasm32-unknown-unknown diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 50ce103..7349de2 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -22,7 +22,7 @@ jobs: matrix: language: ['javascript-typescript'] steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.2 - uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 with: languages: ${{ matrix.language }} diff --git a/.github/workflows/commitlint.yml b/.github/workflows/commitlint.yml index 630cda2..4e21830 100644 --- a/.github/workflows/commitlint.yml +++ b/.github/workflows/commitlint.yml @@ -13,7 +13,7 @@ jobs: name: commitlint runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 1681cec..5d4172b 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -19,7 +19,7 @@ jobs: name: Dependency review runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4 with: diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml index d0e84aa..5a997a7 100644 --- a/.github/workflows/gitleaks.yml +++ b/.github/workflows/gitleaks.yml @@ -29,7 +29,7 @@ jobs: name: gitleaks (secret scan) runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v6.0.2 with: fetch-depth: 0 # full history so commit-range scan covers the whole tree - name: Install gitleaks diff --git a/.github/workflows/link-check.yml b/.github/workflows/link-check.yml index ec02b2d..1e15c45 100644 --- a/.github/workflows/link-check.yml +++ b/.github/workflows/link-check.yml @@ -25,7 +25,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Run lychee uses: lycheeverse/lychee-action@8646ba30535128ac92d33dfc9133794bfdd9b411 # v2.8.0