diff --git a/.github/workflows/action-lint.yaml b/.github/workflows/action-lint.yaml index 6799668f7d..68db90ee8b 100644 --- a/.github/workflows/action-lint.yaml +++ b/.github/workflows/action-lint.yaml @@ -19,7 +19,7 @@ jobs: pull-requests: write checks: write steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: "Run reviewdog actionlint" @@ -36,7 +36,7 @@ jobs: actions: read # only needed for private repos steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/checks.yaml b/.github/workflows/checks.yaml index 88746a0ba8..f6639caad5 100644 --- a/.github/workflows/checks.yaml +++ b/.github/workflows/checks.yaml @@ -41,7 +41,7 @@ jobs: - lib/identifier - tests-bdd steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 persist-credentials: false @@ -106,7 +106,7 @@ jobs: env: TLS_ENABLED: "true" steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 @@ -185,7 +185,7 @@ jobs: env: TLS_ENABLED: "true" steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 @@ -349,7 +349,7 @@ jobs: needs: benchmark runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -375,7 +375,7 @@ jobs: name: image build runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1 @@ -417,7 +417,7 @@ jobs: sudo cp mkcert-v*-linux-amd64 /usr/local/bin/mkcert - name: "Checkout" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 @@ -482,7 +482,7 @@ jobs: name: Protocol Buffer Lint and Gencode Up-to-date check runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - uses: bufbuild/buf-setup-action@a47c93e0b1648d5651a065437926377d060baa99 # v1.50.0 @@ -551,7 +551,7 @@ jobs: name: license check runs-on: ubuntu-22.04 steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml index 347c4cdd1e..f6cc7a048d 100644 --- a/.github/workflows/codeql.yaml +++ b/.github/workflows/codeql.yaml @@ -25,7 +25,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml index 9fa9020e4c..c3e874251d 100644 --- a/.github/workflows/dependency-review.yaml +++ b/.github/workflows/dependency-review.yaml @@ -37,7 +37,7 @@ jobs: - name: Checkout if: ${{ github.event_name != 'merge_group' }} - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/friendly-reminders.yaml b/.github/workflows/friendly-reminders.yaml index 9e12591706..8658db7a52 100644 --- a/.github/workflows/friendly-reminders.yaml +++ b/.github/workflows/friendly-reminders.yaml @@ -13,7 +13,7 @@ jobs: pull-requests: write runs-on: ubuntu-latest steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 diff --git a/.github/workflows/nightly-build.yaml b/.github/workflows/nightly-build.yaml index 8d6c7ddb6e..fff23d5597 100644 --- a/.github/workflows/nightly-build.yaml +++ b/.github/workflows/nightly-build.yaml @@ -14,7 +14,7 @@ jobs: permissions: id-token: write steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - name: "Authenticate to Google Cloud (Push to Public registry)" diff --git a/.github/workflows/nightly-checks.yaml b/.github/workflows/nightly-checks.yaml index 30ab78ea43..03e9345712 100644 --- a/.github/workflows/nightly-checks.yaml +++ b/.github/workflows/nightly-checks.yaml @@ -16,7 +16,7 @@ jobs: contents: read steps: ######## CHECKOUT/SETUP PLATFORM ############# - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 path: platform @@ -61,7 +61,7 @@ jobs: working-directory: platform ######## CHECKOUT/BUILD 'otdfctl' ############# - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: repository: opentdf/otdfctl ref: main diff --git a/.github/workflows/release-build.yaml b/.github/workflows/release-build.yaml index 61d0e5fa21..fd26e62307 100644 --- a/.github/workflows/release-build.yaml +++ b/.github/workflows/release-build.yaml @@ -13,7 +13,7 @@ jobs: permissions: id-token: write steps: - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/reusable_backport.yaml b/.github/workflows/reusable_backport.yaml index 569bdf0b8b..544c7ef277 100644 --- a/.github/workflows/reusable_backport.yaml +++ b/.github/workflows/reusable_backport.yaml @@ -35,7 +35,7 @@ jobs: private-key: ${{ secrets.AUTOMATION_KEY }} - name: "Checkout" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: true token: ${{ steps.generate-token.outputs.token }} diff --git a/.github/workflows/reusable_create-release-branch.yaml b/.github/workflows/reusable_create-release-branch.yaml index 82ea6659c9..0e5afccbf6 100644 --- a/.github/workflows/reusable_create-release-branch.yaml +++ b/.github/workflows/reusable_create-release-branch.yaml @@ -33,7 +33,7 @@ jobs: private-key: ${{ secrets.AUTOMATION_KEY }} - name: "Checkout" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: true fetch-depth: 0 diff --git a/.github/workflows/reusable_release-please.yaml b/.github/workflows/reusable_release-please.yaml index 987a47da9c..1f9ea3eeb5 100644 --- a/.github/workflows/reusable_release-please.yaml +++ b/.github/workflows/reusable_release-please.yaml @@ -70,7 +70,7 @@ jobs: exit 1 - name: "Checkout" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -161,7 +161,7 @@ jobs: private-key: ${{ secrets.AUTOMATION_KEY }} - name: "Checkout repo" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: true ref: ${{ fromJSON(needs.release-please.outputs.prs)[0].headBranchName }} diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml index 34ae92bc46..9045621428 100644 --- a/.github/workflows/sonarcloud.yml +++ b/.github/workflows/sonarcloud.yml @@ -19,7 +19,7 @@ jobs: steps: - name: "Checkout repo" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false @@ -55,7 +55,7 @@ jobs: contents: read steps: - name: "Checkout repo" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 persist-credentials: false diff --git a/.github/workflows/traffic.yaml b/.github/workflows/traffic.yaml index c86b930c9f..175e3ecf20 100644 --- a/.github/workflows/traffic.yaml +++ b/.github/workflows/traffic.yaml @@ -30,7 +30,7 @@ jobs: private-key: "${{ secrets.AUTOMATION_KEY }}" owner: opentdf - name: checkout repo - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false