diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 01c014e83..75399827a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -22,7 +22,7 @@ jobs: contents: write steps: - &checkout-simple - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - &mise-install uses: jdx/mise-action@6d1e696aa24c1aa1bcc1adea0212707c71ab78a8 # v3.6.1 with: @@ -80,7 +80,7 @@ jobs: gradle-args: -x artifactoryPublish - name: Upload test results if: always() && ! cancelled() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: test-results path: '**/test-results/**/*.xml' @@ -117,13 +117,13 @@ jobs: gradle-args: -x artifactoryPublish -x sonar - name: Upload test results if: always() && ! cancelled() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: qa-os-win-test-results path: '**/test-results/**/*.xml' - name: Upload reports if: always() && ! cancelled() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: qa-os-win-reports path: '**/build/reports/**/*' @@ -141,7 +141,7 @@ jobs: SQ_VERSION: [LATEST_RELEASE, DEV] steps: - &checkout-submodules - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: submodules: true - *mise-install @@ -183,13 +183,13 @@ jobs: -x artifactoryPublish - name: Upload test results if: always() && ! cancelled() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: qa-plugin-test-results-${{ matrix.SQ_VERSION }} path: '**/test-results/**/*.xml' - name: Upload reports if: always() && ! cancelled() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: qa-plugin-reports-${{ matrix.SQ_VERSION }} path: '**/build/reports/**/*' @@ -233,13 +233,13 @@ jobs: -x artifactoryPublish - name: Upload test results if: always() && ! cancelled() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: qa-ruling-test-results-${{ matrix.PHP_PROJECT }} path: '**/test-results/**/*.xml' - name: Upload reports if: always() && ! cancelled() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: qa-ruling-reports-${{ matrix.PHP_PROJECT }} path: '**/build/reports/**/*' @@ -279,13 +279,13 @@ jobs: -x artifactoryPublish - name: Upload test results if: always() && ! cancelled() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: qa-pr-analysis-test-results path: '**/test-results/**/*.xml' - name: Upload reports if: always() && ! cancelled() - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 + uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0 with: name: qa-pr-analysis-reports path: '**/build/reports/**/*' diff --git a/.github/workflows/bump-versions.yaml b/.github/workflows/bump-versions.yaml index 8ff16d7c7..74f25b816 100644 --- a/.github/workflows/bump-versions.yaml +++ b/.github/workflows/bump-versions.yaml @@ -20,13 +20,13 @@ jobs: contents: write # write for peter-evans/create-pull-request, read for actions/checkout pull-requests: write # write for peter-evans/create-pull-request steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6 - env: VERSION: ${{ inputs.version }} run: | sed -i "s/version=.*/version=$VERSION/" gradle.properties cd php-custom-rules-plugin/maven && mvn versions:set -DgenerateBackupPoms=false -DnewVersion=$VERSION - - uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 + - uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8 with: author: ${{ github.actor }} <${{ github.actor }}> commit-message: Prepare next development iteration diff --git a/.github/workflows/shadow_scan.yml b/.github/workflows/shadow_scan.yml index 9cd22bcba..519f6cf9b 100644 --- a/.github/workflows/shadow_scan.yml +++ b/.github/workflows/shadow_scan.yml @@ -18,7 +18,7 @@ jobs: name: Build if: github.event_name != 'pull_request' || contains(github.event.pull_request.labels.*.name, 'shadow_scan') steps: - - uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - uses: jdx/mise-action@6d1e696aa24c1aa1bcc1adea0212707c71ab78a8 # v3.6.1 with: version: 2026.1.12