diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 5de11dda6d6b0..0c3d9c75c14c1 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -51,7 +51,7 @@ jobs: run: echo C:\Program Files\Git\usr\bin>>"%GITHUB_PATH%" - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 with: diff --git a/.github/workflows/chromatic.yml b/.github/workflows/chromatic.yml index dd64b0ba60721..13542dc1d91f5 100644 --- a/.github/workflows/chromatic.yml +++ b/.github/workflows/chromatic.yml @@ -59,7 +59,7 @@ jobs: egress-policy: audit - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: # Provides the Pull Request commit SHA or the GitHub merge group ref ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.ref }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 8478f5720fde0..450ac5dd3f628 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -46,7 +46,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 24ba07cfcf1cd..150486d514759 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -31,7 +31,7 @@ jobs: egress-policy: audit - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Review Dependencies uses: actions/dependency-review-action@da24556b548a50705dd671f47852072ea4c105d9 # v4.7.1 diff --git a/.github/workflows/find-inactive-collaborators.yml b/.github/workflows/find-inactive-collaborators.yml index 906ad58fee9dd..2f2e1d494e1c6 100644 --- a/.github/workflows/find-inactive-collaborators.yml +++ b/.github/workflows/find-inactive-collaborators.yml @@ -21,7 +21,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Report inactive collaborators id: inactive diff --git a/.github/workflows/lighthouse.yml b/.github/workflows/lighthouse.yml index e2809821cc7dc..87110aea99e08 100644 --- a/.github/workflows/lighthouse.yml +++ b/.github/workflows/lighthouse.yml @@ -70,7 +70,7 @@ jobs: egress-policy: audit - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: # Provides the Pull Request commit SHA or the GitHub merge group ref ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.ref }} diff --git a/.github/workflows/lint-and-tests.yml b/.github/workflows/lint-and-tests.yml index 01b311dbcb12b..ac0cd365b8607 100644 --- a/.github/workflows/lint-and-tests.yml +++ b/.github/workflows/lint-and-tests.yml @@ -48,7 +48,7 @@ jobs: egress-policy: audit - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Restore Lint Cache uses: actions/cache/restore@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3 @@ -121,7 +121,7 @@ jobs: egress-policy: audit - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set up pnpm uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 diff --git a/.github/workflows/playwright-cloudflare-open-next.yml b/.github/workflows/playwright-cloudflare-open-next.yml index 746aecb149e61..bb8edf006d636 100644 --- a/.github/workflows/playwright-cloudflare-open-next.yml +++ b/.github/workflows/playwright-cloudflare-open-next.yml @@ -34,7 +34,7 @@ jobs: egress-policy: audit - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 2 diff --git a/.github/workflows/playwright.yml b/.github/workflows/playwright.yml index d143cc7d45cb4..2f7a8969b49ea 100644 --- a/.github/workflows/playwright.yml +++ b/.github/workflows/playwright.yml @@ -60,7 +60,7 @@ jobs: egress-policy: audit - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 2 diff --git a/.github/workflows/publish-packages.yml b/.github/workflows/publish-packages.yml index 05471fdf28f56..b349a68176607 100644 --- a/.github/workflows/publish-packages.yml +++ b/.github/workflows/publish-packages.yml @@ -60,7 +60,7 @@ jobs: echo "✅ Commit is verified and trusted." - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 2 # Need at least 2 commits to detect changes between commits @@ -108,7 +108,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set up pnpm uses: pnpm/action-setup@a7487c7e89a18df4991f7f222e4898a00d66ddda # v4.1.0 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 97dacbe6d149f..ef8e4c889d64c 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -37,7 +37,7 @@ jobs: egress-policy: audit - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/sync-orama.yml b/.github/workflows/sync-orama.yml index 4814e7af56856..4efa07ce2e905 100644 --- a/.github/workflows/sync-orama.yml +++ b/.github/workflows/sync-orama.yml @@ -33,7 +33,7 @@ jobs: steps: - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: ref: ${{ github.event_name == 'pull_request_target' && github.event.pull_request.head.sha || github.ref }} diff --git a/.github/workflows/translations-sync.yml b/.github/workflows/translations-sync.yml index e8f62615e23f8..37ab91b431d22 100644 --- a/.github/workflows/translations-sync.yml +++ b/.github/workflows/translations-sync.yml @@ -31,7 +31,7 @@ jobs: egress-policy: audit - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: token: ${{ secrets.CROWDIN_GITHUB_BOT_TOKEN }} @@ -71,7 +71,7 @@ jobs: egress-policy: audit - name: Git Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: ref: ${{ env.BRANCH_NAME }} token: ${{ secrets.CROWDIN_GITHUB_BOT_TOKEN }} diff --git a/.github/workflows/translations-upload.yml b/.github/workflows/translations-upload.yml index 5f1ffc4b2f5cf..c3c0b4c455e27 100644 --- a/.github/workflows/translations-upload.yml +++ b/.github/workflows/translations-upload.yml @@ -23,7 +23,7 @@ jobs: egress-policy: audit - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 # see all the options at https://github.com/crowdin/github-action - name: crowdin action