diff --git a/.github/workflows/_bazel.yml b/.github/workflows/_bazel.yml index 30b03d5e7..597b9ad40 100644 --- a/.github/workflows/_bazel.yml +++ b/.github/workflows/_bazel.yml @@ -58,7 +58,7 @@ jobs: target: /home/runner/.cache chown: "runner:runner" - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Setup Bazel uses: bazelbuild/setup-bazelisk@b39c379c82683a5f25d34f0d062761f62693e0b2 # v3 - name: Install libtinfo5 @@ -81,7 +81,7 @@ jobs: - name: RBE auth check id: rbe if: inputs.rbe && github.event_name == 'pull_request' - uses: envoyproxy/toolshed/actions/github/container/auth@f3c0acc8c3799305101f5669042b388edfb070c7 + uses: envoyproxy/toolshed/actions/github/container/auth@5171ddd579f53dcef432bc54e16e2d2c90864968 with: container: hello-world - name: Bazel targets (${{ inputs.action }}/${{ inputs.bazel-mode }}) @@ -145,7 +145,7 @@ jobs: name: Bazel (x-compile x86 -> arm) steps: - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Setup Bazel uses: bazelbuild/setup-bazelisk@b39c379c82683a5f25d34f0d062761f62693e0b2 # v3 - name: Install libtinfo5 @@ -186,7 +186,7 @@ jobs: name: Bazel (x-compile arm -> x86) steps: - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Setup Bazel uses: bazelbuild/setup-bazelisk@b39c379c82683a5f25d34f0d062761f62693e0b2 # v3 - name: Install libtinfo5 diff --git a/.github/workflows/_bazel_registry.yml b/.github/workflows/_bazel_registry.yml index 6e064e054..f634dc4b2 100644 --- a/.github/workflows/_bazel_registry.yml +++ b/.github/workflows/_bazel_registry.yml @@ -39,7 +39,7 @@ jobs: outputs: versions: ${{ steps.versions.outputs.value }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: envoyproxy/toolshed/actions/jq@5171ddd579f53dcef432bc54e16e2d2c90864968 # actions-v0.4.13 id: versions with: @@ -61,7 +61,7 @@ jobs: matrix: version: ${{ fromJSON(needs.module.outputs.versions) }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: envoyproxy/toolshed/actions/jq@5171ddd579f53dcef432bc54e16e2d2c90864968 # actions-v0.4.13 with: input: ${{ inputs.modules-root }}/modules/${{ inputs.module }}/${{ matrix.version }}/${{ inputs.source }} diff --git a/.github/workflows/_publish_release.yml b/.github/workflows/_publish_release.yml index 6ae371879..96f9def31 100644 --- a/.github/workflows/_publish_release.yml +++ b/.github/workflows/_publish_release.yml @@ -111,7 +111,7 @@ jobs: token: ${{ steps.appauth.outputs.token }} - if: inputs.dry-run - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: path: temprepo - if: inputs.dry-run @@ -216,7 +216,7 @@ jobs: && ! fromJSON(needs.release.outputs.version).is_dev runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Get docker version id: docker-version diff --git a/.github/workflows/actions.yml b/.github/workflows/actions.yml index 2aa850678..2e8e330c8 100644 --- a/.github/workflows/actions.yml +++ b/.github/workflows/actions.yml @@ -51,7 +51,7 @@ jobs: matrix: test: ${{ fromJSON(needs.request.outputs.tests) }} steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Run test uses: envoyproxy/toolshed/actions/test-runner@5171ddd579f53dcef432bc54e16e2d2c90864968 # actions-v0.4.13 with: diff --git a/.github/workflows/bazel.yml b/.github/workflows/bazel.yml index 1d81d386d..67786c036 100644 --- a/.github/workflows/bazel.yml +++ b/.github/workflows/bazel.yml @@ -142,13 +142,13 @@ jobs: - bzlmod steps: - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Setup Bazel uses: bazelbuild/setup-bazelisk@b39c379c82683a5f25d34f0d062761f62693e0b2 # v3 - name: RBE auth check id: rbe if: github.event_name == 'pull_request' - uses: envoyproxy/toolshed/actions/github/container/auth@f3c0acc8c3799305101f5669042b388edfb070c7 + uses: envoyproxy/toolshed/actions/github/container/auth@5171ddd579f53dcef432bc54e16e2d2c90864968 with: container: hello-world - name: Configure repo Bazel settings diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index edf2a4014..dc60cc1ec 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -49,18 +49,18 @@ jobs: chown: "runner:runner" - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Initialize CodeQL - uses: github/codeql-action/init@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 + uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 with: languages: ${{ matrix.language }} config-file: ./.github/codeql/codeql-config.yml - name: Autobuild - uses: github/codeql-action/autobuild@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 + uses: github/codeql-action/autobuild@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 + uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index a740ce36e..d416c9a1e 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -21,7 +21,7 @@ jobs: sudo rm -rf /usr/local/lib/android & sudo rm -rf /usr/share/dotnet & - name: Checkout code - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Install deps shell: bash run: | diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index e723633fa..cb1137eb0 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -45,10 +45,10 @@ jobs: - arm64 name: build (${{ matrix.arch }}) steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 + uses: docker/setup-buildx-action@d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5 # v4.1.0 - name: Get docker version id: docker-version diff --git a/.github/workflows/jq.yml b/.github/workflows/jq.yml index 40a69b103..0d02ffeda 100644 --- a/.github/workflows/jq.yml +++ b/.github/workflows/jq.yml @@ -34,7 +34,7 @@ jobs: if: fromJSON(needs.request.outputs.run) steps: - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Verify tools run: | jq --version diff --git a/.github/workflows/js.yml b/.github/workflows/js.yml index 1a74a8303..b16aa54ac 100644 --- a/.github/workflows/js.yml +++ b/.github/workflows/js.yml @@ -48,7 +48,7 @@ jobs: - retest - torun steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 1391c1c1e..76419cb08 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -19,7 +19,7 @@ jobs: lint: runs-on: ubuntu-24.04 steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.13" diff --git a/.github/workflows/py.yml b/.github/workflows/py.yml index 2c9fde2a1..f3354fa57 100644 --- a/.github/workflows/py.yml +++ b/.github/workflows/py.yml @@ -45,7 +45,7 @@ jobs: github.repository_owner == 'envoyproxy' && fromJSON(needs.request.outputs.run) steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.12" @@ -68,7 +68,7 @@ jobs: if: >- fromJSON(needs.request.outputs.run) steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.12" @@ -86,7 +86,7 @@ jobs: if: >- fromJSON(needs.request.outputs.run) steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.12" @@ -102,7 +102,7 @@ jobs: # TODO: reenable once plugin is fixed if: false steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.12" @@ -125,7 +125,7 @@ jobs: if: >- fromJSON(needs.request.outputs.run) steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version: "3.12" diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index db23b2ead..0704aff03 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -47,7 +47,7 @@ jobs: - integration name: test (${{ matrix.toolchain }}, ${{ matrix.test-type }}) steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 # v1 with: toolchain: ${{ matrix.toolchain }} @@ -81,7 +81,7 @@ jobs: runs-on: ubuntu-24.04-arm rust-target: aarch64-unknown-linux-gnu steps: - - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Install Rust toolchain uses: actions-rust-lang/setup-rust-toolchain@46268bd060767258de96ed93c1251119784f2ab6 # v1 diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 13d560a15..fce496004 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -25,7 +25,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false @@ -44,6 +44,6 @@ jobs: retention-days: 5 - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@68bde559dea0fdcac2102bfdf6230c5f70eb485e # v4.35.4 + uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 with: sarif_file: results.sarif diff --git a/.github/workflows/sh.yml b/.github/workflows/sh.yml index 9f0b13c04..91579cf0c 100644 --- a/.github/workflows/sh.yml +++ b/.github/workflows/sh.yml @@ -44,7 +44,7 @@ jobs: steps: - name: Checkout Repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - run: | sudo apt-get update sudo apt-get -qq install -y inotify-tools diff --git a/.github/workflows/update-versions.yml b/.github/workflows/update-versions.yml index f35e6666e..ede80e6fb 100644 --- a/.github/workflows/update-versions.yml +++ b/.github/workflows/update-versions.yml @@ -35,7 +35,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Determine release tag id: release env: