diff --git a/.github/workflows/glyphcheck.yml b/.github/workflows/glyphcheck.yml index 9f18c92..72edcc6 100644 --- a/.github/workflows/glyphcheck.yml +++ b/.github/workflows/glyphcheck.yml @@ -34,7 +34,7 @@ jobs: glyphcheck: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-go@v6 with: { go-version: "${{ env.GO_VERSION }}" } - name: linter self-test (stdlib only, offline) diff --git a/.github/workflows/kit-autobump.yml b/.github/workflows/kit-autobump.yml index 021384f..741785c 100644 --- a/.github/workflows/kit-autobump.yml +++ b/.github/workflows/kit-autobump.yml @@ -23,7 +23,7 @@ jobs: runs-on: ubuntu-latest steps: # Bot token so the PR triggers validate.yml (which gates auto-merge). - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: token: ${{ secrets.KIT_RELEASE_TOKEN }} - uses: actions/setup-go@v6 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index d1eaa1d..5ef631c 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -39,7 +39,7 @@ jobs: # outputs the arcade re-verifies server-side anyway). dirs: ${{ steps.changed.outputs.dirs }} steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: fetch-depth: 0 # full history for the changed-dirs diff persist-credentials: false # this job compiles untrusted code — no token on disk @@ -183,7 +183,7 @@ jobs: contents: write # cut releases pull-requests: write # upsert the verified:false comment on the merged PR steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: fetch-depth: 0 # all tags for N derivation + CHANGELOG notes persist-credentials: false # gh uses GH_TOKEN from env; git stays read-only diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index 8b33ccb..87fc95a 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -22,7 +22,7 @@ jobs: submissions: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: { fetch-depth: 0 } - name: changed game dirs diff --git a/.github/workflows/vulncheck.yml b/.github/workflows/vulncheck.yml index d6ac231..cffc950 100644 --- a/.github/workflows/vulncheck.yml +++ b/.github/workflows/vulncheck.yml @@ -38,7 +38,7 @@ jobs: go-games: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-go@v6 with: { go-version: "${{ env.GO_VERSION }}" } - name: govulncheck every Go game @@ -59,7 +59,7 @@ jobs: rust-games: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: cargo-audit every Rust game run: | cargo install cargo-audit --locked --version "${CARGO_AUDIT_VERSION}"