diff --git a/.github/workflows/_reusable-check-api-for-breaking-changes.yml b/.github/workflows/_reusable-check-api-for-breaking-changes.yml index bbd97221..a53d46a9 100644 --- a/.github/workflows/_reusable-check-api-for-breaking-changes.yml +++ b/.github/workflows/_reusable-check-api-for-breaking-changes.yml @@ -14,7 +14,7 @@ jobs: env: PACKAGE_NAME: ${{ inputs.package-name }} steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 - name: Set up Python diff --git a/.github/workflows/_reusable-codeql-analysis.yml b/.github/workflows/_reusable-codeql-analysis.yml index 8abf4cbe..29bfd84b 100644 --- a/.github/workflows/_reusable-codeql-analysis.yml +++ b/.github/workflows/_reusable-codeql-analysis.yml @@ -25,7 +25,7 @@ jobs: language: ${{ fromJSON(inputs.languages-array) }} steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Initialize CodeQL uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 with: diff --git a/.github/workflows/_reusable-enforce-community-standards.yml b/.github/workflows/_reusable-enforce-community-standards.yml index 79211e91..4088e3ba 100644 --- a/.github/workflows/_reusable-enforce-community-standards.yml +++ b/.github/workflows/_reusable-enforce-community-standards.yml @@ -21,7 +21,7 @@ jobs: - .github/@(dependabot.@(yml|yaml)|renovate.json) - .github/workflows/codeql-analysis.@(yml|yaml) steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Ensure ${{ matrix.filename }} exists uses: andstor/file-existence-action@558493d6c74bf472d87c84eab196434afc2fa029 # v3.1.0 with: diff --git a/.github/workflows/_reusable-package-build.yml b/.github/workflows/_reusable-package-build.yml index 1d98c63e..419538a2 100644 --- a/.github/workflows/_reusable-package-build.yml +++ b/.github/workflows/_reusable-package-build.yml @@ -34,7 +34,7 @@ jobs: id-token: write attestations: write steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 - uses: hynek/build-and-inspect-python-package@d44ca7d91762de7a7d5436ddae667c6da6d1c3df # v2.18.0 diff --git a/.github/workflows/_reusable-package-release.yml b/.github/workflows/_reusable-package-release.yml index 1722db64..a7ef9ae7 100644 --- a/.github/workflows/_reusable-package-release.yml +++ b/.github/workflows/_reusable-package-release.yml @@ -91,7 +91,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 fetch-tags: true @@ -144,7 +144,7 @@ jobs: id-token: write contents: write steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 fetch-tags: true @@ -189,7 +189,7 @@ jobs: id-token: write attestations: write steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: main # Make sure to check out the latest commit on main, not the original commit that triggered the workflow fetch-depth: 0 @@ -252,7 +252,7 @@ jobs: id-token: write contents: write steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: main # Make sure to check out the latest commit on main, not the original commit that triggered the workflow fetch-depth: 0 diff --git a/.github/workflows/_reusable-package-testpypi.yml b/.github/workflows/_reusable-package-testpypi.yml index aae58514..3794add5 100644 --- a/.github/workflows/_reusable-package-testpypi.yml +++ b/.github/workflows/_reusable-package-testpypi.yml @@ -28,7 +28,7 @@ jobs: id-token: write attestations: write steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 - uses: tektronix/python-package-ci-cd/actions/create_unique_testpypi_version@v1.9.6 @@ -68,7 +68,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Set up Python uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: diff --git a/.github/workflows/_reusable-publish-api-comparison.yml b/.github/workflows/_reusable-publish-api-comparison.yml index 3ebabc38..1f8a5513 100644 --- a/.github/workflows/_reusable-publish-api-comparison.yml +++ b/.github/workflows/_reusable-publish-api-comparison.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest if: ${{ github.event.workflow_run.event == 'pull_request' && !contains(fromJSON('["skipped", "cancelled", "failed"]'), github.event.workflow_run.conclusion) }} steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Download and Extract Artifacts uses: dawidd6/action-download-artifact@b6e2e70617bc3265edd6dab6c906732b2f1ae151 # v21 with: diff --git a/.github/workflows/_reusable-publish-test-results.yml b/.github/workflows/_reusable-publish-test-results.yml index e39684e0..4fc08f23 100644 --- a/.github/workflows/_reusable-publish-test-results.yml +++ b/.github/workflows/_reusable-publish-test-results.yml @@ -21,7 +21,7 @@ jobs: matrix: os-name: ${{ fromJSON(inputs.operating-systems-array) }} steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - name: Download and Extract Artifacts uses: dawidd6/action-download-artifact@b6e2e70617bc3265edd6dab6c906732b2f1ae151 # v21 with: diff --git a/.github/workflows/_reusable-sbom-scan.yml b/.github/workflows/_reusable-sbom-scan.yml index 1c1dd6ef..671926a3 100644 --- a/.github/workflows/_reusable-sbom-scan.yml +++ b/.github/workflows/_reusable-sbom-scan.yml @@ -18,7 +18,7 @@ jobs: create-and-scan-sbom: runs-on: ubuntu-latest steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - uses: actions/setup-python@a309ff8b426b58ec0e2a45f0f869d46889d02405 # v6.2.0 with: python-version-file: pyproject.toml diff --git a/.github/workflows/_reusable-test-code.yml b/.github/workflows/_reusable-test-code.yml index ffe3f46e..f2289a2a 100644 --- a/.github/workflows/_reusable-test-code.yml +++ b/.github/workflows/_reusable-test-code.yml @@ -51,7 +51,7 @@ jobs: os-name: ${{ fromJSON(inputs.operating-systems-array) }} python-version: ${{ fromJSON(inputs.python-versions-array) }} steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: lts/* @@ -103,7 +103,7 @@ jobs: matrix: os-name: ${{ fromJSON(inputs.operating-systems-array) }} steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: lts/* @@ -141,7 +141,7 @@ jobs: needs: test-fast runs-on: ubuntu-latest steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: path: artifacts diff --git a/.github/workflows/_reusable-test-docs.yml b/.github/workflows/_reusable-test-docs.yml index ecf9ce24..fa87cabe 100644 --- a/.github/workflows/_reusable-test-docs.yml +++ b/.github/workflows/_reusable-test-docs.yml @@ -28,7 +28,7 @@ jobs: matrix: tox-env: ${{ fromJSON(inputs.tox-env-array) }} steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: ${{ inputs.node-version }} diff --git a/.github/workflows/_reusable-update-python-and-pre-commit-dependencies.yml b/.github/workflows/_reusable-update-python-and-pre-commit-dependencies.yml index 6544ba0b..4a995356 100644 --- a/.github/workflows/_reusable-update-python-and-pre-commit-dependencies.yml +++ b/.github/workflows/_reusable-update-python-and-pre-commit-dependencies.yml @@ -71,7 +71,7 @@ jobs: permissions: contents: write steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 ref: ${{ github.head_ref }}