diff --git a/.github/workflows/cd.yml b/.github/workflows/cd.yml index d7c1441..0d769ac 100644 --- a/.github/workflows/cd.yml +++ b/.github/workflows/cd.yml @@ -25,7 +25,7 @@ jobs: id-token: write attestations: write steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: fetch-tags: true @@ -56,7 +56,7 @@ jobs: python -m build - name: Generate SLSA build provenance attestation - uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0 + uses: actions/attest-build-provenance@0f67c3f4856b2e3261c31976d6725780e5e4c373 # v4.1.1 with: subject-path: 'dist/*' @@ -69,7 +69,7 @@ jobs: attestations: true - name: Create GitHub Release - uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0 + uses: softprops/action-gh-release@718ea10b132b3b2eba29c1007bb80653f286566b # v3.0.1 with: tag_name: v${{ steps.pkg.outputs.version }} name: v${{ steps.pkg.outputs.version }} diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index fad8ef2..e814372 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -14,7 +14,7 @@ jobs: security: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: fetch-depth: 0 @@ -43,7 +43,7 @@ jobs: licenses: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-python@v6 with: @@ -65,7 +65,7 @@ jobs: matrix: python-version: ["3.11", "3.12", "3.13"] steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-python@v6 with: diff --git a/.github/workflows/claude-security-review.yml b/.github/workflows/claude-security-review.yml index a821b19..2d67130 100644 --- a/.github/workflows/claude-security-review.yml +++ b/.github/workflows/claude-security-review.yml @@ -28,7 +28,7 @@ jobs: echo "skip=false" >> "$GITHUB_OUTPUT" fi - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 if: steps.gate.outputs.skip == 'false' with: ref: ${{ github.event.pull_request.head.sha || github.sha }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 44fea7c..7af5875 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -22,7 +22,7 @@ jobs: # (script injection, missing permissions, etc.). language: [python, actions] steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Initialize CodeQL uses: github/codeql-action/init@v4 diff --git a/.github/workflows/setup.yml b/.github/workflows/setup.yml index f0040b3..9006c64 100644 --- a/.github/workflows/setup.yml +++ b/.github/workflows/setup.yml @@ -15,7 +15,7 @@ jobs: permissions: issues: write steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - name: Check if template id: check diff --git a/.github/workflows/update-changelog.yml b/.github/workflows/update-changelog.yml index 94c98a7..91c3259 100644 --- a/.github/workflows/update-changelog.yml +++ b/.github/workflows/update-changelog.yml @@ -19,7 +19,7 @@ jobs: update: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: ref: main token: ${{ secrets.GITHUB_TOKEN }}