diff --git a/.github/workflows/actionlint.yml b/.github/workflows/actionlint.yml index 6467c48..e8f78dc 100644 --- a/.github/workflows/actionlint.yml +++ b/.github/workflows/actionlint.yml @@ -17,7 +17,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: devops-actions/actionlint@e7ee33fbf5aa8c9f9ee1145137f3e52e25d6a35b #v0.1.3 continue-on-error: true id: action-lint diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml index 9f29b52..94d0cb8 100644 --- a/.github/workflows/bandit.yml +++ b/.github/workflows/bandit.yml @@ -44,7 +44,7 @@ jobs: pypi.org:443 - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Bandit Scan uses: shundor/python-bandit-scan@9cc5aa4a006482b8a7f91134412df6772dbda22c with: # optional arguments diff --git a/.github/workflows/black.yml b/.github/workflows/black.yml index 2dcbec7..d05fc5b 100644 --- a/.github/workflows/black.yml +++ b/.github/workflows/black.yml @@ -18,5 +18,5 @@ jobs: github.com:443 pypi.org:443 - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: psf/black@1b2427a2b785cc4aac97c19bb4b9a0de063f9547 # stable diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml index fddd67f..a060bbe 100644 --- a/.github/workflows/codacy.yml +++ b/.github/workflows/codacy.yml @@ -41,7 +41,7 @@ jobs: egress-policy: audit - name: Checkout code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis - name: Run Codacy Analysis CLI diff --git a/.github/workflows/codecov.yml b/.github/workflows/codecov.yml index 1ac66ac..9792072 100644 --- a/.github/workflows/codecov.yml +++ b/.github/workflows/codecov.yml @@ -13,7 +13,7 @@ jobs: egress-policy: audit - name: Checkout - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 - name: Install pytest diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e2c0da1..1532a82 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -46,7 +46,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/defender-for-devops.yml b/.github/workflows/defender-for-devops.yml index 060c40d..9e8d635 100644 --- a/.github/workflows/defender-for-devops.yml +++ b/.github/workflows/defender-for-devops.yml @@ -38,7 +38,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - uses: actions/setup-dotnet@6bd8b7f7774af54e05809fcc5431931b3eb1ddee # v4.0.1 with: dotnet-version: | diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 2684b4e..12f51dd 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -34,7 +34,7 @@ jobs: egress-policy: audit - name: 'Checkout repository' - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: 'Dependency Review' uses: actions/dependency-review-action@a6993e2c61fd5dc440b409aa1d6904921c5e1894 # v4.3.5 # Commonly enabled options, see https://github.com/actions/dependency-review-action#configuration-options for all available options. diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml index a8ab49f..0ecb1e2 100644 --- a/.github/workflows/devskim.yml +++ b/.github/workflows/devskim.yml @@ -35,7 +35,7 @@ jobs: github.com:443 - name: Checkout code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Run DevSkim scanner uses: microsoft/DevSkim-Action@914fa647b406c387000300b2f09bb28691be2b6d # v1.0.14 diff --git a/.github/workflows/endorlabs.yml b/.github/workflows/endorlabs.yml index f46249b..23c34ca 100644 --- a/.github/workflows/endorlabs.yml +++ b/.github/workflows/endorlabs.yml @@ -29,7 +29,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 #### Package Build Instructions ### Use this section to define the build steps used by your software package. ### Endor Labs builds your software for you where possible but the required build tools must be made available. diff --git a/.github/workflows/filediff.yml b/.github/workflows/filediff.yml index f723e54..665b818 100644 --- a/.github/workflows/filediff.yml +++ b/.github/workflows/filediff.yml @@ -15,7 +15,7 @@ jobs: egress-policy: audit - name: Checkout default branch - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Create filediff comment uses: Shopify/filediff@a662df8303d1056aa3561b5524610ae65b63fc78 # main diff --git a/.github/workflows/ossar.yml b/.github/workflows/ossar.yml index 7627ddb..4e77387 100644 --- a/.github/workflows/ossar.yml +++ b/.github/workflows/ossar.yml @@ -37,7 +37,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 # Ensure a compatible version of dotnet is installed. # The [Microsoft Security Code Analysis CLI](https://aka.ms/mscadocs) is built with dotnet v3.1.201. diff --git a/.github/workflows/pylint.yml b/.github/workflows/pylint.yml index ddcc1b6..574da21 100644 --- a/.github/workflows/pylint.yml +++ b/.github/workflows/pylint.yml @@ -17,7 +17,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: diff --git a/.github/workflows/pyre.yml b/.github/workflows/pyre.yml index 86100b7..2195776 100644 --- a/.github/workflows/pyre.yml +++ b/.github/workflows/pyre.yml @@ -39,7 +39,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: submodules: true - name: Run Pyre diff --git a/.github/workflows/pysa.yml b/.github/workflows/pysa.yml index b59400b..5dd9fe1 100644 --- a/.github/workflows/pysa.yml +++ b/.github/workflows/pysa.yml @@ -53,7 +53,7 @@ jobs: ppa.launchpadcontent.net:443 pypi.org:443 - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: submodules: true python-version: '3.11.8' diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml index 7d12f78..12abbf8 100644 --- a/.github/workflows/python-app.yml +++ b/.github/workflows/python-app.yml @@ -30,7 +30,7 @@ jobs: objects.githubusercontent.com:443 pypi.org:443 - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Python 3.11.8 uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: diff --git a/.github/workflows/python-package-conda.yml b/.github/workflows/python-package-conda.yml index c15ca93..8b2209e 100644 --- a/.github/workflows/python-package-conda.yml +++ b/.github/workflows/python-package-conda.yml @@ -17,7 +17,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Python 3.11 uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: diff --git a/.github/workflows/python-publish.yml b/.github/workflows/python-publish.yml index 2d83355..272969a 100644 --- a/.github/workflows/python-publish.yml +++ b/.github/workflows/python-publish.yml @@ -37,7 +37,7 @@ jobs: pypi.org:443 upload.pypi.org:443 - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: Set up Python uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index a82962c..32433f7 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -51,7 +51,7 @@ jobs: www.bestpractices.dev:443 - name: "Checkout code" - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: persist-credentials: false diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index a062213..678278f 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -28,5 +28,5 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - run: semgrep ci diff --git a/.github/workflows/sitemap.yml b/.github/workflows/sitemap.yml index 6c0911a..1937e49 100644 --- a/.github/workflows/sitemap.yml +++ b/.github/workflows/sitemap.yml @@ -19,7 +19,7 @@ jobs: github.com:443 - name: Checkout the repo - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: fetch-depth: 0 diff --git a/.github/workflows/sobelow.yml b/.github/workflows/sobelow.yml index ff02b75..649e0c4 100644 --- a/.github/workflows/sobelow.yml +++ b/.github/workflows/sobelow.yml @@ -43,6 +43,6 @@ jobs: repo.hex.pm:443 sobelow.io:443 - - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - id: run-action uses: sobelow/action@1afd6d2cae70ae8bd900b58506f54487ed863912 diff --git a/.github/workflows/super-linter.yml b/.github/workflows/super-linter.yml index b6abcb6..0b6ae95 100644 --- a/.github/workflows/super-linter.yml +++ b/.github/workflows/super-linter.yml @@ -34,7 +34,7 @@ jobs: pypi.org:443 - name: Checkout code - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 with: # Full git history is needed to get a proper list of changed files within `super-linter` fetch-depth: 0