diff --git a/.github/workflows/abi-report.yml b/.github/workflows/abi-report.yml index 9abbd2fd54c..5faa1f297b2 100644 --- a/.github/workflows/abi-report.yml +++ b/.github/workflows/abi-report.yml @@ -49,7 +49,7 @@ jobs: - uses: actions/checkout@v4.1.7 - name: Get published binary (Linux) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: tgz-ubuntu-2204_gcc-binary path: ${{ github.workspace }} diff --git a/.github/workflows/clang-format-check.yml b/.github/workflows/clang-format-check.yml index f0d89558baa..c4d68a8f004 100644 --- a/.github/workflows/clang-format-check.yml +++ b/.github/workflows/clang-format-check.yml @@ -11,7 +11,7 @@ jobs: steps: - uses: actions/checkout@v4.1.7 - name: Run clang-format style check for C and Java code - uses: DoozyX/clang-format-lint-action@v0.13 + uses: DoozyX/clang-format-lint-action@v0.17 with: source: '.' extensions: 'c,h,cpp,hpp,java' diff --git a/.github/workflows/clang-format-fix.yml b/.github/workflows/clang-format-fix.yml index 882e0b64a9f..2ce9f6e9dad 100644 --- a/.github/workflows/clang-format-fix.yml +++ b/.github/workflows/clang-format-fix.yml @@ -23,7 +23,7 @@ jobs: steps: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Fix C and Java formatting issues detected by clang-format - uses: DoozyX/clang-format-lint-action@9ea72631b74e61ce337d0839a90e76180e997283 # v0.13 + uses: DoozyX/clang-format-lint-action@d3c7f85989e3b6416265a0d12f8b4a8aa8b0c4ff # v0.13 with: source: '.' extensions: 'c,h,cpp,hpp,java' diff --git a/.github/workflows/cmake-bintest.yml b/.github/workflows/cmake-bintest.yml index c1fd692fce4..104818920b5 100644 --- a/.github/workflows/cmake-bintest.yml +++ b/.github/workflows/cmake-bintest.yml @@ -33,7 +33,7 @@ jobs: # Get files created by cmake-ctest script - name: Get published binary (Windows) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: zip-vs2022_cl-${{ inputs.build_mode }}-binary path: ${{ github.workspace }}/hdf5 @@ -107,7 +107,7 @@ jobs: distribution: 'temurin' - name: Get published binary (Linux) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: tgz-ubuntu-2204_gcc-${{ inputs.build_mode }}-binary path: ${{ github.workspace }} @@ -159,7 +159,7 @@ jobs: distribution: 'temurin' - name: Get published binary (MacOS) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: tgz-osx13-${{ inputs.build_mode }}-binary path: ${{ github.workspace }} @@ -220,7 +220,7 @@ jobs: distribution: 'temurin' - name: Get published binary (MacOS_latest) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: tgz-osx-${{ inputs.build_mode }}-binary path: ${{ github.workspace }} diff --git a/.github/workflows/cmake-ctest.yml b/.github/workflows/cmake-ctest.yml index f9f1953dbe5..162519831d7 100644 --- a/.github/workflows/cmake-ctest.yml +++ b/.github/workflows/cmake-ctest.yml @@ -60,7 +60,7 @@ jobs: # Get files created by release script - name: Get zip-tarball (Windows) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: zip-tarball path: ${{ github.workspace }} @@ -166,7 +166,7 @@ jobs: # Get files created by release script - name: Get tgz-tarball (Linux) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: tgz-tarball path: ${{ github.workspace }} @@ -296,7 +296,7 @@ jobs: # Get files created by release script - name: Get tgz-tarball (MacOS) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: tgz-tarball path: ${{ github.workspace }} @@ -385,7 +385,7 @@ jobs: # Get files created by release script - name: Get tgz-tarball (MacOS_latest) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: tgz-tarball path: ${{ github.workspace }} @@ -466,7 +466,7 @@ jobs: # Get files created by release script - name: Get tgz-tarball (Linux S3) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: tgz-tarball path: ${{ github.workspace }} @@ -544,7 +544,7 @@ jobs: # Get files created by release script - name: Get zip-tarball (Windows_intel) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: zip-tarball path: ${{ github.workspace }} @@ -656,7 +656,7 @@ jobs: # Get files created by release script - name: Get tgz-tarball (Linux_intel) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: tgz-tarball path: ${{ github.workspace }} diff --git a/.github/workflows/release-files.yml b/.github/workflows/release-files.yml index 24c40786aec..b438e2dfc09 100644 --- a/.github/workflows/release-files.yml +++ b/.github/workflows/release-files.yml @@ -73,7 +73,7 @@ jobs: # Get files created by tarball script - name: Get doxygen (Linux) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: docs-doxygen path: ${{ github.workspace }}/${{ steps.get-file-base.outputs.FILE_BASE }}.doxygen @@ -82,94 +82,94 @@ jobs: run: zip -r ${{ steps.get-file-base.outputs.FILE_BASE }}.doxygen.zip ./${{ steps.get-file-base.outputs.FILE_BASE }}.doxygen - name: Get tgz-tarball (Linux) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: tgz-tarball path: ${{ github.workspace }} - name: Get zip-tarball (Windows) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: zip-tarball path: ${{ github.workspace }} # Get files created by cmake-ctest script - name: Get published binary (Windows) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: zip-vs2022_cl-binary path: ${{ github.workspace }} - name: Get published msi binary (Windows) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: msi-vs2022_cl-binary path: ${{ github.workspace }} - name: Get published binary (MacOS) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: tgz-osx-binary path: ${{ github.workspace }} - name: Get published binary (Linux) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: tgz-ubuntu-2204_gcc-binary path: ${{ github.workspace }} - name: Get published deb binary (Linux) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: deb-ubuntu-2204_gcc-binary path: ${{ github.workspace }} - name: Get published rpm binary (Linux) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: rpm-ubuntu-2204_gcc-binary path: ${{ github.workspace }} - name: Get published binary (Linux S3) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: tgz-ubuntu-2204_gcc_s3-binary path: ${{ github.workspace }} - name: Get published binary (Windows_intel) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: zip-vs2022_intel-binary path: ${{ github.workspace }} - name: Get published msi binary (Windows_intel) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: msi-vs2022_intel-binary path: ${{ github.workspace }} - name: Get published binary (Linux_intel) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: tgz-ubuntu-2204_intel-binary path: ${{ github.workspace }} - name: Get published abi reports (Linux) - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: abi-reports path: ${{ github.workspace }} - name: Get published nonversioned source (tgz) if: ${{ (inputs.use_environ == 'release') }} - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: tgz-tarball-nover path: ${{ github.workspace }} - name: Get published nonversioned source (zip) if: ${{ (inputs.use_environ == 'release') }} - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: zip-tarball-nover path: ${{ github.workspace }} @@ -202,7 +202,7 @@ jobs: echo "${{ steps.get-file-base.outputs.FILE_BASE }}" > ./last-file.txt - name: Get NEWSLETTER - uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 + uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: name: NEWSLETTER path: ${{ github.workspace }} @@ -214,7 +214,7 @@ jobs: - name: PreRelease tag id: create_prerelease if: ${{ (inputs.use_environ == 'snapshots') }} - uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6 + uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8 with: tag_name: "${{ inputs.use_tag }}" prerelease: true @@ -241,7 +241,7 @@ jobs: - name: Release tag id: create_release if: ${{ (inputs.use_environ == 'release') }} - uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6 + uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8 with: tag_name: "${{ inputs.use_tag }}" prerelease: false diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index b826ee51164..e67627fd885 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -37,7 +37,7 @@ jobs: persist-credentials: false - name: "Run analysis" - uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3 + uses: ossf/scorecard-action@62b2cac7ed8198b15735ed49ab1e5cf35480ba46 # v2.4.0 with: results_file: results.sarif results_format: sarif @@ -67,6 +67,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 + uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 with: sarif_file: results.sarif