diff --git a/.github/workflows/ci-github-actions.yml b/.github/workflows/ci-github-actions.yml index 6e6d1d5..a6849e2 100644 --- a/.github/workflows/ci-github-actions.yml +++ b/.github/workflows/ci-github-actions.yml @@ -13,7 +13,7 @@ jobs: actionlint: runs-on: ubuntu-latest steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0 with: go-version: 'stable' diff --git a/.github/workflows/community.yml b/.github/workflows/community.yml index 3aca0be..36ca76f 100644 --- a/.github/workflows/community.yml +++ b/.github/workflows/community.yml @@ -33,7 +33,7 @@ jobs: Release: runs-on: ubuntu-latest steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: ref: ${{ inputs.git-ref }} fetch-depth: 0 @@ -58,7 +58,7 @@ jobs: - if: inputs.release-notes id: release-notes-download name: Release Notes Download - uses: actions/download-artifact@8caf195ad4b1dee92908e23f56eeb0696f1dd42d # v4.1.5 + uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: release-notes path: /tmp diff --git a/.github/workflows/compliance.yml b/.github/workflows/compliance.yml index b642c6b..472d1ce 100644 --- a/.github/workflows/compliance.yml +++ b/.github/workflows/compliance.yml @@ -11,7 +11,7 @@ jobs: copywrite: runs-on: ubuntu-latest steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 - uses: hashicorp/setup-copywrite@867a1a2a064a0626db322392806428f7dc59cb3e # v1.1.2 - run: copywrite headers --plan - run: copywrite license --plan \ No newline at end of file diff --git a/.github/workflows/hashicorp.yml b/.github/workflows/hashicorp.yml index 11f0716..d853b1e 100644 --- a/.github/workflows/hashicorp.yml +++ b/.github/workflows/hashicorp.yml @@ -74,7 +74,7 @@ jobs: # Custom runners range in size from 4 core to 64 core and sizes `small` through `xl` are supported runs-on: [custom, linux, large] steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: fetch-depth: 0 ref: ${{ inputs.product-version }} @@ -106,7 +106,7 @@ jobs: - if: inputs.release-notes id: release-notes-download name: Release Notes Download - uses: actions/download-artifact@8caf195ad4b1dee92908e23f56eeb0696f1dd42d # v4.1.5 + uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7 with: name: release-notes path: /tmp diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d9ac487..6ce477c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -37,7 +37,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: fetch-depth: 0 # Avoid persisting GITHUB_TOKEN credentials as they take priority over our service account PAT for `git push` operations @@ -66,7 +66,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: fetch-depth: 0 # Default input is the SHA that initially triggered the workflow. As we created a new commit in the previous job, @@ -92,7 +92,7 @@ jobs: permissions: contents: write # Needed to create GitHub release steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 with: ref: ${{ inputs.versionNumber }} fetch-depth: 0