diff --git a/.github/workflows/_reusable-check-api-for-breaking-changes.yml b/.github/workflows/_reusable-check-api-for-breaking-changes.yml index cf8f302..d5df799 100644 --- a/.github/workflows/_reusable-check-api-for-breaking-changes.yml +++ b/.github/workflows/_reusable-check-api-for-breaking-changes.yml @@ -14,7 +14,7 @@ jobs: env: PACKAGE_NAME: ${{ inputs.package-name }} steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: fetch-depth: 0 - name: Set up Python diff --git a/.github/workflows/_reusable-codeql-analysis.yml b/.github/workflows/_reusable-codeql-analysis.yml index 1bbd209..e515456 100644 --- a/.github/workflows/_reusable-codeql-analysis.yml +++ b/.github/workflows/_reusable-codeql-analysis.yml @@ -25,7 +25,7 @@ jobs: language: ${{ fromJSON(inputs.languages-array) }} steps: - name: Checkout repository - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Initialize CodeQL uses: github/codeql-action/init@f779452ac5af1c261dce0346a8f964149f49322b # v3.26.13 with: diff --git a/.github/workflows/_reusable-enforce-community-standards.yml b/.github/workflows/_reusable-enforce-community-standards.yml index 0f8a705..ed70c94 100644 --- a/.github/workflows/_reusable-enforce-community-standards.yml +++ b/.github/workflows/_reusable-enforce-community-standards.yml @@ -21,7 +21,7 @@ jobs: - .github/@(dependabot.@(yml|yaml)|renovate.json) - .github/workflows/codeql-analysis.@(yml|yaml) steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Ensure ${{ matrix.filename }} exists uses: andstor/file-existence-action@076e0072799f4942c8bc574a82233e1e4d13e9d6 # v3.0.0 with: diff --git a/.github/workflows/_reusable-package-build.yml b/.github/workflows/_reusable-package-build.yml index 87e20d0..87db70d 100644 --- a/.github/workflows/_reusable-package-build.yml +++ b/.github/workflows/_reusable-package-build.yml @@ -34,7 +34,7 @@ jobs: id-token: write attestations: write steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: fetch-depth: 0 - uses: hynek/build-and-inspect-python-package@73aea398b9c8de9ea9e4464c6b13cb8b1f3d6294 # v2.9.0 diff --git a/.github/workflows/_reusable-package-release.yml b/.github/workflows/_reusable-package-release.yml index 23e8cc3..35f9f60 100644 --- a/.github/workflows/_reusable-package-release.yml +++ b/.github/workflows/_reusable-package-release.yml @@ -91,7 +91,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: fetch-depth: 0 fetch-tags: true @@ -128,7 +128,7 @@ jobs: id-token: write contents: write steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: fetch-depth: 0 fetch-tags: true @@ -173,7 +173,7 @@ jobs: id-token: write attestations: write steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: ref: main # Make sure to check out the latest commit on main, not the original commit that triggered the workflow fetch-depth: 0 @@ -236,7 +236,7 @@ jobs: id-token: write contents: write steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: ref: main # Make sure to check out the latest commit on main, not the original commit that triggered the workflow fetch-depth: 0 diff --git a/.github/workflows/_reusable-package-testpypi.yml b/.github/workflows/_reusable-package-testpypi.yml index 101d5ef..374bfc6 100644 --- a/.github/workflows/_reusable-package-testpypi.yml +++ b/.github/workflows/_reusable-package-testpypi.yml @@ -28,7 +28,7 @@ jobs: id-token: write attestations: write steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: fetch-depth: 0 - uses: tektronix/python-package-ci-cd/actions/create_unique_testpypi_version@v1.4.1 @@ -68,7 +68,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Set up Python uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 with: diff --git a/.github/workflows/_reusable-publish-api-comparison.yml b/.github/workflows/_reusable-publish-api-comparison.yml index 5e8ed50..8829c17 100644 --- a/.github/workflows/_reusable-publish-api-comparison.yml +++ b/.github/workflows/_reusable-publish-api-comparison.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest if: ${{ github.event.workflow_run.event == 'pull_request' && !contains(fromJSON('["skipped", "cancelled", "failed"]'), github.event.workflow_run.conclusion) }} steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Download and Extract Artifacts uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6 with: diff --git a/.github/workflows/_reusable-publish-test-results.yml b/.github/workflows/_reusable-publish-test-results.yml index dbc0011..932799a 100644 --- a/.github/workflows/_reusable-publish-test-results.yml +++ b/.github/workflows/_reusable-publish-test-results.yml @@ -21,7 +21,7 @@ jobs: matrix: os-name: ${{ fromJSON(inputs.operating-systems-array) }} steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - name: Download and Extract Artifacts uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6 with: diff --git a/.github/workflows/_reusable-sbom-scan.yml b/.github/workflows/_reusable-sbom-scan.yml index 4d63324..c7765bb 100644 --- a/.github/workflows/_reusable-sbom-scan.yml +++ b/.github/workflows/_reusable-sbom-scan.yml @@ -11,7 +11,7 @@ jobs: create-and-scan-sbom: runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1 with: python-version-file: pyproject.toml diff --git a/.github/workflows/_reusable-test-code.yml b/.github/workflows/_reusable-test-code.yml index 7be79dc..84d141d 100644 --- a/.github/workflows/_reusable-test-code.yml +++ b/.github/workflows/_reusable-test-code.yml @@ -41,7 +41,7 @@ jobs: os-name: ${{ fromJSON(inputs.operating-systems-array) }} python-version: ${{ fromJSON(inputs.python-versions-array) }} steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 with: node-version: lts/* @@ -80,7 +80,7 @@ jobs: matrix: os-name: ${{ fromJSON(inputs.operating-systems-array) }} steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 with: node-version: lts/* @@ -118,7 +118,7 @@ jobs: needs: test-fast runs-on: ubuntu-latest steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 with: path: artifacts diff --git a/.github/workflows/_reusable-test-docs.yml b/.github/workflows/_reusable-test-docs.yml index 65ed7a3..8b6d40f 100644 --- a/.github/workflows/_reusable-test-docs.yml +++ b/.github/workflows/_reusable-test-docs.yml @@ -27,7 +27,7 @@ jobs: matrix: tox-env: ${{ fromJSON(inputs.tox-env-array) }} steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4 with: node-version: ${{ inputs.node-version }} diff --git a/.github/workflows/_reusable-update-python-and-pre-commit-dependencies.yml b/.github/workflows/_reusable-update-python-and-pre-commit-dependencies.yml index 509eb19..884f021 100644 --- a/.github/workflows/_reusable-update-python-and-pre-commit-dependencies.yml +++ b/.github/workflows/_reusable-update-python-and-pre-commit-dependencies.yml @@ -65,7 +65,7 @@ jobs: permissions: contents: write steps: - - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1 with: fetch-depth: 0 ref: ${{ github.head_ref }}