diff --git a/.github/workflows/authors.yml b/.github/workflows/authors.yml index b5c2c7e9ef73..66b713d2ec9e 100644 --- a/.github/workflows/authors.yml +++ b/.github/workflows/authors.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout PR code - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 with: ref: ${{ github.event.pull_request.head.sha }} fetch-depth: 0 diff --git a/.github/workflows/builds.yml b/.github/workflows/builds.yml index 06200d335d6e..992cfff4a60d 100644 --- a/.github/workflows/builds.yml +++ b/.github/workflows/builds.yml @@ -136,7 +136,7 @@ jobs: texlive-capt-of \ texlive-needspace - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: ./.github/actions/install-cbindgen # Download and extract dependency archives created during prep @@ -282,7 +282,7 @@ jobs: - run: rustup component add rustfmt - run: rustup component add clippy - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: ./.github/actions/install-cbindgen @@ -506,7 +506,7 @@ jobs: which \ zlib-devel - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: ./.github/actions/install-cbindgen @@ -697,7 +697,7 @@ jobs: - name: Install Rust run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain 1.83 -y - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - uses: ./.github/actions/install-cbindgen - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 @@ -786,7 +786,7 @@ jobs: sudo \ which \ zlib-devel - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - uses: ./.github/actions/install-cbindgen - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 @@ -880,7 +880,7 @@ jobs: sudo \ which \ zlib-devel - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: ./.github/actions/install-cbindgen - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 @@ -966,7 +966,7 @@ jobs: which \ zlib-devel - run: adduser suricata - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - uses: ./.github/actions/install-cbindgen - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 @@ -1052,7 +1052,7 @@ jobs: sudo \ which \ zlib-devel - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -1099,7 +1099,7 @@ jobs: dnf config-manager --set-enabled crb - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - uses: ./.github/actions/install-cbindgen - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 @@ -1107,7 +1107,7 @@ jobs: - name: Install minimal dependencies run: ./scripts/docs-almalinux9-minimal-build.sh - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -1175,7 +1175,7 @@ jobs: software-properties-common \ zlib1g \ zlib1g-dev - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -1252,7 +1252,7 @@ jobs: # packaged Rust version is too old for coverage, so get from rustup - name: Install Rust run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain 1.67.1 -y - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -1393,7 +1393,7 @@ jobs: # specific version to match up to the llvm version in ubuntu below - name: Install Rust run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain 1.67.1 -y - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -1499,7 +1499,7 @@ jobs: # specific version to match up to the llvm version in ubuntu below - name: Install Rust run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain 1.67.1 -y - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -1634,7 +1634,7 @@ jobs: time \ wget \ dpdk-dev - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -1722,7 +1722,7 @@ jobs: time \ wget \ dpdk-dev - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -1825,7 +1825,7 @@ jobs: # packaged Rust version is too old for coverage, so get from rustup - name: Install Rust run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain 1.67.1 -y - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -1916,7 +1916,7 @@ jobs: zlib1g-dev \ exuberant-ctags \ dpdk-dev - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -2066,7 +2066,7 @@ jobs: zlib1g \ zlib1g-dev \ exuberant-ctags - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -2144,7 +2144,7 @@ jobs: zlib1g \ zlib1g-dev - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -2240,7 +2240,7 @@ jobs: make -j ${{ env.CPUS }} sudo make install - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -2275,7 +2275,7 @@ jobs: git \ libtool - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -2376,7 +2376,7 @@ jobs: ninja -C build install ldconfig cd $HOME - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -2453,7 +2453,7 @@ jobs: texlive-latex-extra \ zlib1g \ zlib1g-dev - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -2542,7 +2542,7 @@ jobs: texlive-latex-extra \ zlib1g \ zlib1g-dev - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -2624,7 +2624,7 @@ jobs: texlive-latex-extra \ zlib1g \ zlib1g-dev - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -2704,7 +2704,7 @@ jobs: - name: Install Rust run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain $RUST_VERSION_KNOWN -y - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -2775,7 +2775,7 @@ jobs: - name: Install Rust run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain $RUST_VERSION_KNOWN -y - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -2825,7 +2825,7 @@ jobs: rust \ xz - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - name: Downloading prep archive uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 @@ -2880,7 +2880,7 @@ jobs: # preinstalled one to be picked up by configure - name: cbindgen run: cargo install --root /usr --force --debug --version 0.24.3 cbindgen - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -2936,7 +2936,7 @@ jobs: # preinstalled one to be picked up by configure - name: cbindgen run: cargo install --root /usr --force --debug --version 0.24.3 cbindgen - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: @@ -2983,7 +2983,7 @@ jobs: # preinstalled one to be picked up by configure - name: cbindgen run: cargo install --root /usr --force --debug --version 0.24.3 cbindgen - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 289b6f09a90e..d336a825e638 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -37,7 +37,7 @@ jobs: # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/codeqlpy.yml b/.github/workflows/codeqlpy.yml index 3f533d005ab6..b56b6559edb1 100644 --- a/.github/workflows/codeqlpy.yml +++ b/.github/workflows/codeqlpy.yml @@ -39,7 +39,7 @@ jobs: # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ] steps: - name: Checkout repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/commits.yml b/.github/workflows/commits.yml index 1b2aafa7a8b5..d574bd1d94b8 100644 --- a/.github/workflows/commits.yml +++ b/.github/workflows/commits.yml @@ -74,7 +74,7 @@ jobs: cd $HOME/.cargo/bin curl -OL https://github.com/eqrion/cbindgen/releases/download/v0.24.3/cbindgen chmod 755 cbindgen - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 with: fetch-depth: 0 # The action above is supposed to do this for us, but it doesn't appear to stick. diff --git a/.github/workflows/docs.yml b/.github/workflows/docs.yml index 45343d7d9d73..88914abe27db 100644 --- a/.github/workflows/docs.yml +++ b/.github/workflows/docs.yml @@ -114,7 +114,7 @@ jobs: texlive-latex-extra \ zlib1g \ zlib1g-dev - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - uses: actions/download-artifact@cc203385981b70ca67e1cc392babf9cc229d5806 with: diff --git a/.github/workflows/formatting.yml b/.github/workflows/formatting.yml index 508317adf222..4502fedf53fd 100644 --- a/.github/workflows/formatting.yml +++ b/.github/workflows/formatting.yml @@ -89,7 +89,7 @@ jobs: # My patience simply ran too short to keep on looking. See follow-on # action to manually fix this up. - name: Checkout - might be merge commit! - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 with: fetch-depth: 0 # Use last commit of branch, not potential merge commit! diff --git a/.github/workflows/prepare-deps.yml b/.github/workflows/prepare-deps.yml index 9e96c5cd7372..2c2c206b3c2f 100644 --- a/.github/workflows/prepare-deps.yml +++ b/.github/workflows/prepare-deps.yml @@ -78,7 +78,7 @@ jobs: # Now checkout Suricata for the bundle script. - name: Checking out Suricata - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - name: Fetching libhtp diff --git a/.github/workflows/rust-checks.yml b/.github/workflows/rust-checks.yml index 1ee648e7bca7..9cb4834d1338 100644 --- a/.github/workflows/rust-checks.yml +++ b/.github/workflows/rust-checks.yml @@ -73,7 +73,7 @@ jobs: echo "$HOME/.cargo/bin" >> $GITHUB_PATH - name: Install Cargo Audit run: cargo install cargo-audit - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - name: Configure Suricata run: | ./scripts/bundle.sh libhtp @@ -144,7 +144,7 @@ jobs: sudo \ which \ zlib-devel - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - name: Install Minimum Supported Rust Version run: | curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain $(awk -F '"' '/rust-version/ { print $2 }' rust/Cargo.toml.in) diff --git a/.github/workflows/rust.yml b/.github/workflows/rust.yml index 2a674407dcdc..43f37851fd62 100644 --- a/.github/workflows/rust.yml +++ b/.github/workflows/rust.yml @@ -62,7 +62,7 @@ jobs: zlib-devel - run: curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain 1.85.0 -y - run: echo "$HOME/.cargo/bin" >> $GITHUB_PATH - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - run: ./scripts/bundle.sh - run: ./autogen.sh diff --git a/.github/workflows/scan-build.yml b/.github/workflows/scan-build.yml index 5c0f7989a7b9..29005dba4886 100644 --- a/.github/workflows/scan-build.yml +++ b/.github/workflows/scan-build.yml @@ -67,7 +67,7 @@ jobs: software-properties-common \ zlib1g \ zlib1g-dev - - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 + - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 - run: git config --global --add safe.directory /__w/suricata/suricata - run: ./scripts/bundle.sh - run: ./autogen.sh diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index bf9e329441fe..51b466d728d7 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -25,7 +25,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: "Run analysis" uses: ossf/scorecard-action@f49aabe0b5af0936a0987cfb85d86b75731b0186 # v2.4.1