diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index fa1b71d..6e10918 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -36,14 +36,14 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 if: ${{ !contains(github.event_name, 'workflow_dispatch') }} with: fetch-depth: 0 - name: Check out code for workflow_dispatch if: ${{ contains(github.event_name, 'workflow_dispatch') }} - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: fetch-depth: 0 ref: ${{ github.event.inputs.tag }} @@ -126,20 +126,20 @@ jobs: runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 if: ${{ !contains(github.event_name, 'workflow_dispatch') }} with: fetch-depth: 0 - name: Check out code for workflow_dispatch if: ${{ contains(github.event_name, 'workflow_dispatch') }} - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: fetch-depth: 0 ref: ${{ github.event.inputs.tag }} - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 with: python-version: ${{ matrix.python-version }} @@ -194,14 +194,14 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 if: ${{ !contains(github.event_name, 'workflow_dispatch') }} with: fetch-depth: 0 - name: Check out code for workflow_dispatch if: ${{ contains(github.event_name, 'workflow_dispatch') }} - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: fetch-depth: 0 ref: ${{ github.event.inputs.tag }} @@ -212,7 +212,7 @@ jobs: --candidate=100)" >> $GITHUB_ENV - name: Set up Python - uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 + uses: actions/setup-python@83679a892e2d95755f2dac6acb0bfd1e9ac5d548 # v6.1.0 - name: Set up setuptools run: | @@ -263,13 +263,13 @@ jobs: steps: - name: Check out code into the Go module directory if: ${{ !contains(github.event_name, 'workflow_dispatch') }} - uses: actions/checkout@v5 + uses: actions/checkout@v6.0.0 with: fetch-depth: 0 - name: Check out code into the Go module directory if: ${{ contains(github.event_name, 'workflow_dispatch') }} - uses: actions/checkout@v5 + uses: actions/checkout@v6.0.0 with: fetch-depth: 0 ref: ${{ github.event.inputs.tag }} diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml index 02f396d..e88a54e 100644 --- a/.github/workflows/sonar.yml +++ b/.github/workflows/sonar.yml @@ -12,7 +12,7 @@ jobs: if: github.repository == 'manugarg/pacparser' && (github.event_name == 'push' || github.event.pull_request.head.repo.full_name == github.repository) runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - name: Install sonar-scanner and build-wrapper