diff --git a/.github/workflows/check-for-transitive-failures.yml b/.github/workflows/check-for-transitive-failures.yml index 8f42c0dd..ec308983 100644 --- a/.github/workflows/check-for-transitive-failures.yml +++ b/.github/workflows/check-for-transitive-failures.yml @@ -46,7 +46,7 @@ jobs: outputs: should_run: ${{ steps.decide.outputs.should_run }} steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false fetch-depth: 0 @@ -134,7 +134,7 @@ jobs: if: needs.gate.outputs.should_run == 'true' runs-on: ubuntu-latest steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - uses: ./.github/actions/for-dependabot-triggered-reviews diff --git a/.github/workflows/check-project-actions.yml b/.github/workflows/check-project-actions.yml index e58e0cc2..938fbfae 100644 --- a/.github/workflows/check-project-actions.yml +++ b/.github/workflows/check-project-actions.yml @@ -67,13 +67,13 @@ jobs: contents: read steps: - name: "Checkout apache/infrastructure-actions" - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: repository: 'apache/infrastructure-actions' ref: 'main' - name: "Checkout repository to be checked" - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: repository: '${{ inputs.repository }}' ref: ${{ inputs.ref }} diff --git a/.github/workflows/check_action_tags.yml b/.github/workflows/check_action_tags.yml index 2dd167c5..e65f9f1a 100644 --- a/.github/workflows/check_action_tags.yml +++ b/.github/workflows/check_action_tags.yml @@ -50,7 +50,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 - run: pipx install uv diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index cc3446e6..9d17cb2b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -49,7 +49,7 @@ jobs: security-events: write steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index c22c8b54..9b7b204e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -41,7 +41,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/linting.yml b/.github/workflows/linting.yml index 25562a73..f27b9c28 100644 --- a/.github/workflows/linting.yml +++ b/.github/workflows/linting.yml @@ -50,7 +50,7 @@ jobs: # resolves from the repository root. working-directory: pelican steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/pelican-action-test.yml b/.github/workflows/pelican-action-test.yml index b7687625..07869c62 100644 --- a/.github/workflows/pelican-action-test.yml +++ b/.github/workflows/pelican-action-test.yml @@ -38,7 +38,7 @@ jobs: group: testsite-${{ github.ref_name }} # must agree with TARGET steps: - name: Checkout the test site - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: ref: ${{ env.SOURCE }} # Credentials must persist: the pelican action's publish step runs @@ -47,7 +47,7 @@ jobs: run: | echo "self/" >> .git/info/exclude - name: Checkout self - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: path: self persist-credentials: false diff --git a/.github/workflows/pre-commit.yml b/.github/workflows/pre-commit.yml index e51acb2f..9c5c2c24 100644 --- a/.github/workflows/pre-commit.yml +++ b/.github/workflows/pre-commit.yml @@ -31,7 +31,7 @@ jobs: pre-commit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/pytest.yml b/.github/workflows/pytest.yml index cfd411d3..26f75665 100644 --- a/.github/workflows/pytest.yml +++ b/.github/workflows/pytest.yml @@ -30,7 +30,7 @@ jobs: test: runs-on: ubuntu-latest steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/rat.yml b/.github/workflows/rat.yml index 14532695..e0a7a084 100644 --- a/.github/workflows/rat.yml +++ b/.github/workflows/rat.yml @@ -32,7 +32,7 @@ jobs: rat: runs-on: ubuntu-latest steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/remove_expired.yml b/.github/workflows/remove_expired.yml index 9eb51397..e07be7f5 100644 --- a/.github/workflows/remove_expired.yml +++ b/.github/workflows/remove_expired.yml @@ -34,7 +34,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: true # Use PAT so the commit triggers other actions diff --git a/.github/workflows/stash-action-test.yml b/.github/workflows/stash-action-test.yml index 51619e82..90093dbc 100644 --- a/.github/workflows/stash-action-test.yml +++ b/.github/workflows/stash-action-test.yml @@ -34,7 +34,7 @@ jobs: runs-on: ubuntu-latest container: quay.io/centos/centos:stream8 steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false @@ -60,7 +60,7 @@ jobs: os: [ubuntu-latest, windows-latest, macos-15-intel, macos-14] runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false @@ -140,7 +140,7 @@ jobs: needs: test-save runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/update.yml b/.github/workflows/update.yml index 9c1ad359..4ab92bc4 100644 --- a/.github/workflows/update.yml +++ b/.github/workflows/update.yml @@ -67,7 +67,7 @@ jobs: contents: write steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: true # The PAT is required because `main` is a protected branch and diff --git a/.github/workflows/verify_dependabot_action.yml b/.github/workflows/verify_dependabot_action.yml index 0df2423d..fb26c3c1 100644 --- a/.github/workflows/verify_dependabot_action.yml +++ b/.github/workflows/verify_dependabot_action.yml @@ -32,7 +32,7 @@ jobs: if: github.event.pull_request.user.login == 'dependabot[bot]' runs-on: ubuntu-latest steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/verify_manual_action.yml b/.github/workflows/verify_manual_action.yml index 0c1ba657..28a42768 100644 --- a/.github/workflows/verify_manual_action.yml +++ b/.github/workflows/verify_manual_action.yml @@ -39,7 +39,7 @@ jobs: if: github.event.pull_request.user.login != 'dependabot[bot]' runs-on: ubuntu-latest steps: - - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + - uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/zizmor.yml b/.github/workflows/zizmor.yml index 7bf94e19..4f231f62 100644 --- a/.github/workflows/zizmor.yml +++ b/.github/workflows/zizmor.yml @@ -34,7 +34,7 @@ jobs: permissions: {} steps: - name: Checkout repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false