diff --git a/.github/workflows/ci-all-security-main.yml b/.github/workflows/ci-all-security-main.yml index eddae92..b1d1267 100644 --- a/.github/workflows/ci-all-security-main.yml +++ b/.github/workflows/ci-all-security-main.yml @@ -11,7 +11,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 diff --git a/.github/workflows/ci-main-pull-request.yml b/.github/workflows/ci-main-pull-request.yml index 2736c91..906c8b5 100644 --- a/.github/workflows/ci-main-pull-request.yml +++ b/.github/workflows/ci-main-pull-request.yml @@ -396,7 +396,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 @@ -629,7 +629,7 @@ jobs: # app-version: ${{ steps.set-app-version.outputs.version }} # Map the step's output to the job's output # steps: # - name: Checkout code - # uses: actions/checkout@v4 + # uses: actions/checkout@v6 # - name: Set application version from file # id: set-app-version # run: | @@ -670,7 +670,7 @@ jobs: ruby-version: ['3.4'] # '2.7', '3.1', runs-on: ${{ matrix.os-version }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up ruby version uses: ruby/setup-ruby@v1 with: diff --git a/.github/workflows/intel-cve-bin.yml b/.github/workflows/intel-cve-bin.yml index f9dff83..d5ab680 100644 --- a/.github/workflows/intel-cve-bin.yml +++ b/.github/workflows/intel-cve-bin.yml @@ -21,7 +21,7 @@ jobs: echo "date=$(/bin/date -u "+%Y%m%d")" >> $GITHUB_OUTPUT shell: bash # Let's first download dependencies for this action. - # - uses: actions/checkout@v4 + # - uses: actions/checkout@v6 - name: Set up Python uses: actions/setup-python@v4 with: diff --git a/.github/workflows/rubocop.yml b/.github/workflows/rubocop.yml index 7ca533b..eb5b7ca 100644 --- a/.github/workflows/rubocop.yml +++ b/.github/workflows/rubocop.yml @@ -24,7 +24,7 @@ jobs: ruby: ['3.4'] # '2.7', '3.1', runs-on: ${{ matrix.os }} steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - uses: ruby/setup-ruby@v1 # follow instructions at https://github.com/marketplace/actions/setup-ruby-jruby-and-truffleruby & https://docs.github.com/en/actions/use-cases-and-examples/building-and-testing/building-and-testing-ruby # not recommended to pin setup-ruby anymore - like uses: ruby/setup-ruby@55283cc23133118229fd3f97f9336ee23a179fcf # v1.146.0 diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml index 3ba50d1..e957a6c 100644 --- a/.github/workflows/sbom.yml +++ b/.github/workflows/sbom.yml @@ -80,7 +80,7 @@ jobs: if : ${{ inputs.export-github-sbom == true }} steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Generate Filename Prefix and full JSON file name as environment variables for later steps run: | @@ -188,7 +188,7 @@ jobs: echo "DETECT_PROJECT_VERSION_NAME: ${{ inputs.version }}" - name: Checkout source - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Configure git for private Go modules env: @@ -224,7 +224,7 @@ jobs: if: ${{ inputs.generate-msft-sbom == true }} timeout-minutes: 5 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 # TODO: cache the sbom-tool binary - name: Set up Go uses: actions/setup-go@v5 @@ -266,7 +266,7 @@ jobs: if: ${{ inputs.license_scout == true }} timeout-minutes: 5 steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 - name: Set up Go uses: actions/setup-go@v5 diff --git a/.github/workflows/scc.yml b/.github/workflows/scc.yml index 8003080..1f63f51 100644 --- a/.github/workflows/scc.yml +++ b/.github/workflows/scc.yml @@ -22,7 +22,7 @@ jobs: name: 'Complexity and SLOC generation' steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Install and run scc CLI run: | diff --git a/.github/workflows/sonarqube-internal-repo.yml b/.github/workflows/sonarqube-internal-repo.yml index a3d3870..b31c45a 100644 --- a/.github/workflows/sonarqube-internal-repo.yml +++ b/.github/workflows/sonarqube-internal-repo.yml @@ -90,7 +90,7 @@ jobs: continue-on-error: true - name: checkout # removed: if: ${{ inputs.perform-build == true && inputs.visibility == 'internal' }} -- this is internal, so always do checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 @@ -133,7 +133,7 @@ jobs: # name: Coverage from chef-vault # runs-on: ubuntu-22.04 # steps: - # - uses: actions/checkout@v2 + # - uses: actions/checkout@v6 # - name: Set up ruby 3.1 # uses: ruby/setup-ruby@v1 # with: @@ -156,7 +156,7 @@ jobs: steps: - name: checkout # removed: if: ${{ inputs.perform-build == true && inputs.visibility == 'internal' }} -- this is internal, so always do checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 - name: SonarQube Scan diff --git a/.github/workflows/sonarqube-public-repo.yml b/.github/workflows/sonarqube-public-repo.yml index 72d0418..04ff5f4 100644 --- a/.github/workflows/sonarqube-public-repo.yml +++ b/.github/workflows/sonarqube-public-repo.yml @@ -64,7 +64,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 6651ab2..8749e2f 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -24,7 +24,7 @@ jobs: contents: read steps: - name: Check out Git repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Generate Filename Prefix run: | diff --git a/.github/workflows/trufflehog.yml b/.github/workflows/trufflehog.yml index 4413951..c816344 100644 --- a/.github/workflows/trufflehog.yml +++ b/.github/workflows/trufflehog.yml @@ -10,7 +10,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0