diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 013ebc7f..ba08652e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -75,7 +75,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.29.5 + uses: github/codeql-action/init@0499de31b99561a6d14a36a5f662c2a54f91beee # v3.29.5 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -85,7 +85,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.29.5 + uses: github/codeql-action/autobuild@0499de31b99561a6d14a36a5f662c2a54f91beee # v3.29.5 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -98,6 +98,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.29.5 + uses: github/codeql-action/analyze@0499de31b99561a6d14a36a5f662c2a54f91beee # v3.29.5 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 13b7c3d3..e6aca367 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -46,4 +46,4 @@ jobs: - name: "Checkout Repository" uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: "Dependency Review" - uses: actions/dependency-review-action@56339e523c0409420f6c2c9a2f4292bbb3c07dd3 # v4.8.0 + uses: actions/dependency-review-action@40c09b7dc99638e5ddb0bfd91c1673effc064d8a # v4.8.1 diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml index aacee0e5..5e015356 100644 --- a/.github/workflows/devskim.yml +++ b/.github/workflows/devskim.yml @@ -57,12 +57,12 @@ jobs: done - name: Upload DevSkim SARIF as artifact - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: devskim-results path: devskim-results.sarif - name: Upload DevSkim scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.29.5 + uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v3.29.5 with: sarif_file: devskim-results.sarif diff --git a/.github/workflows/eslint.yml b/.github/workflows/eslint.yml index f547c410..b888a657 100644 --- a/.github/workflows/eslint.yml +++ b/.github/workflows/eslint.yml @@ -72,13 +72,13 @@ jobs: continue-on-error: true - name: Upload analysis results to GitHub - uses: github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v2.27.0 + uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v2.27.0 with: sarif_file: eslint-results.sarif wait-for-processing: true - name: Upload ESLint SARIF as artifact - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: eslint-results path: eslint-results.sarif diff --git a/.github/workflows/generate-file-list.yml b/.github/workflows/generate-file-list.yml index aab181d0..77a4d0e2 100644 --- a/.github/workflows/generate-file-list.yml +++ b/.github/workflows/generate-file-list.yml @@ -155,7 +155,7 @@ jobs: } - name: Commit and push changes - uses: stefanzweifel/git-auto-commit-action@778341af668090896ca464160c2def5d1d1a3eb0 # v6.0.1 + uses: stefanzweifel/git-auto-commit-action@28e16e81777b558cc906c8750092100bbb34c5e3 # v7.0.0 with: commit_message: "Update file list in README.md automatically with GitHub Action" file_pattern: "README.md file_list.md file_list.html" diff --git a/.github/workflows/greetings.yml b/.github/workflows/greetings.yml index 35913b0c..e575975f 100644 --- a/.github/workflows/greetings.yml +++ b/.github/workflows/greetings.yml @@ -32,7 +32,7 @@ jobs: # Step to send a greeting message for issues and pull requests - name: First Interaction - uses: actions/first-interaction@753c925c8d1ac6fede23781875376600628d9b5d # v3.0.0 + uses: actions/first-interaction@1c4688942c71f71d4f5502a26ea67c331730fa4d # v3.1.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} # Use the repository token for authentication issue-message: "Greetings, thanks for opening an issue, I'll look when I can." # Message for new issues diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml index 264bca37..8cc322a6 100644 --- a/.github/workflows/mega-linter.yml +++ b/.github/workflows/mega-linter.yml @@ -28,7 +28,7 @@ jobs: - name: MegaLinter id: megalinter - uses: oxsecurity/megalinter@0dcbedd66ea456ba2d54fd350affaa15df8a0da3 # v9.0.1 + uses: oxsecurity/megalinter@62c799d895af9bcbca5eacfebca29d527f125a57 # v9.1.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} DISABLE_LINTERS: SPELL_CSPELL @@ -50,7 +50,7 @@ jobs: # Upload MegaLinter artifacts - name: Archive production artifacts if: success() || failure() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: MegaLinter reports path: | diff --git a/.github/workflows/ossar.yml b/.github/workflows/ossar.yml index e0bd5192..ee56d68b 100644 --- a/.github/workflows/ossar.yml +++ b/.github/workflows/ossar.yml @@ -56,6 +56,6 @@ jobs: # Upload results to the Security tab - name: Upload OSSAR results - uses: github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.29.5 + uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v3.29.5 with: sarif_file: ${{ steps.ossar.outputs.sarifFile }} diff --git a/.github/workflows/osv-scanner.yml b/.github/workflows/osv-scanner.yml index d09894c2..22273873 100644 --- a/.github/workflows/osv-scanner.yml +++ b/.github/workflows/osv-scanner.yml @@ -60,11 +60,11 @@ concurrency: jobs: scan-scheduled: if: ${{ github.event_name == 'push' || github.event_name == 'schedule' }} - uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@e92b5d07338d4f0ba0981dffed17c48976ca4730" # v2.2.3 + uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@9bb69575e74019c2ad085a1860787043adf47ccb" # v2.2.4 with: scan-args: ./package-lock.json --fail-on-vuln=false scan-pr: if: ${{ github.event_name == 'pull_request' || github.event_name == 'merge_group' }} - uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@e92b5d07338d4f0ba0981dffed17c48976ca4730" # v2.2.3 + uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@9bb69575e74019c2ad085a1860787043adf47ccb" # v2.2.4 with: scan-args: ./package-lock.json --fail-on-vuln=false diff --git a/.github/workflows/prettier.yml b/.github/workflows/prettier.yml index 9c4dc470..d9875c87 100644 --- a/.github/workflows/prettier.yml +++ b/.github/workflows/prettier.yml @@ -22,7 +22,7 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Set up Node.js - uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 + uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 with: node-version: 20 diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index b8d25d42..5d01ae85 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -97,7 +97,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 with: name: SARIF file path: results.sarif @@ -105,6 +105,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: "Upload to code-scanning" - uses: github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v2.27.0 + uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v2.27.0 with: sarif_file: results.sarif diff --git a/.github/workflows/security-devops.yml b/.github/workflows/security-devops.yml index 68d1b611..24293708 100644 --- a/.github/workflows/security-devops.yml +++ b/.github/workflows/security-devops.yml @@ -28,6 +28,6 @@ jobs: uses: microsoft/security-devops-action@d0736c546281e0632667b8e0046ae3d7bba0bf67 # latest id: msdo - name: Upload results to Security tab - uses: github/codeql-action/upload-sarif@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.29.5 + uses: github/codeql-action/upload-sarif@0499de31b99561a6d14a36a5f662c2a54f91beee # v3.29.5 with: sarif_file: ${{ steps.msdo.outputs.sarifFile }} diff --git a/.github/workflows/sitemap.yml b/.github/workflows/sitemap.yml index 94aa5057..f7557099 100644 --- a/.github/workflows/sitemap.yml +++ b/.github/workflows/sitemap.yml @@ -32,7 +32,7 @@ jobs: # Step to generate the sitemap using the cicirello/generate-sitemap action - name: Generate the sitemap id: sitemap - uses: cicirello/generate-sitemap@19e22284988faa5b31ee7f8f6976ace7beacf23f # v1.10.3 + uses: cicirello/generate-sitemap@6a56a20238e631d653600cf792c3596722b78259 # v1.10.4 with: base-url-path: https://userstyles.github.typpi.online/ additional-extensions: doc docx ppt pptx js css json xml xlsx xls pdf md markdown txt lua yaml yml png diff --git a/.github/workflows/sobelow.yml b/.github/workflows/sobelow.yml index 5bc181cf..84da30ad 100644 --- a/.github/workflows/sobelow.yml +++ b/.github/workflows/sobelow.yml @@ -66,5 +66,5 @@ jobs: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - id: run-action - uses: sobelow/action@1afd6d2cae70ae8bd900b58506f54487ed863912 + uses: sobelow/action@a9bf221c4eef7e7a4486fa1f06257511c9780b46 continue-on-error: true diff --git a/.github/workflows/spelling_action.yml b/.github/workflows/spelling_action.yml index 53809ec8..1127f355 100644 --- a/.github/workflows/spelling_action.yml +++ b/.github/workflows/spelling_action.yml @@ -22,13 +22,13 @@ jobs: egress-policy: audit - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - uses: rojopolis/spellcheck-github-actions@739a1e3ceb79a98a5d4a9bf76f351137f9d78892 # 0.52.0 + - uses: rojopolis/spellcheck-github-actions@336d2b4c911d9e582a8e7aa1143f0e862daefbc0 # 0.53.0 name: Spellcheck continue-on-error: true with: config_path: .github/.spellcheck.yml output_file: spellcheck-output.txt - - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2 + - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0 if: ${{ !cancelled() }} with: name: Spellcheck Output diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 4728afb5..93556192 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -47,7 +47,7 @@ jobs: with: egress-policy: audit - - uses: actions/stale@3a9db7e6a41a89f618792c92c0e97cc736e1b13f # v10.0.0 + - uses: actions/stale@5f858e3efba33a5ca4407a664cc011ad407f2008 # v10.1.0 with: repo-token: ${{ secrets.GITHUB_TOKEN }} stale-issue-message: "Stale issue" diff --git a/.github/workflows/super-linter.yml b/.github/workflows/super-linter.yml index fcb0d016..91dc5160 100644 --- a/.github/workflows/super-linter.yml +++ b/.github/workflows/super-linter.yml @@ -61,7 +61,7 @@ jobs: fetch-depth: 0 - name: Lint Code Base - uses: super-linter/super-linter@7bba2eeb89d01dc9bfd93c497477a57e72c83240 # v8.2.0 + uses: super-linter/super-linter@2bdd90ed3262e023ac84bf8fe35dc480721fc1f2 # v8.2.1 #checkov:skip=skip-check:CKV2_GHA_1 env: DEFAULT_BRANCH: "main" diff --git a/.github/workflows/trufflehog.yml b/.github/workflows/trufflehog.yml index 9bef3ba9..210709cf 100644 --- a/.github/workflows/trufflehog.yml +++ b/.github/workflows/trufflehog.yml @@ -26,7 +26,7 @@ jobs: with: fetch-depth: 0 - name: Secret Scanning (entire repo) - uses: trufflesecurity/trufflehog@466da5b0bb161144f6afca9afe5d57975828c410 # v3.90.8 + uses: trufflesecurity/trufflehog@b84c3d14d189e16da175e2c27fa8136603783ffc # v3.90.12 with: base: "" head: ${{ github.ref_name }} diff --git a/.github/workflows/typos.yml b/.github/workflows/typos.yml index b2fe72d7..37cbf7c6 100644 --- a/.github/workflows/typos.yml +++ b/.github/workflows/typos.yml @@ -24,7 +24,7 @@ jobs: - name: Checkout code uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - name: Run typos (spell checker) - uses: crate-ci/typos@6d35b835f6f431bbe715c4c1ccd2c7d3264e11fb # v1.37.0 + uses: crate-ci/typos@07d900b8fa1097806b8adb6391b0d3e0ac2fdea7 # v1.39.0 with: files: | tests