From bb758846ba1c41d8e206f6c7049e4c284d5f8226 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 27 Dec 2024 12:31:42 +0000 Subject: [PATCH] chore(workflows): update github actions Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/approve.yml | 2 +- .github/workflows/chromatic.yml | 4 ++-- .github/workflows/codeql.yml | 4 ++-- .github/workflows/crowdin.yml | 6 +++--- .github/workflows/lint.yml | 4 ++-- .github/workflows/nextjs_bundle_analysis.yml | 6 +++--- .github/workflows/njsscan.yml | 4 ++-- .github/workflows/pr-labels.yml | 2 +- 8 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/approve.yml b/.github/workflows/approve.yml index f700d3714d..c3c37bd9f6 100644 --- a/.github/workflows/approve.yml +++ b/.github/workflows/approve.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest name: '๐Ÿค– PR Auto Approve' steps: - - uses: github/privileged-requester@ebdc640ba40d7488197e7d4dae814fbfae092e65 # v2.3.2 + - uses: github/privileged-requester@daf8e2a8f0e8d7773bab59d1e0a14162d8e01b61 # v2.3.3 if: ${{ github.event.requested_reviewer.login == 'InReach-svc'}} with: github_token: ${{ secrets.GH_ACT_PAT }} diff --git a/.github/workflows/chromatic.yml b/.github/workflows/chromatic.yml index a3abab3cfd..ddeecb8bb9 100644 --- a/.github/workflows/chromatic.yml +++ b/.github/workflows/chromatic.yml @@ -38,7 +38,7 @@ jobs: with: run_install: false - name: Install Node.js - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4 with: node-version-file: .nvmrc cache: pnpm @@ -50,7 +50,7 @@ jobs: # ๐Ÿ‘‡ Runs Chromatic CLI in ./packages/ui - name: Publish to Chromatic - uses: chromaui/action@25f8ff36486472c2d6b5b02dc2d277f051a3ecdb # v11 + uses: chromaui/action@64a9c0ca3bfb724389b0d536e544f56b7b5ff5b3 # v11 with: workingDir: packages/ui projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }} diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index c3f1184d11..a7a1904555 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -25,6 +25,6 @@ jobs: - name: โคต๏ธ Check out code from GitHub uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: ๐Ÿ— Initialize CodeQL - uses: github/codeql-action/init@662472033e021d55d94146f66f6058822b0b39fd # v3 + uses: github/codeql-action/init@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3 - name: ๐Ÿš€ Perform CodeQL Analysis - uses: github/codeql-action/analyze@662472033e021d55d94146f66f6058822b0b39fd # v3 + uses: github/codeql-action/analyze@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3 diff --git a/.github/workflows/crowdin.yml b/.github/workflows/crowdin.yml index 78e87eb795..90c01871f2 100644 --- a/.github/workflows/crowdin.yml +++ b/.github/workflows/crowdin.yml @@ -36,7 +36,7 @@ jobs: - name: Import GPG key id: import_gpg - uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6 + uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6 with: gpg_private_key: ${{ secrets.BOT_GPG_KEY }} git_user_signingkey: true @@ -53,7 +53,7 @@ jobs: - name: Install Node.js if: github.event_name != 'pull_request' && !startsWith(github.ref_name, 'l10n_') - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4 with: node-version-file: .nvmrc cache: pnpm @@ -122,7 +122,7 @@ jobs: - name: Commit files id: commit-files if: ((github.event_name != 'pull_request' && github.ref_name == 'dev') || github.event_name == 'scheduled') && steps.verify-changed-files.outputs.files_changed - uses: peter-evans/create-pull-request@5e914681df9dc83aa4e4905692ca88beb2f9e91f # v7 + uses: peter-evans/create-pull-request@67ccf781d68cd99b580ae25a5c18a1cc84ffff1f # v7 with: token: ${{ secrets.GH_ACT_PAT }} commit-message: Updated translations from Crowdin diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index a003ac47b2..59be5edd43 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -24,7 +24,7 @@ jobs: - name: Import GPG key id: import_gpg - uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6 + uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6 with: gpg_private_key: ${{ secrets.BOT_GPG_KEY }} git_user_signingkey: true @@ -39,7 +39,7 @@ jobs: # standalone: true - name: Install Node.js - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4 with: node-version-file: .nvmrc cache: pnpm diff --git a/.github/workflows/nextjs_bundle_analysis.yml b/.github/workflows/nextjs_bundle_analysis.yml index 245fcdae6a..8bce294860 100644 --- a/.github/workflows/nextjs_bundle_analysis.yml +++ b/.github/workflows/nextjs_bundle_analysis.yml @@ -41,7 +41,7 @@ jobs: run_install: false - name: Install Node.js - uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4 + uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4 with: node-version-file: .nvmrc cache: pnpm @@ -54,7 +54,7 @@ jobs: run: pnpm install - name: Restore next build - uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4 + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4 id: restore-build-cache env: cache-name: cache-next-build @@ -75,7 +75,7 @@ jobs: run: npx -p nextjs-bundle-analysis report - name: Upload bundle - uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4 + uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4 with: name: bundle path: /home/runner/work/InReach/InReach/apps/app/.next/analyze/__bundle_analysis.json diff --git a/.github/workflows/njsscan.yml b/.github/workflows/njsscan.yml index 712e5c6e29..ab7ec4410b 100644 --- a/.github/workflows/njsscan.yml +++ b/.github/workflows/njsscan.yml @@ -33,10 +33,10 @@ jobs: uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - name: ๐Ÿง nodejsscan scan id: njsscan - uses: ajinabraham/njsscan-action@74e5a58c1edb363b84c9ddd626b0e22f038ac09e + uses: ajinabraham/njsscan-action@c7b65a3590ade829628b2b3c87b34ac0ce666a79 with: args: '. --sarif --output results.sarif || true' - name: Upload njsscan report - uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3 + uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3 with: sarif_file: results.sarif diff --git a/.github/workflows/pr-labels.yml b/.github/workflows/pr-labels.yml index 51b7a59fbd..239cec0146 100644 --- a/.github/workflows/pr-labels.yml +++ b/.github/workflows/pr-labels.yml @@ -13,7 +13,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GH_ACT_PAT }} steps: - name: ๐Ÿท Verify PR has a valid label - uses: mheap/github-action-required-labels@d25134c992b943fb6ad00c25ea00eb5988c0a9dd # v5 + uses: mheap/github-action-required-labels@388fd6af37b34cdfe5a23b37060e763217e58b03 # v5 with: labels: 'breaking-change, bugfix, documentation, enhancement, refactor, performance, new-feature, maintenance, ci, dependencies, translations, changelog-ignore, release' mode: minimum