diff --git a/.github/workflows/bandit.yml b/.github/workflows/bandit.yml index 4de5582..d2d948d 100644 --- a/.github/workflows/bandit.yml +++ b/.github/workflows/bandit.yml @@ -37,7 +37,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Bandit Scan uses: shundor/python-bandit-scan@9cc5aa4a006482b8a7f91134412df6772dbda22c with: # optional arguments diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml index 9e02be4..f53f3ff 100644 --- a/.github/workflows/codacy.yml +++ b/.github/workflows/codacy.yml @@ -41,7 +41,7 @@ jobs: egress-policy: audit - name: Checkout code - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis - name: Run Codacy Analysis CLI diff --git a/.github/workflows/codecov.yml b/.github/workflows/codecov.yml index f38cfeb..e77c69e 100644 --- a/.github/workflows/codecov.yml +++ b/.github/workflows/codecov.yml @@ -13,7 +13,7 @@ jobs: egress-policy: audit - name: Checkout - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: fetch-depth: 0 - name: Install pytest diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 9efd3be..5e1bd4e 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -46,7 +46,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/defender-for-devops.yml b/.github/workflows/defender-for-devops.yml index 82e49d7..90edb7a 100644 --- a/.github/workflows/defender-for-devops.yml +++ b/.github/workflows/defender-for-devops.yml @@ -38,7 +38,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - uses: actions/setup-dotnet@4d6c8fcf3c8f7a60068d26b594648e99df24cee3 # v4.0.0 with: dotnet-version: | diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 3f351c4..4315639 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -33,7 +33,7 @@ jobs: egress-policy: audit - name: 'Checkout repository' - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: 'Dependency Review' uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2 # Commonly enabled options, see https://github.com/actions/dependency-review-action#configuration-options for all available options. diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml index 2cb0b52..54ab5a7 100644 --- a/.github/workflows/devskim.yml +++ b/.github/workflows/devskim.yml @@ -31,7 +31,7 @@ jobs: egress-policy: audit - name: Checkout code - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Run DevSkim scanner uses: microsoft/DevSkim-Action@914fa647b406c387000300b2f09bb28691be2b6d # v1.0.14 diff --git a/.github/workflows/ossar.yml b/.github/workflows/ossar.yml index 6ac155a..bfd14b7 100644 --- a/.github/workflows/ossar.yml +++ b/.github/workflows/ossar.yml @@ -37,7 +37,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 # Ensure a compatible version of dotnet is installed. # The [Microsoft Security Code Analysis CLI](https://aka.ms/mscadocs) is built with dotnet v3.1.201. diff --git a/.github/workflows/pylint.yml b/.github/workflows/pylint.yml index 64db17e..0e0e0e2 100644 --- a/.github/workflows/pylint.yml +++ b/.github/workflows/pylint.yml @@ -17,7 +17,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Set up Python ${{ matrix.python-version }} uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: diff --git a/.github/workflows/pyre.yml b/.github/workflows/pyre.yml index 3ec17d9..f8b0eee 100644 --- a/.github/workflows/pyre.yml +++ b/.github/workflows/pyre.yml @@ -39,7 +39,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: submodules: true - name: Run Pyre diff --git a/.github/workflows/pysa.yml b/.github/workflows/pysa.yml index 1afa86f..c73e07d 100644 --- a/.github/workflows/pysa.yml +++ b/.github/workflows/pysa.yml @@ -40,7 +40,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: submodules: true python-version: '3.11.8' diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml index b5d8936..70983cd 100644 --- a/.github/workflows/python-app.yml +++ b/.github/workflows/python-app.yml @@ -23,7 +23,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Set up Python 3.11.8 uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: diff --git a/.github/workflows/python-package-conda.yml b/.github/workflows/python-package-conda.yml index 122dc61..d85f46e 100644 --- a/.github/workflows/python-package-conda.yml +++ b/.github/workflows/python-package-conda.yml @@ -17,7 +17,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Set up Python 3.11 uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: diff --git a/.github/workflows/python-publish.yml b/.github/workflows/python-publish.yml index 8c80824..4dc6b83 100644 --- a/.github/workflows/python-publish.yml +++ b/.github/workflows/python-publish.yml @@ -31,7 +31,7 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Set up Python uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 with: diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 8264da3..ee224c8 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -37,7 +37,7 @@ jobs: egress-policy: audit - name: "Checkout code" - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: persist-credentials: false diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 56ae8f0..51c4257 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -28,5 +28,5 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - run: semgrep ci diff --git a/.github/workflows/sitemap.yml b/.github/workflows/sitemap.yml index 6efcd20..0fbe60e 100644 --- a/.github/workflows/sitemap.yml +++ b/.github/workflows/sitemap.yml @@ -16,7 +16,7 @@ jobs: egress-policy: audit - name: Checkout the repo - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: fetch-depth: 0 diff --git a/.github/workflows/sobelow.yml b/.github/workflows/sobelow.yml index 7450337..54f85fe 100644 --- a/.github/workflows/sobelow.yml +++ b/.github/workflows/sobelow.yml @@ -37,6 +37,6 @@ jobs: with: egress-policy: audit - - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - id: run-action uses: sobelow/action@1afd6d2cae70ae8bd900b58506f54487ed863912 diff --git a/.github/workflows/super-linter.yml b/.github/workflows/super-linter.yml index 11e3167..e931c71 100644 --- a/.github/workflows/super-linter.yml +++ b/.github/workflows/super-linter.yml @@ -28,7 +28,7 @@ jobs: egress-policy: audit - name: Checkout code - uses: actions/checkout@44c2b7a8a4ea60a981eaca3cf939b5f4305c123b # v4.1.5 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 with: # Full git history is needed to get a proper list of changed files within `super-linter` fetch-depth: 0