diff --git a/.github/templates/workflow-templates/example-references/_build.yml b/.github/templates/workflow-templates/example-references/_build.yml index 0b59c84d..140f1a2c 100644 --- a/.github/templates/workflow-templates/example-references/_build.yml +++ b/.github/templates/workflow-templates/example-references/_build.yml @@ -20,7 +20,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Check out repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 diff --git a/.github/templates/workflow-templates/example-references/_docker.yml b/.github/templates/workflow-templates/example-references/_docker.yml index 683f7fc5..329cb3ab 100644 --- a/.github/templates/workflow-templates/example-references/_docker.yml +++ b/.github/templates/workflow-templates/example-references/_docker.yml @@ -27,7 +27,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Check out repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 diff --git a/.github/templates/workflow-templates/example-references/_test.yml b/.github/templates/workflow-templates/example-references/_test.yml index b8744226..f0f6295b 100644 --- a/.github/templates/workflow-templates/example-references/_test.yml +++ b/.github/templates/workflow-templates/example-references/_test.yml @@ -22,7 +22,7 @@ jobs: steps: - name: Check out repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 diff --git a/.github/templates/workflow-templates/example-references/_version.yml b/.github/templates/workflow-templates/example-references/_version.yml index c8847a16..1311d49d 100644 --- a/.github/templates/workflow-templates/example-references/_version.yml +++ b/.github/templates/workflow-templates/example-references/_version.yml @@ -20,7 +20,7 @@ jobs: version: ${{ steps.version.outputs.value }} steps: - name: Check out repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 diff --git a/.github/templates/workflow-templates/example.yaml b/.github/templates/workflow-templates/example.yaml index a5e2db31..fdaf8ce0 100644 --- a/.github/templates/workflow-templates/example.yaml +++ b/.github/templates/workflow-templates/example.yaml @@ -92,7 +92,7 @@ jobs: # A workflow run is made up of one or more jobs that can run sequentially # NOT RECOMMENDED if: always() # run even if previous steps failed or the workflow is canceled, this can cause a workflow run to hang indefinitely if: failure() # run when any previous step of a job fails # if: '!cancelled()' # run even if previous steps failed - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 Always pin a public action version to a full git SHA, followed by the version number in a comment. Version pins are insecure and can introduce vulnerabilities into workflows. + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 Always pin a public action version to a full git SHA, followed by the version number in a comment. Version pins are insecure and can introduce vulnerabilities into workflows. with: # Parameters specific to this action that need to be defined in order for the step to be completed fetch-depth: 0 # Full git history for actions that rely on whether a change has occurred ref: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/_checkmarx.yml b/.github/workflows/_checkmarx.yml index a884f607..0df7a679 100644 --- a/.github/workflows/_checkmarx.yml +++ b/.github/workflows/_checkmarx.yml @@ -37,7 +37,7 @@ jobs: steps: - name: Check out repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: ref: ${{ github.event.pull_request.head.sha }} persist-credentials: false diff --git a/.github/workflows/_ephemeral_environment_manager.yml b/.github/workflows/_ephemeral_environment_manager.yml index 409064d7..51695a57 100644 --- a/.github/workflows/_ephemeral_environment_manager.yml +++ b/.github/workflows/_ephemeral_environment_manager.yml @@ -67,7 +67,7 @@ jobs: uses: bitwarden/gh-actions/azure-logout@main - name: Checkout Ephemeral Environment Charts - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: repository: bitwarden/ephemeral-environment-charts token: "${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }}" @@ -109,7 +109,7 @@ jobs: uses: bitwarden/gh-actions/azure-logout@main - name: Checkout ${{ inputs.project }} - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: repository: bitwarden/${{ inputs.project }} ref: ${{ inputs.ephemeral_env_branch }} diff --git a/.github/workflows/_publish-mobile-github-release.yml b/.github/workflows/_publish-mobile-github-release.yml index d16cc9d5..abdfe760 100644 --- a/.github/workflows/_publish-mobile-github-release.yml +++ b/.github/workflows/_publish-mobile-github-release.yml @@ -46,7 +46,7 @@ jobs: steps: - name: Check out repository - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 persist-credentials: false diff --git a/.github/workflows/_sonar.yml b/.github/workflows/_sonar.yml index 8a709f28..b4326911 100644 --- a/.github/workflows/_sonar.yml +++ b/.github/workflows/_sonar.yml @@ -40,7 +40,7 @@ jobs: steps: - name: Check out repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 ref: ${{ github.event.pull_request.head.sha }} diff --git a/.github/workflows/_version.yml b/.github/workflows/_version.yml index 36548466..740ad830 100644 --- a/.github/workflows/_version.yml +++ b/.github/workflows/_version.yml @@ -25,7 +25,7 @@ jobs: version: ${{ steps.calculate.outputs.version }} steps: - name: Checkout Repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 persist-credentials: false diff --git a/.github/workflows/test-download-artifacts.yml b/.github/workflows/test-download-artifacts.yml index 16af398a..be53a36b 100644 --- a/.github/workflows/test-download-artifacts.yml +++ b/.github/workflows/test-download-artifacts.yml @@ -22,7 +22,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -44,7 +44,7 @@ jobs: if: github.ref == 'refs/heads/main' steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -67,7 +67,7 @@ jobs: if: github.event_name != 'pull_request' steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -99,7 +99,7 @@ jobs: if: github.event_name == 'pull_request' steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -121,7 +121,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -142,7 +142,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -164,7 +164,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -185,7 +185,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -207,7 +207,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false diff --git a/.github/workflows/test-get-secrets.yml b/.github/workflows/test-get-secrets.yml index 81084122..bf8b2fb1 100644 --- a/.github/workflows/test-get-secrets.yml +++ b/.github/workflows/test-get-secrets.yml @@ -28,7 +28,7 @@ jobs: id-token: write steps: - name: Check out repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 persist-credentials: false @@ -130,7 +130,7 @@ jobs: id-token: write steps: - name: Check out repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 persist-credentials: false diff --git a/.github/workflows/test-release-version-check.yml b/.github/workflows/test-release-version-check.yml index df4969b1..9a8c05de 100644 --- a/.github/workflows/test-release-version-check.yml +++ b/.github/workflows/test-release-version-check.yml @@ -64,7 +64,7 @@ jobs: xamarin_calver_fail_status: ${{ steps.set-status.outputs.xamarin_calver_fail }} steps: - name: Checkout Branch - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false diff --git a/.github/workflows/test-report-deployment-status-to-slack.yml b/.github/workflows/test-report-deployment-status-to-slack.yml index fdbcd034..ad5ee18f 100644 --- a/.github/workflows/test-report-deployment-status-to-slack.yml +++ b/.github/workflows/test-report-deployment-status-to-slack.yml @@ -18,7 +18,7 @@ jobs: id-token: write steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false @@ -86,7 +86,7 @@ jobs: id-token: write steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false diff --git a/.github/workflows/test-report-upcoming-release-version.yml b/.github/workflows/test-report-upcoming-release-version.yml index dfc929be..c2987343 100644 --- a/.github/workflows/test-report-upcoming-release-version.yml +++ b/.github/workflows/test-report-upcoming-release-version.yml @@ -14,7 +14,7 @@ jobs: id-token: write steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false diff --git a/.github/workflows/test-version-bump.yml b/.github/workflows/test-version-bump.yml index 8e447547..f5c78a81 100644 --- a/.github/workflows/test-version-bump.yml +++ b/.github/workflows/test-version-bump.yml @@ -23,7 +23,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Checkout - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: persist-credentials: false diff --git a/.github/workflows/test-version-check.yml b/.github/workflows/test-version-check.yml index e75f1898..bf1ab6ff 100644 --- a/.github/workflows/test-version-check.yml +++ b/.github/workflows/test-version-check.yml @@ -79,7 +79,7 @@ jobs: should-fail: true steps: - name: Check out repo - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: fetch-depth: 0 persist-credentials: false diff --git a/.github/workflows/workflow-linter.yml b/.github/workflows/workflow-linter.yml index b34ec438..36dd6d2c 100644 --- a/.github/workflows/workflow-linter.yml +++ b/.github/workflows/workflow-linter.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-24.04 steps: - name: Check out branch - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1 with: repository: ${{ github.repository }} fetch-depth: ${{ github.event_name == 'pull_request' && 2 || 0 }}