diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index e9c9f4cfe11..267c3b3e827 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -12,7 +12,7 @@ jobs: pre-commit: runs-on: ubuntu-latest steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: # for gitlint persist-credentials: false ref: ${{ github.event.pull_request.head.sha }} @@ -62,7 +62,7 @@ jobs: - dist: ubuntu14 fail-fast: false steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: persist-credentials: false - uses: googleapis/release-please-action@16a9c90856f42705d54a6fda1823352bdc62cf38 # v4.4.0 diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml index e9656f84aea..8f3c3919542 100644 --- a/.github/workflows/scorecard.yaml +++ b/.github/workflows/scorecard.yaml @@ -19,7 +19,7 @@ jobs: id-token: write security-events: write steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: persist-credentials: false - uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3 diff --git a/.github/workflows/update-docker-images.yml b/.github/workflows/update-docker-images.yml index f130814e96d..63264fd75b3 100644 --- a/.github/workflows/update-docker-images.yml +++ b/.github/workflows/update-docker-images.yml @@ -33,7 +33,7 @@ jobs: permissions: packages: write # Get token that can write to ghcr.io steps: - - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 + - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0 with: persist-credentials: false - uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0