From a22b1d42701b79cbfa746842089f8388c62d63b9 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Mon, 11 Aug 2025 14:03:00 +0000 Subject: [PATCH] chore(deps): update actions/checkout action to v5 --- .github/workflows/alibabacloud.yml | 4 ++-- .github/workflows/anchore.yml | 2 +- .github/workflows/aws.yml | 2 +- .github/workflows/azure-container-webapp.yml | 2 +- .github/workflows/azure-kubernetes-service-helm.yml | 4 ++-- .github/workflows/azure-kubernetes-service-kompose.yml | 4 ++-- .github/workflows/azure-kubernetes-service-kustomize.yml | 4 ++-- .github/workflows/azure-kubernetes-service.yml | 4 ++-- .github/workflows/azure-staticwebapp.yml | 2 +- .github/workflows/azure-webapps-dotnet-core.yml | 2 +- .github/workflows/azure-webapps-java-jar.yml | 2 +- .github/workflows/azure-webapps-node.yml | 2 +- .github/workflows/azure-webapps-php.yml | 2 +- .github/workflows/azure-webapps-python.yml | 2 +- .github/workflows/azure.yml | 2 +- .github/workflows/brakeman.yml | 2 +- .github/workflows/checkmarx.yml | 2 +- .github/workflows/clj-holmes.yml | 2 +- .github/workflows/clj-watson.yml | 2 +- .github/workflows/codacy.yml | 2 +- .github/workflows/codeql.yml | 2 +- .github/workflows/codescan.yml | 2 +- .github/workflows/codescaner-analysis.yml | 2 +- .github/workflows/crunch42.yml | 2 +- .github/workflows/datadog-synthetics.yml | 2 +- .github/workflows/deno.yml | 2 +- .github/workflows/dependency-review.yml | 2 +- .github/workflows/detekt.yml | 2 +- .github/workflows/devops-starter-workflow.yml | 2 +- .github/workflows/devskim.yml | 2 +- .github/workflows/docker-image.yml | 2 +- .github/workflows/docker-publish.yml | 2 +- .github/workflows/eslint.yml | 2 +- .github/workflows/fortify.yml | 2 +- .github/workflows/google-cloudrun-docker.yml | 2 +- .github/workflows/google-cloudrun-source.yml | 2 +- .github/workflows/google.yml | 2 +- .github/workflows/googleXs.yml | 2 +- .github/workflows/hadolint.yml | 2 +- .github/workflows/ibm.yml | 2 +- .github/workflows/jekyll.yml | 2 +- .github/workflows/kubesec.yml | 2 +- .github/workflows/mayhem-for-api.yml | 2 +- .github/workflows/mobsf.yml | 2 +- .github/workflows/neuralegion.yml | 2 +- .github/workflows/njsscan.yml | 2 +- .github/workflows/node.js.yml | 2 +- .github/workflows/nowsecure.yml | 2 +- .github/workflows/npm-grunt.yml | 2 +- .github/workflows/npm-gulp.yml | 2 +- .github/workflows/npm-publish-github-packages.yml | 4 ++-- .github/workflows/npm-publish.yml | 6 +++--- .github/workflows/openshift.yml | 2 +- .github/workflows/ossar-analysis.yml | 2 +- .github/workflows/ossar.yml | 2 +- .github/workflows/pmd.yml | 2 +- .github/workflows/powershell.yml | 2 +- .github/workflows/python-app.yml | 2 +- .github/workflows/rubocop.yml | 2 +- .github/workflows/rust-clippy.yml | 2 +- .github/workflows/scorecards.yml | 2 +- .github/workflows/securitycodescan.yml | 2 +- .github/workflows/semgrep.yml | 2 +- .github/workflows/snyk-container.yml | 2 +- .github/workflows/snyk-infrastructure.yml | 2 +- .github/workflows/sobelow.yml | 2 +- .github/workflows/stackhawk.yml | 2 +- .github/workflows/synopsys-io.yml | 2 +- .github/workflows/sysdig-scan.yml | 2 +- .github/workflows/tencent.yml | 2 +- .github/workflows/terraform.yml | 2 +- .github/workflows/tfsec.yml | 2 +- .github/workflows/trivy.yml | 2 +- .github/workflows/veracode.yml | 2 +- .github/workflows/webpack.yml | 2 +- .github/workflows/xanitizer.yml | 2 +- 76 files changed, 84 insertions(+), 84 deletions(-) diff --git a/.github/workflows/alibabacloud.yml b/.github/workflows/alibabacloud.yml index 872de3a8..17367552 100644 --- a/.github/workflows/alibabacloud.yml +++ b/.github/workflows/alibabacloud.yml @@ -50,7 +50,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v5 # 1.1 Login to ACR - name: Login to ACR with the AccessKey pair @@ -77,7 +77,7 @@ jobs: tag: "${{ env.TAG }}" # 2.1 (Optional) Login to ACR EE - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Login to ACR EE with the AccessKey pair uses: aliyun/acr-login@v1 with: diff --git a/.github/workflows/anchore.yml b/.github/workflows/anchore.yml index 878adc46..d0069df4 100644 --- a/.github/workflows/anchore.yml +++ b/.github/workflows/anchore.yml @@ -31,7 +31,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout the code - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Build the Docker image run: docker build . --file Dockerfile --tag localbuild/testimage:latest - name: Run the Anchore scan action itself with GitHub Advanced Security code scanning integration enabled diff --git a/.github/workflows/aws.yml b/.github/workflows/aws.yml index a6d3a8ce..29540dfe 100644 --- a/.github/workflows/aws.yml +++ b/.github/workflows/aws.yml @@ -52,7 +52,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Configure AWS credentials uses: aws-actions/configure-aws-credentials@v2 diff --git a/.github/workflows/azure-container-webapp.yml b/.github/workflows/azure-container-webapp.yml index b2a2e5d2..410d93b1 100644 --- a/.github/workflows/azure-container-webapp.yml +++ b/.github/workflows/azure-container-webapp.yml @@ -43,7 +43,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Set up Docker Buildx uses: docker/setup-buildx-action@v2 diff --git a/.github/workflows/azure-kubernetes-service-helm.yml b/.github/workflows/azure-kubernetes-service-helm.yml index 3914e51d..0ff0d19f 100644 --- a/.github/workflows/azure-kubernetes-service-helm.yml +++ b/.github/workflows/azure-kubernetes-service-helm.yml @@ -55,7 +55,7 @@ jobs: runs-on: ubuntu-latest steps: # Checks out the repository this file is in - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 # Logs in with your Azure credentials - name: Azure login @@ -121,7 +121,7 @@ jobs: needs: [buildImage, createSecret] steps: # Checks out the repository this file is in - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 # Logs in with your Azure credentials - name: Azure login diff --git a/.github/workflows/azure-kubernetes-service-kompose.yml b/.github/workflows/azure-kubernetes-service-kompose.yml index 73a95def..59d59654 100644 --- a/.github/workflows/azure-kubernetes-service-kompose.yml +++ b/.github/workflows/azure-kubernetes-service-kompose.yml @@ -53,7 +53,7 @@ jobs: runs-on: ubuntu-latest steps: # Checks out the repository this file is in - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 # Logs in with your Azure credentials - name: Azure login @@ -119,7 +119,7 @@ jobs: needs: [buildImage, createSecret] steps: # Checks out the repository this file is in - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 # Logs in with your Azure credentials - name: Azure login diff --git a/.github/workflows/azure-kubernetes-service-kustomize.yml b/.github/workflows/azure-kubernetes-service-kustomize.yml index 936bc313..8b9ea4dc 100644 --- a/.github/workflows/azure-kubernetes-service-kustomize.yml +++ b/.github/workflows/azure-kubernetes-service-kustomize.yml @@ -53,7 +53,7 @@ jobs: runs-on: ubuntu-latest steps: # Checks out the repository this file is in - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 # Logs in with your Azure credentials - name: Azure login @@ -119,7 +119,7 @@ jobs: needs: [buildImage, createSecret] steps: # Checks out the repository this file is in - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 # Logs in with your Azure credentials - name: Azure login diff --git a/.github/workflows/azure-kubernetes-service.yml b/.github/workflows/azure-kubernetes-service.yml index 7e123085..2f83bd55 100644 --- a/.github/workflows/azure-kubernetes-service.yml +++ b/.github/workflows/azure-kubernetes-service.yml @@ -49,7 +49,7 @@ jobs: runs-on: ubuntu-latest steps: # Checks out the repository this file is in - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 # Logs in with your Azure credentials - name: Azure login @@ -115,7 +115,7 @@ jobs: needs: [buildImage, createSecret] steps: # Checks out the repository this file is in - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 # Logs in with your Azure credentials - name: Azure login diff --git a/.github/workflows/azure-staticwebapp.yml b/.github/workflows/azure-staticwebapp.yml index 8f958687..b7eb225c 100644 --- a/.github/workflows/azure-staticwebapp.yml +++ b/.github/workflows/azure-staticwebapp.yml @@ -40,7 +40,7 @@ jobs: runs-on: ubuntu-latest name: Build and Deploy Job steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: submodules: true - name: Build And Deploy diff --git a/.github/workflows/azure-webapps-dotnet-core.yml b/.github/workflows/azure-webapps-dotnet-core.yml index a691a440..4849fa4c 100644 --- a/.github/workflows/azure-webapps-dotnet-core.yml +++ b/.github/workflows/azure-webapps-dotnet-core.yml @@ -38,7 +38,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Set up .NET Core uses: actions/setup-dotnet@v3 diff --git a/.github/workflows/azure-webapps-java-jar.yml b/.github/workflows/azure-webapps-java-jar.yml index 794d6a84..ec3664cf 100644 --- a/.github/workflows/azure-webapps-java-jar.yml +++ b/.github/workflows/azure-webapps-java-jar.yml @@ -38,7 +38,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Set up Java version uses: actions/setup-java@v3.11.0 diff --git a/.github/workflows/azure-webapps-node.yml b/.github/workflows/azure-webapps-node.yml index 13768008..e5fb0b8f 100644 --- a/.github/workflows/azure-webapps-node.yml +++ b/.github/workflows/azure-webapps-node.yml @@ -35,7 +35,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Set up Node.js uses: actions/setup-node@v3 diff --git a/.github/workflows/azure-webapps-php.yml b/.github/workflows/azure-webapps-php.yml index 955b03d8..73f65d5b 100644 --- a/.github/workflows/azure-webapps-php.yml +++ b/.github/workflows/azure-webapps-php.yml @@ -38,7 +38,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Setup PHP uses: shivammathur/setup-php@9c77701ae57b0c47f6732beebfbdec76e4e5c90a diff --git a/.github/workflows/azure-webapps-python.yml b/.github/workflows/azure-webapps-python.yml index 85aafc71..137e8945 100644 --- a/.github/workflows/azure-webapps-python.yml +++ b/.github/workflows/azure-webapps-python.yml @@ -37,7 +37,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Set up Python version uses: actions/setup-python@v4.6.1 diff --git a/.github/workflows/azure.yml b/.github/workflows/azure.yml index f3040b73..646adba8 100644 --- a/.github/workflows/azure.yml +++ b/.github/workflows/azure.yml @@ -30,7 +30,7 @@ jobs: runs-on: ubuntu-latest environment: production steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Use Node.js ${{ env.NODE_VERSION }} uses: actions/setup-node@v3 with: diff --git a/.github/workflows/brakeman.yml b/.github/workflows/brakeman.yml index 207ce9cd..b9a9e2e7 100644 --- a/.github/workflows/brakeman.yml +++ b/.github/workflows/brakeman.yml @@ -30,7 +30,7 @@ jobs: steps: # Checkout the repository to the GitHub Actions runner - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v5 # Customize the ruby version depending on your needs - name: Setup Ruby diff --git a/.github/workflows/checkmarx.yml b/.github/workflows/checkmarx.yml index 88b700da..5a5a2552 100644 --- a/.github/workflows/checkmarx.yml +++ b/.github/workflows/checkmarx.yml @@ -34,7 +34,7 @@ jobs: # Steps require - checkout code, run CxFlow Action, Upload SARIF report (optional) steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 # Runs the Checkmarx Scan leveraging the latest version of CxFlow - REFER to Action README for list of inputs - name: Checkmarx CxFlow Action uses: checkmarx-ts/checkmarx-cxflow-github-action@4f66c610b7514597ca12a7a89f9a9461fbfb7d6f diff --git a/.github/workflows/clj-holmes.yml b/.github/workflows/clj-holmes.yml index 480f2154..a514aa3c 100644 --- a/.github/workflows/clj-holmes.yml +++ b/.github/workflows/clj-holmes.yml @@ -26,7 +26,7 @@ jobs: security-events: write steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Scan code uses: clj-holmes/clj-holmes-action@53daa4da4ff495cccf791e4ba4222a8317ddae9e diff --git a/.github/workflows/clj-watson.yml b/.github/workflows/clj-watson.yml index 20c05641..f7055834 100644 --- a/.github/workflows/clj-watson.yml +++ b/.github/workflows/clj-watson.yml @@ -31,7 +31,7 @@ jobs: security-events: write steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Dependency scan uses: clj-holmes/clj-watson-action@b4c3623c4d603932e60e6012a3a1db7bc60058c2 diff --git a/.github/workflows/codacy.yml b/.github/workflows/codacy.yml index bca56005..220b5195 100644 --- a/.github/workflows/codacy.yml +++ b/.github/workflows/codacy.yml @@ -35,7 +35,7 @@ jobs: steps: # Checkout the repository to the GitHub Actions runner - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v5 # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis - name: Run Codacy Analysis CLI diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index e84ec2c5..d4b98228 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -38,7 +38,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v5 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/codescan.yml b/.github/workflows/codescan.yml index 79006ad9..1f633d31 100644 --- a/.github/workflows/codescan.yml +++ b/.github/workflows/codescan.yml @@ -28,7 +28,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Cache files uses: actions/cache@v3 with: diff --git a/.github/workflows/codescaner-analysis.yml b/.github/workflows/codescaner-analysis.yml index 2804ef65..de79b8b8 100644 --- a/.github/workflows/codescaner-analysis.yml +++ b/.github/workflows/codescaner-analysis.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Cache files uses: actions/cache@v3 with: diff --git a/.github/workflows/crunch42.yml b/.github/workflows/crunch42.yml index 14ed1222..e6f7deb6 100644 --- a/.github/workflows/crunch42.yml +++ b/.github/workflows/crunch42.yml @@ -43,7 +43,7 @@ jobs: security-events: write # for 42Crunch/api-security-audit-action to upload results to Github Code Scanning runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: 42Crunch REST API Static Security Testing uses: 42Crunch/api-security-audit-action@ae75e3c3693658c6bfab6e1d4650185c402fd6f9 diff --git a/.github/workflows/datadog-synthetics.yml b/.github/workflows/datadog-synthetics.yml index e9a09260..063ad8b5 100644 --- a/.github/workflows/datadog-synthetics.yml +++ b/.github/workflows/datadog-synthetics.yml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 # Run Synthetic tests within your GitHub workflow. # For additional configuration options visit the action within the marketplace: https://github.com/marketplace/actions/datadog-synthetics-ci diff --git a/.github/workflows/deno.yml b/.github/workflows/deno.yml index 52f65c42..3d85c570 100644 --- a/.github/workflows/deno.yml +++ b/.github/workflows/deno.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Setup repo - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Setup Deno uses: denolib/setup-deno@3c5f954c869f1b0d106e129797480905587250f5 diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 72587665..72c0deba 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - name: 'Checkout Repository' - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: 'Dependency Review' uses: actions/dependency-review-action@v3 - name: Upload coverage reports to Codecov diff --git a/.github/workflows/detekt.yml b/.github/workflows/detekt.yml index d42c42c2..afcd7358 100644 --- a/.github/workflows/detekt.yml +++ b/.github/workflows/detekt.yml @@ -45,7 +45,7 @@ jobs: # Steps represent a sequence of tasks that will be executed as part of the job steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 # Gets the download URL associated with the $DETEKT_RELEASE_TAG - name: Get Detekt download URL diff --git a/.github/workflows/devops-starter-workflow.yml b/.github/workflows/devops-starter-workflow.yml index f2a7c794..54cba873 100644 --- a/.github/workflows/devops-starter-workflow.yml +++ b/.github/workflows/devops-starter-workflow.yml @@ -100,7 +100,7 @@ jobs: runs-on: windows-latest needs: Deploy steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Use Node.js ${{ env.NODE_VERSION }} uses: actions/setup-node@v3 diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml index 417f1828..f91ee07a 100644 --- a/.github/workflows/devskim.yml +++ b/.github/workflows/devskim.yml @@ -23,7 +23,7 @@ jobs: security-events: write steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Run DevSkim scanner uses: microsoft/DevSkim-Action@v1 diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 85da9526..d4b66d62 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -13,6 +13,6 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Build the Docker image run: docker build . --file Dockerfile --tag my-image-name:$(date +%s) diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index e780c5ed..3fcb3d07 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -35,7 +35,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v5 # Install the cosign tool except on PR # https://github.com/sigstore/cosign-installer diff --git a/.github/workflows/eslint.yml b/.github/workflows/eslint.yml index 22b9c5d7..1fed5727 100644 --- a/.github/workflows/eslint.yml +++ b/.github/workflows/eslint.yml @@ -27,7 +27,7 @@ jobs: security-events: write steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Install ESLint run: | diff --git a/.github/workflows/fortify.yml b/.github/workflows/fortify.yml index b399e527..086b846b 100644 --- a/.github/workflows/fortify.yml +++ b/.github/workflows/fortify.yml @@ -39,7 +39,7 @@ jobs: steps: # Check out source code - name: Check Out Source Code - uses: actions/checkout@v3 + uses: actions/checkout@v5 # Java is required to run the various Fortify utilities. # When scanning a Java application, please use the appropriate Java version for building your application. diff --git a/.github/workflows/google-cloudrun-docker.yml b/.github/workflows/google-cloudrun-docker.yml index 77eb0f67..c9d5cfed 100644 --- a/.github/workflows/google-cloudrun-docker.yml +++ b/.github/workflows/google-cloudrun-docker.yml @@ -65,7 +65,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Google Auth id: auth diff --git a/.github/workflows/google-cloudrun-source.yml b/.github/workflows/google-cloudrun-source.yml index 14a9da36..be064b08 100644 --- a/.github/workflows/google-cloudrun-source.yml +++ b/.github/workflows/google-cloudrun-source.yml @@ -66,7 +66,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Google Auth id: auth diff --git a/.github/workflows/google.yml b/.github/workflows/google.yml index b81718f6..e3343bd5 100644 --- a/.github/workflows/google.yml +++ b/.github/workflows/google.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v5 # Setup gcloud CLI - uses: google-github-actions/setup-gcloud@v1.1.1 diff --git a/.github/workflows/googleXs.yml b/.github/workflows/googleXs.yml index 590d25ea..768401e5 100644 --- a/.github/workflows/googleXs.yml +++ b/.github/workflows/googleXs.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v5 # Setup gcloud CLI - uses: google-github-actions/setup-gcloud@v1.1.1 diff --git a/.github/workflows/hadolint.yml b/.github/workflows/hadolint.yml index cca782c5..326f97c6 100644 --- a/.github/workflows/hadolint.yml +++ b/.github/workflows/hadolint.yml @@ -30,7 +30,7 @@ jobs: steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Run hadolint uses: hadolint/hadolint-action@d292784f8f3eacda47060b259a580467b0ba410c diff --git a/.github/workflows/ibm.yml b/.github/workflows/ibm.yml index 45d4c258..7a578043 100644 --- a/.github/workflows/ibm.yml +++ b/.github/workflows/ibm.yml @@ -33,7 +33,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v5 # Download and Install IBM Cloud CLI - name: Install IBM Cloud CLI diff --git a/.github/workflows/jekyll.yml b/.github/workflows/jekyll.yml index 5732d6d5..28276329 100644 --- a/.github/workflows/jekyll.yml +++ b/.github/workflows/jekyll.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Build the site in the jekyll/builder container run: | docker run \ diff --git a/.github/workflows/kubesec.yml b/.github/workflows/kubesec.yml index 552dddc5..0e3e8fa2 100644 --- a/.github/workflows/kubesec.yml +++ b/.github/workflows/kubesec.yml @@ -24,7 +24,7 @@ jobs: security-events: write steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Run kubesec scanner uses: controlplaneio/kubesec-action@43d0ddff5ffee89a6bb9f29b64cd865411137b14 diff --git a/.github/workflows/mayhem-for-api.yml b/.github/workflows/mayhem-for-api.yml index 8dc31814..1b279917 100644 --- a/.github/workflows/mayhem-for-api.yml +++ b/.github/workflows/mayhem-for-api.yml @@ -42,7 +42,7 @@ jobs: contents: read security-events: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 # Run your API in the background. Ideally, the API would run in debug # mode & send stacktraces back on "500 Internal Server Error" responses diff --git a/.github/workflows/mobsf.yml b/.github/workflows/mobsf.yml index d077ba33..86a00dbd 100644 --- a/.github/workflows/mobsf.yml +++ b/.github/workflows/mobsf.yml @@ -24,7 +24,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Setup python uses: actions/setup-python@v4 diff --git a/.github/workflows/neuralegion.yml b/.github/workflows/neuralegion.yml index 24f7514c..e927745f 100644 --- a/.github/workflows/neuralegion.yml +++ b/.github/workflows/neuralegion.yml @@ -162,7 +162,7 @@ jobs: runs-on: ubuntu-18.04 name: A job to run a Nexploit scan steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Start Nexploit Scan 🏁 id: start uses: NeuraLegion/run-scan@e8a357749253841cb233872e6c1fa9f71bb308f8 diff --git a/.github/workflows/njsscan.yml b/.github/workflows/njsscan.yml index 95d7d9f9..e938fd4c 100644 --- a/.github/workflows/njsscan.yml +++ b/.github/workflows/njsscan.yml @@ -29,7 +29,7 @@ jobs: name: njsscan code scanning steps: - name: Checkout the code - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: nodejsscan scan id: njsscan uses: ajinabraham/njsscan-action@74e5a58c1edb363b84c9ddd626b0e22f038ac09e diff --git a/.github/workflows/node.js.yml b/.github/workflows/node.js.yml index f75d5f88..d512b84a 100644 --- a/.github/workflows/node.js.yml +++ b/.github/workflows/node.js.yml @@ -20,7 +20,7 @@ jobs: # See supported Node.js release schedule at https://nodejs.org/en/about/releases/ steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v3 with: diff --git a/.github/workflows/nowsecure.yml b/.github/workflows/nowsecure.yml index edfeaaba..262e655f 100644 --- a/.github/workflows/nowsecure.yml +++ b/.github/workflows/nowsecure.yml @@ -34,7 +34,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Build your application run: ./gradlew assembleDebug # Update this to build your Android or iOS application diff --git a/.github/workflows/npm-grunt.yml b/.github/workflows/npm-grunt.yml index b1ff2679..78a6735d 100644 --- a/.github/workflows/npm-grunt.yml +++ b/.github/workflows/npm-grunt.yml @@ -15,7 +15,7 @@ jobs: node-version: [12.x, 14.x, 16.x] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v3 diff --git a/.github/workflows/npm-gulp.yml b/.github/workflows/npm-gulp.yml index 32297a67..46f3516c 100644 --- a/.github/workflows/npm-gulp.yml +++ b/.github/workflows/npm-gulp.yml @@ -15,7 +15,7 @@ jobs: node-version: [12.x, 14.x, 16.x] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v3 diff --git a/.github/workflows/npm-publish-github-packages.yml b/.github/workflows/npm-publish-github-packages.yml index 42f900ba..578418ca 100644 --- a/.github/workflows/npm-publish-github-packages.yml +++ b/.github/workflows/npm-publish-github-packages.yml @@ -11,7 +11,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - uses: actions/setup-node@v3 with: node-version: 16 @@ -25,7 +25,7 @@ jobs: contents: read packages: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - uses: actions/setup-node@v3 with: node-version: 16 diff --git a/.github/workflows/npm-publish.yml b/.github/workflows/npm-publish.yml index 512c11f0..ad76a1df 100644 --- a/.github/workflows/npm-publish.yml +++ b/.github/workflows/npm-publish.yml @@ -11,7 +11,7 @@ jobs: build: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - uses: actions/setup-node@v3 with: node-version: 12 @@ -22,7 +22,7 @@ jobs: needs: build runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - uses: actions/setup-node@v3 with: node-version: 12 @@ -39,7 +39,7 @@ jobs: contents: read packages: write steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - uses: actions/setup-node@v3 with: node-version: 12 diff --git a/.github/workflows/openshift.yml b/.github/workflows/openshift.yml index bff4e163..a04595b6 100644 --- a/.github/workflows/openshift.yml +++ b/.github/workflows/openshift.yml @@ -109,7 +109,7 @@ jobs: } - name: Check out repository - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Determine app name if: env.APP_NAME == '' diff --git a/.github/workflows/ossar-analysis.yml b/.github/workflows/ossar-analysis.yml index 460c678f..eb0ab577 100644 --- a/.github/workflows/ossar-analysis.yml +++ b/.github/workflows/ossar-analysis.yml @@ -20,7 +20,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v5 # Ensure a compatible version of dotnet is installed. # The [Microsoft Security Code Analysis CLI](https://aka.ms/mscadocs) is built with dotnet v3.1.201. diff --git a/.github/workflows/ossar.yml b/.github/workflows/ossar.yml index c86ca2af..80c137a4 100644 --- a/.github/workflows/ossar.yml +++ b/.github/workflows/ossar.yml @@ -31,7 +31,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v5 # Ensure a compatible version of dotnet is installed. # The [Microsoft Security Code Analysis CLI](https://aka.ms/mscadocs) is built with dotnet v3.1.201. diff --git a/.github/workflows/pmd.yml b/.github/workflows/pmd.yml index ecc70d7d..7d7cf518 100644 --- a/.github/workflows/pmd.yml +++ b/.github/workflows/pmd.yml @@ -23,7 +23,7 @@ jobs: security-events: write # for github/codeql-action/upload-sarif to upload SARIF results runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Set up JDK 11 uses: actions/setup-java@v3 with: diff --git a/.github/workflows/powershell.yml b/.github/workflows/powershell.yml index 528c1530..116abf20 100644 --- a/.github/workflows/powershell.yml +++ b/.github/workflows/powershell.yml @@ -28,7 +28,7 @@ jobs: name: PSScriptAnalyzer runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Run PSScriptAnalyzer uses: microsoft/psscriptanalyzer-action@7a0da25f33985767f15f93140306528900744195 diff --git a/.github/workflows/python-app.yml b/.github/workflows/python-app.yml index 764e519a..4ab8e669 100644 --- a/.github/workflows/python-app.yml +++ b/.github/workflows/python-app.yml @@ -15,7 +15,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Set up Python 3.9 uses: actions/setup-python@v4 with: diff --git a/.github/workflows/rubocop.yml b/.github/workflows/rubocop.yml index e5fb4604..b0754b40 100644 --- a/.github/workflows/rubocop.yml +++ b/.github/workflows/rubocop.yml @@ -23,7 +23,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v5 # If running on a self-hosted runner, check it meets the requirements # listed at https://github.com/ruby/setup-ruby#using-self-hosted-runners diff --git a/.github/workflows/rust-clippy.yml b/.github/workflows/rust-clippy.yml index 6603848a..edc583ef 100644 --- a/.github/workflows/rust-clippy.yml +++ b/.github/workflows/rust-clippy.yml @@ -27,7 +27,7 @@ jobs: security-events: write steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Install Rust toolchain uses: actions-rs/toolchain@16499b5e05bf2e26879000db0c1d13f7e13fa3af # v1 diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index 3e77b928..d6c5694f 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -22,7 +22,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@c85c95e3d7251135ab7dc9ce3241c5835cc595a9 # v3.5.3 + uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false diff --git a/.github/workflows/securitycodescan.yml b/.github/workflows/securitycodescan.yml index c47254c1..3ac19491 100644 --- a/.github/workflows/securitycodescan.yml +++ b/.github/workflows/securitycodescan.yml @@ -21,7 +21,7 @@ jobs: SCS: runs-on: windows-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - uses: nuget/setup-nuget@296fd3ccf8528660c91106efefe2364482f86d6f - uses: microsoft/setup-msbuild@v1.3.1 diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index ed26c02a..aba59dcf 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -31,7 +31,7 @@ jobs: runs-on: ubuntu-latest steps: # Checkout project source - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 # Scan code using project's configuration on https://semgrep.dev/manage - uses: returntocorp/semgrep-action@316a1751c53ffb6689b8726910e8204ffb591b4f diff --git a/.github/workflows/snyk-container.yml b/.github/workflows/snyk-container.yml index bc3ab945..ff30c5ac 100644 --- a/.github/workflows/snyk-container.yml +++ b/.github/workflows/snyk-container.yml @@ -32,7 +32,7 @@ jobs: security-events: write # for github/codeql-action/upload-sarif to upload SARIF results runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Build a Docker image run: docker build -t your/image-to-test . - name: Run Snyk to check Docker image for vulnerabilities diff --git a/.github/workflows/snyk-infrastructure.yml b/.github/workflows/snyk-infrastructure.yml index 10dcd721..ba1f655a 100644 --- a/.github/workflows/snyk-infrastructure.yml +++ b/.github/workflows/snyk-infrastructure.yml @@ -31,7 +31,7 @@ jobs: security-events: write # for github/codeql-action/upload-sarif to upload SARIF results runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Run Snyk to check configuration files for security issues # Snyk can be used to break the build when it detects security issues. # In this case we want to upload the issues to GitHub Code Scanning diff --git a/.github/workflows/sobelow.yml b/.github/workflows/sobelow.yml index ac0a75b4..4d34fd58 100644 --- a/.github/workflows/sobelow.yml +++ b/.github/workflows/sobelow.yml @@ -31,7 +31,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - id: run-action uses: sobelow/action@85a7af55ecfe77cbecbae704398af72df079165e - name: Upload report diff --git a/.github/workflows/stackhawk.yml b/.github/workflows/stackhawk.yml index 41e75cd4..8285aed6 100644 --- a/.github/workflows/stackhawk.yml +++ b/.github/workflows/stackhawk.yml @@ -49,7 +49,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Start your service run: ./your-service.sh & # ✏️ Update this to run your own service to be scanned diff --git a/.github/workflows/synopsys-io.yml b/.github/workflows/synopsys-io.yml index 3797e952..cb4e0ea6 100644 --- a/.github/workflows/synopsys-io.yml +++ b/.github/workflows/synopsys-io.yml @@ -25,7 +25,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Synopsys Intelligent Security Scan id: prescription diff --git a/.github/workflows/sysdig-scan.yml b/.github/workflows/sysdig-scan.yml index 7790ad07..2b226aaa 100644 --- a/.github/workflows/sysdig-scan.yml +++ b/.github/workflows/sysdig-scan.yml @@ -27,7 +27,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Build the Docker image # Tag image to be built diff --git a/.github/workflows/tencent.yml b/.github/workflows/tencent.yml index 727d77d5..554310aa 100644 --- a/.github/workflows/tencent.yml +++ b/.github/workflows/tencent.yml @@ -38,7 +38,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v5 # Build - name: Build Docker image diff --git a/.github/workflows/terraform.yml b/.github/workflows/terraform.yml index 767c495f..a0048da9 100644 --- a/.github/workflows/terraform.yml +++ b/.github/workflows/terraform.yml @@ -67,7 +67,7 @@ jobs: steps: # Checkout the repository to the GitHub Actions runner - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v5 # Install the latest version of Terraform CLI and configure the Terraform CLI configuration file with a Terraform Cloud user API token - name: Setup Terraform diff --git a/.github/workflows/tfsec.yml b/.github/workflows/tfsec.yml index 538d8520..90d4f032 100644 --- a/.github/workflows/tfsec.yml +++ b/.github/workflows/tfsec.yml @@ -24,7 +24,7 @@ jobs: steps: - name: Clone repo - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Run tfsec uses: tfsec/tfsec-sarif-action@21ded20e8ca120cd9d3d6ab04ef746477542a608 diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 65463676..4b4f75b8 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -26,7 +26,7 @@ jobs: runs-on: "ubuntu-18.04" steps: - name: Checkout code - uses: actions/checkout@v3 + uses: actions/checkout@v5 - name: Build an image from Dockerfile run: | diff --git a/.github/workflows/veracode.yml b/.github/workflows/veracode.yml index f1a81fc6..48c9e8b5 100644 --- a/.github/workflows/veracode.yml +++ b/.github/workflows/veracode.yml @@ -31,7 +31,7 @@ jobs: steps: # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it and copies all sources into ZIP file for submitting for analysis. Replace this section with your applications build steps - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 with: repository: '' diff --git a/.github/workflows/webpack.yml b/.github/workflows/webpack.yml index 20802eb7..6348a1b5 100644 --- a/.github/workflows/webpack.yml +++ b/.github/workflows/webpack.yml @@ -15,7 +15,7 @@ jobs: node-version: [12.x, 14.x, 16.x] steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v5 - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v3 diff --git a/.github/workflows/xanitizer.yml b/.github/workflows/xanitizer.yml index ea58bfdf..300d8ac8 100644 --- a/.github/workflows/xanitizer.yml +++ b/.github/workflows/xanitizer.yml @@ -56,7 +56,7 @@ jobs: steps: # Check out the repository - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v5 # Set up the correct Java version for your project # Please comment out, if your project does not contain Java source code.