diff --git a/.github/workflows/cicd-1-pull-request.yaml b/.github/workflows/cicd-1-pull-request.yaml index bb88afb..c3113b4 100644 --- a/.github/workflows/cicd-1-pull-request.yaml +++ b/.github/workflows/cicd-1-pull-request.yaml @@ -37,7 +37,7 @@ jobs: skip_trivy_package: ${{ steps.skip_trivy.outputs.skip_trivy_package }} steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Set CI/CD variables" id: variables run: | @@ -157,7 +157,7 @@ jobs: APP_CLIENT_ID: ${{ secrets.APP_CLIENT_ID }} APP_PEM_FILE: ${{ secrets.APP_PEM_FILE }} steps: - - uses: actions/checkout@v5.0.0 + - uses: actions/checkout@v6 - name: Trigger dynamic environment creation shell: bash run: | diff --git a/.github/workflows/cicd-3-deploy.yaml b/.github/workflows/cicd-3-deploy.yaml index 5230577..6fae3c5 100644 --- a/.github/workflows/cicd-3-deploy.yaml +++ b/.github/workflows/cicd-3-deploy.yaml @@ -37,7 +37,7 @@ jobs: # tag: ${{ steps.variables.outputs.tag }} steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Set CI/CD variables" id: variables run: | @@ -70,7 +70,7 @@ jobs: needs: metadata steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Get version" id: get-asset-version diff --git a/.github/workflows/pr_closed.yml b/.github/workflows/pr_closed.yml index d5ef687..d3e6317 100644 --- a/.github/workflows/pr_closed.yml +++ b/.github/workflows/pr_closed.yml @@ -50,7 +50,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v5.0.0 + uses: actions/checkout@v6 - name: Updating Main Environment env: diff --git a/.github/workflows/pr_destroy_dynamic_env.yml b/.github/workflows/pr_destroy_dynamic_env.yml index bc08f98..52dc155 100644 --- a/.github/workflows/pr_destroy_dynamic_env.yml +++ b/.github/workflows/pr_destroy_dynamic_env.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v5.0.0 + - uses: actions/checkout@v6 - name: Trigger dynamic environment destroy env: APP_PEM_FILE: ${{ secrets.APP_PEM_FILE }} diff --git a/.github/workflows/release_created.yml b/.github/workflows/release_created.yml index 280b62f..be15688 100644 --- a/.github/workflows/release_created.yml +++ b/.github/workflows/release_created.yml @@ -26,7 +26,7 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@v5.0.0 + uses: actions/checkout@v6 - name: Updating Main Environment env: diff --git a/.github/workflows/scheduled-repository-template-sync.yaml b/.github/workflows/scheduled-repository-template-sync.yaml index e911486..352327a 100644 --- a/.github/workflows/scheduled-repository-template-sync.yaml +++ b/.github/workflows/scheduled-repository-template-sync.yaml @@ -16,10 +16,10 @@ jobs: steps: - name: Check out the repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Check out external repository - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: repository: NHSDigital/nhs-notify-repository-template path: nhs-notify-repository-template diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 5552785..3e9594e 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -32,7 +32,7 @@ jobs: steps: - name: "Checkout code" - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@34e114876b0b11c390a56381ad16ebd13914f8d5 # v4.3.1 with: persist-credentials: false diff --git a/.github/workflows/stage-1-commit.yaml b/.github/workflows/stage-1-commit.yaml index 9e10fec..2753bc4 100644 --- a/.github/workflows/stage-1-commit.yaml +++ b/.github/workflows/stage-1-commit.yaml @@ -43,7 +43,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 # Full history is needed to scan all commits - name: "Scan secrets" @@ -54,7 +54,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 # Full history is needed to compare branches - name: "Check file format" @@ -65,7 +65,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 # Full history is needed to compare branches - name: "Check Markdown format" @@ -79,7 +79,7 @@ jobs: contents: write steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 # Full history is needed to compare branches - name: "Check to see if Terraform Docs are up-to-date" @@ -100,7 +100,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 # Full history is needed to compare branches - name: "Check English usage" @@ -111,7 +111,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 # Full history is needed to compare branches - name: "Check TODO usage" @@ -123,7 +123,7 @@ jobs: terraform_changed: ${{ steps.check.outputs.terraform_changed }} steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Check for Terraform changes" id: check @@ -147,7 +147,7 @@ jobs: if: needs.detect-terraform-changes.outputs.terraform_changed == 'true' steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Lint Terraform" uses: ./.github/actions/lint-terraform trivy-iac: @@ -160,7 +160,7 @@ jobs: if: needs.detect-terraform-changes.outputs.terraform_changed == 'true' steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Setup ASDF" uses: asdf-vm/actions/setup@1902764435ca0dd2f3388eea723a4f92a4eb8302 - name: "Trivy IaC Scan" @@ -174,7 +174,7 @@ jobs: timeout-minutes: 10 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Setup ASDF" uses: asdf-vm/actions/setup@1902764435ca0dd2f3388eea723a4f92a4eb8302 - name: "Trivy Package Scan" @@ -188,7 +188,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Count lines of code" uses: ./.github/actions/create-lines-of-code-report with: @@ -207,7 +207,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Scan dependencies" uses: ./.github/actions/scan-dependencies with: diff --git a/.github/workflows/stage-2-test.yaml b/.github/workflows/stage-2-test.yaml index 86b45c5..e1a5ad7 100644 --- a/.github/workflows/stage-2-test.yaml +++ b/.github/workflows/stage-2-test.yaml @@ -47,7 +47,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Repo setup" run: | npm ci @@ -61,7 +61,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Repo setup" run: | npm ci @@ -89,7 +89,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Repo setup" run: | npm ci @@ -105,7 +105,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Repo setup" run: | npm ci @@ -122,7 +122,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Run test coverage check" run: | make test-coverage @@ -139,7 +139,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 # Full history is needed to improving relevancy of reporting - name: "Download coverage report for SONAR" diff --git a/.github/workflows/stage-3-build.yaml b/.github/workflows/stage-3-build.yaml index fabfe11..e24fefe 100644 --- a/.github/workflows/stage-3-build.yaml +++ b/.github/workflows/stage-3-build.yaml @@ -39,7 +39,7 @@ jobs: timeout-minutes: 3 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Build docs" uses: ./.github/actions/build-docs with: @@ -50,7 +50,7 @@ jobs: timeout-minutes: 3 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Build artefact 1" run: | echo "Building artefact 1 ..." @@ -67,7 +67,7 @@ jobs: timeout-minutes: 3 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Build artefact n" run: | echo "Building artefact n ..." diff --git a/.github/workflows/stage-4-acceptance.yaml b/.github/workflows/stage-4-acceptance.yaml index c6dc58e..c33e640 100644 --- a/.github/workflows/stage-4-acceptance.yaml +++ b/.github/workflows/stage-4-acceptance.yaml @@ -43,7 +43,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Create infractructure" run: | echo "Creating infractructure..." @@ -60,7 +60,7 @@ jobs: timeout-minutes: 10 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Run contract test" run: | make test-contract @@ -74,7 +74,7 @@ jobs: timeout-minutes: 10 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Run security test" run: | make test-security @@ -88,7 +88,7 @@ jobs: timeout-minutes: 10 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Run UI test" run: | make test-ui @@ -102,7 +102,7 @@ jobs: timeout-minutes: 10 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Run UI performance test" run: | make test-ui-performance @@ -116,7 +116,7 @@ jobs: timeout-minutes: 10 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Run integration test" run: | make test-integration @@ -130,7 +130,7 @@ jobs: timeout-minutes: 10 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Run accessibility test" run: | make test-accessibility @@ -144,7 +144,7 @@ jobs: timeout-minutes: 10 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Run load tests" run: | make test-load @@ -168,7 +168,7 @@ jobs: timeout-minutes: 5 steps: - name: "Checkout code" - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: "Tear down environment" run: | echo "Tearing down environment..."