diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index 27a67c42..686c61dd 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -52,14 +52,14 @@ jobs: uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0 - name: Login to GitHub Container Registry - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - name: Build and export to Docker - uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: . file: ${{ matrix.docker-file }} @@ -72,7 +72,7 @@ jobs: - name: Build and push if: ${{ github.ref_name == 'main' }} - uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: . file: ${{ matrix.docker-file }} diff --git a/.github/workflows/docs.yaml b/.github/workflows/docs.yaml index 983f0dc2..7c379df8 100644 --- a/.github/workflows/docs.yaml +++ b/.github/workflows/docs.yaml @@ -37,7 +37,7 @@ jobs: uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Restore lychee cache - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 with: path: .lycheecache key: cache-lychee-${{ github.sha }} diff --git a/.github/workflows/e2e-tests.yaml b/.github/workflows/e2e-tests.yaml index 358ac3e9..ef3c2464 100644 --- a/.github/workflows/e2e-tests.yaml +++ b/.github/workflows/e2e-tests.yaml @@ -110,7 +110,7 @@ jobs: # in a different workflow. # See https://github.com/actions/download-artifact/issues/172 - name: Retrieve built PHAR - uses: dawidd6/action-download-artifact@8a338493df3d275e4a7a63bcff3b8fe97e51a927 # v19 + uses: dawidd6/action-download-artifact@8305c0f1062bb0d184d09ef4493ecb9288447732 # v20 with: github_token: ${{secrets.GITHUB_TOKEN}} workflow: release.yaml @@ -165,7 +165,7 @@ jobs: # in a different workflow. # See https://github.com/actions/download-artifact/issues/172 - name: Retrieve built PHAR - uses: dawidd6/action-download-artifact@8a338493df3d275e4a7a63bcff3b8fe97e51a927 # v19 + uses: dawidd6/action-download-artifact@8305c0f1062bb0d184d09ef4493ecb9288447732 # v20 with: github_token: ${{secrets.GITHUB_TOKEN}} workflow: release.yaml @@ -188,7 +188,7 @@ jobs: run: bin/box.phar --ansi --version - name: Login to GitHub Container Registry - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: registry: ghcr.io username: ${{ github.actor }} diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index e8050d2b..93281711 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -95,7 +95,7 @@ jobs: path: . - name: Upload PHAR to the release - uses: softprops/action-gh-release@153bb8e04406b158c6c84fc1615b65b24149a1fe # v2.6.1 + uses: softprops/action-gh-release@b4309332981a82ec1c5618f44dd2e27cc8bfbfda # v3.0.0 with: token: ${{ secrets.GITHUB_TOKEN }} files: | @@ -155,7 +155,7 @@ jobs: - name: Login to Docker Container Registry if: github.event_name == 'release' - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: username: ${{ env.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} @@ -175,7 +175,7 @@ jobs: - name: Login to GitHub Container Registry if: github.event_name != 'release' - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: registry: ghcr.io username: ${{ github.actor }} @@ -188,7 +188,7 @@ jobs: echo "DOCKER_TEST_TAG=ghcr.io/box-project/box" >> $GITHUB_ENV - name: Build and export to Docker (amd64) - uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: . file: ${{ env.DOCKERFILE }} @@ -200,7 +200,7 @@ jobs: run: docker run --rm --platform=linux/amd64 ${{ env.DOCKER_TEST_TAG }} --version - name: Build and export to Docker (arm64) - uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: . file: ${{ env.DOCKERFILE }} @@ -213,7 +213,7 @@ jobs: - name: Build and push if: github.event_name == 'release' - uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0 + uses: docker/build-push-action@bcafcacb16a39f128d818304e6c9c0c18556b85f # v7.1.0 with: context: . file: ${{ env.DOCKERFILE }} diff --git a/.github/workflows/requirement-checker.yaml b/.github/workflows/requirement-checker.yaml index 98d7b15e..c9cc6e46 100644 --- a/.github/workflows/requirement-checker.yaml +++ b/.github/workflows/requirement-checker.yaml @@ -233,7 +233,7 @@ jobs: # in a different workflow. # See https://github.com/actions/download-artifact/issues/172 - name: Retrieve built PHAR - uses: dawidd6/action-download-artifact@8a338493df3d275e4a7a63bcff3b8fe97e51a927 # v19 + uses: dawidd6/action-download-artifact@8305c0f1062bb0d184d09ef4493ecb9288447732 # v20 with: github_token: ${{secrets.GITHUB_TOKEN}} workflow: release.yaml @@ -256,7 +256,7 @@ jobs: run: bin/box.phar --ansi --version - name: Login to GitHub Container Registry - uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0 + uses: docker/login-action@4907a6ddec9925e35a0a9e82d7399ccc52663121 # v4.1.0 with: registry: ghcr.io username: ${{ github.actor }} @@ -358,7 +358,7 @@ jobs: - name: Create Pull Request if: env.requirement_checker_changed == 'true' - uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0 + uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 with: token: ${{ secrets.GITHUB_TOKEN }} branch: build/update-requirement-checker diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml index 67531a0a..a09b400b 100644 --- a/.github/workflows/security.yaml +++ b/.github/workflows/security.yaml @@ -29,7 +29,7 @@ jobs: fetch-depth: 0 - name: Cache the vulnerability database - uses: actions/cache@668228422ae6a00e4ad889ee87cd7109ec5666a7 # v5.0.4 + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 id: cache-db with: path: ~/.symfony/cache