From 918dd5a4a7f88dffca587e33246f61233a7b2f22 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 1 Mar 2026 03:08:28 +0000 Subject: [PATCH] chore(deps): bump the all group with 11 updates Bumps the all group with 11 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `3` | `6` | | [actions/setup-node](https://github.com/actions/setup-node) | `3.4.1` | `6.2.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `7` | | [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment) | `4.0.0` | `5.0.0` | | [actions/cache](https://github.com/actions/cache) | `4` | `5` | | [actions/github-script](https://github.com/actions/github-script) | `7.0.1` | `8.0.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4.1.8` | `8.0.0` | | [peter-evans/find-comment](https://github.com/peter-evans/find-comment) | `2.4.0` | `4.0.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.3.3` | `2.4.3` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.25.12` | `4.32.4` | | [actions/stale](https://github.com/actions/stale) | `9.0.0` | `10.2.0` | Updates `actions/checkout` from 3 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](https://github.com/actions/checkout/compare/v3...v6) Updates `actions/setup-node` from 3.4.1 to 6.2.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/v3.4.1...v6.2.0) Updates `actions/upload-artifact` from 4 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/v4...v7) Updates `peter-evans/create-or-update-comment` from 4.0.0 to 5.0.0 - [Release notes](https://github.com/peter-evans/create-or-update-comment/releases) - [Commits](https://github.com/peter-evans/create-or-update-comment/compare/71345be0265236311c031f5c7866368bd1eff043...e8674b075228eee787fea43ef493e45ece1004c9) Updates `actions/cache` from 4 to 5 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/v4...v5) Updates `actions/github-script` from 7.0.1 to 8.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/60a0d83039c74a4aee543508d2ffcb1c3799cdea...ed597411d8f924073f98dfc5c65a23a2325f34cd) Updates `actions/download-artifact` from 4.1.8 to 8.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/fa0a91b85d4f404e444e00e005971372dc801d16...70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3) Updates `peter-evans/find-comment` from 2.4.0 to 4.0.0 - [Release notes](https://github.com/peter-evans/find-comment/releases) - [Commits](https://github.com/peter-evans/find-comment/compare/a54c31d7fa095754bfef525c0c8e5e5674c4b4b1...b30e6a3c0ed37e7c023ccd3f1db5c6c0b0c23aad) Updates `ossf/scorecard-action` from 2.3.3 to 2.4.3 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](https://github.com/ossf/scorecard-action/compare/dc50aa9510b46c811795eb24b2f1ba02a914e534...4eaacf0543bb3f2c246792bd56e8cdeffafb205a) Updates `github/codeql-action` from 3.25.12 to 4.32.4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/4fa2a7953630fd2f3fb380f21be14ede0169dd4f...89a39a4e59826350b863aa6b6252a07ad50cf83e) Updates `actions/stale` from 9.0.0 to 10.2.0 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/stale/compare/28ca1036281a5e5922ead5184a1bbf96e5fc984e...b5d41d4e1d5dceea10e7104786b73624c18a190f) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: actions/setup-node dependency-version: 6.2.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: peter-evans/create-or-update-comment dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: actions/cache dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: actions/github-script dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: actions/download-artifact dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: peter-evans/find-comment dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: ossf/scorecard-action dependency-version: 2.4.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github/codeql-action dependency-version: 4.32.4 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: actions/stale dependency-version: 10.2.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: all ... Signed-off-by: dependabot[bot] --- .github/workflows/canary.yml | 10 +++++----- .github/workflows/cf_test_full.yml | 6 +++--- .github/workflows/cf_test_smoke.yml | 6 +++--- .github/workflows/changed-packages.yml | 2 +- .github/workflows/ci.yml | 24 +++++++++++------------ .github/workflows/clear-caches.yml | 2 +- .github/workflows/deflake.yml | 12 ++++++------ .github/workflows/devtools.yml | 8 ++++---- .github/workflows/pre-release.yml | 4 ++-- .github/workflows/publish.yml | 4 ++-- .github/workflows/scorecards-analysis.yml | 8 ++++---- .github/workflows/semgrep.yml | 2 +- .github/workflows/stale.yml | 2 +- 13 files changed, 45 insertions(+), 45 deletions(-) diff --git a/.github/workflows/canary.yml b/.github/workflows/canary.yml index bcea18474..249c4db54 100644 --- a/.github/workflows/canary.yml +++ b/.github/workflows/canary.yml @@ -38,9 +38,9 @@ jobs: suite: chrome-headful steps: - name: Check out repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Node.js - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: cache: npm node-version-file: '.nvmrc' @@ -74,7 +74,7 @@ jobs: env: PUPPETEER_BROWSER_REVISION: canary PUPPETEER_TEST_EXPERIMENTAL_CHROME_FEATURES: ${{ matrix.configs == 'experimental' }} - - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 if: always() with: name: test-results-${{ matrix.os }}-${{ matrix.suite }}-${{ matrix.shard }}-${{ matrix.configs }} @@ -89,7 +89,7 @@ jobs: if: ${{ always() }} steps: - name: Post comment - uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0 + uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0 if: ${{ needs.canary-chrome-tests.result != 'success'}} with: # https://github.com/puppeteer/puppeteer/issues/12379 @@ -100,7 +100,7 @@ jobs: --- [Link](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) - name: Post comment - uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0 + uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0 if: ${{ needs.canary-chrome-tests.result == 'success'}} with: # https://github.com/puppeteer/puppeteer/issues/12379 diff --git a/.github/workflows/cf_test_full.yml b/.github/workflows/cf_test_full.yml index 3216cef65..7aa03fdb4 100644 --- a/.github/workflows/cf_test_full.yml +++ b/.github/workflows/cf_test_full.yml @@ -13,8 +13,8 @@ jobs: CF_ACCESS_CLIENT_SECRET: ${{ secrets.CF_ACCESS_CLIENT_SECRET }} CF_ACCESS_CLIENT_ID: ${{ secrets.CF_ACCESS_CLIENT_ID }} steps: - - uses: actions/checkout@v4 - - uses: actions/setup-node@v4 + - uses: actions/checkout@v6 + - uses: actions/setup-node@v6.2.0 with: node-version: '20.x' registry-url: 'https://registry.npmjs.org' @@ -32,7 +32,7 @@ jobs: npm run test:full -- --reporter=html - name: Upload HTML report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 if: ${{ !cancelled() }} with: # puppeteer tests run with playwright, that's why it's playwright-report diff --git a/.github/workflows/cf_test_smoke.yml b/.github/workflows/cf_test_smoke.yml index f1e948c93..91203ab6e 100644 --- a/.github/workflows/cf_test_smoke.yml +++ b/.github/workflows/cf_test_smoke.yml @@ -15,8 +15,8 @@ jobs: CF_ACCESS_CLIENT_SECRET: ${{ secrets.CF_ACCESS_CLIENT_SECRET }} CF_ACCESS_CLIENT_ID: ${{ secrets.CF_ACCESS_CLIENT_ID }} steps: - - uses: actions/checkout@v4 - - uses: actions/setup-node@v4 + - uses: actions/checkout@v6 + - uses: actions/setup-node@v6.2.0 with: node-version: '20.x' registry-url: 'https://registry.npmjs.org' @@ -34,7 +34,7 @@ jobs: npm run test:smoke -- --reporter=html - name: Upload HTML report - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@v7 if: ${{ !cancelled() }} with: # puppeteer tests run with playwright, that's why it's playwright-report diff --git a/.github/workflows/changed-packages.yml b/.github/workflows/changed-packages.yml index 192eb0a1d..e199084f9 100644 --- a/.github/workflows/changed-packages.yml +++ b/.github/workflows/changed-packages.yml @@ -20,7 +20,7 @@ jobs: changes: ${{ steps.changes.outputs.changes }} steps: - name: Check out repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 2 - name: Check if branch is out of date diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9cfc397d9..8fc61fdfd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -30,11 +30,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Check out repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 2 - name: Set up Node.js - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: cache: npm node-version-file: '.nvmrc' @@ -97,9 +97,9 @@ jobs: suite: chrome-headful steps: - name: Check out repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Node.js - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: cache: npm node-version-file: '.nvmrc' @@ -112,7 +112,7 @@ jobs: - name: Build packages run: npm run build --workspace @puppeteer-test/test - name: Setup cache for Chrome binary - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/puppeteer/chrome key: Chrome-${{ runner.os }}-${{ hashFiles('packages/puppeteer-core/src/revisions.ts') }}-${{ hashFiles('packages/puppeteer/src/node/install.ts') }} @@ -124,7 +124,7 @@ jobs: - name: Run all tests (for Linux) if: ${{ matrix.os == 'ubuntu-22.04' }} run: xvfb-run --auto-servernum npm run test -- --shard '${{ matrix.shard }}' --test-suite ${{ matrix.suite }} --save-stats-to /tmp/artifacts/${{ github.event_name }}_INSERTID.json - - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 if: always() with: name: test-results-${{ matrix.os }}-${{ matrix.suite }}-${{ matrix.shard }} @@ -178,9 +178,9 @@ jobs: suite: firefox-headless steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Node.js - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: cache: npm node-version-file: '.nvmrc' @@ -193,7 +193,7 @@ jobs: - name: Build packages run: npm run build --workspace @puppeteer-test/test - name: Setup cache for Firefox binary - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/puppeteer/firefox key: Firefox-${{ runner.os }}-${{ hashFiles('packages/puppeteer-core/src/revisions.ts') }}-${{ hashFiles('packages/puppeteer/src/node/install.ts') }} @@ -207,7 +207,7 @@ jobs: - name: Run all tests (for Linux) if: ${{ matrix.os == 'ubuntu-22.04' }} run: xvfb-run --auto-servernum npm run test -- --shard '${{ matrix.shard }}' --test-suite ${{ matrix.suite }} --save-stats-to /tmp/artifacts/${{ github.event_name }}_INSERTID.json - - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 if: always() with: name: test-results-${{ matrix.os }}-${{ matrix.suite }}-${{ matrix.shard }} @@ -230,9 +230,9 @@ jobs: if: ${{ contains(fromJSON(needs.check-changes.outputs.changes), 'puppeteer') }} steps: - name: Check out repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Node.js - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: cache: npm node-version-file: '.nvmrc' diff --git a/.github/workflows/clear-caches.yml b/.github/workflows/clear-caches.yml index db06ade4b..fa4d116eb 100644 --- a/.github/workflows/clear-caches.yml +++ b/.github/workflows/clear-caches.yml @@ -15,7 +15,7 @@ jobs: actions: write steps: - name: Clear Firefox cache - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 with: script: | console.log("Querying") diff --git a/.github/workflows/deflake.yml b/.github/workflows/deflake.yml index e4f6888f2..26717ec25 100644 --- a/.github/workflows/deflake.yml +++ b/.github/workflows/deflake.yml @@ -47,9 +47,9 @@ jobs: fail-fast: false steps: - name: Check out repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Node.js - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: cache: npm node-version-file: '.nvmrc' @@ -62,7 +62,7 @@ jobs: - name: Build packages run: npm run build -w @puppeteer-test/test - name: Setup cache for Chrome binary - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/puppeteer/chrome key: Chrome-${{ runner.os }}-${{ hashFiles('packages/puppeteer-core/src/revisions.ts') }}-${{ hashFiles('packages/puppeteer/src/node/install.ts') }} @@ -88,9 +88,9 @@ jobs: fail-fast: false steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Node.js - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: cache: npm node-version-file: '.nvmrc' @@ -103,7 +103,7 @@ jobs: - name: Build packages run: npm run build -w @puppeteer-test/test - name: Setup cache for Firefox binary - uses: actions/cache@v4 + uses: actions/cache@v5 with: path: ~/.cache/puppeteer/firefox key: Firefox-${{ runner.os }}-${{ hashFiles('packages/puppeteer-core/src/revisions.ts') }}-${{ hashFiles('packages/puppeteer/src/node/install.ts') }} diff --git a/.github/workflows/devtools.yml b/.github/workflows/devtools.yml index 8bdab3b4d..0ab7ceb6e 100644 --- a/.github/workflows/devtools.yml +++ b/.github/workflows/devtools.yml @@ -18,9 +18,9 @@ jobs: if: contains(github.event.label.name, 'devtools') steps: - name: Checkout - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Set up Node.js - uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: cache: npm node-version-file: '.nvmrc' @@ -39,7 +39,7 @@ jobs: npm pack -w puppeteer-core npm pack -w puppeteer - name: Upload Puppeteer build - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: puppeteer-build if-no-files-found: error @@ -51,7 +51,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Download Puppeteer build - uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8 + uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0 with: name: puppeteer-build - name: Checkout depot_tools diff --git a/.github/workflows/pre-release.yml b/.github/workflows/pre-release.yml index c0ed7337d..121516dc2 100644 --- a/.github/workflows/pre-release.yml +++ b/.github/workflows/pre-release.yml @@ -24,7 +24,7 @@ jobs: issues: write steps: - name: Check out repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: script: | github.rest.issues.addLabels({ @@ -34,7 +34,7 @@ jobs: labels: ["confirmed"] }) - name: Find Comment Id - uses: peter-evans/find-comment@a54c31d7fa095754bfef525c0c8e5e5674c4b4b1 # v2.4.0 + uses: peter-evans/find-comment@b30e6a3c0ed37e7c023ccd3f1db5c6c0b0c23aad # v4.0.0 id: find-comment-id with: node-version: 18.18 diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml index c66a47c03..8467d3112 100644 --- a/.github/workflows/publish.yml +++ b/.github/workflows/publish.yml @@ -12,9 +12,9 @@ jobs: contents: read steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v6 - name: Set up Node.js - uses: actions/setup-node@v3.4.1 + uses: actions/setup-node@v6.2.0 with: node-version: 18.18 - name: Install dependencies diff --git a/.github/workflows/scorecards-analysis.yml b/.github/workflows/scorecards-analysis.yml index 7e47cbd36..7d9dff0cc 100644 --- a/.github/workflows/scorecards-analysis.yml +++ b/.github/workflows/scorecards-analysis.yml @@ -32,12 +32,12 @@ jobs: steps: - name: Check out repository - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: persist-credentials: false - name: 'Run analysis' - uses: ossf/scorecard-action@dc50aa9510b46c811795eb24b2f1ba02a914e534 # v2.3.3 + uses: ossf/scorecard-action@4eaacf0543bb3f2c246792bd56e8cdeffafb205a # v2.4.3 with: results_file: results.sarif results_format: sarif @@ -59,7 +59,7 @@ jobs: # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: 'Upload artifact' - uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b # v4.3.4 + uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0 with: name: SARIF file path: results.sarif @@ -68,6 +68,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable upload of results to your repo's Code Scanning dashboard - name: 'Upload to code-scanning' - uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12 + uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e # v4.32.4 with: sarif_file: results.sarif diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index d0d9f32fa..035dd63a9 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -20,5 +20,5 @@ jobs: container: image: returntocorp/semgrep steps: - - uses: actions/checkout@v3 + - uses: actions/checkout@v6 - run: semgrep ci diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml index 77dede3c1..c4e878d4b 100644 --- a/.github/workflows/stale.yml +++ b/.github/workflows/stale.yml @@ -15,7 +15,7 @@ jobs: issues: write pull-requests: write steps: - - uses: actions/stale@28ca1036281a5e5922ead5184a1bbf96e5fc984e # v9.0.0 + - uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0 with: days-before-close: 7 days-before-stale: 14