diff --git a/.github/workflows/ci-check-and-unit-test.yml b/.github/workflows/ci-check-and-unit-test.yml index 57c5da77..6a79145b 100644 --- a/.github/workflows/ci-check-and-unit-test.yml +++ b/.github/workflows/ci-check-and-unit-test.yml @@ -26,7 +26,7 @@ jobs: cache-dependency-path: sources/package-lock.json - name: Setup Gradle # Use a released version to avoid breakages - uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2 + uses: gradle/actions/setup-gradle@ed408507eac070d1f99cc633dbcf757c94c7933a # v4.4.3 env: ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing with: diff --git a/.github/workflows/ci-check-no-dist-update.yml b/.github/workflows/ci-check-no-dist-update.yml index 5328921b..0fb35585 100644 --- a/.github/workflows/ci-check-no-dist-update.yml +++ b/.github/workflows/ci-check-no-dist-update.yml @@ -21,7 +21,7 @@ jobs: - name: Get changed files id: changed-files - uses: tj-actions/changed-files@ed68ef82c095e0d48ec87eccea555d944a631a4c # v46.0.5 + uses: tj-actions/changed-files@24d32ffd492484c1d75e0c0b894501ddb9d30d62 # v47.0.0 with: files: | dist/** diff --git a/.github/workflows/ci-codeql.yml b/.github/workflows/ci-codeql.yml index 3c981193..07026040 100644 --- a/.github/workflows/ci-codeql.yml +++ b/.github/workflows/ci-codeql.yml @@ -35,7 +35,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.29.5 + uses: github/codeql-action/init@192325c86100d080feab897ff886c34abd4c83a3 # v3.29.5 with: languages: ${{ matrix.language }} config: | @@ -43,4 +43,4 @@ jobs: - sources/src - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.29.5 + uses: github/codeql-action/analyze@192325c86100d080feab897ff886c34abd4c83a3 # v3.29.5 diff --git a/.github/workflows/ci-init-script-check.yml b/.github/workflows/ci-init-script-check.yml index bedd64d0..16ba1180 100644 --- a/.github/workflows/ci-init-script-check.yml +++ b/.github/workflows/ci-init-script-check.yml @@ -30,7 +30,7 @@ jobs: java-version: 17 - name: Setup Gradle # Use a released version to avoid breakages - uses: gradle/actions/setup-gradle@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2 + uses: gradle/actions/setup-gradle@ed408507eac070d1f99cc633dbcf757c94c7933a # v4.4.3 env: ALLOWED_GRADLE_WRAPPER_CHECKSUMS: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 # Invalid wrapper jar used for testing - name: Run integration tests diff --git a/.github/workflows/ci-ossf-scorecard.yml b/.github/workflows/ci-ossf-scorecard.yml index 00bf39be..448d1ede 100644 --- a/.github/workflows/ci-ossf-scorecard.yml +++ b/.github/workflows/ci-ossf-scorecard.yml @@ -52,6 +52,6 @@ jobs: # Upload the results to GitHub's code scanning dashboard. - name: 'Upload to code-scanning' - uses: github/codeql-action/upload-sarif@f1f6e5f6af878fb37288ce1c627459e94dbf7d01 # v3.29.5 + uses: github/codeql-action/upload-sarif@192325c86100d080feab897ff886c34abd4c83a3 # v3.29.5 with: sarif_file: results.sarif diff --git a/.github/workflows/ci-validate-wrappers.yml b/.github/workflows/ci-validate-wrappers.yml index 8b72bcba..cf8741dc 100644 --- a/.github/workflows/ci-validate-wrappers.yml +++ b/.github/workflows/ci-validate-wrappers.yml @@ -12,6 +12,6 @@ jobs: runs-on: ubuntu-latest steps: - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - uses: gradle/actions/wrapper-validation@017a9effdb900e5b5b2fddfb590a105619dca3c3 # v4.4.2 + - uses: gradle/actions/wrapper-validation@ed408507eac070d1f99cc633dbcf757c94c7933a # v4.4.3 with: allow-checksums: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855