From d95ac38a2deee428c440cc001a22f6e020c93292 Mon Sep 17 00:00:00 2001 From: Matt Collins Date: Tue, 9 Jun 2026 03:14:21 +0000 Subject: [PATCH] chore: upgrade GitHub Actions from Node 20 to Node 24 --- .github/workflows/build-and-sign.yml | 8 ++++---- .github/workflows/timestamp-pr.yml | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build-and-sign.yml b/.github/workflows/build-and-sign.yml index 5411416..438c278 100644 --- a/.github/workflows/build-and-sign.yml +++ b/.github/workflows/build-and-sign.yml @@ -17,13 +17,13 @@ jobs: steps: # 1️⃣ Checkout code - name: Checkout code - uses: actions/checkout@v4 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 0 # 2️⃣ Set up Java 21 - name: Set up Java 21 - uses: actions/setup-java@v4 + uses: actions/setup-java@be666c2fcd27ec809703dec50e508c2fdc7f6654 # v5.2.0 with: distribution: temurin java-version: '21' @@ -49,14 +49,14 @@ jobs: # 6️⃣ Generate and sign SLSA provenance for the JAR - name: Generate and sign build provenance - uses: actions/attest-build-provenance@v1 + uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0 with: subject-path: target/demo-oidc-java-1.0.0.jar github-token: ${{ secrets.GITHUB_TOKEN }} # 7️⃣ Upload artifacts (JAR + signed provenance) - name: Upload artifacts - uses: actions/upload-artifact@v4 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: build-artifacts path: | diff --git a/.github/workflows/timestamp-pr.yml b/.github/workflows/timestamp-pr.yml index 31833d9..2be4c89 100644 --- a/.github/workflows/timestamp-pr.yml +++ b/.github/workflows/timestamp-pr.yml @@ -10,13 +10,13 @@ jobs: steps: - name: Generate GitHub App token id: app-token - uses: actions/create-github-app-token@v1 + uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0 with: app-id: ${{ vars.APP_ID }} private-key: ${{ secrets.APP_PRIVATE_KEY }} - name: Checkout default branch - uses: actions/checkout@v4 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: token: ${{ steps.app-token.outputs.token }}