diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index efa3cd43..a5738c9a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -26,7 +26,7 @@ jobs: egress-policy: audit - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 # ⚠️ CRITICAL: Bun only — NEVER use npm/pnpm (per TECHSTACKPREFERENCES.md) - name: Setup Bun diff --git a/.github/workflows/code-quality.yml b/.github/workflows/code-quality.yml index d3e874ab..0a3de5dc 100644 --- a/.github/workflows/code-quality.yml +++ b/.github/workflows/code-quality.yml @@ -21,7 +21,7 @@ jobs: egress-policy: audit - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Setup Bun uses: oven-sh/setup-bun@0c5077e51419868618aeaa5fe8019c62421857d6 # v2.2.0 diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 51d4a225..a11583a4 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -47,7 +47,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index fcb3d615..36f47f60 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -22,6 +22,6 @@ jobs: egress-policy: audit - name: 'Checkout Repository' - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: 'Dependency Review' uses: actions/dependency-review-action@2031cfc080254a8a887f58cffee85186f0e49e48 # v4.9.0 diff --git a/.github/workflows/opencode.yml b/.github/workflows/opencode.yml index f6739849..ea88fe25 100644 --- a/.github/workflows/opencode.yml +++ b/.github/workflows/opencode.yml @@ -31,7 +31,7 @@ jobs: egress-policy: audit - name: Checkout repository - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 1 persist-credentials: false diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml index d08fa40a..27981ac9 100644 --- a/.github/workflows/scorecards.yml +++ b/.github/workflows/scorecards.yml @@ -42,7 +42,7 @@ jobs: egress-policy: audit - name: "Checkout code" - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: persist-credentials: false diff --git a/.github/workflows/upstream-sync-opencode.yml b/.github/workflows/upstream-sync-opencode.yml index da2d537d..3e8360db 100644 --- a/.github/workflows/upstream-sync-opencode.yml +++ b/.github/workflows/upstream-sync-opencode.yml @@ -37,7 +37,7 @@ jobs: egress-policy: audit - name: Checkout fork - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: repository: ${{ env.FORK_REPO }} token: ${{ secrets.UPSTREAM_SYNC_TOKEN }} diff --git a/.github/workflows/upstream-sync-pai.yml b/.github/workflows/upstream-sync-pai.yml index d126b4dc..ed59e184 100644 --- a/.github/workflows/upstream-sync-pai.yml +++ b/.github/workflows/upstream-sync-pai.yml @@ -47,7 +47,7 @@ jobs: egress-policy: audit - name: Checkout - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 + uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 with: fetch-depth: 1