diff --git a/.github/workflows/auto-accept-ci-changes.yml b/.github/workflows/auto-accept-ci-changes.yml index 1312fca7..06daffc3 100644 --- a/.github/workflows/auto-accept-ci-changes.yml +++ b/.github/workflows/auto-accept-ci-changes.yml @@ -45,7 +45,7 @@ jobs: - name: Checkout Repository if: steps.skip-condition.outputs.skip != 'true' - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: token: ${{ secrets.GITHUB_TOKEN }} persist-credentials: false diff --git a/.github/workflows/bump-version.yml b/.github/workflows/bump-version.yml index 2ecb1b6f..70c31784 100644 --- a/.github/workflows/bump-version.yml +++ b/.github/workflows/bump-version.yml @@ -62,7 +62,7 @@ jobs: github.com:443 pypi.org:443 - name: Checkout Repository (no persist-credentials) - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false fetch-depth: 0 diff --git a/.github/workflows/cache-cleaner.yml b/.github/workflows/cache-cleaner.yml index 97017b44..23082ddc 100644 --- a/.github/workflows/cache-cleaner.yml +++ b/.github/workflows/cache-cleaner.yml @@ -27,7 +27,7 @@ jobs: release-assets.githubusercontent.com:443 - name: Check out code - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index b5301d5b..f3bc3a85 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -54,7 +54,7 @@ jobs: uploads.github.com:443 - name: Checkout Repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/cruft-update.yml b/.github/workflows/cruft-update.yml index c0dba205..e5a61a7e 100644 --- a/.github/workflows/cruft-update.yml +++ b/.github/workflows/cruft-update.yml @@ -27,7 +27,7 @@ jobs: title: Reject new updates detected with Cruft steps: - name: Checkout Repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: token: ${{ secrets.CRUFT_PAT }} persist-credentials: true diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml index 01112942..711b519a 100644 --- a/.github/workflows/dependency-review.yml +++ b/.github/workflows/dependency-review.yml @@ -28,7 +28,7 @@ jobs: github.com:443 - name: Checkout Repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/publish-pypi.yml b/.github/workflows/publish-pypi.yml index bbc3748e..65db2407 100644 --- a/.github/workflows/publish-pypi.yml +++ b/.github/workflows/publish-pypi.yml @@ -32,7 +32,7 @@ jobs: ruf-repo-cdn.sigstore.dev:443 upload.pypi.org:443 - name: Checkout Repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: Set up Python${{ matrix.python-version }} diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index 32c20348..c25002ba 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -41,7 +41,7 @@ jobs: egress-policy: audit - name: "Checkout code" - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/tag-testpypi.yml b/.github/workflows/tag-testpypi.yml index ac8d7431..0dd1cbca 100644 --- a/.github/workflows/tag-testpypi.yml +++ b/.github/workflows/tag-testpypi.yml @@ -26,7 +26,7 @@ jobs: pypi.org:443 test.pypi.org:443 - name: Checkout Repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false @@ -63,7 +63,7 @@ jobs: ruf-repo-cdn.sigstore.dev:443 test.pypi.org:443 - name: Checkout Repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false diff --git a/.github/workflows/testing-suite.yml b/.github/workflows/testing-suite.yml index 04b269de..3d8b1527 100644 --- a/.github/workflows/testing-suite.yml +++ b/.github/workflows/testing-suite.yml @@ -29,7 +29,7 @@ jobs: disable-sudo: true egress-policy: audit - name: Checkout Repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: persist-credentials: false - name: Set up Python${{ matrix.python-version }} @@ -70,7 +70,7 @@ jobs: egress-policy: audit - name: Checkout Repository - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 + uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0 # v7.0.0 with: fetch-depth: 0 # Fetch all history for all branches and tags. persist-credentials: false