diff --git a/.github/workflows/adapter-code-coverage.yml b/.github/workflows/adapter-code-coverage.yml index 10dd9e89773..103107157cf 100644 --- a/.github/workflows/adapter-code-coverage.yml +++ b/.github/workflows/adapter-code-coverage.yml @@ -13,12 +13,12 @@ jobs: runs-on: ubuntu-latest steps: - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version: 1.24.0 - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 ref: ${{github.event.pull_request.head.ref}} @@ -26,7 +26,7 @@ jobs: - name: Discover Adapter Directories id: get_directories - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: result-encoding: string script: | @@ -71,7 +71,7 @@ jobs: rm -f -r ./* - name: Checkout Coverage Preview Branch - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 ref: coverage-preview @@ -97,7 +97,7 @@ jobs: - name: Add Coverage Summary To Pull Request if: steps.run_coverage.outputs.coverage_dir != '' && steps.commit_coverage.outputs.remote_coverage_preview_dir != '' - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: script: | const utils = require('./.github/workflows/helpers/pull-request-utils.js') diff --git a/.github/workflows/code-path-changes.yml b/.github/workflows/code-path-changes.yml index 23e0c19db6d..f543394f479 100644 --- a/.github/workflows/code-path-changes.yml +++ b/.github/workflows/code-path-changes.yml @@ -22,10 +22,10 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Code - uses: actions/checkout@v3 + uses: actions/checkout@v6 - name: Set up Node.js - uses: actions/setup-node@v3 + uses: actions/setup-node@v6 with: node-version: '18' diff --git a/.github/workflows/cross-repo-issue.yml b/.github/workflows/cross-repo-issue.yml index 2bea44a301c..a763397953d 100644 --- a/.github/workflows/cross-repo-issue.yml +++ b/.github/workflows/cross-repo-issue.yml @@ -12,7 +12,7 @@ jobs: steps: - name: Generate token id: generate_token - uses: tibdex/github-app-token@v1 + uses: tibdex/github-app-token@v2 with: app_id: ${{ secrets.XREPO_APP_ID }} private_key: ${{ secrets.XREPO_PEM }} diff --git a/.github/workflows/issue_prioritization.yml b/.github/workflows/issue_prioritization.yml index ec58073d653..87803112f66 100644 --- a/.github/workflows/issue_prioritization.yml +++ b/.github/workflows/issue_prioritization.yml @@ -10,7 +10,7 @@ jobs: steps: - name: Generate token id: generate_token - uses: tibdex/github-app-token@v2.1.0 + uses: tibdex/github-app-token@v2 with: app_id: ${{ secrets.PBS_PROJECT_APP_ID }} private_key: ${{ secrets.PBS_PROJECT_APP_PEM }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d3559732077..18d209a9117 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -26,13 +26,13 @@ jobs: contents: read steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 repository: ${{ github.repository }} ref: master - name: Check user permission - uses: actions/github-script@v7 + uses: actions/github-script@v9 id: check with: github-token: ${{ secrets.GITHUB_TOKEN }} @@ -52,7 +52,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 repository: ${{ github.repository }} @@ -69,7 +69,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Prebid Server - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 - name: Create & publish tag @@ -122,7 +122,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Prebid Server - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 - name: Build image @@ -130,7 +130,7 @@ jobs: docker build -t docker.io/prebid/prebid-server:${{ needs.publish-tag.outputs.releaseTag }} . - name: Login to docker Hub if: contains(inputs.debug, 'false') - uses: docker/login-action@v2.1.0 + uses: docker/login-action@v4.1.0 with: username: ${{ secrets.DOCKERHUB_USER }} password: ${{ secrets.DOCKERHUB_PASSWORD }} @@ -147,11 +147,11 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Prebid Server - uses: actions/checkout@v3 + uses: actions/checkout@v6 with: fetch-depth: 0 - name: Create & publish release - uses: release-drafter/release-drafter@v5.22.0 + uses: release-drafter/release-drafter@v7.2.0 with: name: ${{ needs.publish-tag.outputs.releaseTag }} tag: ${{ needs.publish-tag.outputs.releaseTag }} diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index d3831d8044f..e05901fd9da 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -14,7 +14,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: # Resolves to empty string for push events and falls back to HEAD. ref: ${{ github.event.pull_request.head.sha }} @@ -29,6 +29,6 @@ jobs: severity: 'CRITICAL,HIGH' - name: Upload Results To GitHub Security Tab - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v4 with: sarif_file: 'trivy-results.sarif' \ No newline at end of file diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml index 55fba5ee287..a932ba4e175 100644 --- a/.github/workflows/semgrep.yml +++ b/.github/workflows/semgrep.yml @@ -12,7 +12,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: fetch-depth: 0 ref: ${{github.event.pull_request.head.ref}} @@ -20,7 +20,7 @@ jobs: - name: Calculate Code Diff id: calculate_diff - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: result-encoding: string script: | @@ -55,7 +55,7 @@ jobs: - name: Add Pull Request Comment id: add_pull_request_comment if: contains(steps.should_run_semgrep.outputs.hasChanges, 'true') - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: github-token: ${{ secrets.GITHUB_TOKEN }} result-encoding: string diff --git a/.github/workflows/slack-stale-pr.yml b/.github/workflows/slack-stale-pr.yml index a610c3e7de9..9c2307facb6 100644 --- a/.github/workflows/slack-stale-pr.yml +++ b/.github/workflows/slack-stale-pr.yml @@ -19,7 +19,7 @@ jobs: ignoredLabels: "blocked" - name: Post to a Slack channel id: slack - uses: slackapi/slack-github-action@v1.27.1 + uses: slackapi/slack-github-action@v3.0.1 with: channel-id: ${{ secrets.SLACK_CHANNEL_ID }} slack-message: "${{ steps.local.outputs.message }}" diff --git a/.github/workflows/validate-merge.yml b/.github/workflows/validate-merge.yml index ca633d47465..156b7513a1c 100644 --- a/.github/workflows/validate-merge.yml +++ b/.github/workflows/validate-merge.yml @@ -10,12 +10,12 @@ jobs: steps: - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version: 1.24.0 - name: Checkout Merged Branch - uses: actions/checkout@v4 + uses: actions/checkout@v6 - name: Validate run: | diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml index df71d61612a..c0bb7a51205 100644 --- a/.github/workflows/validate.yml +++ b/.github/workflows/validate.yml @@ -16,12 +16,12 @@ jobs: steps: - name: Install Go - uses: actions/setup-go@v5 + uses: actions/setup-go@v6 with: go-version: ${{ matrix.go-version }} - name: Checkout Code - uses: actions/checkout@v4 + uses: actions/checkout@v6 with: # Resolves to empty string for push events and falls back to HEAD. ref: ${{ github.event.pull_request.head.sha }}